Lab4-6.net file for Dynamips:
##################################################
#
# CCNP Version 5.0: Optimizing Converged Cisco Networks
# Lab 4.6 Class-based Marking, Shaping, and Policing
# By Happy Peter http://blog.xuite.net/juilin77/happy
#
##################################################
autostart=false
[localhost:7200]
workingdir = /opt/dynamips/dynagen-0.11.0/UTS/CCNP4/lab4-6/workingconfig/
[[2621]]
# Specify 2621 IOS image on Linux here:
image = /opt/dynamips/images/C2600-TS.BIN
ram = 128
# Choose an idlepc value from the below
idlepc = 0x803f37cc
mmap = true
ghostios = true
confreg = 0x2102
[[3725]]
# Specify 3725 IOS image on Linux here:
image = /opt/dynamips/images/c3725-ad.bin
ram = 256
idlepc = 0x60bf8d58
mmap = true
ghostios = true
confreg = 0x2102
###########################
#
# Define router instances 1
#
###########################
[[Router R1]]
model = 3725
console = 2001
[[Router R2]]
model = 3725
console = 2002
slot1 = NM-4T
[[Router R3]]
model = 3725
console = 2003
slot1 = NM-4T
s1/0 = R2 s1/0
s1/1 = TGN s0/0
[[Router SW1]]
model = 3725
console = 2004
slot1 = NM-16ESW
f1/1 = R1 f0/0
f1/2 = R1 f0/1
f1/3 = R2 f0/0
f1/7 = TGN f0/0
f1/8 = TGN f0/1
[[Router TGN]]
# tgn: 407554012371
model = 2621
console = 2005
WIC0/0 = WIC-1T
Learning Objectives
‧ Mark packets with DSCP values
‧ Implement class-based TCP Header Compression
‧ Configure class-based traffic shaping and policing
‧ Create and apply nested service policies
Preparation:
ALS1:
ALS1(config)#no ip routing
ALS1(config)#no ip domain lookup
ALS1(config)#line console 0
ALS1(config-line)#logging synchronous
ALS1#vlan database
ALS1(vlan)#vlan 10 name VL10
ALS1(vlan)#vlan 20 name VL20
ALS1(vlan)#vlan 30 name VL30
ALS1(vlan)#apply
ALS1(vlan)#exit
ALS1(config)#interface fastEthernet 1/1
ALS1(config-if)#description To_R1F0/0
ALS1(config-if)#switchport mode access
ALS1(config-if)#switchport access vlan 10
ALS1(config)#interface fastEthernet 1/2
ALS1(config-if)#description To_R1F0/1
ALS1(config-if)#switchport mode access
ALS1(config-if)#switchport access vlan 30
ALS1(config)#interface fastEthernet 1/3
ALS1(config-if)#description To_R2F0/0
ALS1(config-if)#switchport mode access
ALS1(config-if)#switchport access vlan 20
ALS1(config)#interface fastEthernet 1/7
ALS1(config-if)#description To_TGNF0/0
ALS1(config-if)#switchport mode trunk
ALS1(config-if)#switchport trunk encapsulation dot1q
ALS1(config)#interface fastEthernet 1/8
ALS1(config-if)#description To_TGNF0/1
ALS1(config-if)#switchport mode access
ALS1(config-if)#switchport access vlan 30
TGN:
TGN(config)#no ip domain-lookup
TGN(config)#line con 0
TGN(config-line)#logg synchronous
TGN(config)#ip cef
TGN(config)#ip vrf PAGENT
TGN(config-vrf)#rd 100:1
TGN(config-vrf)#route-target both 1:100
TGN(config)#interface fastEthernet 0/0
TGN(config-if)#no shutdown
TGN(config)#interface fastEthernet 0/0.10
TGN(config-subif)#description Interface generating traffic
TGN(config-subif)#encapsulation dot1Q 10
TGN(config-subif)#ip vrf forwarding PAGENT
TGN(config-subif)#ip address 172.16.10.4 255.255.255.0
TGN(config)#interface fastEthernet 0/0.20
TGN(config-subif)#description capturing traffic
TGN(config-subif)#encapsulation dot1Q 20
TGN(config-subif)#ip vrf forwarding PAGENT
TGN(config-subif)#ip address 172.16.20.4 255.255.255.0
TGN(config)#interface fastEthernet 0/1
TGN(config-if)#ip address 172.16.14.4 255.255.255.0
TGN(config-if)#no shutdown
TGN(config)#interface serial 0/0
TGN(config-if)#ip address 172.16.34.4 255.255.255.0
TGN(config-if)#bandwidth 800
TGN(config-if)#no shutdown
TGN to start generating traffic.
