Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
This is a review of NCARs current campus network and the potential FRGP QOS implementation. Since
NCARs initial QOS deployment, new hardware and IOS versions have been deployed in the network,
CatOS has been converted to IOS, and the QOS toolset has changed. The intent of this document is to
validate the existing QOS configuration and/or propose new QOS configurations using QOS best
practices outlined in Ciscos Enterprise QoS Solution Reference Network Design (Enterprise QoS SRND)
as a guideline.
The intent of NCARs QoS deployment is to ensure VOIP traffic has priority over other traffic in the face
of network congestion. QoS is not a one size fits all configuration it is highly dependent on company
policy decisions (i.e. prioritize application X) and on the overall composition of network traffic. NCARs
QoS implementation should be reviewed on a regular and as-needed basis to ensure QoS is functioning
as designed when new hardware or changes in traffic profiles occur.
Here is a summary of the recommendations that have been reviewed and approved by NETS engineers:
Ciscos Enterprise QoS and Medianet Campus Qos SRNDs will be used as the basis for QoS
configurations
Input queuing and policing will not be used
Only voice traffic will be prioritized
Transmit queue design will use the default settings applied by the mls qos command except in
a few cases where the default deviates from the SRND
Cut and paste QoS files will be created for each queue type and be used as the default
configuration for new cards
Packet drops per queue and threshold will be monitored to ensure QoS policy is working
properly
Netflow will be enabled on internal NCAR traffic for additional QoS monitoring and statistics
1. QoS Overview
There are many different ways to implement QoS but the SRND recommends using DSCP markings to
ensure consistent PHB (per hop behavior) of packets. A DSCP based QoS deployment consists of the
following components:
1.
2.
3.
4.
Input Queuing
Classification and Marking
Policing
Transmit Queuing
The example commands presented below are for a 6500 with 1p3q8t queue. To complicate matters, the
QoS implementation varies across the different hardware platforms and IOS versions. Commands may
vary slightly depending on switch and/or queue type, however the basic procedure remains the same.
Input Queuing
Ingress queues (RX) are extremely difficult to congest. Ingress congestion implies that the combined
ingress rates of traffic exceed the switch fabric channel speed, and thus would need to be queued simply
to gain access to the switching fabric. On newer platforms, such as the Catalyst 6500 Sup720, this means
that a combined ingress rate of up to 40 Gbps per slot would be required to create such an event*. The
6500 line cards do have ingress queues in the event that congestion does occur, but since this is highly
unlikely, only the egress (TX) queues will be addressed in this document.
* End-to-end qos network design, By Tim Szigeti, Christina Hattingh
Policing
Policing can be used to markdown excess traffic in a class or drop offending traffic. Policing will not be
used in NCARs campus network at this time.
Transmit Queuing
Transmit queue types are hardware dependant. IOS command show interface capabilities -> QoS
scheduling displays the type:
ml-16c-c1-gs#show interfaces capabilities mod 4
GigabitEthernet4/1
Model:
WS-X6148A-GE-45AF
Type:
10/100/1000BaseT
Speed:
10,100,1000,auto
Duplex:
half,full
Trunk encap. type:
802.1Q,ISL
Trunk mode:
on,off,desirable,nonegotiate
Channel:
yes
Broadcast suppression: none
Flowcontrol:
rx-(off,on,desired),tx-(off,on,desired)
Membership:
static
Fast Start:
yes
QOS scheduling:
rx-(1q2t), tx-(1p3q8t)
wrr-queue bandwidth
Here is the CatOS command (global):
set qos wrr 1p2q2t 30 70
