Introduction to QoS

www.ine.com
Course Agenda
»
»
»
»
Introduction to QoS

www.ine.com
Course Prerequisites
»
»
• [email protected]
• Twitter.com/keithbogart1
Course Agenda
»
»
»
»
»
»
Lab Topology
Lab Infrastructure and Tools
»
»
»
 What is QoS…
and why do we need it?

www.ine.com
QoS Overview

»
»
• Provides predictable management of network
resources during times of congestion.
• Assists in maximizing the end-user experience
of critical sessions.
• Provides differentiated services to packets
based upon pre-defined user criteria.
How does QoS provide those services?
»
»
»
»
• Classification of data
• Queue Management
• Size, Placement of packets, Scheduling Order, Transmission Rate
• Pre-Emptive Drops
• Marking of packets
Routers: Day-in-the-life-of-a-packet
Switches (Shared Memory): Packet Forwarding

»
»
»
»
»
Switches (Distributed Memory): Packet Forwarding

5. Appropriate egress interface queues, and then

schedules, the packet.
Buffers and Queues
• Buffers
• Physical memory used to store packets before-and-after forwarding
decision is made.
• On routers, this same memory can be allocated to interfaces as
ingress/egress queues.
• Shared memory (of which part is allocated as buffers) is also used
by lots of other CPU processes.
• Queues
• On routers, a queue is a logical part of the shared-memory buffers.
• On switches, individual interfaces (or linecards) have their own
memory which is used as interface queues.
Buffer-Queue Configuration
»
»
»
»
»
So what is “Congestion”?
»
• Packets transmitted FIFO at line-rate of egress interface
(TX-Ring).
»
»
Results of Congestion

»
»Jitter
»Drops
Integrated Services
»
• QoS model in which entire end-to-end packet for a
packet is ensured certain minimum QoS
characteristics prior to packet transmission.
• Initial RFCs published by IETF in mid 1990s:
RFC 1633, RFC 2211, and RFC 2212
• RSVP used as primary protocol to setup the path.
Requires every node along path to heed its reservations
Requires every node along path to keep per-flow state.
Differentiated Services
»
»
»
• Called PHBs (Per-Hop Behaviors)
»
QoS Tools

www.ine.com
Classification and Marking
»
• A “class” of traffic will receive the same type of QoS
treatment.
• Analyze packets to differentiate flows
»

»
Policing, Shaping, and Markdown
»
»
• Traffic that is non-conforming is caught by policer and:
• Dropped
• Marked-down
»
• Shaping done on egress interface leading to ISP.
Queuing
»
»
»
»
Scheduling

»
»
»
»
Congestion Management
• Congestion management features allow you to control
congestion by determining the order in which packets
are sent out an interface based on priorities assigned to
those packets.
• Creation of queues,
• Assignment of packets to those queues based on the
classification of the packet
• Selectively dropping packets from within queues when those
queues reach pre-defined thresholds
• Scheduling of the packets in a queue for transmission
Congestion Management vs. Avoidance
»
• WFQ, CBWFQ, PQ, LLQ, WRR, SRR, Traffic Shaping
»

• RED, WRED, WTD, Policing

MQC

»
»

»
MQC Components (1)
»
class-map match-all Prec3
match ip precedence 3
class-map match-all Telnet
match access-group 101

»
policy-map To-ISP
class Prec3
bandwidth percent 30
policy-map To-Core
class Prec3
set dscp af33
MQC Components (2)
»
policy-map To-ISP
class Prec3
police 5000000 exceed-action drop
policy-map To-Core
class Prec3
set dscp af33
!
Interface Serial0/1
service-policy out To-ISP
!
Interface GigabitEthernet1
service-policy out To-Core
HQF
»
• Consistent queuing behavior applied with common MQC across all main
Cisco IOS Software releases.
• Common functionality for both distributed and non-distributed
implementations, providing consistency of QoS feature behavior across all
software-forwarding hardware.

»
»
»
Classification and
Marking

www.ine.com
What is Classification?

»
»
»
• Markings
• Addressing
• Application Signatures
Layer-2 Classification

»
Layer-3 Classification (ToS byte)

»
IPv4 and ToS
»
DSCP
»
»
ToS Byte

Legacy P P P D T R

IP Precedence Bits
DSCP CS CS CS AF AF ECN ECN

DSCP Bits
Classification on Cisco Switches

»
»
»
Switches and Internal DSCP
»
»

»
Switches and Internal DSCP (2)
»
• 6-bit value…never seen in sniffer traces
• Switch must be told how to derive this value.
• By default, when QoS is enabled every frame given an internal
DSCP of zero (0)
»

