• 产品与解决方案
  • 行业解决方案
  • 服务
  • 支持
  • 合作伙伴
  • 新华三人才研学中心
  • 关于我们

07-ACL和QoS配置举例

目录

07-重标记与队列调度典型配置举例

本章节下载 07-重标记与队列调度典型配置举例  (233.68 KB)

07-重标记与队列调度典型配置举例


1  简介

本文档介绍了重标记、优先级映射与队列调度的配置举例。

重标记是将报文的优先级或者标志位进行设置,重新分配报文的优先级值等。

队列调度是指当设备的某个端口发生拥塞时,先通过配置队列调度策略修改各队列的调度参数,然后在该端口应用该策略来实现拥塞管理功能。

2  配置前提

本文档中的配置均是在实验室环境下进行的配置和验证,配置前设备的所有参数均采用出厂时的缺省配置。如果您已经对设备进行了配置,为了保证配置效果,请确认现有配置和以下举例中的配置不冲突。

本文假设您已了解队列调度特性。

3  使用限制

dscp/exp/dot1p/lp/dp重标记与下列QoS动作冲突:流量过滤(filter deny命令)、重定向到CPU(redirect cpu命令)以及带颜色的报文优先级映射(primap命令)。

4  重标记与队列调度典型配置举例

4.1  组网需求

图1所示,某公司在省内各市和省中心之间通过双上行链路互连,公司内网的业务分为以下三种:

·     视频相关业务:使用IP网段10.1.0.0/16(其中省中心内网使用IP网段10.1.1.0/24;A市内网使用IP网段10.1.2.0/24……F市内网使用IP网段10.1.7.0/24);

·     生产相关业务:使用IP网段10.2.0.0/16(其中省中心内网使用IP网段10.2.1.0/24;A市内网使用IP网段10.2.2.0/24……F市内网使用IP网段10.2.7.0/24);

·     语音相关业务:使用IP网段10.3.0.0/16(其中省中心内网使用IP网段10.3.1.0/24;A市内网使用IP网段10.3.2.0/24……F市内网使用IP网段10.3.7.0/24)。

现要求通过配置队列调度策略实现当网络发生拥塞时,三种业务(视频相关业务:生产相关业务:语音相关业务)之间按照调度比重2:1:1的权重进行调度。

图1 配置组网图

 

4.2  配置思路

由于本例中三种业务均为IP业务,为了将三种业务流量入不同的队列,可以重新标记报文的本地优先级,将不同的业务流量指定至对应的队列中。

当发生拥塞时,若要实现三种业务按照2:1:1的权重比例进行调度,需要将三种业务规划到同一WRR优先组的不同队列中。在本例中指定视频业务为队列2,生产业务为队列3,语音业务为队列4(缺省情况下,端口输出队列的调度方式为SP队列),并通过配置指定队列的调度策略来实现三个队列之间的调度权重比为2:1:1。

4.3  适用产品及版本

表1 适用产品及版本

产品

软件版本

S6550X-HI系列

Release 1116及以上版本、Release 1213P01及以上版本

S6880系列

Release 1116及以上版本、Release 1213P01及以上版本

S9820-8M

Release 1116及以上版本、Release 1213P01及以上版本

S5580X-HI系列

Release 1213P01及以上版本

S5580X-EI系列

Release 1213P01及以上版本

 

4.4  配置步骤

4.4.1  Device S1的配置

说明

Device S2的配置和Device S1的配置相似,此处仅以Device S1的配置为例。详细配置可参见

配置文件

 

(1)     在内网入端口区分不同业务的流量进入不同的队列

# 创建ACL 3000用于匹配视频业务,并创建流行为重标记该业务的本地优先级为2。

<DeviceS1> system-view

[DeviceS1] acl advanced 3000

[DeviceS1-acl-ipv4-adv-3000] rule 0 permit ip source 10.1.1.0 0.0.0.255 destination 10.1.0.0 0.0.255.255

[DeviceS1-acl-ipv4-adv-3000] quit

[DeviceS1] traffic classifier video

[DeviceS1-classifier-video] if-match acl 3000

[DeviceS1-classifier-video] quit

[DeviceS1] traffic behavior video

[DeviceS1-behavior-video] remark local-precedence 2

[DeviceS1-behavior-video] quit

# 创建ACL 3001用于匹配生产业务,并创建流行为重标记该业务的本地优先级为3。

[DeviceS1] acl advanced 3001

[DeviceS1-acl-ipv4-adv-3001] rule 0 permit ip source 10.2.1.0 0.0.0.255 destination 10.2.0.0 0.0.255.255

