allan_sundry Опубликовано 10 марта, 2013 · Жалоба Доброе время суток! Есть Cisco ASR1000, надо нарезать клиентам доступ к мировым и локальным ресурсам на разной скорости и нарисовать графики. Было решено промаркировать входящий мировой трафик: policy-map W-IN-MARKING class class-default set dscp 10 interface TenGigabitEthernet0/1/0.YYY description W encapsulation dot1Q YYY ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX service-policy input W-IN-MARKING end для входящего мирового трафика создаем class-map + policy-map и шейпим вход на клиентском интерфейсе: class-map match-all W-IN match dscp 10 policy-map CLIENT-W-IN class W-IN shape average 10000000 policy-map CLIENT2-W-IN class W-IN shape average 10000000 description CLIENT encapsulation dot1Q ZZZ ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX service-policy output CLIENT-W-IN end для исходящего мирового трафика - access-list + policy-map на мировом интерфейсе: access-list NNNN permit XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX access-list MMMM permit XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX class-map match-all CLIENT-W-OUT match access-group NNNN class-map match-all CLIENT2-W-OUT match access-group MMMM policy-map W-OUT-SHAPING class CLIENT-W-OUT shape average 10000000 class CLIENT2-W-OUT shape average 10000000 interface TenGigabitEthernet0/1/0.YYY description W encapsulation dot1Q YYY ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX service-policy input W-IN-MARKING service-policy output W-OUT-SHAPING end Мировой трафик клиентов шейпится, аналогично используя class-default можно нарезать скорость к локальным ресурсам... Может кто-то может посоветовать более красивую/правильную схему шейпинга? Ориентировочное количество клиентов - около 500. Как нарисовать загрузку мирового канала для каждого клиента с шейперов?! Можно конечно вычислить нужные OID по принципу изложенному например здесь, но хотелось бы более красивое решение. Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
allan_sundry Опубликовано 11 марта, 2013 · Жалоба Как рисовать графики исходящего мирового канала для каждого клиента я разобрался: # snmpwalk -v2c -c public -m ALL router cbQosCMName | grep CLIENT1 CISCO-CLASS-BASED-QOS-MIB::cbQosCMName.303669480 = STRING: CLIENT1-W-OUT # snmpwalk -v2c -c public -m ALL router cbQosConfigIndex | grep 303669480 CISCO-CLASS-BASED-QOS-MIB::cbQosConfigIndex.434.196608 = Gauge32: 303669480 # snmpwalk -v2c -c public -m ALL router cbQosCMStatsTable | grep 196608 CISCO-CLASS-BASED-QOS-MIB::cbQosCMPrePolicyPktOverflow.434.196608 = Counter32: 0 CISCO-CLASS-BASED-QOS-MIB::cbQosCMPrePolicyPkt.434.196608 = Counter32: 27779002 CISCO-CLASS-BASED-QOS-MIB::cbQosCMPrePolicyPkt64.434.196608 = Counter64: 27779002 CISCO-CLASS-BASED-QOS-MIB::cbQosCMPrePolicyByteOverflow.434.196608 = Counter32: 1 CISCO-CLASS-BASED-QOS-MIB::cbQosCMPrePolicyByte.434.196608 = Counter32: 678860579 CISCO-CLASS-BASED-QOS-MIB::cbQosCMPrePolicyByte64.434.196608 = Counter64: 4973827875 CISCO-CLASS-BASED-QOS-MIB::cbQosCMPrePolicyBitRate.434.196608 = Gauge32: 4241000 bits per second CISCO-CLASS-BASED-QOS-MIB::cbQosCMPostPolicyByteOverflow.434.196608 = Counter32: 1 CISCO-CLASS-BASED-QOS-MIB::cbQosCMPostPolicyByte.434.196608 = Counter32: 678860579 CISCO-CLASS-BASED-QOS-MIB::cbQosCMPostPolicyByte64.434.196608 = Counter64: 4973827875 CISCO-CLASS-BASED-QOS-MIB::cbQosCMPostPolicyBitRate.434.196608 = Gauge32: 4241000 bits per second CISCO-CLASS-BASED-QOS-MIB::cbQosCMDropPktOverflow.434.196608 = Counter32: 0 CISCO-CLASS-BASED-QOS-MIB::cbQosCMDropPkt.434.196608 = Counter32: 0 CISCO-CLASS-BASED-QOS-MIB::cbQosCMDropPkt64.434.196608 = Counter64: 0 CISCO-CLASS-BASED-QOS-MIB::cbQosCMDropByteOverflow.434.196608 = Counter32: 0 CISCO-CLASS-BASED-QOS-MIB::cbQosCMDropByte.434.196608 = Counter32: 0 CISCO-CLASS-BASED-QOS-MIB::cbQosCMDropByte64.434.196608 = Counter64: 0 CISCO-CLASS-BASED-QOS-MIB::cbQosCMDropBitRate.434.196608 = Gauge32: 0 bits per second CISCO-CLASS-BASED-QOS-MIB::cbQosCMNoBufDropPktOverflow.434.196608 = Counter32: 0 CISCO-CLASS-BASED-QOS-MIB::cbQosCMNoBufDropPkt.434.196608 = Counter32: 0 CISCO-CLASS-BASED-QOS-MIB::cbQosCMNoBufDropPkt64.434.196608 = Counter64: 0 CISCO-CLASS-BASED-QOS-MIB::cbQosCMFragmentPktOverflow.434.196608 = Counter32: 0 CISCO-CLASS-BASED-QOS-MIB::cbQosCMFragmentPkt.434.196608 = Counter32: 0 CISCO-CLASS-BASED-QOS-MIB::cbQosCMFragmentPkt64.434.196608 = Counter64: 0 CISCO-CLASS-BASED-QOS-MIB::cbQosCMFragmentByteOverflow.434.196608 = Counter32: 0 CISCO-CLASS-BASED-QOS-MIB::cbQosCMFragmentByte.434.196608 = Counter32: 0 CISCO-CLASS-BASED-QOS-MIB::cbQosCMFragmentByte64.434.196608 = Counter64: 0 НО, если удалить клиентскую class-map из W-OUT-SHAPING получаем другие индексы для остальных class-map: # snmpwalk -v2c -c public -m ALL router cbQosCMName | grep CLIENT1 CISCO-CLASS-BASED-QOS-MIB::cbQosCMName.303669480 = STRING: CLIENT1-W-OUT было: # snmpwalk -v2c -c public -m ALL router cbQosConfigIndex | grep 303669480 CISCO-CLASS-BASED-QOS-MIB::cbQosConfigIndex.434.196608 = Gauge32: 303669480 стало: # snmpwalk -v2c -c public -m ALL router cbQosConfigIndex | grep 303669480 CISCO-CLASS-BASED-QOS-MIB::cbQosConfigIndex.434.131072 = Gauge32: 303669480 а наш исходный индекс уже отвечает за другого клиента # snmpwalk -v2c -c public -m ALL router cbQosConfigIndex | grep 196608 CISCO-CLASS-BASED-QOS-MIB::cbQosConfigIndex.434.196608 = Gauge32: 340512051 # snmpwalk -v2c -c public -m ALL router cbQosCMName | grep 340512051 CISCO-CLASS-BASED-QOS-MIB::cbQosCMName.340512051 = STRING: CLIENT2-W-OUT Какой выход из ситуации или я что-то не так делаю?! Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
allan_sundry Опубликовано 13 марта, 2013 · Жалоба так как желающих поделиться своим опытом не нашлось - выложе свою решение - трафик по клиентам снимаем скриптом: #!/usr/bin/perl -w # Cisco QOS Monitoring script ver 0.2 use strict; use warnings; ############################################################################### # GET DATA FROM ARGUMENTS ############################################################################### # Router my $router = $ARGV[0]; #print ("Router: ", $router, "\n"); # Input Interface my $int_IN = $ARGV[1]; #print ("In If: ", $int_IN, "\n"); # Class-map on Input Interface my $class_IN = $ARGV[2]; #print ("Class-Map In: ", $class_IN, "\n"); # Output Interface my $int_OUT = $ARGV[3]; #print ("Out If: ", $int_OUT, "\n"); # Class-map on Output Interface my $class_OUT = $ARGV[4]; #print ("Class-Map Out: ", $class_OUT, "\n"); #print "\n"; ############################################################################### # IN BPS ############################################################################### #------------------------------------------------------------------------------ # Identificate in interface # - find interface code # - find index policy-map #------------------------------------------------------------------------------ ### find code interface in my $if_IN = (`snmpwalk -v2c -c public -m ALL $router ifDescr | grep -w $int_IN | awk '{gsub(\"IF-MIB::ifDescr.