You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 26 Next »

This page is intended to describe use of HCoS inside Circuit Cross-Connect - CCC environment. In order to guarantee dedicated bandwidth along CCC path it is necessary to apply traffic classifiers at the ingress and hierarchical schedulers and shapers at the egress. Using 2 Juniper MX204 routers and 2 DELL PowerEdge R520 servers we will simulate production GTS scenario. These devices are regular part of Prague's laboratory on which it is allowed access with known credentials.

Physical layout

Physical Layout

Logical layout

Logical Layout

Specific set up of equipment before testing

MX204#1 uses breakout cable on FPC 0 PIC 0 port 3 for testing purpose.

Due to the lack of servers we need to make some additional settings on the HCoS#2 server itself to isolate 2 ports belonging to different logical servers (HCoS#2-D and HCoS#2-B) in order to achieve that the traffic from the first server passes through both MX204 routers and reaches the second server. We added some lines in the following files:

/etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto em1
iface em1 inet static
        address 10.1.1.22
        netmask 255.255.255.0
        network 10.1.1.0
        broadcast 10.1.1.255
        gateway 10.1.1.1
        # dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers 8.8.8.8
        up ip netns add isolated
        up ip link set dev p4p2 netns isolated
        up ip netns exec isolated ip addr add 192.168.2.1/24 dev p4p2
        up ip netns exec isolated ip link set p4p2 up

#auto p4p2
#iface p4p2 inet static
#        address 192.168.2.1
#        netmask 255.255.255.0

auto p4p1.10
iface p4p1.10 inet static
    address 192.168.0.2
    netmask 255.255.255.0
    vlan-raw-device p4p1

auto p4p1.20
iface p4p1.20 inet static
    address 192.168.1.2
    netmask 255.255.255.0
    vlan-raw-device p4p1

auto p4p1.30
iface p4p1.30 inet static
    address 192.168.2.2
    netmask 255.255.255.0
    vlan-raw-device p4p1

In this file we added seperated name space called isolated in which we put p4p2 interface. In order to have any action with that interface it is necessary to type ip netns exec isolated before any known command. For example, to see configuration on that interface we need to type the following:

ip netns exec isolated ifconfig

root@HQoS2:/home/taas# ip netns exec isolated ifconfig

p4p2 Link encap:Ethernet HWaddr 00:0e:1e:8d:bc:12
inet addr:192.168.2.1 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::20e:1eff:fe8d:bc12/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:786019 errors:0 dropped:0 overruns:0 frame:0
TX packets:16093472 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:55025149 (55.0 MB) TX bytes:24424858833 (24.4 GB)
Interrupt:63 Memory:d6000000-d67fffff

/etc/modules
# /etc/modules: kernel modules to load at boot time.
#
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.

8021q

In this file we added 8021q in order to support tagging.

IP Addresses used on devices

DeviceIP AddressInterfacePurpose
HCoS#110.1.1.10iDracweb access for management
10.1.1.21em1ssh access for configuration
192.168.0.1p3p2HCoS#1-A iPerf client
192.168.1.1p3p1HCoS#1-C iPerf client
HCoS#210.1.1.11iDracweb access for management
10.1.1.22em1ssh access for configuration
192.168.2.1p4p2HCoS#2-D iPerf client
192.168.0.2p4p1.10HCoS#2-B iPerf server for point-to-point with HCoS#1-A iPerf client
192.168.1.2p4p1.20HCoS#2-B iPerf server for point-to-point with HCoS#1-C iPerf client
192.168.2.2p4p1.30HCoS#2-B iPerf server for point-to-point with HCoS#2-D iPerf client
MX204#110.1.0.67fxp0ssh access for configuration
MX204#210.1.0.131fxp0ssh access for configuration

