Tweet
Cbwfq
CBWFQ
Mô tả:
Thực hiện
Sau khi đã cấu hình cho các router nhìn thấy nhau, ta tiến hành cấu hình CBWFQ:
Trên R1, ta tiến hành match các traffic http từ pc1 đến bất kỳ nguồn nào và gán cho các traffic này 1 DSCP là 50 để sang router R2 xử lý tiếp:
R1(config)#class-map http
R1(config-cmap)#match access-group 100
R1(config)#access-list 100 permit tcp host 192.168.1.2 any eq 80
R1(config)#policy-map pol
R1(config-pmap)#class http
R1(config-pmap-c)#set ip dscp 50 ßGán DSCP=50 cho luồng traffic
Sau đó áp vào interface S0/0 của router R1:
R1(config)#int s0/0
R1(config-if)#service-policy output pol
Nghĩa là các dòng traffic từ pc1 đến 1 web server nào trên mạng qua router R1 sẽ đều được gán 1 DSCP là 50(Nghĩa là R1 tiến hành marking)
Sau khi dòng traffic này đến R2, ta sẽ tiến hành xử lý nghẽn, bằng cách áp các fair queue lên dòng traffic có DSCP là 50:
R2(config)#class-map priority
R2(config-cmap)#match ip dscp 50
R2(config)#policy-map priorityBW
R2(config-pmap)#class class-default
R2(config-pmap-c)#fair-queue ß sử dung fairqueue khi nghẽn cho các luồng traffic khác
R2(config-pmap)#class priority
R2(config-pmap-c)#bandwidth percent 40 ßcung cấp 40%băng thông khi nghẽn cho luồng traffic có DSCP=50
R2(config-pmap-c)#random-detectßThực hiện WRED khi nghẽn(Drop ngầu nhiên)
Sau đó áp vào interface S0/0 của Router R2:
R2(config)#int s0/0
R2(config-if)#service-policy output priorityBW
Nghẽn chiều nào service policy chiều đó (chỉ nghẽn chiều out, chiều in là anh đưa bao nhiêu, tui nhận bấy nhiêu)
Kiểm tra:
Để kiểm tra, trên pc1 ta tiến hành cài phần mềm Http Traffic Generator để sinh ra các request Http liên tục, đến http server là router R3. Sau đó thực hiện debug trên router R3 để xem các luồng traffic đến R3 như thế nào.
Thực hiện lệnh show trên router R2 để xem các match:
R2#sh policy-map
Policy Map priorityBW
Class priority
Weighted Fair Queueing
Bandwidth 40 (%)
exponential weight 9
class min-threshold max-threshold mark-probablity
----------------------------------------------------------
0 - - 1/10
1 - - 1/10
2 - - 1/10
3 - - 1/10
4 - - 1/10
5 - - 1/10
6 - - 1/10
7 - - 1/10
rsvp - - 1/10
Class class-default
Weighted Fair Queueing
Flow based Fair Queueing Max Threshold 64 (packets)
Chạy http traffic generator trên pc1:
Bật debug trên router R3:
R3#debug ip tcp packet
TCP Packet debugging is on
R3#
01:19:01: tcp0: I LISTEN 192.168.1.2:1444 192.168.1.42:80 seq 1052901440
OPTS 8 SYN WIN 64240
01:19:01: tcp0: O SYNRCVD 192.168.1.2:1444 192.168.1.42:80 seq 1451073307
OPTS 4 ACK 1052901441 SYN WIN 4128
01:19:01: tcp0: I SYNRCVD 192.168.1.2:1444 192.168.1.42:80 seq 1052901441
ACK 1451073308 WIN 64320
01:19:01: tcp2: I ESTAB 192.168.1.2:1444 192.168.1.42:80 seq 1052901441
DATA 195 ACK 1451073308 PSH WIN 64320
01:19:01: tcp2: O ESTAB 192.168.1.2:1444 192.168.1.42:80 seq 1451073308
DATA 536 ACK 1052901636 WIN 3933
