帮助我们改善您的体验。

让我们了解您的想法。

您是否能抽出两分钟的时间完成一份问卷调查?

close
keyboard_arrow_left
服务等级用户指南(安全设备)
Table of Contents Expand all
list Table of Contents
在此页面上
keyboard_arrow_right

机器翻译对您有帮助吗?

starstarstarstarstar
Go to English page
免责声明:

我们将使用第三方机器翻译软件翻译本页面。瞻博网络虽已做出相当大的努力提供高质量译文,但无法保证其准确性。如果对译文信息的准确性有任何疑问,请参阅英文版本. 可下载的 PDF 仅提供英文版.

示例:使用 MPC 在SRX5000防火墙上配置 CoS

date_range 31-May-23

此示例说明如何在具有 MPC 的SRX5000线路防火墙上配置 CoS。

要求

此示例使用以下硬件和软件组件:

  • 带有 SRX5K-MPC 的SRX5600

  • 适用于 SRX 系列的 Junos OS 12.1X46-D10 或更高版本

准备工作:

配置此功能之前,不需要除设备初始化之外的特殊配置。

概述

在此示例中,您将创建一个行为聚合 (BA) 分类器,以根据数据包的 IEEE 802.1p 值对流量进行分类,并为流量分配转发类优先级队列。然后,配置调度器图并设置流量的优先级。

默认情况下,SRX5K-MPC 支持八个队列。在此示例中,您将配置八个队列。

将 BA 分类器应用于输入接口,并将调度器图应用于输出接口。

1表 2 显示了此示例中使用的转发类详细信息以及优先级、分配的队列号和分配的队列缓冲区。

表 1:转发类示例

转发类

队列编号

成为

0

Sig

1

Af

2

青铜级

3

银级

4

金级

5

控制

6

Voip

7

表 2:调度器示例

调度

对于 CoS 流量类型

分配的优先级

队列缓冲区的已分配部分(传输速率)

s-be

0

15

S-SIG

1

15

S-AF

2

中低

20

S-青铜

3

中低

20

S-银

4

中高

10

S-黄金

5

中高

10

S-NC

6

5

S-VoIP

7

5

配置

程序

CLI 快速配置

要快速配置此示例,请复制以下命令,将其粘贴到文本文件中,删除所有换行符,更改与您的网络配置匹配所需的任何详细信息,将命令复制并粘贴到层次结构级别的 CLI [edit] 中,然后从配置模式进入 commit

