QoS cisco slides

8/10/2019 QoS cisco slides

1/126

Quality of Service (QoS)

CIS 187 Multilayer Switched Networks

CCNP

Rick Graziani

Spring 2009


2/126

2

Overview

Previously an organization would use separate networksfor: Voice

Video

data traffic

Now common practice to combinethese into a single multi-service network

in which the varied traffic types coexist.


3/126

3

Overview

QoS Issues over non-QoS networks: Stop-startand choppyInternet streaming video performance

Harsh audiowhen using Internet based IP phone


4/126

4

Quality of Service

defined

QoSrefers to the abil i ty o f a network to provide imp roved serv iceto selected network traff ic over var ious und er lying techn olog iesinclud ing Frame Relay, ATM, Ethernet and IP-routed netwo rks .

QoS features provide improved and more predictable network serviceby offering the following services:

Dedicated bandwidth Improved loss characteristics

Congestion management and Avoidance

Traffic Shaping

Prioritization of traffic


5/126

5

Quality of Service defined

The goal is to move information from one point to anotherand the characteristics that define the quality of this

movement are: Delay

Delay Variation (also known as Jitter)

Loss


6/126

6

Loss

Lossrefers to the percentage of packets that fail toreach their dest inat ion .

Loss can result from: Errors in the network

Corrupted frames

Congested networks

s


7/1267

Loss

Packet loss in a healthy networkare actually deliberately dropped

by networking devices to avoid congestion. (later) TCP: TCPs retransmission mechanism

UDP: Some loss may be acceptable

As a guide, a highly available network should suffer less than 1% lossand for voice traffic the loss should approach 0%.

TCP Header

UDP Header


8/1268

Delay or latency

Delayor latencyrefers to the t ime it takes for a packet to travelfrom the sourc e to the dest inat ion.

Fixed delays Serialization and encoding/decoding.

For example, a bit takes a fixed 100ns to exit a 10Mb Ethernet

interface. Variable delays

Congestion and time packets spend in network bufferswaitingfor access to the media.

As a design rule the total time it takes a voice packet to cross the

network should be less than 150ms (ms, millisecond = 1,000thof asecond).


9/1269

Delay variation or jitter

Delay variationorjitteris the dif ference in the delay t im es ofcon secut iv e packets.

Ajitter bufferused to smooth out arrival times. Increases total network delay.

In general, traffic requiring low latency also requires a minimumvariation in latency.


10/12610

Delay variation or jitter

As a design rule, voice networks cannot cope with more than 30ms ofjitter.

Jitter in excess of 30ms will result in degraded audio performance.

Excessive jitterin a streaming video environment will result in: Jerky motion

Loss of video quality

Loss of video


11/12611

Network availability

Highly availablenetwork uses: Redundancy

Dynamic routing protocols

Hot Standby Routing Protocol (HSRP)

Spanning Tree Protocol (STP)


12/12612

Provisioning

Bandwidthis not listed as an element of QoS. Inadequate bandwidthinflates latency It is not possible to meet QoS requirements if network LAN and WAN links

have insufficient bandwidth simply adding bandwidth, (also known as over-provisioning) will not solve the problem.

Over-provisioned network: Good News:Less likely to be congested

Bad News:If it does become congested, the network may not performas wellas a lower bandwidth networkthat makes use of QoS features.
http://www.keenerliving.com/wp-content/uploads/2007/04/outlook.png


13/12613

Quality of Service

requirements for data

Some traffic can usually tolerate lower QoS levels.

Relativepriority modeldivides traffic into four classes: Gold(Mission-Critical)Transactional, software Silver(Guaranteed-Bandwidth)Streaming video, messaging,

intranet

Bronze(Best-Effort and Default class)Internet browsing, E-Mail

Less-than-Best-Effort(Optional; higher-drop preferences)FTP,backups, and applications (MySpace, YouTube, KaZaa)
http://www.keenerliving.com/wp-content/uploads/2007/04/outlook.png


14/12614

Quality of Service

requirements for voice

Voice qualityis directly affected by allthree QoS quality factors:

Loss

Delay

delay variation


15/12615

Quality of Service requirements for video

Streaming videoapplications have more lenientQoSrequirements due to application buffering.


16/12616

Quality of Service requirements for video

QoS needs of videoconferencingtraffic are similar to those forvoice.

Lossshould be no more than 1%

One-way latencyshould be no more than 150-200ms

Average jittershould be no more than 30ms


17/126

Quality of Service mechanisms


18/12618

Quality of Service mechanisms

Once the QoS requirements of the network have been defined, anappropriate service model must be selected. A service modelis a general approach or a design philosophy for

handling the competing streams of traffic within a network.

There are three service models from which to chose;

Best-effort Integrated

Differentiated


19/12619

Best-Effort service

Best effortis a single service model in which an appl icat ion send s data: Whenever i t must

In any quant i ty Without request ing p ermis sion o r f i rs t inform ing the netwo rk

For best-effort service, the network delivers data if it can, without anyassurance of:

Reliability

delay

throughput

(relative time of arrival)

(single interface outbound queue)

(one packet at a time)


20/12620

Best-Effort service

Cisco IOS QoSimplements best-effort service isFIFOqueuing.

FIFOis the defaul t method of q ueuing for LAN and high sp eedWAN interfaces on sw itches and routers. Best-effort service is suitable:

General file transfers

E-mail

Web browsing





21/12621

Integrated services model

Integrated serviceor IntServ

The application requests a

specific kind of service from

the network before it sends

data.

