The answer to this downside is determined by the kind of customers distinctions you choose to produce, also the edition of IOS that you're operating in the routers.

There have to be a thing that defines the different forms of traffic that you need to prioritize. Generally, the simpler the distinctions are in making, the higher. It is because all of the exams get router assets and introduce processing delays. The commonest principles for distinguishing amongst site traffic variations make use of the packet's input interface and rather simple IP header knowledge this sort of as TCP port quantities. The subsequent examples exhibit find out how to set an IP Precedence worth of immediate (2) for all FTP manage page views that arrives because of the serial0/0 interface, and an IP Precedence of concern (one) for all FTP knowledge targeted visitors. This distinction is possible considering that FTP regulate traffic works by using TCP port 21, and FTP information makes use of port twenty.

The brand new methodology for configuring this employs course maps. Cisco 1st introduced this feature in IOS Version 12.0(five)T. This method number one defines a class-map that specifies how the router will identify this type of potential customers. It then defines a policy-map that really helps make the improvements on the packet's TOS field:

Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#access-list 101 permit any eq ftp any
Router(config)#access-list 101 permit any any eq ftp
Router(config)#access-list 102 permit any eq ftp-data any
Router(config)#access-list 102 permit any any eq ftp-data
Router(config)#class-map match-all ser00-ftpcontrol
Router(config-cmap)#description branch ftp control traffic
Router(config-cmap)#match input-interface serial0/0
Router(config-cmap)#match access-group 101
Router(config-cmap)#exit
Router(config)#class-map match-all ser00-ftpdata
Router(config-cmap)#description branch ftp data traffic
Router(config-cmap)#match input-interface serial0/0
Router(config-cmap)#match access-group 102
Router(config-cmap)#exit
Router(config)#policy-map serialftppolicy
Router(config-pmap)#description branch ftp traffic policy
Router(config-pmap)#class ser00-ftpcontrol
Router(config-pmap-c)#set ip precedence immediate
Router(config-pmap-c)#exit
Router(config-pmap)#class ser00-ftpdata
Router(config-pmap-c)#set ip precedence priority
Router(config-pmap-c)#exit
Router(config-pmap)#exit
Router(config)#interface serial0/0
Router(config-if)#ip route-cache policy
Router(config-if)#service-policy input serialftppolicy
Router(config-if)#exit
Router(config)#end
Router#

For previously IOS versions, where class-maps have been not around, you have to make use of policy-based routing to alter the TOS subject in a packet. Applying this coverage with the interface tells the router to work with this coverage to test all incoming packets on this interface and rewrite those that match the route map:Router#configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#access-list 101 permit any eq ftp any
Router(config)#access-list 101 permit any any eq ftp
Router(config)#access-list 102 permit any eq ftp-data any
Router(config)#access-list 102 permit any any eq ftp-data
Router(config)#route-map serialftp-rtmap permit 10
Router(config-route-map)#match ip address 101
Router(config-route-map)#set ip precedence immediate
Router(config-route-map)#exit
Router(config)#route-map serialftp-rtmap permit 20
Router(config-route-map)#match ip address 102
Router(config-route-map)#set ip precedence priority
Router(config-route-map)#exit
Router(config)#interface serial0/0
Router(config-if)#ip policy route-map serialftp-rtmap
Router(config-if)#ip route-cache policy
Router(config-if)#exit
Router(config)#end
Router#

Prior to you'll tag a packet for exceptional cure, you've gotten to acquire a particularly very clear strategy of what styles of page views need to have exclusive procedure, and also specifically what kind of exceptional remedy they're going to will want. From the illustration, we've got decided to give a amazing priority to FTP visitors obtained on the specified serial interface. We show tips to do this working with equally the aged and new configuration tactics.
This will likely show up to be a relatively synthetic instance. Subsequent to all, why would you care about tagging inbound targeted visitors which you have previously received from a low-speed interface? In actual fact, one of several most significant ideas for utilizing QoS inside a network is the fact that it's best to forever tag the packet as early as you possibly can, ideally with the edges for the network. Then, since it passes through the network, each router only must consider the tag, and isn't going to have to do any additional classification. In this case, we'd be sure which the FTP site visitors returning while in the other course is tagged by foremost router that gets it. So the outbound customers has presently been tagged, and this is a waste of router sources to reclassify the outbound packets.

A large number of organizations realistically get this concept of marking in the edges an individual move further, and remark any obtained packet. This helps to make sure that customers are not requesting distinctive QoS privileges which they are not allowed to obtain. Though, you should be mindful of this considering that it can occasionally disrupt genuine markings. For instance, a real-time software would most likely use RSVP to order bandwidth with the network. It's always vital which the packets for this software have the applicable Expedited Forwarding (EF) DSCP marking or even the network may not handle them effectively. Regardless, additionally you never like to allow other non-real-time apps from this same resource have the similar EF priority degree. So, when you are going to configure your routers to remark all incoming packets on the edges, make sure that you perceive what incoming markings are legitimate.

In that situation, the routers are managing DLSw to bridge SNA page views through an IP network. Therefore the routers their selves in fact formulate the IP packets. This generates an additional challenge as there is no incoming interface. To make sure that recipe utilizes local policy-based routing. The actual fact the router generates the packets also gives it a crucial gain as it does not have to look at any DLSw packets which may just come about to go through.

The advantages from the newer class-map process are not obvious in this particular case in point, but among the list of primary massive advantages appears if you want to make use of the more fashionable DSCP tagging scheme. Because the more mature policy-based routing procedure would not instantly assist DSCP, you've gotten to fake it by environment each the IP Precedence plus the TOS individually as follows.

Router(config)#route-map serialftp-rtmap permit 10
Router(config-route-map)#match ip address 115
Router(config-route-map)#set ip precedence immediate
Router(config-route-map)#set ip tos max-throughput

In this case, the packet will wind up with an IP Precedence value of immediate, or 2 (010 in binary), and TOS of max-throughput, or 4 (0100 in binary).

Doing the same thing with the class-map method is much more direct:

Router(config)#policy-map serialftppolicy
Router(config-pmap)#class serialftpclass
Router(config-pmap-c)#set ip dscp af21

Class-maps will even be helpful afterwards within this chapter after we discuss class-based weighted fair queuing and class-based website traffic shaping.
It can be crucial to note that in the course of this entire example, now we have only place a wonderful price in to the packet's TOS or DSCP discipline. This, by alone, won't impact how the packet is forwarded because of the network. To try and do that, you have got to assure that as each and every router from the network forwards these marked packets, the interface queues will react appropriately to this related information.

At last, we should note that as this recipe shows two advantageous means of marking packets, by using Committed Accessibility Price (Automotive) attributes. Car tends to become alot more successful on bigger velocity interfaces.

Post in CCIE Security   Tags: CCIE Bootcamps • CCIE in Security • CCIE SP

Both comments and pings are currently closed.