content_copy zoom_out_map
set class-of-service classifiers ieee-802.1 c802 forwarding-class BE loss-priority low code-points 000
set class-of-service classifiers ieee-802.1 c802 forwarding-class SIG loss-priority low code-points 001
set class-of-service classifiers ieee-802.1 c802 forwarding-class AF loss-priority low code-points 010
set class-of-service classifiers ieee-802.1 c802 forwarding-class Bronze-Class loss-priority low code-points 011
set class-of-service classifiers ieee-802.1 c802 forwarding-class Silver-Class loss-priority low code-points 100
set class-of-service classifiers ieee-802.1 c802 forwarding-class Gold-Class loss-priority low code-points 101
set class-of-service classifiers ieee-802.1 c802 forwarding-class Central loss-priority low code-points 110
set class-of-service classifiers ieee-802.1 c802 forwarding-class VOIP loss-priority low code-points 111
set class-of-service forwarding-classes class BE queue-num 0
set class-of-service forwarding-classes class SIG queue-num 1
set class-of-service forwarding-classes class AF queue-num 2
set class-of-service forwarding-classes class Bronze-Class queue-num 3
set class-of-service forwarding-classes class Silver-Class queue-num 4
set class-of-service forwarding-classes class Gold-Class queue-num 5
set class-of-service forwarding-classes class Control queue-num 6
set class-of-service forwarding-classes class VOIP queue-num 7
set class-of-service scheduler-maps test forwarding-class BE scheduler s-be
set class-of-service scheduler-maps test forwarding-class SIG scheduler s-sig
set class-of-service scheduler-maps test forwarding-class AF scheduler s-af
set class-of-service scheduler-maps test forwarding-class Bronze-Class scheduler s-bronze
set class-of-service scheduler-maps test forwarding-class Silver-Class scheduler s-silver
set class-of-service scheduler-maps test forwarding-class Gold-Class scheduler s-gold
set class-of-service scheduler-maps test forwarding-class Control scheduler s-nc
set class-of-service scheduler-maps test forwarding-class VOIP scheduler s-voip
set class-of-service rewrite-rules ieee-802.1 rw802 forwarding-class BE loss-priority low code-point 000
set class-of-service rewrite-rules ieee-802.1 rw802 forwarding-class SIG loss-priority low code-point 001
set class-of-service rewrite-rules ieee-802.1 rw802 forwarding-class AF loss-priority low code-point 010
set class-of-service rewrite-rules ieee-802.1 rw802 forwarding-class Bronze-Class loss-priority low code-point 011
set class-of-service rewrite-rules ieee-802.1 rw802 forwarding-class Silver-Class loss-priority low code-point 100
set class-of-service rewrite-rules ieee-802.1 rw802 forwarding-class Gold-Class loss-priority low code-point 101
set class-of-service rewrite-rules ieee-802.1 rw802 forwarding-class Control loss-priority low code-point 110
set class-of-service rewrite-rules ieee-802.1 rw802 forwarding-class VOIP loss-priority low code-point 111
set class-of-service schedulers s-be transmit-rate percent 15
set class-of-service schedulers s-be priority low
set class-of-service schedulers s-sig transmit-rate percent 15
set class-of-service schedulers s-sig priority low
set class-of-service schedulers s-af transmit-rate percent 20
set class-of-service schedulers s-af priority medium-low
set class-of-service schedulers s-bronze transmit-rate percent 20
set class-of-service schedulers s-bronze priority medium-low
set class-of-service schedulers s-silver transmit-rate percent 10
set class-of-service schedulers s-silver priority medium-high
set class-of-service schedulers s-gold transmit-rate percent 10
set class-of-service schedulers s-gold priority medium-high
set class-of-service schedulers s-nc transmit-rate percent 5
set class-of-service schedulers s-nc priority high
set class-of-service schedulers s-voip transmit-rate percent 5
set class-of-service schedulers s-voip priority high
set class-of-service interfaces reth0 unit 0 classifiers ieee-802.1 c802
set class-of-service interfaces reth0 unit 0 rewrite-rules ieee-802.1 rw802
set class-of-service interfaces reth0 scheduler-map test
set class-of-service interfaces reth0 shaping-rate 1g

分步过程

以下示例要求您在配置层次结构中导航各个级别。有关如何执行此操作的说明,请参阅 Junos OS CLI 用户指南中的在配置模式下使用 CLI 编辑器

要配置转发类:

  1. 配置分类器。

    content_copy zoom_out_map
    [edit class-of-service]
    user@host# set classifiers ieee-802.1 c802 forwarding-class BE loss-priority low code-points 000
    user@host# set classifiers ieee-802.1 c802 forwarding-class SIG loss-priority low code-points 001
    user@host# set classifiers ieee-802.1 c802 forwarding-class AF loss-priority low code-points 010
    user@host# set classifiers ieee-802.1 c802 forwarding-class Bronze-Class loss-priority low code-points 011
    user@host# set classifiers ieee-802.1 c802 forwarding-class Silver-Class loss-priority low code-points 100
    user@host# set classifiers ieee-802.1 c802 forwarding-class Gold-Class loss-priority low code-points 101
    user@host# set classifiers ieee-802.1 c802 forwarding-class Central loss-priority low code-points 110
    user@host# set classifiers ieee-802.1 c802 forwarding-class VOIP loss-priority low code-points 111
    
  2. 将尽力而为流量分配给队列。

    content_copy zoom_out_map
    [edit class-of-service forwarding-classes class]
    user@host# set BE queue-num 0
    user@host# set SIG queue-num 1
    user@host# set AF queue-num 2
    user@host# set Bronze-Class queue-num 3
    user@host# set Silver-Class queue-num 4
    user@host# set Gold-Class queue-num 5
    user@host# set Control queue-num 6
    user@host# set VOIP queue-num 7
    
