Traffic Data - QOS Definition

QOS Definition define the matching conditions and Actions to configure QOS policy for Traffic data

Diagram

Classes

data_policy (sdwan.centralized_policies.definitions)

Name	Type	Constraint	Mandatory	Default Value
traffic_data	List	`[traffic_data]`	No

traffic_data (sdwan.centralized_policies.definitions.data_policy)

Name	Type	Constraint	Mandatory
name	String	Regex: `^[A-Za-z0-9\-_]{1,127}$`	Yes
description	String		Yes
default_action_type	Choice	`accept`, `drop`	Yes
sequences	List	`[sequences]`	No

sequences (sdwan.centralized_policies.definitions.data_policy.traffic_data)

Name	Type	Constraint	Mandatory	Default Value
base_action	Choice	`accept`, `drop`	Yes
id	Integer	min: `1`, max: `65534`	Yes
name	String		Yes
ip_type	Choice	`ipv4`, `ipv6`, `all`	No	`ipv4`
type	Choice	`custom`, `service_chaining`, `qos`, `application_firewall`, `traffic_engineering`	No	`custom`
match_criterias	Class	`[match_criterias]`	No
actions	Class	`[actions]`	No

match_criterias (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences)

Name	Type	Constraint	Mandatory
application_list	String	Regex: `^[A-Za-z0-9\-_]{1,32}$`	No
dns_application_list	String	Regex: `^[A-Za-z0-9\-_]{1,32}$`	No
dns	Choice	`request`, `response`	No
dscp	Integer	min: `0`, max: `63`	No
packet_length	Integer	min: `0`, max: `65535`	No
plp	Choice	`low`, `high`	No
protocols	List	Integer[min: `0`, max: `255`]	No
source_data_prefix_list	String	Regex: `^[A-Za-z0-9\-_]{1,32}$`	No
source_data_prefix	String		No
source_ports	List	Integer[min: `0`, max: `65535`]	No
source_port_ranges	List	`[source_port_ranges]`	No
destination_data_prefix_list	String	Regex: `^[A-Za-z0-9\-_]{1,32}$`	No
destination_data_prefix	String		No
destination_ports	List	Integer[min: `0`, max: `65535`]	No
destination_port_ranges	List	`[destination_port_ranges]`	No
tcp	Choice	`syn`	No
traffic_to	Choice	`access`, `core`, `service`	No
destination_region	Choice	`primary-region`, `secondary-region`, `other-region`	No

actions (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences)

Name	Type	Constraint	Mandatory
counter_name	String	Regex: `^[A-Za-z0-9\-_]{1,20}$`	No
log	Boolean	`true`, `false`	No
cflowd	Boolean	`true`, `false`	No
sig	Class	`[sig]`	No
redirect_dns	Class	`[redirect_dns]`	No
loss_correction	Class	`[loss_correction]`	No
nat_pool	Integer	min: `1`, max: `31`	No
nat_vpn	Class	`[nat_vpn]`	No
appqoe_optimization	Class	`[appqoe_optimization]`	No
dscp	Integer	min: `0`, max: `63`	No
forwarding_class	String	min: `1`, max: `32`	No
local_tloc_list	Class	`[local_tloc_list]`	No
next_hop	Class	`[next_hop]`	No
preferred_color_group	String	Regex: `^[A-Za-z0-9\-_]{1,32}$`	No
policer_list	String	Regex: `^[A-Za-z0-9\-_]{1,32}$`	No
service	Class	`[service]`	No
tloc	Class	`[tloc]`	No
tloc_list	String	Regex: `^[A-Za-z0-9\-_]{1,32}$`	No
vpn	Integer	min: `0`, max: `65530`	No

source_port_ranges (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.match_criterias)

Name	Type	Constraint	Mandatory	Default Value
from	Integer	min: `0`, max: `65535`	Yes
to	Integer	min: `0`, max: `65535`	Yes

destination_port_ranges (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.match_criterias)

