Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

The principle and configuration case of QOS

2025-04-01 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

Aggregable network:

Coexistence of voice and video traffic

Lack of bandwidth, end-to-end delay, jitter delay, packet loss

Address bandwidth scarcity:

1, update bandwidth

2. Forward as important traffic

3, compress 2 layers

4, compress 3-layer flow

Delay:

1, processing delay

2, queue delay

3, serial delay (8bit converted to one byte)

4, link delay

Resolve delays:

1, update bandwidth

2. Forward important traffic

3, compress layer 2 load

4. Compress the ip header

Packet loss rate:

1minute tail drops: packets exceeding a certain depth queue are discarded

1. Network audit network audit

2business audit business audit

3Service levels required service level

QOS model classification:

1, best-effort model: no QOS services are applied

2. Integrated service model: before the application sends the program protocol, it initiates the signaling application service to the network.

3, DiffServ model: classify traffic

Do one's best to serve

Integrated services: guaranteed and predictable. End-to-end signaling protocol. Resource reservation

1 to provide multiple service levels 2

2, signaling protocol is required

3. Resource reservation protocol RSVP

4, use smart queues

Classification:

1. Guarantee speed service

2, load control service

Differentiated services: classify services. Different traffic has different service levels.

DiffServ model:

Classify traffic at the edge of the network

DSCP: differentiated services code point: based on each packet

Per-hop behaviors: per hop behavior

1. Support a variety of strategies

2. Separation of service and application

3, backward compatible nodes that do not support differentiated services

4. Support incremental deployment

DSCP coded address:

Ipv4 header format:

Versionlength tosbyte len id offset ttl proto fcs ipsa ipda data

The ip priority has three bits. Eight values are generated, and the higher the value, the higher the priority, which is just a marking method.

Diffserv field: using the tos field in ipv4

Dscp: 6bit using diffserv field to elect PHB (forwarding and queuing method)

Per-hop behaviors

1 0 1 1 1 0 DSCP

Top three

000=default (FIFO,tail drop) BE: no DiffServ model applied

101=expedited forwarding EF

001,010,011,or 100=assured forwarding AF

The last three

000=class selector (IP Precedence) CF

EF: accelerated forwarding 101110

1. Guarantee the minimum forwarding rate

2. Bandwidth is guaranteed and forwarding is given priority.

3. Bandwidth allocation plays a regulatory role.

Bits 5 to 7 IP "101" 5 uses the same as IP's TOS.

Bits 3 to 4 NO DROP probability "11"

Bits 2Rose 0'

AF: bandwidth guarantee 100110

1. Guarantee the minimum forwarding rate

DSCP VALUE RANGE:

Aaadd0

Four categories:

Af1,af2,af3,af4

Class value

Af1 001 dd 0

Af2 010 dd 0

Af3 011 dd 0

Af4 100 dd 0

The smaller the dd value, the more likely it is to be discarded.

The higher the af value, the more resources you get.

The last three digits of CF:XXX000 are always 0, which coincides with IP tos.

The larger the xxx, the higher the bandwidth resources.

QOS mechanism:

1, classification: DSCP, MQC

2, Mark

3, congestion management (queue mechanism): priority scheduling of queues; router exit interface takes effect; FIFO/WFQ/CBWFQ/LLQ/PQ/CQ

4, congestion avoidance: avoid tail drop and wred

5. Traffic control (speed limit) and × ×; the entry interface of the router takes effect (control), and the exit interface of the router takes effect (× × ×)

6, link effectiveness: fragmentation, cross-transfer, compression

INPUT INTERFACE:

Classify 、 mark 、 policing

OUTPUT INTERFACE:

Congestion management 、 mark 、 congestion avoidance 、 shaping 、 policing 、 compressing 、 fragmentation and interleaving

QOS implementation method:

1meme QOS CLI (key points)

2,auto qos

3,sdm

4, traditional QOS command line: there is no unified model

QOS CLI:

1. Establish a model to define traffic classification: CLASS A, CLASS B, CLASS C

Definition CLASS MAP,class map has no serial number, is case-sensitive, and defaults to match all

Match all: all conditions must match

Match any: at least one condition must be matched

Class-map can also be nested

2. The build module defines the policy and specifies that the traffic is classified into the policy

Define POLICY MAP, case-sensitive, call up to 256class categories, can be nested

Policy map yy

Class xx

Bandwidth 1000 guarantees one megabyte of bandwidth

Default traffic for class class-default

Police 10000

Service-policy policy-name nested policy map

3, apply policies to interfaces

Define SERVICE POLICY

Service-policy {input | output} policy-map-name

Use of classification and tagging at the link layer

802.1P belongs to the higher three-bit bit (COS) in 802.1Q tags.

Mapping the tag bits between the second and third layers

You can call rate-limit directly under the API

Int s0/0

Rate-limit input | output.

ACL that matches the MAC address of the interface

Access-list rate-limit 100 XX:XX:XX

PQ

PQ is a priority queue. In case of congestion, PQ will transmit sub-priority data only when all the high-priority data has been transmitted.

However, you can limit the number of packets transmitted per queue

Configuration case:

1, put the data with a source IP of 20.1.1.0 + 24 into queue high

Access-list 20 permit 20.1.1.0 0.0.0.255

Priority-list 1 protocol ip high list 20

2, put the data with the source IP of 21.1.1.0 + 24 into the queue medium

Access-list 21 permit 21.1.1.0 0.0.0.255

Priority-list 1 protocol ip medium list 21

3. Put the data with port number TCP 23 into the queue normal

Priority-list 1 protocol ip normal tcp 23

4. Other data is put into queue low.

Priority-list 1 default low

5. Limit the number of big data packets per queue

Priority-list 1 queue-limit 400 300 200 100

6. Apply PQ to the interface

Int s0/0

Priority-group 1

View PQ parameters

Show queueing priority

CQ

There are 16 queues from 1 to 16 in CQ. Each queue can limit the total number of packets that can be transmitted, but real-time data cannot be guaranteed.