TGN#tgn
Loading these configurations:
fastethernet0/0
add tcp
rate 1000
datalink ios-dependent fastethernet0/0.10
l2-arp-for 172.16.10.1
l3-src 172.16.10.4
l3-dest 172.16.20.4
l4-dest 23
length random 16 to 1500
burst on
burst duration off 1000 to 2000
burst duration on 1000 to 3000
add fastethernet0/0 1
l4-dest 80
data ascii 0 GET /index.html HTTP/1.1
add fastethernet0/0 1
l4-dest 21
add fastethernet0/0 1
l4-dest 123
add fastethernet0/0 1
l4-dest 110
add fastethernet0/0 1
l4-dest 25
add fastethernet0/0 1
l4-dest 22
add fastethernet0/0 1
l4-dest 6000
!
end
TGN#tgn start
Step 1: Configure the Physical Interfaces
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip address 172.16.10.1 255.255.255.0
R1(config-if)#speed 100
R1(config-if)#duplex full
R1(config-if)#no shutdown
R1(config)#interface fastEthernet 0/1
R1(config-if)#ip address 172.16.14.1 255.255.255.0
R1(config-if)#speed 100
R1(config-if)#duplex full
R1(config-if)#no shutdown
R2(config)#interface fastEthernet 0/0
R2(config-if)#ip address 172.16.20.2 255.255.255.0
R2(config-if)#speed 100
R2(config-if)#duplex full
R2(config-if)#no shutdown
R2(config)#interface serial 1/0
R2(config-if)#ip address 172.16.23.2 255.255.255.0
R2(config-if)#clock rate 806400
R2(config-if)#bandwidth 800
R2(config-if)#no shutdown
R3(config)#interface serial 1/0
R3(config-if)#ip address 172.16.23.3 255.255.255.0
R3(config-if)#bandwidth 800
R3(config-if)#no shutdown
R3(config)#interface serial 1/1
R3(config-if)#ip address 172.16.34.3 255.255.255.0
R3(config-if)#clock rate 806400
R3(config-if)#bandwidth 800
R3(config-if)#no shutdown
Step 2: Configure Routing
Establish adjacencies for routing with Open Shortest Path First (OSPF). Include all connected subnets within the 172.16.0.0/16 major network for all four routers.
R1(config)#router ospf 1
R1(config-router)#network 172.16.0.0 0.0.255.255 area 0
R2(config)#router ospf 1
R2(config-router)#network 172.16.0.0 0.0.255.255 area 0
R3(config)#router ospf 1
R3(config-router)#network 172.16.0.0 0.0.255.255 area 0
TGN(config)#router ospf 1
TGN(config-router)#network 172.16.0.0 0.0.255.255 area 0
Step 3: Mark Packets with DSCP
For this scenario, R1 will classify via NBAR and mark packets with the EF and AF DSCP markings. All QoS actions will be performed within the MQC, so you will need to create traffic classes on each router.
Classify traffic on R1 as follows:
Create three traffic classes:
Critical: OSPF or Network Time Protocol (NTP) traffic. These protocols are used for network control. Mark with DSCP value EF.
Interactive: Telnet, SSH, and X-Windows traffic. These protocols are used for remote administration. Mark with DSCP value AF41.
Web: HTTP, POP3, and SMTP traffic. These protocols are used for web and e-mail access. Mark with DSCP value AF32.
R1(config)#class-map match-any critical
R1(config-cmap)#match protocol ospf
R1(config-cmap)#match protocol ntp
R1(config)#class-map match-any interactive
R1(config-cmap)#match protocol telnet
R1(config-cmap)#match protocol ssh
R1(config-cmap)#match protocol xwindows
R1(config)#class-map match-any web
R1(config-cmap)#match protocol http
R1(config-cmap)#match protocol pop3
R1(config-cmap)#match protocol smtp
Mark all other traffic with the default DSCP of 0. Create the QoS policy map named “markingpolicy” and apply it outbound towards R4 on the Fast Ethernet 0/1 interface.
R1(config)#policy-map markingpolicy
R1(config-pmap)#class critical
R1(config-pmap-c)#set dscp ef
R1(config-pmap-c)#exit
R1(config-pmap)#class interactive
R1(config-pmap-c)#set dscp af41
R1(config-pmap-c)#exit
R1(config-pmap)#class web
R1(config-pmap-c)#set dscp af32
R1(config-pmap-c)#exit
R1(config-pmap)#class class-default
R1(config-pmap-c)#set dscp default
R1(config)#interface fastEthernet 0/1
R1(config-if)#service-policy output markingpolicy
Verify the QoS configuration with the show policy-map command.