  3. 定义转发类到数据包调度程序的映射。

    content_copy zoom_out_map
    [edit class-of-service]
    user@host# set scheduler-maps test forwarding-class BE scheduler s-be
    user@host# set scheduler-maps test forwarding-class SIG scheduler s-sig
    user@host# set scheduler-maps test forwarding-class AF scheduler s-af
    user@host# set scheduler-maps test forwarding-class Bronze-Class scheduler s-bronze
    user@host# set scheduler-maps test forwarding-class Silver-Class scheduler s-silver
    user@host# set scheduler-maps test forwarding-class Gold-Class scheduler s-gold 
    user@host# set scheduler-maps test forwarding-class Control scheduler s-nc
    user@host# set scheduler-maps test forwarding-class VOIP scheduler s-voip
    
  4. 配置 CoS 重写规则以将转发类映射到 802.1p 字段的所需值。

    content_copy zoom_out_map
    [edit class-of-service]
    user@host# set rewrite-rules ieee-802.1 rw802 forwarding-class BE loss-priority low code-point 000
    user@host# set rewrite-rules ieee-802.1 rw802 forwarding-class SIG loss-priority low code-point 001
    user@host# set rewrite-rules ieee-802.1 rw802 forwarding-class AF loss-priority low code-point 010
    user@host# set rewrite-rules ieee-802.1 rw802 forwarding-class Bronze-Class loss-priority low code-point 011
    user@host# set rewrite-rules ieee-802.1 rw802 forwarding-class Silver-Class loss-priority low code-point 100
    user@host# set rewrite-rules ieee-802.1 rw802 forwarding-class Gold-Class loss-priority low code-point 101
    user@host# set rewrite-rules ieee-802.1 rw802 forwarding-class Control loss-priority low code-point 110
    user@host# set rewrite-rules ieee-802.1 rw802 forwarding-class VOIP loss-priority low code-point 111
    
  5. 使用调度优先级和传输速率配置 8 个数据包调度程序。

    content_copy zoom_out_map
    [edit class-of-service]
    user@host# set schedulers s-be transmit-rate percent 15
    user@host# set schedulers s-be priority low
    user@host# set schedulers s-sig transmit-rate percent 15
    user@host# set schedulers s-sig priority low
    user@host# set schedulers s-af transmit-rate percent 20
    user@host# set schedulers s-af priority medium-low
    user@host# set schedulers s-bronze transmit-rate percent 20
    user@host# set schedulers s-bronze priority medium-low
    user@host# set schedulers s-silver transmit-rate percent 10
    user@host# set schedulers s-silver priority medium-high
    user@host# set schedulers s-gold transmit-rate percent 10
    user@host# set schedulers s-gold priority medium-high
    user@host# set schedulers s-nc transmit-rate percent 5
    user@host# set schedulers s-nc priority high
    user@host# set schedulers s-voip transmit-rate percent 5
    user@host# set schedulers s-voip priority high
    
  6. 将分类器并重写规则应用于接口。

    content_copy zoom_out_map
    [edit class-of-service]
    user@host# set interfaces reth0 unit 0 classifiers ieee-802.1 c802
    user@host# set interfaces reth1 unit 0 rewrite-rules ieee-802.1 rw802
    
  7. 将调度程序映射“test”应用于接口。

    content_copy zoom_out_map
    [edit class-of-service]
    user@host# set interfaces reth0 scheduler-map test
    
  8. 应用整形速率以控制接口上传输的最大流量速率。

    content_copy zoom_out_map
    [edit class-of-service]
    user@host# set interfaces reth0 shaping-rate 1g
    