Set queue WRED thresholds
There is a minimum and maximum WRED (weighed random early detection) threshold configured. The
minimum indicates the point at which packets will be randomly dropped for that queue/threshold and
the MAX threshold determines when tail drop (i.e. all pkts in the queue) will begin. Here is a link to how
WRED works:
http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/congestion_avoidance.html#wp100095
9
qos
qos
qos
qos
qos
qos
qos
qos
enable
map 2q2t tx 2 1 cos 3
map 2q2t tx 2 2 cos 5
wrr 2q2t 100 255
map 1p2q2t tx 2 1 cos 3
wrr 1p2q2t 100 255
wred 1p2q2t tx queue 1 40:80 70:100
wred 1p2q2t tx queue 2 40:80 70:100
2
15%
3
15%
4
5%
Tx WRR Configuration of ports with 1p3q8t:
Queue # Ratios
------- ------------------------------------1
20
2
100
3
200
Description
Supervisor Mod 720 10G (enabled/disabled G ports)
2 port 1000BaseX Supervisor Mod 2 (GBIC)
2 port 1000BaseX Supervisor Mod 2 (GBIC)
2 port 1000BaseX Supervisor Mod 2 (GBIC)
2 port 10GBaseX Supervisor module
Supervisor Mod 720 base board
Supervisor Mod 720 base board
Supervisor Mod 720 base board
48 port 10/100BaseTX (RJ-45)
48 port 10/100BaseTX (RJ-45)
48 port 10/100/1000BaseTX (RJ-45)
8 port 1000BaseX (GBIC),Enhanced QoS
16 port 1000BaseX (GBIC)
16 port 1000BaseX (GBIC)
4 port 10 GE
16 port 10 GE
48 port 10/100/1000 (RJ-45)
48 port 1000Base FX (SFP GBIC)
Industrial Ethernet Switch
NME-XD-48ES-2S-P: EtherSwitch SM 48 10/100T PoE + 2 SFP
Queue Type
Scheduler
1p3q4t/1p7q4t DWRR or SRR
1p2q2t
1p2q2t
1p2q2t
1p3q8t
DWRR or SRR
1p2q2t
WRR
1p2q2t
WRR
1p2q2t
WRR
2q2t
WRR
2q2t
WRR
1p3q8t
WRR
1p2q2t
WRR
1p2q2t
WRR
1p2q2t
WRR
1p7q8t
DWRR
1p7q4t
DWRR or SRR
1p3q8t
DWRR
1p3q8t
DWRR
1p3q3t
SRR
1p3q3t
SRR
1p3q3t
SRR
Inbound
(%)
0.085
0.421
Outbound
(%)
0.055
0.275
0.065
0.926
0.032
0.183
0.043
0.246
0.042
0.655
L3 Classification
EF, DSCP 46
CS6, DSCP 48
CS3, DSCP 24
DSCP 0
Trust boundaries will be extended to the IP phones, all other *access* ports will be untrusted. All
uplinks between access and distribution/core switches will be trusted. Here is a sample IOS
configuration that extends the trust boundary to the IP phone:
Per Interface Configs:
interface gig <mod/port>
mls qos vlan-based
switchport voice vlan 700
<- Applied on
interface Vlan700
no ip address
service-policy input ACL-IP-PHONES-policy
Global Configs:
class-map match-all ACL-IP-PHONES-1-class
match access-group name ACL-IP-PHONES-1
!
policy-map ACL-IP-PHONES-policy
class ACL-IP-PHONES-1-class
trust dscp
2. Buffer space will only be allocated to queues with DSCP/COS values for which traffic has been
explicitly mapped. For example, 1p7q8t has a total of 8 queues available 1 priority and 7 other
queues. The proposed classification calls for at most 4 different queues, so 4 of the 1p7q8t
queues will have a buffer size of 0 assigned since no traffic would ever be assigned to these
queues. The SRND will be used as a guide to determine buffer size. It will be necessary to
deviate from the SRND because we will be marking all traffic except voice as DSCP/COS 0 and a
larger buffer will be needed to accommodate this traffic.
3. Bandwidth servicing weights will only be allocated to queues that have buffers assigned. The
SRND will be used as a guide to determine bandwidth servicing weights. For the most part,
these should follow pretty closely with the SRND except where buffers have been set to 0.
4. Buffer thresholds will be explicitly defined to queues that have buffers assigned, for all DSCPs
assigned to the queue regardless of whether or not any traffic will be marked with that DSCP
value. The SRND will be used as a guide. For example, the SRND for 1p3q8t queues assigns CS7
to q3t7. The proposed classification does not include CS7, however, the q3t7 threshold will still
be set. This will have no affect on traffic that is using the queue.
