Overview
The module presents a thorough overview of quality of service models and
mechanisms as implemented in complex service provider and enterprise networks.
It includes the following topics:
n Introduction to IP Quality of Service
n Integrated Services Model
n Differentiated Services Model
n Building Blocks of IP QoS Mechanisms
n Enterprise Network Case Study
n Service Provider Case Study
Objectives
Upon completion of this module, you will be able to perform the following tasks:
n Describe the need for IP QoS
n Describe the Integrated Services model
n Describe the Differentiated Services model
n Describe the building blocks of IP QoS mechanisms (classification, marking,
metering, policing, shaping, dropping, forwarding, queuing)
n List the IP QoS mechanisms available in the Cisco IOS
n Describe what QoS features are supported by different IP QoS mechanisms
Introduction to IP Quality of Service
Objectives
Upon completion of this lesson, you will be able to perform the following tasks:
n Describe different types of applications and services that have special resource
requirements
n List the network components that affect the throughput, delay and jitter in IP
networks
n List the benefits of deploying QoS mechanisms in IP networks
n List QoS mechanisms available in Cisco IOS
n Describe typical enterprise and service provider networks and their QoS-related
requirements
• Application X is slow!
• Video broadcast occasionally stalls!
If the network is empty any application should get enough bandwidth, acceptable
low and fixed delay and not experience any drops. The reality, however, is that
there are multiple users or applications using the network at the same time.
IP IP IP IP
The example above illustrates an empty network with four hops between a server
and a client. Each hop is using different media with a different bandwidth. The
maximum available bandwidth is equal to the bandwidth of the slowest link.
The calculation of the available bandwidth, however, is much more complex in
cases where there are multiple flows traversing the network. The calculation of the
available bandwidth in the illustration is a rough approximation.
IP IP IP IP
Delay = P1 + Q1 + P2 + Q2 + P3 + Q3 + P4 = X ms
• End-to-end delay equals a sum of all propagation, processing
and queuing delays in the path
• Propagation delay is fixed, processing and queuing delays are
unpredictable in best-effort networks
The figure illustrates the impact a network has on the end-to-end delay of packets
going from one end to the other. Each hop in the network adds to the overall delay
because of the following two factors:
1. Propagation (serialization) delay of the media that, for the most part, depends
solely on the bandwidth.
2. Processing and queuing delays within a router, which can be caused by a wide
variety of conditions.
Ping (ICMP echoes and replies) can be used to measure the round-trip time of IP
packets in a network. There are other tools available to periodically measure
responsiveness of a network.
Forwarding
bandwidth
IP IP IP IP
• Processing Delay is the time it takes for a router to take the packet from an
input interface and put it into the output queue of the output interface.
• Queuing Delay is the time a packets resides in the output queue of a router.
• Propagation or Serialization Delay is the time it takes to transmit a packet.
n Processing Delay is the time it takes for a router to take the packet from an
input interface and put it into the output queue of the output interface. The
processing delay depends on various factors, such as:
– CPU speed
– CPU utilization
– IP switching mode
– Router architecture
– Configured features on both input and output interface
n Queuing Delay is the time a packet resides in the output queue of a router. It
depends on the number and sizes of packets already in the queue and on the
bandwidth of the interface. It also depends on the queuing mechanism.
n Propagation or Serialization Delay is the time it takes to transmit a packet. It
usually only depends on the bandwidth of the interface. CSMA/CD media may
add slightly more delay due to the increased probability of collisions when an
interface is nearing congestion.
Forwarding
IP IP IP IP IP
Tail-drop
• Tail-drops occur when the output queue is full. These are the most
common drops which happen when a link is congested.
• There are also many other types of drops that are not as common and
may require a hardware upgrade (input drop, ignore, overrun, no
buffer, ...). These drops are usually a result of router congestion.
The usual packet loss occurs when routers run out of buffer space for a
particular interface (output queue). The figure illustrates a full output queue of an
interface, which causes newly arriving packets to be dropped. The term used for
such drops is simply “output drop” or “tail-drop” (packets are dropped at the tail of
the queue).
