ISP_QoS 学习笔记

1-实施QS
1-1CLI

传统方法,无模块化,无分类思想

当使用auto qs的时候可以做微调使用

1-2MQC

Class map定义分类

Policy map包含多个class map + default class map , 调用到接口上

1-3 Auto QS

分为两类,VOIP/enterprise

把voip流量分类出来,低时延,低抖动,一条命令搞定

Enterprise:各种应用流量分到不同的类,对每一种类,作不同的待遇

1-4 QPM

Qos policy manager,图形化管理QS,实际使用比较少

2-QS模型

Best-Effort: No QoS is applied to packets.

IntServ: Applications signal to the network that they require special QoS.

DiffServ: The network recognizes classes that require special QoS.

2-1 IntServ

集成 路由器模拟主机发送RSVP消息,让网络设备分配资源 (基于流模式)

ip rsvp sender-host 11.1.1.1 44.1.1.1 UDP 60000 50000 20 2000

ip rsvp reservation-host 11.1.1.3 44.1.1.2 UDP 60000 50000 FF RATE 20 2000\\注意原目信息必须一样

<接口>ip rsvp bandwidth

debug ip rsvp \\可以看到两两路由其间维护一个流的RSVP会话信息

如果流过多则消耗一定CPU,同时带宽利用率太低

2-2 DiffServ

基于节点模式

优点:1 Highly scalable 2Many levels of quality possible

缺点:复杂的配置,因为要基于每个节点去配置

3-理解差分服务模型

信任边界:就是承认可以使用DSCP的设备

DiffServ field: The IP version 4 header ToS octet or the IPv6 traffic class octet, when interpreted in conformance with the definition given in RFC 2474

DSCP: The first six bits of the DiffServ field, used to select a PHB (forwarding and queuing method) 每一种DSCP对应着一种PHB

DSCP selects PHB throughout the network.<最后一位始终为0>

? <1>Default PHB (FIFO, tail drop)<全部为0>

? <1>EF Expedited Forwarding <只有一种EF,VOIP使用>

? <12>AF Assured Forwarding <有四种标准分类>

? <8>Class-Selector (IP Precedence) PHB <后三位为0,IPP兼容>

3-1 EF PHB

EF PHB: <多给VOIP流量>

1-Ensures a minimum departure rate <确保最低延时>

2-Guarantees bandwidth (The class is guaranteed an amount of bandwidth with prioritized forwarding.)<分配所需带宽>

3-Polices bandwidth (The class is not allowed to exceed the guaranteed amount―excess traffic is dropped.)<在发生堵塞的时候起到流量监管,>

DSCP value “101110”: looks like IP Precedence 5 to non-DiffServ-compliant devices

Bits 5 to 7: “101” = 5 (Same three bits used for IP Precedence)

Bits 3 to 4: “11” = drop probability high

Bit 2: Just “0”

3-2 AF PHB

AF PHB:

1-Guarantees bandwidth <带宽的保证>

2-Allows access to extra bandwidth, if available<如果接口还有其他带宽,则可以使用>

Four standard classes (af1, af2, af3, and af4)

DSCP value range: “aaadd0”

-Where “aaa” is a binary value of the class <有四种组合>

-Where “dd” is drop probability <有三种组合><值越大,丢弃可能性高>

AF一共有12种组合

3-3 CS PHB

Class-Selector “xxx000” DSCP <兼容IPP>

Compatibility with current IP Precedence usage (RFC 1812) = maps IP Precedence to DSCP

Differentiates probability of timely forwarding    
(xyz000) >= (abc000) if xyz > abc

If a packet has DSCP = “011000,” it has a greater probability of timely forwarding than a packet with DSCP = “001000.”

4-QS机制

1-Classification: Each class-oriented QoS mechanism has to support some type of classification.

2-Marking: Used to mark packets based on classification, metering, or both. <信任边界打标>

3-Congestion management<拥塞管理机制>: Each interface must have a queuing mechanism to prioritize transmission of packets.

4-Congestion avoidance<拥塞避免机制>: Used to drop packets early to avoid congestion later in the network.

利用 ->应用对网络传送质量的感知能力,看RTT,丢包率

Buffer未满,就开始进行丢包

5-Policing and shaping<流量的监管和×××>: Used to enforce a rate limit based on the metering (excess traffic is either dropped, marked, or delayed).

6-Link Efficiency: Used to improve bandwidth efficiency through compression, link fragmentation, and interleaving.

