N9500-R系列交换机
N7700系列交换机
N5600系列交换机
N3100-V系列交换机
2 交换机配置
1. 创建ACL匹配目标流量
2. 创建class-map,用于policy-map与ACL进行关联,policy-map无法直接调用ACL
3. 创建policy-map,关联class-map并设置相关参数
4. 在物理接口或聚合口下调用
ip access-list dn-limit-acl
10 permit ip 192.168.1.0 0.0.0.255 any
ip access-list mgmt-limit-acl
10 permit ip 192.168.0.0 0.0.0.255 any
ip access-list yw-limit-acl
10 permit ip 192.168.2.0 0.0.0.255 any
class-map type qos match-all dn-limit-class
match access-group name dn-limit-acl
class-map type qos match-all yw-limit-class
match access-group name yw—limit-acl
class-map type qos match-all mgmt-limit-class
match access-group name mgmt-limit-acl
policy-map type qos qos-limit-speed
class mgmt-limit-class
police cir percent 20 bc 200 ms conform transmit violate drop
class dn-limit-class
police cir percent 30 bc 200 ms conform transmit violate drop
class yw-limit-class
police cir percent 50 bc 200 ms conform transmit violate drop
interface e1/1
service-policy type qos input qos-limit-speed
ip access-list dn-acl
statistics per-entry
10 permit ip 192.168.2.0/24 any
ip access-list dw-acl
statistics per-entry
10 permit ip 192.168.1.0/24 any
ip access-list yw-acl
statistics per-entry
10 permit ip 192.168.3.0/24 any
class-map type qos match-all dn-class
match access-group name dn-acl
class-map type qos match-all dw-class
match access-group name dw-acl
class-map type qos match-all yw-class
match access-group name yw-acl
policy-map type qos qos-limit
class dn-class
police cir percent 20 bc 200 ms conform transmit violate drop
set qos-group 1
class dw-class
police cir percent 30 bc 200 ms conform transmit violate drop
set qos-group 1
class yw-class
police cir percent 50 bc 200 ms conform transmit violate drop
set qos-group 1
interface e1/1
service-policy type qos input qos-limit
ip access-list dn-acl
10 permit ip 192.168.2.0/24 any
ip access-list mgmt-acl
10 permit ip 192.168.1.0/24 any
ip access-list yw-acl
10 permit ip 192.168.3.0/24 any
class-map type qos match-all dn-class
match access-group name dn-acl
class-map type qos match-all yw-class
match access-group name yw-acl
class-map type qos match-all mgmt-class
match access-group name mgmt-acl
policy-map type qos speed-limit
class mgmt-class
police cir percent 20 bc 200 ms conform transmit violate drop
class dn-class
police cir percent 30 bc 200 ms conform transmit violate drop
class yw-class
police cir percent 50 bc 200 ms conform transmit violate drop
interface e1/1
service-policy type qos input speed-limit
2.2.4.1 N56
CN8K中默认存在一个名为class-default的class,该class默认匹配所有有流量,并将流量划分到qos-group 0 当中,该默认配置不能被删除,被修改
通过在policy当中将创建的class设置为qos-group 1可绕开该默认设备;
2.2.4.2 N3100-V
N3100-V由于硬件限制,将policy-map调用到接口下时,会报错,提示没有该资源,需要通过手动分配硬件资源并重启,才能正常调用;命令如下:
Switch(config)#hardware access-list tcam region qos 256
2.2.4.3 默认参数
在policy-map中为class分配带宽资源时,默认会设置BC(突发流量)为200ms;该配置可进行相关修改,可选范围为1-536870912,可选单位为:bytes/kbytes/mbytes/ms/us/packets









在Nexus交换机上,可以针对匹配特定流量进行相关带宽分配,并可设置允许突发流量通过。以此实现更高需求;
根据打流测试结果发现,当数据包长度越大时,带宽分配效果越好;现实组网中的混合数据包长度,带宽分配效果达到预期;