IPQOSCONF(8) Maintenance Commands and Procedures IPQOSCONF(8)
NAME
ipqosconf - configure the IPQoS facility
SYNOPSIS
/usr/sbin/ipqosconf /usr/sbin/ipqosconf -a conf_file [
-vs]
/usr/sbin/ipqosconf -c /usr/sbin/ipqosconf -f /usr/sbin/ipqosconf -l /usr/sbin/ipqosconf -LDESCRIPTION
The
ipqosconf utility configures the Quality of Service facility of
the Internet Protocol (
IP). Only superusers can use this command.
Without arguments,
ipqosconf displays the actual
IPQoS configuration.
Configuration is not preserved across reboot. You must apply the
configuration every time that the machine reboots. To apply the
configuration early in the boot phase, you can populate the
/etc/inet/ipqosinit.conf file, which is then read from the
svc:/network/initial:default service.
OPTIONS
The following options are supported:
-a conf_file Apply the configuration in
conf_file. If the
conf_file is
-,
ipqosconf reads from standard input.
-c Populate the boot file with the current
configuration.
-f Flush the configuration.
-l List the current applied configuration.
-L List the current configuration in verbose mode.
In addition to the information that the
-l option
provides, the
-L option provides filters and classes
configured through other means than the
iqposconf command. This option also provides the full set of
filters that were created by
ipqosconf by
representing a multi-homed host in a configuration
file
-s Log messages to
syslog during an
-a operation.
-v Toggle verbose mode during an
-a operation.
The
-v option causes all messages to go to the
console in addition to their normal destination.
Messages intended to go to
syslog, because the
-s flag is set or because it is a log message, still go
to
syslog as well as the console.
CONFIGURATION FILE
The configuration file is composed of a format version and a
succession of configuration (action) blocks. There are different
configuration blocks for each type of action that is being
configured.
Format Version
The first line of the configuration file specifies the format version
contained in the configuration file.
The following entry specifies the format version:
fmt_version
x.
x where
x.
x is the format version.
1.0 is the only supported version.
Configuration Blocks
Following the format version, are a succession of configuration
(action) blocks that are different for each type of action being
configured. A configuration block always has the following structure:
action {
name action_name
module module_name
params_clause | ""
cf_clauses
}
action_name ::= string
module_name ::= ipgpc | dlcosmk | dscpmk | flowacct | tswtclmt |
tokenmt
params_clause ::= params {
parameters
params_stats | ""
}
parameters ::= prm_name_value parameters | ""
prm_name_value ::=
param_name param_value Modules
The
param_name and the types of
param_value are specific to a given
module.
params_stats ::= global_stats boolean
cf_clauses ::= class_clause cf_clauses |
filter_clause cf_clauses | ""
class_clause ::= class {
name class_name
next_action next_action_name
class_stats | ""
}
class_name ::= string
next_action_name ::= string
class_stats ::= enable_stats boolean
boolean ::= TRUE | FALSE
filter_clause ::= filter {
name filter_name
class class_name
parameters
}
filter_name ::= string
There must be exactly one configuration block belonging to module
ipgpc. The action must be named
ipgpc.classify. All other actions
should be reachable from
ipgpc by way of parameters of type action or
the next_action of a class.
The set of types that are used for parameters of the different
modules are:
action ::= string
protocol ::= 1..255
port ::= 1..65535
uint8 ::= 0..255
uint32 ::= 0..4294967296
int32 ::= -2147483648..2147483648
address ::= <see the description section>
ifname ::= <interface name recognized by SIOGLIFINDEX ioctl>
enum ::= string | { string_list }
boolean ::= TRUE | FALSE
integer_array ::= { range_value_list }
map_index ::= uint32
address ::= ip_address | ip_node_name
user ::= uid | username
uid ::= 0..65535
username ::= string
string_list ::= string sl_entrys
sl_entrys ::= ',' string sl_entrys | ""
range_value_list ::= range_value_entry range_value_entrys
range_value_entry ::= range ':' integer_array_value
range ::= uint32 '-' uint32
integer_array_value ::= string | integer_array_number
integer_array_number ::= uint8 | uint32
range_value_entrys ::= ';' range_value_entry range_value_entrys | ""
ip_node_name ::= string
ip_address ::= v4_address | v6_address
v4_address ::= v4_ip_address / v4_cidr_mask |
v4_ip_address
v4_cidr_mask ::= 1-32
v6_address ::= v6_ip_address / v6_cidr_mask |
v6_ip_address
v6_cidr_mask ::= 1-128
METER module tokenmt configuration syntax:
red_action_name action
yellow_action_name action
green_action_name action
committed_rate uint32
committed_burst uint32
peak_rate uint32
<if present this signifies that this will be a two rate meter, not
a single rate meter>
peak_burst uint32
<this is the 'peak' burst size for a two rate meter, but
the 'excess' burst size for a single rate meter>
color_aware boolean
color_map integer_array
global_stats boolean
METER module tswtclmt configuration syntax:
red_action_name action
yellow_action_name action
green_action_name action
committed_rate uint32
peak_rate uint32
window uint32
global_stats boolean
MARKER module dscpmk configuration syntax:
next_action action
dscp_map int_array
dscp_detailed_stats boolean
global_stats boolean
MARKER module dlcosmk configuration syntax:
next_action action
cos map_index
global_stats boolean
CLASSIFIER module ipgpc configuration syntax:
user user
projid int32
if_name ifname
direction enum {
LOCAL_IN,
LOCAL_OUT,
FWD_IN,
FWD_OUT}
protocol protocol
dsfield uint8
dsfield_mask uint8
saddr address
daddr address
sport port
dport port
priority uint32
precedence uint32
ip_version enum {
V4,
V6 }
global_stats boolean
ACCOUNTING module flowacct configuration syntax:
next_action action
timer uint32
timeout uint32
max_limit uint32
Types
action A string of characters with a matching action
definition. The character string can be up to twenty
three characters in length. To allow for spaces the
string needs to be enclosed in quotes and cannot
span lines. Two special actions are pre-defined and
can not have an explicit action definition. The two
pre-defined actions are
continue and
drop. continue
causes the packet that is passed to it to continue
normal processing.
