CCIE K2+考点分析:MLS QOS MQC的配置实例
2012-06-19 12:01
295 查看
四、园区网QOS典型配置
1、语音流量的Qos配置
第一步 在整个交换机上启用Qos
3550G#config t
3550G(config)#mls qos
第二步 配置CoS-ToS
map
3550G(config)#mls qos map cos-dscp 0 8 16 26 34 46 48 56
第三步 LLQ配置部分。启用PQ,并将CoS
5映射到pq 4
3550Gconfig)#interface range g 0/1 - 12
3550G(config-if-range)#priority-queue out
3550G(config-if-range)#wrr-queue cos-map 4 5
第四步 创建ACL并标记语音流量及语音控制流量
3550G(config)#ip access-list extended VOICE
3550G(config-ext-nacl)#remark Match the UDP ports that VoIP uses for Bearer
Traffic
3550G(config-ext-nacl)#permit udp any any range 16384 32767
3550G(config)#ip access-list extended VOICE-CONTROL
3550G(config-ext-nacl)#remark Match VoIP Control Traffic
3550G(config-ext-nacl)#remark SCCP
3550G(config-ext-nacl)#permit tcp any any range 2000 2002
3550G(config-ext-nacl)#remark H323 Fast Start
3550G(config-ext-nacl)#permit tcp any any eq 1720
3550G(config-ext-nacl)#remark H323 Slow Start
3550G(config-ext-nacl)#permit tcp any any range 11000 11999
3550G(config-ext-nacl)#remark H323 MGCP
3550G(config-ext-nacl)#permit udp any any eq 2427
第五步 创建类
3550G(config)#class-map match-all VOICE
3550G(config-cmap)#description VOIP Bearer Traffic
3550G(config-cmap)#match access-group name VOICE
3550G(config)#class-map match-all VOICE-CONTROL
3550G(config-cmap)#description VOIP Control Traffic
3550G(config-cmap)#match access-group name VOICE-CONTROL
第六步 创policy-map并配置dscp
PHB标签
3550G(config)#policy-map ACCESS-C3550-LAN-EDGE-IN
3550G(config-pmap)#class VOICE-CONTROL
3550G(config-pmap-c)#set ip dscp 26
3550G(config-pmap)#class VOICE
3550G(config-pmap-c)#set ip dscp 46
第七步 将policy-map应用到接口上
3550G(config-if)#service-policy input ACCESS-C3550-LAN-EDGE-IN
2、呼叫控制(基于catos)
skinny:
set qos enable
set qos acl ip ACL_IP-PHONES DSCP 26 tcp any any range 2000 2002
set qos acl ip ACL_IP-PHONES trust-cos ip any any
set qos acl ip ACL_VOIP_CONTROL dscp 26 tcp any any range 2000 2002
set port qos 5/1-58 trust trust-cos
set port qos 5/1-48 vlan-based
set port qos 5/1-48 trust-ext untrusted
set port qos 4/2 port-based ///4/2接的CCM
commit qos acl all
set qos acl map ACL_IP-PHONES 110
set qos acl map ACL_VOIP_CONTROL 4/2
H323:
set qos acl ip acl-voip-control dscp 26 tcp any any eq 1720
set qos acl ip acl-voip-control dscp 26 tcp any any ramge 11000 11999
set port qos 4/2 port-based
set port qos 4/3 port-based ///H323 GK
commit qos acl acl-voip-control
set qos acl map acl-voip-control 4/2
set qos acl map acl-voip-control 4/3
MGCP:
set qos acl ip acl-voip-control dscp 26 tcp any any eq 2427
set port qos 4/2 port-based
set port qos 4/4 port-based ///MGCP GK
commit qos acl acl-voip-control
set qos acl map acl-voip-control 4/2
set qos acl map acl-voip-control 4/4
3、关键业务数据(基于IOS)
#conf t
(config)#qos map cos 3 to dscp 26
(config)#qos map cos 4 to dscp 34
(config)#qos map cos 5 to dscp 46
(config)#int fa 3/4
(config-if)#tx-queue 3
(config-if)#priority high
(config)#ip access-list extended GOLD-DATA
(config-ext-nacl)#remark Match IP Address of the application server
(config-ext-nacl)#permit ip any host 192.168.100.1
(config-ext-nacl)#permit ip host 192.168.100.1 any
(config)#class-map match-all GOLD-DATA
(config-cmap)#description Mission Critical Traffic
(config-cmap)#match access-group name GOLD-DATA
(config)#policy-map ACCESS-C4006-LAN-EDGE-IN
(config-pmap)#description Set DSCP PerHopBehavior Label for MissionCritical Traffic
(config-pmap)#class GOLD-DATA
(config-pmap-c)#set ip dscp 18
(config)#int fa 3/4
(config-if)#service-policy input ACCESS-C4006-LAN-EDGE-IN
五、WAN Qos配置与远程办公室Qos配置
在路由器上使用模块化QOS命令行(MQC,12.2T),配置分为三部分:
class-map:对流量分类
policy-map:对每类流量分配queue,priority关键字表示使用LLQ。
server-policy:将policy-map绑定到接口上。
1、Policy-map配置
class-map match-all VOICE
match ip dscp ef
class-map match-all VIDEO
match ip dscp af41
class-map match-all VOICE-CONTROL
match ip dscp af31
class-map match-any GOLD-DATA
match ip dscp af21
match ip dscp af22
match ip dscp af23
class-map match-any SILVER-DATA
match ip dscp af11
match ip dscp af12
match ip dscp af13
!
