1 / 207

Implement the DiffServ QoS Model

Implement the DiffServ QoS Model. Introducing Classification and Marking. Classification. Classification. Classification is the process of identifying and categorizing traffic into classes, typically based upon: Incoming interface IP precedence DSCP Source or destination address

marlie
Download Presentation

Implement the DiffServ QoS Model

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Implement the DiffServ QoS Model Introducing Classification and Marking

  2. Classification

  3. Classification • Classification is the process of identifying and categorizing traffic into classes, typically based upon: • Incoming interface • IP precedence • DSCP • Source or destination address • Application • Classification is the most fundamental QoS building block. • Without classification, all packets are treated the same.

  4. Marking

  5. Marking • Marking is the QoS feature component that “colors” a packet (frame) so it can be identified and distinguished from other packets (frames) in QoS treatment. • Commonly used markers: • Link layer: • CoS (ISL, 802.1p) • MPLS EXP bits • Frame Relay • Network layer: • DSCP • IP precedence

  6. Classification and Marking at the Link Layer

  7. Classification and Markingin the LAN with IEEE 802.1Q • IEEE 802.1p user priority field is also called CoS. • IEEE 802.1p supports up to eight CoSs. • IEEE 802.1p focuses on support for QoS over LANs and 802.1Q ports. • IEEE 802.1p is preserved through the LAN, not end to end. √ √

  8. Classification and Marking in the Enterprise

  9. IP Precedence and DSCP Compatibility

  10. IP Precedence and DSCP Compatibility • Compatibility with current IP precedence usage (RFC 1812) • Differentiates probability of timely forwarding:(xyz000) >= (abc000) if xyz > abc(that is, if a packet has DSCP value of 011000, it has a greater probability of timely forwarding than a packet with DSCP value of 001000)

  11. Per Hop Behaviors

  12. Per-Hop Behaviors • DSCP selects PHB throughout the network: • Default PHB (FIFO, tail drop) • EF PHB • AF PHB • Class-selector PHB (IP precedence)

  13. EF PHB • EF PHB: • Ensures a minimum departure rate • Guarantees bandwidth—class guaranteed an amount of bandwidth with prioritized forwarding • Polices bandwidth—class not allowed to exceed the guaranteed amount (excess traffic is dropped) • DSCP value of 101110: Looks like IP precedence 5 to non-DiffServ-compliant devices: • Bits 5 to 7: 101 = 5 (same 3 bits are used for IP precedence) • Bits 3 and 4: 11 = No drop probability • Bit 2: Just 0

  14. AF PHB • AF PHB: • Guarantees bandwidth • Allows access to extra bandwidth, if available • Four standard classes: AF1, AF2, AF3, and AF4 • DSCP value range of aaadd0: • aaa is a binary value of the class • dd is drop probability

  15. AF PHB (Cont.) • Each AF class uses three DSCP values. • Each AF class is independently forwarded with its guaranteed bandwidth. • Congestion avoidance is used within each class to prevent congestion within the class.

  16. AF PHB (Cont.) • Each AF class uses three DSCP values. • Each AF class is independently forwarded with its guaranteed bandwidth. • Congestion avoidance is used within each class to prevent congestion within the class.

  17. DSCP Summary

  18. DSCP Summary

  19. Mapping CoS to Network Layer QoS

  20. Mapping CoS to Network Layer QoS

  21. QoS Service Class Defined

  22. QoS Service Class • A QoS service class is a logical grouping of packets that are to receive a similar level of applied quality. • A QoS service class can be: • A single user (such as, MAC address or IP address) • A department, customer (such as, subnet or interface) • An application (such as, port numbers or URL) • A network destination (such as, tunnel interface or VPN)

  23. Example: Defining QoS Service Class Remaining 15 percent is used for management, signaling, and routing traffic.

  24. Trust Boundaries

  25. Trust Boundaries: Classify Where? • For scalability, classification should be enabled as close to the edge as possible, depending on the capabilities of the device at: • Endpoint or end system • Access layer • Distribution layer

  26. Trust Boundaries: Mark Where? • For scalability, marking should be done as close to the source as possible.

  27. Summary • Packet classification is a QoS mechanism responsible for distinguishing among traffic streams. • Packet marking is a QoS mechanism that “identifies” a packet so it can be distinguished from other packets during the application of QoS. • Packets can be classified and marked at the data link layer using many different mechanisms, including 802.1Q, ISL, and MPLS EXP bits. • The DiffServ model describes services associated with traffic classes. • Complex traffic classification and conditioning is performed at the network edge, resulting in a per-packet DSCP. • A PHB is an externally observable forwarding behavior applied at a DiffServ-compliant node to a DiffServ BA. • The EF PHB guarantees and polices bandwidth while ensuring a minimum departure rate.

  28. Summary (Cont.) • The AF PHB guarantees bandwidth while providing four classes, each having three DSCP values. • The DSCP is backward-compatible with IP precedence and class-selector code point. • The ability to map network layer QoS to link layer CoS allows service providers to offer a complete end-to-end QoS solution that does not depend on any specific link layer technology. • A QoS service class is a logical grouping of packets that are to receive a similar level of applied quality, as defined in an administrative policy. • An administrative policy for QoS requires that a specific set of service classes be defined. QoS mechanisms are uniformly applied to these individual service classes to meet the requirements of the administrative policy. • It is important that a trust boundary be specified, allowing classification and marking as close to the source as possible.

