In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-01 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
Aggregable network:
Coexistence of voice and video traffic
Lack of bandwidth, end-to-end delay, jitter delay, packet loss
Address bandwidth scarcity:
1, update bandwidth
2. Forward as important traffic
3, compress 2 layers
4, compress 3-layer flow
Delay:
1, processing delay
2, queue delay
3, serial delay (8bit converted to one byte)
4, link delay
Resolve delays:
1, update bandwidth
2. Forward important traffic
3, compress layer 2 load
4. Compress the ip header
Packet loss rate:
1minute tail drops: packets exceeding a certain depth queue are discarded
1. Network audit network audit
2business audit business audit
3Service levels required service level
QOS model classification:
1, best-effort model: no QOS services are applied
2. Integrated service model: before the application sends the program protocol, it initiates the signaling application service to the network.
3, DiffServ model: classify traffic
Do one's best to serve
Integrated services: guaranteed and predictable. End-to-end signaling protocol. Resource reservation
1 to provide multiple service levels 2
2, signaling protocol is required
3. Resource reservation protocol RSVP
4, use smart queues
Classification:
1. Guarantee speed service
2, load control service
Differentiated services: classify services. Different traffic has different service levels.
DiffServ model:
Classify traffic at the edge of the network
DSCP: differentiated services code point: based on each packet
Per-hop behaviors: per hop behavior
1. Support a variety of strategies
2. Separation of service and application
3, backward compatible nodes that do not support differentiated services
4. Support incremental deployment
DSCP coded address:
Ipv4 header format:
Versionlength tosbyte len id offset ttl proto fcs ipsa ipda data
The ip priority has three bits. Eight values are generated, and the higher the value, the higher the priority, which is just a marking method.
Diffserv field: using the tos field in ipv4
Dscp: 6bit using diffserv field to elect PHB (forwarding and queuing method)
Per-hop behaviors
1 0 1 1 1 0 DSCP
Top three
000=default (FIFO,tail drop) BE: no DiffServ model applied
101=expedited forwarding EF
001,010,011,or 100=assured forwarding AF
The last three
000=class selector (IP Precedence) CF
EF: accelerated forwarding 101110
1. Guarantee the minimum forwarding rate
2. Bandwidth is guaranteed and forwarding is given priority.
3. Bandwidth allocation plays a regulatory role.
Bits 5 to 7 IP "101" 5 uses the same as IP's TOS.
Bits 3 to 4 NO DROP probability "11"
Bits 2Rose 0'
AF: bandwidth guarantee 100110
1. Guarantee the minimum forwarding rate
DSCP VALUE RANGE:
Aaadd0
Four categories:
Af1,af2,af3,af4
Class value
Af1 001 dd 0
Af2 010 dd 0
Af3 011 dd 0
Af4 100 dd 0
The smaller the dd value, the more likely it is to be discarded.
The higher the af value, the more resources you get.
The last three digits of CF:XXX000 are always 0, which coincides with IP tos.
The larger the xxx, the higher the bandwidth resources.
QOS mechanism:
1, classification: DSCP, MQC
2, Mark
3, congestion management (queue mechanism): priority scheduling of queues; router exit interface takes effect; FIFO/WFQ/CBWFQ/LLQ/PQ/CQ
4, congestion avoidance: avoid tail drop and wred
5. Traffic control (speed limit) and × ×; the entry interface of the router takes effect (control), and the exit interface of the router takes effect (× × ×)
6, link effectiveness: fragmentation, cross-transfer, compression
INPUT INTERFACE:
Classify 、 mark 、 policing
OUTPUT INTERFACE:
Congestion management 、 mark 、 congestion avoidance 、 shaping 、 policing 、 compressing 、 fragmentation and interleaving
QOS implementation method:
1meme QOS CLI (key points)
2,auto qos
3,sdm
4, traditional QOS command line: there is no unified model
QOS CLI:
1. Establish a model to define traffic classification: CLASS A, CLASS B, CLASS C
Definition CLASS MAP,class map has no serial number, is case-sensitive, and defaults to match all
Match all: all conditions must match
Match any: at least one condition must be matched
Class-map can also be nested
2. The build module defines the policy and specifies that the traffic is classified into the policy
Define POLICY MAP, case-sensitive, call up to 256class categories, can be nested
Policy map yy
Class xx
Bandwidth 1000 guarantees one megabyte of bandwidth
Default traffic for class class-default
Police 10000
Service-policy policy-name nested policy map
3, apply policies to interfaces
Define SERVICE POLICY
Service-policy {input | output} policy-map-name
Use of classification and tagging at the link layer
802.1P belongs to the higher three-bit bit (COS) in 802.1Q tags.
Mapping the tag bits between the second and third layers
You can call rate-limit directly under the API
Int s0/0
Rate-limit input | output.
ACL that matches the MAC address of the interface
Access-list rate-limit 100 XX:XX:XX
PQ
PQ is a priority queue. In case of congestion, PQ will transmit sub-priority data only when all the high-priority data has been transmitted.
However, you can limit the number of packets transmitted per queue
Configuration case:
1, put the data with a source IP of 20.1.1.0 + 24 into queue high
Access-list 20 permit 20.1.1.0 0.0.0.255
Priority-list 1 protocol ip high list 20
2, put the data with the source IP of 21.1.1.0 + 24 into the queue medium
Access-list 21 permit 21.1.1.0 0.0.0.255
Priority-list 1 protocol ip medium list 21
3. Put the data with port number TCP 23 into the queue normal
Priority-list 1 protocol ip normal tcp 23
4. Other data is put into queue low.
Priority-list 1 default low
5. Limit the number of big data packets per queue
Priority-list 1 queue-limit 400 300 200 100
6. Apply PQ to the interface
Int s0/0
Priority-group 1
View PQ parameters
Show queueing priority
CQ
There are 16 queues from 1 to 16 in CQ. Each queue can limit the total number of packets that can be transmitted, but real-time data cannot be guaranteed.