Configuration on MX204 routers

MX204#1
system {
    host-name Lab-MX204-1;
    root-authentication {
        encrypted-password "$6$VacgKGnC$4BEpkBv2K/BzzzGT8x7zdssG5WWdnAKwZI730c0NMfMNGWJB75rdQzOKgLheQdCKWk.oh4Mq2iwd.7Ha8.TZX/"; ## SECRET-DATA
    }
    login {
        user admin {
            uid 2000;
            class super-user;
            authentication {
                encrypted-password "$6$ANEaOs6/$fEe9dWgcggZKPWrAbsBgfb.bVXmR90f5K8/yCRP0U02jGXyFViuv1JhqdNcfKouKjnIxItqTYOffnZsQ/0OIb1"; ## SECRET-DATA
            }
        }
    }
    services {
        ssh {
            root-login allow;
            max-sessions-per-connection 32;
        }
        telnet;
        netconf {
            ssh;
        }
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
chassis {
    fpc 0 {
        pic 0 {
            port 0 {
                speed 100g;
            }
            port 1 {
                speed 100g;
            }
            port 2 {
                speed 40g;
            }
            port 3 {
                speed 10g;
            }
        }
        pic 1 {
            port 0 {
                speed 10g;
            }
            port 1 {
                speed 10g;
            }
            port 2 {
                speed 10g;
            }
            port 3 {
                speed 10g;
            }
            port 4 {
                speed 10g;
            }
            port 5 {
                speed 10g;
            }
            port 6 {
                speed 10g;
            }
            port 7 {
                speed 10g;
            }
        }
    }
}
interfaces {
    et-0/0/0 {
        description to_MX204-2_et-0/0/0;
        flexible-vlan-tagging;
        mtu 9000;
        encapsulation flexible-ethernet-services;
        unit 10 {
            encapsulation vlan-ccc;
            vlan-id 10;
            input-vlan-map pop;
            output-vlan-map push;
            family ccc;
        }
        unit 20 {
            encapsulation vlan-ccc;
            vlan-id 20;
            input-vlan-map pop;
            output-vlan-map push;
            family ccc;
        }
        unit 30 {
            encapsulation vlan-ccc;
            vlan-id 30;
            input-vlan-map pop;
            output-vlan-map push;
            family ccc;
        }
    }
    xe-0/0/3:0 {
        description to_HQoS1_p3p2;
        mtu 9000;
        encapsulation ethernet-ccc;
        unit 0 {
            filter {
                input ccs-mf-classifier;
            }
            family ccc;
        }
    }
    xe-0/0/3:1 {
        description to_HQoS2_p4p2;
        mtu 9000;
        encapsulation ethernet-ccc;
        unit 0 {
            filter {
                input ccs-mf-classifier;
            }
            family ccc;
        }
    }
    xe-0/1/0 {
        description to_alpha-compute0_p2p2;
        mtu 9000;
        unit 0;
    }
    xe-0/1/1 {
        description to_alpha-compute1_em4_via_lab4-MX80_ge-1/3/8_xe-0/0/2;
        mtu 9000;
        unit 0;
    }
    xe-0/1/2 {
        description to_alpha-bms2_p4p1;
        mtu 9000;
        unit 0;
    }
    xe-0/1/3 {
        description to_alpha-bms3_p4p1;
        mtu 9000;
        unit 0;
    }
    xe-0/1/4 {
        description to_HQoS1_p3p1;
        mtu 9000;
        encapsulation ethernet-ccc;
        unit 0 {
            filter {
                input ccs-best-effort;
            }
            family ccc;
        }
    }
    xe-0/1/5 {
        description to_Corsa1_3;
        mtu 9000;
        unit 0;
    }
    fxp0 {
        unit 0 {
            family inet {
                address 10.1.0.67/26;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 10.0.16.31/32;
            }
        }
    }
}
routing-options {
    static {
        route 0.0.0.0/0 {
            next-hop 10.1.0.65;
            retain;
            no-readvertise;
        }
    }
    autonomous-system 65250;
}
protocols {
    mpls {
        interface all;
    }
    connections {
        interface-switch ccc_AB {
            interface xe-0/0/3:0.0;