policy-map WAN-EDGE
class VOICE
priority percent 17
class VIDEO
priority percent 16 30000
class VOICE-CONTROL
bandwidth percent 2
class GOLD-DATA
bandwidth percent 25
random-detect dscp-based
class SILVER-DATA
bandwidth percent 15
random-detect dscp-based
class class-default
fair-queue
random-detect dscp-based
random-detect dscp-based
random-detect dscp 0 96 128 10
random-detect dscp 2 70 128 10
random-detect dscp 4 58 128 10
random-detect dscp 6 44 128 10
2、PPP配置
interface Multilink 40
bandwidth 4096
ip address 10.200.40.1 255.255.255.252
service-policy output WAN-EDGE
ppp multilink
multilink-group 40
interface Serial1/0
description Link E1-A to BRANCH#40
bandwidth 2048
no ip address
encapsulation ppp
ppp multilink
multilink-group 40
interface Serial1/1
description Link E1-B to BRANCH#40
bandwidth 4096
no ip address
encapsulation ppp
ppp multilink
multilink-group 40
3、FR配置:
interface Serial0/1
description Parent FR Link
no ip address
encapsulation frame-relay
!
interface Serial0/1.50 point-to-point
description FR Link to BRANCH#50
bandwidth 3000
ip address 10.200.50.1 255.255.255.252
frame-relay interface-dlci 211
class REMOTE-BRANCH-3000kbps
map-class frame-relay REMOTE-BRANCH-3000kbps
frame-relay cir 3000000
frame-relay bc 30000
frame-relay be 0
frame-relay mincir 3000000
no frame-relay adaptive-shaping
service-policy output WAN-EDGE
4、ATM配置
interface ATM4/0
bandwidth 3000
no ip address
no atm ilmi-keepalive
!
interface ATM4/0.60 point-to-point
bandwidth 3000
ip address 10.210.60.1 255.255.255.252
pvc BRANCH#60 0/60
vbr-nrt 3000 3000
tx-ring-limit 3
service-policy output WAN-EDGE
5、远程分支办公室配置
ip cef
!
class-map match-all VOICE
match ip dscp ef
class-map match-all VIDEO
match ip dscp af41
class-map match-all VOICE-CONTROL
match ip dscp af31
class-map match-any GOLD-DATA
match ip dscp af21
match ip dscp af22
match ip dscp af23
class-map match-any SILVER-DATA
match ip dscp af11
match ip dscp af12
match ip dscp af13
class-map match-all SAP
match access-group 100
class-map match-all SQLNET
match protocol sqlnet
class-map match-all CITRIX
match protocol citrix
class-map match-any EMAIL
match protocol pop3
match protocol imap
match protocol smtp
class-map match-all TELNET
match protocol telnet
class-map match-all RCMD
match protocol rcmd
class-map match-all FTP
match protocol ftp
class-map match-all BACKUPS
match access-group 101
class-map match-any P2P
match protocol napster
match protocol fasttrack
!
policy-map WAN-EDGE
class VOICE
priority percent 17
class VIDEO
priority percent 16 30000
class VOICE-CONTROL
bandwidth percent 2
class GOLD-DATA
bandwidth percent 25
random-detect dscp-based
class SILVER-DATA
bandwidth percent 15
random-detect dscp-based
class class-default
fair-queue
random-detect dscp-based
random-detect dscp-based
random-detect dscp 0 96 128 10
random-detect dscp 2 70 128 10
random-detect dscp 4 58 128 10
random-detect dscp 6 44 128 10
!
policy-map REMOTE-LAN-EDGE-OUT
class VOICE
set cos 5
class VOICE-CONTROL
set cos 3
class VIDEO
set cos 4
class GOLD-DATA
set cos 2
class SILVER-DATA
set cos 1
class class-default
set cos 0
!
policy-map REMOTE-LAN-EDGE-IN
class SAP
set ip dscp af21
class SQLNET
set ip dscp af22
class CITRIX
set ip dscp af23
class EMAIL
set ip dscp af11
class TELNET
set ip dscp af12
class RCMD
set ip dscp af13
class FTP
set ip dscp 2
class BACKUPS
set ip dscp 4
class P2P
set ip dscp 6
!