\",\"\"); print \$1}'`); # delete newline from variable $if_IN =~ s/\n//g; #print ("Code Interface In: ", $if_IN, "\n"); ### find index policy-maps on interface in my @policy_maps_IN = (`snmpwalk -v2c -c public -m ALL $router cbQosIfIndex | grep -w $if_IN | awk '{gsub(\"CISCO-CLASS-BASED-QOS-MIB::cbQosIfIndex.\",\"\"); print \$1}'`); foreach my $policy_maps_IN(@policy_maps_IN){ $policy_maps_IN =~ s/\n//g; #print ("Policy-Map Interface In: ", $policy_maps_IN, "\n"); } ### find index policy-map on client interface my $policy_map_IN_index = (`snmpwalk -v2c -c public -m ALL $router cbQosPolicyDirection | grep -w output | grep -w $policy_maps_IN[0] | awk '{gsub(\"CISCO-CLASS-BASED-QOS-MIB::cbQosPolicyDirection.\",\"\"); print \$1}'`); if ($policy_map_IN_index) { $policy_map_IN_index =~ s/\n//g; #print ("Code Policy-Map Out: ", $policy_map_IN_index, "\n"); } else { $policy_map_IN_index = (`snmpwalk -v2c -c public -m ALL $router cbQosPolicyDirection | grep -w output | grep -w $policy_maps_IN[1] | awk '{gsub(\"CISCO-CLASS-BASED-QOS-MIB::cbQosPolicyDirection.\",\"\"); print \$1}'`); $policy_map_IN_index =~ s/\n//g; #print ("Code Policy-Map Interface In: ", $policy_map_IN_index, "\n"); } #------------------------------------------------------------------------------ # Get BPS # - find code class-map # - find index class-map # - find bps #------------------------------------------------------------------------------ ### find code class-map out on output interface my $name_IN = (`snmpwalk -v2c -c public -m ALL $router cbQosCMName | grep -w $class_IN | awk '{gsub(\"CISCO-CLASS-BASED-QOS-MIB::cbQosCMName.\",\"\"); print \$1}'`); # delete newline from variable $name_IN =~ s/\n//g; #print ("Name Class-Map In: ", $name_IN, "\n"); ### find index code class-map out my $snmp_index_IN = sprintf("CISCO-CLASS-BASED-QOS-MIB::cbQosConfigIndex.".$policy_map_IN_index."."); #print ("SNMP Index: ", $snmp_index_IN, "\n"); my $index_IN = (`snmpwalk -v2c -c public -m ALL $router cbQosConfigIndex | grep -w $name_IN | grep $snmp_index_IN | awk '{gsub(\"$snmp_index_IN\",\"\"); print \$1}'`); # delete newline from variable $index_IN =~ s/\n//g; #print ("Index Class-Map In: ", $index_IN, "\n"); ### find traffic via class-map out my $snmp_bps_IN = sprintf("CISCO-CLASS-BASED-QOS-MIB::cbQosCMPostPolicyByte64.".$policy_map_IN_index."."); #print ("SNMP Index: ", $snmp_bps_IN, "\n"); my $bps_IN = (`snmpwalk -v2c -c public -m ALL $router cbQosCMStatsTable | grep -w $index_IN | grep $snmp_bps_IN | awk '{print \$4}'`); # delete newline from variable $bps_IN =~ s/\n//g; #print ("BPS Class-Map Out: ", $bps_IN, "\n"); #print "\n"; ############################################################################### # OUT BPS ############################################################################### #------------------------------------------------------------------------------ # Identificate out interface # - find interface code # - find index policy-map #------------------------------------------------------------------------------ ### find code interface out my $if_OUT = (`snmpwalk -v2c -c public -m ALL $router ifDescr | grep -w $int_OUT | awk '{gsub(\"IF-MIB::ifDescr.