This page is intended to describe use of HCoS inside Circuit Cross-Connect - CCC environment. In order to guarantee dedicated bandwidth along CCC path it is necessary to apply traffic classifiers at the ingress and hierarchical schedulers and shapers at the egress. Using 2 Juniper MX204 routers and 2 DELL PowerEdge R520 servers we will simulate production GTS scenario. These devices are regular part of Prague's laboratory on which it is allowed access with known credentials.
Physical layout
Logical layout
Specific set up of equipment before testing
MX204#1 uses breakout cable on FPC 0 PIC 0 port 3 for testing purpose.
Due to the lack of servers we need to make some additional settings on the HCoS#2 server itself to isolate 2 ports belonging to different logical servers (HCoS#2-D and HCoS#2-B) in order to achieve that the traffic from the first server passes through both MX204 routers and reaches the second server. We added some lines in the following files:
/etc/network/interfaces file
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto em1
iface em1 inet static
address 10.1.1.22
netmask 255.255.255.0
network 10.1.1.0
broadcast 10.1.1.255
gateway 10.1.1.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 8.8.8.8
up ip netns add isolated
up ip link set dev p4p2 netns isolated
up ip netns exec isolated ip addr add 192.168.2.1/24 dev p4p2
up ip netns exec isolated ip link set p4p2 up
#auto p4p2
#iface p4p2 inet static
# address 192.168.2.1
# netmask 255.255.255.0
auto p4p1.10
iface p4p1.10 inet static
address 192.168.0.2
netmask 255.255.255.0
vlan-raw-device p4p1
auto p4p1.20
iface p4p1.20 inet static
address 192.168.1.2
netmask 255.255.255.0
vlan-raw-device p4p1
auto p4p1.30
iface p4p1.30 inet static
address 192.168.2.2
netmask 255.255.255.0
vlan-raw-device p4p1
In this file we added seperated name space called isolated in which we put p4p2 interface. In order to have any action with that interface it is necessary to type ip netns exec isolated before any known command. For example, to see configuration on that interface we need to type the following:
ip netns exec isolated ifconfig
root@HQoS2:/home/taas# ip netns exec isolated ifconfig
p4p2 Link encap:Ethernet HWaddr 00:0e:1e:8d:bc:12
inet addr:192.168.2.1 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::20e:1eff:fe8d:bc12/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:786019 errors:0 dropped:0 overruns:0 frame:0
TX packets:16093472 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:55025149 (55.0 MB) TX bytes:24424858833 (24.4 GB)
Interrupt:63 Memory:d6000000-d67fffff
/etc/modules file
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.
8021q
In this file we added 8021q in order to support tagging.
IP Addresses used on devices
| Device | IP Address | Interface | Purpose |
|---|---|---|---|
| HCoS#1 | 10.1.1.10 | iDrac | web access for management |
| 10.1.1.21 | em1 | ssh access for configuration | |
| 192.168.0.1 | p3p2 | HCoS#1-A iPerf client | |
| 192.168.1.1 | p3p1 | HCoS#1-C iPerf client | |
| HCoS#2 | 10.1.1.11 | iDrac | web access for management |
| 10.1.1.22 | em1 | ssh access for configuration | |
| 192.168.2.1 | p4p2 | HCoS#2-D iPerf client | |
| 192.168.0.2 | p4p1.10 | HCoS#2-B iPerf server for point-to-point with HCoS#1-A iPerf client | |
| 192.168.1.2 | p4p1.20 | HCoS#2-B iPerf server for point-to-point with HCoS#1-C iPerf client | |
| 192.168.2.2 | p4p1.30 | HCoS#2-B iPerf server for point-to-point with HCoS#2-D iPerf client | |
| MX204#1 | 10.1.0.67 | fxp0 | ssh access for configuration |
| MX204#2 | 10.1.0.131 | fxp0 | ssh access for configuration |
Configuration on MX204 routers
system {
host-name Lab-MX204-1;