5-学习CLI

Class maps can operate in two modes:

Match all: all conditions have to succeed

Match any: at least one condition must succeed

The default mode is match all.

class-map [match-all | match-any] class-map-name

match condition \\可以使用match not

description description

show class-map

default class-map 只能改action,不能改条件

policy-map policy-map-name

class {class-name | class-default}

class class-map-name condition

description description

show policy-map

show policy-map interface interface-name [input | output] //看详细

6-学习分类和打标

分类:

The component of a QoS feature that recognizes and distinguishes between different traffic streams.是QOS区分不同流量类型的组件

Most fundamental QoS building block.是QOS最基本的模块

Without classification, all packets are treated the same.没有分类,所有的包被相同处理

打标:

The QoS feature component that “colors” a packet (frame) so that it can be identified and distinguished from other packets (frames) in QoS treatment.

Commonly used markers include: CoS (802.1p), DSCP, and IP precedence.

二层交换是做在PRI位 (3bit) COS ,FR交换机,DE bit置位,ATM, CLP置位,优先丢弃

MPLS: 坐在EXP位,3bit,8种组合

IP包: DSCP/IPP (TOS)

END TO END QoS,才有意义.且QOS必须保持一致 (通过QS标签相互影射来实现QS保持一致)

且这个一定要和信任边界合起来理解

7-分类手段

Access list

IP precedence value

IP DSCP value

QoS group number <不传递下去 ,qos-group,内部本地标签>

MPLS experimental bits

Protocol (including NBAR) \\匹配协议

Using another class map\\嵌套使用

Frame Relay DE bit

IEEE 802.1Q/ISL CoS/Priority values

Input interface

Source MAC address\\写MAC ACL

Destination MAC address

RTP (UDP) port range

Any packet \\匹配模式: match all /match any

class-map High-priority

match cos 4 6 7 \\这个关系是 OR 关系,虽然匹配模式为match all

class-map Voice

match ip dscp ef cs5

!

class-map Mission-Critical

match ip dscp af31 af32 af33 cs3

!

class-map Transactional

match ip dscp af21 af22 af23 cs2

!

class-map Bulk

match ip dscp af11 af12 af13 cs1

!

class-map Best-Effort

match ip dscp default

前提条件: CEF must be configured on the interface before the class-based packet marking feature can be used

基于NBAR来进行分类,PDLM file

NBAR 还可以对协议进行分类和探测

NBAR can classify applications that use:

? Statically assigned TCP and UDP port numbers

? Non-UDP and non-TCP IP protocols

? Dynamically assigned TCP and UDP port numbers negotiated during connection establishment (requires stateful inspection)

? Subport classification: classification of HTTP (URLs, MIME, or host names) and Citrix applications (ICA traffic based on published application name)

? Classification based on deep packet inspection and multiple application-specific attributes (RTP payload classification)

<PDLMs allow NBAR to recognize new protocols without requiring a new Cisco IOS p_w_picpath or a router reload.> router(config)# ip nbar pdlm pdlm-file

Configuring Protocol Discovery : router(config-if)# ip nbar protocol-discovery

show ip nbar protocol-discovery

ip nbar port-map protocol [tcp | udp] new-port [new-port ...]

8-QoS Preclassify

QoS for ×××s (QoS preclassify) is a Cisco IOS feature that allows packets to be classified before tunneling and encryption occur.

9-QoS Policy Propagation Through BGP

1-The QoS policy propagation via the QPPB BGP feature allows classifying packets based on access lists, BGP community lists, and BGP AS paths.

2-When using QPPB, QoS works independently from BGP routing.

3-CEF switching with QoS packet marking will populate the FIB table with IP precedence and QoS group values.

4-Route maps are used to set IP precedence and QoS group ID.

5-The bgp-policy Cisco IOS command (interface level) is used to mark the QoS policy via BGP.

router(config)#

route-map name permit seq

match as-path path-list-number

match ip address access-list-number

match community community-list

set ip precedence precedence      
set ip qos-group group

Defines a route map to set IP precedence or QoS-group

Specifies IP precedence and QoS group values in the routing table/FIB table entry

router(config-router)#

table-map route-map-name

10-理解队列

1分类2插入或丢弃策略3调度

FIFO:一个队列,尾丢弃,先进先出

PQ:多个队列,尾丢弃,始终调度高优先级的分类,其他分类饿死状态

FQ: Round Robin:多个队列,尾丢弃,队列轮讯发送

Weighted RoundRobin: 多个队列,尾丢弃,根据weight值来调度,两种调度机制 :1-包大小byte,2-包的数目

DRR-解决了包大小调度不精确的问题

队列机制生效:是等硬件队列满的时候才生效,生效在软件队列中

11-FIFO/WFQ

接口带宽小于2.048 是WFQ,一般以太口为FIFO,(默认)

