This page is intended to describe use of HCoS inside Circuit Cross-Connect - CCC environment. In order to guarantee dedicated bandwidth along CCC path it is necessary to apply traffic classifiers at the ingress and hierarchical schedulers and shapers at the egress. Using 2 Juniper MX204 routers and 2 DELL PowerEdge R520 servers we will simulate production GTS scenario. These devices are regular part of Prague's laboratory on which it is allowed access with known credentials.
Physical layoutTable of Contentsgliffy minLevel name Physical Layout pagePin 3
Logical layout
| Gliffy Diagram | ||||
|---|---|---|---|---|
|
Specific set up of equipment before testing
MX204#1 uses breakout cable on FPC 0 PIC 0 port 3 for testing purpose.
Due to the lack of servers we need to make some additional settings on the HCoS#2 server itself to isolate 2 ports belonging to different logical servers (HCoS#2-D and HCoS#2-B) in order to achieve that the traffic from the first server passes through both MX204 routers and reaches the second server. We added some lines in the following files:
/etc/network/interfaces file
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto em1
iface em1 inet static
address 10.1.1.22
netmask 255.255.255.0
network 10.1.1.0
broadcast 10.1.1.255
gateway 10.1.1.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 8.8.8.8
up ip netns add isolated
up ip link set dev p4p2 netns isolated
up ip netns exec isolated ip addr add 192.168.2.1/24 dev p4p2
up ip netns exec isolated ip link set p4p2 up
#auto p4p2
#iface p4p2 inet static
# address 192.168.2.1
# netmask 255.255.255.0
auto p4p1.10
iface p4p1.10 inet static
address 192.168.0.2
netmask 255.255.255.0
vlan-raw-device p4p1
auto p4p1.20
iface p4p1.20 inet static
address 192.168.1.2
netmask 255.255.255.0
vlan-raw-device p4p1
auto p4p1.30
iface p4p1.30 inet static
address 192.168.2.2
netmask 255.255.255.0
vlan-raw-device p4p1
In this file we added seperated name space called isolated in which we put p4p2 interface. In order to have any action with that interface it is necessary to type ip netns exec isolated before any known command. For example, to see configuration on that interface we need to type the following:
ip netns exec isolated ifconfig
root@HQoS2:/home/taas# ip netns exec isolated ifconfig
p4p2 Link encap:Ethernet HWaddr 00:0e:1e:8d:bc:12
inet addr:192.168.2.1 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::20e:1eff:fe8d:bc12/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:786019 errors:0 dropped:0 overruns:0 frame:0
TX packets:16093472 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:55025149 (55.0 MB) TX bytes:24424858833 (24.4 GB)
Interrupt:63 Memory:d6000000-d67fffff
/etc/modules file
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.
8021q
In this file we added 8021q in order to support tagging.
IP Addresses used on devices
...
2
Current active configuration implemented in backend
| Code Block |
|---|
set class-of-service forwarding-classes class CCS-premium queue-num 7
set class-of-service traffic-control-profiles CCS-premium-100 shaping-rate 90g
set class-of-service traffic-control-profiles CCS-premium-40 shaping-rate 35g
set class-of-service traffic-control-profiles CCS-premium-10 shaping-rate 8g
set class-of-service traffic-control-profiles CCS-IF-100 shaping-rate 100g
set class-of-service traffic-control-profiles CCS-IF-40 shaping-rate 40g
set class-of-service traffic-control-profiles CCS-IF-10 shaping-rate 10g