PROs:
CONs:
Option 2 (RECOMMENDED):
As a sanity check, we ran option1 past David and Option 2 came from that review. Option 2 primarily
relies on the default values that result from enabling the mls qos global command (Currently
implemented in NCARs campus network CATOS devices).
1. Use the default mapping of DSCP/COS to queues that result from enabling the mls qos global
command except where it differs for DSCP 24 (call signaling) and DSCP 46 (voice traffic). In
those cases, follow the SRND.
2. Use the default buffers, bandwidth servicing weights, and thresholds that result from enabling
the mls qos global command. For the most part, these settings are in line with SRND and
where they deviate, its hard to quantify how it might affect QoS.
PROs:
CONs:
Note that once a Tx queuing option has been agreed upon, it will need to be applied to all queue
types described in Table 1.
OPTION 1
SRND
Default
70
Threshold
Value
n/a
255
100 (5 catos)
30
Queue 2 - 40%
DF; Cos0
q1t2 80:100
CS1; Cos1
q1t1 40:80
Queue 1 - 30%
Queue 2 - 15%
AF21,CS2; Cos2
q1t2 70:100
AF31,CS3; Cos3
CS1; Cos1
q1t1 40:70
DF; Cos0
Queue 1 - 70%
70
30
Queue 1 - 70%
wrr-queue
wrr-queue
wrr-queue
wrr-queue
wrr-queue
wrr-queue
wrr-queue
wrr-queue
wrr-queue
cos-map 2 2 6 7
cos-map 2 1 2 3 4
cos-map 1 2 0
cos-map 1 1 1
bandwidth 30 70
random-detect 1
random-detect 2
random-detect min-threshold 1 40 80
random-detect max-threshold 1 80 100
Option 2
Default
1p2q2t - Buffer Size% & Threshold
BW Servicing Weight COS to Threshhold Map Value
n/a
EF, Cos5
n/a
255
100 (5 catos)
Queue 2 - 15%
AF21,CS2; Cos2
q1t2 70:100
AF31,CS3; Cos3
CS1; Cos1
q1t1 40:70
DF; Cos0
255
100
Queue 1 - 70%
Queue 1 - 70%
OPTION 1
SRND
BW Servicing 1p3q8t - Buffer Size% & Threshold
Weight
COS to Threshhold Map Value
EF, Cos5
n/a
Default CatOS
BW Servicing 1p3q8t - Buffer Size% & Threshold
Weight
COS to Threshhold Map Value
EF, Cos5
n/a
n/a
Priority Queue - 5%
CS7; Cos7
q3t7 70:100
CS6; Cos6
AF41,CS4; Cos4
q3t5 60:90
200
AF31,CS3; Cos3
q3t3 50:80
Queue 3 - 15%
CS1; Cos1
q2t1 70:100
AF21,CS2; Cos2
100
Queue 2 - 15%
DF; Cos0
q1t1
70:100
n/a
20
70
Queue 3 - 40%
DF; Cos0
q2t1 80:100
Queue 1 - 65%
Default IOS
BW Servicing 1p3q8t - Buffer Size% & Threshold
COS to Threshhold Map Value
Weight
n/a
EF, Cos5
n/a
40
25
Queue 2 - 25%
CS1; Cos1
q1t1 80:100
Queue 1 - 5%
200
150
100
Queue 1 - 50%
Queue 2 - 75%
CS1; Cos1
q1t1 80:100
Queue 1 - 0%
cos-map 3 5 7
cos-map 3 4 6
cos-map 3 3 3
cos-map 3 2 2
cos-map 3 1 4
cos-map 2 1 0
queue-limit 0 75 15
bandwidth 0 40 60
random-detect 1
random-detect 2
random-detect 3
random-detect min-threshold
random-detect max-threshold
random-detect min-threshold
random-detect max-threshold
random-detect min-threshold
random-detect max-threshold
1
1
2
2
3
3
80 70 70 70 70 70 70 70
100 100 100 100 100 100 100 100
80 70 70 70 70 70 70 70
100 100 100 100 100 100 100 100
70 70 80 90 70 70 70 70
80 80 90 100 100 100 100 100
Option 2
Default CatOS
BW Servicing 1p3q8t - Buffer Size% & Threshold
COS to Threshhold Map Value