The Cisco IOS IntServ modelmakes use of the IETF ResourceReservation Protocol (RSVP)

Used by applications to signal

their QoS requirements to the

router. Drawbacks Not scalable

Require continuous signalling

from network devices


22/12622

Integrated services model

Routers, in conjunction with RSVP are able to use intelligent queuingmechanisms to provide two types of services.

Guaranteed Rate Service, which allows applications to reserve bandwidth tomeet their requirements.

For example, a Voice over IP (VoIP) application can reserve 32 Mbps end-to-end using this kind of service.

Cisco IOS QoS uses weighted fair queuing (WFQ) with RSVPto provide

this kind of service Controlled Load Service, which allows applications to have low delay andhigh throughput even during times of congestion.

For example, adaptive real-time applications such as playback of arecorded conference can use this kind of service.

Cisco IOS QoS uses RSVP with Weighted Random Early Detection(WRED)to provide this kind of service.

FYI


23/12623

Differentiated services model

Differentiated Serviceor DiffServarchitecture Emerging standard from the IETF.

Each packet is classi f ied upon entry into the netwo rk.

These are represented using the Type of Service (ToS)field. IPpacket header:

IP precedenceor

Differential Services Code Point (DSCP).


24/12624

Differentiated services model

Once packets are classified at the edge by Access layer switches

Border routers

Unlike the IntServ model,DiffServ does not requ irenetwork app l icat ions be QoS aware.


25/126

25

Traffic marking

Data Link Layer:

Ethernet frame has no fieldsto signify its QoSrequirements.

ISL or 802.1Q/P provides a 3 bit Class of Service

(CoS) field.

Gives Layer 2 switches the ability to prioritize traffic.


26/126

26

Traffic marking

At the Network layeran IP packet contains: ToS:

IP-Precedencefield Differentiated Services Code Point (DSCP) fields.

Either of these can be used to signify the QoSrequirements of an IP packet.


27/126

27

Traffic marking

The decision of whether to mark traffic at layers 2 or 3 or bothis not

trivial and should be made after consideration of the following points: Layer 2marking of frames can be performed for non IP traffic.

Layer 2marking of frames is the only QoS option available forswitches that are not IP aware

Layer 3marking will carry the QoS information end-to-end

Older IP equipmentmay not understand DSCP

Layer 2

Layer 3


28/126

28

CoS

The 3 bit CoSfield present allows eight levelsof priority. 0 lowest priority to 7 highest priority Switchesset a layer 2 CoS valuefor traffic based on

their ingressport

Router translatethe CoS value intoan equivalent IPPrecedence or DSCP value


29/126

29

ToS

ToS IPDSCPvalue is the first 6 bits

IP Precedencevalue is the first 3 bits

The IP Precedence value is actually part of the IP DSCP value. Therefore, both values cannot be set simultaneously.

DSCP supersedes IP Precedence. A maximum of:

8different IP precedencemarkings

64different IP DSCPmarkings


30/126

Modular QoS command lineinterface (CLI)


31/126

31

Modular QoS command line interface (CLI)

The Modular QoS Command Line Interfaceor MQCis central toCiscos model for implementing IOS based QoS solutions.

The MQC breaks down the tasks associated with QoS into modulesthat:

Identify traffic flows

Classify traffic flows as belonging to a common class of QoS.

Apply QoS policies to that class

Define the interfaces on which the policy should be enforced

The modular nature of MQC allows the reuse of common trafficclasses and policies. This simplifies the configuration, makes it moreefficient to implement changes and reduces the chances of errors.


32/126

32

Example Modular QoS CLI

Interface

service-policy

outputpolicy1

Interface

service-policy

outputpolicy1

Interface

service-policy

outputpolicy2

policy-mappolicy1

class class1bandwidth

queue-limit

random-detect

class class2

bandwidth

queue-limit

random-detect

policy-mappolicy2

class class1bandwidth

queue-limit

random-detect

class class3

bandwidth

queue-limit

random-detect

class-map class1

match input-interface

class-map class2

match access-group

access-list

class-map class3

match input-interface


33/126

33

Classification of trafficThe class-map

The class-map command is used to define a traffic class. The purpose of a traffic class is to classi fy o r ident i fy traff ic that

should be given a part icular QoS.

Traff ic that matches a certain crit er ia.

A traffic class contains three major elements: Name

Series of match commands

Ifmore than onematch command exists in the traffic class an

instruction on how to evaluate these match commands.

Switch(config)# class-map cisco

Switch(config-cmap)#


34/126

34


Match commands are used to specify various criteria for classifyingpackets.

If a packet matchesthe specified criteria: Packet is considered a member of the class

Packet is forwarded according to the QoSspecifications set inthe traffic policy

Packets that fail to meet any of the matching criteria: Classified as members of the default traffic class

Subject to a separate traffic policy

Switch(config)# class-map cisco

Switch(config-cmap)# match access-group name test

In the example below, any traffic that is permitted by the named ACL test will

be considered part of the traffic class known as cisco.


35/126


36/126

36


If match-any is specified as the evaluation instruction, the traffic beingevaluated by the traffic class must match on e of the speci f ied

criter ia.

If match-allis specified as the evaluation instruction, the traffic beingevaluated by the traffic class must m atch all of the specif ied cr i ter ia.

