How to configure priority mappings on an AR

6

You can configure priority mappings on an AR as follows:
1. Configure the packet priority trusted on an interface.
2. (Optional) Configure the interface priority.
3. Configure a priority mapping table.

Other related questions:
Default mappings between priorities on an AR
Default mappings between priorities on an AR are as follows: For the AR120&AR150&AR160&AR200&AR500 series, AR510 series, AR1200 series, AR2204, AR2220L, and AR2220E, table 1 shows the mappings from 802.1p priorities to DSCP priorities, and the mappings between 802.1p priorities remain unchanged. Table 3 lists the mappings from DSCP priorities to 802.1p priorities, and the mappings between DSCP priorities remain unchanged. The mappings between MPLS EXP priorities remain unchanged. For AR2201-48FE, AR2202-48FE, AR2220, AR2240, and AR3200&AR3600 series, table 2 lists the mappings from 802.1p priorities to DSCP priorities and local priorities, and the mappings between 802.1p priorities remain unchanged. Table 4 lists the mappings from DSCP priorities to 802.1p priorities and local priorities, and the mappings between DSCP priorities remain unchanged. Table 5 lists the mappings from MPLS EXP priorities to local priorities, and the mappings between MPLS EXP priorities remain unchanged.

Priority mapping
Packets transmitted over different networks carry different QoS precedence fields, for example, EXP field on an MPLS network, 802.1p field on a virtual local area network (VLAN), and DSCP field on an IP network. The mapping between priority fields must be configured on the gateway to retain priorities of packets when the packets traverse different networks. The priority mapping mechanism provides the mapping from precedence fields of packets to internal priorities (local precedences) or the mapping from internal priorities to precedence fields of packets. This mechanism uses the DiffServ domain to manage and record the mapping of precedence fields and internal priorities. When packets reach the AR, the AR maps priorities in packets or the default 802.1p priorities of inbound interfaces to local priorities. The AR then determines the queues that packets enter based on the mapping between internal priorities and queues and performs traffic shaping, congestion avoidance, and queue scheduling. In addition, the AR can re-mark priorities in outgoing packets so that the downstream device can provide different QoS levels based on packet priorities.

How to configure mapping between DSCP priorities and local priorities on S series switches
You can run the following commands to configure mapping between DSCP priorities and local priorities on S series switches (except the S1700): - ip-dscp-inbound dscp-value phb service-class [ green | yellow | red ]: configures mapping between DSCP priorities and local priorities for IP packets on the inbound interface. - ip-dscp-outbound service-class { green | yellow | red } map dscp-value: configures between DSCP priorities and local priorities for IP packets on the outbound interface.

Voice VLAN priority modification method on an AR router
Voice VLAN priority configuration methods for low-end AR devices and high-end AR devices are different. - For high-end devices such as AR2200, AR3200, and AR3600, their chips support ACL. After an interface is added to the voice VLAN, packet priorities can be changed to 6 by default based on the ACL or defined by running the voice-vlan remark command. - For low-end devices such as AR120, AR150, AR160, AR200, AR500, and AR1200, their chips do not support ACL. Therefore, packet priorities cannot be automatically changed but can be defined by running the vlan priority command.

How do I configure batch port mapping
When a private IP address and a range of consecutive port numbers need to be mapped to a public IP address and a range of consecutive port numbers, you can reference an ACL to complete batch port mapping configuration.

On the private network shown in the right figure, multiple consecutive ports of a server need to be open to users on the public network. The private IP address of the server is 192.168.2.2/24, its server port is in the range of 2000-4000 or 5000, and its public IP address is 202.1.22.3/24. The interconnected IP address on the carrier network is 202.1.22.10. The private IP address and ports 2000-4000 and 5000 of the internal server need to be mapped to public IP address 202.1.22.3 and corresponding ports.

Procedure

  1. Set the IP address for the interface.

    <Huawei> system view
    [Huawei] sysname Router
    [Router] vlan 100
    [Router-vlan100] quit
    [Router] interface vlanif 100
    [Router-Vlanif100] ip address 192.168.2.1 24
    [Router-Vlanif100] quit
    [Router] interface ethernet 2/0/0
    [Router-Ethernet2/0/0] port link-type access 
    [Router-Ethernet2/0/0] port default vlan 100
    [Router-Ethernet2/0/0] quit 
    [Router] interface GigabitEthernet 1/0/0
    [Router-GigabitEthernet1/0/0] ip address 202.1.22.4 24
    [Router-GigabitEthernet1/0/0] quit 
  2. Create an ACL that matches the port numbers to be mapped.

    [Router] acl number 3001
    [Router-acl-adv-3001] rule 5 permit tcp destination-port range 2000 4000
    [Router-acl-adv-3001] rule 5 permit tcp destination-port eq 5000
    [Router-acl-adv-3001] quit
    
  3. Configure NAT server and reference the ACL.

    [Router] interface gigabitethernet 1/0/0
    [Router-GigabitEthernet1/0/0] nat server global 202.1.22.3 inside 192.168.2.2 acl 3001
    [Router-GigabitEthernet1/0/0] quit 
  4. Configure a default route on the router, with 202.1.22.10 as the next-hop address.

    [Router] ip route-static 0.0.0.0 0.0.0.0 202.1.22.10
    

More information

. Referencing an ACL to batch configure port mapping completes the mapping of consecutive port numbers and reduces the configuration workload. You do not need to run the nat server command on interfaces one by one. Additionally, to change the range of port numbers, you only need to change the ACL rules for future maintenance. One public IP address can be used for batch port mapping configuration only once. If other internal servers need to provide services for public network users, use other public IP addresses for port mapping configuration.


If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top