队列和拥塞配置指南
Fast Switching和CEF
提问 给路由器配置最有效的包交换算法
回答
Fast Switching缺省是启用的
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface FastEthernet0/0
Router(config-if)#ip route-cache
Router(config-if)#exit
Router(config)#end
Router#
如果使用策略,需要下面的命令
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface FastEthernet0/0
Router(config-if)#ip route-cache policy
Router(config-if)#exit
Router(config)#end
Router#
CEF缺省是没有启用的,全局和端口启用
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#ip cef
Router(config)#interface FastEthernet0/0
Router(config-if)#ip route-cache cef
Router(config-if)#exit
Router(config)#end
Router#
注释 除了上面的policy参数以外,还有下面的参数来保证进出是同一物理接口
Router(config)#interface Serial0/0
Router(config-if)#ip route-cache same-interface
可以使用下面命令进行验证show cef interface show cef drop 和 show cef not-cef-switched show ip cef
11.2. 设置DSCP 或者TOS位
提问 路由器标记特定数据包的DSCP或者TOS位
回答
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#access-list 101 permit any eq ftp any
Router(config)#access-list 101 permit any any eq ftp
Router(config)#access-list 102 permit any eq ftp-data any
Router(config)#access-list 102 permit any any eq ftp-data
Router(config)#class-map match-all ser00-ftpcontrol
Router(config-cmap)#description branch ftp control traffic
Router(config-cmap)#match input-interface serial0/0
Router(config-cmap)#match access-group 101
Router(config-cmap)#exit
Router(config)#class-map match-all ser00-ftpdata
Router(config-cmap)#description branch ftp data traffic
Router(config-cmap)#match input-interface serial0/0
Router(config-cmap)#match access-group 102
Router(config-cmap)#exit
Router(config)#policy-map serialftppolicy
Router(config-pmap)#description branch ftp traffic policy
Router(config-pmap)#class ser00-ftpcontrol
Router(config-pmap-c)#set ip precedence immediate
Router(config-pmap-c)#exit
Router(config-pmap)#class ser00-ftpdata
Router(config-pmap-c)#set ip precedence priority
Router(config-pmap-c)#exit
Router(config-pmap)#exit
Router(config)#interface serial0/0
Router(config-if)#ip route-cache policy
Router(config-if)#service-policy input serialftppolicy
Router(config-if)#exit
Router(config)#end
Router#
注释 先使用classmap来定义特殊的数据流,然后使用policymap来对TOS位进行标记
11.3. 使用优先级队列(Priority Queuing)
提问 使用优先级队列这种严格的方式来保证高优先级的数据先被处理
回答
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#access-list 101 permit ip any any precedence 5 tos 12
Router(config)#access-list 102 permit ip any any precedence 4
Router(config)#access-list 103 permit ip any any precedence 3
Router(config)#priority-list 1 protocol ip high list 101
Router(config)#priority-list 1 protocol ip medium list 102
Router(config)#priority-list 1 protocol ip normal list 103
Router(config)#priority-list 1 default low
Router(config)#interface Ethernet0
Router(config-if)#priority-group 1
Router(config-if)#exit
Router(config)#end
Router#
注释 单纯使用优先级队列可能会导致高优先级的数据占用掉所有的带宽。precedence 5 tos 12 等同于dscp ef。缺省情况下会被不匹配的数据包归入到normal优先级队列,本例中特别配置其归入了low优先级队列。Show interface命令可以看到缺省各个队列大小(high优先级为20个,medium为40个,依次递增)
Output queue (queue priority: size/max/drops):
high: 0/20/0, medium: 0/40/0, normal 0/60/0, low 0/80/0
可以使用Router(config)#priority-list 1 queue-limit 10 15 25 35 命令来修改。建议使用LLQ或者CBWFQ来替代单纯的优先级队列
11.4. 使用自定义队列(Custom Queuing)
提问 根据数据流中IP优先级的不同来自定义队列共享带宽
回答
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#access-list 103 permit ip any any precedence 5
Router(config)#access-list 104 permit ip any any precedence 4
