The traffic scheduling feature allows you to mark traffic from different services and configure bandwidth throttling. This feature helps you manage bandwidth resources for inter-region connections and improves network performance.

Feature description

Overview

Traffic scheduling - overview

After you use Cloud Enterprise Network (CEN) to establish inter-region communication, traffic from different services, including video conferencing, voice communication, software as a service (SaaS), and file transmission, is transmitted over the inter-region connections. Different service traffic has different requirements for networks, as described in the following examples:

  • Video conferencing and voice communication require stable networks with low latency. Packet loss and network jitter lower the communication quality.
  • SaaS requires immediate response. Network congestion decreases user experience.
  • File transmission requires high network throughput but is insensitive to network performance issues, such as network latency and network jitter. Sufficient bandwidth resources are required if you want to maintain high network throughput.

The maximum bandwidth of a bandwidth plan that is shared by inter-region connections is a fixed value. As a result, different services may compete for bandwidth resources and some services may waste bandwidth resources. This decreases network performance. If file transmission consumes a large percentage of bandwidth resources, network latency during video conferences or voice communication increases. In some cases, network disconnections may occur. To prevent such issues, you can use the traffic scheduling feature to classify network traffic and allocate bandwidth resources to different services. This improves network quality and minimizes network resource waste.

How it works

How traffic scheduling works
Network traffic is scheduled based on traffic marking policies and quality of service (QoS) policies.
  1. Traffic marking policy

    A traffic marking policy captures network traffic based on traffic classification rules and marks the traffic with the Differentiated Services Code Point (DSCP) values that you specify.

  2. QoS policy

    A QoS policy schedules network traffic to different queues based on the DSCP values that you specify for the traffic marking policies. You can specify a maximum bandwidth value for each queue to prevent services from competing for bandwidth resources.

    Each QoS policy contains one default queue. The default queue is used to handle network traffic that fails to match traffic classification rules and network traffic that matches a traffic classification rule but is not scheduled to a queue. The default queue uses the remaining bandwidth resources that are not consumed by the inter-region connections. In each QoS policy, the sum of the bandwidth values of all queues cannot exceed that of the inter-region connections.

Limits

  • Only inter-region connections created on Enterprise Edition transit routers support the traffic scheduling feature.
  • Traffic scheduling applies only to outbound traffic on Enterprise Edition transit routers.

    If you create an inter-region connection between the China (Hangzhou) region and the China (Qingdao) region, and enable traffic scheduling for the transit router in the China (Hangzhou) region, traffic scheduling applies to the network traffic that flows from China (Hangzhou) to China (Qingdao). Traffic scheduling allocates bandwidth resources to different services. Traffic scheduling does not apply to the network traffic that flows from China (Qingdao) to China (Hangzhou).

    Important To ensure that services in both regions have sufficient bandwidth resources, we recommend that you create traffic marking policies and QoS policies for both inbound and outbound traffic.
  • The following table describes the resource quotas on the traffic scheduling feature.
    ResourceDefault quotaAdjustable
    The maximum number of traffic classification rules supported by a transit router500Not supported
    The maximum number of QoS queues supported by a QoS policy64Not supported

Configuration examples

QoS - configuration example

The preceding scenario is used as an example to describe how to configure traffic scheduling. An enterprise created a virtual private cloud (VPC) named VPC1 in the China (Hangzhou) region and another VPC named VPC2 in the China (Qingdao) region. The enterprise used Elastic Compute Service (ECS) to deploy an application named ECS01 in VPC1, and deployed services including file transmission and software as a service (SaaS) services in VPC2. VPC1 is connected to VPC2 through CEN and Enterprise Edition transit routers. However, users may experience high latency and transmission interruptions when they use the file transmission service and SaaS services that are deployed on ECS01 in VPC1. The enterprise found out that other services consumed a large percentage of bandwidth during file transmission over the inter-region connection. As a result, the file transmission and SaaS services do not have sufficient bandwidth resources.

The enterprise decides to use the traffic scheduling feature to regulate bandwidth allocation for the inter-region connection. Traffic scheduling allocates only a specified percentage of bandwidth resources to each service and ensures stable performance of inter-region communication. The following table describes the network settings and bandwidth resources allocated to different services.
ServiceService CIDR blockCIDR block for service communicationBandwidth (%)
File transmission172.16.10.0/24192.168.0.0/1630%
SaaS172.16.20.0/24192.168.0.0/1620%
Other services172.16.30.0/24192.168.0.0/1650%

Prerequisites

An inter-region connection is created by using CEN and Enterprise Edition transit routers. For more information, see Use Enterprise Edition transit routers to connect VPCs across regions and accounts.