Name	Type	Constraint	Mandatory	Default Value
from	Integer	min: `0`, max: `65535`	Yes
to	Integer	min: `0`, max: `65535`	Yes

sig (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
enabled	Boolean	`true`, `false`	Yes
fallback_to_routing	Boolean	`true`, `false`	No

redirect_dns (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
type	Choice	`host`, `umbrella`, `ipAddress`	Yes
ip_address	IP		No

loss_correction (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
type	Choice	`fecAdaptive`, `fecAlways`, `packetDuplication`	Yes
loss_threshold_percentage	Integer	min: `1`, max: `5`	No

nat_vpn (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
vpn_id	Integer	min: `0`, max: `65530`	No
nat_vpn_fallback	Boolean	`true`, `false`	No

appqoe_optimization (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory
tcp	Boolean	`true`, `false`	No
dre	Boolean	`true`, `false`	No
service_node_group	String		No

local_tloc_list (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory
colors	List	Choice[`default`, `mpls`, `metro-ethernet`, `biz-internet`, `public-internet`, `lte`, `3g`, `red`, `green`, `blue`, `gold`, `silver`, `bronze`, `custom1`, `custom2`, `custom3`, `private1`, `private2`, `private3`, `private4`, `private5`, `private6`]	Yes
encaps	List	Choice[`ipsec`, `gre`]	Yes
restrict	Boolean	`true`, `false`	No

next_hop (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
ip_address	IP		Yes
when_next_hop_is_not_available	Choice	`route_table_entry`	No

service (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory
type	Choice	`appqoe`, `FW`, `IDP`, `IDS`, `netsvc1`, `netsvc2`, `netsvc3`, `netsvc4`, `netsvc5`	Yes
vpn	Integer	min: `0`, max: `65530`	No
tloc	Class	`[tloc]`	No
tloc_list	String	Regex: `^[A-Za-z0-9\-_]{1,32}$`	No
local	Boolean	`true`, `false`	No
restrict	Boolean	`true`, `false`	No

tloc (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory
ip	IP		Yes
color	Choice	`default`, `mpls`, `metro-ethernet`, `biz-internet`, `public-internet`, `lte`, `3g`, `red`, `green`, `blue`, `gold`, `silver`, `bronze`, `custom1`, `custom2`, `custom3`, `private1`, `private2`, `private3`, `private4`, `private5`, `private6`	Yes
encap	Choice	`ipsec`, `gre`	Yes

Examples

Example-1: Prioritizing VoIP Traffic with DSCP Tagging and Forwarding Class Assignment.

A healthcare organization uses cloud-based VoIP applications for internal and patient-related communications. To ensure voice traffic always receives the highest quality of service (QoS), the organization wants to implement a centralized data policy that matches VoIP traffic based on DSCP marking and forwards it using a high-priority forwarding class.This is done by defining a traffic data policy that includes a sequence matching DSCP-marked packets for VoIP (e.g., EF = DSCP 46), and taking actions to assign a high-priority forwarding class (voice), along with enabling flow logging for troubleshooting and analytics.

The YAML defines a centralized data policy named Voice_Traffic_QoS, aimed at prioritizing voice traffic. It includes a description highlighting its QoS intent and sets the default action to drop to strictly filter unmatched traffic. Within the policy, a single sequence with ID 100 is defined, specifically targeting QoS handling. The match criteria focus on packets marked with DSCP value 46, typically used for VoIP. Upon a match, the policy triggers actions to enable logging, preserve the DSCP marking, and assign the traffic to the “voice” forwarding class, ensuring it receives low-latency, high-priority treatment across the network.

By deploying this configuration, the healthcare provider guarantees reliable VoIP performance, even during high network utilization, ensuring critical communication isn’t delayed or dropped.

sdwan:
  centralized_policies:
    definitions:
      data_policy:
        traffic_data:
          - name: Voice_Traffic_QoS
            description: "Ensure high priority treatment for VoIP traffic"
            default_action_type: drop
            sequences:
              - id: 100
                name: "Match_DSCP_EF_VoIP"
                base_action: accept
                ip_type: ipv4
                type: qos
                match_criterias:
                  dscp: 46
                actions:
                  log: true
                  dscp: 46
                  forwarding_class: "voice"