IPtelQos-Kursupplägg

From Datateknik
(Difference between revisions)
Jump to: navigation, search
(Wireshark)
(Marking DSCP --> WIRESHARK)
 
(4 intermediate revisions by 2 users not shown)
Line 56: Line 56:
 
*: 7min19sec är intressant https://www.youtube.com/watch?v=8PWHj29COro&index=2&list=PLsSvaKt4QA1YyMrSMknEmsVMFI_H0EHKd 9 - Application Policy - QoS
 
*: 7min19sec är intressant https://www.youtube.com/watch?v=8PWHj29COro&index=2&list=PLsSvaKt4QA1YyMrSMknEmsVMFI_H0EHKd 9 - Application Policy - QoS
 
*: Playlist for above: https://www.youtube.com/playlist?list=PLsSvaKt4QA1YyMrSMknEmsVMFI_H0EHKd
 
*: Playlist for above: https://www.youtube.com/playlist?list=PLsSvaKt4QA1YyMrSMknEmsVMFI_H0EHKd
 +
== NetFlow ==
 +
* BÄST - https://evilttl.com/wiki/NetFlow
 +
* https://packetpushers.net/podcast/pq-show-75-talking-network-analytics-telemetry/
 +
* TSHOOT: https://packetpushers.net/analyzing-netflow-details-go-beyond-ddos-detection/
 +
* Funny story: https://packetpushers.net/tag/netflow/
 +
* Kentik explains Netflow: https://www.kentik.com/netflow-guide-types-of-network-flow-analysis/
 +
* ej utvärderad programvara: https://www.flowmon.com/en/solutions/use-case/netflow-ipfix?gclid=EAIaIQobChMIx9mi_aah3gIVFYuyCh0oJwmPEAMYAiAAEgJEdvD_BwE
 +
 
= LABORATIONER =
 
= LABORATIONER =
 
== Marking DSCP --> WIRESHARK ==
 
== Marking DSCP --> WIRESHARK ==
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3650/software/release/3se/qos/configuration_guide/b_qos_3se_3650_cg/b_qos_3se_3650_cg_chapter_010.html#d3592e17399a1635
 
 
<font size=-3>
 
<pre>
 
Building configuration...
 
 
Current configuration : 8430 bytes
 
!
 
! Last configuration change at 09:32:05 UTC Mon Oct 22 2018
 
!
 
version 16.6
 
no service pad
 
service timestamps debug datetime msec
 
service timestamps log datetime msec
 
service compress-config
 
no platform punt-keepalive disable-kernel-core
 
!
 
hostname SwirreEtta
 
!
 
!
 
vrf definition Mgmt-vrf
 
!
 
address-family ipv4
 
exit-address-family
 
!
 
address-family ipv6
 
exit-address-family
 
!
 
!
 
no aaa new-model
 
boot system switch all flash:cat3k_caa-universalk9.16.06.04.SPA.bin
 
switch 1 provision ws-c3650-24ps
 
!
 
!
 
!
 
!
 
ip routing
 
!
 
no ip domain lookup
 
!
 
!
 
!
 
!
 
!
 
!
 
!
 
!
 
!
 
!
 
!
 
crypto pki trustpoint TP-self-signed-1320644307
 
enrollment selfsigned
 
subject-name cn=IOS-Self-Signed-Certificate-1320644307
 
revocation-check none
 
rsakeypair TP-self-signed-1320644307
 
!
 
!
 