Router(config)#access-list 105 permit ip any any precedence 3
Router(config)#access-list 106 permit ip any any precedence 2
Router(config)#access-list 107 permit ip any any precedence 1
Router(config)#queue-list 1 protocol ip 3 list 103
Router(config)#queue-list 1 protocol ip 4 list 104
Router(config)#queue-list 1 protocol ip 5 list 105
Router(config)#queue-list 1 queue 5 byte-count 3000 limit 55
Router(config)#queue-list 1 protocol ip 6 list 106
Router(config)#queue-list 1 protocol ip 7 list 107
Router(config)#queue-list 1 default 8
Router(config)#interface HSSI0/0
Router(config-if)#custom-queue-list 1
Router(config-if)#exit
Router(config)#end
Router#
注释 通过配置自定义队列可以生成16个应用队列和1个系统队列。
Queuing strategy: custom-list 1
Output queues: (queue #: size/max/drops)
0: 0/20/0 1: 0/20/0 2: 0/20/0 3: 0/20/0 4: 0/20/0
5: 0/55/3 6: 5/20/0 7: 0/20/0 8: 0/20/0 9: 0/20/0
10: 0/20/0 11: 0/20/0 12: 0/20/0 13: 0/20/0 14: 0/20/0
15: 0/20/0 16: 0/20/0
缺省情况下自定义队列不会对无分类的数据流进行队列归属,所以需要配置一个缺省队列。缺省情况下每个队列会读取1500字节,每个队列可最多保存20个数据包,可以通过queue-list 1 queue 5 byte-count 3000 limit 55 命令来修改。
对于这种队列方式需要注意的是队列是基于字节的不是基于数据包的,所以对于字节下的数据流会发送相对多的数据包,但是总体来说流量是平均的。此种方式也是比较老的方案,推荐使用CBWFQ
11.5. 自定义队列混和优先级队列
提问 高优先级数据优先处理,低优先级数据共享带宽
回答
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#access-list 101 permit ip any any precedence 7
Router(config)#access-list 102 permit ip any any precedence 6
Router(config)#access-list 103 permit ip any any precedence 5
Router(config)#access-list 104 permit ip any any precedence 4
Router(config)#access-list 105 permit ip any any precedence 3
Router(config)#access-list 106 permit ip any any precedence 2
Router(config)#access-list 107 permit ip any any precedence 1
Router(config)#queue-list 1 protocol ip 1 list 101
Router(config)#queue-list 1 protocol ip 2 list 102
Router(config)#queue-list 1 protocol ip 3 list 103
Router(config)#queue-list 1 protocol ip 4 list 104
Router(config)#queue-list 1 protocol ip 5 list 105
Router(config)#queue-list 1 protocol ip 6 list 106
Router(config)#queue-list 1 protocol ip 7 list 107
Router(config)#queue-list 1 lowest-custom 4
Router(config)#interface HSSI0/0
Router(config-if)#custom-queue-list 1
Router(config-if)#exit
Router(config)#end
Router#
注释 相比11.4多了一个queue-list 1 lowest-custom 4 ,这样123.被定义为优先级队列
11.6. 使用加权公平队列(Weighted Fair Queuing)
提问 根据TOS/DSCP位来转发数据包
回答
缺省情况下WFQ会自动在小于2M速率的接口启用
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface Serial0/0
Router(config-if)#fair-queue 64 512 10
Router(config-if)#exit
Router(config)#end
Router#
注释 WFQ在没有TOS/DSCP标记的情况下依然可以工作。命令后面的参数分为三个,第一个为丢弃阀值,某个队列如果超过64个数据包,以后的数据包就会被丢弃,第二个为动态队列数目,是16的倍数,如果端口有很多的数据流建议增加,第三个为RSVP预留队列,缺省为0。
11.7. 使用基于类的加权公平队列(Using Class-Based Weighted Fair Queuing)
提问 在端口上配置基于类的加权公平队列
回答
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#class-map highprec
Router(config-cmap)#description Highest priority Prec=5
Router(config-cmap)#match ip precedence 5
Router(config-cmap)#exit
Router(config)#class-map medhiprec
Router(config-cmap)#description Medium-high priority Prec=4
Router(config-cmap)#match ip precedence 4
Router(config-cmap)#exit
Router(config)#class-map medloprec
Router(config-cmap)#description Medium-low priority Prec=2,3
Router(config-cmap)#match ip precedence 2 3
Router(config-cmap)#exit
Router(config)#policy-map cbwfqpolicy
Router(config-pmap)#class highprec
Router(config-pmap-c)#bandwidth percent 25
