1 / 95

Cisco QoS Notes

Cisco QoS Notes. Legacy CLI Modular QoS (MQC) AutoQoS VoIP AutoQoS Enterprise QoS Policy Manager (QPM) Used for Administration & Monitoring multiple interfaces provisioned for QoS across the Network (not just on individual devices like AutoQoS does). Methods of Implementing QoS.

joy
Download Presentation

Cisco QoS Notes

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Cisco QoS Notes

  2. Legacy CLI Modular QoS (MQC) AutoQoS VoIP AutoQoS Enterprise QoS Policy Manager (QPM) Used for Administration & Monitoring multiple interfaces provisioned for QoS across the Network (not just on individual devices like AutoQoS does). Methods of Implementing QoS

  3. AutoQoS VOIP Creates a QoS policy to prioritize Voice Over IP traffic ONLY, cannot be used to discover and implement QoS for other traffic types. AutoQoS Enterprise Uses Network-Based Application Recognition (NBAR) to discover traffic types on the Network and create a QoS Policy based on best-practices for each flow. AutoQoS

  4. 1. Identify Traffic on the Network Use a Network Analyzer to identify the different protocols and applications used on the network, and their requirements. Steps for implementing QoS

  5. 2. Divide Traffic into Classes Voice: Highest Priority Mission-Critical: Transactional (Database) Best-Effort: Email, Web Browsing, FTP, etc Scavenger: P2P Apps, less than Best-Effort 3. Define QoS Policy How much bandwidth to reserve for a particular class Which traffic to prioritize and give preferential treatment to Define a policy for how to manage congestion Steps for implementing QoS

  6. IP Precedence Deprecated standard for marking packets at Layer 3 for QoS, superseded by DSCP; uses the ToS byte in the IP header. IP ToS Byte 8-Bit Field within the IP Header of a packet, mainly used for marking packets with IP Precedence values. Classification & Marking

  7. What is Classification? The ability for a network device to identify different traffic types and divide them into different classes based on Business Requirements. Classification occurs on a devices inbound (Ingress) interface. Classification Tools Network-based Application Recognition (NBAR) Policy-Based Routing (PBR) Access Control Lists (ACLs) Classification & Marking

  8. Methods of Marking: Class of Service (COS) Frame Relay DE Bit MPLS Experimental (EXP) bits IP Precedence Differentiated Services Code Point (DSCP) In best practices you should limit the number of traffic classes for provisioning QoS to about 4 or 5 classes. If more is needed, usually no more than 11 different classes are necessary. An 11-Class QoS model might be benefit a large enterprise that requires more granularity for classes. Marking

  9. What is CoS? Turning on bits in the 802.1P (user priority) field within the 802.1Q Header (or Cisco ISL Header) of an Ethernet Frame. Supported values are 0-5, 7 and 6 are reserved and typically are not used to classify traffic. CoS 5 should be treated for high priority (i.e: Voice) traffic. Class of Service (COS)

  10. Limitation of COS Devices that receive packets on non-trunking or Ethernet ports will not preserve the L2 headers and the 802.1Q (or ISL) field, by stripping them of their priority markings. Therefore, CoS Markings should be mapped to mechanism which preserves the CoS as it transits other network devices, such as mapping CoS Values at Layer 2 to IP Precedence or DSCP values within header of packets at Layer 3 (IP). Class of Service (COS)

  11. set cos <0,1,2,3,4,5,6,7> Sets the COS bit on traffic class, within a policy-map set ip precedence Sets the IP Precedence for a class of traffic set dscp <0...63> Sets the DSCP for a class of traffic Marking with MQC

  12. DiffServ Field Formerly known as the ToS Byte of an IP Packet DS Code Point (DSCP) The six left-most bits of the DiffServ Field. Packets can be divided into different classes or Behavior Aggregates (BA) and given preferential forwarding based on the bits set. Network devices, such as routers, switches, and IP Phones recognize DSCP markings on received packet(s) and can quickly determine the "Forwarding and Queuing Method" to use based on them. This is known as Per-Hop Behavior. With DSCP, packets can be marked with 64 different values (0-63). Differentiated Services (DiffServ)

