Tweet
Marking
Sơ đồ
Mô tả:
Bài thực hành này hướng dẫn Classification và Marking.
Đầu tiên Traffic sẽ được phân loại trên R1 và được đánh dấu (Marking) với những giá trị DSCP tương ứng, sau đó tại R2 sẽ được phân loại trên những giá trị DSCP được Marking trước đó.
Thực hiện:
Cấu hình ban đầu
Cấu hình R1:
R1#sh run
Building configuration...
Current configuration : 1509 bytes
!
version 12.2
!
hostname R1
!
ip subnet-zero
!
ip cef
!
interface Ethernet0/0
ip address 192.168.0.1 255.255.255.0
half-duplex
!
interface Serial0/0
ip address 192.168.1.1 255.255.255.0
!
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.2
!
voice-port 1/1/0
!
voice-port 1/1/1
!
mgcp profile default
!
dial-peer cor custom
!
dial-peer voice 1 pots
destination-pattern 101
port 1/1/0
!
dial-peer voice 2 voip
destination-pattern 201
session target ipv4:192.168.2.2
!
line con 0
line aux 0
line vty 0 4
privilege level 15
no login
!
end
Cấu hình R2:
R2#show run
Building configuration...
Current configuration : 1534 bytes
!
version 12.2
!
hostname R2
!
!
ip subnet-zero
!
ip host R3 192.168.2.2
ip host R1 192.168.1.1
!
!
interface Ethernet0/0
ip address 172.16.1.1 255.255.255.0
half-duplex
!
interface Serial0/0
ip address 192.168.1.2 255.255.255.0
clockrate 2000000
no fair-queue
!
!
interface Serial0/1
ip address 192.168.2.1 255.255.255.0
!
no ip http server
ip classless
ip route 100.1.1.0 255.255.255.0 192.168.2.2
ip route 192.168.0.0 255.255.255.0 192.168.1.1
!
!
line con 0
line aux 0
line vty 0 4
privilege level 15
no login
!
!
End
Cấu hình R3:
R3#show run
Building configuration...
Current configuration : 932 bytes
!
version 12.2
!
hostname R3
!
ip subnet-zero
!
!
interface Loopback0
ip address 100.1.1.1 255.255.255.0
!
!
interface Serial0/0
ip address 192.168.2.2 255.255.255.0
clockrate 2000000
!
ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.2.1
!
!
!
voice-port 1/0/0
!
voice-port 1/0/1
!
dial-peer voice 1 pots
destination-pattern 201
port 1/0/0
!
dial-peer voice 2 voip
destination-pattern 101
session target ipv4:192.168.1.1
!
line con 0
line aux 0
line vty 0 4
privilege level 15
no login
!
!
end
Thực hiện
Trên R1:
Tạo ACL chọn lưu lượng:
access-list 100 permit icmp host 192.168.0.2 host 100.1.1.1 echo
access-list 100 permit icmp host 192.168.0.2 host 100.1.1.1 echo-reply
access-list 101 permit tcp any any eq telnet
access-list 102 permit tcp any any eq www
Tạo class-map:
class-map match-all TELNET
match access-group 101
class-map match-all PING
match access-group 100
class-map match-all HTTP
match access-group 102
class-map match-all VoIP
match ip rtp 16384 16383
Tạo policy-map:
policy-map TRAFFIC
class PING
set dscp af11 << đánh dấu lưu lượng tương ứng giá trị af11
class TELNET
set dscp af21 << đánh dấu lưu lượng tương ứng giá trị af21
class HTTP
set dscp af31 << đánh dấu lưu lượng tương ứng giá trị af31
class VoIP
set dscp ef << đánh dấu lưu lượng tương ứng giá trị ef
Áp dụng lên cổng:
interface Serial0/0
ip address 192.168.1.1 255.255.255.0
service-policy output TRAFFIC
Trên R2
Tạo ACL chọn lưu lượng
access-list 100 permit icmp host 192.168.0.2 host 100.1.1.1 echo
access-list 100 permit icmp host 192.168.0.2 host 100.1.1.1 echo-reply
access-list 101 permit tcp any any eq telnet
access-list 102 permit tcp any any eq www
Tạo class-map dùng ACL
class-map match-all TELNET
match dscp af21
class-map match-all PING
match dscp af11
class-map match-all HTTP