01:19:01: tcp2: O ESTAB 192.168.1.2:1444 192.168.1.42:80 seq 1451073844
DATA 536 ACK 1052901636 WIN 3933
01:19:01: tcp2: I ESTAB 192.168.1.2:1444 192.168.1.42:80 seq 1052901636
ACK 1451074380 WIN 64320
01:19:01: tcp2: O ESTAB 192.168.1.2:1444 192.168.1.42:80 seq 1451074380
DATA 536 ACK 1052901636 WIN 3933
01:19:01: tcp2: O ESTAB 192.168.1.2:1444 192.168.1.42:80 seq 1451074916
DATA 291 ACK 1052901636 PSH WIN 3933
01:19:01: tcp2: O FINWAIT1 192.168.1.2:1444 192.168.1.42:80 seq 1451075207
ACK 1052901636 FIN PSH WIN 3933
01:19:01: tcp2: I FINWAIT1 192.168.1.2:1444 192.168.1.42:80 seq 1052901636
ACK 1451075207 WIN 64320
01:19:01: tcp2: I FINWAIT1 192.168.1.2:1444 192.168.1.42:80 seq 1052901636
ACK 1451075208 WIN 64320
01:19:01: tcp2: I FINWAIT2 192.168.1.2:1444 192.168.1.42:80 seq 1052901636
ACK 1451075208 FIN WIN 64320
01:19:01: tcp2: O TIMEWAIT 192.168.1.2:1444 192.168.1.42:80 seq 1451075208
ACK 1052901637 WIN 3933
01:19:27: tcp0: I LISTEN 192.168.1.2:1445 192.168.1.42:80 seq 1058963866
OPTS 8 SYN WIN 64240
01:19:27: tcp0: O SYNRCVD 192.168.1.2:1445 192.168.1.42:80 seq 1477260155
OPTS 4 ACK 1058963867 SYN WIN 4128
01:19:27: tcp0: I SYNRCVD 192.168.1.2:1445 192.168.1.42:80 seq 1058963867
ACK 1477260156 WIN 64320
01:19:27: tcp2: I ESTAB 192.168.1.2:1445 192.168.1.42:80 seq 1058963867
DATA 66 ACK 1477260156 PSH WIN 64320
01:19:27: tcp2: O ESTAB 192.168.1.2:1445 192.168.1.42:80 seq 1477260156
DATA 536 ACK 1058963933 WIN 4062
01:19:27: tcp2: O ESTAB 192.168.1.2:1445 192.168.1.42:80 seq 1477260692
DATA 536 ACK 1058963933 WIN 4062
01:19:27: tcp2: I ESTAB 192.168.1.2:1445 192.168.1.42:80 seq 1058963933
ACK 1477261228 WIN 64320
01:19:27: tcp2: I ESTAB 192.168.1.2:1445 192.168.1.42:80 seq 1058963933
RST WIN 0
01:19:27: tcp0: I LISTEN 192.168.1.2:1446 192.168.1.42:80 seq 1059174474
OPTS 8 SYN WIN 64240
01:19:27: tcp0: O SYNRCVD 192.168.1.2:1446 192.168.1.42:80 seq 1477992839
OPTS 4 ACK 1059174475 SYN WIN 4128
01:19:28: tcp0: I SYNRCVD 192.168.1.2:1446 192.168.1.42:80 seq 1059174475
ACK 1477992840 WIN 64320
01:19:28: tcp2: I ESTAB 192.168.1.2:1446 192.168.1.42:80 seq 1059174475
DATA 66 ACK 1477992840 PSH WIN 64320
01:19:28: tcp2: O ESTAB 192.168.1.2:1446 192.168.1.42:80 seq 1477992840
DATA 536 ACK 1059174541 WIN 4062
01:19:28: tcp2: O ESTAB 192.168.1.2:1446 192.168.1.42:80 seq 1477993376
DATA 536 ACK 1059174541 WIN 4062
01:19:28: tcp2: I ESTAB 192.168.1.2:1446 192.168.1.42:80 seq 1059174541
ACK 1477993912 WIN 64320
01:19:28: tcp2: I ESTAB 192.168.1.2:1446 192.168.1.42:80 seq 1059174541
RST WIN 0
Cấu hình:
R1
Building configuration...
Current configuration : 958 bytes
!
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R1
!
logging rate-limit console 10 except errors
!
memory-size iomem 10
ip subnet-zero
!
!
no ip finger
!
!
class-map match-all http
match access-group 100
!
!
policy-map pol
class http
set ip dscp 50
!
!