\",\"\"); print \$1}'`); # delete newline from variable $if_OUT =~ s/\n//g; #print ("Code Interface Out: ", $if_OUT, "\n"); ### find index policy-maps on interface out my @policy_maps_OUT = (`snmpwalk -v2c -c public -m ALL $router cbQosIfIndex | grep -w $if_OUT | awk '{gsub(\"CISCO-CLASS-BASED-QOS-MIB::cbQosIfIndex.\",\"\"); print \$1}'`); foreach my $policy_maps_OUT(@policy_maps_OUT){ $policy_maps_OUT =~ s/\n//g; #print ("Policy-Map Interface Out: ", $policy_maps_OUT, "\n"); } ### find index policy-map on out interface my $policy_map_OUT_index = (`snmpwalk -v2c -c public -m ALL $router cbQosPolicyDirection | grep -w output | grep -w $policy_maps_OUT[0] | awk '{gsub(\"CISCO-CLASS-BASED-QOS-MIB::cbQosPolicyDirection.\",\"\"); print \$1}'`); if ($policy_map_OUT_index) { $policy_map_OUT_index =~ s/\n//g; #print ("Code Policy-Map Out: ", $policy_map_OUT_index, "\n"); } else { $policy_map_OUT_index = (`snmpwalk -v2c -c public -m ALL $router cbQosPolicyDirection | grep -w output | grep -w $policy_maps_OUT[1] | awk '{gsub(\"CISCO-CLASS-BASED-QOS-MIB::cbQosPolicyDirection.\",\"\"); print \$1}'`); $policy_map_OUT_index =~ s/\n//g; #print ("Code Policy-Map Interface Out: ", $policy_map_OUT_index, "\n"); } #------------------------------------------------------------------------------ # Get BPS # - find code class-map # - find index class-map # - find bps #------------------------------------------------------------------------------ ### find code class-map out on output interface my $name_OUT = (`snmpwalk -v2c -c public -m ALL $router cbQosCMName | grep -w $class_OUT | awk '{gsub(\"CISCO-CLASS-BASED-QOS-MIB::cbQosCMName.\",\"\"); print \$1}'`); # delete newline from variable $name_OUT =~ s/\n//g; #print ("Name Class-Map Out: ", $name_OUT, "\n"); ### find index code class-map out my $snmp_index_OUT = sprintf("CISCO-CLASS-BASED-QOS-MIB::cbQosConfigIndex.".$policy_map_OUT_index."."); #print ("SNMP Index: ", $snmp_index_OUT, "\n"); my $index_OUT = (`snmpwalk -v2c -c public -m ALL $router cbQosConfigIndex | grep -w $name_OUT | grep $snmp_index_OUT | awk '{gsub(\"$snmp_index_OUT\",\" \"); print \$1}'`); # delete newline from variable $index_OUT =~ s/\n//g; #print ("Index Class-Map Out: ", $index_OUT, "\n"); ### find traffic via class-map out my $snmp_bps_OUT = sprintf("CISCO-CLASS-BASED-QOS-MIB::cbQosCMPostPolicyByte64.".$policy_map_OUT_index."."); #print ("SNMP Index: ", $snmp_bps_OUT, "\n"); my $bps_OUT = (`snmpwalk -v2c -c public -m ALL $router cbQosCMStatsTable | grep -w $index_OUT | grep $snmp_bps_OUT | awk '{print \$4}'`); # delete newline from variable $bps_OUT =~ s/\n//g; #print ("BPS Class-Map Out: ", $bps_OUT, "\n"); #print "\n"; ############################################################################### # RESULT ############################################################################### print ($bps_IN, "\n"); print ($bps_OUT, "\n"); если кто-то найдет ошибки в моем подходе - буду рад узнать о них. Для корректной работы скрипта необходимо установить дополнительные MIB: CISCO-CBP-TARGET-MIB.my CISCO-CBP-TARGET-TC-MIB.my CISCO-CLASS-BASED-QOS-MIB.my CISCO-FRAME-RELAY-MIB.my CISCO-SMI.my CISCO-TC.my FRAME-RELAY-DTE-MIB.my P-BRIDGE-MIB.mib Q-BRIDGE-MIB.mib RMON2-MIB.my SNMPv2-TC.my TOKEN-RING-RMON-MIB.my в основном все они являются зависимостями для CISCO-CLASS-BASED-QOS-MIB... Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...