  29. Implement the DiffServ QoS Model Using NBAR for Classification

  30. Network Based Application Recognition

  31. Network-Based Application Recognition • NBAR classifies modern client-server and web-based applications. • NBAR functions: • Performs identification of applications and protocols (Layer 4–7) • Performs protocol discovery • Provides traffic statistics • NBAR enables downstream actions based on QoS policies via (RED), class-based queuing, and policing. • New applications are easily supported by loading a PDLM.

  32. NBAR Application Support

  33. NBAR Application Support • NBAR can classify applications that use: • Statically assigned TCP and UDP port numbers • Non-UDP and non-TCP IP protocols • Dynamically assigned TCP and UDP port numbers negotiated during connection establishment (requires stateful inspection) • Subport and deep packet inspection classification

  34. NBAR Application Support (Cont.)

  35. Packet Description Language Module

  36. Packet Description Language Module • PDLMs allow NBAR to recognize new protocols matching text patterns in data packets without requiring a new Cisco IOS software image or a router reload. • An external PDLM can be loaded at run time to extend the NBAR list of recognized protocols. • PDLMs can also be used to enhance an existing protocol recognition capability. • PDLMs must be produced by Cisco engineers.

  37. Packet DescriptionLanguage Module (Cont.) • Used to enhance the list of protocols recognized by NBAR through a PDLM. • The filename is in the URL format (for example, flash://citrix.pdlm). router(config)# ip nbar pdlm pdlm-name router(config)# ip nbar port-map protocol-name [tcp | udp] port-number • Configures NBAR to search for a protocol or protocol name using a port number other than the well-known port. • Up to 16 additional port numbers can be specified.

  38. Packet DescriptionLanguage Module (Cont.) • Displays the current NBAR protocol-to-port mappings • router#show ip nbar port-map • port-map bgp udp 179 • port-map bgp tcp 179 • port-map cuseeme udp 7648 7649 • port-map cuseeme tcp 7648 7649 • port-map dhcp udp 67 68 • port-map dhcp tcp 67 68 • port-map dns udp 53 • port-map dns tcp 53 router# show ip nbar port-map [protocol-name]

  39. Protocol Discovery

  40. NBAR Protocol Discovery • Analyzes application traffic patterns in real time and discovers which traffic is running on the network • Provides bidirectional, per-interface, and per-protocol statistics • Important monitoring tool supported by Cisco QoS management tools: • Generates real-time application statistics • Provides traffic distribution information at key network locations

  41. Configuring and Monitoring Protocol Discovery

  42. Configuring and MonitoringProtocol Discovery • Configures NBAR to discover traffic for all protocols known to NBAR on a particular interface • Requires that CEF be enabled before protocol discovery • Can be applied with or without a service policy enabled router(config-if)# ip nbar protocol-discovery router# show ip nbar protocol-discovery • Displays the statistics for all interfaces on which protocol discovery is enabled

  43. Configuring and MonitoringProtocol Discovery (Cont.) • router#show ip nbar protocol-discovery • Ethernet0/0 • Input Output • Protocol Packet Count Packet Count • Byte Count Byte Count • 5 minute bit rate (bps) 5 minute bit rate (bps) • ---------- ------------------------ ------------------------ • realaudio 2911 3040 • 1678304 198406 • 19000 1000 • http 19624 13506 • 14050949 2017293 • 0 0 • <...rest of the output omitted...>

  44. Configuring NBAR for Static Protocols

  45. Configuring NBAR for Static Protocols • Required steps: • Enable NBAR Protocol Discovery. • Configure a traffic class. • Configure a traffic policy. • Attach the traffic policy to an interface. • Enable PDLM if needed.

  46. Configuring NBAR for Static Protocols (Cont.) • Configures the match criteria for a class map on the basis of the specified protocol using the MQC configuration mode. • Static protocols are recognized based on the well-known destination port number. • A match not command can be used to specify a QoS policy value that is not used as a match criterion; in this case, all other values of that QoS policy become successful match criteria. router(config-cmap)# match protocol protocol

  47. Example • HTTP is a static protocol using a well-known port number 80. However, other port numbers may also be in use. • The ip nbar port-map command will inform the router that other ports are also used for HTTP.

  48. Configuring Stateful NBAR for Dynamic Protocols

  49. Configuring Stateful NBAR for Dynamic Protocols • Required steps: • Configure a traffic class. • Configure a traffic policy. • Attach the traffic policy to an interface.

  50. Configuring Stateful NBAR for Dynamic Protocols (Cont.) • Recognizes the HTTP GET packets containing the URL, and then matches all packets that are part of the HTTP GET request • Include only the portion of the URL following the address or host name in the match statement router(config-cmap)# match protocol http url url-string router(config-cmap)# match protocol http host hostname-string • Performs a regular expression match on the host field content inside an HTTP GET packet and classifies all packets from that host

More Related