WFQ对(交互式数据流)小包有利

WFQ分类:采用6元组来分类,生成不同的值,进入不同的队列

FT:每一个包有一个FT (finish time)值,跟包长有关

WFQ 调度机制: 始终调度最小的FT的数据包 优先调度

WFQ插入和丢弃机制:

Hold-queue out limit :出接口buffer大小

Congestion discard threshold:出接口肯能发生拥塞的门限值 (代表接口可能发生拥塞)

小于 CDT:正常入队列

大于HQO:丢FT最大的包

在CDT和HQO之间可能发生丢弃,满足条件:新来的数据包,比较buffer中的数据FT值,如果是最坏FT则丢弃,否则不丢。

WFQ,计算FT的虚拟包长是根据 实际包长/IPP+1

WFQ可配项:CDT /HQO/可以配队列数/保留队列数 (不可针对分类配置)

接口下: fair-queue [cdt [dynamic-queues [reservable-queues]]]

hold-queue max-limit out

show interface \\可以查看对应的值

12-CBWFQ and LLQ

CBWFQ在不同平台能利用的最大带宽值不同,7200最大利用99%

出接口的带宽比例跟在接口上配置bandwidth数字参考值计算有关

而remaining 后的带宽是 实际带宽值减去 PQ分配后的带宽 来分配比例

细节:bandwidth : percent /具体数字/remaining

在出接口拥塞的情况下,具有最小带宽保证

在出接口不用赛的情况下,可以分配更高的带宽值 <没有进软件队列>

在出接口拥塞的情况下,也可以分配处更高的带宽值

按照最小带宽值得比例来占多余的带宽

LLQ (CBWFQ+PQ):低延迟队列 多用于语音流《EF置位,IPP 5》

用于区分出不同类的数据流,给与优先级

PQ的带宽在没有拥塞的情况下,可以被其他队列占用

======CBWFQ====

Router(config)# access-list 101 permit udp host 10.10.10.10 host 10.10.10.20 range 16384 20000

Router(config-if)# access-list 101 permit udp host 10.10.10.10 host 10.10.10.20 range 53000 56000

Router(config)# class-map class1

Router(config-cmap)# match access-group 101

Router(config-cmap)# exit

Router(config-cmap)# class-map class2

Router(config-cmap)# match access-group 102

Router(config-cmap)# exit

Router(config)# policy-map policy1

Router(config-pmap)# class class1

Router(config-pmap-c)# bandwidth 3000

Router(config-pmap-c)# queue-limit 30

Router(config-pmap-c)# exit

Router(config-pmap)# class class2

Router(config-pmap-c)# bandwidth 2000

Router(config-pmap-c)# exit

=====LLQ======

class-map voip

match ip precedence 5

!

class-map mission-critical

match ip precedence 3 4

!

class-map transactional

match ip precedence 1 2

!

policy-map Policy1

class voip

priority percent 10

class mission-critical

bandwidth percent 30

random-detect

class transactional

bandwidth percent 20

random-detect

class class-default

fair-queue

random-detect

最常用的命令:show policy-map interface interface

13-拥塞避免和RED

当没有拥塞避免时候,当丢包率达到5%,则应用层吞吐率则降低50%,原因是TCP的重传机制(TCP同步),(超时重传和重复ACK)

为了打破TCP同步,引进拥塞避免机制,在出接口没有发生拥塞时

为了实现它,引进RED技术,针对某一个类,随机丢弃数据包,减缓TCP速率

引入概念: 最小门限值(类似CDT) 和最大门限值(类似HQO)和丢弃可能性

CB-WRED:基于DSCP和IPP.random-detect激活WRED

IPP默认N值为9,WRED 可以和bandwidth和sharp合用

14-Police和Shape

进入软件队列前就生效,本质作流量的限制

Police,削峰,占用buffer少,可以打标

Shaping,削峰,填谷

进入软件队列前就生效,Policing是丢弃包 <削峰>,而shaping则是缓存 在buffer中 。  
policing支持 打 标 ,即可以用在出接口,也可以在入接口

Policing利用令 牌捅

桶的大小/个数,如何往 桶里放 令牌,分类后灵牌的变化

单 速率单桶/单 速率双桶 (BC/BE),分三类/双速率双通 ,分三类

Shaping只有一个桶 ,应用于出接口

15-广域网压缩技术

<略>