Troubleshooting - QoS (V600R003C00 - 02) PDF

HUAWEI NetEngine80E/40E Router
V600R003C00
Troubleshooting - QoS
Issue 02
Date 2011-09-10
HUAWEI TECHNOLOGIES CO., LTD.

Copyright Huawei Technologies Co., Ltd. 2011. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior written
consent of Huawei Technologies Co., Ltd.
Trademarks and Permissions
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the
customer. All or part of the products, services and features described in this document may not be within the
purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,
and recommendations in this document are provided "AS IS" without warranties, guarantees or representations
of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China
Website: http://www.huawei.com
Email: support@huawei.com
Issue 02 (2011-09-10) Huawei Proprietary and Confidential i

Copyright Huawei Technologies Co., Ltd.
Troubleshooting - QoS About This Document
About This Document
Purpose
NOTE
l This document takes interface numbers and link types of the NE40E-X8 as an example. In working
situations, the actual interface numbers and link types may be different from those used in this
document.
l On NE80E/40E series excluding NE40E-X1 and NE40E-X2, line processing boards are called Line
Processing Units (LPUs) and switching fabric boards are called Switching Fabric Units (SFUs). On
the NE40E-X1 and NE40E-X2, there are no LPUs and SFUs, and NPUs implement the same functions
of LPUs and SFUs to exchange and forward packets.
This document describes the troubleshooting of HUAWEI NetEngine80E/40E with various

services, including information collection methods, common processing flows, common
troubleshooting methods, and troubleshooting cases.
This document describes the troubleshooting workflow and methods for HUAWEI
NetEngine80E/40E.
Related Versions
The following table lists the product versions related to this document.
Product Name Version
HUAWEI NetEngine80E/40E V600R003C00

Router
Intended Audience
This document is intended for:
l Policy planning
l Installation and commissioning engineer
l NM configuration engineer
l Technical support engineer
Issue 02 (2011-09-10) Huawei Proprietary and Confidential ii

Troubleshooting - QoS About This Document
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol Description
Alerts you to a high risk hazard that could, if not avoided,

result in serious injury or death.
DANGER
Alerts you to a medium or low risk hazard that could, if

not avoided, result in moderate or minor injury.
WARNING
Alerts you to a potentially hazardous situation that could,

if not avoided, result in equipment damage, data loss,
CAUTION
performance deterioration, or unanticipated results.
TIP Provides a tip that may help you solve a problem or save
time.
NOTE Provides additional information to emphasize or

supplement important points in the main text.
Change History
Updates between document issues are cumulative. Therefore, the latest document issue contains
all updates made in previous issues.
Changes in Issue 02 (2011-09-10)

The second commercial release has the following updates:
There is no update compared with the previous issue.
Changes in Issue 01 (2011-05-30)

Initial field trial release.
Issue 02 (2011-09-10) Huawei Proprietary and Confidential iii

Troubleshooting - QoS Contents
Contents
About This Document.....................................................................................................................ii

1 QoS...................................................................................................................................................1
1.1 Troubleshooting of 802.1P Simple Traffic Classification..................................................................................2
1.1.1 Typical Networking...................................................................................................................................2
1.1.2 Troubleshooting Flow................................................................................................................................2
1.1.3 Troubleshooting Procedures......................................................................................................................3
1.2 Troubleshooting of Complex Traffic Classification...........................................................................................4
1.3 Troubleshooting of Queue Scheduling Based on Traffic Classification............................................................6
1.4 Troubleshooting ATM QoS................................................................................................................................8
1.4.2 Troubleshooting Flowchart........................................................................................................................9
1.4.3 Troubleshooting Procedure......................................................................................................................10
1.5 Troubleshooting HQoS.....................................................................................................................................12
1.5.1 Typical Networking.................................................................................................................................12
1.5.2 Troubleshooting Flowchart......................................................................................................................13
1.6 Troubleshooting UCL.......................................................................................................................................15
1.6.2 Troubleshooting Flow..............................................................................................................................16
1.7 Troubleshooting Last Mile QoS.......................................................................................................................17
1.7.2 Troubleshooting Flow..............................................................................................................................17
1.8 BAS HQoS Does Not Take Effect...................................................................................................................19
1.8.1 Common Causes......................................................................................................................................19
1.8.2 Troubleshooting Flowchart......................................................................................................................19
Issue 02 (2011-09-10) Huawei Proprietary and Confidential iv

Troubleshooting - QoS Contents

1.8.4 Relevant Alarms and Logs......................................................................................................................20
1.9 Related Troubleshooting Cases........................................................................................................................20
1.9.1 Packets Are Not Discarded After Traffic Policy Is Configured..............................................................20
1.9.2 Packets of VPN Services Are Lost Because the IP Precedence of a Device Is Incorrectly Set..............22
1.9.3 Slow Web Page Loading for Some ADSL Users....................................................................................24
1.9.4 Rate Limit Does Not Take Effect When Both Rate Limit and Access Control Are Configured............25
1.9.5 The DNS Server Cannot Be Accessed Due to Incorrect Configurations of Traffic Classification.........27
Issue 02 (2011-09-10) Huawei Proprietary and Confidential v

Troubleshooting - QoS 1 QoS
1 QoS
About This Chapter
1.1 Troubleshooting of 802.1P Simple Traffic Classification

This section describes the notes about configuring simple traffic classification, and provides the
simple traffic classification troubleshooting flowchart and the troubleshooting procedure.
1.2 Troubleshooting of Complex Traffic Classification
This section describes the notes about configuring comples traffic classification, and provides
the complex traffic classification troubleshooting flowchart and the troubleshooting procedure.
1.3 Troubleshooting of Queue Scheduling Based on Traffic Classification
This section describes the notes about configuring queue scheduling based on traffic
classification, and provides the queue scheduling based on traffic classification troubleshooting
flowchart and the troubleshooting procedure.
1.4 Troubleshooting ATM QoS
This section describes the notes about configuring ATM QoS, and provides the ATM QoS
troubleshooting flowchart and trouble shooting procedure.
1.5 Troubleshooting HQoS
This section describes the notes about configuring HQoS, and provides the HQoS
troubleshooting flowchart and troubleshooting procedure.
1.6 Troubleshooting UCL
1.7 Troubleshooting Last Mile QoS
1.8 BAS HQoS Does Not Take Effect
1.9 Related Troubleshooting Cases
Issue 02 (2011-09-10) Huawei Proprietary and Confidential 1

