Traffic Data - QOS Definition

QOS Definition define the matching conditions and Actions to configure QOS policy for Traffic data

Diagram

Classes

data_policy (sdwan.centralized_policies.definitions)

Name	Type	Constraint	Mandatory	Default Value
traffic_data	List	[traffic_data]	No

traffic_data (sdwan.centralized_policies.definitions.data_policy)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: ^[A-Za-z0-9\-_]{1,127}$	Yes
description	String		Yes
default_action_type	Choice	accept, drop	Yes
sequences	List	[sequences]	No

sequences (sdwan.centralized_policies.definitions.data_policy.traffic_data)

Name	Type	Constraint	Mandatory	Default Value
base_action	Choice	accept, drop	Yes
id	Integer	min: 1, max: 65534	Yes
name	String		Yes
ip_type	Choice	ipv4, ipv6, all	No	ipv4
type	Choice	custom, service_chaining, qos, application_firewall, traffic_engineering	No	custom
match_criterias	Class	[match_criterias]	No
actions	Class	[actions]	No

match_criterias (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences)

Name	Type	Constraint	Mandatory	Default Value
application_list	String	Regex: ^[A-Za-z0-9\-_]{1,32}$	No
dns_application_list	String	Regex: ^[A-Za-z0-9\-_]{1,32}$	No
dns	Choice	request, response	No
dscp	Integer	min: 0, max: 63	No
packet_length	Integer	min: 0, max: 65535	No
plp	Choice	low, high	No
protocols	List	Integer[min: 0, max: 255]	No
source_data_prefix_list	String	Regex: ^[A-Za-z0-9\-_]{1,32}$	No
source_data_prefix	String		No
source_ports	List	Integer[min: 0, max: 65535]	No
source_port_ranges	List	[source_port_ranges]	No
destination_data_prefix_list	String	Regex: ^[A-Za-z0-9\-_]{1,32}$	No
destination_data_prefix	String		No
destination_ports	List	Integer[min: 0, max: 65535]	No
destination_port_ranges	List	[destination_port_ranges]	No
tcp	Choice	syn	No
traffic_to	Choice	access, core, service	No
destination_region	Choice	primary-region, secondary-region, other-region	No

actions (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences)

Name	Type	Constraint	Mandatory	Default Value
counter_name	String	Regex: ^[A-Za-z0-9\-_]{1,20}$	No
log	Boolean	true, false	No
cflowd	Boolean	true, false	No
sig	Class	[sig]	No
redirect_dns	Class	[redirect_dns]	No
loss_correction	Class	[loss_correction]	No
nat_pool	Integer	min: 1, max: 31	No
nat_vpn	Class	[nat_vpn]	No
appqoe_optimization	Class	[appqoe_optimization]	No
dscp	Integer	min: 0, max: 63	No
forwarding_class	String	min: 1, max: 32	No
local_tloc_list	Class	[local_tloc_list]	No
next_hop	Class	[next_hop]	No
preferred_color_group	String	Regex: ^[A-Za-z0-9\-_]{1,32}$	No
policer_list	String	Regex: ^[A-Za-z0-9\-_]{1,32}$	No
service	Class	[service]	No
tloc	Class	[tloc]	No
tloc_list	String	Regex: ^[A-Za-z0-9\-_]{1,32}$	No
vpn	Integer	min: 0, max: 65530	No

source_port_ranges (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.match_criterias)

Name	Type	Constraint	Mandatory	Default Value
from	Integer	min: 0, max: 65535	Yes
to	Integer	min: 0, max: 65535	Yes

destination_port_ranges (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.match_criterias)

Name	Type	Constraint	Mandatory	Default Value
from	Integer	min: 0, max: 65535	Yes
to	Integer	min: 0, max: 65535	Yes

sig (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
enabled	Boolean	true, false	Yes
fallback_to_routing	Boolean	true, false	No

redirect_dns (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
type	Choice	host, umbrella, ipAddress	Yes
ip_address	IP		No

loss_correction (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
type	Choice	fecAdaptive, fecAlways, packetDuplication	Yes
loss_threshold_percentage	Integer	min: 1, max: 5	No

nat_vpn (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
vpn_id	Integer	min: 0, max: 65530	No
nat_vpn_fallback	Boolean	true, false	No

appqoe_optimization (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
tcp	Boolean	true, false	No
dre	Boolean	true, false	No
service_node_group	String		No

local_tloc_list (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
colors	List	Choice[default, mpls, metro-ethernet, biz-internet, public-internet, lte, 3g, red, green, blue, gold, silver, bronze, custom1, custom2, custom3, private1, private2, private3, private4, private5, private6]	Yes
encaps	List	Choice[ipsec, gre]	Yes
restrict	Boolean	true, false	No

next_hop (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
ip_address	IP		Yes
when_next_hop_is_not_available	Choice	route_table_entry	No

service (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
type	Choice	appqoe, FW, IDP, IDS, netsvc1, netsvc2, netsvc3, netsvc4, netsvc5	Yes
vpn	Integer	min: 0, max: 65530	No
tloc	Class	[tloc]	No
tloc_list	String	Regex: ^[A-Za-z0-9\-_]{1,32}$	No
local	Boolean	true, false	No
restrict	Boolean	true, false	No

tloc (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
ip	IP		Yes
color	Choice	default, mpls, metro-ethernet, biz-internet, public-internet, lte, 3g, red, green, blue, gold, silver, bronze, custom1, custom2, custom3, private1, private2, private3, private4, private5, private6	Yes
encap	Choice	ipsec, gre	Yes

Examples

Example-1: Prioritizing VoIP Traffic with DSCP Tagging and Forwarding Class Assignment.

A healthcare organization uses cloud-based VoIP applications for internal and patient-related communications. To ensure voice traffic always receives the highest quality of service (QoS), the organization wants to implement a centralized data policy that matches VoIP traffic based on DSCP marking and forwards it using a high-priority forwarding class.This is done by defining a traffic data policy that includes a sequence matching DSCP-marked packets for VoIP (e.g., EF = DSCP 46), and taking actions to assign a high-priority forwarding class (voice), along with enabling flow logging for troubleshooting and analytics.

The YAML defines a centralized data policy named Voice_Traffic_QoS, aimed at prioritizing voice traffic. It includes a description highlighting its QoS intent and sets the default action to drop to strictly filter unmatched traffic. Within the policy, a single sequence with ID 100 is defined, specifically targeting QoS handling. The match criteria focus on packets marked with DSCP value 46, typically used for VoIP. Upon a match, the policy triggers actions to enable logging, preserve the DSCP marking, and assign the traffic to the “voice” forwarding class, ensuring it receives low-latency, high-priority treatment across the network.

By deploying this configuration, the healthcare provider guarantees reliable VoIP performance, even during high network utilization, ensuring critical communication isn’t delayed or dropped.

sdwan:
  centralized_policies:
    definitions:
      data_policy:
        traffic_data:
          - name: Voice_Traffic_QoS
            description: "Ensure high priority treatment for VoIP traffic"
            default_action_type: drop
            sequences:
              - id: 100
                name: "Match_DSCP_EF_VoIP"
                base_action: accept
                ip_type: ipv4
                type: qos
                match_criterias:
                  dscp: 46
                actions:
                  log: true
                  dscp: 46
                  forwarding_class: "voice"