            interface et-0/0/0.10;
        }
        interface-switch ccc_CB {
            interface xe-0/1/4.0;
            interface et-0/0/0.20;
        }
        interface-switch ccc_DB {
            interface xe-0/0/3:1.0;
            interface et-0/0/0.30;
        }
    }
    lldp {
        interface all;
    }
}
class-of-service {
    forwarding-classes {
        class ccs-best-effort queue-num 0;
        class ccs-premium queue-num 7;
    }
}
firewall {
    family any {
        filter ccs-mf-classifier {
            term premium-data {
                then {
                    policer ccs-policer;
                    forwarding-class ccs-premium;
                }
            }
        }
        filter ccs-best-effort {
            term best-effort-data {
                then forwarding-class ccs-best-effort;
            }
        }
    }
    policer ccs-policer {
        if-exceeding {
            bandwidth-limit 1g;
            burst-size-limit 625k;
        }
        then discard;
    }
}
MX204#2
system {
    host-name Lab-MX204-2;
    root-authentication {
        encrypted-password "$6$b.GZQ1C/$.itickW3seG8eNyAHkQckPjoF1IKdY8A.K0SIrdqTILGSN67/N1WjIsOuVz5vxsYngeXYfyWg23oPwFGCrt1i0"; ## SECRET-DATA
    }
    login {
        user admin {
            uid 2000;
            class super-user;
            authentication {
                encrypted-password "$6$uaI7ZXnH$1RLFxMhroFXIWth5t4EOspUOZ1GH1nQEEk/PExPz6tfqjB35I1u572sS0.E9wchCWGjJfWo0m7/OQYIq3FXpA0"; ## SECRET-DATA
            }
        }
    }
    services {
        ssh {
            root-login allow;
            max-sessions-per-connection 32;
        }
        telnet;
        netconf {
            ssh;
        }
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
chassis {
    fpc 0 {
        pic 0 {
            port 0 {
                speed 100g;
            }
            port 1 {
                speed 100g;
            }
            port 2 {
                speed 40g;
            }
            port 3 {
                speed 10g;
            }
        }
        pic 1 {
            port 0 {
                speed 10g;
            }
            port 1 {
                speed 10g;
            }
            port 2 {
                speed 10g;
            }
            port 3 {
                speed 10g;
            }
            port 4 {
                speed 10g;
            }
            port 5 {
                speed 10g;
            }
            port 6 {
                speed 10g;
            }
            port 7 {
                speed 10g;
            }
        }
    }
}
interfaces {
    interface-set set-premium {
        interface xe-0/1/4 {
            unit 10;
            unit 30;
        }
    }
    interface-set set-best-effort {
        interface xe-0/1/4 {
            unit 20;
        }
    }
    et-0/0/0 {
        description to_MX204-1_et-0/0/0;
        flexible-vlan-tagging;
        mtu 9000;
        encapsulation flexible-ethernet-services;
        unit 10 {
            encapsulation vlan-ccc;
            vlan-id 10;
            filter {
                input ccs-mf-classifier;
            }
            family ccc;
        }
        unit 20 {
            encapsulation vlan-ccc;
            vlan-id 20;
            filter {
                input ccs-best-effort;
            }
            family ccc;
        }
        unit 30 {
            encapsulation vlan-ccc;
            vlan-id 30;
            filter {
                input ccs-mf-classifier;
            }
            family ccc;
        }
    }
    xe-0/1/0 {
        description to_beta-compute0_p1p1;
        mtu 9000;
        unit 0;
    }
    xe-0/1/1 {
        description to_beta-compute1_em4_via_lab4-MX80_ge-1/3/9_xe-0/0/3;
        mtu 9000;
        unit 0;
    }
    xe-0/1/2 {
        description to_beta-bms2_p2p1;
        mtu 9000;
        unit 0;
    }
    xe-0/1/3 {
        description to_beta-bms3_p3p1;
        mtu 9000;
        unit 0;
    }
    xe-0/1/4 {
        description to_HQoS2_p4p1;
        hierarchical-scheduler;
        flexible-vlan-tagging;