root-authentication {
encrypted-password "$6$VacgKGnC$4BEpkBv2K/BzzzGT8x7zdssG5WWdnAKwZI730c0NMfMNGWJB75rdQzOKgLheQdCKWk.oh4Mq2iwd.7Ha8.TZX/"; ## SECRET-DATA
}
login {
user admin {
uid 2000;
class super-user;
authentication {
encrypted-password "$6$ANEaOs6/$fEe9dWgcggZKPWrAbsBgfb.bVXmR90f5K8/yCRP0U02jGXyFViuv1JhqdNcfKouKjnIxItqTYOffnZsQ/0OIb1"; ## SECRET-DATA
}
}
}
services {
ssh {
root-login allow;
max-sessions-per-connection 32;
}
telnet;
netconf {
ssh;
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
chassis {
fpc 0 {
pic 0 {
port 0 {
speed 100g;
}
port 1 {
speed 100g;
}
port 2 {
speed 40g;
}
port 3 {
speed 10g;
}
}
pic 1 {
port 0 {
speed 10g;
}
port 1 {
speed 10g;
}
port 2 {
speed 10g;
}
port 3 {
speed 10g;
}
port 4 {
speed 10g;
}
port 5 {
speed 10g;
}
port 6 {
speed 10g;
}
port 7 {
speed 10g;
}
}
}
}
interfaces {
et-0/0/0 {
description to_MX204-2_et-0/0/0;
flexible-vlan-tagging;
mtu 9000;
encapsulation flexible-ethernet-services;
unit 10 {
encapsulation vlan-ccc;
vlan-id 10;
input-vlan-map pop;
output-vlan-map push;
family ccc;
}
unit 20 {
encapsulation vlan-ccc;
vlan-id 20;
input-vlan-map pop;
output-vlan-map push;
family ccc;
}
unit 30 {
encapsulation vlan-ccc;
vlan-id 30;
input-vlan-map pop;
output-vlan-map push;
family ccc;
}
}
xe-0/0/3:0 {
description to_HQoS1_p3p2;
mtu 9000;
encapsulation ethernet-ccc;
unit 0 {
filter {
input ccs-mf-classifier;
}
family ccc;
}
}
xe-0/0/3:1 {
description to_HQoS2_p4p2;
mtu 9000;
encapsulation ethernet-ccc;
unit 0 {
filter {
input ccs-mf-classifier;
}
family ccc;
}
}
xe-0/1/0 {
description to_alpha-compute0_p2p2;
mtu 9000;
unit 0;
}
xe-0/1/1 {
description to_alpha-compute1_em4_via_lab4-MX80_ge-1/3/8_xe-0/0/2;
mtu 9000;
unit 0;
}
xe-0/1/2 {
description to_alpha-bms2_p4p1;
mtu 9000;
unit 0;
}
xe-0/1/3 {
description to_alpha-bms3_p4p1;
mtu 9000;
unit 0;
}
xe-0/1/4 {
description to_HQoS1_p3p1;
mtu 9000;
encapsulation ethernet-ccc;
unit 0 {
filter {
input ccs-best-effort;
}
family ccc;
}
}
xe-0/1/5 {
description to_Corsa1_3;
mtu 9000;
unit 0;
}
fxp0 {
unit 0 {
family inet {
address 10.1.0.67/26;
}
}
}
lo0 {
unit 0 {
family inet {
address 10.0.16.31/32;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 {
next-hop 10.1.0.65;
retain;
no-readvertise;
}
}
autonomous-system 65250;
}
protocols {
mpls {
interface all;
}
connections {
interface-switch ccc_AB {
interface xe-0/0/3:0.0;
interface et-0/0/0.10;
}
interface-switch ccc_CB {
interface xe-0/1/4.0;
interface et-0/0/0.20;
}
interface-switch ccc_DB {
interface xe-0/0/3:1.0;
interface et-0/0/0.30;
}
}
lldp {
interface all;
}
}
class-of-service {
forwarding-classes {
class ccs-best-effort queue-num 0;
class ccs-premium queue-num 7;
}
}
firewall {
family any {
filter ccs-mf-classifier {
term premium-data {
then {
policer ccs-policer;
forwarding-class ccs-premium;
}
}
}
filter ccs-best-effort {
term best-effort-data {
then forwarding-class ccs-best-effort;
}
}
}
policer ccs-policer {
if-exceeding {
bandwidth-limit 1g;
burst-size-limit 625k;
}
then discard;
}
}
iPerf tool for HCoS testing
iPerf is a point-to-point network tool for active measurements of throughput between two servers in both directions. We need to install iPerf tool on our 2 physical servers with command sudo apt-get install iperf3. We will test the bandwidth speed from the origin servers (iPerf client servers) in fact HCoS#1-A, HCoS#1-C and HCoS#2-D to the destination server (iPerf listening server) in fact HCoS#2-B. All these mentioned servers are logical servers from iPerf perspective and because of nature of iPerf we need to use different TCP port for testing when we send traffic from iPerf clinets to iPerf server in order to get all results on servers.