【正文】 aultrandomdetect dscpbasedinterface FastEthernet4/0/0 servicepolicy in ZHVOIP //在連接語(yǔ)音網(wǎng)關(guān)的In方向應(yīng)用ZHVOIP策略//珠海基地到廣州基地的聯(lián)通線路interface ATM6/0/ pointtopoint
pvc uc2gz 12/101
classvc Uni
servicepolicy out ZH2GZQOS//珠海基地到廣州基地的電信線路interface ATM6/1/ pointtopoint
pvc tc2gz 1/52
classvc Tel
servicepolicy out ZH2GZQOS 票據(jù)中心QoS配置模板Intranet接入交換機(jī)根據(jù)數(shù)據(jù)流的IP地址或服務(wù)端口號(hào)將數(shù)據(jù)流分為七類，對(duì)每一類設(shè)置不同的dscp值。使用Native IOS版本的交換機(jī)在數(shù)據(jù)中心數(shù)據(jù)流離開(kāi)Intranet接入交換機(jī)時(shí)設(shè)置dscp值。數(shù)據(jù)流的分類和設(shè)置的dscp值如下表所示：所屬類別所包含的業(yè)務(wù)特征和類型dscp值關(guān)鍵業(yè)務(wù)類Dlsw46語(yǔ)音業(yè)務(wù)類電話銀行業(yè)務(wù)34視頻會(huì)議類重要視頻會(huì)議36交互業(yè)務(wù)類對(duì)延遲敏感、需要互訪的業(yè)務(wù)，例如：網(wǎng)上銀行、黑名單、因私購(gòu)匯、個(gè)人征信、CS2002 Web、CCRM Web、PCRM Web、CM200網(wǎng)管、實(shí)時(shí)的監(jiān)控事件等26批量數(shù)據(jù)庫(kù)類對(duì)延遲不太敏感、單向數(shù)據(jù)量很大的業(yè)務(wù)，例如：報(bào)表、數(shù)據(jù)交換平臺(tái)、CS2002 DB等18辦公業(yè)務(wù)類辦公類業(yè)務(wù)，例如：Notes、AD、網(wǎng)訊、內(nèi)部管理、網(wǎng)上教學(xué)、郵件中繼、公文審批等10缺省業(yè)務(wù)類其他業(yè)務(wù)0 數(shù)據(jù)中心（上海）Intranet接入交換機(jī)目前數(shù)據(jù)中心（上海）Intranet接入交換機(jī)NF65SW0AA1的GigabitEthernet7/19連接了票據(jù)中心路由器。216。 ACL、classmap和policymap已經(jīng)配置完畢216。 將定義的Policy應(yīng)用到連接票據(jù)中心路由器的端口上：interface GigabitEthernet7/19 //連接票據(jù)中心路由器 servicepolicy output SETDSCP216。 配置端口的擁塞管理和擁塞避免策略：interface GigabitEthernet7/19 //連接票據(jù)中心路由器 speed 10 duplex full //將CoS值為3,4,5,6的數(shù)據(jù)包分配到嚴(yán)格優(yōu)先級(jí)隊(duì)列中 priorityqueue cosmap 1 3,4,5,6 //將CoS值為0的數(shù)據(jù)包分配到標(biāo)準(zhǔn)隊(duì)列1中，使用WRED丟棄門限值1 wrrqueue cosmap 1 1 0 //將CoS值為1的數(shù)據(jù)包分配到標(biāo)準(zhǔn)隊(duì)列2中，使用WRED丟棄門限值1 wrrqueue cosmap 2 1 1 //將CoS值為2的數(shù)據(jù)包分配到標(biāo)準(zhǔn)隊(duì)列3中，使用WRED丟棄門限值1 wrrqueue cosmap 3 1 2 //標(biāo)準(zhǔn)隊(duì)列1，標(biāo)準(zhǔn)隊(duì)列2和標(biāo)準(zhǔn)隊(duì)列3啟用WRED wrrqueue randomdetect 1 wrrqueue randomdetect 2 wrrqueue randomdetect 3 //配置標(biāo)準(zhǔn)隊(duì)列1，標(biāo)準(zhǔn)隊(duì)列2和標(biāo)準(zhǔn)隊(duì)列3的隊(duì)列長(zhǎng)度權(quán)值為1:33:33 wrrqueue queuelimit 1 33 33 //配置標(biāo)準(zhǔn)隊(duì)列1，標(biāo)準(zhǔn)隊(duì)列2和標(biāo)準(zhǔn)隊(duì)列3的帶寬分配比例為5:165:165 wrrqueue bandwidth 5 165 165 票據(jù)中心骨干交換機(jī)216。 啟用QoSmls qos或qos216。 去掉現(xiàn)有和QoS相關(guān)的ACL、classmap和policymap：216。 配置ACL、classmap和policymap//實(shí)施時(shí)請(qǐng)確認(rèn)以下的ACL是否包括了所有需要QoS保障的應(yīng)用//對(duì)于票據(jù)中心訪問(wèn)票據(jù)分部的數(shù)據(jù)流也要進(jìn)行分類和標(biāo)識(shí)ip accesslist extended Keypermit tcp any any eq 2065permit tcp any eq 2065 anyip accesslist extended Voice//對(duì)于電話銀行掛接分行的配置permit ip G700地址 any//對(duì)于非托管分行且沒(méi)有自己獨(dú)立關(guān)守的配置permit ip 分行漫游網(wǎng)關(guān)地址 any//對(duì)于非托管分行且有自己獨(dú)立關(guān)守的配置permit ip 分行漫游網(wǎng)關(guān)地址 anypermit ip 分行獨(dú)立關(guān)守地址 anyip accesslist extended Videopermit ip ……ip accesslist extended Interactivepermit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any host permit ip any host permit ip any host