set class-of-service scheduler-maps CCS-map-premium forwarding-class CCS-premium scheduler CCS-premium
set class-of-service schedulers CCS-premium priority high
# Do the following for all interfaces participating on dynamic circuit service... (Use parameters based on physical interface speed like the example bellow)
set class-of-service interfaces interface-set et-0/0/0 output-traffic-control-profile CCS-premium-100
set class-of-service interfaces interface-set xe-0/1/4 output-traffic-control-profile CCS-premium-10
set class-of-service interfaces et-0/0/0 output-traffic-control-profile CCS-IF-100
set class-of-service interfaces xe-0/1/4 output-traffic-control-profile CCS-IF-10
****************************************************************************************************************************************************************
#Result:
class-of-service {
forwarding-classes {
class CCS-premium queue-num 7;
}
traffic-control-profiles {
CCS-IF-100 {
shaping-rate 100g;
}
CCS-IF-40 {
shaping-rate 40g;
}
CCS-IF-10 {
shaping-rate 10g;
}
CCS-premium-100 {
shaping-rate 90g;
}
CCS-premium-40 {
shaping-rate 35g;
}
CCS-premium-10 {
shaping-rate 8g;
}
}
interqfaces {
interface-set et-0/0/0 {
output-traffic-control-profile CCS-premium-100;
}
interface-set xe-0/1/4 {
output-traffic-control-profile CCS-premium-10;
}
et-0/0/0 {
output-traffic-control-profile CCS-IF-100;
}
xe-0/1/4 {
output-traffic-control-profile CCS-IF-10;
}
}
scheduler-maps {
CCS-map-premium {
forwarding-class CCS-premium scheduler CCS-premium;
}
}
schedulers {
CCS-premium {
priority high;
}
}
} |
Physical layout
Gliffy Diagram name Physical Layout pagePin 3
Logical layout
| Gliffy Diagram | ||||
|---|---|---|---|---|
|
Specific set up of equipment before testing
MX204#1 uses breakout cable on FPC 0 PIC 0 port 3 for testing purpose.
Due to the lack of servers we need to make some additional settings on the HCoS#2 server itself to isolate 2 ports belonging to different logical servers (HCoS#2-D and HCoS#2-B) in order to achieve that the traffic from the first server passes through both MX204 routers and reaches the second server. We need to add some lines in the following files:
| Code Block | ||
|---|---|---|
| ||
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto em1
iface em1 inet static
address 10.1.1.22
netmask 255.255.255.0
network 10.1.1.0
broadcast 10.1.1.255
gateway 10.1.1.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 8.8.8.8
up ip netns add isolated
up ip link set dev p4p2 netns isolated
up ip netns exec isolated ip addr add 192.168.2.1/24 dev p4p2
up ip netns exec isolated ip link set p4p2 up
#auto p4p2
#iface p4p2 inet static
# address 192.168.2.1
# netmask 255.255.255.0
auto p4p1.10
iface p4p1.10 inet static
address 192.168.0.2
netmask 255.255.255.0
vlan-raw-device p4p1
auto p4p1.20
iface p4p1.20 inet static
address 192.168.1.2
netmask 255.255.255.0
vlan-raw-device p4p1
auto p4p1.30
iface p4p1.30 inet static
address 192.168.2.2
netmask 255.255.255.0
vlan-raw-device p4p1 |
In this file we need to add seperated name space called isolated in which we put p4p2 interface. In order to have any action with that interface it is necessary to type ip netns exec isolated before any known command in command line.
| Code Block | ||
|---|---|---|
| ||
# /etc/modules: kernel modules to load at boot time.
#
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.
8021q |
In this file we need to add 8021q in order to support tagging.
