DynagenでCCIEを目指す
Low Latincy Queueing
最終更新:
it_certification
-
view
1. 目的
- LLQの設定について確認します。
2. 構成
2.1. 設定概要
- Host OS側でApacheを起動させます。
- Guest OS, R1間は10Mで接続する事で、わざと輻輳を発生させます。
- R1, R2はOSPFでルーティングします。
2.2. 構成図
2.3. netファイル
model = 3620
[localhost]
[[3620]]
image = C:\Program Files\Dynamips\images\c3620-j1s3-mz.123-18.bin
ram = 128
[[ROUTER R1]]
f0/0 = NIO_gen_eth:\Device\NPF_{8B89D910-5ED3-4A43-9DE9-6A272A3D7592}
e1/0 = R2 e1/0
[[ROUTER R2]]
f0/0 = NIO_gen_eth:\Device\NPF_{5933302A-7AAA-475C-A8FE-A6B82B0C0F98}
2.4. 初期設定
- R1
! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R1 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 ip address 192.168.200.1 255.255.255.0 duplex auto speed auto ! interface Ethernet1/0 ip address 192.168.1.1 255.255.255.0 half-duplex ! interface Ethernet1/1 no ip address shutdown half-duplex ! interface Ethernet1/2 no ip address shutdown half-duplex ! interface Ethernet1/3 no ip address shutdown half-duplex ! router ospf 1 log-adjacency-changes passive-interface default no passive-interface Ethernet1/0 network 192.168.1.1 0.0.0.0 area 0 network 192.168.200.1 0.0.0.0 area 0 ! ip http server ip classless ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 ! ! end
- R2
! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R2 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 ip address 192.168.201.2 255.255.255.0 duplex auto speed auto ! interface Ethernet1/0 ip address 192.168.1.2 255.255.255.0 half-duplex ! interface Ethernet1/1 no ip address shutdown half-duplex ! interface Ethernet1/2 no ip address shutdown half-duplex ! interface Ethernet1/3 no ip address shutdown half-duplex ! router ospf 1 log-adjacency-changes passive-interface default no passive-interface Ethernet1/0 network 192.168.1.2 0.0.0.0 area 0 network 192.168.201.2 0.0.0.0 area 0 ! ip http server ip classless ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 ! ! end
2.5. サーバ側 ルーティング設定
- Host OS
route add 192.168.201.0 mask 255.255.255.0 192.168.200.1
- Guest OS
route add -net 192.168.200.0/24 gw 192.168.201.2
3. [事前準備] レスポンスタイムの測定
3.1. 検証意図
LLQは音声など極力遅延を軽減したい場合に使用するqueueing方式です。一般的には、音声・動画に絶対優先キューを割り当てます。
音声・動画の検証は手間がかかるので、このシナリオではICMPに絶対優先キューを割り当てた場合と割り当てない場合を比較します。
3.2. 輻輳発生
Guest OSで下記wgetコマンドを3つ同時に実行し、輻輳状態を再現します。
[root@localhost ~]# wget -O /dev/null http://192.168.200.100:10880/large.html --2010-12-05 14:13:12-- http://192.168.200.100:10880/large.html Connecting to 192.168.200.100:10880... connected. HTTP request sent, awaiting response... 200 OK Length: 23016000 (22M) [text/html] Saving to: `/dev/null' 0% [ ] 196,608 6.96K/s eta 44m 36s [root@localhost ~]# wget -O /dev/null http://192.168.200.100:10881/large.html --2010-12-05 14:13:17-- http://192.168.200.100:10881/large.html Connecting to 192.168.200.100:10881... connected. HTTP request sent, awaiting response... 200 OK Length: 23016000 (22M) [text/html] Saving to: `/dev/null' 1% [ ] 257,096 8.04K/s eta 44m 28s [root@localhost ~]# wget -O /dev/null http://192.168.200.100:10882/large.html --2010-12-05 14:13:19-- http://192.168.200.100:10882/large.html Connecting to 192.168.200.100:10882... connected. HTTP request sent, awaiting response... 200 OK Length: 23016000 (22M) [text/html] Saving to: `/dev/null' 0% [ ] 96,828 6.90K/s eta 93m 36s