!
interface FastEthernet0/0
description CAT3500 REMOTE-BRANCH ACCESS-SWITCH
no ip address
load-interval 30
speed auto
duplex auto
!
interface FastEthernet0/0.50
description NATIVE SUBNET 10.1.50.0 DATA
encapsulation dot1Q 50
ip address 10.1.50.1 255.255.255.0
service-policy output REMOTE-LAN-EDGE
service-policy input REMOTE-LAN-EDGE-IN
!
!
interface FastEthernet0/0.150
description NATIVE SUBNET 10.1.150.0 VOICE
encapsulation dot1Q 150
ip address 10.1.150.1 255.255.255.0
service-policy output REMOTE-LAN-EDGE
interface Multilink1
bandwidth 4096
ip address 10.200.40.2 255.255.255.252
service-policy output WAN-EDGE
ppp multilink
multilink-group 1
!
interface Serial1/0
bandwidth 2048
no ip address
encapsulation ppp
ppp multilink
multilink-group 1
!interface Serial1/1
bandwidth 2048
no ip address
encapsulation ppp
ppp multilink
multilink-group 1
access-list 100 permit tcp any any eq 3200
access-list 101 permit tcp any host 10.1.100.100
1、语音流量的Qos配置
第一步 在整个交换机上启用Qos
3550G#config t
3550G(config)#mls qos
第二步 配置CoS-ToS
map
3550G(config)#mls qos map cos-dscp 0 8 16 26 34 46 48 56
第三步 LLQ配置部分。启用PQ,并将CoS
5映射到pq 4
3550Gconfig)#interface range g 0/1 - 12
3550G(config-if-range)#priority-queue out
3550G(config-if-range)#wrr-queue cos-map 4 5
第四步 创建ACL并标记语音流量及语音控制流量
3550G(config)#ip access-list extended VOICE
3550G(config-ext-nacl)#remark Match the UDP ports that VoIP uses for Bearer
Traffic
3550G(config-ext-nacl)#permit udp any any range 16384 32767
3550G(config)#ip access-list extended VOICE-CONTROL
3550G(config-ext-nacl)#remark Match VoIP Control Traffic
3550G(config-ext-nacl)#remark SCCP
3550G(config-ext-nacl)#permit tcp any any range 2000 2002
3550G(config-ext-nacl)#remark H323 Fast Start
3550G(config-ext-nacl)#permit tcp any any eq 1720
3550G(config-ext-nacl)#remark H323 Slow Start
3550G(config-ext-nacl)#permit tcp any any range 11000 11999
3550G(config-ext-nacl)#remark H323 MGCP
3550G(config-ext-nacl)#permit udp any any eq 2427
第五步 创建类
3550G(config)#class-map match-all VOICE
3550G(config-cmap)#description VOIP Bearer Traffic
3550G(config-cmap)#match access-group name VOICE
3550G(config)#class-map match-all VOICE-CONTROL
3550G(config-cmap)#description VOIP Control Traffic
3550G(config-cmap)#match access-group name VOICE-CONTROL
第六步 创policy-map并配置dscp
PHB标签
3550G(config)#policy-map ACCESS-C3550-LAN-EDGE-IN
3550G(config-pmap)#class VOICE-CONTROL
3550G(config-pmap-c)#set ip dscp 26
3550G(config-pmap)#class VOICE
3550G(config-pmap-c)#set ip dscp 46
第七步 将policy-map应用到接口上
3550G(config-if)#service-policy input ACCESS-C3550-LAN-EDGE-IN
2、呼叫控制(基于catos)
skinny:
set qos enable
set qos acl ip ACL_IP-PHONES DSCP 26 tcp any any range 2000 2002
set qos acl ip ACL_IP-PHONES trust-cos ip any any
set qos acl ip ACL_VOIP_CONTROL dscp 26 tcp any any range 2000 2002
set port qos 5/1-58 trust trust-cos
set port qos 5/1-48 vlan-based
set port qos 5/1-48 trust-ext untrusted
set port qos 4/2 port-based ///4/2接的CCM
commit qos acl all
set qos acl map ACL_IP-PHONES 110
set qos acl map ACL_VOIP_CONTROL 4/2
H323:
set qos acl ip acl-voip-control dscp 26 tcp any any eq 1720
set qos acl ip acl-voip-control dscp 26 tcp any any ramge 11000 11999
set port qos 4/2 port-based
set port qos 4/3 port-based ///H323 GK
commit qos acl acl-voip-control