drop causes the packet that is
passed to it to be dropped.
address A machine name or address recognized by
getipnodebyname(3SOCKET). If a machine name is
specified, and
ip_version has been defined, the
query is done using that address family. If a
machine name is not specified and
ip_version has not
been defined, the query is done using the
AI_DEFAULT flag to
getipnodebyname()(
..AF_INET6..).
CIDR address masks following an IP address are allowed.
Specify the
CIDR address masks as
1-
32 (for
v4) or
1-
128 (for
v6).
CIDR addresses are disallowed for
node names.
enum Either one of the supported values or comma
delimited list of support values, enclosed in curly
braces.
ifname A non-
NULL, existing interface name recognized by
the
SIOGLIFINDEX socket ioctl.
integer_array A comma delimited set of
range/
value pairs, enclosed
in curly braces.
Specify
range in the format
x-
y, where
x and
y are
integers that denote the range of array indexes to
which the value applies. The minimum value for both
x and
y is
0. The maximum value for
x is particular
to the parameter. Any array indexes not referred to
in the set of ranges are left at their previous
value.
map_index A non-negative integer used as an index into any
maps associated with a parameter of this type.
The maximum value of this type is dictated by the
number of entries in the associated maps. The index
starts at
0.
port Either a service name recognized by
getservbyname(3SOCKET) or an integer
1-
65535.
protocol Either a protocol name recognized by
getprotobyname(3SOCKET) or an integer
1-
255.
string A character string. Enclose
string in quotes.
string cannot span multiple lines.
user Either a valid user ID or username for the system
that is being configured.
Parameters
The configuration file can contain the following parameters
color_aware A value of
TRUE or
FALSE, indicating whether
or not the configured action takes account of
the previous packet coloring when classifying.
color_map An integer array that defines which values of
the
dscp field correspond with which colors
for when the
color_aware parameter is set to
TRUE.
committed_burst The committed burst size in bits.
committed_rate The committed rate in bits per second.
cos The value used to determine the underlying
driver level priority applied to the packet
which is defined in
802.1D.
daddr The destination address of the datagram.
direction The value used to build a filter matching only
part of the traffic.
This parameter is of type
enum with valid
values of
LOCAL_IN (local bound traffic),
LOCAL_OUT (local sourced traffic),
FWD_IN (forwarded traffic entering the system), and
FWD_OUT (forwarded traffic exiting the
system).
dport The destination port of the datagram.
dscp_detailed_stats A value of
TRUE or
FALSE that determines
whether detailed statistics are switched on
for this
dscp action.
Specify
TRUE to switch on or
FALSE to switch
off.
dscp_map The
integer_array that supplies the values
that IP packets with a given
dscp value have
their dscp re-marked with.
The existing value is used to index into the
array where the new value is taken from. The
array is of size
64, meaning valid indexes are
0-
63 and valid values are also
0-
63.
dsfield The
DS field of the
IP datagram header. This
is an 8-bit value, with each bit position
corresponding with the same one in the header;
this enables matches to be done on the CU
bits. If you specify this parameter, you must
also specify the
dsfield_mask parameter.
dsfield_mask The mask applied to the
dsfield parameter to
determine the bits against which to match.
This is an 8-bit value, with each bit position
corresponding with the same one in the
dsfield parameter.
global_stats A value of
TRUE or
FALSE to enable or disable
the statistic collection for this action.
green_action_name The action to be executed for packets that are
deemed to be green.
if_name The name of an interface recognized by the
SIOGLIFINDEX ioctl. This parameter is of type
ifname.
ip_version This parameter is of type
enum and has valid
values of
V4 and
V6.