!
call rsvp-sync
!
!
!
!
!
!
!
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface Serial0/0
ip address 192.168.1.37 255.255.255.252
service-policy output pol
!
interface FastEthernet0/1
ip address 192.168.1.1 255.255.255.224
duplex auto
speed auto
!
router eigrp 100
network 192.168.1.0
no auto-summary
no eigrp log-neighbor-changes
!
ip classless
no ip http server
!
access-list 100 permit tcp host 192.168.1.2 any eq www
!
voice-port 1/0/0
!
voice-port 1/0/1
!
dial-peer cor custom
!
!
!
!
!
line con 0
transport input none
line aux 0
line vty 0 4
!
no scheduler allocate
end
R2
Building configuration...
01:03:34: %SYS-5-CONFIG_I: Configured from console by console
Current configuration : 1037 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R2
!
!
memory-size iomem 10
ip subnet-zero
!
!
!
!
class-map match-all priority
match ip dscp 50
!
!
policy-map priorityBW
class priority
bandwidth percent 40
random-detect
class class-default
fair-queue
!
call rsvp-sync
!
!
!
!
!
!
!
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 192.168.1.41 255.255.255.252
service-policy output priorityBW
clockrate 64000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
ip address 192.168.1.38 255.255.255.252
clockrate 64000
!
router eigrp 100
network 192.168.1.0
auto-summary
no eigrp log-neighbor-changes
!
ip classless
no ip http server
ip pim bidir-enable
!
!
!
dial-peer cor custom
!
!
!
!
line con 0
line aux 0
line vty 0 4
!
no scheduler allocate
end
R3(Http)
Building configuration...
00:16:56: %SYS-5-CONFIG_I: Configured from console by console
Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R3
!
!
!
!
!
!
ip subnet-zero
!
!
!
!
interface Ethernet0
no ip address
shutdown
!
interface Serial0
ip address 192.168.1.42 255.255.255.252
!
interface Serial1
no ip address
shutdown
!
router eigrp 100
network 192.168.1.0
no eigrp log-neighbor-changes
!
ip classless
ip http server
!
!
line con 0
transport input none
line aux 0
line vty 0 4
!
end
Mô tả:
Thực hiện
Sau khi đã cấu hình cho các router nhìn thấy nhau, ta tiến hành cấu hình CBWFQ:
Trên R1, ta tiến hành match các traffic http từ pc1 đến bất kỳ nguồn nào và gán cho các traffic này 1 DSCP là 50 để sang router R2 xử lý tiếp:
R1(config)#class-map http
R1(config-cmap)#match access-group 100
R1(config)#access-list 100 permit tcp host 192.168.1.2 any eq 80
R1(config)#policy-map pol
R1(config-pmap)#class http
R1(config-pmap-c)#set ip dscp 50 ßGán DSCP=50 cho luồng traffic
Sau đó áp vào interface S0/0 của router R1:
R1(config)#int s0/0
R1(config-if)#service-policy output pol
Nghĩa là các dòng traffic từ pc1 đến 1 web server nào trên mạng qua router R1 sẽ đều được gán 1 DSCP là 50(Nghĩa là R1 tiến hành marking)
Sau khi dòng traffic này đến R2, ta sẽ tiến hành xử lý nghẽn, bằng cách áp các fair queue lên dòng traffic có DSCP là 50:
R2(config)#class-map priority
R2(config-cmap)#match ip dscp 50
R2(config)#policy-map priorityBW
R2(config-pmap)#class class-default
R2(config-pmap-c)#fair-queue ß sử dung fairqueue khi nghẽn cho các luồng traffic khác
R2(config-pmap)#class priority
R2(config-pmap-c)#bandwidth percent 40 ßcung cấp 40%băng thông khi nghẽn cho luồng traffic có DSCP=50
R2(config-pmap-c)#random-detectßThực hiện WRED khi nghẽn(Drop ngầu nhiên)
Sau đó áp vào interface S0/0 của Router R2:
R2(config)#int s0/0
R2(config-if)#service-policy output priorityBW
Nghẽn chiều nào service policy chiều đó (chỉ nghẽn chiều out, chiều in là anh đưa bao nhiêu, tui nhận bấy nhiêu)
Kiểm tra:
Để kiểm tra, trên pc1 ta tiến hành cài phần mềm Http Traffic Generator để sinh ra các request Http liên tục, đến http server là router R3. Sau đó thực hiện debug trên router R3 để xem các luồng traffic đến R3 như thế nào.
