Forwarding Class
A forwarding class is a label, used entirely within a network node, which is used to identify all traffic that requires a single behavior when leaving that node.
Forwarding classes do not explicitly appear outside a node, although if the QoS configuration of all nodes in a network is consistent, it can easily be derived from information in packet headers.
Classification
Classification is the act of identifying the class to which a packet belongs. It is usually initially performed on ingress to each node, although a packet may be reclassified at various points on its path through a network node.
Interface Based Classification
If all traffic arriving on a single interface is known to be associated with a single class then the easiest mechanism to classify this traffic is simply to associate all traffic arriving on the interface with the relevant forwarding-class.
class-of-service {
forwarding-classes {
class $class_name$ queue $queue_number$;
}
interfaces {
$interface_name$ {
unit $unit_id$ {
forwarding-class $class_name$;
}
}
}
}
Behavior Aggregate Classification
Behavior aggregate classification (BA) provides a good balance between flexibility and complexity. It is particularly attractive where the traffic being classified is being transported in large aggregates (for example, in the core of a network, where traffic associated with many unique applications passes over a single link, making Multi-Field classification unattractive). BA Classification relies upon markings placed in the headers of incoming packets: either Ethernet frames, IPv4 or IPv6 packets, or MPLS frames. Each of these packet or frame types includes a field in the header specifically designated for the indication of a class to which this packet has been previously assigned.
In Ethernet (using 802.1Q VLAN frames) there are three 802.1p bits. In IPv4 packets, there is the Type of Service Byte from which you can either use the three precedence bits, or six bits to indicate the DiffServe Code Point (DSCP). IPv6 has six bits of the IPv6 DSCP and MPLS has the three experimental bits.
class-of-service {
forwarding-classes {
class $class_name$ queue $queue_number$;
}
classifiers {
$marking_type$ $classifier_name$ {
class $class_name$ {
loss-priority $loss_priority$ code-points [$code_points];
}
}
}
interfaces {
$interface_name$ {
unit $unit_id$ {
classifiers {
$marking_type$ $classifier_name$;
}
}
}
}
}
Multifield (MF) Classification
The most flexible, but also the most complex, classification to configure and maintain is the Multifield (MF). It uses firewall filters (also known as access-lists ) to identify arbitrary attributes of an IP packet (it is less commonly applicable to non-IP traffic types) and places traffic into a particular traffic class based on the contents of the IP packet.
firewall {
family inet {
filter $filter_name$ {
term $term_name$ {
from {
$match_conditions$;
}
then {
forwarding-class $class_name$;
$other_actions$;
}
}
}
}
}
interfaces {
$interface_name$ {
unit $unit_id$ {
family inet {
filter {
input $filter_name$;
}
}
}
}
}
class-of-service {
forwarding-classes {
class $class_name$ queue $queue_number$;
}
}
Policing
Policing is the method of applying a hard limit to the rate at which traffic can access a resource (for example, upon entry to a node or to a queue on egress). Since a policer constrains access to the node or queue, once a decision is made that a packet is non-conforming and that it should not gain access to the protected resource, that packet will be dropped (or reclassified). This hard-drop behavior can have a negative impact, particularly on TCP traffic, and particularly when the policer is run consistently at its limit.
- A simple policer operates based on a single rate-limit and a single burst-size. This is also known as a single-rate, two-color policer.
- „„A single-rate, three-color policer uses a single rate-limit but has two burst sizes. This provides a mechanism to create threeloss-priorities (as described for Assured Forwarding in RFC2597).
- „„Two-rate, three-color policers use two rates, a committed rate and a peak rate, to achieve the same results as a single-rate, three-color policer.
firewall {
policer $policer_name$ {
if-exceeding {
bandwidth-limit $PIR$;
burst-size-limit $burst_size$;
}
then $action$;
}
family $family_name$ {
filter $filter_name$ {
term $term_name$ {
from {
$match_conditions$;
}
then {
policer $policer_name$;
}
}
}
}
}
interfaces {
$interface_name$ {
unit $unit_id$ {
family $family_name$ {
filter {
input $filter_name$;
}
}
}
}
$interface_name$ {
unit $unit_id$ {
family $family_name$ {
policer $policer_name$;
}
}
}
}
Random Early Discard
Random Early Discard (RED), also known as Random Early Detection , is a congestion avoidance mechanism. It helps to mitigate the impact of congestion (specifically with TCP-based traffic).
Shaping
Shaping is the application of a limit to the rate at which traffic can be transmitted. Unlike policing, it acts on traffic that has already been granted access to a queue but which is awaiting access to transmission resources. Traffic that does not conform to the shaper’s criteria is generally held in the queue until it does conform, and no explicit constraint is placed upon more traffic entering the queue (as long as the queue isn’t entirely full). Therefore, shaping can be less aggressive than policing and can have fewer of the negative side effects. A shaper is normally defined in terms of a Committed Information Rate (CIR) and/or a Peak Information Rate (PIR).
Шейпинг (англ. shaping traffic — придание трафику формы) — ограничение пропускной способности канала для отдельного узла сети ниже технических возможностей канала до узла. Шейпинг обычно используется как средство ограничения максимального потребления трафика со стороны узла сети.
Алгоритм шейпинга для сетей, работающих с пакетами (фреймами или другими PDU) данных, обычно заключается в создании очереди пакетов от клиента. В единицу времени пропускаются пакеты общим объёмом не более N байт (где N — выставленное ограничение). В случае, если объём передаваемых данных превышает выделенную клиенту пропускную способность и очередь заполнена, лишние пакеты не принимаются. За счёт ненулевого размера очереди в начале соединения возможно временное превышение ограничения по скорости.
В случае поддержки QoS, пакеты из очереди выбираются не последовательно, а в соответствии с пометками о срочности доставки.
Scheduling
Комментариев нет:
Отправить комментарий