QOS:
- IP header has 1-byte fields called the TOS. It’s HIGH ORDER 3 bits are defined as IPP field.
- Diffserv renamed TOS byte to DS field and IPP was replaced with a 6 bit field called DSCP. The low order 2 bits of the DS filed were used for ECN.
- C&M tools makr DSCP and IPP because the IP packet remains intact as it is forwarded throughout the IP network.
- PHB: PER HOP BEHAVIOR
- Class Selector PHB and DSCP Values
- Class Selector (CS) PHBs provide backward compatibility with IPP.
- Default is CS0 (most IOS will only allow default and not CS0)
- CS PHB states that packets with larger DSCPs should be given better queuing preference.
- Assured Forwarding PHB and DSCP Values
- four classes for queuing purposes ALONG with 3 LEVELS of DROP probability in each queue.
- AF PHB defines 12 DSCP values and their meanings. AFxy (where x is one of four queues and y implies one of three drop priorities.
- First 3 bits imply queuing class and next 2 bits (3 and 4) imply drop preference.
- To convert the AF name to decimal equivalent: AFxy foruma is: 8x + 2y = decimal value.
- Expedited Forwarding PHB and DSCP Values
- PHB actions:
- queue EF packets so that they get scheduled quickly (low latency)
- police the EF packets so that they do not consume all bandwidth.
- EF value is 46, binary 101110
- PHB actions:
- Class Selector PHB and DSCP Values
- Non-IP Header Marking Fields
- Ethernet LAN CoS:
- included 802.1q or ISL trunking header
- 802.1q defines as 3 most significant bits of the 2-byte Tag Control field. Called “user priority” bits
- ISL defines the 3 LEAST significant bits from 1 byte USER field, calling it CoS.
- WAN marking Fields
- Frames set to 1 are considered to be better candidates to be dropped than without set to 1.
- Frame Relay: DE bit,
- ATM: Cell Loss Priority (CLP) bit.
- MPLS defines 3-bit fields called MPLS EXP.
- Rules for non-IP markable fields:
- Classification: ON INGRESS ONLY (COIN) and only if that interface supports that particular header field
- Marking: MOEG – On EGRESS ONLY.
- Ethernet LAN CoS:
- M-QoS CLI
- “Class Based” tools include: CB Marking, CB WFQ, CB Policing, CB shaping, CB Header Compression.
- MQC separates the classification function of a QoS tool (class-map) from the action (PHB) that the QoS wants to perform (policy-map). 3 major commands:
- CLASSIFICATION: class-map
- uses “match command”.
- match any matches any packet – any and all packets!
- if packets don’t match either class 1 or class 2, those packets would not be marked and will retain their DSCP values.
- upto four (cos and IPP) and eight (dscp) values can be listed on a “match cos”, “match precedence” or “match dscp” command.
- if a class has multiple match, default is “MATCH-ALL (AND)”, but match-any can be (OR) can be defined on command.
- to do an OR on the same command for qos values, e.g: “match dscp 0 1” == match dscp 0 OR match dscp 1.
- MARKING: policy-map à multiple classes can be referenced under a single policy map.
- service policy
- CLASSIFICATION: class-map
- Marking
- CB Marking requires CEF enabled.
- CB marking is enabled for packets entering or exiting an interface
- policy map is processed sequentially.
- packets that do not explicitly match defined class are considered to match special class “class-default”.
- for any class inside policy-map for which there is no set command, packets are not marked in that class.
- some “sets”: set atm-clp, set fr-de, set qos-group gid, set ip dscp <dscp-value>
- show policy-map <policy-map-name> {lists config info}
- show policy-map <interface-spec> input | output [class] {lists statistics of policy-map}
- load-interval interface subcommand: useful for QoS statistics. It defines the time interval over which IOS measures packet and bit rates on an interface. With lower load interval, stats change more quickly; default is 5 minutes, it can be lowered to 30 seconds.
- if packets are matched by an earlier class statement in policy map, they won’t match the later ones.
- on “native” vlan interfaces, policy-maps that refers to CoS cannot be enabled.
- the “show ip nbar” command only displays statistics if the “ip nbar protocol-discovery” command is applied to an interface.
- you can download new PDLMs from Cisco, copy it into flash memory and add the “ip nbar pdlm <name>” command.
- packets should generally be marked as close to INGRESS point of packet as possible.
- “Mark as close to ingress edge of the network as possible, but not so close the to the edge that the marking made is made by an untrusted device.”
- Marking Using Policers:
- Determines if configured traffic contract is exceeded! Has two components: traffic rate (bits per second) and burst size (# of bites)
- if traffic within the contract, all packets are considered to have conformed to the contract, if exceeded, they have “exceeded” the contract.
- marking down requires re-marking of QoS fields, typically IPP or DSCP values. E.g: policer marks AF11 to AF13 without discarding.
- QoS Pre-classification:
- encapsulated traffic like IPSec, tunnel mode, GRE tunnels.. ToS byte of the original packet is automatically copied to the tunnel header BUT features like NBAR are broken.
- QoS pre-classification works by keeping the original, unencrypted traffic in memory until the egress QoS action are taken.
- You can enable in “tunnel interface configuration mod”(GRE and IPIP), “virtual-template configuration mode”(L2F and L2TP) or “crypto map config mode”(IPSec) by using “qos pre-classify”.
- Policy routing for Marking
- allows capability to route packet based on information in packet beside the destination IP address. Uses “route-maps” to classify packets.
- Policy routing can also mark the IPP field, or the entire ToS byte using the set command in a route-map.
- Packets are examined as they enter an interface
- traditional policy routing function of using set command to define the route may also be configured but nor required.
- should only be used when CB marking is not available or when router has to use both policy routing and mark packets entering the SAME interface.