Switch(config)# class-mapmatch-anycisco


Switch(config-cmap)# match interface fastethernet 0/1

If traffic matchesa permit statement in the ACL test orthe traffic

originates from FastEthernet 0/1then it will be considered to be part of

the class of traffic known as cisco.

Defining the QoS policy The


37/126

37

Defining the QoS policyThe

policy-map

The policy-map command is used to create a traffic policy. The purpose of a traffic policy is to conf igu re the QoS features

that should be associated with the traffic that has been classified ina user-specified traffic class.

A traffic policy contains three elements: Policy Name

Traffic class(specified with the class command)

QoS policiesto be applied to each class

Switch(config)# policy map policy1


38/126

38

The policy-mapshown creates a traffic policy namedpolicy1.

The policy applies to alltraffic classified or identifiedby the previously defined traffic-class cisco

Specifies that traffic in this example should be

allocated bandwidth of 3000 kbps. Any traffic which does notbelong to the class cisco

forms part of the catch-all class-defaultclass

Will be given a default bandwidth of 2000 kbps.

Switch(config)# policy-mappolicy1

Switch(config-pmap)# class cisco

Switch(config-pmap-c)# bandwidth 3000

Switch(config-pmap)# class class-defaultSwitch(config-pmap-c)# bandwidth 2000

Applying the policy to an interface The


39/126

39


service-policy

The service policy command is used to attach the trafficpolicy, as specified with the policy-mapcommand, to aninterface.

Can be applied to packets enteringor leavingthe

interface.

Switch(config)# interface fastethernet 0/1

Switch(config-if)# service-policy outputpolicy1



40/126

40


service-policy

All packets leaving the specified interfaceare evaluated accordingto the criteria specified in the traffic policy named policy1.

Switch(config)#interface fastethernet 0/1

Switch(config-if)#service-policy outputpolicy1

Switch(config-if)#exit



41/126

41


service-policy

Any traffic which does not belong to the class cisco forms part of the catch-allclass-defaultclass will be given a default bandwidth of 2000 kbps.

Switch(config)#interface fastethernet 0/1

Switch(config-if)#service-policy outputpolicy1

Switch(config)#policy-mappolicy1

Switch(config-pmap)#class cisco

Switch(config-pmap-c)#bandwidth 3000

Switch(config-pmap)#class class-default

Switch(config-pmap-c)#bandwidth 2000

Switch(config)# class-map match-any cisco


Switch(config-cmap)# match interface fastethernet 0/1

Attach the traffic

policyto an interface

Identify the QoS

featuresof a Policy

using classes

Identify the traffic or traffic flows

Classify traffic

flows as

belonging to a

common class

of QoS.


42/126

IP Precedence and DSCP

IP P d


43/126

43

IP Precedence

3 bits = 8 possibilities. Network control and Internetwork controlclasses are

usually reserved for router-generated packets such as

routing updates, ICMP messages, etc.

To protect packets that are necessary for the health of

the network.

Only 6 usable classes for production.

DSCP


44/126

44

DSCP

The Differentiated Service Code Pointis aselecto r forrou ter 's per-hop behaviors .

DSCP (like IP Precedence) can be used to providedifferential treatment to packets.

Up to 64 different aggregates/classes can be supported Default DSCP = 000 000

P H B h i


45/126

45

Per Hop Behavior

Behavior Aggregate (BA) -A collection of packets that have the sameDSCP value (also called a codepoint) and crossing in a particulardirection.

Per Hop Behavior (PHB)- The packet scheduling, queuing, policing,or shaping behavior of a node on any given packet belonging to a BA,and as configured by a Service Level Agreement (SLA) or policy.

To date, four standard PHBs are available to construct a DiffServ-enabled network and achieve coarse-grained, end-to-end CoS andQoS.

IP Packet

IP Packet

IP Packet

IP Packet

Same

DSCP

Value

Cl S l t PHB (D fi d i RFC 2474)


46/126

46

Class-Selector PHBs (Defined in RFC-2474)

To preserve backward compatibility with the IP-precedence scheme: DSCP values of the form `xxx000,'

These codepoints are called class-selector codepoints.

These PHBs retain almost the same forwarding behavior as nodesthat implement IP-precedence based classification and forwarding.

These PHBs ensure that DS-compliant nodes can co-exist with IP-precedence aware node.

DSCP IP Precedence

111000 (56) Range = 56 thru 63 111(7)Network Control110 000 (48) Range = 48 thru 55 110(6)Internetwork Control

101000 (40) Range = 40 thru 47 101(5)Critical

100000 (32) Range = 32 thru 39 100(4)Flash Override

011 000 (24) Range = 24 thru 31 011(3)Flash

010000 (16) Range = 16 thru 23 010(2) - Immediate

001000 (8) Range = 8 thru 15 001 (1) - Priority

000 000 (0) Range = 0 thru 7 000 (0) - Routine

E dit d F di d A d F di


47/126

47

Expedited Forwarding and Assured Forwarding

Expedited Forwarding (EF)PHB defines a premium service for video and VoIP. Recommended DSCP is 101110

Assured Forwarding (AF)PHB defines a method by which BAs can be givendifferent forwarding assurances. The AFxy PHB defines four AFxclasses: AF1, AF2, AF3, and AF4.

Each class is assigned a certain amount of buffer space and interfacebandwidth, dependent on the SLA with the Service Provider/policy.

Within each AFx class (AFxy)it is possible to specify 3 drop precedencevalues.

Packets in AF13

will get dropped

before packets in

AF12, before

packets in AF11.


