Cisco路由器QoS配置过程
对不同IP组进行流量限制实例:
Cisco(config)#ip access-list extended BOSS
Cisco(config-ext-nacl)#permit ip host 192.168.1.8 any Cisco(config-ext-nacl)#permit ip host 192.168.1.18 any Cisco(config-ext-nacl)#permit ip host 192.168.1.38 any Cisco(config-ext-nacl)#permit ip host 192.168.1.48 any Cisco(config-ext-nacl)#permit ip host 192.168.1.58 any Cisco(config-ext-nacl)#permit ip host 192.168.1.68 any Cisco(config-ext-nacl)#end Cisco#config t
Cisco(config)#ip access-list extended COMMON
Cisco(config-ext-nacl)#deny ip host 192.168.1.8 any Cisco(config-ext-nacl)#deny ip host 192.168.1.18 any Cisco(config-ext-nacl)#deny ip host 192.168.1.38 any Cisco(config-ext-nacl)#deny ip host 192.168.1.48 any Cisco(config-ext-nacl)#deny ip host 192.168.1.58 any Cisco(config-ext-nacl)#deny ip host 192.168.1.68 any
Cisco(config-ext-nacl)#permit ip 192.168.0.0 0.0.255.255 any Cisco(config-ext-nacl)#end Cisco#config t
Cisco(config)#route-map QoS permit 10
Cisco(config-route-map)#match ip address BOSS Cisco(config-route-map)#set ip precedence ? <0-7> Precedence value
critical Set critical precedence (5) flash Set flash precedence (3)
flash-override Set flash override precedence (4) immediate Set immediate precedence (2)
internet Set internetwork control precedence (6) network Set network control precedence (7) priority Set priority precedence (1) routine Set routine precedence (0)
Cisco(config-route-map)#set ip precedence critical Cisco(config-route-map)#exit
Cisco(config)#route-map QoS permit 20
Cisco(config-route-map)#match ip address COMMON Cisco(config-route-map)#set ip precedence priority Cisco(config-route-map)#exit
Cisco(config)#class-map match-any NORMAL
Cisco(config-cmap)#match ip precedence 0 1 2 Cisco(config-cmap)#class-map match-any PREMIUM
Cisco(config-cmap)#match ip precedence 0 1 2 Cisco(config-cmap)#exit
Cisco(config)#policy-map QoS_OUTPUT Cisco(config-pmap)#class PREMIUM Cisco(config-pmap-c)#bandwidth 2048
Cisco(config-pmap-c)#police 2048000 bc 19200 38400 Cisco(config-pmap-c-police)#conform-action transmit Cisco(config-pmap-c-police)#exceed-action transmit Cisco(config-pmap-c-police)#class NORMAL Cisco(config-pmap-c)#bandwidth 512
Cisco(config-pmap-c)#police cir 51000 bc 1200 be 1200 Cisco(config-pmap-c-police)#conform-action transmit Cisco(config-pmap-c-police)#exceed-action drop Cisco(config-pmap-c-police)#end Cisco#config t
Cisco(config)#interface G 0/0 Cisco(config-if)#ip nat inside
Cisco(config-if)#ip policy route-map QoS Cisco(config)#interface G 0/1 Cisco(config-if)#ip nat outside
Cisco(config-if)#service-policy output QoS_OUTPUT
----------------------------------------------------------------------------
marking:
1.定义class-map.
class-map [match-all/match-any] {map-name} 默认不打的话是match-all 2.定义匹配命令match match access-group {NO}
match input-interface {interface}
match class-map {map-name} class-map嵌套 match source-address {mac-address} 源mac地址 match destination-address {mac-address} 目的mac地址 match vlan {vlan-ID} match ip dscp {DSCP}
match ip precedencc {precedence}
match protocol {protocol} 基于NBAR
Router(config) class-map FOO Router(config-cmap)#match ?
access-group Access group any Any packets
class-map Class map
cos IEEE 802.1Q/ISL class of service/user priority values
destination-address Destination address
input-interface Select an input interface to match ip IP specific values mpls Multi Protocol Label Switching specific values
not Negate this match result protocol Protocol qos-group Qos-group
source-address Source address 3.设置policy-map
policy-map {policy-name} 4.调用class-map
class-map {map-name} 5.设置标记
set ip dscp {DSCP}
set ip precedence {PRECEDENCE} set cos {COS}
priority {Kbps|percent PERCENT} [bc] 定义优先级流量的带宽以及突发流量
bandwidth {Kbps|percent PERCENT} 定义保留带宽 random-detect 启用WRED
police {CIR BC BE} conform-action {action} exceed-action {action} [violated-action {action}] 使用令牌桶限速
queue-limit {PACKETS} 定义队列中数据报的最大个数 service-policy {policy-name} 调用其它的策略进行嵌套 shape {average|peak} {CIR [BC] [BE]} 整形 drop
6.在接口模式下调用policy-map
service-policy [input|ouput] {POLICY-NAME} 察看命令:
show policy-map [policy-name]
show policy-map interface [INTERFACE] show class-map [class-name] show ip nbar pdlm
show ip nbar port-map 显示NBAR使用的协议到端口的映射
NBAR应用: 使用限制:
1.快速以太网信道
2.隧道接口或加密的接口 3.SVI(交换虚拟接口)
4.拨号接口
5.多链路PPP(MLP)
使用前先要敲命令:ip cef class-map {name} match protocol ...