permit ip any host permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any //實(shí)時(shí)的監(jiān)控事件permit ip any 目的IP地址 ip accesslist extended Batchpermit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any ip accesslist extended OApermit ip any permit ip any permit ip any permit tcp any any eq 1352permit tcp any eq 1352 anypermit ip any any permit ip any any permit ip any any classmap matchany Keyapplicationmatch accessgroup Keyclassmap matchany Voiceapplicationmatch accessgroup Voiceclassmap matchany Videoapplicationmatch accessgroup Videoclassmap matchany Interactiveapplicationmatch accessgroup Interactiveclassmap matchany Batchapplicationmatch accessgroup Batch classmap matchany OAapplicationmatch accessgroup OApolicymap SETDSCPclass Keyapplicationset dscp 46class Voiceapplicationset dscp 34class Videoapplicationset dscp 36class Interactiveapplicationset dscp 26class Batchapplicationset dscp 18class OAapplicationset dscp 10class classdefaultset dscp 0216。 將定義的Policy應(yīng)用到連接一級(jí)分行上聯(lián)路由器的Vlan上interface vlan name servicepolicy output SETDSCP 票據(jù)中心路由器//啟用ip cef distributedip cef distributedip accesslist extended Key permit tcp any any eq 2065 permit tcp any eq 2065 anyip accesslist extended Alltraffic permit ip any anyclassmap matchany Keyapplication match ip dscp cs6 match accessgroup name Key match ip dscp efclassmap matchany Voiceapplication match ip dscp af41classmap matchany Videoapplication match ip dscp af42classmap matchany Interactiveapplication match ip dscp af31classmap matchany Batchapplication match ip dscp af21classmap matchany OAapplication match ip dscp af11classmap matchany Alltraffic match accessgroup name Alltrafficpolicymap QoS_DC class Keyapplication priority bandwidth class Voiceapplication priority bandwidth class Videoapplication priority bandwidth class Interactiveapplication priority bandwidth class Batchapplication bandwidth percent value randomdetect dscpbased class OAapplication bandwidth percent value randomdetect dscpbased class classdefault randomdetect dscpbasedpolicymap QoS10M class Alltraffic shape average 10000000 servicepolicy QoSDCinterface interface FastEthernet0/0bandwidth 10000speed 10duplex fullmaxreservedbandwidth 100servicepolicy out QoS_10M 一級(jí)骨干網(wǎng)的QoS查看命令 數(shù)據(jù)中心Intranet接入路由器executeon slot slot number show ip cache verbose flow//用于查看數(shù)據(jù)中心訪問(wèn)分行的數(shù)據(jù)流是否被正確染色。其中slot number為連接數(shù)據(jù)中心Intranet接入交換機(jī)的端口所在槽位號(hào)。使用該命令時(shí)該端口需要配置netflow。例如，輸入命令executeon slot 9 show ip cache verbose flow，輸出結(jié)果的部分內(nèi)容如下所示：SrcIf SrcIPaddress DstIf DstIPaddress Pr TOS Flgs PktsPort Msk AS Port Msk AS NextHop B/Pk ActiveGi9/0 AT3/ 06 88 10 1 01BB /24 0 0A91 /8 0 40 這表示有這樣一個(gè)數(shù)據(jù)流從Gi9/0口流入，從ATM3/，：源地址源端口目的地址目的端口TOS值dscp值是TOS值2進(jìn)制的前6位01BB（16進(jìn)制）443（10進(jìn)制）0A91（16進(jìn)制）2705（10進(jìn)制）88（16進(jìn)制）10001000（2進(jìn)制）100010（2進(jìn)制）34（10進(jìn)制）sh