crypto pki certificate chain TP-self-signed-1320644307
 
certificate self-signed 01
 
  30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
 
  69666963 6174652D 31333230 36343433 3037301E 170D3138 31303232 30393138
 
  30355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 33323036
 
  34343330 37308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201
 
  0A028201 0100B751 80556E5C F3D51CF4 62643C60 B1E61FBE E171EDEC 086F3F00
 
  016C1EF9 B748AACE 74826405 5E99E0CA 03069FC1 BCF6DBAA 7B5658D3 72BD370B
 
  FC01F877 34DE012D AAFB1B11 43FF83FB 904DC46D 8A693DBB 8F62411B 32A8710F
 
  8287E2FF DA6BCDAB 62D61D8F 40A011EC 0E02225E 8D0859E5 A04D6906 2C3654EE
 
  6D0F9DF5 3D07EDDD 26808E15 06371449 DA62796D 28C011E5 6ABD7E7A E87D96FA
 
  999282E9 BDB08CC7 5B851C9E B391DBAF F855965C EB2E4577 0C872EDD 63A5BD2A
 
  78483E7E 0EEE10C9 0D511C8D 1B47FF17 EB5986AE 9C937715 F75C948B 552B85A4
 
  8EEABA44 BE19B7D0 7BF9987A 0D5AD37C 439A4852 E085B1E5 7E61834F 31315D82
 
  4AED1296 7DA50203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF
 
  301F0603 551D2304 18301680 143726BC 178AAED6 98B6A15B AD32BB77 F705A9F6
 
  33301D06 03551D0E 04160414 3726BC17 8AAED698 B6A15BAD 32BB77F7 05A9F633
 
  300D0609 2A864886 F70D0101 05050003 82010100 043B3736 CEF180C7 C9B897ED
 
  A3FA2674 505F84BB BDF2A707 7733CA86 FA90069D 0F8D62F0 872E9561 2F4715A9
 
  DACAB5BC 87E611E2 8D4D0C41 EF3D2EEB 6D90ACC8 B80C1C25 95CB4163 588327A6
 
  B009441B 4D1D87DF 6DD5023E 3CDE255C A5CE71AF B2F5A3EC 48C70E3B 65611C3D
 
  E7285AA7 92603FA0 472EED98 5BE8411A AF87E89F 3A69A094 2341443C EFB0C9E6
 
  076186CF CB0CE470 526BD180 79661265 3B59FA0B 24D2FFE5 FDC29258 8BF43C65
 
  DD0CC65F 78641817 7908996D 16B731F1 0BFC8F1B BF6D7DC5 701602CB 9351E780
 
  66D404FB FD07E904 8AA92375 F49A4CAC 81C170EC AF39C739 F3AE064D DE527A59
 
  C4D67EDF 8238150A 4808CB2E 4A6025F0 34BDA94A
 
        quit
 
!
 
auto qos global compact
 
!
 
!
 
diagnostic bootup level minimal
 
!
 
spanning-tree mode pvst
 
spanning-tree extend system-id
 
!
 
!
 
redundancy
 
mode sso
 
!
 
hw-switch switch 1 logging onboard message
 
!
 
!
 
class-map match-any VOIP
 
match dscp ef
 
class-map match-any system-cpp-police-topology-control
 
  description Topology control
 
class-map match-any system-cpp-police-sw-forward
 
  description Sw forwarding, L2 LVX data, LOGGING
 
class-map match-any system-cpp-default
 
  description DHCP Snooping, EWLC control, EWCL data
 
class-map match-any system-cpp-police-sys-data
 
  description Learning cache ovfl, Crypto Control, Exception, EGR Exception, NFL SAMPLED DATA, Gold Pkt, RPF Failed
 
class-map match-any system-cpp-police-punt-webauth
 
  description Punt Webauth
 
class-map match-any system-cpp-police-l2lvx-control
 
  description L2 LVX control packets
 
class-map match-all YOUTUBE-GEN
 
match protocol youtube
 
class-map match-any system-cpp-police-forus
 
  description Forus Address resolution and Forus traffic
 
class-map match-any system-cpp-police-multicast-end-station
 
  description MCAST END STATION
 
class-map match-any High-Throughput-Data
 
match dscp af11
 
match dscp af12
 
match dscp af13
 
class-map match-any system-cpp-police-multicast
 
  description Transit Traffic and MCAST Data
 
class-map match-any Multimedia-Conferencing
 
match dscp af41
 
match dscp af42
 
match dscp af43
 
class-map match-any system-cpp-police-l2-control
 
  description L2 control
 
class-map match-any system-cpp-police-dot1x-auth
 
  description DOT1X Auth
 
class-map match-any SLASK
 
match dscp default
 
class-map match-any system-cpp-police-data
 
  description ICMP redirect, ICMP_GEN and BROADCAST
 
class-map match-any system-cpp-police-stackwise-virt-control
 
  description Stackwise Virtual
 
class-map match-any Network-Control-Traffic
 
match dscp cs6
 
class-map match-any Multimedia-Streaming
 
match dscp af31
 
match dscp af32
 
match dscp af33
 
match protocol youtube
 
class-map match-any non-client-nrt-class
 
class-map match-any system-cpp-police-routing-control
 
  description Routing control
 
class-map match-any system-cpp-police-protocol-snooping
 
  description Protocol snooping
 
class-map match-all youtube
 
match qos-group 10
 
class-map match-any system-cpp-police-system-critical
 
  description System Critical
 
!
 
policy-map system-cpp-policy
 
policy-map output-int
 
class youtube
 
  set dscp af31
 
policy-map input-int
 
class YOUTUBE-GEN
 
  set qos-group 10
 
policy-map CBWFQ-MAP
 
class VOIP
 
class Network-Control-Traffic
 
class Multimedia-Conferencing
 
class Multimedia-Streaming
 
class High-Throughput-Data
 
policy-map port_child_policy
 
class non-client-nrt-class
 
  bandwidth remaining ratio 10
 
!
 
!
 
!
 
!
 
!
 
!
 
!
 
!
 
!
 
!
 
!
 
!
 
!
 
