Creates a traffic marking policy.

Usage notes

  • Only Enterprise Edition transit routers support traffic marking policies.
  • CreateTrafficMarkingPolicy is an asynchronous operation. After you send a request, the system returns the traffic marking policy ID but the operation is still being performed in the system background. You can call ListTrafficMarkingPolicies to query the status of a traffic marking policy.
    • If a traffic marking policy is in the Creating state, the traffic marking policy is being created. You can query the traffic marking policy but cannot perform other operations.
    • If a traffic marking policy is in the Active state, the traffic marking policy is created.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes CreateTrafficMarkingPolicy

The operation that you want to perform. Set the value to CreateTrafficMarkingPolicy.

ClientToken String No 123e4567-e89b-12d3-a456-426****

The client token that is used to ensure the idempotence of the request.

You can use the client to generate the value, but you must make sure that it is unique among different requests. ClientToken can contain only ASCII characters.

Note If you do not set this parameter, ClientToken is set to the value of RequestId. The value of RequestId may be different for each API request.
DryRun Boolean No false

Specifies whether only to precheck the request. Valid values:

  • true: checks the request but does not create the traffic marking policy. The system checks the required parameters, the request format, and the service limits. If the request fails to pass the precheck, an error message is returned. If the request passes the precheck, the DryRunOperation error code is returned.
  • false (default): sends the request. If the request passes the check, the traffic marking policy is created.
TransitRouterId String Yes tr-8vbuqeo5h5pu3m01d****

The ID of the transit router.

TrafficMarkingPolicyName String No nametest

The name of the traffic marking policy.

The name must be 2 to 128 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). The name must start with a letter.

TrafficMarkingPolicyDescription String No desctest

The description of the traffic marking policy.

The description must be 2 to 128 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). The description must start with a letter.

Priority Integer Yes 5

The priority of the traffic marking policy. Valid values: 1 to 100.

The priority value of each traffic marking policy on a transit router must be unique. A smaller value indicates a higher priority.

MarkingDscp Integer Yes 5

The differentiated services code point (DSCP) value to be added to packets that match the traffic classification rule. Valid values: 0 to 63.

The DSCP value of each traffic marking policy on a transit router must be unique.

TrafficMatchRules.N.MatchDscp Integer No 6

The DSCP value that is used to match packets. Valid values: 0 to 63.

The traffic classification rule matches the packets that contain the specified DSCP value. If you do not set this parameter, packets are considered a match regardless of the DSCP value.

Note The DSCP value that you specify for this parameter is the DSCP value that packets carry before they are transmitted over the inter-region connection.

You can create up to 50 traffic classification rules at a time. You can specify a DSCP value for each traffic classification rule.

TrafficMatchRules.N.DstCidr String No 10.10.10.0/24

The destination CIDR block that is used to match packets.

The traffic classification rule matches the packets whose destination IP addresses fall within the specified destination CIDR block. If you do not set this parameter, packets are considered a match regardless of the DSCP value.

You can create up to 50 traffic classification rules at a time. You can specify a destination CIDR block for each traffic classification rule.

TrafficMatchRules.N.TrafficMatchRuleDescription String No desctest

The description of the traffic classification rule.

You can create up to 50 traffic classification rules at a time. You can specify a description for each traffic classification rule.

The description must be 2 to 128 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). The description must start with a letter.

TrafficMatchRules.N.Protocol String No HTTP

The protocol that is used to match packets.

Valid values: HTTP, HTTPS, TCP, UDP, SSH, and Telnet. For more information, log on to the CEN console.

You can create up to 50 traffic classification rules at a time. You can specify a protocol for each traffic classification rule.

TrafficMatchRules.N.DstPortRange.N Integer No 80

The destination port range that is used to match packets. Valid values: -1 and 1 to 65535.

The traffic classification rule matches the packets whose destination ports fall within the destination port range. If you do not set this parameter, packets are considered a match regardless of the DSCP value.

You can enter up to two port numbers. Take note of the following rules:

  • If you enter only one port number such as 1, the system matches the packets whose destination port is 1.
  • If you enter two port numbers such as 1 and 200, the system matches the packets whose destination ports fall within 1 to 200.
  • If you enter two port numbers and one of them is -1, the other port number must also be -1. In this case, packets with all destination ports are matched.

You can create up to 50 traffic classification rules at a time. You can specify a destination port range for each traffic classification rule.

TrafficMatchRules.N.SrcCidr String No 192.168.10.0/24

The source CIDR block that is used to match packets.

The traffic classification rule matches the packets whose source IP addresses fall within the specified source CIDR block. If you do not set this parameter, packets are considered a match regardless of the source IP address.

You can create up to 50 traffic classification rules at a time. You can specify a source CIDR block for each traffic classification rule.

TrafficMatchRules.N.SrcPortRange.N Integer No 1

The source port range that is used to match packets. Valid values: -1 and 1 to 65535.

The traffic classification rule matches the packets whose source ports fall within the source port range. If you do not set this parameter, packets are considered a match regardless of the source port.

You can enter up to two port numbers. Take note of the following rules:

  • If you enter only one port number such as 1, the system matches the packets whose source port is 1.
  • If you enter two port numbers such as 1 and 200, the system matches the packets whose source ports fall within 1 to 200.
  • If you enter two port numbers and one of them is -1, the other port number must also be -1. In this case, packets with all source ports are matched.

You can create up to 50 traffic classification rules at a time. You can specify a source port range for each traffic classification rule.

TrafficMatchRules.N.TrafficMatchRuleName String No nametest

The name of the traffic classification rule.

You can create up to 50 traffic classification rules at a time. You can specify a name for each traffic classification rule.

The name must be 2 to 128 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). The name must start with a letter.

Response parameters

Parameter Type Example Description
TrafficMarkingPolicyId String tm-u9nxup5kww5po8****

The ID of the traffic marking policy.

RequestId String 0876E54E-3E36-5C31-89F0-9EE8A9266F9A

The ID of the request.

Examples

Sample requests

http(s)://[Endpoint]/?Action=CreateTrafficMarkingPolicy
&ClientToken=123e4567-e89b-12d3-a456-426****
&DryRun=false
&TransitRouterId=tr-8vbuqeo5h5pu3m01d****
&TrafficMarkingPolicyName=nametest
&TrafficMarkingPolicyDescription=desctest
&Priority=5
&MarkingDscp=5
&TrafficMatchRules=[{"MatchDscp":6,"DstCidr":"10.10.10.0/24","TrafficMatchRuleDescription":"desctest","Protocol":"HTTP","DstPortRange":[80],"SrcCidr":"192.168.10.0/24","SrcPortRange":[1],"TrafficMatchRuleName":"nametest"}]
&Common request parameters

Sample success responses

XML format 

HTTP/1.1 200 OK
Content-Type:application/xml

<CreateTrafficMarkingPolicyResponse>
    <TrafficMarkingPolicyId>tm-u9nxup5kww5po8****</TrafficMarkingPolicyId>
    <RequestId>0876E54E-3E36-5C31-89F0-9EE8A9266F9A</RequestId>
</CreateTrafficMarkingPolicyResponse>

JSON format 

HTTP/1.1 200 OK
Content-Type:application/json

{
  "TrafficMarkingPolicyId" : "tm-u9nxup5kww5po8****",
  "RequestId" : "0876E54E-3E36-5C31-89F0-9EE8A9266F9A"
}

Error codes

HttpCode Error code Error message Description
400 InvalidTransitRouterId.NotFound TransitRouterId is not found. The error message returned because the ID of the transit router is invalid.

For a list of error codes, visit the API Error Center.