1.1 Troubleshooting of 802.1P Simple Traffic Classification

This section describes the notes about configuring simple traffic classification, and provides the
simple traffic classification troubleshooting flowchart and the troubleshooting procedure.
1.1.1 Typical Networking

Figure 1-1 shows a typical networking of simple traffic classification.
Figure 1-1 Networking of 802.1P simple traffic classification
Vlan-type dotlq 1
GE1/0/1 GE1/0/1.1 GE1/0/1
GE8/0/1 GE3/0/1.1
RouterA RouterB Vlan-type dotlq 1 RouterC RouterD
The solution in the above figure includes:

1. Send IP packet with DSCP as 10 from Router A.
2. The packet reaches the sub-interface GE 3/0/1.1 of Router C through Router B and the
value of 802.1p is 1.
1.1.2 Troubleshooting Flow

For the network shown in typical networking, when the value of 802.1p of the packet received
on GE 3/0/1.1 of Router C is incorrect, perform the troubleshooting flow shown in Figure
1-2.

Figure 1-2 Troubleshooting flow of simple traffic classification
The 8021P value of

the packet received by
RouterC is incorrect
Is the
Modify the configuration
mapping used No on the inbound
on the inbound interface and adopt
interface
correct? correct mapping
Yes
Is the Modify the configuration

mapping used No on the outbound
on the outbound
interface interface and adopt
correct? correct mapping
Yes
Is the
inbound/outbound No Configure the sub-
interface the sub- interface
interface?
Yes
Is 8021P
enabled on the No Configure trust 8021P
inbound/outbound on the sub-interface
interface?
Yes
No Is the fault
Seek Huawei
technical support removed?
Yes
End
1.1.3 Troubleshooting Procedures
Procedure
Step 1 Check the mapping of the interface sending the packet
Display whether the trust upstream command is configured on GE 8/0/1 of Router B through
the display this command.
l If non-default domain is configured, check the mapping of the domain in global configuration
mode through the display diffserv domain command.

l If trust upstream default is configured, check the mapping of the default domain in global
configuration mode through the display diffserv domain command. If the mapping does not
meet the requirement, re-configure it.
Step 2 Check the mapping of the interface receiving the packet
Display whether the trust upstream [ ds-domain-name ] command is configured on the sub-
interface GE 3/0/1.1 of Router C through the display this command.
l If non-default domain is configured, check the mapping of the domain in global configuration
mode through the display diffserv domain command.
l If trust upstream default is not configured, check the mapping of the default domain in
global configuration mode through the display diffserv domain command. If the mapping
does not meet the requirement, re-configure it.
Step 3 Check that 802.1P is enabled
Display whether the trust 8021P command is configured on the sub-interface GE 3/0/1.1 of
Router C through the display this command. If it is not configured, re-configure it.
----End
1.2 Troubleshooting of Complex Traffic Classification

This section describes the notes about configuring comples traffic classification, and provides
the complex traffic classification troubleshooting flowchart and the troubleshooting procedure.

Figure 1-3 shows a typical networking of complex traffic classification.
Figure 1-3 Networking of complex traffic classification
mac address
1-1-1
GE1/0/1.1 GE8/0/1.1
RouterA RouterB

1. Send the vlan packet with 802.1p as 3 from Router A.
2. GE 8/0/1.1 of Router B receives the packet and discards it. Or Router B discards it based
on the source MAC address of the packet.

For the network shown in typical networking, GE 8/0/1.1 of Router B does not discard the packet
with 802.1p as 3 or the MAC address as F-F-F from Router A. The traffic policy is not applied
correctly.
Perform the troubleshooting flow shown in Figure 1-4.

Figure 1-4 Troubleshooting flow of complex traffic classification
A fault occurs in
traffic policy
Check Check the status of

whether the No the interface and
inbound interface
isolate the fault on
receives the the link layer
packet
Yes
Check
whether the Re-configure the
traffic lassification No
rule of the inbound traffic classification
interface is rule
correct
Yes
Check
whether the traffic No Re-configure the
behavior is traffic behavior
correct
Yes
Check
whether the traffic No Re-configure the
policy is traffic policy
correct
Yes
Check
whether the traffic No Apply the traffic
policy is applied policy correctly
correctly
Yes
No
Seek Huawei Is the fault
Yes
End
Procedure
Step 1 Check the network connectivity
Display the state of each interface through the display ip interface brief command.

l Up indicates that the interface is available.

l Down indicates that the interface is unavailable.
When the interface is Down, check the link and the interface.
Step 2 Check traffic classification rules configured
1. Display whether the filter rule is set to discard the packet from the specified source MAC
address through the display acl command in system view. That is, whether the rule
deny source-mac command is configured.
2. Display whether the traffic classifier command is configured through the display current-
configuration command in system view.
3. Display whether the following if-match clauses are configured in the configured traffic
classification view.
l if-match 8021p 3
l if-match acl acl-number. The acl-number is the ACL of the packet from the specified
source MAC address to be discarded.
Step 3 Check the traffic behavior configured
1. Display whether the traffic behavior command is configured through the display current-
2. Display whether the deny command is configured in the configured traffic behavior view.
Step 4 Check the traffic policy configured
1. Display whether the traffic policy command is configured through the display current-
2. Display whether the classifier behavior command is configured correctly in traffic policy
view.
Step 5 Check the application of traffic policy on GE 8/0/1.1
Display whether the vlan-type dot1q 3 and traffic-policy inbound link-layer commands are
configured through the display this command in sub-interface view of Router B.
----End
1.3 Troubleshooting of Queue Scheduling Based on Traffic

Classification
This section describes the notes about configuring queue scheduling based on traffic
classification, and provides the queue scheduling based on traffic classification troubleshooting
flowchart and the troubleshooting procedure.