!
 
interface GigabitEthernet0/0
 
vrf forwarding Mgmt-vrf
 
no ip address
 
shutdown
 
speed 1000
 
negotiation auto
 
!
 
interface GigabitEthernet1/0/1
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/2
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/3
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/4
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/5
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/6
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/7
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/8
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/9
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/10
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/11
 
description YOUTUBE GENERATOR
 
service-policy input input-int
 
ip nbar protocol-discovery
 
!
 
interface GigabitEthernet1/0/12
 
description TORRENT GENERATOR
 
service-policy input CBWFQ-MAP
 
ip nbar protocol-discovery
 
!
 
interface GigabitEthernet1/0/13
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/14
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/15
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/16
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/17
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/18
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/19
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/20
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/21
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/22
 
description NOT IN USE
 
shutdown
 
!
 
interface GigabitEthernet1/0/23
 
description WIRESHARK SPAN
 
!
 
interface GigabitEthernet1/0/24
 
description UPLINK
 
switchport trunk native vlan 2
 
switchport mode trunk
 
speed 10
 
service-policy output output-int
 
ip nbar protocol-discovery
 
!
 
interface GigabitEthernet1/1/1
 
!
 
interface GigabitEthernet1/1/2
 
!
 
interface GigabitEthernet1/1/3
 
!
 
interface GigabitEthernet1/1/4
 
!
 
interface Vlan1
 
ip address dhcp
 
shutdown
 
!
 
ip default-gateway 193.10.203.129
 
ip forward-protocol nd
 
ip http server
 
ip http authentication local
 
ip http secure-server
 
!
 
!
 
!
 
!
 
!
 
!
 
control-plane
 
service-policy input system-cpp-policy
 
!
 
!
 
line con 0
 
logging synchronous
 
stopbits 1
 
line aux 0
 
stopbits 1
 
line vty 0 4
 
login
 
line vty 5 15
 
login
 
!
 
!
 
monitor session 1 source interface Gi1/0/24
 
monitor session 1 destination interface Gi1/0/23 encapsulation dot1q
 
!
 
mac address-table notification mac-move
 
wsma agent exec
 
profile httplistener
 
profile httpslistener
 
!
 
wsma agent config
 
profile httplistener
 
profile httpslistener
 
!
 
wsma agent filesys
 
profile httplistener
 
profile httpslistener
 
!
 
wsma agent notify
 
profile httplistener
 
profile httpslistener
 
!
 
!
 
wsma profile listener httplistener
 
transport http
 
!
 
wsma profile listener httpslistener
 
transport https
 
!
 
end
 
 
</pre>
 
</font>
 
=== Wireshark ===
 
intel-dot1q-driver.jpg
 
[[File:intel-dot1q-driver.png|300px]]
 
 
wireshark-DSCP.png
 
[[File:wireshark-DSCP.png|600px]]
 
 
wireshark-dot1p
 
[[File:wireshark-dot1p.png|400px]]
 
 
VICTORY !!!
 
[[File:qos-2competingNoQueues.png]]
 
==== Common Mistakes ====
 
I would like to capture all traffic that are marked with DSCP value 184. I am able to do so using display filter "ip.dsfield==184" but how do i use the equivalent filter on capture filter ?
 
 
qos
 
asked 16 Jul '11, 23:11
 
 
chenhsien
 
 
 
'''One Answer:''' active answersoldest answersnewest answerspopular answers
 
 
The capture filter equivalent of "ip.dsfield==184" would be "ip[1]=184".
 
 
However when the dsfield value is 184, the dscp value is actually 46, as the dscp field consists of the higher 6 bits of the dsfield, the other two bits are for Explicit Congestion Notification.
 
  
Your filter "ip.dsfield==184" will only show packets woth DSCP value 46 and both ECN bith zero. So you might miss packets that have a ECN bit set. It's better to use the display filter "ip.dsfield.dscp==46", for which the capture filter equivalent is "ip[1]>>2=46"
+
see http://catch-up.cnap.hv.se/wiki/index.php/QoS_Marking_and_Monitoring
<hr>
+
<hr>
+
Wireshark '''Profiles''':
+
* [https://www.cellstream.com/resources/wireshark-profiles-repository A VoIP QoS profile for analysis in Wireshark Popular]
+
* https://www.cellstream.com/resources/wireshark-profiles-repository/295-vlan/file
+

Latest revision as of 13:33, 12 November 2018

hej

Contents

[edit] Intro till IP-tel

kör växlarna med Skinny eller SIP

  • Ingen video
  • Hårdvarutelefoner + mjuk
  • mellan växlar (utan NAT !!) Vilka IP-nummer ska vi ha (Subnäta ?!?)

[edit] QoS

[edit] SlideShare

Sökning: https://www.google.se/search?q=easy+qos+slideshare&oq=easy+qos+slideshare&aqs=chrome..69i57j69i60.5181j0j4&sourceid=chrome&ie=UTF-8


[edit] Böcker

Comer

Stallings

Zheng Wang, Internet QoS, Architectures and Mechanisms for QoS ISBN 1-55860-608-4, år 2001

Jag har inte läst Network Analysis, Architecture, and Design https://www.amazon.com/Network-Analysis-Architecture-Kaufmann-Networking/dp/0123704804/ref=sr_1_1?s=books&ie=UTF8&qid=1539194709&sr=1-1&keywords=Network+Analysis%2C+Architecture%2C+and+Design

[edit] Youtube

[edit] NetFlow

[edit] LABORATIONER

[edit] Marking DSCP --> WIRESHARK

see http://catch-up.cnap.hv.se/wiki/index.php/QoS_Marking_and_Monitoring

Retrieved from "http://catch-up.cnap.hv.se/wiki/index.php?title=IPtelQos-Kursuppl%C3%A4gg&oldid=6619"
Personal tools
Namespaces

Variants
Actions
Navigation
Tools