Проект OpenNet: MAN ipqosconf (1) Команды и прикладные программы пользовательского уровня (FreeBSD и Linux)

Интерактивная система просмотра системных руководств (man-ов)

ipqosconf (1)

>> ipqosconf (1) ( Solaris man: Команды и прикладные программы пользовательского уровня )

NAME

ipqosconf - configure the IPQoS facility

SYNOPSIS

/usr/sbin/ipqosconf

/usr/sbin/ipqosconf -a conf_file [-vs]

/usr/sbin/ipqosconf -c

/usr/sbin/ipqosconf -f

/usr/sbin/ipqosconf -l

/usr/sbin/ipqosconf -L

DESCRIPTION

The ipqosconf utility configures the Quality of Service facility of the Internet Protocol (IP). Only superusers can use this command.

Without arguments, ipqosconf displays the actual IPQoS configuration.

Configuration is not preserved across reboot. You must apply the configuration every time that the machine reboots. To apply the configuration early in the boot phase, you can populate the /etc/inet/ipqosinit.conf file, which is then read from the svc:/network/initial:default service.

OPTIONS

The following options are supported:

-a conf_file

: Apply the configuration in conf_file. If the conf_file is -, ipqosconf reads from standard input.

-c

: Populate the boot file with the current configuration.

-f

: Flush the configuration.

-l

: List the current applied configuration.

-L

: List the current configuration in verbose mode.
In addition to the information that the -l option provides, the -L option provides filters and classes configured through other means than the iqposconf command. This option also provides the full set of filters that were created by ipqosconf by representing a multi-homed host in a configuration file

-s

: Log messages to syslog during an -a operation.

-v

: Toggle verbose mode during an -a operation.
The -v option causes all messages to go to the console in addition to their normal destination. Messages intended to go to syslog, because the -s flag is set or because it is a log message, still go to syslog as well as the console.

CONFIGURATION FILE

The configuration file is composed of a format version and a succession of configuration (action) blocks. There are different configuration blocks for each type of action that is being configured.

Format Version

The first line of the configuration file specifies the format version contained in the configuration file.

The following entry specifies the format version:

fmt_version x.x

where x.x is the format version. 1.0 is the only supported version.

Configuration Blocks

Following the format version, are a succession of configuration (action) blocks that are different for each type of action being configured. A configuration block always has the following structure :

action {
     name action_name
     module module_name
     params_clause | ""
     cf_clauses
}

action_name      ::= string 
module_name      ::= ipgpc | dlcosmk | dscpmk | flowacct | tswtclmt |
                    tokenmt

params_clause    ::= params {
                       parameters
                       params_stats | ""
                    }

parameters       ::= prm_name_value parameters | ""

prm_name_value   ::= param_name param_value

Modules

The param_name and the types of param_value are specific to a given module.

params_stats     ::= global_stats boolean

cf_clauses       ::= class_clause cf_clauses |
                    filter_clause cf_clauses | ""

class_clause     ::= class {
                        name class_name
                        next_action next_action_name
                        class_stats | ""
                    }

class_name       ::= string
next_action_name ::= string
class_stats      ::= enable_stats boolean
boolean          ::= TRUE | FALSE

filter_clause    ::= filter {
                       name filter_name
                       class class_name
                       parameters
                    }

filter_name      ::= string

There must be exactly one configuration block belonging to module ipgpc. The action must be named ipgpc.classify. All other actions should be reachable from ipgpc by way of parameters of type action or the next_action of a class.

The set of types that are used for parameters of the different modules are:

action        ::=     string
protocol      ::=     1..255
port          ::=     1..65535
uint8         ::=     0..255
uint32        ::=     0..4294967296
int32         ::=     -2147483648..2147483648
address       ::=    <see the description section>
ifname        ::=    <interface name recognized by SIOGLIFINDEX ioctl>
enum          ::=     string | { string_list }
boolean       ::=     TRUE | FALSE
integer_array ::=     { range_value_list }
map_index     ::=     uint32
address       ::=     ip_address | ip_node_name
user          ::=     uid | username
uid           ::=     0..65535
username      ::=     string
string_list          ::=   string sl_entrys
sl_entrys            ::=   ',' string sl_entrys | ""
range_value_list     ::=   range_value_entry range_value_entrys
range_value_entry    ::=   range ':' integer_array_value
range                ::=   uint32 '-' uint32
integer_array_value  ::=   string | integer_array_number
integer_array_number ::=   uint8 | uint32
range_value_entrys   ::=   ';' range_value_entry range_value_entrys | ""
ip_node_name         ::=   string
ip_address           ::=   v4_address | v6_address
v4_address           ::=   v4_ip_address / v4_cidr_mask |
v4_ip_address
v4_cidr_mask         ::=   1-32
v6_address           ::=   v6_ip_address / v6_cidr_mask |
v6_ip_address
v6_cidr_mask         ::=   1-128