Figure 1-5 shows a typical networking of queue scheduling based on traffic classification.
Figure 1-5 Networking of queue scheduling based on traffic classification
GE1/0/0 GE1/0/1
GE8/0/1 GE8/0/1
RouterA RouterB RouterC


1. Send the traffic of ef level with 700 M, the traffic of af1 level with 100 M, the traffic of
af2 level with 200 M, and the traffic of be level with 300 M from Router A. The bandwidth
of GE 1/0/1 of Router B is 1000 M. Congestion is caused.
2. According to queue scheduling, all the traffic of ef level can be transmitted from GE 1/0/1,
and the traffic of af1, af2, be levels can be separately transmitted with 50 M, 100 M, 150
M.

For the network shown in Figure 1-5, the traffic at each level sent from Router A is not forwarded
correctly after reaching Router B based on the expected queue scheduling.
Perform the troubleshooting flow shown in Figure 1-6.
Figure 1-6 Troubleshooting flow of queue scheduling based on traffic classification
A fault occurs
Check
No Isolate the
the network
network fault
connectivity
Yes
Check
whether simple No Configure simple traffic
traffic classification is classification on the
configured on the
inbound inbound interface
interface
Yes
Check
whether simple Configure simple traffic
traffic classification is No
configured on the classification on the
outbound outbound interface
interface
Yes
Check
whether queue No Configure queue
scheduling is
configured scheduling correctly
correctly
Yes
Seek Huawei No Is the fault

Yes
End

Procedure
Step 1 Check the network connectivity
Display the state of each interface through the display ip interface brief command.
l Up indicates available.
l Down indicates unavailable.
When the interface is Down, check the link and the interface.
Step 2 Check that simple traffic classification is configured on the inbound interface
Display whether simple traffic classification is enabled through the display this command in
the inbound interface view of GE 8/0/1 on Router B. That is, whether the trust upstream
command is configured.
Step 3 Check that simple traffic classification is configured on the outbound interface
Display whether simple traffic classification is enabled through the display this command in
the outbound interface view of GE 8/0/1 on Router B. That is, whether the trust upstream
command is configured.
Step 4 Check the mapping of the domain
Check the mapping of the domain in global configuration mode through the display diffserv
domain command. That is, whether the mapping meet the requirement.
Step 5 Check queue scheduling configured
Display whether the correct queue scheduling is configured to forward the traffic at each level
through the display this command in the outbound interface view of GE 1/0/1 on Router B. That
is, whether the commands such as port-queue ef, port-queue af1, port-queue af2, port-queue
be are configured.
Confirm that the shaping for the traffic at each level is set correctly.
----End
1.4 Troubleshooting ATM QoS

This section describes the notes about configuring ATM QoS, and provides the ATM QoS
troubleshooting flowchart and trouble shooting procedure.
NOTE
ATM QoS cannot be configured on the X1 and X2 models of the NE80E/40E.

Typical networking of ATM QoS is shown in Figure 1-7. ATM QoS troubleshooting in this
chapter is described based on this networking figure.

Figure 1-7 Networking diagram for configuring ATM QoS for 1-to-1 VCC ATM transmission
1.1.1.9/32 3.3.3.9/32
POS1/0/0
10.1.2.2/24
PE1 MPLS PE2
POS1/0/0
ATM2/0/0 10.1.1.1/24 ATM2/0/0
ATM1/0/0.1
PVC1:1/100 ATM1/0/0.1
100.1.1.1/24 PVC1:1/100
100.1.1.2/24
CE1 CE2
ATM ATM
Network Network
In the figure:
l L2VPN is configured on PE1 and PE2; the L2VPN is bound with the interface of the PE
that is connected to the CE.
l PVC is configured on the CE and transparent cell transmission is configured on the ATM
side of the PE.
l On the ATM sub interface of PE1, simple traffic classification is configured.
1.4.2 Troubleshooting Flowchart

In Figure 1-7, users connected to CE1 and users connected to CE2 fail to access each other. The
troubleshooting flowchart is shown in Figure 1-8.

Figure 1-8 ATM QoS troubleshooting flowchart
No traffic
classification on
the ATM
interface
LSP or remote No Modify MPLS LDP

session set up between configured
PEs? between PEs
Yes
L2VPN Modify L2VPN

configuration No
configured
correct between
between PEs?
PEs?
Yes
ATM cell
Modify ATM cell
transmission No
transmission
configuration correct
configured on CEs
on CEs?
Yes
Simple Modify traffic
or forced traffic No classification
classification configured configured for PVC
on PEs? on private interface
Yes
Seek No Fault
technical removed?
support
Yes
End
1.4.3 Troubleshooting Procedure
Procedure
l Troubleshooting Procedure for Simple ATM Traffic Classification
1. Check whether MPLS LDP sessions are set up between the PEs.
For detailed troubleshooting procedure, see HUAWEI NetEngine80E/40E MPLS

L2VPN Troubleshooting.

2. Check whether L2VPN is set up between the PEs.
For detailed troubleshooting procedure, see HUAWEI NetEngine80E/40E MPLS