match dscp af31
class-map match-all VoIP
match dscp ef
Tạo Policy-map
policy-map TRAFFIC
class PING
class TELNET
class HTTP
class VoIP
Áp dụng lên cổng
interface Serial0/0
ip address 192.168.1.2 255.255.255.0
service-policy input TRAFFIC
clockrate 2000000
no fair-queue
Kiểm tra:
R1#sh policy-map
Policy Map TRAFFIC
Class PING
set dscp af11
Class TELNET
set dscp af21
Class HTTP
set dscp af31
Class VoIP
set dscp ef
R1#sh class-map
Class Map match-all TELNET (id 1)
Match access-group 101
Class Map match-all PING (id 2)
Match access-group 100
Class Map match-all HTTP (id 3)
Match access-group 102
Class Map match-all VoIP (id 4)
Match ip rtp 16384 16383
Class Map match-any class-default (id 0)
Match any
Tại thời điểm này chưa có Traffic liên quan được tạo ra nên số lượng gói so khớp và được Marking là bằng 0
R1#sh policy-map interface s0/0
Serial0/0
Service-policy output: TRAFFIC
Class-map: PING (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group 100
QoS Set
dscp af11
Packets marked 0
Class-map: TELNET (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group 101
QoS Set
dscp af21
Packets marked 0
Class-map: HTTP (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group 102
QoS Set
dscp af31
Packets marked 0
Class-map: VoIP (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: ip rtp 16384 16383
QoS Set
dscp ef
Packets marked 0
Class-map: class-default (match-any)
143 packets, 10947 bytes
5 minute offered rate 1000 bps, drop rate 0 bps
Match: any
Tạo ra những Traffic liên quan, quan sát trong lênh Show ở đây nhận thấy số lượng gói so khớp với mỗi lớp và gói được Marking.
R1#sh policy-map interface s0/0
Serial0/0
Service-policy output: TRAFFIC
Class-map: PING (match-all)
10 packets, 640 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group 100
QoS Set
dscp af11
Packets marked 10
Class-map: TELNET (match-all)
25 packets, 1151 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group 101
QoS Set
dscp af21
Packets marked 25
Class-map: HTTP (match-all)
61 packets, 4684 bytes
5 minute offered rate 1000 bps, drop rate 0 bps
Match: access-group 102
QoS Set
dscp af31
Packets marked 61
Class-map: VoIP (match-all)
370 packets, 23622 bytes
5 minute offered rate 2000 bps, drop rate 0 bps
Match: ip rtp 16384 16383
QoS Set
dscp ef
Packets marked 372
Class-map: class-default (match-any)
390 packets, 52662 bytes
5 minute offered rate 2000 bps, drop rate 0 bps
Match: any
R1#
Tại R2 thực hiện Classification với những giá trị được Marking trên R1
R2#sh class-map
Class Map match-all TELNET (id 2)
Match dscp af21
Class Map match-all PING (id 1)
Match dscp af11
Class Map match-all HTTP (id 3)
Match dscp af31
Class Map match-all VoIP (id 4)
Match dscp ef
Class Map match-any class-default (id 0)
Match any
R2#sh policy-map interface s0/0
Serial0/0
Service-policy input: TRAFFIC
Class-map: PING (match-all)
10 packets, 640 bytes
5 minute offered rate 0 bps
Match: dscp af11
Class-map: TELNET (match-all)
25 packets, 1151 bytes
5 minute offered rate 0 bps
Match: dscp af21
Class-map: HTTP (match-all)
86 packets, 7508 bytes
5 minute offered rate 0 bps
Match: dscp af31
Class-map: VoIP (match-all)
494 packets, 31529 bytes
5 minute offered rate 0 bps
Match: dscp ef
Class-map: class-default (match-any)
204 packets, 37027 bytes
5 minute offered rate 1000 bps, drop rate 0 bps
Match: any
Sơ đồ
Mô tả:
Bài thực hành này hướng dẫn Classification và Marking.
