IPQOSCONF(8) | Maintenance Commands and Procedures | IPQOSCONF(8) |
ipqosconf - configure the IPQoS facility
/usr/sbin/ipqosconf
/usr/sbin/ipqosconf -a conf_file [-vs]
/usr/sbin/ipqosconf -c
/usr/sbin/ipqosconf -f
/usr/sbin/ipqosconf -l
/usr/sbin/ipqosconf -L
The ipqosconf utility configures the Quality of Service facility of the Internet Protocol (IP). Only superusers can use this command.
Without arguments, ipqosconf displays the actual IPQoS configuration.
Configuration is not preserved across reboot. You must apply the configuration every time that the machine reboots. To apply the configuration early in the boot phase, you can populate the /etc/inet/ipqosinit.conf file, which is then read from the svc:/network/initial:default service.
The following options are supported:
-a conf_file
-c
-f
-l
-L
In addition to the information that the -l option provides, the -L option provides filters and classes configured through other means than the iqposconf command. This option also provides the full set of filters that were created by ipqosconf by representing a multi-homed host in a configuration file
-s
-v
The -v option causes all messages to go to the console in addition to their normal destination. Messages intended to go to syslog, because the -s flag is set or because it is a log message, still go to syslog as well as the console.
The configuration file is composed of a format version and a succession of configuration (action) blocks. There are different configuration blocks for each type of action that is being configured.
The first line of the configuration file specifies the format version contained in the configuration file.
The following entry specifies the format version:
fmt_version x.x
where x.x is the format version. 1.0 is the only supported version.
Following the format version, are a succession of configuration (action) blocks that are different for each type of action being configured. A configuration block always has the following structure:
action {
name action_name
module module_name
params_clause | ""
cf_clauses } action_name ::= string module_name ::= ipgpc | dlcosmk | dscpmk | flowacct | tswtclmt |
tokenmt params_clause ::= params {
parameters
params_stats | ""
} parameters ::= prm_name_value parameters | "" prm_name_value ::= param_name param_value
The param_name and the types of param_value are specific to a given module.
params_stats ::= global_stats boolean cf_clauses ::= class_clause cf_clauses |
filter_clause cf_clauses | "" class_clause ::= class {
name class_name
next_action next_action_name
class_stats | ""
} class_name ::= string next_action_name ::= string class_stats ::= enable_stats boolean boolean ::= TRUE | FALSE filter_clause ::= filter {
name filter_name
class class_name
parameters
} filter_name ::= string
There must be exactly one configuration block belonging to module ipgpc. The action must be named ipgpc.classify. All other actions should be reachable from ipgpc by way of parameters of type action or the next_action of a class.
The set of types that are used for parameters of the different modules are:
action ::= string protocol ::= 1..255 port ::= 1..65535 uint8 ::= 0..255 uint32 ::= 0..4294967296 int32 ::= -2147483648..2147483648 address ::= <see the description section> ifname ::= <interface name recognized by SIOGLIFINDEX ioctl> enum ::= string | { string_list } boolean ::= TRUE | FALSE integer_array ::= { range_value_list } map_index ::= uint32 address ::= ip_address | ip_node_name user ::= uid | username uid ::= 0..65535 username ::= string string_list ::= string sl_entrys sl_entrys ::= ',' string sl_entrys | "" range_value_list ::= range_value_entry range_value_entrys range_value_entry ::= range ':' integer_array_value range ::= uint32 '-' uint32 integer_array_value ::= string | integer_array_number integer_array_number ::= uint8 | uint32 range_value_entrys ::= ';' range_value_entry range_value_entrys | "" ip_node_name ::= string ip_address ::= v4_address | v6_address v4_address ::= v4_ip_address / v4_cidr_mask | v4_ip_address v4_cidr_mask ::= 1-32 v6_address ::= v6_ip_address / v6_cidr_mask | v6_ip_address v6_cidr_mask ::= 1-128
METER module tokenmt configuration syntax:
red_action_name action yellow_action_name action green_action_name action committed_rate uint32 committed_burst uint32 peak_rate uint32 <if present this signifies that this will be a two rate meter, not
a single rate meter> peak_burst uint32 <this is the 'peak' burst size for a two rate meter, but
the 'excess' burst size for a single rate meter> color_aware boolean color_map integer_array global_stats boolean
METER module tswtclmt configuration syntax:
red_action_name action yellow_action_name action green_action_name action committed_rate uint32 peak_rate uint32 window uint32 global_stats boolean
MARKER module dscpmk configuration syntax:
next_action action dscp_map int_array dscp_detailed_stats boolean global_stats boolean
MARKER module dlcosmk configuration syntax:
next_action action cos map_index global_stats boolean
CLASSIFIER module ipgpc configuration syntax:
user user projid int32 if_name ifname direction enum {
LOCAL_IN,
LOCAL_OUT,
FWD_IN,
FWD_OUT} protocol protocol dsfield uint8 dsfield_mask uint8 saddr address daddr address sport port dport port priority uint32 precedence uint32 ip_version enum {
V4,
V6 } global_stats boolean
ACCOUNTING module flowacct configuration syntax:
next_action action timer uint32 timeout uint32 max_limit uint32
action
address
enum
ifname
integer_array
Specify range in the format x-y, where x and y are integers that denote the range of array indexes to which the value applies. The minimum value for both x and y is 0. The maximum value for x is particular to the parameter. Any array indexes not referred to in the set of ranges are left at their previous value.