Weight
EF, Cos5
n/a
n/a
Priority Queue - 5%
CS7; Cos7
q3t7 70:100
CS6; Cos6
AF41,CS4; Cos4
q3t5 60:90
200
AF31,CS3; Cos3
q3t3 50:80
Queue 3 - 15%
CS1; Cos1
q2t1 70:100
AF21,CS2; Cos2
100
Queue 2 - 15%
DF; Cos0
q1t1
70:100
20
200
Queue 1 - 65%
Default IOS
BW Servicing 1p3q8t - Buffer Size% & Threshold
Weight
COS to Threshhold Map Value
n/a
EF, Cos5
n/a
200
150
100
Queue 1 - 50%
150
Queue 2 - 20%
CS1; Cos1
q1t2
DF; Cos0
q1t1
100
Queue 1 - 50%
70:100
40:70
When the macro is applied to the interface, the configuration shows all the commands and which macro
was applied. Here is an example of a 1p3q8t port configured using a macro:
interface GigabitEthernet3/1
no ip address
shutdown
wrr-queue bandwidth 0 40 60
wrr-queue queue-limit 0 65 20 wrr-queue random-detect minthreshold 2 80 100 100 100 100 100 100 100
wrr-queue random-detect min-threshold 3 100 100 80 90 100 100
100 100
wrr-queue random-detect max-threshold 2 100 100 100 100 100 100
100 100
wrr-queue random-detect max-threshold 3 100 100 90 100 100 100
100 100
wrr-queue cos-map 1 1 1
wrr-queue cos-map 2 1 0
wrr-queue cos-map 3 1 4
wrr-queue cos-map 3 2 2
wrr-queue cos-map 3 3 3
wrr-queue cos-map 3 4 6
wrr-queue cos-map 3 5 7
macro description pd-test
end
Note that MAX thresholds should be configured before MIN thresholds. This will avoid errors where the
new MIN threshold might be greater than the existing MAX threshold.
6. Monitoring QoS
QoS configurations need to be validated to ensure packets are properly marked and monitored to
ensure they are operating as designed.
To validate configurations, grab a packet trace (or use netflow) at the end points and check that in/out
bound DSCP markings are set correctly (SCCP = CS3; RTP = EF routing protocols = CS6, and all other set
to 0).
Locations to check
o
o
o
Config checkers should be used to validate that configurations are applied properly.
Queue drops can be monitored per interface, per queue and per threshold. Excessively high drops in a
particular queue could indicate the need to adjust queuing parameters. The CLI command 'show
queuing interface <blah> detailed' provides per interface, per queue and threshold drops, however, the
"detailed" portion of this command is only available in IOS ver x.x.x SXI.
These are the OIDs:
IOS - 1.3.6.1.4.1.9.9.580.1.5.1.1.4 - CISCO-SWITCH-QOS-MIB,
csqIfStatsDropPkts
We currently lack the ability to determine amount of traffic per COS/DSCP which could be useful for
planning and troubleshooting purposes. This would be remedied if we ran netflow internally.
TP reserves 192.168.0.0/24 thru 192.168.3.0/24 for internal use but does not have a default
gateway and therefore cannot route beyond the TP codec.
TP appears as two SIP endpoints in CM,
1) the TP codec
2) 7975 IP phone
Bandwidth requirements for TP: 1.628 Mbps to 12.756 Mbps per stream depending on
configuration
End to End Jitter target is < 10ms. Jitter greater than 20ms peak to peak will downgrade call
quality. Jitter 40ms or greater call will terminate.
