System Administration Commands ipqosconf(1M)
NAME
ipqosconf - configure the IPQoS facility
SYNOPSIS
/usr/sbin/ipqosconf
/usr/sbin/ipqosconf -a conf_file [-vs]
/usr/sbin/ipqosconf -c
/usr/sbin/ipqosconf -f
/usr/sbin/ipqosconf -l
/usr/sbin/ipqosconf -L
DESCRIPTION
The ipqosconf utility configures the Quality of Service
facility of the Internet Protocol (IP). Only superusers can use this command.Without arguments, ipqosconf displays the actual IPQoS con-
figuration. Configuration is not preserved across reboot. You must apply the configuration every time that the machine reboots. To apply the configuration early in the boot phase, you can populate the /etc/inet/ipqosinit.conf file, which is then read from the svc:/network/initial:default service. OPTIONS The following options are supported:-a conf_file Apply the configuration in conf_file. If the
conf_file is -, ipqosconf reads from stan-
dard input.-c Populate the boot file with the current con-
figuration.-f Flush the configuration.
SunOS 5.11 Last change: 18 Dec 2008 1
System Administration Commands ipqosconf(1M)
-l List the current applied configuration.
-L List the current configuration in verbose
mode.In addition to the information that the -l
option provides, the -L option provides
filters and classes configured through other means than the iqposconf command. This option also provides the full set of filtersthat were created by ipqosconf by represent-
ing a multi-homed host in a configuration
file-s Log messages to syslog during an -a opera-
tion.-v Toggle verbose mode during an -a operation.
The -v option causes all messages to go to
the console in addition to their normal des-
tination. Messages intended to go to syslog,because the -s flag is set or because it is
a log message, still go to syslog as well as the console. CONFIGURATION FILE The configuration file is composed of a format version and asuccession of configuration (action) blocks. There are dif-
ferent configuration blocks for each type of action that is being configured. Format VersionThe first line of the configuration file specifies the for-
mat version contained in the configuration file. The following entry specifies the format version:fmt_version x.x
where x.x is the format version. 1.0 is the only supported version. Configuration BlocksSunOS 5.11 Last change: 18 Dec 2008 2
System Administration Commands ipqosconf(1M)
Following the format version, are a succession of configura-
tion (action) blocks that are different for each type of action being configured. A configuration block always has the following structure: action {name action_name
module module_name
params_clause | ""
cf_clauses
}action_name ::= string
module_name ::= ipgpc | dlcosmk | dscpmk | flowacct | tswtclmt |
tokenmtparams_clause ::= params {
parametersparams_stats | ""
}parameters ::= prm_name_value parameters | ""
prm_name_value ::= param_name param_value
ModulesThe param_name and the types of param_value are specific to
a given module.params_stats ::= global_stats boolean
cf_clauses ::= class_clause cf_clauses |
filter_clause cf_clauses | ""
class_clause ::= class {
name class_name
next_action next_action_name
class_stats | ""
}class_name ::= string
next_action_name ::= string
class_stats ::= enable_stats boolean
boolean ::= TRUE | FALSEfilter_clause ::= filter {
name filter_name
class class_name
parameters }SunOS 5.11 Last change: 18 Dec 2008 3
System Administration Commands ipqosconf(1M)
filter_name ::= string
There must be exactly one configuration block belonging to module ipgpc. The action must be named ipgpc.classify. All other actions should be reachable from ipgpc by way ofparameters of type action or the next_action of a class.
The set of types that are used for parameters of the dif-
ferent modules are: action ::= string protocol ::= 1..255 port ::= 1..65535 uint8 ::= 0..255 uint32 ::= 0..4294967296int32 ::= -2147483648..2147483648
address ::=ifname ::= enum ::= string | { string_list }
boolean ::= TRUE | FALSEinteger_array ::= { range_value_list }
map_index ::= uint32
address ::= ip_address | ip_node_name
user ::= uid | username uid ::= 0..65535 username ::= stringstring_list ::= string sl_entrys
sl_entrys ::= ',' string sl_entrys | ""
range_value_list ::= range_value_entry range_value_entrys
range_value_entry ::= range ':' integer_array_value
range ::= uint32 '-' uint32
integer_array_value ::= string | integer_array_number
integer_array_number ::= uint8 | uint32
range_value_entrys ::= ';' range_value_entry range_value_entrys | ""
ip_node_name ::= string
ip_address ::= v4_address | v6_address
v4_address ::= v4_ip_address / v4_cidr_mask |
v4_ip_address
v4_cidr_mask ::= 1-32
v6_address ::= v6_ip_address / v6_cidr_mask |
v6_ip_address
v6_cidr_mask ::= 1-128
METER module tokenmt configuration syntax:SunOS 5.11 Last change: 18 Dec 2008 4
System Administration Commands ipqosconf(1M)
red_action_name action
yellow_action_name action
green_action_name action
committed_rate uint32
committed_burst uint32
peak_rate uint32
peak_burst uint32
color_aware boolean
color_map integer_array