Routers might also drop packets for other (less common) reasons, for example:
n Input queue drop - main CPU is congested and cannot process packets (the
input queue is full)
n Ignore - router ran out of buffer space
n Overrun - CPU is congested and cannot assign a free buffer to the new packet
n Frame errors (CRC, runt, giant)—hardware-detected error in a frame
cTCP data
Compress
the Headers
• Upgrade the link. The best solution but also the most expensive.
• Take some bandwidth from less important applications.
• Compress the payload of layer-2 frames.
• Compress the header of IP packets.
cRTP data
Compress
the Headers
• Upgrade the link. The best solution but also the most expensive.
• Guarantee enough bandwidth to sensitive packets.
• Prevent congestion by randomly dropping less important packets
before congestion occurs
Interactive Not
Low Low Low
(e.g. Telnet) Important
Batch (e.g. Not Not
High
High Low
FTP) Important Important
Fragile (e.g. Low Low None Not
SNA) Important
No No No
Silver
Silver Guaranteed Guarantee Guarantee Guarantee
Bronze Guaranteed No No No
Limitted Guarantee Guarantee Guarantee
Best Effort No No No No
Guarantee Guarantee Guarantee Guarantee
... . . .. . . .. . . .. . . ..
By investigating the history of the Internet it can be divided into three QoS-related
periods:
n Best-effort. The Internet was designed for best-effort, no-guarantee delivery
of packets. This behavior is still predominant in today’s Internet.
n Integrated Services model. Introduced to supplement the best-effort delivery
by setting aside some bandwidth for applications that require bandwidth and
delay guarantees. The Integrated Services model expects applications to signal
their requirements to the network. Resource Reservation Protocol (RSVP) is
used to signal QoS requirements to the network.
n Differentiated Services model. Added to provide more scalability in
providing QoS to IP packets. The main difference is that the network
recognizes packets (no signaling is needed) and provides the appropriate
services to them.
Today’s IP networks can use all three models at the same time.
Review Questions
Answer the following questions:
n What are the relevant parameters that define the quality of service?
n What can be done to give more bandwidth to an application?
n What can be done to reduce delay?
n What can be done to prevent packet loss?
n Name the three QoS models?
Objectives
Upon completion of this lesson, you will be able to perform the following tasks:
n Describe the IntServ model
n List the key benefits and drawbacks of the IntServ model
n List some implementations that are based on the IntServ model
n Describe the need for Common Open Policy Service (COPS)
request
reply
Policy Decision
Point (PDP)
Following is a list of some of the IETF standards (RFCs) that describe RSVP,
COPS, the IntServ model and applications:
n Resource ReSerVation Protocol (RSVP), Version 1, Functional Specification
(http://www.ietf.org/rfc/rfc2205.txt)
n RSVP Management Information Base using SMIv2
(http://www.ietf.org/rfc/rfc2206.txt)
n RSVP Extensions for IPSEC Data Flows (http://www.ietf.org/rfc/rfc2207.txt)
n Resource ReSerVation Protocol (RSVP), Version 1, Applicability Statement,
Some Guidelines on Deployment (http://www.ietf.org/rfc/rfc2208.txt)
n Resource ReSerVation Protocol (RSVP), Version 1, Message Processing
Rules (http://www.ietf.org/rfc/rfc2209.txt)
n The Use of RSVP with IETF Integrated Services
(http://www.ietf.org/rfc/rfc2210.txt)
n Specification of the Controlled-Load Network Element Service
(http://www.ietf.org/rfc/rfc2211.txt)
n Specification of Guaranteed Quality of Service
(http://www.ietf.org/rfc/rfc2212.txt)
n Integrated Services Management Information Base using SMIv2
(http://www.ietf.org/rfc/rfc2213.txt)
n Integrated Services Management Information Base, Guaranteed Service
Extensions using SMIv2 (http://www.ietf.org/rfc/rfc2214.txt)
n General Characterization Parameters for Integrated Service Network Elements
(http://www.ietf.org/rfc/rfc2215.txt)
RSVP, as a resource reservation protocol, was designed for use by end devices in
networks (for example, personal computers and servers). It is a protocol that has
to be supported by an application that requires network resources and needs
guarantees.
