CCIE Cert Guide — QoS Notes Part I


  • IP header has 1-byte fields called the TOS. It’s HIGH ORDER 3 bits are defined as IPP field.
  • Diffserv renamed TOS byte to DS field and IPP was replaced with a 6 bit field called DSCP. The low order 2 bits of the DS filed were used for ECN.
  • C&M tools makr DSCP and IPP because the IP packet remains intact as it is forwarded throughout the IP network.
    • Class Selector PHB and DSCP Values
      • Class Selector (CS) PHBs provide backward compatibility with IPP.
      • Default is CS0 (most IOS will only allow default and not CS0)
      • CS PHB states that packets with larger DSCPs should be given better queuing preference.
    • Assured Forwarding PHB and DSCP Values
      • four classes for queuing purposes ALONG with 3 LEVELS of DROP probability in each queue.
      • AF PHB defines 12 DSCP values and their meanings. AFxy (where x is one of four queues and y implies one of three drop priorities.
      • First 3 bits imply queuing class and next 2 bits (3 and 4) imply drop preference.
      • To convert the AF name to decimal equivalent: AFxy foruma is: 8x + 2y = decimal value.
    • Expedited Forwarding PHB and DSCP Values
      • PHB actions:
        • queue EF packets so that they get scheduled quickly (low latency)
        • police the EF packets so that they do not consume all bandwidth.
        • EF value is 46, binary 101110
  • Non-IP Header Marking Fields
    • Ethernet LAN CoS:
      • included 802.1q or ISL trunking header
      • 802.1q defines as 3 most significant bits of the 2-byte Tag Control field. Called “user priority” bits
      • ISL defines the 3 LEAST significant bits from 1 byte USER field, calling it CoS.
    • WAN marking Fields
      • Frames set to 1 are considered to be better candidates to be dropped than without set to 1.
      • Frame Relay: DE bit,
      • ATM: Cell Loss Priority (CLP) bit.
      • MPLS defines 3-bit fields called MPLS EXP.
    • Rules for non-IP markable fields:
      • Classification: ON INGRESS ONLY (COIN) and only if that interface supports that particular header field
      • Marking: MOEG – On EGRESS ONLY.
  • M-QoS CLI
    • “Class Based” tools include: CB Marking, CB WFQ, CB Policing, CB shaping, CB Header Compression.
    • MQC separates the classification function of a QoS tool (class-map) from the action (PHB) that the QoS wants to perform (policy-map). 3 major commands:
      • CLASSIFICATION: class-map
        • uses “match command”.
        • match any matches any packet – any and all packets!
        • if packets don’t match either class 1 or class 2, those packets would not be marked and will retain their DSCP values.
        • upto four (cos and IPP) and eight (dscp) values can be listed on a “match cos”, “match precedence” or “match dscp” command.
        • if a class has multiple match, default is “MATCH-ALL (AND)”, but match-any can be (OR) can be defined on command.
        • to do an OR on the same command for qos values, e.g: “match dscp 0 1” == match dscp 0 OR match dscp 1.
      • MARKING: policy-map à multiple classes can be referenced under a single policy map.
      • service policy
  • Marking
    • CB Marking requires CEF enabled.
    • CB marking is enabled for packets entering or exiting an interface
    • policy map is processed sequentially.
    • packets that do not explicitly match defined class are considered to match special class “class-default”.
    • for any class inside policy-map for which there is no set command, packets are not marked in that class.
    • some “sets”: set atm-clp, set fr-de, set qos-group gid, set ip dscp <dscp-value>
    • show policy-map <policy-map-name> {lists config info}
    • show policy-map <interface-spec> input | output [class] {lists statistics of policy-map}
    • load-interval interface subcommand: useful for QoS statistics. It defines the time interval over which IOS measures packet and bit rates on an interface. With lower load interval, stats change more quickly; default is 5 minutes, it can be lowered to 30 seconds.
    • if packets are matched by an earlier class statement in policy map, they won’t match the later ones.
    • on “native” vlan interfaces, policy-maps that refers to CoS cannot be enabled.
    • the “show ip nbar” command only displays statistics if the “ip nbar protocol-discovery” command is applied to an interface.
    • you can download new PDLMs from Cisco, copy it into flash memory and add the “ip nbar pdlm <name>” command.
    • packets should generally be marked as close to INGRESS point of packet as possible.
    • “Mark as close to ingress edge of the network as possible, but not so close the to the edge that the marking made is made by an untrusted device.”
    • Marking Using Policers:
      • Determines if configured traffic contract is exceeded! Has two components: traffic rate (bits per second) and burst size (# of bites)
      • if traffic within the contract, all packets are considered to have conformed to the contract, if exceeded, they have “exceeded” the contract.
      • marking down requires re-marking of QoS fields, typically IPP or DSCP values. E.g: policer marks AF11 to AF13 without discarding.
  • QoS Pre-classification:
    • encapsulated traffic like IPSec, tunnel mode, GRE tunnels.. ToS byte of the original packet is automatically copied to the tunnel header BUT features like NBAR are broken.
    • QoS pre-classification works by keeping the original, unencrypted traffic in memory until the egress QoS action are taken.
    • You can enable in “tunnel interface configuration mod”(GRE and IPIP), “virtual-template configuration mode”(L2F and L2TP) or “crypto map config mode”(IPSec) by using “qos pre-classify”.
  • Policy routing for Marking
    • allows capability to route packet based on information in packet beside the destination IP address. Uses “route-maps” to classify packets.
    • Policy routing can also mark the IPP field, or the entire ToS byte using the set command in a route-map.
    • Packets are examined as they enter an interface
    • traditional policy routing function of using set command to define the route may also be configured but nor required.
    • should only be used when CB marking is not available or when router has to use both policy routing and mark packets entering the SAME interface.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s