L2VPN Troubleshooting.
3. Check whether transparent transmission of ATM cells is enabled on the PE.
If the atm cell transfer command is run on the PE's interface that is connected to the
private network, transparent transmission of ATM cells can be carried out between
the CEs. The CEs can ping through each other.
4. Check whether simple ATM traffic classification is enabled on the PE.
Check whether the trust upstream command is run on the inbound interface.
In the interface view, run the display current-configuration command. Check
whether the trust upstream default command is run on the interface.
If the trust upstream default command has been run on the upstream PVC of the
PE, it means that simple ATM traffic classification has been enabled. The CLP
field in the ATM cells will be transmitted transparently to the remote end. That is,
the service priority of the ATM cells remains unchanged.
The PE puts the ATM cells into queues according to the service class and CLP of
the cells. Thus, diff-serv according to the priority of cells is carried out.
Check the configuration in the default DS domain.
If the mapping between the service priority and the queue is different from the
default mapping, run the display current-configuration command in the default
DS domain view. If the mapping does not satisfy the networking requirement,
configure the mapping again in the default DS domain view.
You can run the display port-queue command to check the outgoing queue on
the interface.
5. If the problem still remains unsolved, contact the local Huawei technical support
engineer.
l Troubleshooting Procedure for Forced ATM Traffic Classification
The configuration of forced ATM traffic classification has nothing to do with the type of
ATM services.
Forced ATM traffic classification can be applied to only the upstream interface. It cannot
be configured together with simple ATM traffic classification.
1. Check that forced ATM traffic classification is enabled on the upstream ATM interface
or PVC/PVP.
In the interface view, run the display current-configuration command. Check

whether the traffic queue service-class { green | red | yellow } command is run on
the interface.
The router should be able to put upstream ATM cells into queues according to their
class-service and color to carry out diff-serv according to interfaces and PVC/PVP.
You can run the display port-queue command to check the outgoing queue on the
interface.
2. If the problem still remains unsolved, contact the local Huawei technical support
engineer.
----End

1.5 Troubleshooting HQoS

This section describes the notes about configuring HQoS, and provides the HQoS
troubleshooting flowchart and troubleshooting procedure.

Typical networking of HQoS is shown in Figure 1-9 and Figure 1-10.HQoS troubleshooting
in this chapter is described based on these two networking figures.
HQoS on the User-Side Primary Interface of the PE
Figure 1-9 Networking for HQoS configuration on the primary interface
CE1 PE1 PE2

GE2/0/0 GE3/0/0 IP
172.1.1.1/24 172.1.1.2/24 backbone
network
In general, HQoS is configured on the access-layer router to guarantee bandwidth and limit
traffic of users or user groups.
In this networking, the configuration roadmap of HQoS is as follows:
l Configure the WRED parameters for each CoS.
l Queue scheduling algorithm and parameters for each flow queue.
l Configure mapping of the CoS for flow queues.
l Configure the shaping value for user group queues.
l Configure SQ on the interface.
l Configure CQ on the interface.

HQoS on the User-Side Sub-interface of the PE
Figure 1-10 Networking for HQoS configuration on the sub-interface
PE1 GE3/0/0 PE2

IP
172.1.1.2/24
backbone
network
GE2/0/0
172.1.1.1/24
VLL VPLS L3VPN VLL VPLS L3VPN
Customer Customer Customer Customer Customer Customer

gateway gateway gateway gateway gateway gateway
In this networking, the client gateways connect to the sub-interface of the PE by means of VLL,
VPLS or L3VPN.HQoS is configured on the access side of the PE to guarantee the bandwidth
and limit traffic of users or user groups.
The configuration roadmap is similar to that on the primary interface.

In the network shown in Figure 1-10, the traffic limit for the SQ is incorrect on one router. The
troubleshooting flowchart is shown in Figure 1-11.

Figure 1-11 HQoS troubleshooting flowchart
SQ traffic is
incorrect
Yes Yes
Traffic size Check the
Trunk
too small configuration on
interface
load of balancing
No No
Yes
Excessive
Upstream
protocol packets
No
Multicast, Yes Downstream

broadcast and
broadcast,unicast
packets exist unknown unicast
have no rate limit
No
Downstream Yes HQoS does not take
connected to the MPLS effect on the PW at
core network the public network
No
Seek No
Fault
technical removed?
support
Yes
End
Procedure
Step 1 Compare the actual traffic that passes through the router with the configuration.
If they are inconsistent, do as follows:
1. If the volume of traffic is smaller than the configuration, check that the interface where
HQoS is configured is an Eth-Trunk interface.
2. If the interface is an Eth-Trunk interface, check whether packet-based load balancing is
configured on that Eth-Trunk interface.
[PE1] interface eth-trunk 5
[PE1-Eth-Trunk55] display this
#
interface Eth-Trunk55
load-balance packet-all
#
3. If packet-based load balancing is configured on the Eth-Trunk interface, disable the load
balancing. Then the problem can be solved.

4. If the volume of traffic is larger than the configuration and the interface is not an Eth-Trunk
interface, perform Step 3.
5. If the volume of traffic is too large, proceed to Step 2.
Step 2 Check whether HQoS is configured on the inbound or outbound interface.
l If HQoS is configured on the inbound interface, perform Step 3.
l If HQoS is configured on the outbound interface, perform Step 4.
Step 3 Check whether there are too many protocol packets.
l When HQoS is configured on the inbound interface, SQ limits rate of all traffic including
protocol packets. In this case, if too many protocol packets go into the router, the bandwidth
allocated for protocol packets is wasted. Therefore, actual traffic volume is too small.
l If too few protocol packets go into the router, perform Step 6.
Step 4 Check whether there are multicast or unknown unicast packets.
l If there are multicast or unknown unicast packets on the outbound interface, the volume of
traffic that passes the router will be too large.
l If there are no multicast or unknown unicast packets, perform Step 5.
Step 5 Check whether the outbound interface is connected to the MPLS backbone network.
l If the outbound interface is connected to the MPLS backbone network, the volume of traffic
that passes the router will be too large because HQoS does not take effect on the backbone
network side.
l If not, perform step 6.
Step 6 Contact Huawei Technical Support Engineers.
----End
1.6 Troubleshooting UCL

Figure 1-12 shows a typical network configured with UCL policies. PPPoE users are accessed
to the network through the DSLAM. It is required that the router mark the priorities of users and
distinguish them as gold users and silver users, and achieve bandwidth assurance and implement
rate limit for the traffic of users according to their priorities.
Figure 1-12 UCL networking diagram
PC
ISP
network
VOIP
DSLAM 1 Router
IPTV


In the network as shown in 1.6.1 Typical Networking, UCLs do not take effect after being
configured.
Figure 1-13 UCL troubleshooting flowchart
UCL configuration
not effective
Configure UCL
Does the board Yes on UCL-
support UCL? supporting
board
No
Is interface Yes Delete configured

configured with CTC policies
CTC?
No
Are too many Yes Delete excessive

rules configured? rules
No
Contact Huawei No Is fault

technical support
rectified?
personnel
Yes
End
Procedure
Step 1 Check the type of the board to confirm whether UCLs are supported on the board.
l If UCLs are not supported on the board, replace the board with a UCL-supporting type of
board and configure UCLs again.
l If UCLs are supported on the board, go to Step 2.
Step 2 Check whether complex traffic classification (CTC) policies are configured on the interface.
l If CTC policies are configured on the interface, traffic may match the CTC policies rather
than UCLs. In this case, delete the CTC policies.

l If CTC policies are not configured on the interface, go to Step 3.
Step 3 Check whether too many UCL rules are configured.