Target packet loss is 0.5%
Marks video traffic as CS4, voice as CS5, and signaling as CS3. CS4 marked traffic is to be
assigned to the priority queue
The SRND recommends a separate cluster for TP, unless there are no other video devices on the
existing cluster
There are many different ways to deploy TP, i.e. point-to-point, point-to-multipoint, intra-enterprise,
inter-enterprise, etc. If TP were to be deployed on NCARs campus, qos configurations would also have
to be adjusted. Using the QoS configuration recommendations from above as a foundation, here is an
overview of the changes that would be needed assuming an Intra-NCAR TP deployment:
to the FRGP. Given the strict latency, jitter, and packet loss requirements for TP, its possible that
member institutions will request preferential treatment of TP traffic transiting the FRGP routers.
A single FRGP member requesting preferential treatment for video will impact all FRGP members in all
but the simplest case (ports are on the same router) because some QoS policy would need to be applied
on ports connecting l3-gw-1 <-> frgp-gw-2 <-> frgp-gw-3. At that point, one members traffic is being
preferred over all of the other members traffic.
In all the use cases mentioned above, the FRGP is the middleman transiting traffic from participant A to
participant B. A generic path may look like this:
particpantAs internal network <-> Tail circuit provider network<->FRGP<-> Tail Circuit provider
network<->participantBs internal network. In some cases, there may be a direct connection to a
participants network, eliminating the tail circuit provider network.
Telepresence marks video CS4, voice CS5, and signaling as CS3 (this is configurable at the TP end). Both
CS4 and CS5 are recommended to be placed in the priority queue. Ultimately we dont really care how
Telepresence is deployed in the participants networks, but we will need to know the COS/DSCP types
and bandwidth requirements for each COS/DSCP marking.
Should it be deemed necessary to implement QoS at the FRGP, a QoS policy will need to be created that
clearly defines the number and types of queues and COS/DSCP mappings to those queues. When
deploying QoS, coordination with participants and tail circuit vendors will be necessary to determine a
mapping between the different queue structures. If they dont match, then traffic will need to be
remarked either inbound and/or outbound to ensure similar treatment across different administrative
boundaries. Participants will be responsible for re-marking.
Using the QoS configuration recommendations from above as a foundation, here is an overview of the
changes that would be needed to create an FRGP QoS policy recommendation:
Recommend Inbound Option 1 Note that for either option, DSCP values might have to be remarked on a per interface basis depending on how a participants/tail circuit providers queue
strategy aligns with the FRGPs. Participants should be responsible for remarking where
possible.
Outbound: Any packet marked DSCP 1 by the commodity policer will need to be
remarked DSCP 0. If not there is a possibility that a participant/tail circuit vendor would
deferentially treat this traffic as it is typically assigned to the Scavenger Class. .
Policing:
o Inbound Option 1: No policing of COS/DSCP marked traffic
Pro: easier to admin
Con: Potential for abuse i.e. mark all traffic as priority
o Inbound Option 2: Place strict limits on COS/DSCP marked traffic
Pro: Prevents potential abuse
Con: more complicated policers
Recommend Inbound Option 2
Outbound: No change
Transmit Queuing:
o Option 1: Come up with FRGP QoS templates for services and how they will be mapped.
Similar to QMOE QoS templates.
Pro: limited set of configurations to maintain, easier to admin
Con: less flexible
o Option 2: Configure queuing on a per participant/tail circuit vendor basis.
Pro: Very flexible
Con: More configs to maintain, but not that many members
o Its possible that neither options is viable. The QoS configuration on some cards is
applied per ASIC (8 ports per ASIC on a 6148a) and not per port. More investigation is
needed.
Open questions:
9. References
1) Enterprise QoS SRND
http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND/QoS-SRND-Book.html
2) Medianet Campus Qos Design 4.0
http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND_40/QoSCampus_40.html
3) Cisco Unified Communications SRND Based on Cisco Unified Communications Manager 6.x
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/6x/uc6_0.html
4) Comparison of the Cisco Catalyst and Cisco IOS Operating Systems for the Cisco Catalyst 6500
Series Switch
http://www.cisco.com/en/US/customer/prod/collateral/switches/ps5718/ps708/prod_white_paper09186a00800c
8441.html
7) Understanding How Routing Updates and Layer 2 Control Packets Are Queued on an Interface
with a QoS Service Policy
http://www.cisco.com/en/US/customer/tech/tk543/tk544/technologies_tech_note09186a0080094612.shtml