學習CQ(定製隊列)的配置;本實驗首先用ACL定義一些流量。然後再將這些流量進行先後排隊,最後將排好隊的流量策略應用到接口上
1 過濾流量
R2(config)#access-list 101 permit ospf any any
R2(config)#access-list 101 permit eigrp any any
R2(config)#access-list 102 permit ip any 192.168.0.1 0.0.0.0
R2(config)#access-list 102 permit ip host 192.168.0.1 any
R2(config)#access-list 103 permit tcp any host 192.168.0.1 eq 23
R2(config)#access-list 103 permit tcp any host 192.168.0.1 eq 21
R2(config)#access-list 103 permit tcp any host 192.168.0.1 eq 20
R2(config)#access-list 104 permit udp any lt 200 any lt 200
R2(config)#access-list 104 permit tcp any range 135 139 any range 135 139
R2(config)#access-list 105 permit udp any range 16333 35252 any range 16333 35252
2 隊列排序
R2(config)#queue-list 1 protocol ip 1 list 101 //將與List101匹配的流量排在第一位
R2(config)#queue-list 1 protocol ip 2 list 102
R2(config)#queue-list 1 protocol ip 3 list 103
R2(config)#queue-list 1 protocol ip 4 list 104
R2(config)#queue-list 1 protocol ip 5 list 105
3 將CQ應用到接口
R2(config)#int s0
R2(config-if)#custom-queue-list 1 //將這個定製好的隊列應用到接口上
4 檢驗
R2#sh queueing //查看隊列
Current fair queue configuration:
Interface Discard Dynamic Reserved Link Priority
threshold queues queues queues queues
BRI0 64 16 0 8 1
BRI0:1 64 16 0 8 1
BRI0:2 64 16 0 8 1
Serial1 64 256 0 8 1
Current DLCI priority queue configuration:
Current priority queue configuration:
Current custom queue configuration:
List Queue Args
1 1 protocol ip list 101
1 2 protocol ip list 102
1 3 protocol ip list 103
1 4 protocol ip list 104
1 5 protocol ip list 105
QoS---PQ1
1 將udp協議的16333端口至35252端口都設爲低優先級
2 將rip設爲高優先級
R1(config)#priority-list 1 protocol ip low list 100 //建立優先級列表1,將與access-list 100匹配的流量設爲低優先級
R1(config)#access-list 100 permit udp any range 16333 35252 any range 16333 35252 //range命令是設定一個端口範圍
R1(config)#priority-list 1 protocol ip high udp rip
R1(config)#int s0
R1(config-if)#priority-group 1 //將優先級列表1應用到接口S0上
2 驗證
R1#sh queueing
Current fair queue configuration:
Interface Discard Dynamic Reserved
threshold queue count queue count
Serial1 64 256 0
Current priority queue configuration:
List Queue Args
1 low protocol ip list-100
1 high protocol ip udp port rip
R1#sh ip int s0
Serial0 is administratively down, line protocol is down
Internet protocol processing disabled
R1#sh int s0
Serial0 is administratively down, line protocol is down
Hardware is HD64570
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
Last input never, output 01:37:44, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 159
Queueing strategy: priority-list 1
Output queue (queue priority: size/max/drops):
high: 0/20/0, medium: 0/40/0, normal: 0/60/159, low: 0/80/0
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets put, 52588119 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 packets, 52588444 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 output buffer failures, 0 output buffers swapped out
6 carrier transitions
DCD=down DSR=down DTR=down RTS=down CTS=down
QoS----PQ2
1 將主機192.168.0.1設爲最高優先級
2 將192.168.0.0/24網段下的其他主機設爲中等優先級
3 將所有http流量設爲普通優先級
4 將所有ftp流量設爲低優先級
配置如下:
R1(config)#priority-list 2 protocol ip high list 2 //建立優先級列表2 ,將與access-list 2匹配的流量定爲高優先級
R1(config)#access-list 2 permit 192.168.0.1 0.0.0.0
R1(config)#priority-list 2 protocol ip medium list 3
R1(config)#access-list 3 deny 192.168.0.1 0.0.0.0
R1(config)#access-list 3 permit 192.168.0.0 0.0.0.255
R1(config)#priority-list 2 protocol ip normal tcp www
R1(config)#priority-list 2 protocol ip low tcp ftp
R1(config)#priority-list 2 protocol ip low tcp ftp-data
R1(config)#int s1
R1(config-if)#priority-group 2 //在接口S1上應用該優先級列表
R1#sh queueing //查看隊列
Current fair queue configuration:
Current priority queue configuration:
List Queue Args
2 high protocol ip list 2
2 medium protocol ip list 3
2 normal protocol ip tcp port www
2 low protocol ip tcp port ftp
2 low protocol ip tcp port ftp-data
QoS---CBWFQ(基於類分配帶寬)
CBWFQ(基於類分配帶寬)基本配置
實驗要求:給上一個實驗所定義的3種流量,QQ,SMTP,FTP分配不同的帶寬
1 定義流量 (直接調用上一個實驗的配置)
R4(config)#class-map QQ
R4(config-cmap)#match access-group name QQ //匹配一個名爲QQ的命名ACL
R4(config-cmap)#exi
R4(config)#ip access-list extended QQ
R4(config-ext-nacl)#permit ip any 61.172.240.0 0.0.0.255
R4(config-ext-nacl)#permit udp any any eq 4000
R4(config-ext-nacl)#permit udp any any eq 8000
R4(config-ext-nacl)#exi
R4(config)#class-map smtp
R4(config-cmap)#match access-group 100
R4(config-cmap)#exi
R4(config)#access-list 100 permit tcp any any eq smtp
R4(config)#class-map ftp
R4(config-cmap)#match access-group 101
R4(config-cmap)#exi
R4(config)#access-list 101 permit tcp any any eq 20
R4(config)#access-list 101 permit tcp any any eq 21
2 定義策略
R4(config)#policy-map CBWFQ
R4(config-pmap)#class QQ
R4(config-pmap-c)#bandwidth percent 5 //爲類型爲QQ的流量分配百分之五的帶寬
R4(config-pmap)#class smtp
R4(config-pmap-c)#bandwidth percent 25
R4(config-pmap)#class ftp
R4(config-pmap-c)#bandwidth percent 20
R4(config-pmap-c)#exi
3 應用到接口上
R4(config)#int s0
R4(config-if)#service-policy output CBWFQ
4 驗證
R4#sh policy-map //查看策略
Policy Map wy
Class QQ
police cir 10000 bc 1500
conform-action drop
exceed-action drop
Class smtp
police cir 10000 bc 1500
conform-action drop
exceed-action drop
Class ftp
police cir 10000 bc 1500
conform-action drop
exceed-action drop
Policy Map CBWFQ
Class QQ
Bandwidth 5 (%) Max Threshold 64 (packets)
Class smtp
Bandwidth 25 (%) Max Threshold 64 (packets)
Class ftp
Bandwidth 20 (%) Max Threshold 64 (packets)