48/126

Classification at the Access Layer

Classification at


49/126

49

the Access Layer

QoS should be implemented end-to-endwithin a network. Best to classify traffic as soon as possible. Frames and packets can be marked as important by using:

Layer 2 Class of Service (CoS)

Layer 3 the IP Precedence/Differentiated Services Code Point

(DSCP)

Layer 2

Layer 3

Trusting the CoS


50/126

50

Trusting the CoS

If Edge device(IP phone or application) is capable of setting theCoS bitsthen other devices must decide whether to trust the deviceor not.

The default action of switches: Notto trust edge devices

Any frames that enter the switch have their CoS re-writtento the

lowest priority of 0. Ifthe edge device can be trusted:

Default behaviourmust be overridden

Access switch must be configured to simply switch the frameleaving the CoS bits untouched.

Configuring CoS trust using the IOS


51/126

51


Depending on the switch model it may be necessary to first activate

QoSusing the command:

switch(config)#mls qos

Requiredon both the Catalyst 3550and 6500.

The Catalyst 2950has QoS enabled by default.



52/126

52


The trust is configuredon the switch port using the command:

switch(config-if)#mls qos trust cos

Any ISL or 802.1Q/P frames that enter the switch portwill now have its CoS passed, untouched, through

the switch.

If an untagged frame arrives at the switch port,the switch will assign adefault CoSto the frame

before forwarding it.

Default CoS = 0

Can be changed using the interface configuration

command:

switch(config-if)#mls qos cos default-cos

default-cos is a number between 0 and 7

Assigning CoS on


53/126

53

g g

a per-port basis

switch(config-if)#mls qos trust cosswitch(config-if)#mls qos cos default-cos

If the incoming frame has a CoS, maintain the same CoS. If the incoming frame has no CoS (0), apply the default CoS.

Re-writing the


54/126

54

g

CoS

May be desirablenot to trust any CoS value that maybe present in frames sourced from an edge device.

Override parameter- ignores any existing CoS value Apply the default value.

Switch(config-if)#mls qos cos override

switch(config-if)#mls qos cos default-cos

Using a MAC ACL to assign a DSCP value


55/126

55


It is not always possible to classify the CoS of a frame, based on

an ingress (incoming) port.

Ingress port is connected to multiple hosts through a hub

Simple workgroup switch that does not support QoS classification



56/126

56


Switch(config)#mac access-list extended name

Configuring DSCP using a MAC ACL


57/126

57


Example

Set the DSCP field of packets coming from a single IP-Phone (called receptionphone) within a switched network.

IP-Phone MAC address is 000.0a00.0111

Switch(config)#mac access-list extended receptionphone

Switch(config-ext-macl)#permit host 000.0a00.0111 any

Create the condition criteria.



58/126

58


A class-map is used to link the identified traffic to a particular class ofservice.

In this case a class of servicecalled ipphone is created.

Switch(config)#class-map match-all ipphone

Switch(config-cmap)#match access-group name receptionphone







59/126

59


The creation of the class-map can be verified with the show class-mapcommand

Switch#show class-map

Class Map match-any class-default (id 0)

Match any

Class Map match-all ipphone(id 2)

Match access-group name receptionphone



60/126

60


Now a policy map is used to define the action that shouldbe taken on any traffic that forms part of that class.

In this case the policy will be called inbound-accesslayerand the action is to set DSCP for the packets to 40.

Switch(config)#policy-map inbound-accesslayer

Switch(config-pmap)#class ipphone

Switch(config-pmap-c)#set ip dscp 40

Identify the QoS features of a Policy



61/126

61


CoS 0 1 2 3 4 5 6 7

DSCP 0 8 16 24 32 40 48 56

IP

Prec

0 1 2 3 4 5 6 7

Cisco Switches support mapping

DSCP or IP Precedence



62/126

62


The show policy-mapcommand can be used to verify any policy-mapconfiguration.

Switch#show policy-map

Policy Map inbound-accesslayer

class ipphone

set ip dscp 40



63/126

63


In this case the policy will be applied to all theinterfaces so that QoS will be maintained regardless of

the interface the IP-Phone is connected to.

Switch(config)#interface range fastethernet 0/1 - 24

Switch(config-if-range)#service-policy inputinbound-

accesslayer

Attach the traffic policy to an interface.



64/126

64


The showmls qos interface command can be used to determine thepolicies that are bound to a particular interface on the switch.

Switch#show mls qos interface fastethernet 0/1

FastEthernet0/1Attached policy-map for Ingress: inbound-accesslayer

trust state: not trusted

trust mode: not trusted

COS override: dis

default COS: 0

pass-through: none

trust device: none



65/126

65



Switch(config-if-range)#service-policy input inbound-

accesslayer


Switch(config-pmap)#class ipphone


Switch(config)#class-map match-all ipphone

Switch(config-cmap)#match access-group name receptionphone








66/126

Another Example (FYI)

Using an IP ACL to define the DSCP ord


67/126

67

precedence

Using the Modular QoS Command Line Interface (MQC) it is possibleto classify traffic based on its IP or TCP properties.

Scenario: In order to prevent large FTP downloads from disruptingmore critical services, the network administrator wishes to tag all FTP

packets entering an access-layer switch with either:

An IP Precedence of 0 (low) or

A DSCP of 0 (low) so that the traffic can be subjected to QoSpolicies within the network.

In this case an IP ACL will be used to identify the packets.

