Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

The working principle and related Technologies of quality of Service access (QoS)

2025-04-03 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

With the development of the network, the Internet traffic increases rapidly, resulting in network congestion, increased delay, and sometimes packet loss, resulting in a decline in the quality of service. So how to control the traffic of different services on the limited bandwidth? This requires QoS (Quality of Service) technology.

The generation of network congestion

Two common situations that cause network congestion are as follows (shown in the following figure):

(1) data enters the device from the high-speed port and forwards it out the low-speed port.

(2) Traffic aggregation, where traffic enters the device from multiple ports, forwards out one port, and the sum of the rates entering the port is greater than the rate of the forwarding interface.

The impact of network congestion

(1) increased packet transmission delay, delay jitter and packet loss rate

(2) packet retransmission due to excessive delay and packet loss, which increases the burden on the network

(3) the effective throughput of the network is reduced due to network congestion and packet retransmission.

The solution of Network congestion

(1) increase network bandwidth

(2) make rational use of network bandwidth and use QoS technology to allocate existing bandwidth reasonably as needed to reduce the impact of network congestion.

QOS traffic management

You can control the size of traffic through certain policies to reduce network congestion. The main traffic management technologies are promised access rate CAR and traffic × × GTS. In practical applications, CAR is used more, while GTS is less used.

Flow Classification and Traffic Management

(1) flow classification

Flow classification is the basis for differentiated services. Traffic classification can use the priority of the message to identify traffic with different priority; it can also use information such as source address, destination address, MAC address, protocol or port number to identify different traffic. Flow classification must be associated with some action of traffic or bandwidth allocation to make sense.

(2) Traffic monitoring

There are generally three parameters that can be set when monitoring traffic:

Committed average rate (CIR): the average rate at which traffic is allowed to pass

Burst (Bc): the amount of traffic that is allowed to be generated by the burst, which must be greater than the maximum message length.

Extra burst (Be): indicates the amount of traffic that can be forwarded after the burst is exceeded

(3) Traffic policy

Forwarding (transmit): set the policy to forward for compliance and violation traffic

Discard (drop): set the policy to discard for compliance and violation traffic

Set: the priority of the marked message

(4) Traffic × × (GTS)

Traffic × × is a measure to adjust the output rate. Cache is used to store illegal traffic, so it can reduce packet loss rate, avoid packet retransmission, and increase delay. It is generally used in environments where the overall traffic is small, but sometimes sudden traffic occurs.

(5) committed access rate (CAR)

The promised access rate is a traffic control measure. The size of Bc+Be is the maximum traffic allowed to burst. Violation traffic is generally directly discarded without forwarding, which increases the packet loss rate. CAR is mostly used in the access layer.

Configuration of traffic × × and committed access rate

1. Traffic × × configuration

There are two ways:

(1) basic traffic × × configuration

Router (config-if) # traffic-shape rate {Cir [BC [be]]} [buffer-limit]

CIR must be configured, but Bc does not need to be configured. Buffer-limit indicates the usage limit of the cache. Default is 1000 (number of messages).

(2) Traffic configuration based on ACL

First, configure ACL, define the traffic that needs to be *, and configure the following command:

Router (config-if) # traffic-shape group access-group {Cir [BC [be]]}

Access-group represents the serial number of the defined ACL

For example, the configuration commands of a router are as follows:

Router (config) # access-list 151permit udp any anyRouter (config) # int f0/0Router (config-if) # traffic-shape rate 1000000Router (config-if) # int f0/1Router (config-if) # traffic-shape group 151 1000000 1000000 1000000

(3) View GTS configuration commands

Router# show traffic-shape f0swap 0 / / View CTS configuration information Router# show traffic-shape statistics f0lap0 / / View CTS traffic statistics Router# show traffic-shape queue / / View CTS queue information

two。 Committed access rate configuration

There are also two ways to configure:

(1) basic committed access rate configuration

Router (config-if) # rate-limit {input | output} {CIR} {burst-nlrmal} {burst-max} conform-action {action} exceed-action {action}

The meaning of each parameter is as follows

Input | output: traffic for port such as direction | outbound traffic

CIR: committed access rate (parameter range 8000 Murray 2000,000000)

Burst-nlrmal: general burst quantity (parameter range 1000 Murray 512000000)

Burst-max: maximum burst (parameter range 2000Murray 1024000000)

Conform-action: actions on compliant traffic

Exceed-action: actions on illegal traffic

Action: action on the appropriate traffic (drop discards transmit forwarding set tags)

Case 1: configure speed-limited traffic 8Mb/s with a maximum burst of 4000, which is consistent with traffic forwarding and discarded beyond traffic.

Router (config-if) # rate-limit input 8000000 2000 4000 conform-action transmit exceed-action drop

Case 2: configure a speed-limited traffic 8Mb/s with a maximum burst of 4000. The traffic is marked 5 and forwarded, and the excess traffic is marked 0. Priority 0 is the default value, which means to send as best as possible. when the network is congested, the data is discarded according to the priority.