结果

在配置模式下,输入 show xxx 命令确认您的配置。如果输出未显示预期的配置,请重复此示例中的配置说明以进行更正。

content_copy zoom_out_map
    classifiers {
        ieee-802.1 c802 {
            forwarding-class BE {
                loss-priority low code-points 000;
            }
            forwarding-class SIG {
                loss-priority low code-points 001;
            }
            forwarding-class AF {
                loss-priority low code-points 010;
            }
            forwarding-class Bronze-Class {
                loss-priority low code-points 011;
            }
            forwarding-class Silver-Class {
                loss-priority low code-points 100;
            }
            forwarding-class Gold-Class {
                loss-priority low code-points 101;
            }
            forwarding-class Control {
                loss-priority low code-points 110;
            }
            forwarding-class VOIP {
                loss-priority low code-points 111;
            }
        }
    }
    forwarding-classes {
        class BE queue-num 0;
        class SIG queue-num 1;
        class VOIP queue-num 7;
        class AF queue-num 2;
        class Bronze-Class queue-num 3;
        class Silver-Class queue-num 4;
        class Gold-Class queue-num 5;
        class Control queue-num 6;
    }
    interfaces {
        reth0 {
            shaping-rate 1g;
            unit 0 {
                scheduler-map test;
            }
        }
        reth0 {
            shaping-rate 1g;
            unit 0 {
                classifiers {
                    ieee-802.1 c802;
                }
                rewrite-rules {
                    ieee-802.1 rw802;
                }
            }
        }
    }
    rewrite-rules {
        ieee-802.1 rw802 {
            forwarding-class BE {
                loss-priority low code-point 000;
            }
            forwarding-class SIG {
                loss-priority low code-point 001;
            }
            forwarding-class AF {
                loss-priority low code-point 010;
            }
            forwarding-class Bronze-Class {
                loss-priority low code-point 011;
            }
            forwarding-class Silver-Class {
                loss-priority low code-point 100;
            }
            forwarding-class Gold-Class {
                loss-priority low code-point 101;
            }
            forwarding-class Control {
                loss-priority low code-point 110;
            }
            forwarding-class VOIP {
                loss-priority low code-point 111;
            }
        }
    }
    scheduler-maps {
        test {
            forwarding-class BE scheduler s-be;
            forwarding-class VOIP scheduler s-voip;
            forwarding-class Gold-Class scheduler s-gold;
            forwarding-class SIG scheduler s-sig;
            forwarding-class AF scheduler s-af;
            forwarding-class Bronze-Class scheduler s-bronze;
            forwarding-class Silver-Class scheduler s-silver;
            forwarding-class Control scheduler s-nc;
        }
    }
    schedulers {
        s-be {
            transmit-rate percent 15;
            priority low;
        }
        s-nc {
            transmit-rate percent 5;
            priority high;
        }
        s-gold {
            transmit-rate percent 10;
            priority medium-high;
        }
        s-sig {
            transmit-rate percent 15;
            priority low;
        }
        s-af {
            transmit-rate percent 20;
            priority medium-low;
        }
        s-bronze {
            transmit-rate percent 20;
            priority medium-low;
        }
        s-silver {
            transmit-rate percent 10;
            priority medium-high;
        }
        s-voip {
            transmit-rate percent 5;
            priority high;
        }
    }

如果完成设备配置,请从配置模式输入 commit

验证

确认配置工作正常。

验证服务等级配置

目的

验证是否已配置 CoS。

行动

在操作模式下,输入 show class-of-service classifier 命令。

content_copy zoom_out_map
user@host> show class-of-service classifier type ieee-802.1 

Forwarding class           ID    Queue Restricted queue  Fabric priority  Policing priority   SPU priority
  BE                       0       0          0             low                normal            low    
  SIG                      1       1          1             low                normal            low    
  AF                       2       2          2             low                normal            low    
  Bronze-Class             3       3          3             low                normal            low    
  Silver-Class             4       4          0             low                normal            low    
  Gold-Class               5       5          1             low                normal            low    
  Control                  6       6          2             low                normal            low    
  VOIP                     7       7          3             low                normal            low       

验证在 MPC 接口上配置的专用队列数

目的

显示为端口上的接口配置的专用队列资源数。

行动

在操作模式下,输入 show class-of-service interface 命令。

content_copy zoom_out_map
user@host> show class-of-service interface reth0

Physical interface: reth0, Index: 129
Queues supported: 8, Queues in use: 4
  Scheduler map: <default>, Index: 2
  Congestion-notification: Disabled

  Logical interface: reth0.0, Index: 71
    Object                  Name                   Type                    Index
    Classifier              dscp-ipv6-compatibility dscp-ipv6                  9
    Classifier              ipprec-compatibility   ip                         13

  Logical interface: reth1.32767, Index: 70
external-footer-nav