【正文】 據(jù)中心的ATM端口上采用LLQ隊(duì)列技術(shù)，對于LLQ中的非PQ隊(duì)列還采用WRED技術(shù)。具體的分類方式、采用的隊(duì)列技術(shù)和丟棄策略如下表所示：類別dscp值所屬隊(duì)列丟棄策略Keyapplication48（路由協(xié)議）、46PQ尾丟棄Voiceapplication34PQ尾丟棄Videoapplication36PQ尾丟棄Interactiveapplication26PQ尾丟棄Batchapplication18CBWFQWREDOAapplication10default0一級分行上聯(lián)路由器都是思科的7507路由器，配置方法如下：216。 配置ACL、classmap和policymap//實(shí)施時(shí)請確認(rèn)以下的ACL是否包括了所有需要QoS保障的應(yīng)用ip accesslist extended Keypermit tcp any any eq 2065permit tcp any eq 2065 anyip accesslist extended Voice//對于電話銀行掛接分行的配置permit ip G700地址 any//對于非托管分行且沒有自己獨(dú)立關(guān)守的配置permit ip 分行漫游網(wǎng)關(guān)地址 any//對于非托管分行且有自己獨(dú)立關(guān)守的配置permit ip 分行漫游網(wǎng)關(guān)地址 anypermit ip 分行獨(dú)立關(guān)守地址 anyip accesslist extended Videopermit ip ……ip accesslist extended Interactivepermit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any host permit ip any host permit ip any host permit ip any host permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any //實(shí)時(shí)的監(jiān)控事件permit ip any 目的IP地址 //對于海外中心，還包括：香港V+柜面業(yè)務(wù)、香港外匯交易中心路透應(yīng)用、香港V+應(yīng)用、總行清算中心SWIFT備份出口permit ip any 目的IP地址 ip accesslist extended Batchpermit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any permit ip any //對于海外中心，還包括香港V+報(bào)表傳送permit ip any 目的IP地址 ip accesslist extended OApermit ip any permit ip any permit ip any permit tcp any any eq 1352permit tcp any eq 1352 anypermit ip any any permit ip any any permit ip any any classmap matchany Keyapplicationmatch accessgroup Keyclassmap matchany Voiceapplicationmatch accessgroup Voiceclassmap matchany Videoapplicationmatch accessgroup Videoclassmap matchany Interactiveapplicationmatch accessgroup Interactiveclassmap matchany Batchapplicationmatch accessgroup Batch classmap matchany OAapplicationmatch accessgroup OApolicymap SETDSCPclass Keyapplicationset dscp 46class Voiceapplicationset dscp 34class Videoapplicationset dscp 36class Interactiveapplicationset dscp 26class Batchapplicationset dscp 18class OAapplicationset dscp 10class classdefaultset dscp 0216。 啟用QoSmls qos或qos216。使用Native IOS版本的交換機(jī)在一級分行數(shù)據(jù)流離開Intranet接入交換機(jī)時(shí)設(shè)置dscp值。 將定義的Policy應(yīng)用到連接Intranet接入路由器的端口上：interface GigabitEthernet1/4 //連接NF12WA01 servicepolicy output SETDSCPinterface GigabitEthernet1/5 //連接NF12WA02 servicepolicy output SETDSCP 數(shù)據(jù)中心Intranet接入路由器由于Intranet接入交換機(jī)已經(jīng)將數(shù)據(jù)流進(jìn)行了分類和染色，因此Intranet接入路由器就可以根據(jù)染色的結(jié)果使用MDRR隊(duì)列技術(shù)為不同類別的數(shù)據(jù)流配置不同的帶寬。 去掉現(xiàn)有和QoS相關(guān)的ACL、classmap和policymap：216。 啟用QoS：mls qos或qos216。 