R1#show policy-map
Policy Map markingpolicy
Class critical
set dscp ef
Class interactive
set dscp af41
Class web
set dscp af32
Class class-default
set dscp default
R1#show policy-map interface fastEthernet 0/1
FastEthernet0/1
Service-policy output: markingpolicy
Class-map: critical (match-any)
17135 packets, 13109986 bytes
5 minute offered rate 280000 bps, drop rate 0 bps
Match: protocol ospf
21 packets, 1902 bytes
5 minute rate 0 bps
Match: protocol ntp
17114 packets, 13108084 bytes
5 minute rate 280000 bps
QoS Set
dscp ef
Packets marked 17135
Class-map: interactive (match-any)
53024 packets, 40667677 bytes
5 minute offered rate 836000 bps, drop rate 0 bps
Match: protocol telnet
17739 packets, 13584156 bytes
5 minute rate 270000 bps
Match: protocol ssh
18320 packets, 14028533 bytes
5 minute rate 299000 bps
Match: protocol xwindows
16965 packets, 13054988 bytes
5 minute rate 280000 bps
QoS Set
dscp af41
Packets marked 53027
Class-map: web (match-any)
50036 packets, 38407145 bytes
5 minute offered rate 787000 bps, drop rate 0 bps
Match: protocol http
17332 packets, 13285103 bytes
5 minute rate 277000 bps
Match: protocol pop3
16622 packets, 12819273 bytes
5 minute rate 267000 bps
Match: protocol smtp
16082 packets, 12302769 bytes
5 minute rate 261000 bps
QoS Set
dscp af32
Packets marked 50039
Class-map: class-default (match-any)
16026 packets, 12168644 bytes
5 minute offered rate 260000 bps, drop rate 0 bps
Match: any
QoS Set
dscp default
Packets marked 16009
Step 4: Configuring Class-Based Shaping
In this step, shape all traffic traveling from R4 to R3 across the serial link to a peak rate. Create a policy map and classify traffic only into the default class; then shape peak egress rate of the default class on R4.
TGN(config)#policy-map shapingpolicy
TGN(config-pmap)#class class-default
TGN(config-pmap-c)#shape peak 400000
TGN(config)#interface serial 0/0
TGN(config-if)#service-policy output shapingpolicy
Verify the configuration using the show commands for policy-maps.
TGN#show policy-map
Policy Map shapingpolicy
Class class-default
Traffic Shaping
Peak Rate Traffic Shaping
CIR 400000 (bps) Max. Buffers Limit 1000 (Packets)
TGN#show policy-map interface serial 0/0
Serial0/0
Service-policy output: shapingpolicy
Class-map: class-default (match-any)
3426 packets, 2624406 bytes
5 minute offered rate 57000 bps, drop rate 135000 bps
Match: any
Traffic Shaping
Target/Average Byte Sustain Excess Interval Increment
Rate Limit bits/int bits/int (ms) (bytes)
800000/400000 2500 10000 10000 25 2500
Adapt Queue Packets Bytes Packets Bytes Shaping
Active Depth Delayed Delayed Active
- 68 773 484806 638 385515 yes
TGN#
Step 5: Configure Nested Service Policies
Create another policy (with appropriate classes) as shown below that shapes EF traffic to 40kbps, AF41 traffic should get 80kpbs, and AF32 traffic should get shaped to 120kbps. Apply this new policy inside the class configuration of the policy created in Step 4 using the service-policy name command.
TGN(config)#class-map ef
TGN(config-cmap)#match dscp ef
TGN(config)#class-map af41
TGN(config-cmap)#match dscp af41
TGN(config)#class-map af32
TGN(config-cmap)#match dscp af32
TGN(config)#policy-map innerpolicy
TGN(config-pmap)#class ef
TGN(config-pmap-c)#shape peak 40000
TGN(config-pmap-c)#exit
TGN(config-pmap)#class af41
TGN(config-pmap-c)#shape peak 80000
TGN(config-pmap-c)#exit
TGN(config-pmap)#class af32
TGN(config-pmap-c)#shape peak 120000
TGN(config)#policy-map shapingpolicy
TGN(config-pmap)#class class-default
TGN(config-pmap-c)#service-policy innerpolicy
!!!!!!!!!!!!! Dynamips does not support this, so use another way!!!!!
TGN(config)#class-map ef
TGN(config-cmap)#match dscp ef
TGN(config)#class-map af41
TGN(config-cmap)#match dscp af41
TGN(config)#class-map af32
TGN(config-cmap)#match dscp af32
TGN(config)# policy-map shapingpolicy
TGN(config-pmap)#class ef
TGN(config-pmap-c)#shape peak 40000
TGN(config-pmap-c)#exit
TGN(config-pmap-c)#class af41
TGN(config-pmap-c)#shape peak 80000
TGN(config-pmap-c)#exit
TGN(config-pmap-c)#class af32
TGN(config-pmap-c)#shape peak 120000
TGN(config-pmap-c)#exit
TGN(config-pmap-c)#class class-default
TGN(config-pmap-c)#shape peak 400000
Verify with the show policy-map command and the show policy-map interface serial 0/0 command.