IP Addresses used on devices
| Device | IP Address | Interface | Purpose |
|---|---|---|---|
| HCoS#1 | 10.1.1.10 | iDrac | web access for management |
| 10.1.1.21 | em1 | ssh access for configuration | |
| 192.168.0.1 | p3p2 | HCoS#1-A iPerf client | |
| 192.168.1.1 | p3p1 | HCoS#1-C iPerf client | |
| HCoS#2 | 10.1.1.11 | iDrac | web access for management |
| 10.1.1.22 | em1 | ssh access for configuration | |
| 192.168.2.1 | p4p2 | HCoS#2-D iPerf client | |
| 192.168.0.2 | p4p1.10 | HCoS#2-B iPerf server for point-to-point with HCoS#1-A iPerf client | |
| 192.168.1.2 | p4p1.20 | HCoS#2-B iPerf server for point-to-point with HCoS#1-C iPerf client | |
| 192.168.2.2 | p4p1.30 | HCoS#2-B iPerf server for point-to-point with HCoS#2-D iPerf client | |
| MX204#1 | 10.1.0.67 | fxp0 | ssh access for configuration |
| MX204#2 | 10.1.0.131 | fxp0 | ssh access for configuration |
Configuration on MX204 routers
| Code Block | ||
|---|---|---|
| ||
system {
host-name Lab-MX204-1;
root-authentication {
encrypted-password "$6$VacgKGnC$4BEpkBv2K/BzzzGT8x7zdssG5WWdnAKwZI730c0NMfMNGWJB75rdQzOKgLheQdCKWk.oh4Mq2iwd.7Ha8.TZX/"; ## SECRET-DATA
}
login {
user admin {
uid 2000;
class super-user;
authentication {
encrypted-password "$6$ANEaOs6/$fEe9dWgcggZKPWrAbsBgfb.bVXmR90f5K8/yCRP0U02jGXyFViuv1JhqdNcfKouKjnIxItqTYOffnZsQ/0OIb1"; ## SECRET-DATA
}
}
}
services {
ssh {
root-login allow;
max-sessions-per-connection 32;
}
telnet;
netconf {
ssh;
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
chassis {
fpc 0 {
pic 0 {
port 0 {
speed 100g;
}
port 1 {
speed 100g;
}
port 2 {
speed 40g;
}
port 3 {
speed 10g;
}
}
pic 1 {
port 0 {
speed 10g;
}
port 1 {
speed 10g;
}
port 2 {
speed 10g;
}
port 3 {
speed 10g;
}
port 4 {
speed 10g;
}
port 5 {
speed 10g;
}
port 6 {
speed 10g;
}
port 7 {
speed 10g;
}
}
}
}
interfaces {
et-0/0/0 {
description to_MX204-2_et-0/0/0;
flexible-vlan-tagging;
mtu 9000;
encapsulation flexible-ethernet-services;
unit 10 {
encapsulation vlan-ccc;
vlan-id 10;
input-vlan-map pop;
output-vlan-map push;
family ccc;
}
unit 20 {
encapsulation vlan-ccc;
vlan-id 20;
input-vlan-map pop;
output-vlan-map push;
family ccc;
}
unit 30 {
encapsulation vlan-ccc;
vlan-id 30;
input-vlan-map pop;
output-vlan-map push;
family ccc;
}
}
xe-0/0/3:0 {
description to_HQoS1_p3p2;
mtu 9000;
encapsulation ethernet-ccc;
unit 0 {
filter {
input ccs-mf-classifier;
}
family ccc;
}
}
xe-0/0/3:1 {
description to_HQoS2_p4p2;
mtu 9000;
encapsulation ethernet-ccc;
unit 0 {
filter {
input ccs-mf-classifier;
}
family ccc;
}
}
xe-0/1/0 {
description to_alpha-compute0_p2p2;
mtu 9000;
unit 0;
}
xe-0/1/1 {
description to_alpha-compute1_em4_via_lab4-MX80_ge-1/3/8_xe-0/0/2;
mtu 9000;
unit 0;
}
xe-0/1/2 {
description to_alpha-bms2_p4p1;
mtu 9000;
unit 0;
}
xe-0/1/3 {
description to_alpha-bms3_p4p1;
mtu 9000;
unit 0;
}
xe-0/1/4 {
description to_HQoS1_p3p1;
mtu 9000;
encapsulation ethernet-ccc;
unit 0 {
filter {
input ccs-best-effort;
}
family ccc;
}
}
xe-0/1/5 {
description to_Corsa1_3;
mtu 9000;
unit 0;
}
fxp0 {
unit 0 {
family inet {
address 10.1.0.67/26;