  13. Expedited Forwarding (EF) DSCP Value: 46 (101110) Backwards compatibility with IP Precedence 5 (101) Ensures minimal departure of packets Guarantees a maximum limit of bandwidth Marks packets with highest priority and zero drop rate Ideal for Voice traffic (audio, not signaling) Per-Hop Behaviors

  14. Assured Forwarding (AF): Commonly used for Mission Critical traffic Consists of four classes and Three Drop Preference Levels. Guarantees a minimum amount of bandwidth AF Classes: AF1 = Lowest Priority AF2 & AF3 = Medium Priority AF4 = Highest Priority Per-Hop Behaviors

  15. AF DSCP Values Drop Preference bits bolded in Red

  16. What are the Drop Preference Levels for? The Drop Preference is used as a tie-breaker between packets of the same class during congestion. For example, If the router receives two packets of class AF1, it will check which packet has a higher drop preference set and discard that one in favor of the packet with the lower preference. Drop Preference is ignored between packets of different classes. If a packet marked with AF11 (Low Drop) and a packet with AF43 (High Drop) arrive at the router, the first one will be dropped because it is in the lower class, even though the other packet has a higher Drop Preference. The higher class is always favored. Per-Hop Behaviors

  17. For backwards compatibility with IP Precedence devices. Uses the first 3 left-most bits Remaining 3 bits set to 0s For example, we tell the router to mark incoming packets with CS5 (101000), Non-DiffServ compliant devices that receive theses packets only read the first 3 bits of “101”, which it interprets as IP Precedence 5. The last 3 bits are completely ignored. Class-Selector (CS)

  18. NBAR protocol discovery Discovers protocols running on the network by means of deep packet inspection (DPI) rather than determining based on port numbers. NBAR Port Map With NBAR, the router can be configured to recognize applications based on different port numbers instead of their common default ones with the ip nbar port-map command. NBAR by itself is used to classify traffic. Network-Based Application Recognition (NBAR)

  19. PDLMs Packet Description Language Modules expand the packet identification capabilities of the NBAR discovery. PDLMs are files that can be stored directly in the routers Flash Memory cards while the device is turned on; no reboot necessary for newly added protocols to be recognized. NBAR is not supported on Fast EtherChannel, tunnel or crypto interfaces Network-Based Application Recognition (NBAR)

  20. Configuration ip nbar pdlm <file-name> Imports a pdlm file into the NBAR process ip nbar port-map <protocol> <port> Configures router to recognize traffic from a certain protocol based on the port number you specify. ip nbar protocol-discovery Inspects packets and discovers the traffic types that go in or out of the interface Network-Based Application Recognition (NBAR)

  21. Verifying Configuration show ip nbar protocol-discovery Display statistics of discovered applications show ip nbar port-map Display the current protocol/port mappings match protocol <protocol> <element within> Network-Based Application Recognition (NBAR)

  22. QoS & VPN Tunnels: By default, Cisco IOS devices that use Tunnel interfaces copy the ToS byte from the IP header of Packets and attach them to the ToS byte of the Tunnel Headers before put on the VPN. QoS Preclassify: Used when you want to classify traffic not based on the ToS Byte / DSCP markings as they traverse a tunnel. A Device uses a QoS policy on the original IP Header of the packet rather than the Tunnel Header. qos pre-classify You can confirm Pre-classification is enabled on an interface by running show interface <int> and seeing (QoS Pre-classification) on the Queuing Strategy line. QoS Pre-Classification

  23. How to classify traffic on a Switch? NBAR classification is not available for Cisco Switches Access Control Lists (ACLs) are the only supported method for classifying traffic Catalyst Switches use IP & Layer 2 ACLs to Classify traffic Cisco Catalyst Switch commands: mac access-list extended Creates a Layer 2 ACL. Deny actions are ignored in ACLs when used for QoS Classification. mls qos trust changes port state to trusted on the selected switch port. mls qos trust cos <cos> Trust the cos marking received, but not dscp. Maps CoS-to-DSCP values before switching to output interface. mls qos trust dscp <dscp> Trust the dscp marking received, but not the cos. Maps DSCP-to-CoS values before switching to output interface. QoS on the LAN

