Policy agent configuration
The policy agent is a required component of the QoS subsystem.
The /etc/policyd.conf configuration file is used to configure the policy agent. The syntax of this configuration file is described in the sample configuration file installed in /etc/policyd.conf.
The policy agent can be configured by editing /etc/policyd.conf. Additionally, the following commands are provided to assist in configuring policies:
- qosadd
- qosmod
- qoslist
- qosremove
In the following example, a premium service category is created and used
in the tcptraffic policy rule. This service category has a maximum rate of
110000 Kbps, a token bucket depth of 10000 bits, and an outgoing IP TOS value
of 11100000 in binary. The tcptraffic policy rule gives this premium service
to all traffic with source IP address given by
1.2.3.6, destination
address 1.2.3.3, and destination port in the range 0 to 1024. ServiceCategories premium
{
PolicyScope DataTraffic
MaxRate 110000
MaxTokenBucket 10000
OutgoingTOS 11100000
}
ServicePolicyRules tcptraffic
{
PolicyScope DataTraffic
ProtocolNumber 6 # tcp
SourceAddressRange 1.2.3.6-1.2.3.6
DestinationAddressRange 1.2.3.3-1.2.3.3
DestinationPortRange 0-1024
ServiceReference premium
}The following statements set up a default service category and use it to
restrict the UDP traffic flowing from interfaces
1.2.3.1 through 1.2.3.4 to
IP addresses 1.2.3.6 through 1.2.3.10, port
8000. ServiceCategories default
{
MaxRate 110000
MaxTokenBucket 10000
OutgoingTOS 00000000
}
ServicePolicyRules udptraffic
{
ProtocolNumber 17 # udp
SourceAddressRange 1.2.3.1-1.2.3.4
DestinationAddressRange 1.2.3.6-1.2.3.10
DestinationPortRange 8000-8000
ServiceReference default
}The following example configuration can be used to download rules from
an LDAP server using the distinguished subtree name, to lookup the policies
on the LDAP server host.
ReadFromDirectory
{
LDAP_Server 1.2.3.27
Base ou=NetworkPolicies,o=myhost.mydomain.com,c=us
}