}
}
}
lo0 {
unit 0 {
family inet {
address 10.0.16.31/32;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 {
next-hop 10.1.0.65;
retain;
no-readvertise;
}
}
autonomous-system 65250;
}
protocols {
mpls {
interface all;
}
connections {
interface-switch ccc_AB {
interface xe-0/0/3:0.0;
interface et-0/0/0.10;
}
interface-switch ccc_CB {
interface xe-0/1/4.0;
interface et-0/0/0.20;
}
interface-switch ccc_DB {
interface xe-0/0/3:1.0;
interface et-0/0/0.30;
}
}
lldp {
interface all;
}
}
class-of-service {
forwarding-classes {
class ccs-best-effort queue-num 0;
class ccs-premium queue-num 7;
}
}
firewall {
family any {
filter ccs-mf-classifier {
term premium-data {
then {
policer ccs-policer;
forwarding-class ccs-premium;
}
}
}
filter ccs-best-effort {
term best-effort-data {
then forwarding-class ccs-best-effort;
}
}
}
policer ccs-policer {
if-exceeding {
bandwidth-limit 1g;
burst-size-limit 625k;
}
then discard;
}
} |
| Code Block | ||
|---|---|---|
| ||
system {
host-name Lab-MX204-2;
root-authentication {
encrypted-password "$6$b.GZQ1C/$.itickW3seG8eNyAHkQckPjoF1IKdY8A.K0SIrdqTILGSN67/N1WjIsOuVz5vxsYngeXYfyWg23oPwFGCrt1i0"; ## SECRET-DATA
}
login {
user admin {
uid 2000;
class super-user;
authentication {
encrypted-password "$6$uaI7ZXnH$1RLFxMhroFXIWth5t4EOspUOZ1GH1nQEEk/PExPz6tfqjB35I1u572sS0.E9wchCWGjJfWo0m7/OQYIq3FXpA0"; ## SECRET-DATA
}
}
}
services {
ssh {
root-login allow;
max-sessions-per-connection 32;
}
telnet;
netconf {
ssh;
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
chassis {
fpc 0 {
pic 0 {
port 0 {
speed 100g;
}
port 1 {
speed 100g;
}
port 2 {
speed 40g;
}
port 3 {
speed 10g;
}
}
pic 1 {
port 0 {
speed 10g;
}
port 1 {
speed 10g;
}
port 2 {
speed 10g;
}
port 3 {
speed 10g;
}
port 4 {
speed 10g;
}
port 5 {
speed 10g;
}
port 6 {
speed 10g;
}
port 7 {
speed 10g;
}
}
}
}
interfaces {
interface-set set-premium {
interface xe-0/1/4 {
unit 10;
unit 30;
}
}
interface-set set-best-effort {
interface xe-0/1/4 {
unit 20;
}
}
et-0/0/0 {
description to_MX204-1_et-0/0/0;
flexible-vlan-tagging;
mtu 9000;
encapsulation flexible-ethernet-services;
unit 10 {
encapsulation vlan-ccc;
vlan-id 10;
filter {
input ccs-mf-classifier;
}
family ccc;
}
unit 20 {
encapsulation vlan-ccc;
vlan-id 20;
filter {
input ccs-best-effort;
}
family ccc;
}
unit 30 {
encapsulation vlan-ccc;
vlan-id 30;
filter {
input ccs-mf-classifier;
}
family ccc;
}
}
xe-0/1/0 {
description to_beta-compute0_p1p1;
mtu 9000;
unit 0;
}
xe-0/1/1 {
description to_beta-compute1_em4_via_lab4-MX80_ge-1/3/9_xe-0/0/3;
mtu 9000;
unit 0;
}
xe-0/1/2 {
description to_beta-bms2_p2p1;
mtu 9000;
unit 0;
}
xe-0/1/3 {
description to_beta-bms3_p3p1;
mtu 9000;
unit 0;
}
xe-0/1/4 {
description to_HQoS2_p4p1;
hierarchical-scheduler;
flexible-vlan-tagging;
mtu 9000;
encapsulation flexible-ethernet-services;
unit 10 {
encapsulation vlan-ccc;
vlan-id 10;
family ccc;
}
unit 20 {
encapsulation vlan-ccc;
vlan-id 20;
family ccc;
}
unit 30 {
encapsulation vlan-ccc;
vlan-id 30;
family ccc;
}
}
xe-0/1/5 {
description to_Corsa2_3;
mtu 9000;
unit 0;
}
fxp0 {