  24. mls qos cos <value> sets default CoS value for packets received on the port. mls qos map cos-dscp <values> mls qos map dscp-cos <values> to cos Defines a custom mapping for COS-to-DSCP (and vice versa) QoS on the LAN

  25. Trust CoS markings only from a Cisco IP Phone: mls qos trust cos mls qos trust device cisco-phone switchport priority extend cos 0 NOTE: the last command enables the IP Phone to change CoS markings received on packets from an attached device (i.e: a laptop) switchport priority extend trust Allows an IP phone to trust CoS markings received from the PC. QoS on the LAN

  26. QoS on the LAN mls qos trust trust the CoS marking received on the interface show mls qos interface Display QOS configurations for a switch port show mls qos maps Display CoS and DSCP mappings configured on the switch.

  27. Mechanisms for managing queues and giving preferential forwarding to delay-sensitive traffic. If the Hardware Queue (TxQ) is congested, the Software Queue (Queuing Mechanisms) will take over and schedule packets as they arrive at the interface. The TxQ queue ALWAYS uses FIFO and cannot be configured to use anything else. If the TxQ queue is not congested, then any packets that arrive at the interface will bypass the software queuing process and be sent directly to the hardware queue to be sent out the physical interface. Software interfaces (i.e: Subinterfaces) only congest when the Hardware Queue for the Interface has reached capacity Queuing Mechanisms: Priority Queuing (PQ) - Obsolete Custom Queuing (CQ) - Obsolete Weighted Fair Queuing (WFQ) Class-Based Weighted Fair Queuing (CBWFQ) Low-Latency Queuing (LLQ) Congestion Management

  28. Weighted Fair Queuing (WFQ) Normally does not require any configuration Priority given to low-bandwidth traffic Allocates additional bandwidth to high precedence flows Not ideal for Voice traffic Queuing

  29. WFQ Explained How does it work? WFQ dynamically creates queues for each flow. A Flow is determined based on matching: Source & Destination IP, Ports or ToS values. A queue is established as long as there are packets being sent. When the queue for that flow is empty and no more packets need to be sent, the queue is removed from the routers memory. Even though a connection might still be established with the other end, if no packets are being sent, there are no queues for it.

  30. Hold-Queue Out limit (HQO) Max number of packets the WFQ system can hold per interface. Congestive Discard Threshold (CDT) Maximum length a single queue can be before packets are dropped from it. Finish Time Used by the WFQ Algorithm, pckets with larger Finish Times are more likely to be discarded during congestion. WFQ is turned on by default for Serial Interfaces under 2.048mbps. It cannot be manually configured by the Administrator. Weighted Fair Queuing (WFQ)

  31. fair-queue <cdt> Sets the Congestive Discard Threshold on an interface. fair-queue <dynamic-queues> Sets total queues that can be created by the WFQ system. fair-queue <reservable-queues> Sets limit of queues used for RSVP hold-queue max-limit out Sets the HQO for an interface Weighted Fair Queuing (WFQ)

  32. Good for everything BUT Voice & Video Guarantees a chunk of bandwidth per class Not supported on Subinterfaces queue-limit <limit> Adjusts the queue size for a class, by setting the maximum # of packets that the queue can hold before congestion occurs and packets start to drop. The default queue size is set to 64 Class-Based WFQ

  33. bandwidth bandwidth percent bandwidth remaining percent These commands are used for bandwidth reservations for a traffic class. NOTE: Once bandwidth is reserved to a class using kbps, the ‘bandwidth percent’ command cannot be applied to other classes within that same policy-map. This would confuse the router and make improper calculations when reserving bandwidth. Class-Based WFQ

  34. max-reserved-bandwidth Changes the default max bandwidth that can be reserved for user-defined classes (not the default). The default value is 75% of the links bandwidth (or what’s defined in the CIR agreement) can be reserved to different classes. Whatever is left on the link is reserved for keepalives and the default class (non-classified traffic). Class-Based WFQ

  35. AKA: CBWFQ + PQ Uses a Priority Queue Recommended for Voice Policed bandwidth for priority traffic WFQ or FIFO used for regular traffic PQ is serviced entirely before other queues Low-Latency Queuing (LLQ)