3.3. レスポンスタイムの測定
3.2. の輻輳状態のままで、Guest OSからHost OSへのpingを30回実行します。
この時の平均レスポンスタイムが約800msである事を記憶にとどめておきます。
この時の平均レスポンスタイムが約800msである事を記憶にとどめておきます。
[hoge@localhost ~]$ ping 192.168.200.100 -c 30 PING 192.168.200.100 (192.168.200.100) 56(84) bytes of data. 64 bytes from 192.168.200.100: icmp_seq=1 ttl=126 time=879 ms 64 bytes from 192.168.200.100: icmp_seq=2 ttl=126 time=849 ms 64 bytes from 192.168.200.100: icmp_seq=3 ttl=126 time=809 ms 64 bytes from 192.168.200.100: icmp_seq=4 ttl=126 time=519 ms 64 bytes from 192.168.200.100: icmp_seq=5 ttl=126 time=1659 ms 64 bytes from 192.168.200.100: icmp_seq=6 ttl=126 time=1159 ms 64 bytes from 192.168.200.100: icmp_seq=7 ttl=126 time=569 ms 64 bytes from 192.168.200.100: icmp_seq=8 ttl=126 time=779 ms 64 bytes from 192.168.200.100: icmp_seq=9 ttl=126 time=519 ms 64 bytes from 192.168.200.100: icmp_seq=10 ttl=126 time=809 ms 64 bytes from 192.168.200.100: icmp_seq=11 ttl=126 time=509 ms 64 bytes from 192.168.200.100: icmp_seq=12 ttl=126 time=649 ms 64 bytes from 192.168.200.100: icmp_seq=13 ttl=126 time=649 ms 64 bytes from 192.168.200.100: icmp_seq=14 ttl=126 time=479 ms 64 bytes from 192.168.200.100: icmp_seq=15 ttl=126 time=379 ms 64 bytes from 192.168.200.100: icmp_seq=16 ttl=126 time=789 ms 64 bytes from 192.168.200.100: icmp_seq=17 ttl=126 time=399 ms 64 bytes from 192.168.200.100: icmp_seq=18 ttl=126 time=919 ms 64 bytes from 192.168.200.100: icmp_seq=19 ttl=126 time=969 ms 64 bytes from 192.168.200.100: icmp_seq=20 ttl=126 time=1589 ms 64 bytes from 192.168.200.100: icmp_seq=21 ttl=126 time=1689 ms 64 bytes from 192.168.200.100: icmp_seq=22 ttl=126 time=1249 ms 64 bytes from 192.168.200.100: icmp_seq=23 ttl=126 time=729 ms 64 bytes from 192.168.200.100: icmp_seq=24 ttl=126 time=769 ms 64 bytes from 192.168.200.100: icmp_seq=25 ttl=126 time=669 ms 64 bytes from 192.168.200.100: icmp_seq=26 ttl=126 time=659 ms 64 bytes from 192.168.200.100: icmp_seq=27 ttl=126 time=589 ms 64 bytes from 192.168.200.100: icmp_seq=28 ttl=126 time=459 ms 64 bytes from 192.168.200.100: icmp_seq=29 ttl=126 time=719 ms 64 bytes from 192.168.200.100: icmp_seq=30 ttl=126 time=509 ms --- 192.168.200.100 ping statistics --- 30 packets transmitted, 30 received, 0% packet loss, time 29929ms rtt min/avg/max/mdev = 379.997/798.327/1689.987/346.927 ms, pipe 2 [hoge@localhost ~]$
4. [検証] LLQ
4.1. 設定投入
R1 e1/0で以下の割合で、LLQを実装します。
| 概要 | ACL | CLASS | 割当 |
|---|---|---|---|
| SSH | ACL_SSH | CLASS_SSH_ICMP | 20% |
| ICMP | ACL_ICMP | ||
| tcp10880のHTTP | ACL_10880 | CLASS_10880 | 50% |
| その他 | class-default |
具体的な実装例は以下の通りです。