[DeviceS1-acl-ipv4-adv-3001] quit

[DeviceS1] traffic classifier production

[DeviceS1-classifier-production] if-match acl 3001

[DeviceS1-classifier-production] quit

[DeviceS1] traffic behavior production

[DeviceS1-behavior-production] remark local-precedence 3

[DeviceS1-behavior-production] quit

# 创建ACL 3002用于匹配语音业务,并创建流行为重标记该业务的本地优先级为4。

[DeviceS1] acl advanced 3002

[DeviceS1-acl-ipv4-adv-3002] rule 0 permit ip source 10.3.1.0 0.0.0.255 destination 10.3.0.0 0.0.255.255

[DeviceS1-acl-ipv4-adv-3002] quit

[DeviceS1] traffic classifier voice

[DeviceS1-classifier-voice] if-match acl 3002

[DeviceS1-classifier-voice] quit

[DeviceS1] traffic behavior voice

[DeviceS1-behavior-voice] remark local-precedence 4

[DeviceS1-behavior-voice] quit

# 配置QoS策略policy1,为三种业务流量分别指定对应的流行为。

[DeviceS1] qos policy policy1

[DeviceS1-qospolicy-policy1] classifier video behavior video

[DeviceS1-qospolicy-policy1] classifier production behavior production

[DeviceS1-qospolicy-policy1] classifier voice behavior voice

[DeviceS1-qospolicy-policy1] quit

# 在业务流量的入端口Twenty-FiveGigE1/0/3上应用QoS策略policy1。

[DeviceS1] interface twenty-fivegige 1/0/3

[DeviceS1-Twenty-FiveGigE1/0/3] qos apply policy policy1 inbound

[DeviceS1-Twenty-FiveGigE1/0/3] quit

(2)     在外网出端口配置调度策略

# 配置队列调度策略qm1,实现视频、生产和语音三个队列之间的调度权重比为2:1:1。

[DeviceS1] qos qmprofile qm1

[DeviceS1-qmprofile-qm1] queue 2 wrr group 1 byte-count 2

[DeviceS1-qmprofile-qm1] queue 3 wrr group 1 byte-count 1

[DeviceS1-qmprofile-qm1] queue 4 wrr group 1 byte-count 1

[DeviceS1-qmprofile-qm1] quit

# 在业务流量的出端口Twenty-FiveGigE1/0/1和Twenty-FiveGigE1/0/2上应用队列调度策略qm1。

[DeviceS1] interface twenty-fivegige 1/0/1

[DeviceS1-Twenty-FiveGigE1/0/1] qos apply qmprofile qm1

[DeviceS1-Twenty-FiveGigE1/0/1] quit

[DeviceS1] interface twenty-fivegige 1/0/2

[DeviceS1-Twenty-FiveGigE1/0/2] qos apply qmprofile qm1

[DeviceS1-Twenty-FiveGigE1/0/2] quit

4.4.2  Device A1的配置

说明

Device A2、Device F1和Device F2的配置和Device A1的配置相似,此处仅以Device A1的配置为例。详细配置可参见

配置文件

 

(1)     在内网端口区分不同业务的流量进入不同的队列

# 创建ACL 3000用于匹配视频业务,并创建流行为重标记该业务的本地优先级为2。

<DeviceA1> system-view

[DeviceA1] acl advanced 3000

[DeviceA1-acl-ipv4-adv-3000] rule 0 permit ip source 10.1.2.0 0.0.0.255 destination 10.1.0.0 0.0.255.255

[DeviceA1-acl-ipv4-adv-3000] quit

[DeviceA1] traffic classifier video

[DeviceA1-classifier-video] if-match acl 3000

[DeviceA1-classifier-video] quit

[DeviceA1] traffic behavior video

[DeviceA1-behavior-video] remark local-precedence 2

[DeviceA1-behavior-video] quit

# 创建ACL 3001用于匹配生产业务,并创建流行为重标记该业务的本地优先级为3。

[DeviceA1] acl advanced 3001

[DeviceA1-acl-ipv4-adv-3001] rule 0 permit ip source 10.2.2.0 0.0.0.255 destination 10.2.0.0 0.0.255.255