When the network is congested, the data in the first queue is transmitted first, and then the data in the second queue is transmitted when it reaches the rated number of packets.
Queue 0 is a super priority queue. The router always sends the data in queue 0 before processing packets in queues 1 to 16.
After configuring queues 1 to 16, users can configure the proportion of interface bandwidth that each queue can occupy at the same time, which is equivalent to the speed limit.
Configuration case:
1, put the data with the source IP of 20.1.1.0 + 24 into queue 1
Access-list 20 permit 20.1.1.0 0.0.0.255
Queue-list 1 protocol ip 1 list 20
2, put the data with the source IP of 21.1.1.0 + 24 into queue 2
Access-list 21 permit 21.1.1.0 0.0.0.255
Queue-list 1 protocol ip 2 list 21
3, put the data with port number TCP 23 into queue 3
Queue-list 1 protocol ip 3 tcp 23
4, other data is put into queue 4
Queue-list 1 default 4
5, limit the maximum number of bytes that each queue can transmit at a time. When the maximum number of bytes is passed, it will be transferred to the next queue for delivery
Queue-list 1 queue 1 byte-count 100
Queue-list 1 queue 2 byte-count 200
Queue-list 1 queue 3 byte-count 300
Queue-list 1 queue 4 byte-count 400
6. Limit the maximum number of big data packets that can be passed by each queue at a time.
Queue-list 1 queue 1 limit 10
Queue-list 1 queue 2 limit 20
Queue-list 1 queue 3 limit 30
Queue-list 1 queue 4 limit 40
7. Apply CQ to the API
Int s0/0
Custom-queue-list 1
View CQ parameters
Show queueing custom
CBWFQ
The system allocates each stream fairly according to the IP priority of each stream according to all available bandwidth of the interface.
CBWFQ extends and optimizes WFQ to allocate specific bandwidth for specific traffic, so that when allocating bandwidth, these specific traffic can only be allocated from the specific bandwidth of these partitions.
Configuration case:
1, match the traffic with the source address of 20.1.1.0 to 24 via ACL
Access-list 10 permit 20.1.1.0 0.0.0.255
2, match traffic with a source address of 20.1.1.0 to 24 via class-map
Class-map class20
Match access-group 10
3, divide the bandwidth for the traffic at the source address 20.1.1.0 Universe 24
Policy-map policy20
Class class20
Bandwidth 1000
4, all other traffic is allocated from all remaining available bandwidth
Policy-map policy20
Class class-default
The percentage is used by bandwidth remaining percent 100. it must be set as a percentage when setting the bandwidth before.
5. Apply CBWFQ under the interface
Int s0/0
Max-reserved-bandwidth 90 modifies the total available bandwidth of the interface
Service-policy output policy20
LLQ
LLQ allocates specific bandwidth for specific traffic, and the bandwidth allocated to specific traffic is absolutely guaranteed. No matter how busy the interface is, the traffic in LLQ can be transmitted first, but the bandwidth of these traffic cannot exceed the allocated bandwidth. If it exceeds, it does not matter. These excess traffic will be discarded only when there is congestion.
Configuration case:
1, match the traffic with the source address 10.1.1.0 Universe 24 via ACL
Access-list 10 permit 10.1.1.0 0.0.0.255
2, match the traffic with the source address of 20.1.1.0 to 24 via ACL
Access-list 20 permit 20.1.1.0 0.0.0.255
3, match the traffic with the source address of 10.1.1.0 and24 via class-map
Class-map net10
Match access-group 10
4, match the traffic with the source address of 20.1.1.0 to 24 via class-map
Class-map net20
Match access-group 20
5, use LLQ to assign 30 Mbit to traffic with a source address of 10.1.1.0 Universe 24
Policy-map band
Class net10
Priority percent 30 priority allocates bandwidth to traffic in LLQ, and the percentage after percent is the percentage of the total bandwidth of the interface
6. Use CBWFQ to allocate 50% of the remaining available bandwidth to traffic with a source address of 20.1.1.0 and24
Policy-map band
Class net20
Bandwidth remaining percent 50 remaining percent is the allocation ratio of the remaining bandwidth after allocation to LLQ
7. All available bandwidth of the interface should be 80Mbit.
Int s0/0
Max-reserved-bandwidth 80
8, application queue to interface S0Universe 0
Int s/0
Service-policy output band
As long as there is CBWFQ, the direction can only be out.
IP RTP
RTP-protected data streams can be wired before any traffic, even if LLQ and RTP occur at the same time, RTP traffic takes precedence over LLQ. Not all traffic can be protected by RTP. Only data with UDP destination port numbers of 16384 to 32767 can be protected, and the port number range can be defined at will.
Congestion avoidance
Tail Drop
When congestion occurs on an excuse, the last packet that arrives is always discarded until there is no congestion
WRED
When the interface is congested, it always ensures the delivery of high priority important data first, while discarding ordinary data.
Configuration:
1. Enable WRED based on IP priority under the API
Int s0/0
Random-detect
2. Enable DSCP-based WRED under the API
Int s0/0
Random-detect dscp-based
3. Check the WRED
Show queueing random-detect
4. Configure WRED under CBWFQ
Policy-map WWW
Class class-default
Bandwidth 100000
Random-detect configures CBWFQ for all traffic through the command bandwidth, and turns on WRED based on IP priority through the command random-detect.
WRED-Explicit Congestion Notification
DE
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.