n Typical examples of applications that would benefit from RSVP are voice
sessions that require a small amount of bandwidth with low-delay propagation.
n Cisco routers that act as voice gateways can use RSVP to request resources
(controlled-load and guaranteed-delay).
n Cisco routers that use Multiprotocol Label Switching (MPLS) Traffic
Engineering (MPLS/TE) use RSVP with extensions to reserve bandwidth and
set up MPLS/TE tunnels through MPLS and RSVP enabled networks.
n Cisco Soft Phone or Microsoft NetMeeting are Windows applications that use
RSVP to get resources for their VoIP sessions.
There are an increasing number of applications that use RSVP to request QoS
guarantees from a network.
RSVP
1) Explicit RSVP on each network node
Class of Service
or
Best Effort
2) RSVP ‘pass -through’ and CoS transport
- map RSVP to CoS at network edge
- pass -through RSVP request to egress
3) RSVP at network edges and ‘pass -through’ with
- best-effort forwarding in the core (if there is
enough bandwidth in the core)
The figure illustrates three options available when implementing QoS mechanisms
via RSVP in a network.
1. The first option is to simply enable RSVP on all interfaces of all the routers in
the network. This approach is mainly used in enterprise networks that have
more predictable RSVP flows (in terms of quantity and direction because they
typically use hub-and-spoke topology). Large service provider networks are
less inclined to use RSVP throughout their networks either because RSVP
would require too many concurrent reservations on a single interface or
because the routers are not capable of providing guarantees to individual flows
on high-bandwidth interfaces.
2. An alternative option is to use RSVP on network edges where there is
typically less bandwidth per interface and congestion is more likely. The edge-
to-core routers (for example, access or distribution layer routers) mark RSVP
flows with IP markers, which can then be used in a DiffServ enabled core—
the Differentiated Services model is covered in the next lesson).
3. Another option is to use RSVP on network edges and rely on best-effort
delivery in a non-congested core.
All Routers
• WFQ applied per flow
based on RSVP requests
In the first scenario, each router in the network processes RSVP messages and
keeps track of the special resource needs for each individual RSVP flow.
Weighted Fair Queuing (WFQ) can be used in the backbone to provide resource
allocation on a flow-by-flow basis.
One concern with this approach is that RSVP is resource intensive on backbone
routers - in terms of the amount of signaling and the amount of special information
that they need to keep on each RSVP flow.
A second issue is that WFQ is a very CPU-intensive algorithm and does not run at
high speed on today’s routers. In the backbone, high speed is a mandatory
requirement.
Precedence
Classifier
WRED
Premium Egress Router
Standard
• RSVP protocol
sent on to destination
Ingress Router • WFQ applied to
• RSVP protocol manage egress flow
Mapped to classes
Passed through to egress Backbone
• WRED applied based
on class
Both RSVP and WFQ have been available for some time and can be used on all
low-end platforms and on high-end platforms that are typically used to concentrate
customer networks.
Newer RSVP mechanisms include:
n Mapping of RSVP to DSCP (the Differentiated Services model with the details
of the DiffServ Code point is covered in the next lesson).
n Mapping of RSVP to ATM SVCs (this technology is covered in the “IP QoS -
IP over ATM” module).
+ RSVP benefits:
• Explicit resource admission control (end to end)
• Per-request policy admission control
(authorization object, policy object)
• Signaling of dynamic port numbers (for example,
H.323)
–RSVP drawbacks:
• Continuous signaling due to stateless architecture
• Not scalable
The Common Open Policy Service (COPS) is an add-on to RSVP. It can be used
to offload certain tasks from network devices to a central server. The result is that
the configuration of individual devices is more standardized (template-based) and
all individual parameters are managed from a centralized location. In addition,
COPS supports admission control of individual flows (the network device
determines the available resources and the central server authorizes the flow).