Switch(config)#ip access-list extended 100

Switch(config-ext-nacl)#permit tcp any any eq ftp




68/126

68

precedence

Traffic is classified as reducedservice if it is permitted by the

access list.

Switch(config)#class-map reducedservice

Switch(config-cmap)#match access-group 100




69/126

69

precedence

Policy-map is used to set the DSCP to 0for this class of traffic.


Switch(config-pmap)#class reducedservice





70/126

70

precedence

Alternatively the IP precedencecan be set using the following policy-map. Note:

Both the Catalyst 2950 and the Catalyst 3550 support the setting ofthe DSCP.

The 3550 does support the setting of IP precedence. The 2950 does notsupport the setting of IP precedence.

This is not a serious problem as the IP Precedence field forms thefirst 3 bits of the DSCP. Thus by choosing and setting theappropriate DSCP value, the IP Precedence can still be set.


Switch(config-pmap)#class reducedservice

Switch(config-pmap-c)#set ip precedence 0




71/126

71

precedence

Having now defined the action to be taken on FTP packets, the onlyremaining step is to tell the switch which interfaces to apply the policy

to.

In this case the policy will be applied to all the interfaces so that QoSwill be maintained regardless of the interface an FTP source may be

connected to.



accesslayer




72/126

72

precedence

Switch(config)#ip access-list extended 100

Switch(config-ext-nacl)#permit tcp any any eq ftp

Switch(config)#class-map reducedservice

Switch(config-cmap)#match access-group 100


Switch(config-pmap)#class reducedserviceSwitch(config-pmap-c)#set ip dscp 0



accesslayer






73/126

Scheduling

Suggested Readings


74/126

74

gg g

Queuing overview


75/126

75

Q g

A protocol-dependent switching process handles trafficarriving at a router interface.

This process includes delivery of traffic to an outgoinginterface buffer.

First-in, first-out (FIFO)queuing is the classic algorithmfor packet transmission.

Queuingi

*


76/126

76

overview

Cisco IOS software offers three alternative queuing options: Weighted fair queuing (WFQ)

Class-based weighted fair queuing (CBWFQ)- IOS 12.2 and later

Low latency queuing (LLQ)- IOS 12.2 and later

Queuing methods discussed in previously in CCNP, and have beenreplaced somewhat by CBWFQ and LLQ

Custom Queuing replaced by CBWFQ

Priority Queuing replaced by LLQ

Effective use of traffic prioritization*


77/126

77

p

Generalizations on Queuing:

If there is no congestion on the WAN link, traffic prioritization isnot necessary.

If a WAN link is constantly congested, traffic prioritization may not

resolve the problem.

Adding bandwidth might be the appropriate solution.

Establishing a queuing policy*


78/126

78

g q g p y

Goalis to deploy and maintain a single enterprise network thatsupports a variety of: Applications

Organizations

Technologies

User expectations Result: Provide all users with an appropriate level of service, while

continuing to support mission-critical applications.

Choosing a Cisco IOS queuing options*


79/126

79

g q g p

Typically, voice and video have the lowesttolerance for delay.

WFQ

Priority

LLQ (PQ/CBFQ)

Custom

CBWFQ

*


80/126

Configuring Weighted FairQueuing

FIFOFirst InFirst Out*


81/126

81

FIFOqueuing is in effect, traffic is transmitted in the order receivedwithout regard for bandwidth consumption or the associated delays.

Packet trainsare groups of packets that tend to move togetherthrough the network. These packet trains can consume all available bandwidth, and

other traffic flows back up behind them.




FQFair Queuing*


82/126

82

g

Fair Queuingis notan optionon Cisco routers. Allows packets that are ready to be transmitted to leave, even if

they started to arrive after another packet. Complete packets that are ready to be transmitted leave first. Remember, packets may enter the output buffer from a variety of input

interfaces.



Weighted fair queuing overview*


83/126

83

Weighted fair queuing (WFQ) is an automated methodthat provides fairbandwidth allocation to all network traffic.

Provides traffic priority management that dynamically sorts traffic intoconversations, or flows.

Then breaks up a stream of packetswithin each conversation to ensure thatbandwidth is shared fairly between individual conversations.

There are four typesof weighted fair queuing: Flow-basedDefault (WFQ)

Distributed - Runs on Versatile Interface Processor (not discussed)

Class-basedNext section

Distributed class-based(Not discussed)

Packet 3 is queued before packets 1 or2 because packet 3 is a small packet in

a low-volume conversation

Small packet in low-volume conversation arrives 3rd



84/126

84

Flow Based WFQschedules delay-sensitive traffic to the front of a queueto reduce response time, and also shares the remaining bandwidth fairlyamong high-bandwidth flows.

By breaking up packet trains, WFQ assures that: Low-volume trafficis transferred in a timely fashion.

Gives low-volume traffic, such as Telnet sessions, priority over high-volume traffic, such as File Transfer Protocol (FTP) sessions.

Gives concurrent file transfers balanced useof link capacity.

Automaticallyadaptsto changing network traffic conditions.





85/126

85

Weighted fair queuing is enabled by default for physicalinterfaces whose bandwidth is less than or equal to T1/E1,or 1.544 Mbps/2.048 Mbps.

WFQ default on T1/E1

and slower.

FIFO default on fasterthan T1/E1.

T1 T3

Weighted fair queuing operation*


86/126

86

The WFQ sorting of traffic into flows isbased on packet headeraddressing.