unit 0 {
family inet {
address 10.1.0.131/26;
}
}
}
lo0 {
unit 0 {
family inet {
address 10.0.16.32/32;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 {
next-hop 10.1.0.129;
retain;
no-readvertise;
}
}
autonomous-system 65250;
}
protocols {
mpls {
interface all;
}
connections {
interface-switch ccc_AB {
interface xe-0/1/4.10;
interface et-0/0/0.10;
}
interface-switch ccc_CB {
interface xe-0/1/4.20;
interface et-0/0/0.20;
}
interface-switch ccc_DB {
interface xe-0/1/4.30;
interface et-0/0/0.30;
}
}
lldp {
interface all;
}
}
class-of-service {
forwarding-classes {
class ccs-best-effort queue-num 0;
class ccs-premium queue-num 7;
}
traffic-control-profiles {
tcp-IF {
shaping-rate 10g;
}
tcp-premium {
shaping-rate 8g;
}
tcp-best-effort {
shaping-rate 5g;
}
tcp-premium-10 {
scheduler-map sched-map-premium;
shaping-rate 5g;
}
tcp-premium-30 {
scheduler-map sched-map-premium;
shaping-rate 3g;
}
tcp-best-effort-20 {
scheduler-map sched-map-best-effort;
shaping-rate 5g;
}
}
interfaces {
interface-set set-premium {
output-traffic-control-profile tcp-premium;
}
interface-set set-best-effort {
output-traffic-control-profile tcp-best-effort;
}
xe-0/1/4 {
output-traffic-control-profile tcp-IF;
unit 10 {
output-traffic-control-profile tcp-premium-10;
}
unit 20 {
output-traffic-control-profile tcp-best-effort-20;
}
unit 30 {
output-traffic-control-profile tcp-premium-30;
}
}
}
scheduler-maps {
sched-map-premium {
forwarding-class ccs-premium scheduler ccs-premium;
}
sched-map-best-effort {
forwarding-class ccs-best-effort scheduler ccs-best-effort;
}
}
schedulers {
ccs-premium {
priority high;
}
ccs-best-effort {
priority low;
}
}
}
firewall {
family any {
filter ccs-mf-classifier {
term premium-data {
then forwarding-class ccs-premium;
}
}
filter ccs-best-effort {
term best-effort-data {
then forwarding-class ccs-best-effort;
}
}
}
} |
Configuration on MX204 routers without unnecessary lines in configuration above regarding best-effort traffic
| Code Block | ||
|---|---|---|
| ||
system {
host-name Lab-MX204-1;
root-authentication {
encrypted-password "$6$VacgKGnC$4BEpkBv2K/BzzzGT8x7zdssG5WWdnAKwZI730c0NMfMNGWJB75rdQzOKgLheQdCKWk.oh4Mq2iwd.7Ha8.TZX/"; ## SECRET-DATA
}
login {
user admin {
uid 2000;
class super-user;
authentication {
encrypted-password "$6$ANEaOs6/$fEe9dWgcggZKPWrAbsBgfb.bVXmR90f5K8/yCRP0U02jGXyFViuv1JhqdNcfKouKjnIxItqTYOffnZsQ/0OIb1"; ## SECRET-DATA
}
}
user opennsa {
uid 2001;
class super-user;
authentication {
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYwl5+ABxnx6ncILuomWA6fed4gGlaLqRaPEyIoGWeTs6ThWvKmnlFczO/Vyof14PbG31NRq8JyOY2K8tS7XMWSTzd6P+WltHhz4BwIARUMb1mMbUeWQN3y10ExYHx0E8ZT9sc6a00gJJXit0b6Mqh001jnAUI7emdfoaKsABLrRCt6gqOEaTaKwcF4BInbnr5f5TDJIH26d68TAb1t7eCxmO4LxFQAjWw+C8AVaBj6+ZEyV7+nQIE1FpHAmexCqKDEXdJ9yWJTYwZXKZABTKlNYmGhjAJX+SbVhFcF7KF3YZoDyhP/NenG+wKYhgHmx4k4zdDk55c8B4XQm88Ifzf opennsa@OpenNSA"; ## SECRET-DATA
}
}
}
services {
ssh {
root-login allow;
max-sessions-per-connection 32;
}
telnet;
netconf {
ssh;
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
chassis {