NOTE
A maximum number of 2048 UCL rules can be configured. In addition, UCL rules of varying types are
applied to incoming and outgoing traffic differently.
l If the number of UCL rules that are configured exceeds the upper limit, delete the excessive
UCL rules.
l If the number of UCL rules that are configured does not exceed the upper limit, go to Step
4.
Step 4 If the fault persists, contact the Huawei technical support personnel.
----End
1.7 Troubleshooting Last Mile QoS

NOTE
Last Mile QoS cannot be configured on the X1 and X2 models of the NE80E/40E.

As shown in the following figure, the router functions as a BRAS. The user accesses the network
through PPPoA, and the link between the router and the DSLAM is an Ethernet link. It is required
to configure last mile QoS on the router to avoid traffic congestion on the DSLAM.
l The user accesses the network through the GE 2/0/0 on the router.
l RADIUS authentication and RADIUS accounting are used.
Figure 1-14 Networking diagram of last mile QoS
IPoE PPPoA PPPoE GE2/0/0

Ethernet
PC CPE BRAS
ATM DSLAM
NOTE
A user can access the network through either PPPoA or PPPoE. When the local link type and remote link
type are different, you need to configure last mile QoS and set a remote packet compensation value.

In the network as shown in Figure 1-14, last mile QoS does not take effect after being configured.
Figure 1-15 shows the troubleshooting flowchart.

Figure 1-15 Last mile QoS troubleshooting flowchart
Last mile QoS does

not take effect
Last mile No Enable last

QoS enabled mile QoS
or not?
Yes
Mode of last No Configure correct

mile QoS mode of last mile
correct? QoS correct
Yes
Contact Huawei
Fault No technical
rectified? support
personnel
Yes
End
Procedure
Step 1 Run the display this command in the system view or the AAA domain view to check whether
last mile QoS is enabled.
l If last mile QoS is enabled, go to Step 2.
l If last mile QoS is not enabled, run the qos link-adjustment remote enable command in
either the system view or the AAA domain view accordingly. The configuration takes effect
when the user log in again. If you configure the qos link-adjustment remote enable
command in the AAA domain view, last mile QoS takes effect with only the L2TP service.
Step 2 Check whether the remote packet compensation value is correctly configured in the interface
view or the AAA domain view.
l If the remote packet compensation value is correctly configured, go to Step 3.
l If the remote packet compensation value is not correctly configured, run the qos link-
adjustment remote command in either the system view or the AAA domain view
accordingly.
Step 3 If the fault persists, contact the Huawei technical support personnel.
----End

1.8 BAS HQoS Does Not Take Effect
1.8.1 Common Causes

This fault is commonly caused in one of the following situations:
l No QoS profile is applied in the interface view or user domain view.

l No traffic behavior is configured in the QoS profile.

None.
Context
NOTE
Saving the results of each troubleshooting step is recommended. If your troubleshooting fails to correct
the fault, you will have a record of your actions to provide Huawei technical support personnel.
Procedure
Step 1 Check that BAS HQoS is configured on the device.
l For family users, check whether a QoS profile is applied to an interface on the user side.
Run the display this command in the view of the interface connected to the faulty client to
check whether a QoS profile is applied.
If no QoS profile is applied, run the qos-profile qos-profile-name { inbound | outbound }
command to apply a correct QoS profile. The new configuration takes effect after the user
goes online again.
NOTE
The newly applied QoS profile is invalid for the logged-on users. After the user goes offline and goes
online again, the QoS profile takes effect.
l For common users, check whether a QoS profile is applied to an interface on the user side.
Run the display domain domain-name command to view the Qos-profile-name inbound
and Qos-profile-name outbound fields to check whether a QoS profile is applied.
If the values of the Qos-profile-name inbound and Qos-profile-name outbound fields are
not displayed, no QoS profile is applied. Run the qos-profile qos-profile-name { inbound |
outbound } command in the user domain view. The new configuration takes effect after the
user goes online again.
l If BAS HQoS is correctly configured, go to Step 2.
Step 2 Check that the QoS profile is correctly configured.
Run the display qos-profile configuration qos-profile-name command to check whether the
user-queue or car command is configured in the QoS profile.

l If the user-queue or car command is not configured, run the user-queue or car command
in the QoS profile view. The new configuration takes effect after the user goes offline and
goes online again.
l If the QoS profile is correctly configured, go to Step 3.
Step 3 Collect the following information and contact Huawei technical support personnel.
l Results of the preceding operation procedure
l Configuration files, log files, and alarm files of the devices
----End
1.8.4 Relevant Alarms and Logs
Relevant Alarms
None.
Relevant Logs
None.
1.9 Related Troubleshooting Cases
1.9.1 Packets Are Not Discarded After Traffic Policy Is Configured
Fault Symptom
On the network shown in Figure 1-16, two ACL rules in a traffic policy is configured in sequence
on GE 1/0/0 of the router to implement the following functions:
l Discards UDP packets with the destination address being 10.1.1.1/30 and interface numbers
smaller than 1023.
l Applies a CAR policy to other packets with the destination address being 10.1.1.1/30 and
interface numbers equal to or larger than 1023 to limit the transmission rate to 400 Mbit/
s.
After the configurations, the router applies the CAP policy to the UDP packets with the
destination address being 10.1.1.1/30, thus implementing traffic control; however, it does not
discards the UDP packets with the destination address being 10.1.1.1/30 and interface numbers
smaller than 1023.
Figure 1-16 Packets not discarded after traffic policy is configured
GE1/0/0
Network
Router