Common conversation discriminatorsare as follows (based on ahash):

Source/destination network address

Source/destination Media Access Control (MAC) address

Source/destination port or socket numbers

Frame Relay data-link connection identifier (DLCI) value

Quality of service/type of service (QoS/ToS) value

The router determines what the actual flows are, not theadministrator.

Packet 3 is queued before packets 1 or

2 because packet 3 is a small packet in

a low-volume conversation

Small packet in low-volume conversation arrives 3rd

Weighted fair queuing operation*


87/126

87

WFQ assigns a weight to each flow. Lower weights are served first.

Small, low-volume packetsare given priorityover large, high-volume conversation packets.

Flow Based WFQ algorithm allocates a separate queue for eachconversation.

WFQ is IP Precedence-aware.

This is only pertinent if the IP precedence bit is used

Coming next

Weighted fair queuing*


88/126

88

WFQstarts by sorting trafficthat arrives on an egress interface intoconversation flows.

The router determineswhat the actual flowsare

The administrator cannot influence this decision. Conversations are based on a hash (combination) of: Source/destination network address

Source/destination Media Access Control (MAC) address

Source/destination port or socket numbers

Frame Relay data-link connection identifier (DLCI) value

Quality of service/type of service (QoS/ToS) value



10141517

Flow #3

Flow #2

Flow #1

Weighted fairqueuing

*


89/126

89

queuing IP ToS bits are used to determine

which packet gets priority.

Simplification: Dispatch = Finish time x Weight Weight = 32768/(IP Prec + 1)

IP Precedence Weight12.0(5)T and later Our Value

0 32768 81 16384 7

2 10920 6

3 8192 5

4 6552 4

5 5456 3

6 4680 2

7 4096 1



90/126

90

FIFOLargest first, then medium, then smallest FQSmallest first, then medium, thenlargest

WFQMultiplier is used, weight = 32768/(IP Prec + 1) To keep it simple we will use our values and leave out somedetails.

Lowest value wins!

Higher IP Precedence gets a lower value (weight)


(single interface outbound queue, IP PrecOur Value)

10141517

Flow #3

Flow #2

Flow #1 0 - 8

3 - 5

0 - 8



91/126

91

Dispatch = Finish time x Our Value (weight)

First packet: 17 x 8 = 136 Last

Second packet: 15 x 5 = 75 Lowest

Third packet: 14 x 8 = 112 Next lowest



10141517

Flow #3

Flow #2

Flow #1 0 - 8

3 - 5

0 - 8

3 - 50 - 80 - 8

Lowest wins!



92/126

92

What if a flow has contains packets with different IP Precedencebits?

Problem is that high-priority packet, 3-5, cannot be dispatched untilafter the large packet in front of it (same flow) leaves.

Packets within a flow are handled FIFO.



10141517

Flow #3

Flow #2

Flow #1 0 - 8

3 - 5

0 - 8

3 - 50 - 80 - 8

3 - 5

20

3 - 5

Must wait for previous

packet in flow to leave.

Handled using FIFO.

*

FYI


93/126

93

Configuring

weightedfair queuing

The congestive-discard-thresholdis the number of messages toqueue for high-volume traffic.

In other words, the maximum number of packets in a conversation heldin a queue before they are discarded.

1 to 512

Default is 64 packets.

Router(config-if)#fair-queue {congestive-discard-threshold}

I have more than 128

packets! No more come

into this queue.

*

FYI


94/126

94

Configuring

weightedfair queuing

The congestive-discard-thresholdapplies only to high volumeconversations that have more than one message in the queue.

The discard policy tries to control conversations that would monopolize

the link. If an individual conversation queue contains more messages than the

congestive discard threshold, that conversation will not have any new

messages queued until that queues content drops below one-fourth of

the congestive discard value.

I have more than 128

packets! No more come

into this queue until .


95/126

*


96/126

Class-Based Weighted Fair

Queuing

Class Based WFQ*


97/126

97

WFQ separates packets into flows and applies a weight to high-priority

packets so they can leave first. CBWFQ adds a level of administrator control to WFQ. The same WFQ process is followed, the difference is that the

administrator can control how packets are divided into the

conversation or flows.



10141517

Flow #3

Flow #2

Flow #1 0 - 8

3 - 5

0 - 8

3 - 50 - 80 - 8

3 - 5

20

3 - 5

WFQ

Class Based WFQ

*


98/126

98

Scenario: the administrator has decided that all high-priority trafficshould reside in the same flow, regardless of any other conditions thatmight place them into separate flows, such as Source/destination

network address, Source/destination Media Access Control (MAC)address, etc.

The WFQ algorithm is still at work, but the queue definition is nowunder control.

CBWFQcan be used to guarantee that f lows receive adequate

bandw idth def ined by the admin istrator .



10141517

Flow #3

Flow #2

Flow #1 0 - 8

3 - 5

0 - 83 - 5

20

3 - 5 3 - 53 - 50 - 80 - 8

3 - 50 - 80 - 83 - 5

WFQ

CBWFQ

Class-based weighted fair queuing overview*


99/126

99

Class-based weighted fair queuing (CBWFQ) extends the standardWFQ functionality to provide support for user-defined trafficclasses.

By using CBWFQ, network managers candefine traffic classesbased onseveral match criteria, including:

Protocols

Access Control Lists (ACLs)

Input interfaces

CBWFQ

FIFO Queues*


100/126

100

A FIFO queue is reserved for each class, and traffic belonging to aclass is directed to the queue for that class.