fpc 0 {
pic 0 {
port 0 {
speed 100g;
}
port 1 {
speed 100g;
}
port 2 {
speed 40g;
}
port 3 {
speed 10g;
}
}
pic 1 {
port 0 {
speed 10g;
}
port 1 {
speed 10g;
}
port 2 {
speed 10g;
}
port 3 {
speed 10g;
}
port 4 {
speed 10g;
}
port 5 {
speed 10g;
}
port 6 {
speed 10g;
}
port 7 {
speed 10g;
}
}
}
}
interfaces {
et-0/0/0 {
description to_MX204-2_et-0/0/0;
flexible-vlan-tagging;
mtu 9000;
encapsulation flexible-ethernet-services;
unit 10 {
encapsulation vlan-ccc;
vlan-id 10;
input-vlan-map pop;
output-vlan-map push;
family ccc;
}
unit 20 {
encapsulation vlan-ccc;
vlan-id 20;
input-vlan-map pop;
output-vlan-map push;
family ccc;
}
unit 30 {
encapsulation vlan-ccc;
vlan-id 30;
input-vlan-map pop;
output-vlan-map push;
family ccc;
}
}
xe-0/0/3:0 {
description to_HQoS1_p3p2;
mtu 9000;
encapsulation ethernet-ccc;
unit 0 {
filter {
input ccs-mf-classifier-AB;
}
family ccc;
}
}
xe-0/0/3:1 {
description to_HQoS2_p4p2;
mtu 9000;
encapsulation ethernet-ccc;
unit 0 {
filter {
input ccs-mf-classifier-DB;
}
family ccc;
}
}
xe-0/1/0 {
description to_alpha-compute0_p2p2;
mtu 9000;
unit 0;
}
xe-0/1/1 {
description to_alpha-compute1_em4_via_lab4-MX80_ge-1/3/8_xe-0/0/2;
mtu 9000;
unit 0;
}
xe-0/1/2 {
description to_alpha-bms2_p4p1;
mtu 9000;
unit 0;
}
xe-0/1/3 {
description to_alpha-bms3_p4p1;
mtu 9000;
unit 0;
}
xe-0/1/4 {
description to_HQoS1_p3p1;
mtu 9000;
encapsulation ethernet-ccc;
unit 0 {
family ccc;
}
}
xe-0/1/5 {
description to_Corsa1_3;
mtu 9000;
unit 0;
}
fxp0 {
unit 0 {
family inet {
address 10.1.0.67/26;
}
}
}
lo0 {
unit 0 {
family inet {
address 10.0.16.31/32;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 {
next-hop 10.1.0.65;
retain;
no-readvertise;
}
}
autonomous-system 65250;
}
protocols {
mpls {
interface all;
}
connections {
interface-switch ccc_AB {
interface xe-0/0/3:0.0;
interface et-0/0/0.10;
}
interface-switch ccc_CB {
interface xe-0/1/4.0;
interface et-0/0/0.20;
}
interface-switch ccc_DB {
interface xe-0/0/3:1.0;
interface et-0/0/0.30;
}
}
lldp {
interface all;
}
}
class-of-service {
forwarding-classes {
class ccs-premium queue-num 7;
}
}
firewall {
family any {
filter ccs-mf-classifier-AB {
term premium-data {
then {
policer policer-AB;
forwarding-class ccs-premium;
}
}
}
filter ccs-mf-classifier-DB {
term premium-data {
then {
policer policer-DB;
forwarding-class ccs-premium;
}
}
}
}
policer policer-AB {
if-exceeding {
bandwidth-limit 5g;
burst-size-limit 3125000;
}
then discard;
}
policer policer-DB {
if-exceeding {
bandwidth-limit 3g;
burst-size-limit 1875000;
}
then discard;
}
} |
| Code Block | ||
|---|---|---|
| ||
system {
host-name Lab-MX204-2;
root-authentication {
encrypted-password "$6$b.GZQ1C/$.itickW3seG8eNyAHkQckPjoF1IKdY8A.K0SIrdqTILGSN67/N1WjIsOuVz5vxsYngeXYfyWg23oPwFGCrt1i0"; ## SECRET-DATA
}
login {
user admin {
uid 2000;
class super-user;
authentication {
encrypted-password "$6$uaI7ZXnH$1RLFxMhroFXIWth5t4EOspUOZ1GH1nQEEk/PExPz6tfqjB35I1u572sS0.E9wchCWGjJfWo0m7/OQYIq3FXpA0"; ## SECRET-DATA
}
}
user opennsa {
uid 2001;
class super-user;
authentication {