Fault Analysis
1. Run the display current-configuration command to check the global configurations of
acl and traffic policy. The configurations are as follows:
acl 3010 match-order auto
rule 5 permit ip destination 10.1.1.1 0.0.0.3
acl 3011
rule 5 permit udp destination 10.1.1.1 0.0.0.3 destination-port lt 1023
traffic classifier c1 operator or
if-match acl 3010
traffic classifier c2 operator or
if-match acl 3011
traffic behavior b1
car cir 400000 cbs 400000 pbs 0 green pass yellow pass red discard
traffic behavior b2
deny
traffic policy tp
classifier c1 behavior b1
classifier c2 behavior b2
interface gigabitethernet 1/0/0
traffic-policy tc inbound
2. The command output shows that UDP packets first attempt to match the ACL rule
associated with the classifier that is first configured in a traffic policy. After the UDP
packets match the ACL rule, the packets do not match the other ACL rule. In this case, the
UDP packets with the destination address being 10.1.1.1/30 and the interface number
smaller than 1023 match ACL 3010, allowing the traffic limit to take effect on the packets.
After this, the UDP packets, however, do not match the other ACL rule and therefore are
not discarded.
Procedure
Step 1 Run the undo traffic-policy inbound command in the interface view to delete the associated
policy applied to an interface.
Step 2 Run the system-view command to enter the system view.
Step 3 Run the undo traffic policy tp command to delete the traffic policy.
Step 4 Run the traffic policy tp command to create a traffic policy and enter the traffic policy view.
Step 5 Run the classifier c2 behavior b2 command and then the classifier c1 behavior b1 command
to change the sequence for applying ACL rules in the traffic policy.
Step 6 Run the traffic-policy policy-name inbound command to apply the associated policy on the
interface.
After the preceding operations, the UDP packets with the destination address being 10.1.1.1/30
and the interface numbers smaller than 1023 are discarded, traffic control is performed on other
packets with the destination address being 10.1.1.1/30. The fault is then rectified.
----End
Summary
The sequence for applying ACL rules must be correct. During traffic classification, packets
match the ACL rules in the sequence from an ACL associated with the classifier that is first

configured in a traffic policy. If the packets match an ACL rule, the packets are processed based
on the ACL rule and do not match other ACL rules.
When configuring a traffic policy, ensure that the sequence in which traffic classifiers are applied
is correct.
1.9.2 Packets of VPN Services Are Lost Because the IP Precedence

of a Device Is Incorrectly Set
Fault Symptom
On the network shown in Figure 1-17, Layer 3 MPLS VPN is run between the router and the
switch, and the Soft 3000 belongs to the Layer 3 MPLS VPN. The router and the switch are
configured with QoS to protect services. After the configuration, it is found that packet loss
occurs when Switch A pings the Soft 3000 and the other services are normal.
Figure 1-17 Diagram of the networking where packets of VPN services are lost because the IP
precedence of a device is Incorrectly set
Soft 3000 Router Switch A
Switch B
Fault Analysis
1. Run the display current-configuration command on the router to check the current
configuration.
acl number 10001
rule ip
traffic classifier any-ngn
if-match acl 10001
traffic behavior action-ef
remark ip-precedence 4
traffic policy eacl-ef
classifier any-ngn behavior action-ef precedence 0
interface GigabitEthernet1/0/0
port-queue af4 shaping 10 outbound
port-queue ef shaping 100 outbound
trust upstream default
The command output shows that the IP precedence value is set to 4 (corresponding to AF4),
the committed bandwidth for AF4 on the interface is 10 Mbit/s, and packet loss occurs
when the traffic volume is greater than 10 Mbit/s. In this case, the volume of NGN traffic
on Switch A exceeds 10 Mbit/s.

2. Run the display port-queue statistics interface gigabitethernet 1/0/0 af4 outbound
command. You can find that a large number of packets in the AF queue are discarded.
[af4]
Current usage percentage of queue: 0
Total pass:
0 packets, 0 bytes
Total discard:
13,608,926 packets,
39,502,685,409 bytes
Drop tail discard:
0 packets, 0 bytes
Wred discard:
0 packets, 0 bytes
Last 30 seconds pass rate:
453,631 pps,
1,316,756,180 bps
Last 30 seconds discard rate:
0 pps, 0 bps
Drop tail discard rate:
0 pps, 0 bps
Wred discard rate:
0 pps, 0 bps
Peak rate:
0000-00-00 00:00:00 0 bps
The command output shows that the IP precedence value of the router is set to 4
(corresponding to AF4) and packet loss occurs when the traffic volume exceeds 10 Mbit/
s. As a result, packet loss occurs when Switch A pings the Soft 3000.
Procedure
Step 2 Run the traffic behavior behavior-name command to enter the traffic behavior view.
Step 3 Run the remark ip-precedence 5 command to re-mark the IP precedence and specify the ToS
of VPN NGN services to EF.
After the preceding operations, the IP precedence value is set to 5, which corresponds to EF set
with the port-queue ef shaping 100 outbound command on the interface. Thus, the committed
bandwidth of VPN NGN services is changed to 100 Mbit/s.
----End
Summary
After the remark ip-precedence precedence command is run on a device, the device maps the
re-marked IP precedence with a ToS.
The mappings between IP precedences and ToSs are as follows:
0 be
1 af1 green
2 af2 green
3 af3 green

4 af4 green
5 ef green
6 ef green
7 ef green
1.9.3 Slow Web Page Loading for Some ADSL Users