More than one IP flow, or conversation", can belong to a class. Once a class has been defined according to its match criteria, the

characteristics can be assigned to the class.

To characterize a class: assign the bandwidth maximum packet limit

The bandwidthassigned to a class is the guaranteed bandwidth givento the class during congestion.

CBWFQ

Class233 1

*


101/126

101

CBWFQ(not you) assigns a weightto each configured class instead of eachflow.

Weight is proportional to the bandwidth(you) configuredfor each class.

Weightis equal to the interface bandwidth divided by the class bandwidth o rcan be configured as a percentage. Weight= Interface bandwidth / class bandwidth

32= 2,048 kbps / 64 kbps (2,048 kbps = 2 Mbps)

16= 2,048 kbps / 128 kbps

64= 2,048 kbps / 32 kbps

A class with a higher bandwidth value will have a lower weight

Highest BW

Lowest weight

Highest priority

Router(config)# policy-map policy1

Router(config-pmap)# class class1

Router(config-pmap-c)#bandwidth 64

Router(config-pmap-c)# queue-limit 30

Router(config-pmap-c)# exit


Router(config-pmap-c)#bandwidth 128

Router(config-pmap-c)# exit

Bandwidth is configured in the policy-

map class (later)

CBWFQ Class 233 1*


102/126

102

By default, the total amount of bandwidth allocated for all classes mustnot exceed 75 percentof the available bandwidth on the interface.

The other 25 percent is used for control and routing traffic.

This is why when you configure a T1 link (and slower), you only get

75% of the bandwidth, unless you turn off queuing.

Highest BW

Lowest weight

Highest priority

CBWFQ Class 233 1*


103/126

103

The queue limitmust also be specified for the class.

Themaximum number of packets allowed to accumulate in the queuefor the class.

After limit is met packets are droppedsee Tail Drop and WRED.

Packets belonging to a class are subject to the bandwidth and queue limits thatare configured for the class.

Highest BW

Lowest weight

Highest priority

Router(config)# policy-map policy1


Router(config-pmap-c)# bandwidth 64

Router(config-pmap-c)# queue-limit 30

CBWFQ versus flow-based WFQ


104/126

104

Bandwidth allocationCBWFQ allows the administratorto specify the exact amount of bandwidth to be allocated

for a specific class of traffic. Up to 64 classes, and can control distribution among

them.

Class

233 1

Highest BW

Lowest weight

Highest priority

CBWFQ and taildrops

* Hey, these packets are coming infaster than I can send them out!For now I will store some of them in

my output buffer.


105/126

105

Packet bursts or flows demanding high bandwidth can causecongestion when packets arrive at an output port faster than they can

be transmitted.

The router tries to handle short-term congestions bypacket

buffering. Packet buffering has a cost of delay and jitter, but the packets are

not dropped.

JitterAny distortion of a signal or image caused by poorsynchronization.

p y p
http://www.youtube.com/watch?v=4wp3m1vg06Q


106/126

CBWFQ and taildrops

* Now there are more packets than I can storein my output buffer and I cant send them outfast enough. Guess, I have to start dropping

later packets until I have room in my buffer.


107/126

107

p

Tail drop. A router simply discards any packet that arrives at the tail end

of a queue that has completely used up its packet-holdingresources.

Default queuing responseto congestion.

Tail drop treats all traffic equally and does not differentiate betweenclasses of service.

Full

CBWFQ andtail drops

* I didnt receive an ACK for my last several TCPsegments. TCP says I have to go into slow start andchange my window size to 512 bytes. I can then

begin to increase it exponentially until I reach the

receivers advertised window size.


108/126

108

When using tail drop, the router drops all traffic that exceeds the queuelimit.

Many TCP sessionsthen simultaneously go into a slow start.

This reduces the TCP window size. Consequently,traffic temporarily slowsas much as possible. As congestion is reduced, window sizes begin to increasein

response to the available bandwidth.

p receiver s advertised window size.

Full

All TCP hosts with non-

ACKed segments gointo TCP Slow Start.

Now, there is very

little traffic that

needs to be sent

out that interface.

CBWFQ and tail drops*


109/126

109

This activity creates a condition called global synchronization.

Global synchronizationmanifests when: Multiple TCP hosts reduce their transmission rates in response to

packet dropping, and then increase their transmission rates after thecongestion is reduced.

The most important point is that the waves of transmissionknown as globalsynchronization will result in significant link under-utilization.

Time

Full

Tail Drops

1. Traffic flowsenter the

queue at

different times

2. When aggregateload exceeds queue

Tail drops cause

synched TCP window

reduction.

3. Under use causessynched TCP window

expansion.

4. This causes moreTail drop and window

size oscillations.

Bandwidth overused

then underused.

Queue

overused

Queue

underused


110/126

Weighted Random Early Detect (WRED)*


111/126

111

Tail dropsare a passive queue management mechanism.

Random Early Detection (RED)and Weighted REDare alternatives to taildrops for CBWFQ. Active queue management mechanisms (RED and WRED) drop packets

before congestion occurs.

This is to prevent tail drops and the ups and downs from global TCPsynchronization.

My buffer is not full, but I am going to use Random Early

Detection (RED) and start dropping some packets. This will

help keep global synchronization of TCP slow start fromhappening.


112/126

Weighted Random Early Detect (WRED)*


113/126

113

The WRED algorithm is constantly updated with thecalculated average queue size, which is based on the

recent history of queue sizes.


