DynagenでCCIEを目指す
INE Workbook Volume I QoS 確認トラフィックの生成 (1)
最終更新:
it_certification
-
view
- 10.2 Weighted Fair Queuing (WFQ)
- 10.3 Legacy RTP Reserved Queue
- 10.4 Legacy RTP Prioritization
- 10.5 Legacy Custom Queueing
- 10.6 Legacy Custom Queueing with Prioritization
- 10.7 Legacy Priority Queueing
- 10.8 Legacy Random Early Detection
- 10.9 Legacy Flow-Based Random Early Detection
- 10.10 Selective Packet Discard
- 10.11 Payload Compression on Serial Links
- 10.12 Generic TCP/UDP Header Compression
- 10.13 MLP Link Fragmentation and Interleaving
- 10.14 Legacy Generic Traffic Shaping
- 10.15 Legacy CAR for Admission Control
- 10.16 Oversubscription with Legacy CAR and WFQ
- 10.17 Legacy CAR Rate Limiting
- 10.18 Legacy CAR Access-Lists
- 10.19 Legacy GTS for Frame Relay
- 10.20 Legacy Frame Relay Traffic Shaping
- 10.30 Legacy FRTS PVC Interface Priority Queue
- 10.31 Frame-Relay Priority to DLCI Mapping
- 10.32 Frame-Relay Traffic Policing & Congestion Mgmt
10.2 Weighted Fair Queuing (WFQ)
下記のI/Fをdownさせ、トラフィックがR4, R5間のserial linkを流れるようにします。
<pre class="simple">
<pre class="simple">
<b>R1:</b>
interface Serial 0/0
shutdown
!
interface Serial 0/1
interface Serial 0/1
shutdown
<b>R4:</b>
interface Serial 0/1/0
shutdown
</pre>
}}
}}
以下のpingを発生されます。
| src | dst | Prec, DSCP | |
| SW2 | R1 | Prec 1 | ping size 156 timeout 0 |
| SW4 | R6 | Prec 3 | ping size 156 timeout 0 |
Rack18SW2#ping Protocol [ip]: Target IP address: 150.18.1.1 Repeat count [5]: 99999999 Datagram size [100]: 156 Timeout in seconds [2]: 1 Extended commands [n]: y Source address or interface: Loopback0 Type of service [0]: 32 Set DF bit in IP header? [no]: Validate reply data? [no]: Data pattern [0xABCD]: Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of sizes [n]: Rack18SW4#ping Protocol [ip]: Target IP address: 150.18.6.6 Repeat count [5]: 99999999 Datagram size [100]: 156 Timeout in seconds [2]: 1 Extended commands [n]: y Source address or interface: Loopback0 Type of service [0]: 96 Set DF bit in IP header? [no]: Validate reply data? [no]: Data pattern [0xABCD]: Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of sizes [n]:
precedenceによって通信速度が異なる事が、目視でも充分確認できます。
念のため通信速度を確認すると、以下の通りです。
念のため通信速度を確認すると、以下の通りです。
Rack18R1#show interfaces FastEthernet 0/0 | include input rate 30 second input rate 15000 bits/sec, 11 packets/sec Rack18R1# Rack18R6#show interfaces FastEthernet 0/0 | include input rate 30 second input rate 61000 bits/sec, 44 packets/sec Rack18R6#
10.3 Legacy RTP Reserved Queue
ping通信断による確認
音声の通信品質を保証する機能を動作確認するためには、UDP jitterを発生させMOS値が改善されるかどうかを調べる必要があります。しかし、"どの程度の帯域の音声通信を発生させるのか", "音声を妨害するパケットはどの程度にするのか"などのチューニングは非常に難しく、恐らく試験時間内に適当なパラメータを見つけてMOS値を確認するのは非常に難しいと思われます。
そこで、お勧めできる方法は、UDP jitterとpingを同時に発生され、pingが定期的に落ちる事で音声が優先された事を推測する方法です。RTP Reserved QueueやRTP priority Queue, LLQなどは、音声が通信している間は他パケットが通信できません。pingが定期的に落ちる事から、音声が定期的に優先されている事を推測する事ができます。
そこで、お勧めできる方法は、UDP jitterとpingを同時に発生され、pingが定期的に落ちる事で音声が優先された事を推測する方法です。RTP Reserved QueueやRTP priority Queue, LLQなどは、音声が通信している間は他パケットが通信できません。pingが定期的に落ちる事から、音声が定期的に優先されている事を推測する事ができます。
| src | dst | Prec, DSCP | |
|---|---|---|---|
| R1 | R5 | Prec 0 | UDP jitter |
| R6 | SW4 | Prec 7 | ping size 156 timeout 1 |
R1:
ip sla monitor 1
type jitter dest-ipaddr 150.18.5.5 dest-port 16384 source-ipaddr 150.18.1.1 source-port 16384
codec g729a codec-interval 1
timeout 800
frequency 1
ip sla monitor schedule 1 life forever start-time now
上記UDP jitterと同時に以下pingを送信します。UDP jitterが優先されるため、定期的にpingがdropされる現象が発生しています。