»
How is internal DSCP derived?
»
»
•
•
•
•
Classification using
NBAR

www.ine.com
NBAR

»
»
• Some protocols negotiate dynamic numbers and
can’t be matched this way.
• NBAR examines the data payload
• More CPU intensive than other classification features.
NBAR

»
• Discover these protocols running across an interface
 Called NBAR “passive-mode”
 (config-if)# ip nbar protocol-discovery
• Match on these protocols within a Class-Map
 Called NBAR “active-mode”
 (config-cmap)#match protocol xxxxxx
NBAR
»
»
• Whatever is being matched up (when using HTTP) is surrounded by
quotes.
• You can use regular expressions within the quotes.
• Match http url “*ine.com*”
»
 Classification and
Marking using MQC

www.ine.com
Class-Maps

»
»
• Default is that QoS must “match all” items
• Can also specify;
(config)#class-map Test
(config-cmap)#match not xxxxx

(config)#class-map match-any Test

Class-Maps

»
• All traffic that doesn’t match previous class-maps falls into this.
• Cannot be configured/modified using Class-Map global-config
commands, and it is invisible in the running-config output.
• Class-Default has no QoS applied (FIFO)
• You can change the QoS behavior of the class-default by referencing
it within a Policy-Map
»
Association of Class-Maps to Policy-Maps

»
• May match on multiple characteristics if desired.
» Reference the Class-Map within a Policy-Map
» Use the “set” action to modify IP-Prec or DSCP
settings.
Configuration (Classification and Marking) - 1

2. Not sure? Create a test class-map and use the CLI-Help.

Configuration (Classification and Marking) - 1
Configuration (Classification and Marking) - 2
4. If a single Policy-Map will reference multiple Class-Maps,
the sequential order of CMs within the Policy-Map is
important!
Configuration (Classification and Marking) - 3
5. Policy-Maps (like ACLs) have no affect until applied to an
interface using a “Service-Policy”.
Other Marking Methods

» Classifying packets (via a Class-Map) and

marking them via a Policy-Map (“set”
command) is most common way of marking.
» Policers can also mark packets
» On switches, ports can be configured to
add/change markings of packets.
Policy-Map Monitoring

» Show policy-map <name>

• Displays configuration
» Show policy-map interface <type/number>
• Shows statistics and hit-counts
Congestion Management
Overview

www.ine.com
Congestion Management Overview

»
• A memory structure to hold incoming packets (prior to
forwarding lookup) and egress packets (after lookup).
• For QoS we refer to “interface queues” because they
reference which interface received the packet (ingress
queues) and which interface will forward the packet
(egress queue).
Why do we need Congestion Management
»
• By default, queues are configured for FIFO (First-In First-
Out)
• Incoming bursts can be bad causing congestion of queues.
• FIFO = no control over the order of which of those packets
held back in the queue will be transmitted.
• Congestion management techniques provide some control of
the order-of-transmission.
What can be done with Queues?
»
 Queuing: Determination of which packet goes into which
queue
 Drop policy; If a queue starts to get too full.
 Scheduling
 Maximum numbers of queues (not modifiable on
switches)
 Maximum queue length: max number of packets
allowed in a queue (not configurable on switches)
Policy-Map & Queuing Gotchas
»

• On switches, ingress queuing can also be configured,

but seldom is.
• Any policy-map action that sets/references bandwidth is
looking at the “bandwidth” command on the interface.
 Queuing
(FIFO and WFQ)

www.ine.com
Queuing Methods: FIFO

»
»
»
• (config-if)#no fair-queue
»
• (config-if)#hold-queue <<0-240000> [in | out]
How large is my queue?
Fair Queuing
»

»
• Flow-Based WFQ (assigns weights to traffic based on IP Prec)
• CBWFQ
• LLQ
• Others not included in CCIE
Flow-Based WFQ: What is a “flow”?
»
• Flows determined by
 Src/Dest Layer-3 address
 L4 Protocol
 L4 Port number
 IP Precedence

»
• High Bandwidth (i.e. file transfers)
• Low Bandwidth (i.e. voice calls or control traffic)
Flow-Based WFQ: Bandwidth Allocation
»

• Number of current packets in the queue for this flow as

compared to other flows.
• Size of packets in the queue for this flow as compared
to other flows.
• IP Precedence value of packets in this flow as
compared to other flows.
Flow-Based WFQ: Weight Assignment
»
• The lower the weight, the greater the BW allocated to that flow
• Depending on router platform, some routers support up to 256
unique flows (each given their own queue).
»
»
Flow-Based WFQ: Configuration
»
fair-queue [congestive-discard-threshold
[dynamic-queues [reservable-queues]]]

»
Policy-map Blah
Class blah-blah
Bandwidth xxxx
fair-que <#of queues>
 Queuing
(CBWFQ)

www.ine.com
CBWFQ Overview

»
»

• In this way, multiple flows of traffic (that would normally

each be allocated their own queue with Flow-Based FQ)
are instead grouped together and share a single queue.
• Main benefit is that you now have control over the
minimum BW allocated to each class-based flow.
CBWFQ: Multiple Features Rolled Into One!