Review Questions
Answer the following questions:
n What are the two building blocks of the Integrated Services model?
n Which protocol is used to signal QoS requirements to the network?
Objectives
Upon completion of this lesson, you will be able to perform the following tasks:
n Describe the DiffServ model
n List the key benefits of the DiffServ model compared to the IntServ model
n Describe the purpose of the DS field in IP headers
n Describe the interoperability between DSCP-based and IP-precedence-based
devices in a network
n Describe the Expedited Forwarding service
n Describe the Assured Forwarding service
The DiffServ model describes services and allows for more user-defined services
to be used in a DiffServ-enabled network.
Services are provided to classes. A class can be identified as a single application
or, as in most cases, it can be identified based on source or destination IP address.
The idea is for the network to recognize a class without having to receive any
request from applications. This allows the QoS mechanisms to be applied to other
applications that do not have the RSVP functionality, which is the case for 99% of
applications that use IP.
The introduction of the DiffServ Code Point (DSCP) replaces the IP precedence
but maintains interoperability with non-DS compliant devices (those that still use IP
precedence). Because of this backward-compatibility DiffServ can be gradually
deployed in large networks.
A traffic aggregate is a collection of all flows that require the same service. A
service is implemented using different QoS mechanisms (a QoS mechanism
implements a per-hop behavior).
The DiffServ field (DS fie ld) is the former 8-bit Type of Service field. The main
difference is that the DSCP supports more classes (64) than IP precedence (8).
The most important part of designing QoS is to provision services as explained on
the next page.
DS interior node
DS Egress
DS Ingress Boundary node
Boundary node
Boundary link
Upstream
DS domain Downstream
DS domain
DS region
The DiffServ model uses the DS field in the IP header to mark packets according
to their classification into Behavior Aggregates (BAs). The DS field occupies the
same eight bits of the IP header that were previously used for the Type of Service
(ToS) field.
There are three IETF standards describing the purpose of those eight bits:
n RFC 791 includes specification of the ToS field where the high-order three bits
are used for IP precedence. The other bits are used for delay, throughput,
reliability and cost.
n RFC 1812 modifies the meaning of the ToS field by removing any meaning
from the five low-order bits (those bits should all be zero).
n RFC 2474 replaces the ToS field with the DS field where the six high-order bits
are used for the DiffServ Code Point (DSCP). The remaining two bits are
currently not used.
Each DSCP value identifies a Behavior Aggregate (BA). Each BA is assigned a
per-hop behavior (PHB). Each PHB is implemented using the appropriate QoS
mechanism or a set of QoS mechanisms.
• Three pools:
– “xxxxx0” Standard Action
– “xxxx11” Experimental/Local Use
– “xxxx01” EXP/LU (possible std action)
• Default DSCP: “000000”
• Default PHB: FIFO, tail-drop
The history of the eight bits in question (ToS field alias DS field) can be divided
into three periods according to the RFCs describing the purpose of those bits:
RFC 791
RFC 791 defines the Type of Service field with the following components:
n Bits seven, six and five are used for IP precedence
n Bit four is used for delay (0 = Normal Delay, 1 = Low Delay)
n Bit three is used for throughput (0 = Normal Throughput, 1 = High
Throughput)
n Bit two is used for reliability (0 = Normal Reliability, 1 = High Reliability)
n Bits one and zero are not used and should be zero (bit one was later applied a
meaning of monetary-cost by RFC 1349; this RFC also replaces individual bits
with a four-bit ToS value to allow more types of services)
RFC 1812
RFC 1812 loosens the strict representation of the ToS field (obsole tes RFC 795).
RFC 2474
RFC 2474 replaces the ToS field with the DS field where a range of eight values
(Class Selector) is used for backward compatibility with IP precedence. There is
no compatibility with the delay, throughput, reliability and monetary-cost bits.