Router(config-pmap-c)#exit
Router(config-pmap)#class medhiprec
Router(config-pmap-c)#bandwidth percent 25
Router(config-pmap-c)#exit
Router(config-pmap)#class medloprec
Router(config-pmap-c)#bandwidth percent 25
Router(config-pmap-c)#exit
Router(config-pmap)#class class-default
Router(config-pmap-c)#fair-queue 512
Router(config-pmap-c)#queue-limit 96
Router(config-pmap-c)#exit
Router(config-pmap)#exit
Router(config)#interface serial0/1
Router(config-if)#service-policy output cbwfqpolicy
Router(config-if)#exit
Router(config)#end
Router#
注释
11.8. 使用NBAR
提问 使用NBAR(Network Based Application Recognition)在应用层对数据进行识别和分类
回答
Router1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router1(config)#ip cef
Router1(config)#class-map INTERACTIVE
Router1(config-cmap)#match protocol citrix
Router1(config-cmap)#match protocol telnet
Router1(config-cmap)#exit
Router1(config)#policy-map QoSPolicy
Router1(config-pmap)#class INTERACTIVE
Router1(config-pmap-c)#bandwidth percent 50
Router1(config-pmap-c)#set dscp ef
Router1(config-pmap-c)#exit
Router1(config-pmap)#class class-default
Router1(config-pmap-c)#bandwidth percent 20
Router1(config-pmap-c)#random-detect dscp-based
Router1(config-pmap-c)#exit
Router1(config-pmap)#exit
Router1(config)#interface FastEthernet0/0
Router1(config-fi)#service-policy inbound QoSPolicy
Router1(config-if)#exit
Router1(config)#end
Router1#
思科支持在网上PDLM(Packet Description Language Module)来激活NBAR分类
Router1#show flash
System flash directory:
File Length Name/status
1 23169076 c2600-ipvoice-mz.124-10.bin
2 3100 bittorrent.pdlm
[23172304 bytes used, 9857836 available, 33030140 total]
32768K bytes of processor board System flash (Read/Write)
Router1#Router1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router1(config)#ip nbar pdlm flash://bittorrent.pdlm
Router1(config)#class-map BITTORRENT
Router1(config-cmap)#match protocol bittorrent
Router1(config-cmap)#exit
Router1(config)#end
Router1#
也可以使用NBAR来自动对网络协议进行分类统计
Router1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router1(config)#interface FastEthernet0/0
Router1(config-if)#ip nbar protocol-discovery
Router1(config-if)#exit
Router1(config)#end
Router1#
注释 NBAR会增加CPU利用率。Router1#show ip nbar protocol-discovery top-n 5 可以显示出NBAR所识别各个协议数据统计
<!–[if !supportLists]–>11.9. <!–[endif]–>使用WRED来控制拥塞
提问
回答
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#class-map Prec5
Router(config-cmap)#description Critical
Router(config-cmap)#match ip precedence 5
Router(config-cmap)#exit
Router(config)#policy-map cb_wred
Router(config-pmap)#class Prec5
Router(config-pmap-c)#random-detect dscp-based
Router(config-pmap-c)#exit
Router(config-pmap)#class class-default
Router(config-pmap-c)#fair-queue 512
Router(config-pmap-c)#queue-limit 96
Router(config-pmap-c)#random-detect dscp-based
Router(config-pmap-c)#exit
Router(config-pmap)#exit
Router(config)#interface HSSI0/1
Router(config-if)#service-policy output cb_wred
Router(config-if)#exit
Router(config)#end
Router#
注释
11.10. 使用RSVP
提问 在网络中启用RSVP
回答
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#access-list 15 permit ip 192.168.1.0 0.0.0.255
Router(config)#interface FastEthernet0/0
Router(config-if)#ip rsvp bandwidth 128 56
Router(config-if)#ip rsvp neighbor 15
Router(config-if)#exit
Router(config)#end
Router#
注释 配置RSVP之前,接口要配置WFQ, CBWFQ, 或者WRED
11.11. Manual RSVP Reservations
提问
回答
Sender主机(192.168.100.202)连接R1