  36. What is the meaning of “Policed”: Traffic in the PQ cannot consume more bandwidth than what is assigned to it. If the limit is exceeded those packets are tail-dropped. Policing prevents starvation of other classes. Low-Latency Queuing (LLQ)

  37. priority <bandwidth in kbps> Guarantees “priority” bandwidth to a class The random-detect and queue-limit commands are not supported for priority classes. Low-Latency Queuing (LLQ)

  38. Contain up to four queues Some have configurable drop thresholds Packet drops occur in Standard queues Packets NEVER dropped in Priority Queues Queuing on a Switch

  39. Queue 4 is a high priority queue used for Mission Critical or Voice traffic. Can be set as a 'Strict-Priority' queue Expedite queues are recommended for reducing delay with Voice Cisco Catalyst 2950

  40. Default queuing Algorithm used by Cisco Catalyst switches. Services queues fairly by assigning 'Weights'. Example: Queue 2 has a Weight of 7 and Queue 1 has a Weight of 10. This means 7 packets are sent from Queue 2 for every 10 packets sent from Queue 1. Prevents starvation of other applications such as if a large download is in progress. Weighted Round Robin (WRR)

  41. Is WRR Good for Voice?: Voice is still degraded when WRR is used. WRR with a strict-priority queue will resolve the delay problem with Voice. Queue 4 on the switch uses PQ while the remaining queues use WRR Scheduling Weighted Round Robin (WRR)

  42. wrr-queue bandwidth <weight1>...<weight4> Transmit X amount of packets from each of the four queues. If weight4 is set to zero (0), queue 4 will be treated as an Strict Priority' queue. Packets in the other queues will not be serviced until queue 4 is emptied. Weighted Round Robin (WRR)

  43. wrr-queue cos-map <Queue ID> <cos1,cos2...> Tells the switch what Queue to place packets with specific CoS markings in show wrr-queue bandwidth Displays bandwidth allocations for the four different queues show wrr-queue cos-map Displays the cos-value to queue ID mappings. Weighted Round Robin (WRR)

  44. TCP Slow Start An algorithm used in the TCP/IP Protocol Stack where a sender transmits segments of data and gradually increases its Window Size (cWND) for each Acknowledgment (ACK) received. When an ACK is not received by the other device, this indicates a segment of data was lost in transmission. The sender decreases its cWND size and the process starts over again until the sender determines the maximum amount of data it can send at a time without overwhelming the other end. Congestion Avoidance - Terms

  45. TCP Global Synchronization Tail Drop is an inefficient drop policy to use on large networks. Tail Drops cause TCP flows to go into a constant start-up/back-off cycle because of each flow throttling their transmission rate at the same time. This causes many gaps of under utilization in the network. Congestion Avoidance - Terms

  46. RED is a congestion avoidance mechanism that starts discarding TCP packets before a queue begins to fill and not after it is full. The random dropping of packets from different TCP flows prevents phenomenon's like global synchronization from occurring. TCP Starvation However, because RED actively drops flows that are only TCP-based, a large UDP packet can quickly fill the queue and prevent the router from buffering possibly more critical traffic. Random Early Detection (RED)

  47. The Three RED Modes 1. No Drop: Average queue size less than the min drop threshold. 2. Random Drop: Avg queue size is between min drop and max thresholds. 3. Full Drop: Avg queue size > max threshold. Incoming packets are tail-dropped from queue until congestion minimizes back to Random Drop, when max threshold is reached. Random Early Detection (RED)

  48. RED does NOT differentiate flows or take packet markings into consideration and will drop voice and mission-critical traffic the same as it would for Best-Effort traffic. RED is not supported on Cisco routers. WRED is the preferred congestion avoidance alternative for devices running Cisco IOS. Random Early Detection (RED)

  49. Differentiates flows by means of CBWFQ Drops less important packets based on marking. Supports both DSCP and IP Precedence Enable DSCP with: random-detect dscp-based Weighted RED (WRED)

  50. Only throttles congestion caused by TCP-based flows, as TCP has built in mechanisms to resend packets lost by tail-drops. UDP packets are not affected by WRED and can still cause congestion if too much UDP flows are established. Voice traffic is UDP-based. Weighted RED (WRED)

More Related