global_stats boolean
METER module tswtclmt configuration syntax:red_action_name action
yellow_action_name action
green_action_name action
committed_rate uint32
peak_rate uint32
window uint32global_stats boolean
MARKER module dscpmk configuration syntax:next_action action
dscp_map int_array
dscp_detailed_stats boolean
global_stats boolean
MARKER module dlcosmk configuration syntax:next_action action
cos map_index
global_stats boolean
CLASSIFIER module ipgpc configuration syntax: user userSunOS 5.11 Last change: 18 Dec 2008 5
System Administration Commands ipqosconf(1M)
projid int32if_name ifname
direction enum {LOCAL_IN,
LOCAL_OUT,
FWD_IN,
FWD_OUT}
protocol protocol dsfield uint8dsfield_mask uint8
saddr address daddr address sport port dport port priority uint32 precedence uint32ip_version enum {
V4, V6 }global_stats boolean
ACCOUNTING module flowacct configuration syntax:next_action action
timer uint32 timeout uint32max_limit uint32
Types action A string of characters with a matching action definition. The character string can be up to twenty three characters in length. To allow for spaces the string needs to be enclosed in quotes and cannot span lines.Two special actions are pre-defined and can
not have an explicit action definition. Thetwo pre-defined actions are continue and
drop. continue causes the packet that is passed to it to continue normal processing. drop causes the packet that is passed to it to be dropped. address A machine name or address recognized by getipnodebyname(3SOCKET). If a machine nameis specified, and ip_version has been
defined, the query is done using thatSunOS 5.11 Last change: 18 Dec 2008 6
System Administration Commands ipqosconf(1M)
address family. If a machine name is notspecified and ip_version has not been
defined, the query is done using theAI_DEFAULT flag to
getipnodebyname()(..AF_INET6..). CIDR
address masks following an IP address are allowed. Specify the CIDR address masks as1-32 (for v4) or 1-128 (for v6). CIDR
addresses are disallowed for node names. enum Either one of the supported values or comma delimited list of support values, enclosed in curly braces.ifname A non-NULL, existing interface name recog-
nized by the SIOGLIFINDEX socket ioctl.integer_array A comma delimited set of range/value pairs,
enclosed in curly braces.Specify range in the format x-y, where x
and y are integers that denote the range of array indexes to which the value applies. The minimum value for both x and y is 0. The maximum value for x is particular to the parameter. Any array indexes not referred to in the set of ranges are left at their previous value.map_index A non-negative integer used as an index
into any maps associated with a parameter of this type. The maximum value of this type is dictated by the number of entries in the associated maps. The index starts at 0. port Either a service name recognized bygetservbyname(3SOCKET) or an integer 1-
65535. protocol Either a protocol name recognized bygetprotobyname(3SOCKET) or an integer 1-
255.SunOS 5.11 Last change: 18 Dec 2008 7
System Administration Commands ipqosconf(1M)
string A character string. Enclose string in quotes. string cannot span multiple lines. user Either a valid user ID or username for the system that is being configured. Parameters The configuration file can contain the following parameterscolor_aware A value of TRUE or FALSE, indicating
whether or not the configured action takes account of the previous packet coloring when classifying.color_map An integer array that defines which
values of the dscp field correspond with which colors for when thecolor_aware parameter is set to TRUE.
committed_burst The committed burst size in bits.
committed_rate The committed rate in bits per
second. cos The value used to determine the underlying driver level priority applied to the packet which is defined in 802.1D. daddr The destination address of the datagram. direction The value used to build a filter matching only part of the traffic. This parameter is of type enum withvalid values of LOCAL_IN (local bound
traffic), LOCAL_OUT (local sourced
traffic), FWD_IN (forwarded traffic
entering the system), and FWD_OUT
(forwarded traffic exiting the sys-
tem).SunOS 5.11 Last change: 18 Dec 2008 8
System Administration Commands ipqosconf(1M)
dport The destination port of the datagram.dscp_detailed_stats A value of TRUE or FALSE that deter-
mines whether detailed statistics are switched on for this dscp action. Specify TRUE to switch on or FALSE to switch off.dscp_map The integer_array that supplies the
values that IP packets with a givendscp value have their dscp re-marked
with. The existing value is used to index into the array where the new value is taken from. The array is of size 64,meaning valid indexes are 0-63 and
valid values are also 0-63.
dsfield The DS field of the IP datagramheader. This is an 8-bit value, with
each bit position corresponding with the same one in the header; this enables matches to be done on the CU bits. If you specify this parameter, you must also specify thedsfield_mask parameter.
