学习CQ(定制队列)的配置;本实验首先用ACL定义一些流量。然后再将这些流量进行先后排队,最后将排好队的流量策略应用到接口上 1 过滤流量 R2(config)#access-list 101 permit ospf anyany
R2(config)#access-list 101 permit eigrp any any
R2(config)#access-list 102 permit ip any 192.168.0.1 0.0.0.0
R2(config)#access-list 102 permit ip host 192.168.0.1 any
R2(config)#access-list 103 permit tcp any host 192.168.0.1 eq 23
R2(config)#access-list 103 permit tcp any host 192.168.0.1 eq 21
R2(config)#access-list 103 permit tcp any host 192.168.0.1 eq 20 R2(config)#access-list 104 permit udp any lt 200 any lt 200
R2(config)#access-list 104 permit tcp any range 135 139 any range 135 139 R2(config)#access-list 105 permit udp any range 16333 35252 any range 16333 35252 2 队列排序 R2(config)#queue-list 1 protocol ip 1 list 101 //将与List101匹配的流量排在第一位
R2(config)#queue-list 1 protocol ip 2 list 102
R2(config)#queue-list 1 protocol ip 3 list 103
R2(config)#queue-list 1 protocol ip 4 list 104
R2(config)#queue-list 1 protocol ip 5 list 105 3 将CQ应用到接口 R2(config)#int s0
R2(config-if)#custom-queue-list 1 //将这个定制好的队列应用到接口上 4 检验 R2#sh queueing //查看队列
Current fair queue configuration: Interface Discard Dynamic Reserved Link Priority
threshold queues queues queues queues
BRI0 64 16 0 8 1
BRI0:1 64 16 0 8 1
BRI0:2 64 16 0 8 1
Serial1 64 256 0 8 1 Current DLCI priority queue configuration:
Current priority queue configuration:
Current custom queue configuration: List Queue Args
1 1 protocol ip list 101
1 2 protocol ip list 102
1 3 protocol ip list 103
1 4 protocol ip list 104
1 5 protocol ip list 105 QoS---PQ1 1 将udp协议的16333端口至35252端口都设为低优先级 2 将rip设为高优先级 R1(config)#priority-list 1 protocol ip low list 100 //建立优先级列表1,将与access-list 100匹配的流量设为低优先级 R1(config)#access-list 100 permit udp any range 16333 35252 any range 16333 35252 //range命令是设定一个端口范围
R1(config)#priority-list 1 protocol ip high udp rip
R1(config)#int s0
R1(config-if)#priority-group 1 //将优先级列表1应用到接口S0上 2 验证
R1#sh queueing
Current fair queue configuration:
Interface Discard Dynamic Reserved
threshold queue count queue count
Serial1 64 256 0
Current priority queue configuration:
List Queue Args
1 low protocol ip list-100
1 high protocol ip udp port rip R1#sh ip int s0
Serial0 is administratively down, line protocol is down
Internet protocol processing disabled
R1#sh int s0
Serial0 is administratively down, line protocol is down
Hardware is HD64570
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
> Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
Last input never, output 01:37:44, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 159 Queueing strategy: priority-list 1
Output queue (queue priority:> high: 0/20/0, medium: 0/40/0, normal: 0/60/159, low: 0/80/0
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets put, 52588119 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 packets, 52588444 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 output buffer failures, 0 output buffers swapped out
6 carrier transitions
DCD=down DSR=down DTR=down RTS=down CTS=down QoS----PQ2 1 将主机192.168.0.1设为最高优先级 2 将192.168.0.0/24网段下的其他主机设为中等优先级 3 将所有http流量设为普通优先级 4 将所有ftp流量设为低优先级 配置如下: R1(config)#priority-list 2 protocol ip high list 2 //建立优先级列表2 ,将与access-list 2匹配的流量定为高优先级
R1(config)#access-list 2 permit 192.168.0.1 0.0.0.0
R1(config)#priority-list 2 protocol ip medium list 3
R1(config)#access-list 3 deny 192.168.0.1 0.0.0.0
R1(config)#access-list 3 permit 192.168.0.0 0.0.0.255 R1(config)#priority-list 2 protocol ip normal tcp www R1(config)#priority-list 2 protocol ip low tcp ftp
R1(config)#priority-list 2 protocol ip low tcp ftp-data R1(config)#int s1
R1(config-if)#priority-group 2 //在接口S1上应用该优先级列表 R1#sh queueing //查看队列
Current fair queue configuration:
Current priority queue configuration:List Queue Args
2 high protocol ip list 2
2 medium protocol ip list 3
2 normal protocol ip tcp port www
2 low protocol ip tcp port ftp
2 low protocol ip tcp port ftp-data QoS---CBWFQ(基于类分配带宽) CBWFQ(基于类分配带宽)基本配置 实验要求:给上一个实验所定义的3种流量,QQ,SMTP,FTP分配不同的带宽 1 定义流量 (直接调用上一个实验的配置) R4(config)#class-map QQ
R4(config-cmap)#match access-group name QQ //匹配一个名为QQ的命名ACL
R4(config-cmap)#exi
R4(config)#ip access-list extended QQ
R4(config-ext-nacl)#permit ip any 61.172.240.0 0.0.0.255
R4(config-ext-nacl)#permit udp any any eq 4000
R4(config-ext-nacl)#permit udp any any eq 8000
R4(config-ext-nacl)#exi R4(config)#class-map smtp
R4(config-cmap)#match access-group 100
R4(config-cmap)#exi
R4(config)#access-list 100 permit tcp any any eq smtp R4(config)#class-map ftp
R4(config-cmap)#match access-group 101
R4(config-cmap)#exi
R4(config)#access-list 101 permit tcp any any eq 20
R4(config)#access-list 101 permit tcp any any eq 21 2 定义策略 R4(config)#policy-map CBWFQ
R4(config-pmap)#class QQ
R4(config-pmap-c)#bandwidth percent 5 //为类型为QQ的流量分配百分之五的带宽
R4(config-pmap)#class smtp
R4(config-pmap-c)#bandwidth percent 25
R4(config-pmap)#class ftp
R4(config-pmap-c)#bandwidth percent 20
R4(config-pmap-c)#exi 3 应用到接口上 R4(config)#int s0
R4(config-if)#service-policy output CBWFQ 4 验证 R4#sh policy-map //查看策略
Policy Map wy
Class QQ
police cir 10000 bc 1500
conform-action drop
exceed-action drop
Class smtp
police cir 10000 bc 1500
conform-action drop
exceed-action drop
Class ftp
police cir 10000 bc 1500
conform-action drop
exceed-action drop Policy Map CBWFQ
Class QQ
Bandwidth 5 (%) Max Threshold 64 (packets)
Class smtp
Bandwidth 25 (%) Max Threshold 64 (packets)
Class ftp
Bandwidth 20 (%) Max Threshold 64 (packets)
QQ群⑧:
窥视卡
雷达卡
发表于 2018-7-14 14:50:42
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