R1(config)#ip access-list extended ACL_SSH R1(config-ext-nacl)#permit tcp any any eq 22 R1(config-ext-nacl)#exit R1(config)#ip access-list extended ACL_ICMP R1(config-ext-nacl)#permit icmp any any R1(config-ext-nacl)#exit R1(config)#ip access-list extended ACL_10880 R1(config-ext-nacl)#permit tcp any eq 10880 any R1(config-ext-nacl)#exit R1(config)# R1(config)#class-map match-any CLASS_SSH_ICMP R1(config-cmap)#match access-group name ACL_SSH R1(config-cmap)#match access-group name ACL_ICMP R1(config-cmap)#exit R1(config)#class-map CLASS_10880 R1(config-cmap)#match access-group name ACL_10880 R1(config-cmap)#exit R1(config)# R1(config)# R1(config)#policy-map POLICY_E00_OUT R1(config-pmap)#class CLASS_SSH_ICMP R1(config-pmap-c)#priority percent 20 R1(config-pmap-c)#exit R1(config-pmap)#class CLASS_10880 R1(config-pmap-c)#bandwidth percent 50 R1(config-pmap-c)#exit R1(config-pmap)#class class-default R1(config-pmap-c)#fair-queue R1(config-pmap-c)#exit R1(config-pmap)#exit R1(config)# R1(config)# R1(config)#interface Ethernet 1/0 R1(config-if)#service-policy output POLICY_E00_OUT
4.2. レスポンスタイムの測定
3.2. の輻輳状態のままで、Guest OSからHost OSへのpingを30回実行します。
この時の平均レスポンスタイムが約430msです。LLQ実装前に比べて、レスポンスタイムが速くなった事が読み取れます。
この時の平均レスポンスタイムが約430msです。LLQ実装前に比べて、レスポンスタイムが速くなった事が読み取れます。
[hoge@localhost ~]$ ping 192.168.200.100 -c 30 PING 192.168.200.100 (192.168.200.100) 56(84) bytes of data. 64 bytes from 192.168.200.100: icmp_seq=1 ttl=126 time=429 ms 64 bytes from 192.168.200.100: icmp_seq=2 ttl=126 time=409 ms 64 bytes from 192.168.200.100: icmp_seq=3 ttl=126 time=189 ms 64 bytes from 192.168.200.100: icmp_seq=4 ttl=126 time=609 ms 64 bytes from 192.168.200.100: icmp_seq=5 ttl=126 time=519 ms 64 bytes from 192.168.200.100: icmp_seq=6 ttl=126 time=219 ms 64 bytes from 192.168.200.100: icmp_seq=7 ttl=126 time=679 ms 64 bytes from 192.168.200.100: icmp_seq=8 ttl=126 time=589 ms 64 bytes from 192.168.200.100: icmp_seq=9 ttl=126 time=439 ms 64 bytes from 192.168.200.100: icmp_seq=10 ttl=126 time=429 ms 64 bytes from 192.168.200.100: icmp_seq=11 ttl=126 time=339 ms 64 bytes from 192.168.200.100: icmp_seq=12 ttl=126 time=329 ms 64 bytes from 192.168.200.100: icmp_seq=13 ttl=126 time=389 ms 64 bytes from 192.168.200.100: icmp_seq=14 ttl=126 time=529 ms 64 bytes from 192.168.200.100: icmp_seq=15 ttl=126 time=489 ms 64 bytes from 192.168.200.100: icmp_seq=16 ttl=126 time=589 ms 64 bytes from 192.168.200.100: icmp_seq=17 ttl=126 time=529 ms 64 bytes from 192.168.200.100: icmp_seq=18 ttl=126 time=389 ms 64 bytes from 192.168.200.100: icmp_seq=19 ttl=126 time=639 ms 64 bytes from 192.168.200.100: icmp_seq=20 ttl=126 time=509 ms 64 bytes from 192.168.200.100: icmp_seq=21 ttl=126 time=529 ms 64 bytes from 192.168.200.100: icmp_seq=22 ttl=126 time=379 ms 64 bytes from 192.168.200.100: icmp_seq=23 ttl=126 time=329 ms 64 bytes from 192.168.200.100: icmp_seq=24 ttl=126 time=349 ms 64 bytes from 192.168.200.100: icmp_seq=25 ttl=126 time=369 ms 64 bytes from 192.168.200.100: icmp_seq=26 ttl=126 time=329 ms 64 bytes from 192.168.200.100: icmp_seq=27 ttl=126 time=399 ms 64 bytes from 192.168.200.100: icmp_seq=28 ttl=126 time=269 ms 64 bytes from 192.168.200.100: icmp_seq=29 ttl=126 time=359 ms 64 bytes from 192.168.200.100: icmp_seq=30 ttl=126 time=339 ms --- 192.168.200.100 ping statistics --- 30 packets transmitted, 30 received, 0% packet loss, time 29909ms rtt min/avg/max/mdev = 189.998/430.663/679.995/120.248 ms [hoge@localhost ~]$