Router (config-if) # rate-limit input 8000000 2000 4000 conform-action set-prec-transmit 5 exceed-action set-prec-transmit 0

(2) expand the committed access rate

Router (config-if) # rate-limit {input | output} [access-group access-group] {CIR} {Bc} {Be} conform-action exceed-action

(3) View CAR configuration commands

Router# show interface f1ap0 rate-limit / / View port speed limit information

two。 The second configuration of promised access rate and traffic

This configuration can apply a single policy to the port to implement multiple flow controls.

(1) define matching strategy

Router (config) # class-map [match-all | match-any] {class-map-name} / / enter class-map mode Configure matching criteria Router (config-map) # match access-group 100 / / match configured ACLRouter (config-map) # match protocol {protocol} / / match configured protocol Router (config-map) # match input-interface int f0and0 / match port incoming traffic Router (config-map) # match any / / match any packet Router (config-map) # match {source-address | destination-address} mac {mac-address} / / match the source or destination MAC address

Class-map-name: name of the class-map created

Match-all: indicates that all the conditions defined by class-map match, and is the default configuration

Match-any: indicates at least one condition that matches the class-map definition

(2) define flow control policy

Call class map through policy map, and then configure policies for each class map

Router (config) # policy-map {policy-map-name} / / define policy-mapRouter (config-pmap) # class {class-map-name} / / call class map

Then the policies configured in the called class map include tagged traffic, traffic × × ×, CAR and so on.

Router (config-pmap-c) # set ip dscp {dscp} / / Mark the priority of traffic Router (config-pmap-c) # set ip precedence {precedence}

Configure CAR

Router (config-pmap-c) # police {CIR} [burst-normal] [burst-max] conform-action {action} execeed-action {action} violate-action {action}

CIR: committed access rate

Burst-normal: committed burst Bc

Burst-max: unlike the rate-limit command, this parameter represents excessive burst Be

Config-action: actions taken for traffic less than Bc (including CIR traffic). Default forwarding

Exceed-action: the action taken for traffic between Bc and Bc+Be is forwarded by default

Violate-action: actions taken for traffic larger than Bc+Be are discarded by default

Action: the corresponding action on traffic with action in the rate-limit command

Configure GTS

Router (config-pmap-c) # shape average {CIR [be]}

Average represents the average. After configuring CTS in the form of average, the rate after × × is CIR.

Configure the buffer limit

Router (config-pmap-c) # shape max-buffers {buffer-limit}

Buffer-limit: number of messages per unit. Range: 1-4096. Default is 1000.

(3) apply policy on the interface

Router (config-if) # service-policy {input | output} {policy-map-name}

Note: CTS can only be applied in the output direction, while CAR can be applied in both directions

(4) View configuration

Router# show policy-map [policy-map-name] / / View policy configuration Router# show policy-map int f0ram 0 / / View port policy application and traffic information

For example, the configuration of a router is as follows

Router (config) # access-list 100 permit ip 10.0.0.0 0.0.255 10.0.0.255 Router (config) # class-map yyy / / configure class mapRouter (config-cmap) # match access-group 100 / / configure matching conditions, call ACLRouter (config) # policy-map ysf1 / / define policy map Configure CARRouter (config-pmpa) # class yyy / / call class mapRouter (config-pmap-c) # police 8000 1500 1500 conform-action transmit exceed-action transmit viliate-action drop// configure CAR, less than Bc forwarding, forward between Bc- Bc+Be Greater than Bc+Be discard Router (config) # int f0amp0 / / apply CAR policy Router (config-if) # service-policy input ysf1Router (config) # policy-map ysf2 / / define policy map, configure GTSRouter (config-pmap) # class yyy / / call class mapRouter (config-pmap-c) # shape average 8000 / / configure average form Only configure CIRRouter (config) # int f0swap 1 / / apply the CTS policy Router (config-if) # service-policy output ysf2 Router# show policy-map / / View the configuration policy at f0placc1 port

Congestion management technology

Congestion management generally uses queue scheduling technology, through the queue scheduling technology algorithm to make different data streams have different priority and bandwidth information, so as to determine the order and bandwidth of different data streams to be forwarded. There are mainly the following six technologies:

1.FIFO: FIFO queue (only one team)

2.PQ: priority queue (4 queues, high-level long-term occupancy, problem)

3.CQ: custom queue (administrator can add, 0 reserve, 1 Murray 16 cycles)

4.WFQ: weighted fair queues (many classes, small packets, high priority, first mover)

5.CBWFQ: class-based weighted fair queuing (guaranteed bandwidth)

6.CBLLQ: weighted fair queuing based on similar low latency (guaranteed delay)

Configure CBWFQ

With the development of technology, CBWFQ technology is the most commonly used.