[DeviceA1-acl-ipv4-adv-3001] quit

[DeviceA1] traffic classifier production

[DeviceA1-classifier-production] if-match acl 3001

[DeviceA1-classifier-production] quit

[DeviceA1] traffic behavior production

[DeviceA1-behavior-production] remark local-precedence 3

[DeviceA1-behavior-production] quit

# 创建ACL 3002用于匹配语音业务,并创建流行为重标记该业务的本地优先级为4。

[DeviceA1] acl advanced 3002

[DeviceA1-acl-ipv4-adv-3002] rule 0 permit ip source 10.3.2.0 0.0.0.255 destination 10.3.0.0 0.0.255.255

[DeviceA1-acl-ipv4-adv-3002] quit

[DeviceA1] traffic classifier voice

[DeviceA1-classifier-voice] if-match acl 3002

[DeviceA1-classifier-voice] quit

[DeviceA1] traffic behavior voice

[DeviceA1-behavior-voice] remark local-precedence 4

[DeviceA1-behavior-voice] quit

# 配置QoS策略policy1,为三种业务流量分别指定对应的流行为。

[DeviceA1] qos policy policy1

[DeviceA1-qospolicy-policy1] classifier video behavior video

[DeviceA1-qospolicy-policy1] classifier production behavior production

[DeviceA1-qospolicy-policy1] classifier voice behavior voice

[DeviceA1-qospolicy-policy1] quit

# 在业务流量的入端口Twenty-FiveGigE1/0/3上应用QoS策略policy1。

[DeviceA1] interface twenty-fivegige 1/0/3

[DeviceA1-Twenty-FiveGigE1/0/3] qos apply policy policy1 inbound

[DeviceA1-Twenty-FiveGigE1/0/3] quit

(2)     在外网端口配置调度策略

# 配置队列调度策略qm1,实现语音、生产和视频三个队列之间的调度权重比为1:1:2。

[DeviceA1] qos qmprofile qm1

[DeviceA1-qmprofile-qm1] queue 2 wrr group 1 byte-count 2

[DeviceA1-qmprofile-qm1] queue 3 wrr group 1 byte-count 1

[DeviceA1-qmprofile-qm1] queue 4 wrr group 1 byte-count 1

[DeviceA1-qmprofile-qm1] quit

# 在业务流量的出端口Twenty-FiveGigE1/0/1上应用队列调度策略qm1。

[DeviceA1] interface twenty-fivegige 1/0/1

[DeviceA1-Twenty-FiveGigE1/0/1] qos apply qmprofile qm1

[DeviceA1-Twenty-FiveGigE1/0/1] quit

4.5  验证配置

所有路由器上的配置显示方法相同,本处仅以Device S1为例。

# 查看业务流量入接口上的QoS策略的配置信息和运行情况。

[DeviceS1] display qos policy interface twenty-fivegige 1/0/3

Interface: Twenty-FiveGigE1/0/3

  Direction: Inbound

  Policy: policy1

   Classifier: video

     Operator: AND

     Rule(s) :

      If-match acl 3000

     Behavior: video

      Marking:

        Remark local-precedence 2

   Classifier: production

     Operator: AND

     Rule(s) :

      If-match acl 3001

     Behavior: production

      Marking:

        Remark local-precedence 3

   Classifier: voice

     Operator: AND

     Rule(s) :

      If-match acl 3002

     Behavior: voice

      Marking:

        Remark local-precedence 4

# 查看业务流量出接口上队列调度策略的配置情况。

[DeviceS1] display qos qmprofile configuration

Queue management profile: qm1 (ID 1)

 Queue ID    Type    Group    Schedule-unit    Schedule-value    Bandwidth

 ---------------------------------------------------------------------------

 be          SP      N/A      N/A              N/A                N/A

 af1         SP      N/A      N/A              N/A                N/A

 af2         WRR     1        byte-count       2                  N/A

 af3         WRR     1        byte-count       1                  N/A

 af4         WRR     1        byte-count       1                  N/A

 ef          SP      N/A      N/A              N/A                N/A

 cs6         SP      N/A      N/A              N/A                N/A

 cs7         SP      N/A      N/A              N/A                N/A

4.6  配置文件

·     Device S1:

#

qos qmprofile qm1

 queue af2 wrr group 1 byte-count 2

 queue af3 wrr group 1 byte-count 1

 queue af4 wrr group 1 byte-count 1

#

traffic classifier production operator and

 if-match acl 3001

#

traffic classifier video operator and

 if-match acl 3000

#

traffic classifier voice operator and

 if-match acl 3002

#

traffic behavior production

 remark local-precedence 3

#

traffic behavior video

 remark local-precedence 2

#

traffic behavior voice

 remark local-precedence 4

#

qos policy policy1

 classifier video behavior video

 classifier production behavior production

 classifier voice behavior voice

#

interface Twenty-FiveGigE1/0/1

 port link-mode bridge

 qos apply qmprofile qm1

#

interface Twenty-FiveGigE1/0/2

 port link-mode bridge

 qos apply qmprofile qm1

#

interface Twenty-FiveGigE1/0/3

 port link-mode bridge

 qos apply policy policy1 inbound

#

acl advanced 3000

 rule 0 permit ip source 10.1.1.0 0.0.0.255 destination 10.1.0.0 0.0.255.255

#

acl advanced 3001

 rule 0 permit ip source 10.2.1.0 0.0.0.255 destination 10.2.0.0 0.0.255.255

#

acl advanced 3002

 rule 0 permit ip source 10.3.1.0 0.0.0.255 destination 10.3.0.0 0.0.255.255

#

return

·     Device S2

#

qos qmprofile qm1

 queue af2 wrr group 1 byte-count 2

 queue af3 wrr group 1 byte-count 1

 queue af4 wrr group 1 byte-count 1

#

traffic classifier production operator and

 if-match acl 3001

#

traffic classifier video operator and

 if-match acl 3000

#

traffic classifier voice operator and

 if-match acl 3002

#

traffic behavior production

 remark local-precedence 3

#

traffic behavior video

 remark local-precedence 2

#

traffic behavior voice

 remark local-precedence 4

#

qos policy policy1

 classifier video behavior video

 classifier production behavior production

 classifier voice behavior voice

#

interface Twenty-FiveGigE1/0/1

 port link-mode bridge

 qos apply qmprofile qm1

#

interface Twenty-FiveGigE1/0/2

 port link-mode bridge

 qos apply qmprofile qm1

#

interface Twenty-FiveGigE1/0/3

 port link-mode bridge

 qos apply policy policy1 inbound

#

acl advanced 3000

 rule 0 permit ip source 10.1.1.0 0.0.0.255 destination 10.1.0.0 0.0.255.255

#

acl advanced 3001

 rule 0 permit ip source 10.2.1.0 0.0.0.255 destination 10.2.0.0 0.0.255.255

#

acl advanced 3002

 rule 0 permit ip source 10.3.1.0 0.0.0.255 destination 10.3.0.0 0.0.255.255

#

return

·     Device A1:

#

qos qmprofile qm1

 queue af2 wrr group 1 byte-count 2

 queue af3 wrr group 1 byte-count 1

 queue af4 wrr group 1 byte-count 1

#

traffic classifier production operator and

 if-match acl 3001

#

traffic classifier video operator and

 if-match acl 3000

#

traffic classifier voice operator and

 if-match acl 3002

#

traffic behavior production

 remark local-precedence 3

#

traffic behavior video

 remark local-precedence 2

#

traffic behavior voice

 remark local-precedence 4

#

qos policy policy1

 classifier video behavior video

 classifier production behavior production

 classifier voice behavior voice

#

interface Twenty-FiveGigE1/0/1

 port link-mode bridge

 qos apply qmprofile qm1

#

interface Twenty-FiveGigE1/0/3

 port link-mode bridge

 qos apply policy policy1 inbound

#

acl advanced 3000

 rule 0 permit ip source 10.1.2.0 0.0.0.255 destination 10.1.0.0 0.0.255.255

#

acl advanced 3001

 rule 0 permit ip source 10.2.2.0 0.0.0.255 destination 10.2.0.0 0.0.255.255

#

acl advanced 3002

 rule 0 permit ip source 10.3.2.0 0.0.0.255 destination 10.3.0.0 0.0.255.255

#

return

·     Device A2:

#

qos qmprofile qm1

 queue af2 wrr group 1 byte-count 2

 queue af3 wrr group 1 byte-count 1

 queue af4 wrr group 1 byte-count 1

#

traffic classifier production operator and

 if-match acl 3001

#

traffic classifier video operator and

 if-match acl 3000

#

traffic classifier voice operator and

 if-match acl 3002

#

traffic behavior production

 remark local-precedence 3

#

traffic behavior video

 remark local-precedence 2

#

traffic behavior voice

 remark local-precedence 4

#

qos policy policy1

 classifier video behavior video

 classifier production behavior production

 classifier voice behavior voice

#

interface Twenty-FiveGigE1/0/1

 port link-mode bridge

 qos apply qmprofile qm1

#

interface Twenty-FiveGigE1/0/3

 port link-mode bridge

 qos apply policy policy1 inbound

#

acl advanced 3000

 rule 0 permit ip source 10.1.2.0 0.0.0.255 destination 10.1.0.0 0.0.255.255

#

acl advanced 3001

 rule 0 permit ip source 10.2.2.0 0.0.0.255 destination 10.2.0.0 0.0.255.255

#

acl advanced 3002

 rule 0 permit ip source 10.3.2.0 0.0.0.255 destination 10.3.0.0 0.0.255.255

#

return

·     Device F1:

#

qos qmprofile qm1

 queue af2 wrr group 1 byte-count 2

 queue af3 wrr group 1 byte-count 1

 queue af4 wrr group 1 byte-count 1

#

traffic classifier production operator and

 if-match acl 3001

#

traffic classifier video operator and

 if-match acl 3000

#

traffic classifier voice operator and

 if-match acl 3002

#

traffic behavior production

 remark local-precedence 3

#

traffic behavior video

 remark local-precedence 2

#

traffic behavior voice

 remark local-precedence 4

#

qos policy policy1

 classifier video behavior video

 classifier production behavior production

 classifier voice behavior voice

#

interface Twenty-FiveGigE1/0/2

 port link-mode bridge

 qos apply qmprofile qm1

#

interface Twenty-FiveGigE1/0/3

 port link-mode bridge

 qos apply policy policy1 inbound

#

acl advanced 3000

 rule 0 permit ip source 10.1.7.0 0.0.0.255 destination 10.1.0.0 0.0.255.255

#

acl advanced 3001

 rule 0 permit ip source 10.2.7.0 0.0.0.255 destination 10.2.0.0 0.0.255.255

#

acl advanced 3002

 rule 0 permit ip source 10.3.7.0 0.0.0.255 destination 10.3.0.0 0.0.255.255

#

return

·     Device F2:

#

qos qmprofile qm1

 queue af2 wrr group 1 byte-count 2

 queue af3 wrr group 1 byte-count 1

 queue af4 wrr group 1 byte-count 1

#

traffic classifier production operator and

 if-match acl 3001

#

traffic classifier video operator and

 if-match acl 3000

#

traffic classifier voice operator and

 if-match acl 3002

#

traffic behavior production

 remark local-precedence 3

#

traffic behavior video

 remark local-precedence 2

#

traffic behavior voice

 remark local-precedence 4

#

qos policy policy1

 classifier video behavior video

 classifier production behavior production

 classifier voice behavior voice

#

interface Twenty-FiveGigE1/0/2

 port link-mode bridge

 qos apply qmprofile qm1

#

interface Twenty-FiveGigE1/0/3

 port link-mode bridge

 qos apply policy policy1 inbound

#

acl advanced 3000

 rule 0 permit ip source 10.1.7.0 0.0.0.255 destination 10.1.0.0 0.0.255.255

#

acl advanced 3001

 rule 0 permit ip source 10.2.7.0 0.0.0.255 destination 10.2.0.0 0.0.255.255

#

acl advanced 3002

 rule 0 permit ip source 10.3.7.0 0.0.0.255 destination 10.3.0.0 0.0.255.255

#

return

不同款型规格的资料略有差异, 详细信息请向具体销售和400咨询。H3C保留在没有任何通知或提示的情况下对资料内容进行修改的权利!

新华三官网
联系我们