METER module tokenmt configuration syntax :

red_action_name         action
yellow_action_name      action
green_action_name       action
committed_rate          uint32
committed_burst         uint32
peak_rate               uint32
<if present this signifies that this will be a two rate meter, not
  a single rate meter>
peak_burst              uint32
<this is the 'peak' burst size for a two rate meter, but 
  the 'excess' burst size for a single rate meter>
color_aware             boolean
color_map               integer_array
global_stats            boolean

METER module tswtclmt configuration syntax :

red_action_name         action
yellow_action_name      action
green_action_name       action
committed_rate          uint32
peak_rate               uint32
window                  uint32
global_stats            boolean

MARKER module dscpmk configuration syntax :

next_action         action
dscp_map            int_array
dscp_detailed_stats boolean
global_stats       boolean

MARKER module dlcosmk configuration syntax :

next_action         action
cos                 map_index
global_stats        boolean

CLASSIFIER module ipgpc configuration syntax :

if_grpname         string
user               user
projid             int32
if_name            ifname
direction          enum { 
                  LOCAL_IN,
                  LOCAL_OUT,
                  FWD_IN,
                  FWD_OUT}
protocol           protocol
dsfield            uint8
dsfield_mask       uint8
saddr              address
daddr              address
sport              port
dport              port
priority           uint32
precedence         uint32
ip_version         enum {
                  V4,
                  V6 }
global_stats       boolean

ACCOUNTING module flowacct configuration syntax

next_action      action
timer            uint32
timeout          uint32
max_limit        uint32

Types

action

: A string of characters with a matching action definition. The character string can be up to twenty three characters in length. To allow for spaces the string needs to be enclosed in quotes and cannot span lines. Two special actions are pre-defined and can not have an explicit action definition. The two pre-defined actions are continue and drop. continue causes the packet that is passed to it to continue normal processing. drop causes the packet that is passed to it to be dropped.

address

: A machine name or address recognized by getipnodebyname(3SOCKET). If a machine name is specified, and ip_version has been defined, the query is done using that address family. If a machine name is not specified and ip_version has not been defined, the query is done using the AI_DEFAULT flag to getipnodebyname()(..AF_INET6..). CIDR address masks following an IP address are allowed. Specify the CIDR address masks as 1-32 (for v4) or 1-128 (for v6). CIDR addresses are disallowed for node names.

enum

: Either one of the supported values or comma delimited list of support values, enclosed in curly braces.

ifname

: A non-NULL, existing interface name recognized by the SIOGLIFINDEX socket ioctl.

integer_array

: A comma delimited set of range/value pairs , enclosed in curly braces.
Specify range in the format x-y, where x and y are integers that denote the range of array indexes to which the value applies. The minimum value for both x and y is 0. The maximum value for x is particular to the parameter. Any array indexes not referred to in the set of ranges are left at their previous value.

map_index

: A non-negative integer used as an index into any maps associated with a parameter of this type.
The maximum value of this type is dictated by the number of entries in the associated maps. The index starts at 0.

port

: Either a service name recognized by getservbyname(3SOCKET) or an integer 1-65535.

protocol

: Either a protocol name recognized by getprotobyname(3SOCKET) or an integer 1-255.

string

: A character string. Enclose string in quotes. string cannot span multiple lines.

user

: Either a valid user ID or username for the system that is being configured.

Parameters

The configuration file can contain the following parameters

color_aware

: A value of TRUE or FALSE, indicating whether or not the configured action takes account of the previous packet coloring when classifying.

color_map

: An integer array that defines which values of the dscp field correspond with which colors for when the color_aware parameter is set to TRUE.

committed_burst

: The committed burst size in bits.

committed_rate

: The committed rate in bits per second.

cos

: The value used to determine the underlying driver level priority applied to the packet which is defined in 802.1D.

daddr

: The destination address of the datagram.

direction

: The value used to build a filter matching only part of the traffic.
This parameter is of type enum with valid values of LOCAL_IN (local bound traffic), LOCAL_OUT (local sourced traffic), FWD_IN (forwarded traffic entering the system), and FWD_OUT (forwarded traffic exiting the system).

dport

: The destination port of the datagram.

dscp_detailed_stats

: A value of TRUE or FALSE that determines whether detailed statistics are switched on for this dscp action.
Specify TRUE to switch on or FALSE to switch off.

dscp_map

: The integer_array that supplies the values that IP packets with a given dscp value have their dscp re-marked with.
The existing value is used to index into the array where the new value is taken from. The array is of size 64, meaning valid indexes are 0-63 and valid values are also 0-63.

dsfield

: The DS field of the IP datagram header. This is an 8-bit value, with each bit position corresponding with the same one in the header; this enables matches to be done on the CU bits. If you specify this parameter, you must also specify the dsfield_mask parameter.