set qos acl map acl-voip-control 4/2
set qos acl map acl-voip-control 4/3
MGCP:
set qos acl ip acl-voip-control dscp 26 tcp any any eq 2427
set port qos 4/2 port-based
set port qos 4/4 port-based ///MGCP GK
commit qos acl acl-voip-control
set qos acl map acl-voip-control 4/2
set qos acl map acl-voip-control 4/4
3、关键业务数据(基于IOS)
#conf t
(config)#qos map cos 3 to dscp 26
(config)#qos map cos 4 to dscp 34
(config)#qos map cos 5 to dscp 46
(config)#int fa 3/4
(config-if)#tx-queue 3
(config-if)#priority high
(config)#ip access-list extended GOLD-DATA
(config-ext-nacl)#remark Match IP Address of the application server
(config-ext-nacl)#permit ip any host 192.168.100.1
(config-ext-nacl)#permit ip host 192.168.100.1 any
(config)#class-map match-all GOLD-DATA
(config-cmap)#description Mission Critical Traffic
(config-cmap)#match access-group name GOLD-DATA
(config)#policy-map ACCESS-C4006-LAN-EDGE-IN
(config-pmap)#description Set DSCP PerHopBehavior Label for MissionCritical Traffic
(config-pmap)#class GOLD-DATA
(config-pmap-c)#set ip dscp 18
(config)#int fa 3/4
(config-if)#service-policy input ACCESS-C4006-LAN-EDGE-IN
五、WAN Qos配置与远程办公室Qos配置
在路由器上使用模块化QOS命令行(MQC,12.2T),配置分为三部分:
class-map:对流量分类
policy-map:对每类流量分配queue,priority关键字表示使用LLQ。
server-policy:将policy-map绑定到接口上。
1、Policy-map配置
class-map match-all VOICE
match ip dscp ef
class-map match-all VIDEO
match ip dscp af41
class-map match-all VOICE-CONTROL
match ip dscp af31
class-map match-any GOLD-DATA
match ip dscp af21
match ip dscp af22
match ip dscp af23
class-map match-any SILVER-DATA
match ip dscp af11
match ip dscp af12
match ip dscp af13
!
policy-map WAN-EDGE
class VOICE
priority percent 17
class VIDEO
priority percent 16 30000
class VOICE-CONTROL
bandwidth percent 2
class GOLD-DATA
bandwidth percent 25
random-detect dscp-based
class SILVER-DATA
bandwidth percent 15
random-detect dscp-based
class class-default
fair-queue
random-detect dscp-based
random-detect dscp-based
random-detect dscp 0 96 128 10
random-detect dscp 2 70 128 10
random-detect dscp 4 58 128 10
random-detect dscp 6 44 128 10
2、PPP配置
interface Multilink 40
bandwidth 4096
ip address 10.200.40.1 255.255.255.252
service-policy output WAN-EDGE
ppp multilink
multilink-group 40
interface Serial1/0
description Link E1-A to BRANCH#40
bandwidth 2048
no ip address
encapsulation ppp
ppp multilink
multilink-group 40
interface Serial1/1
description Link E1-B to BRANCH#40
bandwidth 4096
no ip address
encapsulation ppp
ppp multilink
multilink-group 40
3、FR配置:
interface Serial0/1
description Parent FR Link
no ip address
encapsulation frame-relay
!
interface Serial0/1.50 point-to-point
description FR Link to BRANCH#50
bandwidth 3000
ip address 10.200.50.1 255.255.255.252
frame-relay interface-dlci 211
class REMOTE-BRANCH-3000kbps
map-class frame-relay REMOTE-BRANCH-3000kbps
frame-relay cir 3000000
frame-relay bc 30000
frame-relay be 0
frame-relay mincir 3000000
no frame-relay adaptive-shaping
service-policy output WAN-EDGE
4、ATM配置
interface ATM4/0
bandwidth 3000
no ip address
no atm ilmi-keepalive
!
interface ATM4/0.60 point-to-point
bandwidth 3000
ip address 10.210.60.1 255.255.255.252
pvc BRANCH#60 0/60
vbr-nrt 3000 3000
tx-ring-limit 3
service-policy output WAN-EDGE
5、远程分支办公室配置
ip cef
!
