Pages

Thursday, April 1, 2010

3 step of MQC : Cisco Modular Quality of Service (QoS) Command Line Interface (CLI)

  • define a class-map - type of traffic, application, etc, to be match
  • define a policy-map - define what to do with the matched traffic
  • service policy - apply the policy map to the interface
1.define a class-map
R2(config)#class-map ?
  WORD       class-map name
  match-all  Logical-AND all matching statements under this classmap
  match-any  Logical-OR all matching statements under this classmap
we have two option here, say we want to match two kind of traffic, citrix and http
R2(config-cmap)#match protocol http
R2(config-cmap)#match input-interface fastEthernet 0/0
if previously we choose all, then only http traffic that coming from fa0/0 will fall into this class-map
if we choose any, then any http traffic or any traffic from fa0/0 or both kind of traffic will fall into this class-map
if you don't configure any, by default is match-all. Create a class-map named MATCH-HTTP
R2(config)#class-map MATCH-HTTP
R2(config-cmap)#match ?
  access-group         Access group
  any                  Any packets
  class-map            Class map
  cos                  IEEE 802.1Q/ISL class of service/user priority values
  destination-address  Destination address
  discard-class        Discard behavior identifier
  dscp                 Match DSCP in IP(v4) and IPv6 packets
  fr-de                Match on Frame-relay DE bit
  fr-dlci              Match on fr-dlci
  input-interface      Select an input interface to match
  ip                   IP specific values
  mpls                 Multi Protocol Label Switching specific values
  not                  Negate this match result
  packet               Layer 3 Packet length
  precedence           Match Precedence in IP(v4) and IPv6 packets
  protocol             Protocol
  qos-group            Qos-group
  source-address       Source address
a lot of option we have here, you can define an access group in global config mode and apply it here.
R2(config-cmap)#match access-group ?
  <1-2699>  Access list index
  name      Named Access Lis

also can filter by source and destination interface, but remember, this is not base on IP address, but base on MAC address.
for ip address you can define inside the ACL, and apply it to this class-map.
i'm not going into every option, but let me show you the biggest feature we have, protocol
if you type the question mark, there's a lot of types of protocol that already define for you.
i'm not gonna print everything in here, but just want to show you a few interesting type of traffic
using this feature, you don't need to hard coded every single port, type of protocol and so on in ACL, just one line should be enough because everything is already there for you to choose
R2(config-cmap)#match protocol ?
..
fasttrack      FastTrack Traffic - KaZaA, Morpheus, Grokster...
irc            Internet Relay Chat
kazaa2         Kazaa Version 2
..
telnet         Telnet
..
now let's create one to match http
R2(config-cmap)#match protocol http
verify this
R2(config-cmap)#do sh class-map
Class Map match-any class-default (id 0)
   Match any
Class Map match-all LAB (id 1)
   Match protocol http
   Match protocol citrix
   Match input-interface FastEthernet0/0
Class Map match-all MATCH-HTTP (id 2)
   Match protocol http
we only configure two class-map so far, but from the show command there’s are 3 of them. Yes, there’s always the default one, every traffic or packet that didn’t match any group will fall under this class-map. Since we didn’t configure anything for the match type, so both are under type of match-all


2.define a policy map
now we’ll define a policy map named LAB_POLICY, and apply the class-map MATCH-HTTP, and force this group to only use rate of 20% of the interface bandwidth
R2(config)#policy-map LAB_POLICY
R2(config-pmap)#class MATCH-HTTP
R2(config-pmap-c)#police rate 20 pps
what happen to the other traffic? we’ll define this under the default class-map. under the same policy map, configure the rest of the traffic to only use 10000kbps of the bandwidth
R2(config)#policy-map LAB_POLICY
R2(config-pmap)#class class-default
R2(config-pmap-c)#police 10000
verify
R2#show policy-map
  Policy Map LAB_POLICY
    Class MATCH-HTTP
     police rate 20 pps burst 4 packets
       conform-action transmit
       exceed-action drop
    Class class-default
     police cir 10000 bc 1500
       conform-action transmit
       exceed-action drop

*remember, you can only apply 1 policy per interface per direction at 1 time. you can only apply multiple class-map inside a policy

3.service policy
we gonna apply the policy to the traffic that coming into the router thru interface fast 0/0
R2(config)#interface fastEthernet 0/0
R2(config-if)#service-policy input LAB_POLICY
verify
R2#show policy-map interface
FastEthernet0/0
  Service-policy input: LAB_POLICY
    Class-map: MATCH-HTTP (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: protocol http
      police:
          cir 12000 bps, bc 1500 bytes
        conformed 0 packets, 0 bytes; actions:
          transmit
        exceeded 0 packets, 0 bytes; actions:
          drop
        conformed 0 bps, exceed 0 bps
    Class-map: class-default (match-any)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any
      police:
          cir 10000 bps, bc 1500 bytes
        conformed 0 packets, 0 bytes; actions:
          transmit
        exceeded 0 packets, 0 bytes; actions:
          drop
        conformed 0 bps, exceed 0 bps

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)