【正文】 aultrandomdetect dscpbasedinterface FastEthernet4/0/0 servicepolicy in ZHVOIP //在連接語音網(wǎng)關(guān)的In方向應(yīng)用ZHVOIP策略//珠海基地到廣州基地的聯(lián)通線路interface ATM6/0/ pointtopoint
pvc uc2gz 12/101
classvc Uni
servicepolicy out ZH2GZQOS//珠?；氐綇V州基地的電信線路interface ATM6/1/ pointtopoint
pvc tc2gz 1/52
classvc Tel
servicepolicy out ZH2GZQOS 票據(jù)中心QoS配置模板Intranet接入交換機根據(jù)數(shù)據(jù)流的IP地址或服務(wù)端口號將數(shù)據(jù)流分為七類，對每一類設(shè)置不同的dscp值。使用Native IOS版本的交換機在數(shù)據(jù)中心數(shù)據(jù)流離開Intranet接入交換機時設(shè)置dscp值。數(shù)據(jù)流的分類和設(shè)置的dscp值如下表所示：所屬類別所包含的業(yè)務(wù)特征和類型dscp值關(guān)鍵業(yè)務(wù)類Dlsw46語音業(yè)務(wù)類電話銀行業(yè)務(wù)34視頻會議類重要視頻會議36交互業(yè)務(wù)類對延遲敏感、需要互訪的業(yè)務(wù)，例如：網(wǎng)上銀行、黑名單、因私購匯、個人征信、CS2002 Web、CCRM Web、PCRM Web、CM200網(wǎng)管、實時的監(jiān)控事件等26批量數(shù)據(jù)庫類對延遲不太敏感、單向數(shù)據(jù)量很大的業(yè)務(wù)，例如：報表、數(shù)據(jù)交換平臺、CS2002 DB等18辦公業(yè)務(wù)類辦公類業(yè)務(wù)，例如：Notes、AD、網(wǎng)訊、內(nèi)部管理、網(wǎng)上教學、郵件中繼、公文審批等10缺省業(yè)務(wù)類其他業(yè)務(wù)0 數(shù)據(jù)中心（上海）Intranet接入交換機目前數(shù)據(jù)中心（上海）Intranet接入交換機NF65SW0AA1的GigabitEthernet7/19連接了票據(jù)中心路由器。216。 ACL、classmap和policymap已經(jīng)配置完畢216。 將定義的Policy應(yīng)用到連接票據(jù)中心路由器的端口上：interface GigabitEthernet7/19 //連接票據(jù)中心路由器 servicepolicy output SETDSCP216。 配置端口的擁塞管理和擁塞避免策略：interface GigabitEthernet7/19 //連接票據(jù)中心路由器 speed 10 duplex full //將CoS值為3,4,5,6的數(shù)據(jù)包分配到嚴格優(yōu)先級隊列中 priorityqueue cosmap 1 3,4,5,6 //將CoS值為0的數(shù)據(jù)包分配到標準隊列1中，使用WRED丟棄門限值1 wrrqueue cosmap 1 1 0 //將CoS值為1的數(shù)據(jù)包分配到標準隊列2中，使用WRED丟棄門限值1 wrrqueue cosmap 2 1 1 //將CoS值為2的數(shù)據(jù)包分配到標準隊列3中，使用WRED丟棄門限值1 wrrqueue cosmap 3 1 2 //標準隊列1，標準隊列2和標準隊列3啟用WRED wrrqueue randomdetect 1 wrrqueue randomdetect 2 wrrqueue randomdetect 3 //配置標準隊列1，標準隊列2和標準隊列3的隊列長度權(quán)值為1:33:33 wrrqueue queuelimit 1 33 33 //配置標準隊列1，標準隊列2和標準隊列3的帶寬分配比例為5:165:165 wrrqueue bandwidth 5 165 165 票據(jù)中心骨干交換機216。 啟用QoSmls qos或qos216。 去掉現(xiàn)有和QoS相關(guān)的ACL、classmap和policymap：216。 配置ACL、classmap和policymap//實施時請確認以下的ACL是否包括了所有需要QoS保障的應(yīng)用//對于票據(jù)中心訪問票據(jù)分部的數(shù)據(jù)流也要進行分類和標識ip accesslist extended Keypermit tcp any any eq 2065permit tcp any eq 2065 anyip accesslist extended Voice//對于電話銀行掛接分行的配置permit ip G700地址 any//對于非托管分行且沒有自己獨立關(guān)守的配置permit ip 分行漫游網(wǎng)關(guān)地址 any//對于非托管分行且有自己獨立關(guān)守的配置permit ip 分行漫游網(wǎng)關(guān)地址 anypermit ip 分行獨立關(guān)守地址 anyip accesslist extended Videopermit ip ……ip accesslist extended Interactivepermit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any host permit ip any host permit ip any host permit ip any host permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any //實時的監(jiān)控事件permit ip any 目的IP地址 ip accesslist extended