1. cisco 3750에 IP ACL Base interface QOS 적용 방법
1.1 ACL 생성
- 주의. ACL에 등록된 내역이 없이 policy map을 인터페이스에 적용하면 패킷이 모두 DROP 됨
ip access-list extended {ACL NAME}
permit ip any host {host1}
...
1.2 Class map 생성
class-map match-all {CLASS NAME}
match access-group name {ACL NAME}
1.3 Policy map 생성
- 100Mbps 제한
policy-map {POLICY NAME}
class {CLASS NAME}
police 100000000 1000000 exceed-action drop
1.4 interface 적용
interface {Interface NAME}
...
service-policy input {POLICY NAME}
2. L2 Huawei CE5850HI에 interface Base QOS 적용방법
interface GE1/0/43
qos lr cir 102400 kbps cbs 20480000 bytes outbound
3. L2 Huawei CE5850HI에 IP ACL Base interface QOS 적용 방법
3.1 ACL 생성
acl number 3000
rule 5 permit ip destination 192.168.87.12 0
3.2 Traffic classifier 생성
traffic classifier c1 type and
if-match acl 3000
3.3 Traffic behavior 생성
traffic behavior b1
car cir 50000 kbps pir 100000 kbps cbs 250000 bytes pbs 1250000 bytes green pass yellow pass red discard
3.4 Traffic policy 생성
traffic policy p1
classifier c1 behavior b1 precedence 5
3.5 interface 적용
interface GE1/0/6
traffic-policy p1 outbound
3.6 참고 자료
3.6.1 Huawei 매뉴얼 : https://support.huawei.com/enterprise/en/doc/EDOC1000088754?section=j008
3.6.2 Cir, Pir, Cbs, Pbs 관련 자료 : https://www.netmanias.com/ko/post/blog/5442/network-protocol/bandwidth-control-understanding-traffic-policing
4. 경고
4.1 cisco 6509 의 mls qos 모듈 기능을 on으로 변경하면 port-channel이 suspend 되는 현상 발생
- 이러한 현상은 cisco 6509 라인카드의 qos queue type이 서로 상이하여 발생한 문제.
- port-channel로 구성된 인터페이스가 각각 상이한 라인카드에 꽂혀 있을때 아래와 같이 qos queue type이 다를 경우.
QOS scheduling: rx-(1q8t), tx-(1p7q8t) != QOS scheduling: rx-(8q8t), tx-(1p7q8t)
c6509#sh interfaces tenGigabitEthernet 1/1 capabilities
TenGigabitEthernet1/1
...
QOS scheduling: rx-(1q8t), tx-(1p7q8t)
...
c6509#sh interfaces tenGigabitEthernet 2/1 capabilities
TenGigabitEthernet2/1
...
QOS scheduling: rx-(8q8t), tx-(1p7q8t)
...
4.2 관련 로그
.Jan 31 09:57:17.263: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/1, changed state to down
.Jan 31 09:57:17.283: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/2, changed state to down
Jan 31 09:57:17.264: %EC-SP-5-CANNOT_BUNDLE2: Te2/1 is not compatible with Te1/1 and will be suspended (qos-card types of Te2/1 do not match Te1/1)
Jan 31 09:57:17.268: %LINEPROTO-SP-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/1, changed state to down
Jan 31 09:57:17.272: %EC-SP-5-CANNOT_BUNDLE2: Te2/1 is not compatible with Te1/1 and will be suspended (qos-card types of Te2/1 do not match Te1/1)
Jan 31 09:57:17.284: %EC-SP-5-CANNOT_BUNDLE2: Te2/2 is not compatible with Te1/2 and will be suspended (qos-card types of Te2/2 do not match Te1/2)
Jan 31 09:57:17.292: %LINEPROTO-SP-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/2, changed state to down
Jan 31 09:57:17.296: %EC-SP-5-CANNOT_BUNDLE2: Te2/2 is not compatible with Te1/2 and will be suspended (qos-card types of Te2/2 do not match Te1/2)
.Jan 31 09:59:07.011: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/1, changed state to up
.Jan 31 09:59:07.127: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/1, changed state to down
.Jan 31 09:59:07.143: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/1, changed state to up
.Jan 31 09:59:07.155: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/1, changed state to down
.Jan 31 09:59:07.171: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/1, changed state to up
.Jan 31 09:59:07.191: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/2, changed state to up
.Jan 31 09:59:07.199: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/2, changed state to down
.Jan 31 09:59:07.211: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/2, changed state to up
.Jan 31 09:59:07.219: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/2, changed state to down
.Jan 31 09:59:07.231: %LINEPROTO-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/2, changed state to up
Jan 31 09:59:06.999: %EC-SP-5-COMPATIBLE: Te2/1 is compatible with port-channel members
Jan 31 09:59:07.015: %LINEPROTO-SP-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/1, changed state to up
Jan 31 09:59:07.179: %EC-SP-5-COMPATIBLE: Te2/2 is compatible with port-channel members
Jan 31 09:59:07.191: %LINEPROTO-SP-5-UPDOWN: Line protocol on Interface TenGigabitEthernet2/2, changed state to up
4.3 결론 : “mls qos” 사용 시 6509 전체 네트워크에 문제가 생길 소지가 다분하므로 사용하지 않거나 type을 맞춰 줘야함.
'네트워크 > Switch' 카테고리의 다른 글
Cisco IOS 라이선스 별 차이점 (0) | 2023.08.30 |
---|---|
[Alteon L4] Session 정보 (0) | 2023.06.22 |
[CISCO 버그조치] %PLATFORM-4-ELEMENT_WARNING:Switch 1 R0/0: smand: 1/RP/0: Used Memory value 95% exceeds warning level 90% (0) | 2022.05.31 |
Cisco WS-C4948-S IOS UPGRADE (0) | 2022.05.12 |