Configuring User-Defined Traffic Classes
These commands are available to configure custom CPU classes that are added to the default list (shown in previous section) in order to address special user requirements:
To add a CPU class, use the command:
CLI (network-admin@switch) > cpu-class-create
name |
Specify a name for the CPU class. |
scope local|fabric |
Specify the scope as local or fabric. |
rate-limit rate-limit-number |
Specify the cap for the rate limit. |
hog-protect disable|enable|enable-and-drop |
Specify if you want to enable, enable and drop packets, or disable hog protection. |
The cpu-class-create command can be used to allocate new CPU traffic queues for special cases that are identified by user-configurable policies.
For instance, when the culprit of a high CPU utilization issue is being investigated in connection with an errant traffic flow (e.g., FTP), the Arista TAC team may recommend configuring a user-defined traffic class with an associated policy to protect the CPU.
In this example a new class TAC-class is created and associated to a rate of 100 pps and automatically allocated to free queue 40:
CLI (network-admin@switch) > cpu-class-create name TAC-class scope local rate-limit 100
CLI (network-admin@switch) > cpu-class-show name TAC-class
name scope rate-limit hog-protect hog-protect-support queue
------- ----- ---------- ----------- ------------------- -----
TAC-class local 100 disable none 40
TAC also requests to create/modify a vFlow policy to direct FTP packets to the new CPU class (TAC-class) queue. vFlow match criteria can be freely chosen to match the specific rate limiting need of the user provided they include a to-cpu or copy-to-cpu action for packets:
CLI (network-admin@switch) > vflow-create name myflow scope local in-port 10 proto ftp action to-cpu cpu-class TAC-class
CLI (network-admin@switch) > vflow-show
name scope type in-port burst-size precedence action enable cpu-class
------ ----- ----- ------- ---------- ---------- ------ ------ ---------
myflow local vflow 10 auto default to-cpu enable TAC-class
Note: CPTP’s vFlow match criteria can be freely chosen to match the specific rate limiting need of the user provided they include a to-cpu or copy-to-cpu action for packets.
After issue resolution, the user can delete a previously created custom CPU class if no longer needed:
CLI (network-admin@switch) > cpu-class-delete
name |
Specify the name of the CPU class to delete. |
Or you can modify the CPU class after creating it:
CLI (network-admin@switch) > cpu-class-modify
name |
Specify the name of the CPU class. |
rate-limit rate-limit-number |
Specify the cap for the rate limit. |
hog-protect disable|enable|enable-and-drop |
Specify if you want to enable, enable and drop packets, or disable hog protection. |
Note: You cannot modify the scope of the CPU class. If you want to change the scope, you must delete the existing CPU class and create a new CPU class with the correct scope.