114/126

WRED*


115/126

115

Based on the profileand the average queue size, WRED calculatesthe probabilityfor droppingthe current packet and either drops it orpasses it to the output queue.

If the queue is already full, the packet is tail-dropped.

Otherwise, it is eventually sent out on the interface.

WRED monitors the average queue depth in the router and determineswhen to begin packet drops based on the queue depth.

When the average queue depth crosses the user-specifiedminimum threshold, WRED begins to drop both TCP and UDPpackets with a certain probability.

WRED*


116/126

116

The packet drop probabilityis based on the minimum threshold, maximumthreshold, and mark probability denominator.

When the average queue depth is above the minimum threshold, RED startsdropping packets.

The rate of packet drop increases linearly as the average queue size

increases until the average queue size reaches the maximum threshold. The mark probability denominatoris the fraction of packets dropped when

the average queue depth is at the maximum threshold.

For example, if the denominator is 512, one out of every 512 packets isdropped when the average queue is at the maximum threshold.

When the average queue size is above the maximum threshold, all packetsare dropped.

WRED*


117/126

117

If the average queue depth ever crosses the user-specified maximumthreshold, then WRED reverts to tail drop, and all incoming packetsmight be dropped.

The idea behind using WRED is to maintain the queue depth at alevel somewhere between the minimum and maximum thresholds,

and to implement different drop policies for different classes oftraffic.

WRED is only useful when the bulk of the traffic is TCP traffic.

With TCP, dropped packets indicate congestion, so the packetsource reduces its transmission rate.

CBWFQ Using WRED Packet DropExample

*


118/126

118

In the following example, the class map class1 is created and definedto use the input interface FastEthernet0/1 as a match criterion to

determine if packets belong to the class.

Next, the policy map policy1 is defined to contain policy specificationfor class1, which is configured for WRED packet drop.

Router(config)# class-map class1

Router(config-cmap)# match input-interface FastEthernet0/1

Router(config)# policy-mappolicy1


Router(config-pmap-c)# bandwidth 1000Router(config-pmap-c)# random-detect

Router(config)# interface serial0/0

Router(config-if)# service-policy outputpolicy1

Amount of bandwidth in

proportion of the link.

Weight = int bw/ class bw

Enables WRED

Low Latency Queuing (LLQ)*


119/126

119

The Low Latency Queuing (LLQ)feature provides strict priorityqueuing for class-based weighted fair queuing (CBWFQ), reducing

jitter in voice conversations.

Configured by theprioritycommand, strict priority queuing gives

delay-sensitive data, such as voice, preferential treatment over othertraffic.

With this feature, delay-sensitive data is sent first, before packets inother queues are treated.

LLQis also referred to as priority queuing/class-based weighted fairqueuing (PQ/CBWFQ) because it is a combination of the two

techniques.

LLQ*


120/126

120

CBWFQ (without PQ, non-LLQ)),the weight for a packet belonging toa specific class is derived from the bandwidth assigned to the classduring configuration.

The bandwidth assigned to the packets of a class determines theorder in which packets are sent.

All packets are serviced equally, based on weight.

No class of packets may be granted strict priority.

This scheme poses problems for voice and video traffic that is largelyintolerant of delay, especially variation in delay.

LLQ


121/126

121

In the event of congestion or when bandwidth has expired, priorityisused to drop packets.

Voice trafficqueued to the priority queue is UDP-basedand,therefore, notadaptive to the early packet drop characteristic of

WRED. Because WRED is ineffective, you cannot use the WRED random-

detectcommand with theprioritycommand.

No

RED/WRED

LLQ*


122/126

122

Although it is possible to enqueue various types of real-time traffic tothe strict priority queue, Cisco recommends that only voice trafficbe directed to it.

Configuring LLQ

*


123/126

123

When theprioritycommand is specified for a class, it uses abandwidth argument that gives maximum bandwidth in kilobits persecond (kbps).

This parameter is used to specify the maximum amount of bandwidthallocated for packets belonging to the class configured with the

prioritycommand (during times of congestion). The bandwidth parameter guarantees bandwidth to the priority class

and restrains the flow of packets from the priority class.

Note: There is also amax-reserved-bandwidthcommand that conbe used, so the priority queue does not starve the remaining queues.

and

LLQ Example*


124/126

124

router(config)# access-list 102permit udp host 10.10.10.10 host10.10.10.20 range 16384 20000

router(config)# access-list 102permit udp host 10.10.10.10 host10.10.10.20 range 53000 56000

router(config)# class-map voice

router(config-cmap)# match access-group 102

router(config)# policy-mappolicy1

router(config-pmap)# class voice

router(config-pmap-c)# priority 50

router(config-pmap)# class bar

router(config-pmap-c)# bandwidth 20

router(config-pmap)# class class-default

router(config-pmap-c)# fair-queue

router(config)# interface atm1/0

router(config-subif)# pvc 0/102

router(config-subif-vc)# service-policy outputpolicy1

A strict priority queue(with a guaranteedallowed bandwidth of50 kbps) is reserved

for traffic that is sentfrom the sourceaddress (10.10.10.10)to the destinationaddress (10.10.10.20),in the range of ports

16384 through 20000and 53000 through56000.

Suggested Readings


125/126

125


126/126

Quality of Service (QoS)

CIS 187 Multilayer Switched Networks

CCNP

Rick Graziani

Spring 2009

Documents

QoS cisco slides