When the network is congested, the data in the first queue is transmitted first, and then the data in the second queue is transmitted when it reaches the rated number of packets.

Queue 0 is a super priority queue. The router always sends the data in queue 0 before processing packets in queues 1 to 16.

After configuring queues 1 to 16, users can configure the proportion of interface bandwidth that each queue can occupy at the same time, which is equivalent to the speed limit.

Configuration case:

1, put the data with the source IP of 20.1.1.0 + 24 into queue 1

Access-list 20 permit 20.1.1.0 0.0.0.255

Queue-list 1 protocol ip 1 list 20

2, put the data with the source IP of 21.1.1.0 + 24 into queue 2

Access-list 21 permit 21.1.1.0 0.0.0.255

Queue-list 1 protocol ip 2 list 21

3, put the data with port number TCP 23 into queue 3

Queue-list 1 protocol ip 3 tcp 23

4, other data is put into queue 4

Queue-list 1 default 4

5, limit the maximum number of bytes that each queue can transmit at a time. When the maximum number of bytes is passed, it will be transferred to the next queue for delivery

Queue-list 1 queue 1 byte-count 100

Queue-list 1 queue 2 byte-count 200

Queue-list 1 queue 3 byte-count 300

Queue-list 1 queue 4 byte-count 400

6. Limit the maximum number of big data packets that can be passed by each queue at a time.

Queue-list 1 queue 1 limit 10

Queue-list 1 queue 2 limit 20

Queue-list 1 queue 3 limit 30

Queue-list 1 queue 4 limit 40

7. Apply CQ to the API

Int s0/0

Custom-queue-list 1

View CQ parameters

Show queueing custom

CBWFQ

The system allocates each stream fairly according to the IP priority of each stream according to all available bandwidth of the interface.

CBWFQ extends and optimizes WFQ to allocate specific bandwidth for specific traffic, so that when allocating bandwidth, these specific traffic can only be allocated from the specific bandwidth of these partitions.

Configuration case:

1, match the traffic with the source address of 20.1.1.0 to 24 via ACL

Access-list 10 permit 20.1.1.0 0.0.0.255

2, match traffic with a source address of 20.1.1.0 to 24 via class-map

Class-map class20

Match access-group 10

3, divide the bandwidth for the traffic at the source address 20.1.1.0 Universe 24

Policy-map policy20

Class class20

Bandwidth 1000

4, all other traffic is allocated from all remaining available bandwidth

Policy-map policy20

Class class-default

The percentage is used by bandwidth remaining percent 100. it must be set as a percentage when setting the bandwidth before.

5. Apply CBWFQ under the interface

Int s0/0

Max-reserved-bandwidth 90 modifies the total available bandwidth of the interface

Service-policy output policy20

LLQ

LLQ allocates specific bandwidth for specific traffic, and the bandwidth allocated to specific traffic is absolutely guaranteed. No matter how busy the interface is, the traffic in LLQ can be transmitted first, but the bandwidth of these traffic cannot exceed the allocated bandwidth. If it exceeds, it does not matter. These excess traffic will be discarded only when there is congestion.

Configuration case:

1, match the traffic with the source address 10.1.1.0 Universe 24 via ACL

Access-list 10 permit 10.1.1.0 0.0.0.255

2, match the traffic with the source address of 20.1.1.0 to 24 via ACL

Access-list 20 permit 20.1.1.0 0.0.0.255

3, match the traffic with the source address of 10.1.1.0 and24 via class-map

Class-map net10

Match access-group 10

4, match the traffic with the source address of 20.1.1.0 to 24 via class-map

Class-map net20

Match access-group 20

5, use LLQ to assign 30 Mbit to traffic with a source address of 10.1.1.0 Universe 24

Policy-map band

Class net10

Priority percent 30 priority allocates bandwidth to traffic in LLQ, and the percentage after percent is the percentage of the total bandwidth of the interface

6. Use CBWFQ to allocate 50% of the remaining available bandwidth to traffic with a source address of 20.1.1.0 and24

Policy-map band

Class net20

Bandwidth remaining percent 50 remaining percent is the allocation ratio of the remaining bandwidth after allocation to LLQ

7. All available bandwidth of the interface should be 80Mbit.

Int s0/0

Max-reserved-bandwidth 80

8, application queue to interface S0Universe 0

Int s/0

Service-policy output band

As long as there is CBWFQ, the direction can only be out.

IP RTP

RTP-protected data streams can be wired before any traffic, even if LLQ and RTP occur at the same time, RTP traffic takes precedence over LLQ. Not all traffic can be protected by RTP. Only data with UDP destination port numbers of 16384 to 32767 can be protected, and the port number range can be defined at will.

Congestion avoidance

Tail Drop

When congestion occurs on an excuse, the last packet that arrives is always discarded until there is no congestion

WRED

When the interface is congested, it always ensures the delivery of high priority important data first, while discarding ordinary data.

Configuration:

1. Enable WRED based on IP priority under the API

Int s0/0

Random-detect

2. Enable DSCP-based WRED under the API

Int s0/0

Random-detect dscp-based

3. Check the WRED

Show queueing random-detect

4. Configure WRED under CBWFQ

Policy-map WWW

Class class-default

Bandwidth 100000

Random-detect configures CBWFQ for all traffic through the command bandwidth, and turns on WRED based on IP priority through the command random-detect.

WRED-Explicit Congestion Notification

DE

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Network Security

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report