Thực hiện lệnh show trên router R2 để xem các match:
R2#sh policy-map
Policy Map priorityBW
Class priority
Weighted Fair Queueing
Bandwidth 40 (%)
exponential weight 9
class min-threshold max-threshold mark-probablity
----------------------------------------------------------
0 - - 1/10
1 - - 1/10
2 - - 1/10
3 - - 1/10
4 - - 1/10
5 - - 1/10
6 - - 1/10
7 - - 1/10
rsvp - - 1/10
Class class-default
Weighted Fair Queueing
Flow based Fair Queueing Max Threshold 64 (packets)
Chạy http traffic generator trên pc1:
Bật debug trên router R3:
R3#debug ip tcp packet
TCP Packet debugging is on
R3#
01:19:01: tcp0: I LISTEN 192.168.1.2:1444 192.168.1.42:80 seq 1052901440
OPTS 8 SYN WIN 64240
01:19:01: tcp0: O SYNRCVD 192.168.1.2:1444 192.168.1.42:80 seq 1451073307
OPTS 4 ACK 1052901441 SYN WIN 4128
01:19:01: tcp0: I SYNRCVD 192.168.1.2:1444 192.168.1.42:80 seq 1052901441
ACK 1451073308 WIN 64320
01:19:01: tcp2: I ESTAB 192.168.1.2:1444 192.168.1.42:80 seq 1052901441
DATA 195 ACK 1451073308 PSH WIN 64320
01:19:01: tcp2: O ESTAB 192.168.1.2:1444 192.168.1.42:80 seq 1451073308
DATA 536 ACK 1052901636 WIN 3933
01:19:01: tcp2: O ESTAB 192.168.1.2:1444 192.168.1.42:80 seq 1451073844
DATA 536 ACK 1052901636 WIN 3933
01:19:01: tcp2: I ESTAB 192.168.1.2:1444 192.168.1.42:80 seq 1052901636
ACK 1451074380 WIN 64320
01:19:01: tcp2: O ESTAB 192.168.1.2:1444 192.168.1.42:80 seq 1451074380
DATA 536 ACK 1052901636 WIN 3933
01:19:01: tcp2: O ESTAB 192.168.1.2:1444 192.168.1.42:80 seq 1451074916
DATA 291 ACK 1052901636 PSH WIN 3933
01:19:01: tcp2: O FINWAIT1 192.168.1.2:1444 192.168.1.42:80 seq 1451075207
ACK 1052901636 FIN PSH WIN 3933
01:19:01: tcp2: I FINWAIT1 192.168.1.2:1444 192.168.1.42:80 seq 1052901636
ACK 1451075207 WIN 64320
01:19:01: tcp2: I FINWAIT1 192.168.1.2:1444 192.168.1.42:80 seq 1052901636
ACK 1451075208 WIN 64320
01:19:01: tcp2: I FINWAIT2 192.168.1.2:1444 192.168.1.42:80 seq 1052901636
ACK 1451075208 FIN WIN 64320
01:19:01: tcp2: O TIMEWAIT 192.168.1.2:1444 192.168.1.42:80 seq 1451075208
ACK 1052901637 WIN 3933
01:19:27: tcp0: I LISTEN 192.168.1.2:1445 192.168.1.42:80 seq 1058963866
OPTS 8 SYN WIN 64240
01:19:27: tcp0: O SYNRCVD 192.168.1.2:1445 192.168.1.42:80 seq 1477260155
OPTS 4 ACK 1058963867 SYN WIN 4128
01:19:27: tcp0: I SYNRCVD 192.168.1.2:1445 192.168.1.42:80 seq 1058963867
ACK 1477260156 WIN 64320
01:19:27: tcp2: I ESTAB 192.168.1.2:1445 192.168.1.42:80 seq 1058963867
DATA 66 ACK 1477260156 PSH WIN 64320
01:19:27: tcp2: O ESTAB 192.168.1.2:1445 192.168.1.42:80 seq 1477260156
DATA 536 ACK 1058963933 WIN 4062
01:19:27: tcp2: O ESTAB 192.168.1.2:1445 192.168.1.42:80 seq 1477260692
DATA 536 ACK 1058963933 WIN 4062
01:19:27: tcp2: I ESTAB 192.168.1.2:1445 192.168.1.42:80 seq 1058963933
ACK 1477261228 WIN 64320
01:19:27: tcp2: I ESTAB 192.168.1.2:1445 192.168.1.42:80 seq 1058963933
RST WIN 0
01:19:27: tcp0: I LISTEN 192.168.1.2:1446 192.168.1.42:80 seq 1059174474
OPTS 8 SYN WIN 64240
01:19:27: tcp0: O SYNRCVD 192.168.1.2:1446 192.168.1.42:80 seq 1477992839