Fault Symptom
On the network shown in Figure 1-18, ADSL users access the Internet either by directly dialing
through a modem on PCs or by using a broadband router as an agent dialer connected to a modem.
After the configuration, when ADSL user access the Internet by using the agent dialer, Web
pages are loaded during a period from 17:00 to 23:30 slower than during daytime and some Web
pages fail to be loaded. When ADSL users access the Internet by dialing through a modem, Web
pages are loaded at a normal rate.
Figure 1-18 Networking diagram of slow web page loading for some ADSL users
I n t e r ne t
RouterA
Broadband
Access Router
Modem Modem
User User User User
Fault Analysis
1. After packets are captured, information shows that the port numbers used by ADSL users
dialing through a modem range from 1000 to 10000, but the port numbers used by ADSL

users dialing through an agent dialer are translated by NAT into port numbers larger than
10000.
2. Run the display current-configuration command on the device to check the traffic limit
configured on the interface. The command output shows that a P2P traffic policy has been
configured. Based on the traffic policy, the transmission rate of services with the interface
number larger than 10000 is within 20 Mbit/s. In this case, insufficient bandwidth causes
slow Web page loading when ADSL users dialing through an agent dialer attached to the
modem access the Internet during the period from 19:00 to 23:30.
Procedure
Step 2 Run the interface interface-type interface-number command to enter the interface view.
Step 3 Run the undo traffic-policy { inbound | outbound } command to delete the traffic policy.
After the preceding operations, allowing the ADSL users using the agent dialer to experience
normal Web pages loading. The fault is rectified.
----End
Summary
Do check interface numbers used for transmitting a service before setting a traffic limit for the
service. In addition, if the service passes through a NAT device, such as a firewall or a NAT-
enabled router, consider the impact of the NAT process before setting the traffic limit, preventing
an incorrect setting from affecting user traffic over an entire network.
1.9.4 Rate Limit Does Not Take Effect When Both Rate Limit and
Access Control Are Configured
Fault Symptom
Access control is configured on the Router A to discard UDP packets destined for specific
interfaces and rate limit is configured to limit the rate of the other data packets. After the
configuration is complete, it is found that rate limit does not take effect.
Figure 1-19 Networking diagram for Rate Limit Does Not Take Effect
Network Network
RouterA
Fault Analysis
1. Run the display current-configuration command on the Router A.

acl number 3300

rule 0 deny udp destination-port eq dns
rule 1 deny udp destination-port eq snmp
rule 2 deny udp destination-port eq snmptrap
rule 3 deny udp destination-port eq syslog
traffic classifier udp-limit operator and
if-match acl 3300
traffic behavior udp-limit
car cir 1360000 cbs 1360000 pbs 0 green pass yellow discard red discard
traffic policy udp-limit
classifier udp-limit behavior udp-limit
interface gigabitethernet 1/0/0
traffic-policy udp-limit inbound
The preceding command output shows that after a data packet enters an interface, the packet is
matched against ACL rules. If the packet matches an ACL rule whose action is deny, the packet
is discarded. Packets that do not match any ACL rule are directly forwarded.
Therefore, to limit the rate of the data packets that do not match any ACL rule, you need to add
an ACL rule to implement the permit action on these packets. Then, rate limit takes effect with
these data packets.
Procedure
Step 1 Run the undo traffic-policy command in the interface view to cancel the traffic policy that is
applied to the interface.
Step 3 Run the undo traffic policy policy-name command to delete the traffic policy from the device.
Step 4 Run the traffic behavior udp-limit command to enter the traffic behavior view.
Step 5 Run the undo car command to cancel the configured traffic rate limit.
Step 6 Run the quit command to return to the system view.
Step 7 Run the acl [ number ] acl-number command to add an ACL.
Step 8 Run the rule rule-id permit any command to implement the permit action on the packets other
than the UDP packets destined for specific interfaces.
Step 10 Run the traffic classifier classifier-name command to configure a traffic classifier.
Step 11 Run the if-match acl acl-number command to define an ACL matching rule.
Step 13 Run the traffic behavior behavior-name command to configure a traffic behavior.
Step 14 Run the car cir 1360000 cbs 1360000 pbs 0 green pass yellow discard red discard command
to configure a rate limit for the packets that are allowed to pass.
Step 16 Run the traffic policy policy-name command to create a traffic policy and then run the
classifier classifier-name behavior behavior-name command to associate the traffic classifier
with the traffic behavior in the traffic policy.

Step 17 Run the traffic-policy policy-name inbound command on the interface to apply the traffic
policy to the interface.
Step 18 Run the display current-configuration command to check the corresponding configurations.
acl number 3300
acl number 3301
rule 4 permit any
traffic classifier udp-limit operator or
if-match acl 3300
traffic classifier udp-limit1 operator or
if-match acl 3301
traffic behavior udp-limit1
classifier udp-limit1 behavior udp-limit1
interface gigabitEthernet 1/0/0
traffic policy udp-limit inbound
After the preceding operations, both access control and rate limit take effect. The fault is rectified.
----End
Summary
When configuring access control, you can use the parameter deny to discard packets. The other
packets that are not discarded are directly forwarded without rate limit by default. To limit the
rate of the packets that are not denied, you need to first configure an ACL rule to allow them to
pass. Then, configure traffic behaviors to limit the rate at which these packets are forwarded.
1.9.5 The DNS Server Cannot Be Accessed Due to Incorrect

Configurations of Traffic Classification
Fault Symptom
On the network shown in Figure 1-20, Router A functions as the egress. Rate limit is configured
for UDP packets other than DNS, SNMP, SNMP Trap, and Syslog packets in the inbound
direction of GE 1/0/0 on Router A. The rate of these UDP packets is limited to 1.3 Gbit/s. After
the configuration, a user on another network cannot access the DNS server on this network.