class-map match-all VOICE
match ip dscp ef
class-map match-all VIDEO
match ip dscp af41
class-map match-all VOICE-CONTROL
match ip dscp af31
class-map match-any GOLD-DATA
match ip dscp af21
match ip dscp af22
match ip dscp af23
class-map match-any SILVER-DATA
match ip dscp af11
match ip dscp af12
match ip dscp af13
class-map match-all SAP
match access-group 100
class-map match-all SQLNET
match protocol sqlnet
class-map match-all CITRIX
match protocol citrix
class-map match-any EMAIL
match protocol pop3
match protocol imap
match protocol smtp
class-map match-all TELNET
match protocol telnet
class-map match-all RCMD
match protocol rcmd
class-map match-all FTP
match protocol ftp
class-map match-all BACKUPS
match access-group 101
class-map match-any P2P
match protocol napster
match protocol fasttrack
!
policy-map WAN-EDGE
class VOICE
priority percent 17
class VIDEO
priority percent 16 30000
class VOICE-CONTROL
bandwidth percent 2
class GOLD-DATA
bandwidth percent 25
random-detect dscp-based
class SILVER-DATA
bandwidth percent 15
random-detect dscp-based
class class-default
fair-queue
random-detect dscp-based
random-detect dscp-based
random-detect dscp 0 96 128 10
random-detect dscp 2 70 128 10
random-detect dscp 4 58 128 10
random-detect dscp 6 44 128 10
!
policy-map REMOTE-LAN-EDGE-OUT
class VOICE
set cos 5
class VOICE-CONTROL
set cos 3
class VIDEO
set cos 4
class GOLD-DATA
set cos 2
class SILVER-DATA
set cos 1
class class-default
set cos 0
!
policy-map REMOTE-LAN-EDGE-IN
class SAP
set ip dscp af21
class SQLNET
set ip dscp af22
class CITRIX
set ip dscp af23
class EMAIL
set ip dscp af11
class TELNET
set ip dscp af12
class RCMD
set ip dscp af13
class FTP
set ip dscp 2
class BACKUPS
set ip dscp 4
class P2P
set ip dscp 6
!
!
interface FastEthernet0/0
description CAT3500 REMOTE-BRANCH ACCESS-SWITCH
no ip address
load-interval 30
speed auto
duplex auto
!
interface FastEthernet0/0.50
description NATIVE SUBNET 10.1.50.0 DATA
encapsulation dot1Q 50
ip address 10.1.50.1 255.255.255.0
service-policy output REMOTE-LAN-EDGE
service-policy input REMOTE-LAN-EDGE-IN
!
!
interface FastEthernet0/0.150
description NATIVE SUBNET 10.1.150.0 VOICE
encapsulation dot1Q 150
ip address 10.1.150.1 255.255.255.0
service-policy output REMOTE-LAN-EDGE
interface Multilink1
bandwidth 4096
ip address 10.200.40.2 255.255.255.252
service-policy output WAN-EDGE
ppp multilink
multilink-group 1
!
interface Serial1/0
bandwidth 2048
no ip address
encapsulation ppp
ppp multilink
multilink-group 1
!interface Serial1/1
bandwidth 2048
no ip address
encapsulation ppp
ppp multilink
multilink-group 1
access-list 100 permit tcp any any eq 3200
access-list 101 permit tcp any host 10.1.100.100
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 按照S5PV210的官方手册使用C语言配置系统时钟--实例分析
- MySQL 实例配置的"Apply security settings"错误 、 Java通过JDBC无法连接MySQL的 分析
- 3560的Qos配置实例
- CodeIgniter配置之SESSION用法实例分析
- 嵌入式 iptables防火墙配置规则实例分析
- mysql5.6.7多实例安装、配置的详细讲解分析及shell启动脚本的编写
- QoS策略配置实例之明晰篇
- 通过实例及源码分析关于SpringBoot启动类启动时自动配置问题
- zend framework配置操作数据库实例分析
- struts中log4j日志文件的相对路径配置实例分析
- rip路由协议 细节分析及实例配置【完整版】
- URL(基础一) UrlRewrite正则表达式匹配、配置实例和分析
- ipv6配置RIP实例与ipv6包的分析
- 分析nginx日志并屏蔽采集者ip(nginx屏蔽ip配置实例)
- SAMBA服务器配置实例分析
- 思科交换机QOS限速及限制BT下载配置实例
- SAMBA服务器配置实例分析
- QoS策略配置实例
- CodeIgniter配置之SESSION用法实例分析
- CodeIgniter配置之config.php用法实例分析