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYwl5+ABxnx6ncILuomWA6fed4gGlaLqRaPEyIoGWeTs6ThWvKmnlFczO/Vyof14PbG31NRq8JyOY2K8tS7XMWSTzd6P+WltHhz4BwIARUMb1mMbUeWQN3y10ExYHx0E8ZT9sc6a00gJJXit0b6Mqh001jnAUI7emdfoaKsABLrRCt6gqOEaTaKwcF4BInbnr5f5TDJIH26d68TAb1t7eCxmO4LxFQAjWw+C8AVaBj6+ZEyV7+nQIE1FpHAmexCqKDEXdJ9yWJTYwZXKZABTKlNYmGhjAJX+SbVhFcF7KF3YZoDyhP/NenG+wKYhgHmx4k4zdDk55c8B4XQm88Ifzf opennsa@OpenNSA"; ## SECRET-DATA
}
}
}
services {
ssh {
root-login allow;
max-sessions-per-connection 32;
}
telnet;
netconf {
ssh;
}
}
syslog {
user * { |
Configuration on MX204 routers
| Code Block | ||
|---|---|---|
| ||
system { host-name Lab-MX204-1; root-authentication { encrypted-password "$6$VacgKGnC$4BEpkBv2K/BzzzGT8x7zdssG5WWdnAKwZI730c0NMfMNGWJB75rdQzOKgLheQdCKWk.oh4Mq2iwd.7Ha8.TZX/"; ## SECRET-DATA } login { user admin { uid 2000; class super-user; authenticationany {emergency; } encrypted-password "$6$ANEaOs6/$fEe9dWgcggZKPWrAbsBgfb.bVXmR90f5K8/yCRP0U02jGXyFViuv1JhqdNcfKouKjnIxItqTYOffnZsQ/0OIb1"; ## SECRET-DATA file messages { any }notice; } authorization }info; services {} file sshinteractive-commands { rootinteractive-logincommands allowany; } max-sessions-per-connection 32;} } chassis { fpc 0 { } pic 0 telnet;{ netconf port 0 { ssh speed 100g; } } syslog { port user *1 { any speed emergency100g; } file messages port 2 { any notice speed 40g; authorization info;} } port 3 { file interactive-commands { interactive-commandsspeed any10g; } } } chassis { fpc 0 {} pic 01 { port 0 { speed 100g10g; } port 1 { speed 100g10g; } port 2 { speed 40g10g; } port 3 { speed 10g; } } pic 1 { port 04 { speed 10g; } port 15 { speed 10g; } port 26 { speed 10g; } port 37 { speed 10g; } } port 4 } } interfaces { interface-set speed 10g;set-premium { interface }xe-0/1/4 { port 5 { unit 10; speedunit 10g30; } } et-0/0/0 { port 6 {description to_MX204-1_et-0/0/0; flexible-vlan-tagging; speedmtu 10g9000; encapsulation flexible-ethernet-services; } unit 10 { port 7 { encapsulation vlan-ccc; speedvlan-id 10g10; filter }{ } } } interfaces { input et-0/0/0 {ccs-mf-classifier; description to_MX204-2_et-0/0/0; } flexible-vlan-tagging; mtufamily 9000ccc; encapsulation flexible-ethernet-services;} unit 1020 { encapsulation vlan-ccc; vlan-id 1020; input-vlan-map popfamily ccc; } output-vlan-map push; unit 30 { familyencapsulation vlan-ccc; } vlan-id 30; unit 20filter { encapsulationinput vlanccs-mf-cccclassifier; vlan-id 20;} input-vlan-map popfamily ccc; } output-vlan-map push; } xe-0/1/0 { family cccdescription to_beta-compute0_p1p1; mtu }9000; unit 30 { 0; } xe-0/1/1 { encapsulation vlan-cccdescription to_beta-compute1_em4_via_lab4-MX80_ge-1/3/9_xe-0/0/3; vlan-id 30mtu 9000; unit 0; input-vlan-map pop; } xe-0/1/2 { description output-vlan-map pushto_beta-bms2_p2p1; family cccmtu 9000; }unit 0; } xe-0/01/3:0 { description to_HQoS1beta-bms3_p3p2p3p1; mtu 9000; encapsulationunit ethernet-ccc0; } unit 0xe-0/1/4 { description to_HQoS2_p4p1; hierarchical-scheduler; filter { flexible-vlan-tagging; mtu 9000; encapsulation input