Figure 1-20 Networking diagram of DNS service interruption caused by incorrect

configurations of traffic classification
RouterA
GE1/0/0 GE1/0/1
GE1/0/0
GE1/0/1
RouterB RouterC
Fault Analysis
1. After configurations of rate limit are deleted by using the undo car command in the traffic
behavior view on Router A, a user on another network can access the DNS server on this
network. Therefore, it can be concluded that the fault is caused by incorrect configurations.
2. Run the display current-configuration command on Router A to check its configurations:
acl number 3300
rule 4 permit udp
traffic classifier udp-limit operator and
if-match acl 3300
The preceding information indicates that DNS, SNMP, SNMP Trap, and Syslog packets
are all denied. This is because these packets match the ACL rules whose action is deny.
As a result, these packets are directly discarded on Router A, and thus are not processed
based on the configured traffic behaviors.
Therefore, the actions in the rules of ACL 3300 need to be set to permit for DNS, SNMP,
SNMP Trap, and Syslog packets, and an ACL rule needs to be added to implement rate
limit on the other types of UDP packets.
Procedure
Step 1 Define ACL 3300 for DNS, SNMP, SNMP Trap, and Syslog packets, configure a traffic
classifier through the traffic classifier udp-limit command, configure a traffic behavior by using
the traffic behavior udp-limit command, and create a traffic policy by using the traffic policy
udp-limit command.
Step 2 Define ACL 3301 for UDP packets other than DNS, SNMP, SNMP Trap, and Syslog packets,
configure a traffic classifier through the traffic classifier udp-limit1 command, configure a

traffic behavior by uing the traffic behavior udp-limit1 command, and create a traffic policy
by uing the traffic policy udp-limit1 command.
Step 3 Run the display current-configuration command on Router A to check the corresponding
configurations:
acl number 3300
rule 0 permit udp destination-port eq dns
rule 1 permit udp destination-port eq snmp
rule 2 permit udp destination-port eq snmptrap
rule 3 permit udp destination-port eq syslog
acl number 3301
rule 0 permit udp
traffic classifier udp-limit operator or
if-match acl 3300
traffic classifier udp-limit1 operator or
if-match acl 3301
traffic behavior udp-limit1
classifier udp-limit1 behavior udp-limit1
After matching ACL 3300, DNS, SNMP, SNMP Trap, and Syslog packets are forwarded based
on the traffic behavior configured through the traffic behavior udp-limit command. After
matching ACL 3301, UDP packets other than DNS, SNMP, SNMP Trap, and Syslog packets
are forwarded based on the traffic behavior configured in the traffic behavior udp-limit1
command.
After the preceding operations, a user on another network can access the DNS server on this
network and rate limit takes effect. The fault is rectified.
----End
Summary
An ACL not only classifies traffic but also permits or denies traffic, that is, forwards or discards
traffic. Therefore, make sure that packets that need to be rate limited are not discarded.


Troubleshooting - QoS (V600R003C00 - 02) PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Troubleshooting - QoS (V600R003C00 - 02) PDF

Uploaded by

Copyright:

Available Formats

HUAWEI NetEngine80E/40E Router

HUAWEI TECHNOLOGIES CO., LTD.

Trademarks and Permissions

Huawei Technologies Co., Ltd.

Issue 02 (2011-09-10) Huawei Proprietary and Confidential i

About This Document

This document describes the troubleshooting of HUAWEI NetEngine80E/40E with various

Product Name Version

HUAWEI NetEngine80E/40E V600R003C00

Issue 02 (2011-09-10) Huawei Proprietary and Confidential ii

Alerts you to a high risk hazard that could, if not avoided,

Alerts you to a medium or low risk hazard that could, if

Alerts you to a potentially hazardous situation that could,

NOTE Provides additional information to emphasize or

Changes in Issue 02 (2011-09-10)

Changes in Issue 01 (2011-05-30)

Issue 02 (2011-09-10) Huawei Proprietary and Confidential iii

About This Document.....................................................................................................................ii

Issue 02 (2011-09-10) Huawei Proprietary and Confidential iv

1.8.3 Troubleshooting Procedure......................................................................................................................19

Issue 02 (2011-09-10) Huawei Proprietary and Confidential v

About This Chapter

1.1 Troubleshooting of 802.1P Simple Traffic Classification

Issue 02 (2011-09-10) Huawei Proprietary and Confidential 1

1.1 Troubleshooting of 802.1P Simple Traffic Classification

1.1.1 Typical Networking

Figure 1-1 Networking of 802.1P simple traffic classification

The solution in the above figure includes:

1.1.2 Troubleshooting Flow

Issue 02 (2011-09-10) Huawei Proprietary and Confidential 2

Figure 1-2 Troubleshooting flow of simple traffic classification

The 8021P value of

Is the Modify the configuration

1.1.3 Troubleshooting Procedures

Issue 02 (2011-09-10) Huawei Proprietary and Confidential 3

1.2 Troubleshooting of Complex Traffic Classification

1.2.1 Typical Networking

Figure 1-3 Networking of complex traffic classification

The solution in the above figure includes:

1.2.2 Troubleshooting Flow

Issue 02 (2011-09-10) Huawei Proprietary and Confidential 4

Figure 1-4 Troubleshooting flow of complex traffic classification

Check Check the status of

1.2.3 Troubleshooting Procedures

Issue 02 (2011-09-10) Huawei Proprietary and Confidential 5

l Up indicates that the interface is available.

1.3 Troubleshooting of Queue Scheduling Based on Traffic

1.3.1 Typical Networking

Figure 1-5 Networking of queue scheduling based on traffic classification

Issue 02 (2011-09-10) Huawei Proprietary and Confidential 6

The solution in the above figure includes:

1.3.2 Troubleshooting Flow

Figure 1-6 Troubleshooting flow of queue scheduling based on traffic classification

Seek Huawei No Is the fault

Issue 02 (2011-09-10) Huawei Proprietary and Confidential 7

1.3.3 Troubleshooting Procedures

Step 4 Check the mapping of the domain

Step 5 Check queue scheduling configured

1.4 Troubleshooting ATM QoS

ATM QoS cannot be configured on the X1 and X2 models of the NE80E/40E.

1.4.1 Typical Networking

Issue 02 (2011-09-10) Huawei Proprietary and Confidential 8

1.4.2 Troubleshooting Flowchart