R6: Rack18R6#ping Protocol [ip]: Target IP address: 155.18.10.10 Repeat count [5]: 99999999 Datagram size [100]: 156 Timeout in seconds [2]: 1 Extended commands [n]: y Source address or interface: Loopback0 Type of service [0]: 224 Set DF bit in IP header? [no]: Validate reply data? [no]: Data pattern [0xABCD]: Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of sizes [n]: Type escape sequence to abort. Sending 99999999, 156-byte ICMP Echos to 155.18.10.10, timeout is 1 seconds: Packet sent with a source address of 150.18.6.6 !!!!!!!!!!!.!!!!!!!!!!.!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!. !!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!.!!!!!!.!!!!!!!!!!!!!!!!!!!!!!.!!!
MOS 値による確認
以下のUDP jitterとpingを同時に送信します。
| src | dst | Prec, DSCP | |
|---|---|---|---|
| R1 | R5 | Prec 0 | UDP jitter |
| R6 | SW4 | Prec 7 | ping size 156 timeout 1 |
R1: ip sla monitor 1 type jitter dest-ipaddr 150.18.5.5 dest-port 16384 source-ipaddr 150.18.1.1 source-port 16384 codec g729a codec-interval 1 timeout 800 frequency 1 ip sla monitor schedule 1 life forever start-time now R6: Rack18R6#ping Protocol [ip]: Target IP address: 150.18.10.10 Repeat count [5]: 99999999 Datagram size [100]: 156 Timeout in seconds [2]: 1 Extended commands [n]: y Source address or interface: Loopback0 Type of service [0]: 224 Set DF bit in IP header? [no]: Validate reply data? [no]: Data pattern [0xABCD]: Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of sizes [n]: Sending 99999999, 156-byte ICMP Echos to 155.18.10.10, timeout is 1 seconds: Packet sent with a source address of 150.18.6.6 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
IP RTP reservedを投入する前のMOS値を確認します。
R1:
Rack18R1#show ip sla monitor statistics
Round trip time (RTT) Index 1
Latest RTT: 77 ms
Latest operation start time: 17:16:59.518 UTC Mon Jul 11 2011
Latest operation return code: OK
RTT Values
Number Of RTT: 315
RTT Min/Avg/Max: 23/111/129 ms
Latency one-way time milliseconds
Number of one-way Samples: 0
Source to Destination one way Min/Avg/Max: 0/0/0 ms
Destination to Source one way Min/Avg/Max: 0/0/0 ms
Jitter time milliseconds
Number of Jitter Samples: 229
Source to Destination Jitter Min/Avg/Max: 1/4/11 ms
Destination to Source Jitter Min/Avg/Max: 1/1/2 ms
Packet Loss Values
Loss Source to Destination: 105 Loss Destination to Source: 0
Out Of Sequence: 0 Tail Drop: 31 Packet Late Arrival: 0
Voice Score Values
Calculated Planning Impairment Factor (ICPIF): 38
MOS score: 2.85
Number of successes: 83
Number of failures: 0
Operation time to live: Forever
Rack18R1#
IP RTP reservedを投入後のMOS値を確認します。通信品質が改善されている事を確認します。
R1: Rack18R1#show ip sla monitor statistics | include MOS MOS score: 4.06 Rack18R1#
10.4 Legacy RTP Prioritization
以下のUDP jitterとpingを同時に送信します。UDP jitterは前問と同様の設定で、pingはtimeoutを0秒に変更しています。
| src | dst | Prec, DSCP | |
|---|---|---|---|
| R1 | R5 | Prec 0 | UDP jitter |
| R6 | SW4 | Prec 7 | ping size 156 timeout 1 |
R6: Rack18R6#ping Protocol [ip]: Target IP address: 150.18.10.10 Repeat count [5]: 99999999 Datagram size [100]: 156 Timeout in seconds [2]: 0 Extended commands [n]: y Source address or interface: Loopback0 Type of service [0]: 224 Set DF bit in IP header? [no]: Validate reply data? [no]: Data pattern [0xABCD]: Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of sizes [n]: Sending 99999999, 156-byte ICMP Echos to 155.18.10.10, timeout is 0 seconds: Packet sent with a source address of 150.18.6.6 ...................................................................... ......................................................................