If it is set to
V4 only then only
ipv4 addresses are requested for a specified
hostname. If it is set to
V6, only
ipv6 addresses are returned if there are any,
otherwise
v4 mapped
v6 addresses are returned.
If both
V4 and
V6 are specified, or if
ip_version is not specified, then both
ipv4 and
ipv6 addresses are requested for a
specified hostname.
max_limit The maximum number of flow entries present at
one time in the
flowacct actions in the memory
resident table.
next_action The action to be executed when the current
action is complete.
This value can be either the name of an action
defined in the configuration file, or one of
the two special action types:
drop and
continue.
peak_burst The peak burst size, for a two rate meter, or
excess burst size, for a single rate meter, in
bits.
peak_rate The peak rate in bits per second.
precedence An integer that is used to order filters. If
there are two matching filters that have the
same priority value, the one with the lower
precedence value is the one matched. This
parameter should be used because the order of
the filters in a configuration file has no
influence on their relative precedence.
priority An integer that represents the relative
priority of a filter. If there are two
matching filters, the one with the higher
priority value is the one matched. Multiple
filters can have the same priority.
projid The project ID of the process sending the
data. This value is always
-1 for received
traffic.
protocol The Upper Layer Protocol against which this
entry is matched.
red_action_name The action to be executed for packets that are
determined to be red.
saddr The source address of the datagram.
sport The source port of the datagram.
timeout The timeout in milliseconds after which flows
are written to the accounting file.
timer The period in milliseconds at which timed-out
flows are checked for.
user The user ID or username of the process sending
the data. This value is always
-1 for received
traffic.
window The window size in ms.
yellow_action_name The action to be executed for packets that are
determined to be yellow.
SECURITY
None.
EXAMPLES
Example 1: Sending All Traffic From eng to the AF 1 Class of Service
This example sends all traffic from
eng to the
AF 1 class of service.
It is documented in four separate steps:
The following step creates a
tokenmt action with three outcomes:
#meter for class 1.
action {
name AF_CL1
module tokenmt
params{
committed_rate 64
committed_burst 75
peak_burst 150
global_stats TRUE
red_action_name drop
yellow_action_name markAF12
green_action_name markAF11
}
}
The following step creates two
dscpmk actions:
#class 1, low drop precedence.
action {
name markAF11
module dscpmk
params{
dscp_map {0-63:28}
dscp_detailed_stats TRUE
global_stats TRUE
next_action acct1
}
}
#class 1, medium drop precedence.
action {
name markAF12
module dscpmk
params {
dscp_map {0-63:30}
dscp_detailed_stats TRUE
global_stats TRUE
next_action acct1
}
}
The following step creates an accounting action:
#billing for transmitted class 1 traffic.
action {
name acct1
module flowacct
params {
timer 10
timeout 30
global_stats TRUE
max_limit 1024
next_action continue
}
}
The following step creates an
ipgpc action:
#traffic from eng sent, traffic from ebay dropped.
action {
name ipgpc.classify
module ipgpc
class {
name from_eng
enable_stats TRUE
next_action AF_CL1
}
class {
name from_ebay
enable_stats TRUE
next_action drop
}
filter {
name from_eng
saddr eng-subnet
class from_eng
}
filter {
name from_ebay
saddr ebay-subnet
class from_ebay
}
}
FILES
/etc/inet/ipqosinit.conf Contains the
IPQoS configuration loaded at boot time. If this
file exists, it is read from the
network/initial:default service.
/etc/inet/ipqosconf.1.sample Sample configuration file for an application server
/etc/inet/ipqosconf.2.sample Sample configuration file that meters the traffic for a specified
application
/etc/inet/ipqosconf.3.sample Sample configuration file that marks the ethernet headers of web
traffic with a given user priority
ATTRIBUTES
See
attributes(7) for descriptions of the following attributes:
+--------------------+-----------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+--------------------+-----------------+
|Interface Stability | Evolving |
+--------------------+-----------------+
SEE ALSO
syslog(3C),
getipnodebyname(3SOCKET),
getprotobyname(3SOCKET),
getservbyname(3SOCKET),
dlcosmk(4IPP),
dscpmk(4IPP),
flowacct(4IPP),
ipgpc(4IPP),
ipqos(4IPP),
tokenmt(4IPP),
tswtclmt(4IPP),
attributes(7)DIAGNOSTICS
ipqosconf sends messages to
syslog of facility user, severity notice
when any changes are made to the
IPQoS configuration.
Errors that occur during an
ipqosconf operation send an error message
to the console by default. For the application of a new configuration
if the
-s option is set then these messages are sent to
syslog as
facility user, severity error instead. If the
-v option is present
during an application then all error and change notification messages
are sent to the console as well as their default destination.
March 10, 2023 IPQOSCONF(8)