RFC 1812 simply prioritizes packets according to the precedence value. The PHB
is defined as the probability of timely forwarding. Packets with higher IP
precedence should (on the average) be forwarded in less time than packets with
lower IP precedence.
RFC 2474 adopts this set of PHBs and values by creating the Class Selector PHB
group. Class Selector can be identified by the low-order three bits of the DSCP or
low-order five bits of the DS field: all bits are zero.
• Priority Queuing
• IP RTP Prioritization
• Class-based Low-latency Queuing (CB-LLQ)
• Strict Priority queuing within Modified Deficit
Round Robin (MDRR) on GSR
AF4 100dd0
• Each AF class uses three DSCP values
• Each AF class is independently forwarded with its
guaranteed bandwidth
• Differentiated RED is used within each class to
prevent congestion within the class
© 2001, Cisco Systems, Inc. IP QoS Introduction-51
As the figure illustrates there are three DSCP values assigned to each of the four
AF classes.
Assured Forwarding class Drop Probability DSCP value
AF class 1 Low 001 01 0
Medium 001 10 0
High 001 11 0
AF class 2 Low 010 01 0
Medium 010 10 0
High 010 11 0
AF class 3 Low 011 01 0
Medium 011 10 0
High 011 11 0
AF class 4 Low 100 01 0
Medium 100 10 0
High 100 11 0
As with Expedited Forwarding there are multiple QoS mechanisms in the Cisco
IOS that can accommodate some or all of the requirements of Assured Forwarding
PHB:
n The preferred implementation is to use the Class-based Weighted Fair Queuing
(CB-WFQ) with four classes (four independent queues) and Weighted Random
Early Detection (WRED) within each queue.
n A similar solution can be provided on the Cisco 12000 series routers by using
the Modified Deficit Round Robin (MDRR) queuing with WRED in each
queue. The AF PHB can also be implemented using the old-fashioned IP
precedence. The only restriction is the number of available IP precedence
values.
n Example 1:
n Four classes but no differentiated dropping:
n AF1—IP precedence 1
n AF2—IP precedence 2
n AF3—IP precedence 3
n AF4—IP precedence 4
n Example 2:
n Two classes with differentiated dropping (two drop precedence values):
n AF1—IP precedence 1 for high-drop, IP precedence 2 for low-drop
n AF1—IP precedence 3 for high-drop, IP precedence 4 for low-drop
Review Questions
Answer the following questions:
n What are the benefits of the DiffServ model compared to the IntServ model?
n What is a DiffServ Code Point?
n Name the standard PHBs?
n How was backward compatibility with IP precedence achieved?
n Describe the PHB of Assured Forwarding.
n Describe the PHB of Expedited Forwarding.
Objectives
Upon completion of this lesson, you will be able to perform the following tasks:
n Describe different classification options in IP networks
n Describe different marking options in IP networks
n List the mechanisms that are capable of measuring the rate of traffic
n List the mechanisms that are used for traffic conditioning, shaping and avoiding
congestion
n List the forwarding mechanisms available in Cisco IOS
n List the queuing mechanisms available in Cisco IOS
Input Output
Input I/O Forwarding Output I/O
Processing Processing
Process switching
Fast/optimum switching
Netflow switching
CEF switching
Basic router function takes packets received on the input interface, makes a
forwarding decision and transmits the packet out through the output interface.
Today’s routers, however, can do much more than that. The figure lists a small
subset of features that affect packet processing on input or output interfaces.
Following is a list of some of the features available with Cisco routers:
n Payload compression (Stacker, Predictor)
n Header compression (TCP and RTP header compression)
n BGP-policy marking (CEF-based marking or QoS Policy propagation through
BGP)
n Traffic Policing (CAR, CB Policing)
n Traffic Shaping (GTS, FRTS, CB-Shaping)
n Class-based marking
n Encryption (CET or IPsec)
n WRED
n Policy-based Routing
n Accounting (IP accounting, NetFlow accounting)
n Filtering (access lists)
n Reverse-path checking
n Address and port translation (NAT, PAT)
n Stateful filtering (firewalling)
n Web-cache redirection
IP QoS mechanisms can perform different types of actions. All QoS mechanisms
can be divided into the following QoS actions:
n Classification – most QoS mechanisms support multiple classes. There are
different classification tools available with different QoS mechanisms (for
example, access lists, route maps, class maps and rate-limit access lists). Some
QoS mechanisms have the capability to match directly on certain parameters.