Đầu tiên Traffic sẽ được phân loại trên R1 và được đánh dấu (Marking) với những giá trị DSCP tương ứng, sau đó tại R2 sẽ được phân loại trên những giá trị DSCP được Marking trước đó.
Thực hiện:
Cấu hình ban đầu
Cấu hình R1:
R1#sh run
Building configuration...
Current configuration : 1509 bytes
!
version 12.2
!
hostname R1
!
ip subnet-zero
!
ip cef
!
interface Ethernet0/0
ip address 192.168.0.1 255.255.255.0
half-duplex
!
interface Serial0/0
ip address 192.168.1.1 255.255.255.0
!
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.2
!
voice-port 1/1/0
!
voice-port 1/1/1
!
mgcp profile default
!
dial-peer cor custom
!
dial-peer voice 1 pots
destination-pattern 101
port 1/1/0
!
dial-peer voice 2 voip
destination-pattern 201
session target ipv4:192.168.2.2
!
line con 0
line aux 0
line vty 0 4
privilege level 15
no login
!
end
Cấu hình R2:
R2#show run
Building configuration...
Current configuration : 1534 bytes
!
version 12.2
!
hostname R2
!
!
ip subnet-zero
!
ip host R3 192.168.2.2
ip host R1 192.168.1.1
!
!
interface Ethernet0/0
ip address 172.16.1.1 255.255.255.0
half-duplex
!
interface Serial0/0
ip address 192.168.1.2 255.255.255.0
clockrate 2000000
no fair-queue
!
!
interface Serial0/1
ip address 192.168.2.1 255.255.255.0
!
no ip http server
ip classless
ip route 100.1.1.0 255.255.255.0 192.168.2.2
ip route 192.168.0.0 255.255.255.0 192.168.1.1
!
!
line con 0
line aux 0
line vty 0 4
privilege level 15
no login
!
!
End
Cấu hình R3:
R3#show run
Building configuration...
Current configuration : 932 bytes
!
version 12.2
!
hostname R3
!
ip subnet-zero
!
!
interface Loopback0
ip address 100.1.1.1 255.255.255.0
!
!
interface Serial0/0
ip address 192.168.2.2 255.255.255.0
clockrate 2000000
!
ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.2.1
!
!
!
voice-port 1/0/0
!
voice-port 1/0/1
!
dial-peer voice 1 pots
destination-pattern 201
port 1/0/0
!
dial-peer voice 2 voip
destination-pattern 101
session target ipv4:192.168.1.1
!
line con 0
line aux 0
line vty 0 4
privilege level 15
no login
!
!
end
Thực hiện
Trên R1:
Tạo ACL chọn lưu lượng:
access-list 100 permit icmp host 192.168.0.2 host 100.1.1.1 echo
access-list 100 permit icmp host 192.168.0.2 host 100.1.1.1 echo-reply
access-list 101 permit tcp any any eq telnet
access-list 102 permit tcp any any eq www
Tạo class-map:
class-map match-all TELNET
match access-group 101
class-map match-all PING
match access-group 100
class-map match-all HTTP
match access-group 102
class-map match-all VoIP
match ip rtp 16384 16383
Tạo policy-map:
policy-map TRAFFIC
class PING
set dscp af11 << đánh dấu lưu lượng tương ứng giá trị af11
class TELNET
set dscp af21 << đánh dấu lưu lượng tương ứng giá trị af21
class HTTP
set dscp af31 << đánh dấu lưu lượng tương ứng giá trị af31
class VoIP
set dscp ef << đánh dấu lưu lượng tương ứng giá trị ef
Áp dụng lên cổng:
interface Serial0/0
ip address 192.168.1.1 255.255.255.0
service-policy output TRAFFIC
Trên R2
Tạo ACL chọn lưu lượng
access-list 100 permit icmp host 192.168.0.2 host 100.1.1.1 echo
access-list 100 permit icmp host 192.168.0.2 host 100.1.1.1 echo-reply
access-list 101 permit tcp any any eq telnet
access-list 102 permit tcp any any eq www
Tạo class-map dùng ACL
class-map match-all TELNET
match dscp af21
class-map match-all PING
match dscp af11
class-map match-all HTTP