dsfield_mask

: The mask applied to the dsfield parameter to determine the bits against which to match. This is an 8-bit value, with each bit position corresponding with the same one in the dsfield parameter.

global_stats

: A value of TRUE or FALSE to enable or disable the statistic collection for this action.

green_action_name

: The action to be executed for packets that are deemed to be green.

if_grpname

: The interface group name.

if_name

: The name of an interface recognized by the SIOGLIFINDEX ioctl. This parameter is of type ifname.

ip_version

: This parameter is of type enum and has valid values of V4 and V6.
If it is set to V4 only then only ipv4addresses are requested for a specified hostname. If it is set to V6, only ipv6 addresses are returned if there are any, otherwise v4 mapped v6 addresses are returned. If both V4 and V6 are specified, or if ip_version is not specified, then both ipv4 and ipv6 addresses are requested for a specified hostname.

max_limit

: The maximum number of flow entries present at one time in the flowacct actions in the memory resident table.

next_action

: The action to be executed when the current action is complete.
This value can be either the name of an action defined in the configuration file, or one of the two special action types: drop and continue. See for additional information on special action types.

peak_burst

: The peak burst size, for a two rate meter, or excess burst size, for a single rate meter, in bits.

peak_rate

: The peak rate in bits per second.

precedence

: An integer that is used to order filters. If there are two matching filters that have the same priority value, the one with the lower precedence value is the one matched. This parameter should be used because the order of the filters in a configuration file has no influence on their relative precedence.

priority

: An integer that represents the relative priority of a filter. If there are two matching filters, the one with the higher priority value is the one matched. Multiple filters can have the same priority.

projid

: The project ID of the process sending the data. This value is always -1 for received traffic.

protocol

: The Upper Layer Protocol against which this entry is matched.

red_action_name

: The action to be executed for packets that are determined to be red.

saddr

: The source address of the datagram.

sport

: The source port of the datagram.

timeout

: The timeout in milliseconds after which flows are written to the accounting file.

timer

: The period in milliseconds at which timed-out flows are checked for.

user

: The user ID or username of the process sending the data. This value is always -1 for received traffic.

window

: The window size in ms.

yellow_action_name

: The action to be executed for packets that are determined to be yellow.

SECURITY

None.

EXAMPLES

Example 1 Sending All Traffic From eng to the AF 1 Class of Service

This example sends all traffic from eng to the AF 1 class of service. It is documented in four separate steps:

The following step creates a tokenmt action with three outcomes:

#meter for class 1.
action {
       name AF_CL1
       module tokenmt
       params{
               committed_rate 64
               committed_burst 75
               peak_burst 150
               global_stats TRUE
               red_action_name drop
               yellow_action_name markAF12
               green_action_name markAF11
       }
}

The following step creates two dscpmk actions:

#class 1, low drop precedence.
action {
       name markAF11
       module dscpmk
       params{
            dscp_map {0-63:28}
            dscp_detailed_stats TRUE
               global_stats TRUE
               next_action acct1
       }
}
#class 1, medium drop precedence.
action {
       name markAF12
       module dscpmk
       params {
               dscp_map {0-63:30}
            dscp_detailed_stats TRUE
               global_stats TRUE
               next_action acct1
       }
}

The following step creates an accounting action:

#billing for transmitted class 1 traffic.
action {
       name acct1
       module flowacct
       params {
               timer 10
               timeout 30
               global_stats TRUE
max_limit 1024
next_action continue
       }
}

The following step creates an ipgpc action:

#traffic from eng sent, traffic from ebay dropped.
action {
       name ipgpc.classify
       module ipgpc
       class {
               name from_eng
               enable_stats TRUE
               next_action AF_CL1
       }
       class {
               name from_ebay
               enable_stats TRUE
               next_action drop
       }

       filter {
               name from_eng
               saddr eng-subnet
               class from_eng
       }
       filter {
               name from_ebay
               saddr ebay-subnet
               class from_ebay
       }
}

FILES

/etc/inet/ipqosinit.conf

: Contains the IPQoS configuration loaded at boot time. If this file exists, it is read from the network/initial:default service.

/etc/inet/ipqosconf.1.sample

: Sample configuration file for an application server

/etc/inet/ipqosconf.2.sample

: Sample configuration file that meters the traffic for a specified application

/etc/inet/ipqosconf.3.sample

: Sample configuration file that marks the ethernet headers of web traffic with a given user priority

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE ATTRIBUTE VALUE

Availability SUNWqosu

Interface Stability

DIAGNOSTICS

ipqosconf sends messages to syslog of facility user, severity notice when any changes are made to the IPQoS configuration.

Errors that occur during an ipqosconf operation send an error message to the console by default. For the application of a new configuration if the -s option is set then these messages are sent to syslog as facility user, severity error instead. If the -v option is present during an application then all error and change notificationmessages are sent to the console as well as their default destination.