ccsflexible-mfethernet-classifierservices; unit 10 }{ familyencapsulation vlan-ccc; } vlan-id }10; xe-0/0/3:1 { description to_HQoS2_p4p2family ccc; mtu} 9000; unit encapsulation ethernet-ccc;20 { unit 0 {encapsulation vlan-ccc; filter { vlan-id 20; family ccc; input ccs-mf-classifier; } unit 30 }{ familyencapsulation vlan-ccc; } } xe-0/1/0 { vlan-id 30; description to_alpha-compute0_p2p2; mtu 9000family ccc; unit 0;} } xe-0/1/15 { description to_alpha-compute1_em4_via_lab4-MX80_ge-1/3/8_xe-0/0/2Corsa2_3; mtu 9000; unit 0; } xe-0/1/2 { description to_alpha-bms2_p4p1; fxp0 { unit mtu0 9000;{ unit 0; family inet }{ xe-0/1/3 { description to_alpha-bms3_p4p1address 10.1.0.131/26; mtu 9000; } unit 0;} } xe-0/1/4lo0 { description to_HQoS1_p3p1; unit 0 { mtu 9000; family inet { encapsulation ethernet-ccc; unitaddress 0 {10.0.16.32/32; filter {} } } } routing-options { input ccs-best-effort;static { route }0.0.0.0/0 { family cccnext-hop 10.1.0.129; } }retain; xe-0/1/5 { description to_Corsa1_3no-readvertise; mtu 9000;} } unitautonomous-system 065250; } protocols }{ fxp0mpls { unit 0 {interface all; } connections { family inet { interface-switch ccc_AB { address 10.1.0.67/26; interface xe-0/1/4.10; }interface et-0/0/0.10; } } lo0 { unit 0 interface-switch ccc_CB { family inet {interface xe-0/1/4.20; address 10.0.16.31/32; interface et-0/0/0.20; } } } } routing-options interface-switch ccc_DB { static { interface route 0.0.0.0/0 { xe-0/1/4.30; interface next-hop 10.1.et-0/0/0.6530; } retain;} lldp { no-readvertise interface all; } } class-of-service { }forwarding-classes { } class ccs-premium autonomousqueue-systemnum 652507; } protocols {} mplstraffic-control-profiles { interface all;tcp-IF { } connections { shaping-rate 10g; interface-switch ccc_AB { } interface xe-0/0/3:0.0;tcp-premium { interface et-0/0/0.10shaping-rate 8g; } interfacetcp-premium-switch10 ccc_CB { interface xe-0/1/4.0scheduler-map sched-map-premium; interface et-0/0/0.20shaping-rate 5g; } interfacetcp-premium-switch30 ccc_DB { interface xe-0/0/3:1.0scheduler-map sched-map-premium; interface et-0/0/0.30shaping-rate 3g; } } lldpinterfaces { interface all; } } class-of-service-set set-premium { forwarding-classes { class ccs-best-effort queue-num 0; class ccs-premium queue-num 7; output-traffic-control-profile tcp-premium; } } firewall { family any xe-0/1/4 { filter ccs-mf-classifier { output-traffic-control-profile tcp-IF; termunit premium-data10 { then {output-traffic-control-profile tcp-premium-10; } policer ccs-policer; unit 30 { forwarding-class ccsoutput-traffic-control-profile tcp-premium-30; } } } } scheduler-maps }{ } sched-map-premium { filter ccs-best-effort { forwarding-class ccs-premium scheduler ccs-premium; term best-effort-data {} } schedulers { then forwarding-class ccs-best-effort;premium { }priority high; } } } firewall { policerfamily ccs-policerany { filter ifccs-mf-exceedingclassifier { term bandwidthpremium-limitdata 1g;{ burst-size-limit 625k; then forwarding-class ccs-premium; } then discard;} } } |
iPerf tool for HCoS testing
...