Batchpermit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any ip accesslist extended OApermit ip any permit ip any permit ip any permit tcp any any eq 1352permit tcp any eq 1352 anypermit ip any any permit ip any any permit ip any any classmap matchany Keyapplicationmatch accessgroup Keyclassmap matchany Voiceapplicationmatch accessgroup Voiceclassmap matchany Videoapplicationmatch accessgroup Videoclassmap matchany Interactiveapplicationmatch accessgroup Interactiveclassmap matchany Batchapplicationmatch accessgroup Batch classmap matchany OAapplicationmatch accessgroup OApolicymap SETDSCPclass Keyapplicationset dscp 46class Voiceapplicationset dscp 34class Videoapplicationset dscp 36class Interactiveapplicationset dscp 26class Batchapplicationset dscp 18class OAapplicationset dscp 10class classdefaultset dscp 0216。 將定義的Policy應(yīng)用到連接一級分行上聯(lián)路由器的Vlan上interface vlan name servicepolicy output SETDSCP 票據(jù)中心路由器//啟用ip cef distributedip cef distributedip accesslist extended Key permit tcp any any eq 2065 permit tcp any eq 2065 anyip accesslist extended Alltraffic permit ip any anyclassmap matchany Keyapplication match ip dscp cs6 match accessgroup name Key match ip dscp efclassmap matchany Voiceapplication match ip dscp af41classmap matchany Videoapplication match ip dscp af42classmap matchany Interactiveapplication match ip dscp af31classmap matchany Batchapplication match ip dscp af21classmap matchany OAapplication match ip dscp af11classmap matchany Alltraffic match accessgroup name Alltrafficpolicymap QoS_DC class Keyapplication priority bandwidth class Voiceapplication priority bandwidth class Videoapplication priority bandwidth class Interactiveapplication priority bandwidth class Batchapplication bandwidth percent value randomdetect dscpbased class OAapplication bandwidth percent value randomdetect dscpbased class classdefault randomdetect dscpbasedpolicymap QoS10M class Alltraffic shape average 10000000 servicepolicy QoSDCinterface interface FastEthernet0/0bandwidth 10000speed 10duplex fullmaxreservedbandwidth 100servicepolicy out QoS_10M 一級骨干網(wǎng)的QoS查看命令 數(shù)據(jù)中心Intranet接入路由器executeon slot slot number show ip cache verbose flow//用于查看數(shù)據(jù)中心訪問分行的數(shù)據(jù)流是否被正確染色。其中slot number為連接數(shù)據(jù)中心Intranet接入交換機的端口所在槽位號。使用該命令時該端口需要配置netflow。例如，輸入命令executeon slot 9 show ip cache verbose flow，輸出結(jié)果的部分內(nèi)容如下所示：SrcIf SrcIPaddress DstIf DstIPaddress Pr TOS Flgs PktsPort Msk AS Port Msk AS NextHop B/Pk ActiveGi9/0 AT3/ 06 88 10 1 01BB /24 0 0A91 /8 0 40 這表示有這樣一個數(shù)據(jù)流從Gi9/0口流入，從ATM3/，：源地址源端口目的地址目的端口TOS值dscp值是TOS值2進制的前6位01BB（16進制）443（10進制）0A91（16進制）2705（10進制）88（16進制）10001000（2進制）100010（2進制）34（10進制）sh