»
»
»
• Default is FIFO within a single queue (no re-ordering of packets
once they are placed within a queue)
• Shared Round Robin based on Bandwidth settings
CBWFQ: Details of Queues
»
»
»

• Defined by “queue-limit <number-of-packets>”

CBWFQ Configuration

#1: Define Class-Map(s)

#2: Reference Class-Map(s) within

Policy-Map. Apply bandwidth to
each class.

#3: Apply Policy-Map to interface(s)

with a Service-Policy
CBWFQ: Monitoring
»
Queuing
(LLQ)

www.ine.com
Queuing Methods: LLQ

»
• Also called PQ/CBWFQ
»
• Allows you to convert one-or-more of your defined
classes into a Priority Queue.
• Recognized by IOS by the “priority” command within a
Class-Map.
LLQ Design Constraints

»
• So it can be serviced/scheduled before any other traffic
• Prevents jitter
»
»
• This is the MAXIMUM bandwidth of this queue during
congestion.
Working with multiple priority queues

»
LLQ Configuration
LLQ Monitoring
Congestion Avoidance
(Overview)

www.ine.com
Congestion Avoidance - Overview

»
»
• Ingress interface queue, prior to lookup by forwarding
engine
• At the forwarding engine (policing)
• Within the egress queue (drop thresholds)
Congestion Avoidance Presumptions
»
• Typical CA methods within queues are based on the
assumption that most traffic is adaptive to traffic
drops (TCP)
»
Congestion Avoidance at the Queue
»
• WTD (Weighted Tail Drop)
• WRED (Weighted Random Early Discard)
• DBL (Dynamic Buffer Limiting)
»
• WRED (Weighted Random Early Discard)
Congestion Avoidance
(WTD and WRED)

www.ine.com
WRED and WTD Terminology

»
• Minimums
• Maximums
» What descriptors can match against a threshold?
• WTD – Internal DSCP
• WRED – Anything matched in a Class-Map
» Drop Probability
• Not configurable in switches.
Weighted Tail Drop
»

»
WTD Configuration (Catalyst 3560)
»

»
WTD Configuration (Catalyst 3550)
»

»
»
»
»
WRED Operation
»
»
»
WRED Configuration Steps
»
»
»
• Hit the carriage return and accept WRED defaults.
• (Optional) Choose what characteristics WRED will look for when
dropping packets (i.e. DSCP, IP Precedence, CoS, etc)
• (Optional) Configure minimum and maximum thresholds (various
options)
• (Optional) Change the Mark Probability Denominator
WRED Drop Probability

»
• If “denominator” set to 100…one-in-every 100 packets will be dropped
just prior to max-threshold being reached.
• This feature of MPD is NOT configurable in Cisco switches as they
have a static algorithm implemented in ASICs.
WRED Defaults
Show policy-map interface
Final notes on WRED
»
• On a physical interface (which disables all other queuing
mechanisms)
• Within a CBWFQ Policy-Map
• On an ATM VC
»
»
• Random-detect dscp-based (if you want to change)
Congestion Avoidance
(Policing and Shaping)

www.ine.com
Policing and Shaping Compared
»
• Shapers buffer excess traffic
• Policers typically excess drop traffic
»
• Policers can be applied on ingress or egress interfaces...but usually
done on ingress
• Typically ISPs will enforce contracts with Policers.
• Shapers usually done on egress connection TO the ISP.
»
Policing Terminology – Rates and Colors

»
»
»
»
• Two Color Policer
• Three color Policer
More Policing Terminology

»
»
»
»
Policing – Details about Tc (1)

»
»
»
Policing – Details about Tc (2)

»
Policing and Bursts (Bc)

»
• Maximum amount of data allowed to be sent during any
subsecond (Tc) interval.
• Can be configured but on most systems you can skip it
and will be configured dynamically.
• Traffic that exceeds the Bc value is treated by your
second “color”…the “exceed” keyword.
Policing and Bursts (Be)

»
• Sometimes, Tc intervals will go unused, or they will only
transmit a fraction of the maximum (Bc) they COULD
send.
• In a 3-color policer, that unused BW can be used by
another burst value called the Be.
»
Policing…final thoughts

»
• Some switches only provide single-rate policers.
»
• If not specified, PIR = CIR
• If not specified, Be value applies to both
• If PIR IS specified, Be value only applies against PIR.
Policing Configuration
Traffic Shaping Theory

»
»
Traffic Shaping - Configuration
Thank you!

www.ine.com