dsfield_mask The mask applied to the dsfield
parameter to determine the bits against which to match. This is an8-bit value, with each bit position
corresponding with the same one in the dsfield parameter.global_stats A value of TRUE or FALSE to enable or
disable the statistic collection for this action.green_action_name The action to be executed for packets
that are deemed to be green.if_name The name of an interface recognized
by the SIOGLIFINDEX ioctl. ThisSunOS 5.11 Last change: 18 Dec 2008 9
System Administration Commands ipqosconf(1M)
parameter is of type ifname.ip_version This parameter is of type enum and
has valid values of V4 and V6. If it is set to V4 only then only ipv4addresses are requested for a specified hostname. If it is set to V6, only ipv6 addresses are returned if there are any, otherwise v4 mapped v6 addresses are returned. If both V4 and V6 are specified, or ifip_version is not specified, then
both ipv4 and ipv6 addresses are requested for a specified hostname.max_limit The maximum number of flow entries
present at one time in the flowacct actions in the memory resident table.next_action The action to be executed when the
current action is complete. This value can be either the name ofan action defined in the configura-
tion file, or one of the two special action types: drop and continue.peak_burst The peak burst size, for a two rate
meter, or excess burst size, for a single rate meter, in bits.peak_rate The peak rate in bits per second.
precedence An integer that is used to order filters. If there are two matching filters that have the same priorityvalue, the one with the lower pre-
cedence value is the one matched. This parameter should be used becausethe order of the filters in a confi-
guration file has no influence on their relative precedence.SunOS 5.11 Last change: 18 Dec 2008 10
System Administration Commands ipqosconf(1M)
priority An integer that represents the rela-
tive priority of a filter. If there are two matching filters, the one with the higher priority value is the one matched. Multiple filters can have the same priority. projid The project ID of the process sendingthe data. This value is always -1 for
received traffic. protocol The Upper Layer Protocol against which this entry is matched.red_action_name The action to be executed for packets
that are determined to be red. saddr The source address of the datagram. sport The source port of the datagram. timeout The timeout in milliseconds after which flows are written to the accounting file. timer The period in milliseconds at whichtimed-out flows are checked for.
user The user ID or username of the pro-
cess sending the data. This value isalways -1 for received traffic.
window The window size in ms.yellow_action_name The action to be executed for packets
that are determined to be yellow. SECURITY None.SunOS 5.11 Last change: 18 Dec 2008 11
System Administration Commands ipqosconf(1M)
EXAMPLES
Example 1 Sending All Traffic From eng to the AF 1 Class of Service This example sends all traffic from eng to the AF 1 class of service. It is documented in four separate steps:The following step creates a tokenmt action with three out-
comes:#meter for class 1.
action {name AF_CL1
module tokenmt params{committed_rate 64
committed_burst 75
peak_burst 150
global_stats TRUE
red_action_name drop
yellow_action_name markAF12
green_action_name markAF11
} } The following step creates two dscpmk actions:#class 1, low drop precedence.
action { name markAF11 module dscpmk params{dscp_map {0-63:28}
dscp_detailed_stats TRUE
global_stats TRUE
next_action acct1
} }#class 1, medium drop precedence.
action { name markAF12 module dscpmk params {dscp_map {0-63:30}
SunOS 5.11 Last change: 18 Dec 2008 12
System Administration Commands ipqosconf(1M)
dscp_detailed_stats TRUE
global_stats TRUE
next_action acct1
} } The following step creates an accounting action:#billing for transmitted class 1 traffic.
action { name acct1 module flowacct params { timer 10 timeout 30global_stats TRUE
max_limit 1024
next_action continue
} } The following step creates an ipgpc action:#traffic from eng sent, traffic from ebay dropped.
action { name ipgpc.classify module ipgpc class {name from_eng
enable_stats TRUE
next_action AF_CL1
} class {name from_ebay
enable_stats TRUE
next_action drop
} filter {name from_eng
saddr eng-subnet
class from_eng
} filter {SunOS 5.11 Last change: 18 Dec 2008 13
System Administration Commands ipqosconf(1M)
name from_ebay
saddr ebay-subnet
class from_ebay
} } FILES /etc/inet/ipqosinit.conf Contains the IPQoS configuration loaded at boot time. If this file exists, it is read from the network/initial:default service./etc/inet/ipqosconf.1.sample
Sample configuration file for an application server/etc/inet/ipqosconf.2.sample
Sample configuration file that meters the traffic for a specified application/etc/inet/ipqosconf.3.sample
Sample configuration file that marks the ethernet headers of web traffic with a given user priorityATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | system/network/ipqos ||_____________________________|_____________________________|
| Interface Stability | Committed ||_____________________________|_____________________________|
SEE ALSO
syslog(3C), getipnodebyname(3SOCKET),getprotobyname(3SOCKET), getservbyname(3SOCKET), attri-
butes(5), dlcosmk(7IPP), dscpmk(7IPP), flowacct(7IPP),SunOS 5.11 Last change: 18 Dec 2008 14
System Administration Commands ipqosconf(1M)
ipgpc(7IPP), ipqos(7IPP), tokenmt(7IPP), tswtclmt(7IPP) DIAGNOSTICSipqosconf sends messages to syslog of facility user, sever-
ity notice when any changes are made to the IPQoS configura-
tion.Errors that occur during an ipqosconf operation send an
error message to the console by default. For the applicationof a new configuration if the -s option is set then these
messages are sent to syslog as facility user, severity errorinstead. If the -v option is present during an application
then all error and change notificationmessages are sent to the console as well as their default destination.SunOS 5.11 Last change: 18 Dec 2008 15