IP RTP priorityを投入する前のMOS値を確認します。
R1: Rack18R1#show ip sla monitor statistics | include MOS MOS score: 2.85 Rack18R1#
IP RTP priorityを投入後のMOS値を確認します。通信品質が改善されている事を確認します。
R1: Rack18R1#show ip sla monitor statistics | include MOS MOS score: 4.06 Rack18R1#
10.5 Legacy Custom Queueing
以下の通信を発生されます。
| src | dst | Prec, DSCP | |
|---|---|---|---|
| SW2 | R1 | Prec 0 | http |
| SW4 | R6 | Prec 0 | ping size 156 timeout 1 |
| R2 | R1 | Prec 0 | UDP jitter |
R1:
ip sla monitor responder
ip sla monitor 1
type jitter dest-ipaddr 150.18.5.5 dest-port 16384 source-ipaddr 150.18.1.1 source-port 16384
codec g729a codec-interval 1
timeout 800
frequency 1
ip sla monitor schedule 1 life forever start-time now
R6:
ip http server
ip http path flash:
ping 150.18.5.5 size 156 repeat 9999999 timeout 1
SW4
ip http client password cisco
copy http://155.18.146.6/c1841-adventerprisek9-mz.124-24.T.bin null:
パケットが想定通りにqueueingされているかを確認します。R5 s0/1/0 input方向(R4 s0/1/0 out方向では想定通りの値が取得できません)に、通信速度計測用のpolicy-mapを適用します。VOICE, HTTP, ICMPが、およそ3:6:1の割合で送信されている事を確認します。
R5:
access-list 100 permit tcp any eq www any
access-list 101 permit icmp any any
!
class-map match-all ICMP
match access-group 101
class-map match-all HTTP
match access-group 100
class-map match-all VOICE
match packet length min 60 max 60
!
policy-map METER
class VOICE
class HTTP
class ICMP
!
interface Serial0/1/0
service-policy input METER
Rack18R5#show policy-map interface
Serial0/1/0
Service-policy input: METER
Class-map: VOICE (match-all)
7022 packets, 449408 bytes
30 second offered rate 33000 bps
Match: packet length min 60 max 60
Class-map: HTTP (match-all)
2014 packets, 1168120 bytes
30 second offered rate 77000 bps
Match: access-group 100
Class-map: ICMP (match-all)
1167 packets, 186720 bytes
30 second offered rate 12000 bps
Match: access-group 101
Class-map: class-default (match-any)
926818 packets, 68790385 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: any
Rack18R5#
10.6 Legacy Custom Queueing with Prioritization
確認不要
10.7 Legacy Priority Queueing
"10.5 Legacy Custom Queueing"と同様のトラフィックを発生させます。
Custom Queueingに比べて、ICMPの送信速度がかなり遅くなった事を確認します。
Custom Queueingに比べて、ICMPの送信速度がかなり遅くなった事を確認します。
R5:
Rack18R5#show policy-map interface
Serial0/1/0
Service-policy input: METER
Class-map: VOICE (match-all)
187354 packets, 11990656 bytes
30 second offered rate 96000 bps
Match: packet length min 60 max 60
Class-map: HTTP (match-all)
4502 packets, 2608851 bytes
30 second offered rate 20000 bps
Match: access-group 100
Class-map: ICMP (match-all)
2443 packets, 352880 bytes
30 second offered rate 4000 bps
Match: access-group 101
Class-map: class-default (match-any)
927348 packets, 68876809 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: any
Rack18R5#
10.8 Legacy Random Early Detection
Precedenceが異なる2種類のpingを送信します。
| src | dst | Prec, DSCP | |
|---|---|---|---|
| R1 | R5 | Prec 3 | ping size 156 timeout 1 |
| R6 | R5 | Prec 0 | ping size 156 timeout 1 |
それぞれのpingのdropされる頻度や送信速度が異なる事を目視により確認します。