TGN#show policy-map
TGN#show policy-map interface serial 0/0
Step 6: Configure Traffic Policing
Create a new policy map to police traffic passing from R3 to R2. Police the total rate of egress traffic exiting R3’s Serial 0/1 interface to 400 kbps.
R3(config)#policy-map policingpolicy
R3(config-pmap)#class class-default
R3(config-pmap-c)#police rate 400000 bps
R3(config)#interface serial 1/0
R3(config-if)#service-policy output policingpolicy
Step 7: Configure Class-Based TCP Header Compression
Configure TCP header compression on R4 for only AF32 traffic heading towards R3 using the existing policy-maps.
TGN(config)#policy-map innerpolicy
TGN(config-pmap)#class af32
TGN(config-pmap-c)#compression header ip tcp
!!!! Another way !!!
TGN(config)#policy-map shapingpolicy
TGN(config-pmap)#class af32
TGN(config-pmap-c)#compression header ip tcp
TGN#show policy-map interface
Final Configurations:
R1:
hostname R1
!
no ip domain lookup
!
class-map match-any critical
match protocol ospf
match protocol ntp
class-map match-any interactive
match protocol telnet
match protocol ssh
match protocol xwindows
class-map match-any web
match protocol http
match protocol pop3
match protocol smtp
!
policy-map markingpolicy
class critical
set dscp ef
class interactive
set dscp af41
class web
set dscp af32
class class-default
set dscp default
!
interface FastEthernet0/0
ip address 172.16.10.1 255.255.255.0
speed 100
full-duplex
no shutdown
!
interface FastEthernet0/1
ip address 172.16.14.1 255.255.255.0
speed 100
full-duplex
service-policy output markingpolicy
no shutdown
!
router ospf 1
network 172.16.0.0 0.0.255.255 area 0
!
line con 0
logging synchronous
!
end
R2:
hostname R2
!
no ip domain lookup
!
interface FastEthernet0/0
ip address 172.16.20.2 255.255.255.0
speed 100
full-duplex
no shutdown
!
interface Serial1/0
bandwidth 800
ip address 172.16.23.2 255.255.255.0
clock rate 806400
no shutdown
!
router ospf 1
network 172.16.0.0 0.0.255.255 area 0
!
line con 0
logging synchronous
!
end
R3:
hostname R3
!
no ip domain lookup
!
policy-map policingpolicy
class class-default
police rate 400000 bps
!
interface Serial1/0
bandwidth 800
ip address 172.16.23.3 255.255.255.0
service-policy output policingpolicy
no shutdown
!
interface Serial1/1
bandwidth 800
ip address 172.16.34.3 255.255.255.0
clock rate 806400
no shutdown
!
router ospf 1
network 172.16.0.0 0.0.255.255 area 0
!
line con 0
logging synchronous
!
end
TGN:
hostname TGN
!
no ip domain lookup
!
ip vrf PAGENT
rd 100:1
route-target export 1:100
route-target import 1:100
!
ip cef
!
class-map match-all af41
match dscp af41
class-map match-all ef
match dscp ef
class-map match-all af32
match dscp af32
!
policy-map shapingpolicy
class ef
shape peak 40000
class af41
shape peak 80000
class af32
shape peak 120000
compress header ip tcp
class class-default
shape peak 400000
policy-map innerpolicy
class ef
shape peak 40000
class af41
shape peak 80000
class af32
shape peak 120000
compress header ip tcp
!
interface FastEthernet0/0.10
description Interface generating traffic
encapsulation dot1Q 10
ip vrf forwarding PAGENT
ip address 172.16.10.4 255.255.255.0
no shutdown
!
interface FastEthernet0/0.20
description capturing traffic
encapsulation dot1Q 20
ip vrf forwarding PAGENT
ip address 172.16.20.4 255.255.255.0
no shutdown
!
interface Serial0/0
bandwidth 800
ip address 172.16.34.4 255.255.255.0
service-policy output shapingpolicy
no shutdown
!
interface FastEthernet0/1
ip address 172.16.14.4 255.255.255.0
no shutdown
!
router ospf 1
network 172.16.0.0 0.0.255.255 area 0
!
line con 0
logging synchronous
!
end
Reference:
Cisco Networking Academy
http://www.cisco.com/web/learning/netacad/index.html
CCNP Version 5.0: Optimizing Converged Cisco Networks
Student Lab Manual
最初發表 / 最後更新: 2009.04.30 / 2018.06.14
0 comments:
張貼留言