QOS 之shaping and policing

shaping and policing 针对网络拥塞所做的策略做到限速，工作的Q之前

shaping 是对超出的速率的包进行缓存，等速率降下来在发出去

只能应用在出方向，能减少TCP的重传不能making

policing是对超出的速率的包drop或者making，在出入方向都可以。

理解令牌桶的原理（token bucket）：

 

BC=8000bite 速率限制在64kbs 我们求下TC=8/128=0.0625S  

一半的时间就把令牌桶沾满了，下个0.625s就没有令牌了，如果是shaping缓存，policing直接drop，从1s时间来看就有半秒时间空闲，达到限速目的。

两个令牌桶BC=BE的情况下

 

在125毫秒的时间把BC BE都占满了，到下一个65.5毫秒又把BC占满了BE还没有空闲就drop掉剩下的流量

CIR （committed information rate）承诺信息速率   bps
Tc （ time committed）承诺时间  125毫秒   1/8秒
Bc  （brust committed）承诺的突发量   bite
Be （burst excess ） 超出的突发量
CIR=BC/Tc   在配置的时候我们只关心CIR就行了

shaping：GTS（generic traffic shaping）

                   frame relay traffic shaping

                   class-based shaping

policing   ：committed  access rate   （CAR）

                  class-dased policing 

GTS:可以用在任何接口

Router(config)#int s1/0
Router(config-if)#tra
Router(config-if)#traffi
Router(config-if)#traffic-shape ?
  group  configure token bucket: group <access-list> CIR (bps) [Bc (bits) [Be
         (bits)]]
  rate   configure token bucket: CIR (bps) [Bc (bits) [Be (bits)]]

Router(config-if)#traffic-shape ra
Router(config-if)#traffic-shape rate ?
  <8000-100000000>  Target Bit Rate (bits per second)

Router(config-if)#traffic-shape rate 64000 ?
  <0-100000000>  bits per interval, sustained
  <cr>

Router(config-if)#traffic-shape rate 64000 8000 ?
  <0-100000000>  bits per interval, excess in first interval
  <cr>

Router(config-if)#traffic-shape rate 64000 8000 8000 1000

Router#show traffic-shape

Interface   Se1/0
       Access Target    Byte   Sustain   Excess    Interval  Increment Adapt
VC     List   Rate      Limit  bits/int  bits/int  (ms)      (bytes)   Active
-             64000     2000   8000      8000      125       1000      -  

              CIR   (BC+BE)/8   BC       BE        TC         BC(8000bite/8划算成bytes)

还可以针对特定ACL来限速，但traffic-rate和traffic rate group不能同时运用在一个接口上

Router(config)#access-list 110 permit ip host 202.1.100.100 host 191.1.1.1

Router(config-if)#traffic-shape group 110 128000 8000 8000 1000

CBSHAPING就是结合MQC来做加上条命令而已

R1(config)#policy-map cbshap
R1(config-pmap)#cl
R1(config-pmap)#class TEL
R1(config-pmap-c)#sha
R1(config-pmap-c)#shape ?
  adaptive        Enable Traffic Shaping adaptation to BECN
  average         configure token bucket: CIR (bps) [Bc (bits) [Be (bits)]],
                  send out Bc only per interval
  fecn-adapt      Enable Traffic Shaping reflection of FECN as BECN
  fr-voice-adapt  Enable rate adjustment depending on voice presence
  max-buffers     Set Maximum Buffer Limit
  peak            configure token bucket: CIR (bps) [Bc (bits) [Be (bits)]],
                  send out Bc+Be per interval

R1(config-pmap-c)#shape av
R1(config-pmap-c)#shape average ?
  <8000-154400000>  Target Bit Rate (bits per second), the value needs to be
                    multiple of 8000
  percent           % of interface bandwidth for Committed information rate

R1(config-pmap-c)#shape average 64000

R1(config-pmap-c)#shape max-buffers 200

CAR:

R1(config-if)#rate-limit output ?
  <8000-2000000000>  Bits per second
  access-group       Match access list
  dscp               Match dscp value
  qos-group          Match qos-group ID

R1(config-if)#rate-limit output 256000 ?
  <1000-512000000>  Normal burst bytes

R1(config-if)#rate-limit output 256000 2000 2000 ?
  conform-action  action when rate not exceeded

R1(config-if)#rate-limit output 256000 2000 2000 con
R1(config-if)#rate-limit output 256000 2000 2000 conform-action ?
  continue                          scan other rate limits
  drop                              drop packet
  set-dscp-continue                 set dscp, scan other rate limits
  set-dscp-transmit                 set dscp and send it
  set-mpls-exp-imposition-continue  set exp during imposition, scan other rate
                                    limits
  set-mpls-exp-imposition-transmit  set exp during imposition and send it
  set-prec-continue                 rewrite packet precedence, scan other rate
                                    limits
  set-prec-transmit                 rewrite packet precedence and send it
  set-qos-continue                  set qos-group, scan other rate limits
  set-qos-transmit                  set qos-group and send it
  transmit                          transmit packet

shaping以bite为单位  policing以bity为单位

R1#show run int s1/0
Building configuration...

Current configuration : 207 bytes
!
interface Serial1/0
 no ip address
 rate-limit output 256000 2000 2000 conform-action transmit exceed-action drop

                            CIR    BC   BE

扩展：

access-list 101 permit tcp any any eq www

rate-limit output access-group 120 64000 5000 5000 conform-action transmit exceed-action drop

 rate-limit output 128000 2000 2000 conform-action continue exceed-action drop大范围

continue命令是如果第一条匹配还可以往下查

class-dased policing

拿到第一个桶令牌的是conforms

拿到第二个桶令牌的是exceed

拿不到的violate

policy-map liang
 class TEL
  police cir 64000
    conform-action transmit
    exceed-action transmit
    violate-action drop

 

 

 

 

 

 

 

 

 

 

 

 

转载于:https://blog.51cto.com/liangrui/552058