Lab - Cos in Juniper

Junos QoS Simple Configuration
Posted on August 10, 2012

Topology

Where Junos3 is a Juniper, and R1 and R2 are Cisco.
Configuration
CLASSI FI CATI ON
lab@Junos3# show firewall family inet
filter classify-traffic {
term sip {
from {
protocol [ tcp udp ];
port 5060;
}
then {
forwarding-class voip;
accept;
}
}
term rtp {
from {
protocol udp;
port 16384-32767;
}
then {
forwarding-class voip;
accept;
}
}
term telnet {
from {
protocol tcp;
port 23;
}
then {
forwarding-class admin;
accept;
}
}
term ping {
from {
protocol icmp;
}
then {
forwarding-class admin;
accept;
}
}
term accept-all {
then accept;
}
}
QUEUES AND SCHEDULER MAPS
lab@Junos3# show class-of-service
forwarding-classes {
queue 1 admin;
queue 2 voip;
}

schedulers {
best-effort-sched {
transmit-rate percent 40;
buffer-size percent 40;
priority low;
}
admin-sched {
priority medium-low;
}
voip-sched {
priority high;
}
network-control-sched {
priority medium-high;
}
}

scheduler-maps {
my-sched-map {
forwarding-class best-effort scheduler best-effort-sched;
forwarding-class admin scheduler admin-sched;
forwarding-class voip scheduler voip-sched;
forwarding-class network-control scheduler network-control-sched;
}
}

interfaces {
ge-0/0/1 {
scheduler-map my-sched-map;
}
ge-1/0/1 {
scheduler-map my-sched-map;
}
}
lab@Junos3# show firewall family inet | display set
set firewall family inet filter classify-traffic term sip from protocol tcp
set firewall family inet filter classify-traffic term sip from protocol udp
set firewall family inet filter classify-traffic term sip from port 5060
set firewall family inet filter classify-traffic term sip then forwarding-
class voip
set firewall family inet filter classify-traffic term sip then accept
set firewall family inet filter classify-traffic term rtp from protocol udp
set firewall family inet filter classify-traffic term rtp from port 16384-
32767
set firewall family inet filter classify-traffic term rtp then forwarding-
class voip
set firewall family inet filter classify-traffic term rtp then accept
set firewall family inet filter classify-traffic term telnet from protocol
tcp
set firewall family inet filter classify-traffic term telnet from port 23
set firewall family inet filter classify-traffic term telnet then forwarding-
class admin
set firewall family inet filter classify-traffic term telnet then accept
set firewall family inet filter classify-traffic term ping from protocol icmp
set firewall family inet filter classify-traffic term ping then forwarding-
class admin
set firewall family inet filter classify-traffic term ping then accept
set firewall family inet filter classify-traffic term accept-all then accept

lab@Junos3# show class-of-service | display set
set class-of-service forwarding-classes queue 1 admin
set class-of-service forwarding-classes queue 2 voip
set class-of-service interfaces ge-0/0/1 scheduler-map my-sched-map
set class-of-service interfaces ge-1/0/1 scheduler-map my-sched-map
set class-of-service scheduler-maps my-sched-map forwarding-class best-effort
scheduler best-effort-sched
set class-of-service scheduler-maps my-sched-map forwarding-class admin
scheduler admin-sched
set class-of-service scheduler-maps my-sched-map forwarding-class voip
scheduler voip-sched
set class-of-service scheduler-maps my-sched-map forwarding-class network-
control scheduler network-control-sched
set class-of-service schedulers best-effort-sched transmit-rate percent 40
set class-of-service schedulers best-effort-sched buffer-size percent 40
set class-of-service schedulers best-effort-sched priority low
set class-of-service schedulers admin-sched transmit-rate percent 45
set class-of-service schedulers admin-sched buffer-size percent 45
set class-of-service schedulers admin-sched priority medium-low
set class-of-service schedulers voip-sched transmit-rate percent 10
set class-of-service schedulers voip-sched buffer-size percent 10
set class-of-service schedulers voip-sched priority high
set class-of-service schedulers network-control-sched transmit-rate percent 5
set class-of-service schedulers network-control-sched buffer-size percent 5
set class-of-service schedulers network-control-sched priority medium-high
VERIFICATION
Clear interface queue statistic with the following command
lab@Junos3> clear interfaces statistics all

lab@Junos3> show interfaces queue ge-0/0/1
Physical interface: ge-0/0/1, Enabled, Physical link is Up
Interface index: 134, SNMP ifIndex: 508
Description: DEVNET-R6-6509 GE1/21
Forwarding classes: 8 supported, 4 in use
Egress queues: 8 supported, 4 in use
Queue: 0, Forwarding classes: best-effort
Queued:
Packets : 0 0 pps
Bytes : 0 0 bps
Transmitted:
Packets : 0 0 pps
Bytes : 0 0 bps
Tail-dropped packets : 0 0 pps
RED-dropped packets : 0 0 pps
Low : 0 0 pps
Medium-low : 0 0 pps
Medium-high : 0 0 pps
High : 0 0 pps
RED-dropped bytes : 0 0 bps
Low : 0 0 bps
Medium-low : 0 0 bps
Medium-high : 0 0 bps
High : 0 0 bps
...
Generating VOIP traffic from R2 to R1 with SIP signalling by telnetting to R1 port
TCP=5060, and confirm that the the traffic get queued on the Junos3 outbound interface to
R1.
R2#telnet 13.0.0.1 5060
Trying 13.0.0.1, 5060 ...
% Connection refused by remote host

lab@Junos3> show interfaces queue ge-0/0/1 | find voip
Queue: 2, Forwarding classes: voip
Queued:
Packets : 3 0 pps
Bytes : 180 0 bps
Transmitted:
Packets : 3 0 pps
Bytes : 180 0 bps
Low : 0 0 pps
High : 0 0 pps
Low : 0 0 bps
High : 0 0 bps
Generating admin traffic by telnetting from R2 to R1 via normal telnet TCP port=23, and
confirm the same:
R2#telnet 13.0.0.1
Trying 13.0.0.1 ... Open

==================================================
Cisco Router R1
==================================================

lab@Junos3> show interfaces queue ge-0/0/1 | find admin
Queue: 1, Forwarding classes: admin
Queued:
Packets : 51 0 pps
Bytes : 3066 0 bps
Transmitted:
Packets : 51 0 pps
Bytes : 3066 0 bps
Low : 0 0 pps
High : 0 0 pps
Low : 0 0 bps
High : 0 0 bps
For the demonstration purpose, ICMP is classified into the admin, so we can generate a lot
of admin traffic with extended ping packets from R2 to R1 as well. In practice, surely ICMP
should not be part of admin traffic.
Note:
By default, J series routers come with default Firewall setting. To remove this totally, we
need to delete the state full firewall function, and enable the packet based mode.
delete security
set security forwarding-options family mpls mode packet-based

Lab - Cos in Juniper

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Lab - Cos in Juniper

Încărcat de

Drepturi de autor:

Formate disponibile

Junos QoS Simple Configuration

Posted on August 10, 2012

S-ar putea să vă placă și