配置ACL：//實(shí)施時(shí)請確認(rèn)以下的ACL是否包括了所有需要QoS保障的應(yīng)用//Dlsw流量set qos acl ip SETDSCP dscp 46 tcp any any eq 2065set qos acl ip SETDSCP dscp 46 tcp any eq 2065 any//電話銀行北方掛接分行set qos acl ip SETDSCP dscp 34 ip any//電話銀行南方掛接分行set qos acl ip SETDSCP dscp 34 ip anyset qos acl ip SETDSCP dscp 34 ip any//電話銀行目錄關(guān)守set qos acl ip SETDSCP dscp 34 ip host any//電話銀行代理關(guān)守set qos acl ip SETDSCP dscp 34 ip host any//到一級分行的重點(diǎn)視頻會(huì)議流量（源地址是應(yīng)用位為1100（視頻語音應(yīng)用位）的地址，目的地址是分行的重點(diǎn)視頻會(huì)議和MCU所在的網(wǎng)段）set qos acl ip SETDSCP dscp 36 ip //電話銀行Webset qos acl ip SETDSCP dscp 26 ip any//RMTS報(bào)文查詢、PCC等set qos acl ip SETDSCP dscp 26 ip any//網(wǎng)銀set qos acl ip SETDSCP dscp 26 ip anyset qos acl ip SETDSCP dscp 26 ip anyset qos acl ip SETDSCP dscp 26 ip anyset qos acl ip SETDSCP dscp 26 ip anyset qos acl ip SETDSCP dscp 26 ip host anyset qos acl ip SETDSCP dscp 26 ip host any//黑名單set qos acl ip SETDSCP dscp 26 ip host anyset qos acl ip SETDSCP dscp 26 ip host any//Open Webset qos acl ip SETDSCP dscp 26 ip anyset qos acl ip SETDSCP dscp 26 ip any//基金績效 Webset qos acl ip SETDSCP dscp 26 ip any//Manage Webset qos acl ip SETDSCP dscp 26 ip anyset qos acl ip SETDSCP dscp 26 ip any//Webset qos acl ip SETDSCP dscp 26 ip anyset qos acl ip SETDSCP dscp 26 ip anyset qos acl ip SETDSCP dscp 26 ip any//因私購匯、個(gè)人征信等 Webset qos acl ip SETDSCP dscp 26 ip any//CS2002 Webset qos acl ip SETDSCP dscp 26 ip any//CCRM Webset qos acl ip SETDSCP dscp 26 ip any//PCRM Webset qos acl ip SETDSCP dscp 26 ip any//行業(yè)信息庫 Webset qos acl ip SETDSCP dscp 26 ip any//PCRM、財(cái)務(wù)歸集、機(jī)構(gòu)管理 Webset qos acl ip SETDSCP dscp 26 ip any//集中監(jiān)控、Eprotalset qos acl ip SETDSCP dscp 26 ip any//基金估值、個(gè)人理財(cái)、參數(shù)管理、會(huì)計(jì)要素set qos acl ip SETDSCP dscp 26 ip any//網(wǎng)管服務(wù)器set qos acl ip SETDSCP dscp 26 ip anyset qos acl ip SETDSCP dscp 26 ip any//實(shí)時(shí)的監(jiān)控事件set qos acl ip SETDSCP dscp 26 ip 源IP地址 any//對于海外中心，還包括：香港V+柜面業(yè)務(wù)、香港外匯交易中心路透應(yīng)用、香港V+應(yīng)用、總行清算中心SWIFT備份出口set qos acl ip SETDSCP dscp 26 ip 源IP地址 any//報(bào)表、數(shù)據(jù)交換平臺set qos acl ip SETDSCP dscp 18 ip anyset qos acl ip SETDSCP dscp 18 ip anyset qos acl ip SETDSCP dscp 18 ip any//黑名單、票據(jù)營業(yè)部set qos acl ip SETDSCP dscp 18 ip any//數(shù)據(jù)中心（北京）原有生產(chǎn)服務(wù)器地址set qos acl ip SETDSCP dscp 18 ip any//CMISset qos acl ip SETDSCP dscp 18 ip any//固定資產(chǎn)、NC用友、稽核系統(tǒng)DBset qos acl ip SETDSCP dscp 18 ip anyset qos acl ip SETDSCP dscp 18 ip any//CS2002 DB、FTPset qos acl ip SETDSCP dscp 18 ip anyset qos acl ip SETDSCP dscp 18 ip any //對于海外中心，還包括香港V+報(bào)表傳送set qos acl ip SETDSCP dscp 18 ip 源IP地址 any//Notes、AD、網(wǎng)訊、內(nèi)部管理set qos acl ip SETDSCP dscp 10 ip anyset qos acl ip SETDSCP dscp 10 ip anyset qos acl ip SETDSCP dscp 10 ip anyset qos acl ip SETDSCP dscp 10 tcp any any eq 1352set qos acl ip SETDSCP dscp 10 tcp any eq 1352 any//網(wǎng)上教學(xué)set qos acl ip SETDSCP dscp 10 ip any//FCC、郵件中繼set qos acl ip SETDSCP dscp 10 ip any//公文審批set qos acl ip SETDSCP dscp 10 ip any216。 在Intranet接入