R1: Rack18R1#ping Protocol [ip]: Target IP address: 155.18.45.5 Repeat count [5]: 99999999 Datagram size [100]: 156 Timeout in seconds [2]: 1 Extended commands [n]: y Source address or interface: Type of service [0]: 96 Set DF bit in IP header? [no]: Validate reply data? [no]: Data pattern [0xABCD]: Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of sizes [n]: !!!!!!!!!!!!!!!.!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! R6: Rack18R6# ping 155.18.45.5 size 156 repeat 99999999 timeout 1 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!! !!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!.!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!.!!!!!!!!!!!!.!!!!!.!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!! !!.!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
pingを目視するだけの確認で不安を感じる場合は、以下のshowコマンドでrandom dropされたパケット数を確認する事ができます。
R4:
Rack18R4#sho queueing interface s0/1/0
Interface Serial0/1/0 queueing strategy: random early detection (WRED)
Random-detect not active on the dialer
Exp-weight-constant: 9 (1/512)
Mean queue depth: 33
class Random drop Tail drop Minimum Maximum Mark
pkts/bytes pkts/bytes thresh thresh prob
0 136/8896 0/0 20 40 1/10
1 0/0 0/0 22 40 1/10
2 0/0 0/0 24 40 1/10
3 2/320 0/0 26 40 1/10
4 0/0 0/0 28 40 1/10
5 0/0 0/0 31 40 1/10
6 0/0 0/0 41 42 1/10
7 0/0 0/0 41 42 1/10
rsvp 0/0 0/0 37 40 1/10
Rack18R4#
10.9 Legacy Flow-Based Random Early Detection
"10.8 Legacy Random Early Detection"と同様の確認が可能です。
Flow-Based WREDは各flow毎のthresholdが小さくなるので、WREDに比べてdropされる頻度が大きくなっている事が読み取れます。
Flow-Based WREDは各flow毎のthresholdが小さくなるので、WREDに比べてdropされる頻度が大きくなっている事が読み取れます。
R4:
Rack18R4#show queueing interface Serial 0/1/0
Interface Serial0/1/0 queueing strategy: random early detection (WRED)
Random-detect not active on the dialer
Exp-weight-constant: 9 (1/512)
Mean queue depth: 10
Max flow count: 16 Average depth factor: 2
Flows (active/max active/max): 1/5/16
class Random drop Tail drop Minimum Maximum Mark
pkts/bytes pkts/bytes thresh thresh prob
0 2302/150900 1932/131229 5 10 1/10
1 0/0 0/0 5 10 1/10
2 0/0 0/0 6 10 1/10
3 22/3520 73/11680 6 10 1/10
4 0/0 0/0 7 10 1/10
5 0/0 0/0 7 10 1/10
6 0/0 0/0 41 42 1/10
7 0/0 0/0 41 42 1/10
rsvp 0/0 0/0 9 10 1/10
Rack18R4#
10.10 Selective Packet Discard
確認は非常に困難です。
10.11 Payload Compression on Serial Links
compressされやすいパケットを送信します。通常のpingはcompressされない事に注意して下さい。
Data patternを指定したping, telnet, HTTPなどを送信します。
Data patternを指定したping, telnet, HTTPなどを送信します。
R3: Rack18R3#ping Protocol [ip]: Target IP address: 155.18.13.1 Repeat count [5]: Datagram size [100]: 1500 Timeout in seconds [2]: Extended commands [n]: y Source address or interface: Type of service [0]: Set DF bit in IP header? [no]: Validate reply data? [no]: Data pattern [0xABCD]: xABABABAB Invalid pattern, try again. Data pattern [0xABCD]: ABAB Invalid pattern, try again. Data pattern [0xABCD]: 0xABAB Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of sizes [n]: Type escape sequence to abort. Sending 5, 1500-byte ICMP Echos to 155.18.13.1, timeout is 2 seconds: Packet has data pattern 0xABAB !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/32 ms Rack18R3# Rack18R3#telnet 155.18.13.1 Trying 155.18.13.1 ... Open
送信したパケットが圧縮された事を以下のshowコマンドにより確認します。
R3:
Rack18R3#show compress
Serial1/2
Software compression enabled
uncompressed bytes xmt/rcv 8416/8290
compressed bytes xmt/rcv 802/750
Compressed bytes sent: 802 bytes 0 Kbits/sec ratio: 10.493
Compressed bytes recv: 750 bytes 0 Kbits/sec ratio: 11.053
1 min avg ratio xmt/rcv 1.512/1.232
5 min avg ratio xmt/rcv 0.896/0.685
10 min avg ratio xmt/rcv 0.896/0.685
no bufs xmt 0 no bufs rcv 0
resyncs 0
Additional Stac Stats:
Transmit bytes: Uncompressed = 42 Compressed = 802
Received bytes: Compressed = 760 Uncompressed = 44
Rack18R3#
10.12 Generic TCP/UDP Header Compression
INEの確認方法を参照下さい。
10.13 MLP Link Fragmentation and Interleaving
確認は非常に困難です。
10.14 Legacy Generic Traffic Shaping
以下のpingを送信します。
| src | dst | Prec, DSCP | |
|---|---|---|---|
| R6 | R4 | Prec 0 | ping size 1500 |
R6: Rack18R6#ping 150.18.4.0 size 1500 repeat 99999999 Type escape sequence to abort. Sending 99999999, 1500-byte ICMP Echos to 150.18.4.0, timeout is 2 seconds: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
show intコマンドにより、想定通りの送信速度(128Kbps)になっている事を確認します。
R6: Rack18R4#show interfaces FastEthernet 0/1 | include rate Queueing strategy: fifo 30 second input rate 128000 bits/sec, 10 packets/sec 30 second output rate 127000 bits/sec, 10 packets/sec Rack18R4#
10.15 Legacy CAR for Admission Control
以下のpingを送信します。
| src | dst | Prec, DSCP | |
|---|---|---|---|
| R1 | SW2 | Prec 0 | ping timeout 0 |
R1: Rack18R1#ping 155.18.58.8 repeat 99999999 timeout 0 Type escape sequence to abort. Sending 99999999, 100-byte ICMP Echos to 155.18.58.8, timeout is 0 seconds: ...................................................................... ...................................................................... ......................................................................
conformはprec 1、exceedはprec 0としてマーキングされている事を確認します。
マーキングを確認するACLを作成し、R4 Virtual-Template1 output方向に設定します。想定通りのMarkingがされた事を確認します。
マーキングを確認するACLを作成し、R4 Virtual-Template1 output方向に設定します。想定通りのMarkingがされた事を確認します。
R4:
ip access-list extended CHECK_PREC
permit ip any any precedence routine
permit ip any any precedence priority
permit ip any any
!
interface Virtual-Template1
ip access-group CHECK_PREC out
Rack18R4#show access-lists CHECK_PREC
Extended IP access list CHECK_PREC
10 permit ip any any precedence routine (55087 matches)
20 permit ip any any precedence priority (17834 matches)
99 permit ip any any
Rack18R4#
想定通りのマーキングがなされているかの確認にはなりませんが、以下のshowコマンドを使用するとrate-limitの設定を一目で確認する事ができて非常に便利です。
R4:
Rack18R4#show interfaces FastEthernet 0/1 rate-limit
FastEthernet0/1
Input
matches: access-group 102
params: 256000 bps, 4000 limit, 4000 extended limit
conformed 19810 packets, 2257860 bytes; action: set-prec-transmit 1
exceeded 59834 packets, 6821028 bytes; action: set-prec-transmit 0
last packet: 960ms ago, current burst: 3954 bytes
last cleared 00:01:33 ago, conformed 192000 bps, exceeded 581000 bps
Rack18R4#
10.16 Oversubscription with Legacy CAR and WFQ
以下のpingを送信します。
| src | dst | Prec, DSCP | |
|---|---|---|---|
| R1 | SW2 | Prec 0 | ping timeout 0 |
| R6 | SW2 | Prec 0 | ping timeout 0 |
R1: Rack18R1#ping 155.18.58.8 repeat 99999999 timeout 0 Type escape sequence to abort. Sending 99999999, 100-byte ICMP Echos to 155.18.58.8, timeout is 0 seconds: ...................................................................... ...................................................................... ...................................................................... R6: Rack18R6#ping 155.18.58.8 repeat 99999999 timeout 0 Type escape sequence to abort. Sending 99999999, 100-byte ICMP Echos to 155.18.58.8, timeout is 0 seconds: ...................................................................... ...................................................................... ......................................................................
以下のshowコマンドにより受信速度が制限されている事を確認します。正確な通信速度を計測するには、R5 s0/1/0に速度計測用のpolicy-mapを適用する必要がありますが、確認に非常に時間がかかるのでお勧めできません。
R4:
Rack18R4#show interfaces FastEthernet 0/1 rate-limit
FastEthernet0/1
Input
matches: access-group 102
params: 56000 bps, 2800 limit, 2800 extended limit
conformed 12201 packets, 1389954 bytes; action: set-prec-transmit 1
exceeded 193666 packets, 22077588 bytes; action: continue
last packet: 0ms ago, current burst: 2794 bytes
last cleared 00:04:07 ago, conformed 44000 bps, exceeded 713000 bps
matches: access-group 102
params: 112000 bps, 2800 limit, 2800 extended limit
conformed 16996 packets, 1937304 bytes; action: set-prec-transmit 0
exceeded 128161 packets, 14610354 bytes; action: drop
last packet: 0ms ago, current burst: 2772 bytes
last cleared 00:03:06 ago, conformed 82000 bps, exceeded 625000 bps
matches: access-group 103
params: 56000 bps, 2800 limit, 2800 extended limit
conformed 982 packets, 114528 bytes; action: set-prec-transmit 1
exceeded 29677 packets, 3383350 bytes; action: continue
last packet: 0ms ago, current burst: 2742 bytes
last cleared 00:02:30 ago, conformed 6000 bps, exceeded 180000 bps
matches: access-group 103
params: 112000 bps, 2800 limit, 2800 extended limit
conformed 1619 packets, 184566 bytes; action: set-prec-transmit 0
exceeded 28060 packets, 3199012 bytes; action: drop
last packet: 320ms ago, current burst: 2746 bytes
last cleared 00:01:44 ago, conformed 15000 bps, exceeded 265000 bps
Rack18R4#
10.17 Legacy CAR Rate Limiting
以下のpingを送信します。
| src | dst | Prec, DSCP | |
|---|---|---|---|
| R1 | R6 | Prec 0 | ping size 1500 timeout 1 |
R1: Rack18R1#ping 150.18.6.6 repeat 99999999 timeout 1 size 1500 Type escape sequence to abort. Sending 99999999, 1500-byte ICMP Echos to 150.18.6.6, timeout is 1 seconds: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!! !!!.!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!! !!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!! !!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!! !!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!! !!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!.!!!!!! !!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!.! !!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!. Success rate is 97 percent (795/817), round-trip min/avg/max = 1/4/8 ms Rack18R1#
pingが23回に1回dropされている事が読み取れます。ほぼ1秒間に1500byteのpingが23回送信されている事から通信速度を推測する事ができます。想定通りの速度(256Kbps)に近い値が算出された事を確認します。
23 x 1500 byte x 8 bit/byte = 276000 bit
10.18 Legacy CAR Access-Lists
MACアドレスによる制御
以下のpingを送信し、R4からの通信は制限されていますがR6からの通信は制限されていない事を確認します。
| src | dst | Prec, DSCP | |
|---|---|---|---|
| R4 | R1 | Prec 0 | ping size 1500 timeout 1 |
| R6 | R1 | Prec 0 | ping size 1500 timeout 1 |
R4: Rack18R4#ping 150.18.1.1 size 1500 timeout 1 repeat 100 Type escape sequence to abort. Sending 100, 1500-byte ICMP Echos to 150.18.1.1, timeout is 1 seconds: !!!!!!.!!!!!!.!!!!!!.!!!!!!.!!!!!!.!!!!!!.!!!!!!.!!!!!!.!!!!!!.!!!!!!. !!!!!!.!!!!!!.!!!!!!.!!!!!!.!! Success rate is 86 percent (86/100), round-trip min/avg/max = 1/2/4 ms Rack18R4# R6: Rack18R6#ping 150.18.1.1 size 1500 timeout 1 repeat 100 Type escape sequence to abort. Sending 100, 1500-byte ICMP Echos to 150.18.1.1, timeout is 1 seconds: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Success rate is 100 percent (100/100), round-trip min/avg/max = 4/4/4 ms Rack18R6#
IP Precedenceによる制御
以下のpingを送信し、Prec 1, 2, 4のパケットは通信量が制限されていますが、その他のパケットは制限されていない事を確認します。
| src | dst | Prec, DSCP | |
|---|---|---|---|
| R6 | SW1 | Prec 0 | ping size 1500 |
| R6 | SW1 | Prec 1 | ping size 1500 |
R4: Rack18R6#ping 155.18.67.7 repeat 100 size 1500 Type escape sequence to abort. Sending 100, 1500-byte ICMP Echos to 155.18.67.7, timeout is 2 seconds: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Success rate is 100 percent (100/100), round-trip min/avg/max = 4/4/8 ms Rack18R6# Rack18R6#ping Protocol [ip]: Target IP address: 155.18.67.7 Repeat count [5]: 99999 Datagram size [100]: 1500 Timeout in seconds [2]: 1 Extended commands [n]: y Source address or interface: Type of service [0]: 32 Set DF bit in IP header? [no]: Validate reply data? [no]: Data pattern [0xABCD]: Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of sizes [n]: Type escape sequence to abort. Sending 99999, 1500-byte ICMP Echos to 155.18.67.7, timeout is 1 seconds: !!!!!!!!!.!!!!!!.!!!!!!.!!!!!!.!!!!!!.!!!!!!.!!!!!!.!!!!!!.!!!!!!.!!!! !!.!!!!!!.!!!!!!.!!!!!!.
10.19 Legacy GTS for Frame Relay
以下のpingを送信し、想定通りの通信速度(128Kbps)になっている事を確認します。
| src | dst | Prec, DSCP | |
|---|---|---|---|
| R6 | SW1 | Prec 0 | ping |
R3: Rack18R3#ping 155.18.0.5 repeat 99999999 R5: Rack18R5#sho int s0/0/0 | i rate Queueing strategy: weighted fair 30 second input rate 13000 bits/sec, 16 packets/sec 30 second output rate 13000 bits/sec, 16 packets/sec Rack18R5#
BECNを疑似的に発生される事は非常に難しいので、輻輳時の挙動はshowコマンドのみの確認とします。
TODO show traffic-shapeの出力を貼り付け
10.20 Legacy Frame Relay Traffic Shaping
INEレンタルラボのframe-relay網は100Mbps程度の速度が限界です。従って、Frame Relayに関しては、実際にトラフィックを流して通信速度を計測する手法では限界があります。
CCIE試験本番で使用できるかどうかは分かりませんが、PVC単位での通信速度を計測する方法を以下に記します。
R5:
interface Serial0/0/0
frame-relay interface-dlci 502
load-interval 30
frame-relay interface-dlci 503
load-interval 30
Rack18R5#show frame-relay pvc 503 | i rate
30 second input rate 56000 bits/sec, 68 packets/sec
30 second output rate 58000 bits/sec, 68 packets/sec
Queueing strategy: fifo
Rack18R5#
Rack18R5#show traffic-shape
Interface Se0/0/0
Access Target Byte Sustain Excess Interval Increment Adapt
VC List Rate Limit bits/int bits/int (ms) (bytes) Active
513 56000 875 7000 0 125 875 -
504 56000 875 7000 0 125 875 -
503 256000 320 2560 0 10 320 -
502 128000 160 1280 0 10 160 -
501 56000 875 7000 0 125 875 -
Rack18R5#
10.30 Legacy FRTS PVC Interface Priority Queue
R2からR5へのping stormを発生させます。それと同時に、R1, R3からR5へのpingを送信します。R2より優先度の高いR3はping応答がありますが、R2よりも優先度が低いR1はping応答がない事を確認します。
| src | dst | Prec, DSCP | |
|---|---|---|---|
| R1 | R5 | Prec 0 | ping timeout 1 |
| R2 | R5 | Prec 0 | ping timeout 0 |
| R3 | R5 | Prec 0 | ping timeout 1 |
R2: Rack18R2#ping 155.18.0.5 repeat 999999999 timeout 0 Type escape sequence to abort. Sending 999999999, 100-byte ICMP Echos to 155.18.0.5, timeout is 0 seconds: ...................................................................... ...................................................................... ...................................................................... R3: Rack18R3#ping 155.18.0.5 repeat 999999999 timeout 1 Type escape sequence to abort. Sending 999999999, 100-byte ICMP Echos to 155.18.0.5, timeout is 1 seconds: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! R1: Rack18R1#ping 155.18.0.5 repeat 999999999 timeout 1 Type escape sequence to abort. Sending 999999999, 100-byte ICMP Echos to 155.18.0.5, timeout is 1 seconds: ...........................
10.31 Frame-Relay Priority to DLCI Mapping
R4からR5へ以下2種類のpingを送信します。packet sizeが60 byte (HLDC headerを含めると64 byte)のpingは、DLCI 200にマッピングされますが、通常の100byteのpingは、DLCI 100にマッピングされる事を確認します。
| src | dst | Prec, DSCP | |
|---|---|---|---|
| R4 | R5 | Prec 0 | ping size 60 |
| R4 | R5 | Prec 0 | ping |
R4からR5へ60byteのpingを送信します。R4から発信されたパケットがDLCI 100にマッピングされた事を確認します。(受信パケットがDLCI 100にマッピングされないのは、R5から返されるパケットが65byte未満になっていないためと推測されます。)
R2: Rack18R4#ping 155.18.45.5 size 60 repeat 50 Type escape sequence to abort. Sending 50, 60-byte ICMP Echos to 155.18.45.5, timeout is 2 seconds: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Success rate is 100 percent (50/50), round-trip min/avg/max = 8/9/12 ms Rack18R4# Rack18R4# Rack18R4# Rack18R4#show frame-relay pvc 100 | i input pkts input pkts 0 output pkts 70 in bytes 0 Rack18R4# Rack18R4# Rack18R4#show frame-relay pvc 200 | i input pkts input pkts 72 output pkts 0 in bytes 13892 Rack18R4#
R4からR5へ通常の100byteのpingを送信します。DLCI 200にマッピングされる事を確認して下さい。
R2: Rack18R4#ping 155.18.45.5 repeat 100 Type escape sequence to abort. Sending 100, 100-byte ICMP Echos to 155.18.45.5, timeout is 2 seconds: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Success rate is 100 percent (100/100), round-trip min/avg/max = 12/15/28 ms Rack18R4# Rack18R4#show frame-relay pvc 100 | i input pkts input pkts 0 output pkts 86 in bytes 0 Rack18R4# Rack18R4#show frame-relay pvc 200 | i input pkts input pkts 188 output pkts 100 in bytes 32068 Rack18R4#
10.32 Frame-Relay Traffic Policing & Congestion Mgmt
行った動作確認は以下の通り。
R3(Frame-Relay Swich)のshowコマンドをとり忘れたので、もう一度やりなおしてみる。もしかしたら、INEに記載されたように、DE dropやFECN, BECNがshowコマンドで確認できない可能性もある。
R3(Frame-Relay Swich)のshowコマンドをとり忘れたので、もう一度やりなおしてみる。もしかしたら、INEに記載されたように、DE dropやFECN, BECNがshowコマンドで確認できない可能性もある。
Rack18R1#ping 155.18.12.2 repeat 9999999 size 1500 timeout 0 Type escape sequence to abort. Sending 9999999, 1500-byte ICMP Echos to 155.18.12.2, timeout is 0 seconds: ...................................................................... ...................................................................... ...................................................................... ...................................................................... ...................................................................... ...................................................................... Rack18R1#show frame-relay pvc 132 PVC Statistics for interface Serial0/1 (Frame Relay DTE) DLCI = 132, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0/1.2 input pkts 9941 output pkts 14961 in bytes 1186367 out bytes 4688551 dropped pkts 0 in pkts dropped 0 out pkts dropped 0 out bytes dropped 0 in FECN pkts 7 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 71 out bcast bytes 27791 30 second input rate 49000 bits/sec, 29 packets/sec 30 second output rate 568000 bits/sec, 87 packets/sec pvc create time 00:58:05, last time pvc status changed 00:39:28 Rack18R1# Rack18R2#sho frame-relay pvc 231 PVC Statistics for interface Serial0/1 (Frame Relay DTE) DLCI = 231, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0/1.2 input pkts 12347 output pkts 12311 in bytes 2072875 out bytes 2056714 dropped pkts 0 in pkts dropped 0 out pkts dropped 0 out bytes dropped 0 in FECN pkts 1 in BECN pkts 3 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 85 out bcast bytes 30610 30 second input rate 55000 bits/sec, 4 packets/sec 30 second output rate 56000 bits/sec, 5 packets/sec pvc create time 00:55:59, last time pvc status changed 00:41:01 Rack18R2#