match dscp af31
class-map match-all VoIP
match dscp ef
Tạo Policy-map
policy-map TRAFFIC
class PING
class TELNET
class HTTP
class VoIP
Áp dụng lên cổng
interface Serial0/0
ip address 192.168.1.2 255.255.255.0
service-policy input TRAFFIC
clockrate 2000000
no fair-queue
Kiểm tra:
R1#sh policy-map
Policy Map TRAFFIC
Class PING
set dscp af11
Class TELNET
set dscp af21
Class HTTP
set dscp af31
Class VoIP
set dscp ef
R1#sh class-map
Class Map match-all TELNET (id 1)
Match access-group 101
Class Map match-all PING (id 2)
Match access-group 100
Class Map match-all HTTP (id 3)
Match access-group 102
Class Map match-all VoIP (id 4)
Match ip rtp 16384 16383
Class Map match-any class-default (id 0)
Match any
Tại thời điểm này chưa có Traffic liên quan được tạo ra nên số lượng gói so khớp và được Marking là bằng 0
R1#sh policy-map interface s0/0
Serial0/0
Service-policy output: TRAFFIC
Class-map: PING (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group 100
QoS Set
dscp af11
Packets marked 0
Class-map: TELNET (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group 101
QoS Set
dscp af21
Packets marked 0
Class-map: HTTP (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group 102
QoS Set
dscp af31
Packets marked 0
Class-map: VoIP (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: ip rtp 16384 16383
QoS Set
dscp ef
Packets marked 0
Class-map: class-default (match-any)
143 packets, 10947 bytes
5 minute offered rate 1000 bps, drop rate 0 bps
Match: any
Tạo ra những Traffic liên quan, quan sát trong lênh Show ở đây nhận thấy số lượng gói so khớp với mỗi lớp và gói được Marking.
R1#sh policy-map interface s0/0
Serial0/0
Service-policy output: TRAFFIC
Class-map: PING (match-all)
10 packets, 640 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group 100
QoS Set
dscp af11
Packets marked 10
Class-map: TELNET (match-all)
25 packets, 1151 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group 101
QoS Set
dscp af21
Packets marked 25
Class-map: HTTP (match-all)
61 packets, 4684 bytes
5 minute offered rate 1000 bps, drop rate 0 bps
Match: access-group 102
QoS Set
dscp af31
Packets marked 61
Class-map: VoIP (match-all)
370 packets, 23622 bytes
5 minute offered rate 2000 bps, drop rate 0 bps
Match: ip rtp 16384 16383
QoS Set
dscp ef
Packets marked 372
Class-map: class-default (match-any)
390 packets, 52662 bytes
5 minute offered rate 2000 bps, drop rate 0 bps
Match: any
R1#
Tại R2 thực hiện Classification với những giá trị được Marking trên R1
R2#sh class-map
Class Map match-all TELNET (id 2)
Match dscp af21
Class Map match-all PING (id 1)
Match dscp af11
Class Map match-all HTTP (id 3)
Match dscp af31
Class Map match-all VoIP (id 4)
Match dscp ef
Class Map match-any class-default (id 0)
Match any
R2#sh policy-map interface s0/0
Serial0/0
Service-policy input: TRAFFIC
Class-map: PING (match-all)
10 packets, 640 bytes
5 minute offered rate 0 bps
Match: dscp af11
Class-map: TELNET (match-all)
25 packets, 1151 bytes
5 minute offered rate 0 bps
Match: dscp af21
Class-map: HTTP (match-all)
86 packets, 7508 bytes
5 minute offered rate 0 bps
Match: dscp af31
Class-map: VoIP (match-all)
494 packets, 31529 bytes
5 minute offered rate 0 bps
Match: dscp ef
Class-map: class-default (match-any)
204 packets, 37027 bytes
5 minute offered rate 1000 bps, drop rate 0 bps
Match: any