Step 1: Create a traffic marking policy

A traffic marking policy captures network traffic based on traffic classification rules and marks the traffic with DSCP values.

  1. Log on to the CEN console.
  2. On the Instances page, click the ID of the CEN instance that you want to manage.
  3. On the Basic Settings > Transit Router tab, click the ID of the transit router on which the inter-region connection is created.
  4. On the details page of the transit router, click the Traffic Marking tab.
  5. On the Traffic Marking tab, click Create Traffic Marking Policy.
  6. On the Create Traffic Marking Policy page, set the following parameters and click OK.

    Basic Settings

    ParameterDescription
    Policy NameEnter a name for the traffic marking policy.
    Policy DescriptionEnter a description for the traffic marking policy.
    Routing Policy PriorityEnter a priority for the traffic marking policy.

    Valid values: 1 to 100. A smaller value indicates a higher priority.

    DSCPEnter a DSCP value that you want to add to the network traffic that matches the traffic classification rules.

    When you create a QoS policy, you can use the DSCP value to schedule network traffic to different queues.

    Valid values: 0 to 63. The DSCP value of each traffic marking policy set for a transit router must be unique.

    Manually create a traffic classification rule

    You can select Manual or Automatic to create a traffic classification rule. The following table describes the parameters that you need to set if you choose to manually create a traffic classification rule. Set Method to Add, and set the parameters as described in the following table.

    ParameterDescription
    6-tuple NameEnter a name for the traffic classification rule.
    ProtocolSelect a protocol to match data packets.

    Multiple protocols, such as HTTP, HTTPS, UDP, TCP, and SSH, are supported. The protocols in the console shall prevail.

    Source CIDR BlockEnter a source CIDR block to match data packets.

    The system matches the source IP addresses of packets against the specified source CIDR block. If you do not set this parameter, it indicates that all source IP addresses are considered a match.

    Source PortEnter a source port range to match data packets.

    The system matches the source ports of packets against the specified source port range. If you do not set this parameter, it indicates that all source ports are considered a match.

    Valid values: -1 and 1 to 65535. Formats:
    • 1/200: specifies ports that range from 1 to 200.
    • 80/80: specifies port 80.
    • -1/-1: specifies all ports.

      -1: an invalid value. Only -1/-1 is valid.

    Destination CIDR BlockEnter a destination CIDR block to match data packets.

    The system matches the destination IP addresses of packets against the specified destination CIDR block. If you do not set this parameter, it indicates that all destination IP addresses are considered a match.

    Destination PortEnter a destination port range to match data packets.

    The system matches the destination ports of packets against the specified destination port range. If you do not set this parameter, it indicates that all destination ports are considered a match.

    Valid values: -1 and 1 to 65535. Formats:
    • 1/200: specifies ports that range from 1 to 200.
    • 80/80: specifies port 80.
    • -1/-1: specifies all ports.

      -1: an invalid value. Only -1/-1 is valid.

    DSCPThe DSCP value used to match data packets.
    The system matches the DSCP value of each data packet against the specified DSCP value. If you do not set this parameter, it indicates that all DSCP values are considered a match.
    Important The DSCP value that you specify for this parameter indicates the DSCP value that packets carry before they are transmitted over the inter-region connection.

    For example, a data center uses CEN to access a VPC that is deployed in another region. If a DSCP value is specified for data packets from the data center, you can specify a DSCP value in the traffic marking policy to match data packets from the data center against the specified DSCP value. If no DSCP value is specified for data packets from the data center, you do not need to specify one in the traffic marking policy. In this case, all DSCP values are considered a match.

    DescriptionEnter a description for the traffic classification rule.

    Automatically generate a traffic classification rule

    You can select Manual or Automatic to create a traffic classification rule. The following table describes the parameters that you need to set if you choose to automatically generate a traffic classification rule.

    This method allows you to specify the CIDR block of a VPC as the source CIDR block or destination CIDR block. You only need to set the Source CIDR Block and Destination CIDR Block parameters and click Automatically Generate Rules. Then, the system automatically sets the Protocol, Source Port, Destination Port, and DSCP parameters.

    Set Method to Automatic, set the Rule Name, Source CIDR Block, and Destination CIDR Block parameters, and then click Automatically Generate Rules.

    Important
    • After you click Automatically Generate Rules, you must select the generated rule and click OK at the bottom of the page before the system can apply the generated rule. After you click Automatically Generate Rules, if you click OK without selecting the generated rule, the rule is not applied.
    • If you want to create more traffic classification rules, add the source and destination CIDR blocks to the Source CIDR Block and Destination CIDR Block parameters and click Automatically Generate Rules. Then, the system generates and lists all traffic classification rules based on the specified source and destination CIDR blocks. You can select the traffic classification rules that you want.
    • After you click Automatically Generate Rules, if you want to modify a traffic classification rule, you can modify the Rule Name, Source CIDR Block, and Destination CIDR Block parameters, click Automatically Generate Rules, and then select the rules that you want to apply.
    ParameterDescription
    Rule NameEnter a name for the traffic classification rule.
    Source CIDR BlockEnter source CIDR blocks for the traffic classification rule.

    Click Automatic on the right side of the editor, select one or more VPCs from the Source CIDR Block drop-down list, click the Rightwards arrow icon, and then click OK.

    Destination CIDR BlockEnter destination CIDR blocks for the traffic classification rule.

    Click Automatic on the right side of the editor, select one or more VPCs from the Destination CIDR Block drop-down list, click the Rightwards arrow icon, and then click OK.

    ProtocolThe Protocol, Source Port, Destination Port, and DSCP parameters are automatically set and cannot be modified. The following parameters are automatically set:
    • Protocol: matches all protocols by default.
    • Source Port: matches all ports by default.
    • Destination Port: matches all destination ports by default.
    • DSCP: matches all DSCP values by default.
    Source Port
    Destination Port
    DSCP
  7. Repeat Step 3 to Step 6 to create a traffic marking policy for the transit router in the peer region.
    In this example, a traffic marking policy is manually created for the China (Hangzhou) and China (Qingdao) regions. The following table describes the parameters.
    Note In the following table, N/A indicates that the parameter is ignored and the default match rule is applied.
    RegionChina (Hangzhou)China (Qingdao)
    ParameterTraffic Marking Policy 1Traffic Marking Policy 2Traffic Marking Policy 3Traffic Marking Policy 1Traffic Marking Policy 2Traffic Marking Policy 3
    Policy NameFileSaaSOtherFileSaaSOther
    Policy Priority5101551015
    DSCP5101551015
    Traffic classification rule
    ProtocolN/AHTTPHTTPSN/AHTTPHTTPS
    Source CIDR Block192.168.0.0/16192.168.0.0/16192.168.0.0/16172.16.10.0/24172.16.20.0/24172.16.30.0/24
    Source Port1/200N/A1/20025/2580/80443/443
    Destination CIDR Block172.16.10.0/24172.16.20.0/24172.16.30.0/24192.168.0.0/16192.168.0.0/16192.168.0.0/16
    Destination Port25/2580/80443/4431/200N/A1/200
    DSCP2530N/A2530N/A
    Traffic marking policyMatches packets that are from 192.168.0.0/16 and port 1 to port 200, are destined for 172.16.10.0/24 and port 25, and carry a DSCP value of 25. A DSCP value of 5 is added to such packets. Matches packets that use HTTP, are from 192.168.0.0/16, are destined for 172.16.20.0/24 and port 80, and carry a DSCP value of 30. A DSCP value of 10 is added to such packets. Matches packets that use HTTPS, are from 192.168.0.0/16 and port 1 to port 200, and are destined for 172.16.30.0/24 and port 443. A DSCP value of 15 is added to such packets. Matches packets that are from 172.16.10.0/24 and port 25, are destined for 192.168.0.0/16 and port 1 to port 200, and carry a DSCP value of 25. A DSCP value of 5 is added to such packets. Matches packets that use HTTP, are from 172.16.20.0/24 and port 80, are destined for 192.168.0.0/16, and carry a DSCP value of 30. A DSCP value of 10 is added to such packets. Matches packets that use HTTPS, are from 172.16.30.0/24 and port 443, and are destined for 192.168.0.0/16 and port 1 to port 200. A DSCP value of 15 is added to such packets.

Step 2: Create a QoS policy

Create queues based on the DSCP values, and specify a maximum bandwidth value for each queue.

  1. Log on to the CEN console.
  2. On the Instances page, click the ID of the CEN instance that you want to manage.
  3. On the Basic Settings > Transit Router tab, click the ID of the transit router on which the inter-region connection is created.
  4. On the details page of the transit router, click the Cross-region Connections tab.
  5. On the Cross-region Connections tab, find the inter-region connection that you want to manage and click Set in the QoS Policy column.
  6. On the Configure Cross-region QoS Policy page, set the following parameters and click OK.
    ParameterDescription
    Basic Settings
    Policy NameEnter a name for the QoS policy.
    Policy DescriptionEnter a description for the QoS policy.
    Cross-region ConnectionSelect the inter-region connection for which you want to apply the QoS policy.
    Queues
    Queue NameEnter a name for the queue.
    Queue DescriptionEnter a description for the queue.
    Matching DSCPEnter a DSCP value to match data packets.

    The DSCP value refers to the one that you want to add to data packets which match the traffic marking policy. The DSCP value is the same as the one specified for the DSCP parameter when you create the traffic marking policy. Data packets that match the specified DSCP value are scheduled to the current queue.

    You can specify multiple DSCP values for a queue. Separate DSCP values with commas (,).

    Bandwidth CapEnter the maximum bandwidth of the queue

    in percentage. A value of 30 specifies that the current queue can consume at most 30% of the total bandwidth of the inter-region connection.

    The sum of percentage values specified for all queues that belong to the same inter-region connection cannot exceed 100%.

  7. Repeat Step 3 to Step 6 to create a QoS policy for the transit router in the peer region.
    The following table describes the QoS policies created for the transit routers in the China (Hangzhou) and China (Qingdao) regions.
    RegionPolicy nameInter-region connectionsQueue
    Queue nameMatching DSCPBandwidth cap

    (in percentage: 30 specifies 30% of the total bandwidth of the inter-region connection)

    China (Hangzhou)QoS Policy-HZSelect the inter-region connection that connects the China (Hangzhou) region to the China (Qingdao) region.Queue-File530
    Queue-SaaS1020
    Queue-Other1550
    China (Qingdao)QoS Policy-QDQueue-File530
    Queue-SaaS1020
    Queue-Other1550

    After you complete the preceding steps, the QoS policies allocate bandwidth resources based on the maximum bandwidth value specified for each queue.

What to do next

Modify a traffic marking policy

After you create a traffic marking policy, you can modify the name and description of the policy, and add or delete traffic classification rules for the policy. You cannot modify the priority or DSCP values of the policy.

  1. Log on to the CEN console.
  2. On the Instances page, click the ID of the CEN instance that you want to manage.
  3. On the Basic Settings > Transit Router tab, click the ID of the transit router on which the inter-region connection is created.
  4. On the details page of the transit router, click the Traffic Marking tab, find the traffic marking policy that you want to manage, and then click Edit in the Actions column.
  5. In the Traffic Marking Policy Details panel, enter a name and description for the traffic marking policy and specify a traffic classification rule for the traffic marking policy.
    You can only add or delete, but cannot modify a traffic classification rule. If the settings of a traffic classification rule cannot meet your requirements, you can delete the rule and add a new one.

Delete a traffic marking policy

You must delete all the traffic classification rules before you can delete a traffic marking policy. The following steps show how to delete a traffic classification rule and a traffic marking policy.

  1. Log on to the CEN console.
  2. On the Instances page, click the ID of the CEN instance that you want to manage.
  3. On the Basic Settings > Transit Router tab, click the ID of the transit router on which the inter-region connection is created.
  4. On the details page of the transit router, click the Traffic Marking tab, find the traffic marking policy that you want to manage, and then click Edit in the Actions column.
  5. In the Traffic Marking Policy Details panel, find the Traffic Classification Rules section, find the traffic classification rule that you want to manage, and then click Delete in the Actions column. Then, click OK in the Delete Traffic Classification Rule message.
    Repeat the preceding steps to delete all traffic classification rules that you want to delete from the traffic marking policy.
  6. In the upper-right corner of the Traffic Marking Policy Details panel, click Delete. In the Delete Traffic Marking Policy message, click OK.

Modify a QoS policy

After you create a QoS policy, you can modify the name, description, and queue settings of the policy.

  1. Log on to the CEN console.
  2. On the Instances page, click the ID of the CEN instance that you want to manage.
  3. On the Basic Settings > Transit Router tab, click the ID of the transit router on which the inter-region connection is created.
  4. On the details page of the transit router, click the Cross-region Connections tab, find the inter-region connection that you want to manage, and then click details in the QoS Policy column.
  5. In the Cross-region QoS Policy Details panel, modify the name, description and queues as needed.

Delete a QoS policy

You must delete all the queues before you can delete a QoS policy. The following steps show how to delete a queue and a QoS policy.

  1. Log on to the CEN console.
  2. On the Instances page, click the ID of the CEN instance that you want to manage.
  3. On the Basic Settings > Transit Router tab, click the ID of the transit router on which the inter-region connection is created.
  4. On the details page of the transit router, click the Cross-region Connections tab, find the inter-region connection that you want to manage, and then click details in the QoS Policy column.
  5. In the Cross-region QoS Policy Details panel, find the queue that you want to manage in the Queues section, click Delete in the Actions column, and then click OK in the Delete Queue From QoS Policy message.
  6. In the upper-right corner of the Cross-region QoS Policy Details panel, click Delete. In the Delete QoS Policy message, click OK.

References

Traffic marking policy

QoS policy