Creates a traffic marking policy.

Usage notes

Only Enterprise Edition transit routers support traffic marking policies.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes CreateTrafficMarkingPolicy

The operation that you want to perform. Set the value to CreateTrafficMarkingPolicy.

ClientToken String No 123e4567-e89b-12d3-a456-426****

The client token that is used to ensure the idempotence of the request.

You can use the client to generate the value, but you must make sure that the value is unique among different requests. The token can contain only ASCII characters and cannot exceed 64 characters in length.

DryRun Boolean No false

Specifies whether to check the request without performing the operation. Valid values:

  • true: checks the request but does not perform the operation. The system checks whether the required parameters are set, whether the formats of the values are valid, and the service limits. If the request fails the check, an error message is returned. If the request passes the check, the DryRunOperation error code is returned.
  • false (default): checks the request. If the request passes the check, the traffic marking policy is created.
TransitRouterId String Yes tr-8vbuqeo5h5pu3m01d****

The ID of the transit router.

TrafficMarkingPolicyName String No nametest

The name of the traffic marking policy.

The name must be 2 to 128 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). The name must start with a letter.

TrafficMarkingPolicyDescription String No desctest

The description of the traffic marking policy.

The description must be 2 to 128 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). The description must start with a letter.

Priority Integer Yes 5

The priority value of the traffic marking policy. Valid values: 1 to 100.

The priority value of each traffic marking policy in a transit router must be unique. A smaller value specifies a higher priority.

MarkingDscp Integer Yes 5

The differentiated services code point (DSCP) value to be added to packets that match the traffic classification rule. Valid values: 0 to 63.

The DSCP value of each traffic marking policy in a transit router must be unique.

TrafficMatchRules.N.MatchDscp Integer No 6

The DSCP value that is used to match packets. Valid values: 0 to 63.

The traffic classification rule matches the packets that contain the specified DSCP value. If you do not set this parameter, packets with all DSCP values are matched.

Note The DSCP value that you specify for this parameter is the DSCP value that packets carry before they are transmitted over the inter-region connection.

You can create up to 50 traffic classification rules at a time. You can specify a DSCP value for each traffic classification rule.

TrafficMatchRules.N.DstCidr String No 10.10.10.0/24

The destination CIDR block that is used to match packets.

The traffic classification rule matches the packets whose destination IP addresses fall within the specified destination CIDR block. If you do not set this parameter, packets with all destination IP addresses are matched.

You can create up to 50 traffic classification rules at a time. You can specify a destination CIDR block for each traffic classification rule.

TrafficMatchRules.N.TrafficMatchRuleDescription String No desctest

The description of the traffic classification rule.

You can create up to 50 traffic classification rules at a time. You can specify a description for each traffic classification rule.

The description must be 2 to 128 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). The description must start with a letter.

TrafficMatchRules.N.Protocol String No HTTP

The protocol that is used to match packets.

Valid values: HTTP, HTTPS, TCP, UDP, SSH, and Telnet. For more information, log on to the CEN console.

You can create up to 50 traffic classification rules at a time. You can specify a protocol for each traffic classification rule.

TrafficMatchRules.N.DstPortRange.N Integer No 80

The destination port range that is used to match packets. Valid values: -1 and 1 to 65535.

The traffic classification rule matches the packets whose destination ports fall within the destination port range. If you do not set this parameter, packets with all destination ports are matched.

You can enter up to two port numbers. Take note of the following rules:

  • If you enter only one port number such as 1, the system matches the packets whose destination port is 1.
  • If you enter two port numbers such as 1 and 200, the system matches the packets whose destination ports fall within 1 to 200.
  • If you enter two port numbers and one of them is -1, the other port number must also be -1. In this case, packets with all destination ports are matched.

You can create up to 50 traffic classification rules at a time. You can specify a destination port range for each traffic classification rule.

TrafficMatchRules.N.SrcCidr String No 192.168.10.0/24

The source CIDR block that is used to match packets.

The traffic classification rule matches the packets whose source IP addresses fall within the specified source CIDR block. If you do not set this parameter, packets with all source IP addresses are matched.

You can create up to 50 traffic classification rules at a time. You can specify a source CIDR block for each traffic classification rule.

TrafficMatchRules.N.SrcPortRange.N Integer No 1

The source port range that is used to match packets. Valid values: -1 and 1 to 65535.

The traffic classification rule matches the packets whose source ports fall within the source port range. If you do not set this parameter, packets with all source ports are matched.

You can enter up to two port numbers. Take note of the following rules:

  • If you enter only one port number such as 1, the system matches the packets whose source port is 1.
  • If you enter two port numbers such as 1 and 200, the system matches the packets whose source ports fall within 1 to 200.
  • If you enter two port numbers and one of them is -1, the other port number must also be -1. In this case, packets with all source ports are matched.

You can create up to 50 traffic classification rules at a time. You can specify a source port range for each traffic classification rule.

TrafficMatchRules.N.TrafficMatchRuleName String No nametest

The name of the traffic classification rule.

You can create up to 50 traffic classification rules at a time. You can specify a name for each traffic classification rule.

The name must be 2 to 128 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). The name must start with a letter.

Response parameters

Parameter Type Example Description
TrafficMarkingPolicyId String tm-u9nxup5kww5po8****

The ID of the traffic marking policy.

RequestId String 0876E54E-3E36-5C31-89F0-9EE8A9266F9A

The ID of the request.

Examples

Sample requests

http(s)://[Endpoint]/?Action=CreateTrafficMarkingPolicy
&ClientToken=123e4567-e89b-12d3-a456-426****
&DryRun=false
&TransitRouterId=tr-8vbuqeo5h5pu3m01d****
&TrafficMarkingPolicyName=nametest
&TrafficMarkingPolicyDescription=desctest
&Priority=5
&MarkingDscp=5
&TrafficMatchRules=[{"MatchDscp":6,"DstCidr":"10.10.10.0/24","TrafficMatchRuleDescription":"desctest","Protocol":"HTTP","DstPortRange":[80],"SrcCidr":"192.168.10.0/24","SrcPortRange":[1],"TrafficMatchRuleName":"nametest"}]
&Common request parameters

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<CreateTrafficMarkingPolicyResponse>
    <TrafficMarkingPolicyId>tm-u9nxup5kww5po8****</TrafficMarkingPolicyId>
    <RequestId>0876E54E-3E36-5C31-89F0-9EE8A9266F9A</RequestId>
</CreateTrafficMarkingPolicyResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "TrafficMarkingPolicyId" : "tm-u9nxup5kww5po8****",
  "RequestId" : "0876E54E-3E36-5C31-89F0-9EE8A9266F9A"
}

Error code

HttpCode Error code Error message Description
400 InvalidTransitRouterId.NotFound TransitRouterId is not found. The error message returned because the ID of the transit router is invalid.

For a list of error codes, visit the API Error Center.