map_index
The maximum value of this type is dictated by the number of entries in the associated maps. The index starts at 0.
port
protocol
string
user
The configuration file can contain the following parameters
color_aware
color_map
committed_burst
committed_rate
cos
daddr
direction
This parameter is of type enum with valid values of LOCAL_IN (local bound traffic), LOCAL_OUT (local sourced traffic), FWD_IN (forwarded traffic entering the system), and FWD_OUT (forwarded traffic exiting the system).
dport
dscp_detailed_stats
Specify TRUE to switch on or FALSE to switch off.
dscp_map
The existing value is used to index into the array where the new value is taken from. The array is of size 64, meaning valid indexes are 0-63 and valid values are also 0-63.
dsfield
dsfield_mask
global_stats
green_action_name
if_name
ip_version
If it is set to V4 only then only ipv4 addresses are requested for a specified hostname. If it is set to V6, only ipv6 addresses are returned if there are any, otherwise v4 mapped v6 addresses are returned. If both V4 and V6 are specified, or if ip_version is not specified, then both ipv4 and ipv6 addresses are requested for a specified hostname.
max_limit
next_action
This value can be either the name of an action defined in the configuration file, or one of the two special action types: drop and continue.
peak_burst
peak_rate
precedence
priority
projid
protocol
red_action_name
saddr
sport
timeout
timer
user
window
yellow_action_name
None.
Example 1 Sending All Traffic From eng to the AF 1 Class of Service
This example sends all traffic from eng to the AF 1 class of service. It is documented in four separate steps:
The following step creates a tokenmt action with three outcomes:
#meter for class 1. action {
name AF_CL1
module tokenmt
params{
committed_rate 64
committed_burst 75
peak_burst 150
global_stats TRUE
red_action_name drop
yellow_action_name markAF12
green_action_name markAF11
} }
The following step creates two dscpmk actions:
#class 1, low drop precedence. action {
name markAF11
module dscpmk
params{
dscp_map {0-63:28}
dscp_detailed_stats TRUE
global_stats TRUE
next_action acct1
} } #class 1, medium drop precedence. action {
name markAF12
module dscpmk
params {
dscp_map {0-63:30}
dscp_detailed_stats TRUE
global_stats TRUE
next_action acct1
} }
The following step creates an accounting action:
#billing for transmitted class 1 traffic. action {
name acct1
module flowacct
params {
timer 10
timeout 30
global_stats TRUE max_limit 1024 next_action continue
} }
The following step creates an ipgpc action:
#traffic from eng sent, traffic from ebay dropped. action {
name ipgpc.classify
module ipgpc
class {
name from_eng
enable_stats TRUE
next_action AF_CL1
}
class {
name from_ebay
enable_stats TRUE
next_action drop
}
filter {
name from_eng
saddr eng-subnet
class from_eng
}
filter {
name from_ebay
saddr ebay-subnet
class from_ebay
} }
/etc/inet/ipqosinit.conf
/etc/inet/ipqosconf.1.sample
/etc/inet/ipqosconf.2.sample
/etc/inet/ipqosconf.3.sample
See attributes(7) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
Interface Stability | Evolving |
syslog(3C), getipnodebyname(3SOCKET), getprotobyname(3SOCKET), getservbyname(3SOCKET), dlcosmk(4IPP), dscpmk(4IPP), flowacct(4IPP), ipgpc(4IPP), ipqos(4IPP), tokenmt(4IPP), tswtclmt(4IPP), attributes(7)
ipqosconf sends messages to syslog of facility user, severity notice when any changes are made to the IPQoS configuration.
Errors that occur during an ipqosconf operation send an error message to the console by default. For the application of a new configuration if the -s option is set then these messages are sent to syslog as facility user, severity error instead. If the -v option is present during an application then all error and change notification messages are sent to the console as well as their default destination.
March 10, 2023 | OmniOS |