(1) define matching policy, which is the same as the second configuration of GTS and CAT.

(2) define policy map and call class map to set the policy in each class map

Router (config-pmap-c) # bandwidtn {bandwidth-kbps | percent percentage}

Bandwidth: guarantee the minimum bandwidth

Bandwidth-kbps: minimum bandwidth rate (by default, the total bandwidth allocated by each class map cannot exceed 75% of the interface bandwidth, and the remaining 25% is used for traffic control and routing. Can be modified through the max-reserved-bandwidt command in interface mode)

Percent percentage: minimum bandwidth as a percentage of port bandwidth

* then, configure the number of packets in the queue

Router (config-pmap-c) # queue-limit {packets}

Packets: the value of the queue set. The range is 1 Murray 4096.

* if you need to configure the default class, you can use the following command:

Router (config-pmap) # class class-default

* configure the maximum bandwidth of the LLQ queue

Router (config-pmap-c) # {bandwidth-kbps | percent percentage}

Priority: indicates the maximum bandwidth of the queue, and its parameter has the same meaning as the bandwidtn command

(3) implement policies on ports

Same as the second configuration of CRS and CAR, but it should be noted that CBWFQ can only be configured in the output direction of the port.

(4) relevant viewing commands

Show policy-map [policy-map-name] / / View the configuration information of policy map show policy-map int f0max 0 / / View the policy map and traffic information of the port

Experimental case: configure CBWFQ to solve the problem of network congestion by configuring minimum guaranteed bandwidth for PC1, PC2, PC3 and PC4

(1) configure network-wide interconnection (abbreviated)

(2) configure CBWFQ to ensure minimum bandwidth in case of network congestion.

R1 (config) # access-list 100 permit ip host 10.0.1.2 host 10.0.0.4R1 (config) # access-list 101 permit ip host 10.0.1.2 host 10.0.0.1R1 (config) # access-list 102 permit ip host 10.0.1.2 host 10.0.0.2 / / define ACLR1 (config) # class-map match-all ftp1 / / define class R1 (config-cmap) # match access with the name ftp1 -group 100 / / Traffic matching ACL100 belongs to class ftp1R1 (config) # class-map match-all ftp2 R1 (config-cmap) # match access-group 101R1 (config) # class-map match-all ftp3R1 (config-cmap) # match access-group 102R1 (config) # policy-map ftp / / defines a policy named ftp R1 (config-pmap) # class ftp1 / / enters class ftp1R1 (config-pmap-c) # bandwidth 4000 / / set the policy for class ftp1 In case of congestion, the bandwidth is 4000Kb/sR1 (config-pmap-c) # exitR1 (config-pmap) # class ftp2R1 (config-pmap-c) # bandwidth 1600R1 (config-pmap-c) # exitR1 (config-pmap) # class ftp3R1 (config-pmap-c) # bandwidth 1600R1 (config-pmap-c) # exitR1 (config-pmap) # class class-default / / configure other traffic to default class R1 (config-pmap-c) # fair-queue / enable fair queuing R1 (config) # interface f0/1R1 (config-if) # service-policy output ftp / / CBWPQ can be used with bandwidth only in the output direction

Congestion avoidance technology

Excessive network congestion is very harmful to the network. Congestion avoidance is to actively discard some messages to reduce the degree of network congestion.

1. Tail discard

The traditional packet loss strategy is the policy of discarding all the following messages when the queue reaches the longest. It may cause the traffic in the network to fluctuate and become extremely unstable.

Configure the tail-discarded command queue-limit in CBWFQ

2.WRED

In order to avoid tail dropping, weighted random pre-detection (RED) divides the queue into two values, low threshold and high threshold, and uses the following algorithm:

* when it is less than the low threshold, no message is discarded.

* discard the message completely when it is greater than the high threshold

* when the threshold is between low and high, WRED starts to randomly discard messages. The longer the queue, the higher the probability of discarding.

The principle of WRED is the same as that of RED, except that priority is added to distinguish the discarding policy when randomly discarding packets.

Configuration of WRED

(1) configure on the interface

DSCP-based configuration

Router (config-if) # random-detect dscp-based / / launch DSCP-based WREDRouter (config-if) # random-detect dscp {dscp} {min max} [mark]

Min: low threshold

Max: high threshold

Mark: maximum probability denominator (used when calculating discarding)

Configuration based on IP priority

Router (config-if) # random-detectrouter (config-if) # random-detect precedence {precedence} {min max} {mark}

(2) configure WRED through policy-map

Router (config-pmap-c) # random-detectrouter (config-pmap-c) # random-detect precedence {precedence} {min max} {mark}

(3) View WRED

Show queueing random-detect / / View WERD information show queue [int f0amp0] / / View queue information

LLQ queues cannot use WRED or the queue-limit command

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Network Security

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report