Router1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router1(config)#interface FastEthernet0/0
Router1(config-if)#ip address 192.168.100.21 255.255.255.0
Router1(config-if)#ip rsvp bandwidth 128 56
Router1(config-if)#exit
Router1(config)#interface Serial0/0
Router1(config-if)#no ip address
Router1(config-if)#encapsulation frame-relay
Router1(config-if)#fair-queue 64 256 37
Router1(config-if)#ip rsvp bandwidth
Router1(config-if)#exit
Router1(config)#interface Serial0/0.1 point-to-point
Router1(config-subif)#ip address 192.168.55.9 255.255.255.252
Router1(config-subif)#frame-relay interface-dlci 904
Router1(config-fr-dlci)#ip rsvp bandwidth 128 56
Router1(config-subif)#exit
Router1(config)#ip rsvp sender 192.168.9.100 192.168.100.202 UDP 1300 1300 192.168.100.202 FastEthernet0/0 55 1
Router1(config)#end
Router1#
Receiver主机(192.168.9.100)连接R4
Router4# configure terminal
Router4(config)#interface Ethernet0/0
Router4(config-if)#ip address 192.168.9.3 255.255.255.0
Router4(config-if)#ip rsvp bandwidth 128 56
Router4(config-if)#exit
Router4(config)#interface Serial0/0
Router4(config-if)#no ip address
Router4(config-if)#encapsulation frame-relay
Router4(config-if)#fair-queue 64 256 37
Router4(config-if)#ip rsvp bandwidth
Router4(config-if)#exit
Router4(config)#interface Serial0/0.1 point-to-point
Router4(config-subif)#ip address 192.168.56.5 255.255.255.252
Router4(config-subif)#frame-relay interface-dlci 107
Router4(config-fr-dlci)#ip rsvp bandwidth 128 56
Router4(config-subif)#exit
Router4(config)#ip rsvp reservation 192.168.9.100 192.168.100.202 UDP 1300 1300 192.168.9.100 Ethernet0/0 FF RATE 55 1
Router4(config)#end
Router4#
注释
11.12. 聚合RSVP的预留(Aggregating RSVP Reservations)
提问 聚合多个RSVP这样核心网络不需要对每个数据流进行追踪
回答
Router2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router2(config)#interface FastEthernet0/0
Router2(config-if)#ip address 192.168.101.1 255.255.255.0
Router2(config-if)#ip rsvp bandwidth 128 56
Router2(config-if)#ip rsvp data-packet classification none
Router2(config-if)#ip rsvp resource-provider none
Router2(config-if)#exit
Router2(config)#interface Serial0/0.1 point-to-point
Router2(config-subif)#ip address 192.168.55.10 255.255.255.252
Router2(config-subif)#frame-relay interface-dlci 409
Router2(config-fr-dlci)#ip rsvp bandwidth 128 56
Router2(config-subif)#ip rsvp data-packet classification none
Router2(config-subif)#ip rsvp resource-provider none
Router2(config-subif)#exit
Router2(config)#end
Router2#
注释 RSVP扩展性不强,对于核心网络还是使用传统的DSCP标记方式,12.2(2)T的IOS引入了新的办法来解决此问题,核心配置RSVP来支持RSVP Requests,但是队列的时候不需要使用RSVP的信息
11.13. Using Generic Traffic Shaping
提问
回答
注释
11.14. Using Frame-Relay Traffic Shaping
提问
回答
注释
11.15. Using Committed Access Rate
提问
回答
注释
11.16. 部署基于标准的PHB(Per-Hop Behavior)
提问 配置基于规范的根据DSCP位的PHB
回答
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#class-map EF
Router(config-cmap)#description Real-time application traffic
Router(config-cmap)#match ip precedence 5
Router(config-cmap)#exit
Router(config)#class-map AF1x
Router(config-cmap)#description Priority Class 1
Router(config-cmap)#match ip precedence 1
Router(config-cmap)#exit
Router(config)#class-map AF2x
Router(config-cmap)#description Priority Class 2
Router(config-cmap)#match ip precedence 2
Router(config-cmap)#exit
Router(config)#class-map AF3x
Router(config-cmap)#description Priority Class 3
Router(config-cmap)#match ip precedence 3