OPTS 4 ACK 1059174475 SYN WIN 4128
01:19:28: tcp0: I SYNRCVD 192.168.1.2:1446 192.168.1.42:80 seq 1059174475
ACK 1477992840 WIN 64320
01:19:28: tcp2: I ESTAB 192.168.1.2:1446 192.168.1.42:80 seq 1059174475
DATA 66 ACK 1477992840 PSH WIN 64320
01:19:28: tcp2: O ESTAB 192.168.1.2:1446 192.168.1.42:80 seq 1477992840
DATA 536 ACK 1059174541 WIN 4062
01:19:28: tcp2: O ESTAB 192.168.1.2:1446 192.168.1.42:80 seq 1477993376
DATA 536 ACK 1059174541 WIN 4062
01:19:28: tcp2: I ESTAB 192.168.1.2:1446 192.168.1.42:80 seq 1059174541
ACK 1477993912 WIN 64320
01:19:28: tcp2: I ESTAB 192.168.1.2:1446 192.168.1.42:80 seq 1059174541
RST WIN 0
Cấu hình:
R1
Building configuration...
Current configuration : 958 bytes
!
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R1
!
logging rate-limit console 10 except errors
!
memory-size iomem 10
ip subnet-zero
!
!
no ip finger
!
!
class-map match-all http
match access-group 100
!
!
policy-map pol
class http
set ip dscp 50
!
!
!
call rsvp-sync
!
!
!
!
!
!
!
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface Serial0/0
ip address 192.168.1.37 255.255.255.252
service-policy output pol
!
interface FastEthernet0/1
ip address 192.168.1.1 255.255.255.224
duplex auto
speed auto
!
router eigrp 100
network 192.168.1.0
no auto-summary
no eigrp log-neighbor-changes
!
ip classless
no ip http server
!
access-list 100 permit tcp host 192.168.1.2 any eq www
!
voice-port 1/0/0
!
voice-port 1/0/1
!
dial-peer cor custom
!
!
!
!
!
line con 0
transport input none
line aux 0
line vty 0 4
!
no scheduler allocate
end
R2
Building configuration...
01:03:34: %SYS-5-CONFIG_I: Configured from console by console
Current configuration : 1037 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R2
!
!
memory-size iomem 10
ip subnet-zero
!
!
!
!
class-map match-all priority
match ip dscp 50
!
!
policy-map priorityBW
class priority
bandwidth percent 40
random-detect
class class-default
fair-queue
!
call rsvp-sync
!
!
!
!
!
!
!
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 192.168.1.41 255.255.255.252
service-policy output priorityBW
clockrate 64000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
ip address 192.168.1.38 255.255.255.252
clockrate 64000
!
router eigrp 100
network 192.168.1.0
auto-summary
no eigrp log-neighbor-changes
!
ip classless
no ip http server
ip pim bidir-enable
!
!
!
dial-peer cor custom
!
!
!
!
line con 0
line aux 0
line vty 0 4
!
no scheduler allocate
end
R3(Http)
Building configuration...
00:16:56: %SYS-5-CONFIG_I: Configured from console by console
Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R3
!
!
!
!
!
!
ip subnet-zero
!
!
!
!
interface Ethernet0
no ip address
shutdown
!
interface Serial0
ip address 192.168.1.42 255.255.255.252
!
interface Serial1
no ip address
shutdown
!
router eigrp 100
network 192.168.1.0
no eigrp log-neighbor-changes
!
ip classless
ip http server
!
!
line con 0
transport input none
line aux 0
line vty 0 4
!
end
Comment