Configuring EX3500 QoS Class

About this task

An EX3500 switch can have its own QoS class policy applied as specific interoperability requirements dictate between an EX3500 switch and its connected devices. The QoS class configuration specifies permitted and excluded MAC and IP addresses and the precedence upon which filter rules are applied to EX3500 switch traffic.

To review existing EX3500 QoS policies and assess whether new ones require creation, modification or deletion:

Procedure

  1. Select Configuration → Network → EX3500 QoS Class.
    Click to expand in new window
    GUID-6F0E36C6-6BAD-46A8-8EC9-156CE49D1CCE-low.png
  2. Select Add to create a new EX3500 QoS policy, or select an existing policy and Edit to modify its attributes. Obsolete policies can be selected and Deleted as needed. Copy a policy to duplicate an existing QoS policy or Rename them as needed.
    Click to expand in new window
    GUID-D039354B-4BE2-4956-88AB-AF3FAB41B2D3-low.png
  3. If creating a EX3500 QoS policy, enter a 64 character maximum Description to help differentiate this policy's EX3500 traffic prioritization scheme.
  4. Refer to the DSCP field to set the DSCP value as a 6-bit parameter in the header of every IP packet used for packet classification. The range is 0 to 63 like DSCPv6.
    The screen maps the 6-bit Differentiated Service Code Point (DSCP) code points to the older 3-bit IP Precedent field located in the Type of Service byte of an IP header. DSCP is a protocol for specifying and controlling network traffic by class so that certain traffic types get precedence. DSCP specifies a specific per-hop behavior that is applied to a packet. This QoS assignment can be overridden as needed, but removes the device configuration from the profile that may be shared with other similar device models.
  5. Use the Cos field to Assign a 802.1p priority (0 - 7) as a 3-bit IP precedence value of the IP header used to set the user priority. The valid values for this field are 0 – Best Effort, 1 – Background, 2 – Spare, 3 – Excellent Effort, 4 – Controlled Load, 5 – Video, 6 – Voice, 7 – Network Control.
  6. Optionally apply MAC ACL rules to EX3500 packet traffic. Use the drop-down menu to select an existing MAC ACL, select the Create icon to add a new MAC ACL rule, or select an existing MAC ACL and the Edit icon to modify its configuration. For information on creating MAC ACLs, refer to Configuring MAC Firewall Rules on page 10-15.
    Administrators can filter Layer 2 EX3500 traffic on a physical Layer 2 interface using MAC addresses. A MAC firewall rule uses source and destination MAC addresses for matching operations, where the result is a typical allow, deny or mark designation to WLAN packet traffic.
  7. Optionally apply IP based Standard ACL rules to EX3500 packet traffic. A standard ACL for an EX3500 is a policy-based ACL that either prevents or allows specific clients from using the device. Select the Create icon to add a new ACL rule, or select an existing ACL and the Edit icon to modify its configuration. If creating a new standard ACL, provide a name up to 32 characters to help differentiate this rule from others with similar configurations. Select + Add Row. For more information on creating a standard ACL, see EX3500 ACL Standard.
    Click to expand in new window
    GUID-28E99662-4CE2-48D9-A080-C9CEBDDE8F98-low.png
  8. Set the following standard ACL attributes:
    Source IP Address Set whether the permit or deny rules assigned to this ACL are applied to a Host IP address, Network IP address and mask or Any address.
    Allow Set the Permit or Deny action on IP packet traffic with the EX3500 switch. The default is Permit.
    Time Range Defines the period when the permit or deny are applied to EX3500 IP traffic.
  9. Refer to the DSCPV6 field and select + Add Row to specify a DSCPV6 value from 0 - 63. DSCPv6 specifies the Differentiated Services Code Point version 6 of a classifier assigned to an interface. Use DSCPv6 for IPv6 multicast traffic support.
  10. Refer to the Extended ACL field and either select an existing extended IP ACL from the drop-down menu, add a new extended IP ACL by selecting the Create icon, or modify an existing one by selecting the Edit icon. For more information on extended IP ACLs, refer to EX3500 ACL Extended on page 10-31.
    Click to expand in new window
    GUID-714D63D4-E470-44E2-9CE2-40CBC02E836E-low.png

    An extended ACL is comprised of ACEs (access control entries). Each ACE specifies a source and destination for matching and filtering traffic to the EX3500 switch.

    Name If creating a new extended ACL, provide a 32 character maximum name to this extended ACL to differentiate its EX3500 traffic filtering configuration.
    Precedence Specify or modify a precedence for this IP policy between 1-128. Rules with lower precedence are always applied to packets first. If modifying a precedence to apply a higher integer, it will move down the table to reflect its lower priority.
    Source Determine whether filtered packet source for this IP firewall rule do not require any classification (any), are set as a numeric IP address (host) or apply to any.
    Destination Determine whether filtered packet destinations for this IP firewall rule do not require any classification (any), are set as a numeric IP address (host) or apply to any.
    Action Every rule is made up of matching criteria rules. The action defines the packet‘s disposition if it matches the specified criteria. The following actions are supported:
    • Deny - Instructs the ACL to restrict a packet from proceeding to its destination when filter conditions are matched.
    • Allow - Instructs the ACL to allow a packet to proceed to its destination when filter conditions are matched.
    Time Range Lists time range when each listed ACL is enabled. An EX3500 Time Range is a set of configurations consisting of periodic and absolute time ranges. Periodic ranges can be configured to reoccur based on periodicity such as daily, weekly, weekends, weekdays and on specific week day such as Sunday. Absolute time ranges can be configured to a range of days during a particular period. Absolute time ranges do not reoccur. For more information, see EX3500 Time Range.
    Protocol Specify the protocol for which the alias has to be created. Use the drop down to select the protocol from eigrp, gre, icmp, igmp, ip, vrrp, igp, ospf, tcp, udp or other. Select other if the protocol is not listed. When a protocol is selected, its protocol number is automatically selected.
    Source Port Specify a source port for the TCP or UDP protocols. The source specifies the IP address or FQDN from which the packet is sent.The source port is not displayed by default and must be selected from the upper-right hand side of the screen.
    Destination Port Specify a destination port for the TCP or UDP protocols. The destination specifies the IP address or FQDN to which the packet is being sent. The destination port is not displayed by default and must be selected from the upper-right hand side of the screen.
    DSCP Select this option to specify a DSCP value from 0 - 63. DSCP specifies the Differentiated Services Code Point version 6 of a classifier assigned to an interface.
    IP Header Sets the IP precedence level from 0-7.
  11. Refer to the Precedence field and select + Add Row to assign a precedence (priority) to this EX3500 QoS policy. Rules are applied in order from 0 - 7.
  12. Optionally refine the virtual interface (VLAN) to which the EX3500 QoS policy is applied by selecting a VLAN from 1 - 4094.
  13. Select OK to save the changes. Select Reset to revert to the last saved configuration.