4.3. 設定確認
show policy-map interfaceコマンドで設定を確認する事ができます。
R1#show policy-map interface Ethernet 1/0
Ethernet1/0
Service-policy output: POLICY_E00_OUT
Class-map: CLASS_SSH_ICMP (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group name ACL_SSH
0 packets, 0 bytes
5 minute rate 0 bps
Match: access-group name ACL_ICMP
0 packets, 0 bytes
5 minute rate 0 bps
Queueing
Strict Priority
Output Queue: Conversation 264
Bandwidth 20 (%)
Bandwidth 2000 (kbps) Burst 50000 (Bytes)
(pkts matched/bytes matched) 0/0
(total drops/bytes drops) 0/0
Class-map: CLASS_10880 (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group name ACL_10880
Queueing
Output Queue: Conversation 265
Bandwidth 50 (%)
Bandwidth 5000 (kbps) Max Threshold 64 (packets)
(pkts matched/bytes matched) 0/0
(depth/total drops/no-buffer drops) 0/0/0
Class-map: class-default (match-any)
27 packets, 2656 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
Queueing
Flow Based Fair Queueing
Maximum Number of Hashed Queues 256
(total queued/total drops/no-buffer drops) 0/0/0
R1#
5. [補足] remainging指定
5.1. 設定例
残りの割当可能な帯域に対する割合で、帯域を指定する事ができます。
以下は、SSH, ICMPに2500kbpsを割り当て、tcp10880に3750kbps( = (10Mbps - 2500kbps) x 0.5)を割り当てる設定です。
以下は、SSH, ICMPに2500kbpsを割り当て、tcp10880に3750kbps( = (10Mbps - 2500kbps) x 0.5)を割り当てる設定です。
R1(config)#policy-map POLICY_E00_OUT R1(config-pmap)#class CLASS_SSH_ICMP R1(config-pmap-c)#priority 2500 R1(config-pmap-c)#exit R1(config-pmap)#class CLASS_10880 R1(config-pmap-c)#no bandwidth R1(config-pmap-c)#bandwidth remaining percent 50
5.2. 設定確認
show policy-map interfaceコマンドで確認すると、「Bandwidth remaining 50 (%)」と表記されている事が確認できます。
R1#show policy-map interface Ethernet 1/0
Ethernet1/0
Service-policy output: POLICY_E00_OUT
Class-map: CLASS_SSH_ICMP (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group name ACL_SSH
0 packets, 0 bytes
5 minute rate 0 bps
Match: access-group name ACL_ICMP
0 packets, 0 bytes
5 minute rate 0 bps
Queueing
Strict Priority
Output Queue: Conversation 264
Bandwidth 2500 (kbps) Burst 62500 (Bytes)
(pkts matched/bytes matched) 0/0
(total drops/bytes drops) 0/0
Class-map: CLASS_10880 (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group name ACL_10880
Queueing
Output Queue: Conversation 265
Bandwidth remaining 50 (%) Max Threshold 64 (packets) <- remainingと表記されています。
(pkts matched/bytes matched) 0/0
(depth/total drops/no-buffer drops) 0/0/0
Class-map: class-default (match-any)
82 packets, 8011 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
Queueing
Flow Based Fair Queueing
Maximum Number of Hashed Queues 256
(total queued/total drops/no-buffer drops) 0/0/0
R1#
添付ファイル