        mtu 9000;
        encapsulation flexible-ethernet-services;
        unit 10 {
            encapsulation vlan-ccc;
            vlan-id 10;
            family ccc;
        }
        unit 20 {
            encapsulation vlan-ccc;
            vlan-id 20;
            family ccc;
        }
        unit 30 {
            encapsulation vlan-ccc;
            vlan-id 30;
            family ccc;
        }
    }
    xe-0/1/5 {
        description to_Corsa2_3;
        mtu 9000;
        unit 0;
    }
    fxp0 {
        unit 0 {
            family inet {
                address 10.1.0.131/26;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 10.0.16.32/32;
            }
        }
    }
}
routing-options {
    static {
        route 0.0.0.0/0 {
            next-hop 10.1.0.129;
            retain;
            no-readvertise;
        }
    }
    autonomous-system 65250;
}
protocols {
    mpls {
        interface all;
    }
    connections {
        interface-switch ccc_AB {
            interface xe-0/1/4.10;
            interface et-0/0/0.10;
        }
        interface-switch ccc_CB {
            interface xe-0/1/4.20;
            interface et-0/0/0.20;
        }
        interface-switch ccc_DB {
            interface xe-0/1/4.30;
            interface et-0/0/0.30;
        }
    }
    lldp {
        interface all;
    }
}
class-of-service {
    forwarding-classes {
        class ccs-best-effort queue-num 0;
        class ccs-premium queue-num 7;
    }
    traffic-control-profiles {
        tcp-IF {
            shaping-rate 10g;
        }
        tcp-premium {
            shaping-rate 8g;
        }
        tcp-best-effort {
            shaping-rate 5g;
        }
        tcp-premium-10 {
            scheduler-map sched-map-premium;
            shaping-rate 5g;
        }
        tcp-premium-30 {
            scheduler-map sched-map-premium;
            shaping-rate 3g;
        }
        tcp-best-effort-20 {
            scheduler-map sched-map-best-effort;
            shaping-rate 5g;
        }
    }
    interfaces {
        interface-set set-premium {
            output-traffic-control-profile tcp-premium;
        }
        interface-set set-best-effort {
            output-traffic-control-profile tcp-best-effort;
        }
        xe-0/1/4 {
            output-traffic-control-profile tcp-IF;
            unit 10 {
                output-traffic-control-profile tcp-premium-10;
            }
            unit 20 {
                output-traffic-control-profile tcp-best-effort-20;
            }
            unit 30 {
                output-traffic-control-profile tcp-premium-30;
            }
        }
    }
    scheduler-maps {
        sched-map-premium {
            forwarding-class ccs-premium scheduler ccs-premium;
        }
        sched-map-best-effort {
            forwarding-class ccs-best-effort scheduler ccs-best-effort;
        }
    }
    schedulers {
        ccs-premium {
            priority high;
        }
        ccs-best-effort {
            priority low;
        }
    }
}
firewall {
    family any {
        filter ccs-mf-classifier {
            term premium-data {
                then forwarding-class ccs-premium;
            }
        }
        filter ccs-best-effort {
            term best-effort-data {
                then forwarding-class ccs-best-effort;
            }
        }
    }
}

iPerf tool for HCoS testing

iPerf is a point-to-point network tool for active measurements of throughput between two servers in both directions. We need to install iPerf tool on our 2 physical servers with command sudo apt-get install iperf3. We will test the bandwidth speed from the origin servers (iPerf client servers) in fact HCoS#1-A, HCoS#1-C and HCoS#2-D to the destination server (iPerf listening server) in fact HCoS#2-B. All these mentioned servers are logical servers from iPerf perspective and because of nature of iPerf we need to use different TCP port for testing when we send traffic from iPerf clinets to iPerf server in order to get all results on servers


  • No labels