Router(config-cmap)#exit
Router(config)#class-map AF4x
Router(config-cmap)#description Priority Class 4
Router(config-cmap)#match ip precedence 4
Router(config-cmap)#exit
Router(config)#policy-map cbwfq_pq
Router(config-pmap)#class EF
Router(config-pmap-c)#priority 58 800
Router(config-pmap-c)#exit
Router(config-pmap)#class AF1x
Router(config-pmap-c)#bandwidth percent 15
Router(config-pmap-c)#random-detect dscp-based
Router(config-pmap-c)#exit
Router(config-pmap)#class AF2x
Router(config-pmap-c)#bandwidth percent 15
Router(config-pmap-c)#random-detect dscp-based
Router(config-pmap-c)#exit
Router(config-pmap)#class AF3x
Router(config-pmap-c)#bandwidth percent 15
Router(config-pmap-c)#random-detect dscp-based
Router(config-pmap-c)#exit
Router(config-pmap)#class AF4x
Router(config-pmap-c)#bandwidth percent 15
Router(config-pmap-c)#random-detect dscp-based
Router(config-pmap-c)#exit
Router(config-pmap)#class class-default
Router(config-pmap-c)#fair-queue 512
Router(config-pmap-c)#queue-limit 96
Router(config-pmap-c)#exit
Router(config-pmap)#exit
Router(config)#interface HSSI0/1
Router(config-if)#service-policy output cbwfqpolicy
Router(config-if)#exit
Router(config)#end
Router#
注释
11.17. AutoQoS
提问 配置路由器自动生成Voip或者一般数据包的QoS策略配置
回答
一种是针对VoIP数据的
Router1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router1(config)#ip cef
Router1(config)#interface Serial0/0
Router1(config-if)#no ip address
Router1(config-if)#encapsulation frame-relay
Router1(config-if)#exit
Router1(config)#interface Serial0/0.1 point-to-point
Router1(config-subif)#ip address 192.168.55.9 255.255.255.252
Router1(config-subif)#frame-relay interface-dlci 904
Router1(config-fr-dlci)#auto qos voip
%Creating new map-class.
Router1(config-fr-dlci)#exit
Router1(config-subif)#exit
Router1(config)#end
Router1#
*Mar 1 01:32:55.031: %RMON-5-FALLINGTRAP: Falling trap is generated because the
value of cbQosCMDropBitRate.1169.1171 has fallen below the falling-threshold va
lue 0
Router1#
针对一般的IP数据包,第一步是流量模式的收集
Router1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router1(config)#ip cef
Router1(config)#interface Serial0/0
Router1(config-if)#no ip address
Router1(config-if)#encapsulation frame-relay
Router1(config-if)#exit
Router1(config)#interface Serial0/0.1 point-to-point
Router1(config-subif)#ip address 192.168.55.9 255.255.255.252
Router1(config-subif)#frame-relay interface-dlci 904
Router1(config-fr-dlci)#auto discovery qos
Router1(config-fr-dlci)#exit
Router1(config-subif)#exit
Router1(config)#end
Router1#
第二步是生成策略
Router1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router1(config)#interface Serial0/0.1 point-to-point
Router1(config-subif)#frame-relay interface-dlci 904
Router1(config-fr-dlci)#auto qos
%Creating new map-class.
Router1(config-fr-dlci)#no auto discovery qos
Router1(config-fr-dlci)#exit
Router1(config-subif)#exit
Router1(config)#end
Router1#
注释 AutoQoS很好,但是有下面几个限制:只能针对点对点的链路,不能和frame map或者virtual templates一起使用,不能用于SVC,两端必须同时配置,必须禁止掉所有的服务策略或者access-groups即使用于其他的端口,要启用CEF。针对VoIP的AutoQoS引自12.2(15)T,通过一个宏来生成配置,可以用show auto qos来查看。针对通用IP数据流的引自12.3(7)T,自动针对数据流分类至十个不同类别,要先用auto qos然后再no掉原来的discovery。注意的是你如果后来想不用auto qos了,虽然可以no auot qos但是还是有很多配置是没法自动清除的,记得要保存之前的show auto qos的输出。AutoQoS不是万能的,要慎用
查看队列参数
提问 查看当前端口的队列配置
回答
Router#show queue FastEthernet0/0
Router#show queuing
注释 配置优先级队列或者自定义队列的时候show queue命令没有相应的输出
(文章内容如有侵权,敬请来信告知,我们将及时撤销)