QOS Definition define the matching conditions and Actions to configure QOS policy for Traffic data
Diagram Classes data_policy (sdwan.centralized_policies.definitions) Name Type Constraint Mandatory Default Value traffic_data List [traffic_data]
No
traffic_data (sdwan.centralized_policies.definitions.data_policy) Name Type Constraint Mandatory Default Value name String Regex: ^[A-Za-z0-9\-_]{1,127}$
Yes description String Yes default_action_type Choice accept
, drop
Yes sequences List [sequences]
No
sequences (sdwan.centralized_policies.definitions.data_policy.traffic_data) Name Type Constraint Mandatory Default Value base_action Choice accept
, drop
Yes id Integer min: 1
, max: 65534
Yes name String Yes ip_type Choice ipv4
, ipv6
, all
No ipv4
type Choice custom
, service_chaining
, qos
, application_firewall
, traffic_engineering
No custom
match_criterias Class [match_criterias]
No actions Class [actions]
No
match_criterias (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences) Name Type Constraint Mandatory Default Value application_list String Regex: ^[A-Za-z0-9\-_]{1,32}$
No dns_application_list String Regex: ^[A-Za-z0-9\-_]{1,32}$
No dns Choice request
, response
No dscp Integer min: 0
, max: 63
No packet_length Integer min: 0
, max: 65535
No plp Choice low
, high
No protocols List Integer[min: 0
, max: 255
] No source_data_prefix_list String Regex: ^[A-Za-z0-9\-_]{1,32}$
No source_data_prefix String No source_ports List Integer[min: 0
, max: 65535
] No source_port_ranges List [source_port_ranges]
No destination_data_prefix_list String Regex: ^[A-Za-z0-9\-_]{1,32}$
No destination_data_prefix String No destination_ports List Integer[min: 0
, max: 65535
] No destination_port_ranges List [destination_port_ranges]
No tcp Choice syn
No traffic_to Choice access
, core
, service
No destination_region Choice primary-region
, secondary-region
, other-region
No
actions (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences) Name Type Constraint Mandatory Default Value counter_name String Regex: ^[A-Za-z0-9\-_]{1,20}$
No log Boolean true
, false
No cflowd Boolean true
, false
No sig Class [sig]
No redirect_dns Class [redirect_dns]
No loss_correction Class [loss_correction]
No nat_pool Integer min: 1
, max: 31
No nat_vpn Class [nat_vpn]
No appqoe_optimization Class [appqoe_optimization]
No dscp Integer min: 0
, max: 63
No forwarding_class String min: 1
, max: 32
No local_tloc_list Class [local_tloc_list]
No next_hop Class [next_hop]
No preferred_color_group String Regex: ^[A-Za-z0-9\-_]{1,32}$
No policer_list String Regex: ^[A-Za-z0-9\-_]{1,32}$
No service Class [service]
No tloc Class [tloc]
No tloc_list String Regex: ^[A-Za-z0-9\-_]{1,32}$
No vpn Integer min: 0
, max: 65530
No
source_port_ranges (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.match_criterias) Name Type Constraint Mandatory Default Value from Integer min: 0
, max: 65535
Yes to Integer min: 0
, max: 65535
Yes
destination_port_ranges (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.match_criterias) Name Type Constraint Mandatory Default Value from Integer min: 0
, max: 65535
Yes to Integer min: 0
, max: 65535
Yes
sig (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions) Name Type Constraint Mandatory Default Value enabled Boolean true
, false
Yes fallback_to_routing Boolean true
, false
No
redirect_dns (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions) Name Type Constraint Mandatory Default Value type Choice host
, umbrella
, ipAddress
Yes ip_address IP No
loss_correction (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions) Name Type Constraint Mandatory Default Value type Choice fecAdaptive
, fecAlways
, packetDuplication
Yes loss_threshold_percentage Integer min: 1
, max: 5
No
nat_vpn (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions) Name Type Constraint Mandatory Default Value vpn_id Integer min: 0
, max: 65530
No nat_vpn_fallback Boolean true
, false
No
appqoe_optimization (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions) Name Type Constraint Mandatory Default Value tcp Boolean true
, false
No dre Boolean true
, false
No service_node_group String No
local_tloc_list (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions) Name Type Constraint Mandatory Default Value colors List Choice[default
, mpls
, metro-ethernet
, biz-internet
, public-internet
, lte
, 3g
, red
, green
, blue
, gold
, silver
, bronze
, custom1
, custom2
, custom3
, private1
, private2
, private3
, private4
, private5
, private6
] Yes encaps List Choice[ipsec
, gre
] Yes restrict Boolean true
, false
No
next_hop (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions) Name Type Constraint Mandatory Default Value ip_address IP Yes when_next_hop_is_not_available Choice route_table_entry
No
service (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions) Name Type Constraint Mandatory Default Value type Choice appqoe
, FW
, IDP
, IDS
, netsvc1
, netsvc2
, netsvc3
, netsvc4
, netsvc5
Yes vpn Integer min: 0
, max: 65530
No tloc Class [tloc]
No tloc_list String Regex: ^[A-Za-z0-9\-_]{1,32}$
No local Boolean true
, false
No restrict Boolean true
, false
No
tloc (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions) Name Type Constraint Mandatory Default Value ip IP Yes color Choice default
, mpls
, metro-ethernet
, biz-internet
, public-internet
, lte
, 3g
, red
, green
, blue
, gold
, silver
, bronze
, custom1
, custom2
, custom3
, private1
, private2
, private3
, private4
, private5
, private6
Yes encap Choice ipsec
, gre
Yes
Examples Example-1: Prioritizing VoIP Traffic with DSCP Tagging and Forwarding Class Assignment.
A healthcare organization uses cloud-based VoIP applications for internal and patient-related communications. To ensure voice traffic always receives the highest quality of service (QoS), the organization wants to implement a centralized data policy that matches VoIP traffic based on DSCP marking and forwards it using a high-priority forwarding class.This is done by defining a traffic data policy that includes a sequence matching DSCP-marked packets for VoIP (e.g., EF = DSCP 46), and taking actions to assign a high-priority forwarding class (voice), along with enabling flow logging for troubleshooting and analytics.
The YAML defines a centralized data policy named Voice_Traffic_QoS, aimed at prioritizing voice traffic. It includes a description highlighting its QoS intent and sets the default action to drop to strictly filter unmatched traffic. Within the policy, a single sequence with ID 100 is defined, specifically targeting QoS handling. The match criteria focus on packets marked with DSCP value 46, typically used for VoIP. Upon a match, the policy triggers actions to enable logging, preserve the DSCP marking, and assign the traffic to the “voice” forwarding class, ensuring it receives low-latency, high-priority treatment across the network.
By deploying this configuration, the healthcare provider guarantees reliable VoIP performance, even during high network utilization, ensuring critical communication isn’t delayed or dropped.
- name : Voice_Traffic_QoS
description : " Ensure high priority treatment for VoIP traffic "
default_action_type : drop
name : " Match_DSCP_EF_VoIP "
forwarding_class : " voice "