ip nbar pdlm flash://bittorrent.pdlm 加载bittorrent.pdlm 到路由器闪存里(事先要把pdlm复制到flash中)
match procotol http url \匹配url中带有jpeg和jpg的连接)
match procotol http url \匹配url中有gif的连接)
拥塞管理 WFQ: 特点:
1.基于流(5元素)分类,队列数N可以配置
2.出队后按IP优先级来分配带宽,优先级越低则带宽越小 3.在其它队列空闲时抢占它们的带宽,又有流量时归还带宽 4.是低于2.048Mbps串行接口的默认配置 配置命令:
接口模式下fair-queue show queueing fair show queue [interface] PQ:
缺点:1.只能静态配置,不能适应网络拓扑的变化2.不支持隧道接口3.要通过数据分类卡,比FIFO慢 配置:
1.定义优先级队列,可以基于协议和基于进站接口
基于协议riority-list {list-number} protocol {PROTOCOL-NAME} {high|medium|normal|low}
基于进站接口riority-list {list-number} interface {interface} {high|medium|normal|low}
2.定义默认优先级队列,未被分类的数据报被送到此处,默认级别为normal priority-list {list-number} default {high|medium|normal|low} 3.定义每个队列中数据报的个数,从高到低,默认为20,40,60,80
priority-list {list-number} queue-limit {high-limit medium-limit normal-limit low-limit} 4.把优先级队列运用在接口上 priority-group {list-number} 察看命令:
show queue [interface] show queueing priority
RTP(Real Time Protocol) 支持端口号为偶数的udp报文
可以进行限速,超过的可丢弃,也可以配置带宽,不会占用超出规定的带宽 命令:
ip rtp priority {starting-rtp-port-number port-number-range} {bandwidth}
max-reserved-bandwidth PERCENT show queue [interface] debug priority
CRTP(压缩实时协议): 用来压缩ip/udp/rtp报头 压缩分为三种:链路压缩,有效负载压缩,报头压缩 二层报头--tcp/ip报头--有效负载
1.链路压缩:对整个分组进行压缩,包括报头和有效负载。独立于协议的。只适用于点到点链路。两种算法:Predictor和STAC
2.有效负载压缩:只压缩数据部分,对报头没有影响。适用于frame-relay或ATM网络。
3.tcp/ip报头压缩:针对协议的,适用于几个字节数据的小型分组。 配置:
对HDLC,LAPB: compress [predictor|stac|mppc] 对ppp: ip compress [predictor|stac]
对frame-relay点到点接口或子接口启用stac压缩: frame-relay payload-compress 启用crtp:
1. ip rtp header-compression [passive]
若不启用passive,则对所有RTP数据流压缩;若启用passive,则只有当进入端口的RTP分组被压缩时,软件才能对离开该接口的RTP分组压缩 2. ip rtp compression-connections {NUMBER} 更改CRTP压缩的条数,默认为16条
3. 启用tcp报头压缩: ip tcp header-compression [passive] 若没有启用passive, 则必须指定关键字active,将对所有IP/UDP/RTP包头进行压缩 ip tcp compression-connections {NUMBER} frame-relay中的 crtp:
在物理接口上启用CRTP,则在它的子接口上将继承特性 frame-relay ip rtp header-compression [passive] frame-relay ip rtp compression-connections {NUMBER} 只针对特定的PVC启用CRTP:
frame-relay map ip {ip-address} {dlci} [broadcast] rtp header-compression [active|passive] [connections number] 察看命令:
show ip rtp header-compression [interface] [detail] show frame-relay ip rtp header-compression [interface]
WRR(weighted round-robin)
一种队列调度机制,根据每个出站队列的权值来分配带宽,权值与带宽成正比。 仅当发生拥塞时才会使用WRR,不拥塞时不会分配带宽。
百度搜索“77cn”或“免费范文网”即可找到本站免费阅读全部范文。收藏本站方便下次阅读,免费范文网,提供经典小说综合文库Cisco路由器QoS配置过程在线全文阅读。
相关推荐: