Table of Contents

Сервис QOS

Уилиты для экспериментов

gate# apt install wondershaper 

gate# wondershaper eth1 10 10

gate# wondershaper eth1

gate# wondershaper clear eth1

Linux

Cisco

Включение

mls qos

Назначение QOS для трафика c определенным DSCP

TOS: 0x000068b8

show mls qos maps dscp-output-q

interface GigabitEthernet1/0/1
 mls qos trust dscp

Назначение DSCP для трафика c определенным профилем

no ip access-list extended IP-Communicator
ip access-list extended IP-Communicator
! permit udp any any range 10000 20000
! permit ip any host 195.19.32.11
 permit ip host 195.19.32.11 any

class-map match-all Class-B
 match access-group name IP-Communicator

policy-map sample-policy2
 class Class-B
  set dscp ef

interface GigabitEthernet1/0/2
 service-policy input sample-policy2

Назначение QOS для трафика отдельного порта

show mls qos maps cos-output-q

interface GigabitEthernet1/0/11
 mls qos cos 5
 mls qos trust cos 

Выделение полосы в магистральном соединении для трафика с определенным QOS

sh mls qos queue-set

show mls qos interface g1/0/47 queueing

interface GigabitEthernet1/0/47
! Full priority for q1
 srr-queue bandwidth shape 0 0 0 0
 srr-queue bandwidth share 255 1 1 1

! 1/20 band for q1
 srr-queue bandwidth shape 20 0 0 0
 srr-queue bandwidth share 1 1 1 1

clear mls qos interface g1/0/47 statistics
show mls qos interface g1/0/47 statistics | inc queue

Равномерное ограничение полосы для всех с исключениями

FreeBSD (ipfw)

[gate:~] # cat /etc/ipfw.conf
pipe 1 config bw 100mbit/s
pipe 2 config bw 64kbit/s mask dst-ip 0xffffffff

add 10 pipe 1 ip from any to 192.168.100+X.2
add 20 pipe 2 ip from any to 192.168.100+X.0/24

add 100 allow ip from any to any
[gate:~] # cat /etc/rc.conf
...
dummynet_enable=yes
firewall_enable="YES"
firewall_type="/etc/ipfw.conf"
[gate:~] # /etc/rc.d/ipfw start

[gate:~] # ipfw pipe show

Балансировка нагрузки между провайдерами

FreeBSD (pf)

http://www.openbsd.org/faq/pf/pools.html

[gate:~] # cat /etc/pf.conf
lan_net = "192.168.1X.0/24"
int_if  = "tap0"
ext_if1 = "fxp0"
ext_if2 = "rl0"
ext_gw1 = "10.10.105.100"
ext_gw2 = "172.16.7.2"

nat on $ext_if1 from $lan_net to any -> ($ext_if1)
nat on $ext_if2 from $lan_net to any -> ($ext_if2)

pass in on $int_if route-to \
    { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \
    proto tcp from $lan_net to any flags S/SA modulate state
pass in on $int_if route-to \
    { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \
    proto { udp, icmp } from $lan_net to any keep state

pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 \
   to any
pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 \
   to any