For example:
– CAR (QoS group and DSCP)
– WRED (IP precedence)
– ToS-based dWFQ (IP precedence)
– QoS-group-based dWFQ (QoS group)
– WFQ (flow parameters)
– PQ and CQ (interface, packet size and protocol)
n Some mechanisms require the information about traffic rate of classes (for
example, CAR, GTS, FRTS, CB-Shaping, CB-Policing, CB-WFQ, CB-LLQ,
MDRR and IP RTP Prioritization).
n Some mechanisms are used for dropping purposes. They utilize a dropping
scheme different from the usual tail-drop. WRED is an example of such
mechanism.
n Some mechanisms are used to limit traffic rate by dropping excess traffic
(CAR and CB-Policing).
n Some mechanisms are used to limit traffic rate by delaying excess traffic (GTS,
FRTS and CB-Shaping).
n Some mechanisms have the capability to mark packets with different types of
markers (IP precedence, DSCP, QoS group, MPLS experimental bits, ATM
CLP bit, Frame Relay DE bit and 802.1q or ISL priority/cos bits)
n Some mechanisms are used for queuing on output interfaces (for example,
FIFO, PQ, CQ, WFQ, dWFQ, ToS-based dWFQ, QoS-group-based dWFQ,
CB-WFQ, IP RTP Prioritization and MDRR)
n Cisco IOS also has different types of forwarding mechanisms (Process
Switching, Fast Switching, Optimum Switching, Silicon Switching, Autonomous
Switching, NetFlow Switching, Cisco Express Forwarding and Policy-based
routing)
Meter
Meter
The figure lists QoS mechanisms in the Cisco IOS that have the capability to
measure the rate of traffic by using the Token Bucket model.
Meter
The figure lists markers that can be set using Cisco routers and the queuing
mechanisms that have marking capabilities.
The following table lists all the mechanisms that have marking capabilities and the
markers that are supported by those mechanisms.
QoS Mechanism Available markers
Committed Access Rate (CAR) IP precedence
DSCP
QoS group
MPLS experimental bits
QoS Policy Propagation through BGP IP precedence
(QPPB) QoS group
Policy-based Routing (PBR) IP precedence
QoS group
Class-based Marking IP precedence
DSCP
QoS group
MPLS experimental bits
ATM CLP bit
Frame Relay DE bit
802.1Q/ISL cos/priority
Marker
Marker Preservation Value range
QoS group
group Local to a router 100 values
(0 to 99)
Throughout an MPLS network
MPLS experimental
experimental bits
bits 8 values
(optionally throughout
throughout an
entire IP network)
Frame Relay DE bit Throughout a Frame Relay 2 values
network (0 or 1)
ATM CLP bit Throughout an ATM 2 values
network (0 or 1)
IEEE 802.1Q or
or ISL
ISL CoS
CoS Throughout a LAN 8 values
switched network (0 to 7)
Meter
• Shaping mechanisms:
– Generic Traffic Shaping (GTS)
– Frame Relay Traffic Shaping (FRTS)
– Class-based Shaping
– Hardware shaping on ATM VC
The figure lists four mechanisms that are used for traffic shaping purposes. All of
these mechanisms are implemented in software (Cisco IOS) except for ATM
shaping which is implemented in hardware.
Traffic shaping is used to limit the departure rate of packets, frames or cells by
delaying them if they exceed the contractual rate. A token bucket model is used to
measure the arrival rate and determine when packets can be forwarded.
Meter
• Dropping mechanisms
– Committed Access Rate (CAR) and Class-based
Policing can drop packets that exceed the
contractual rate
– Weighted Random Early Detection (WRED) can
randomly drop packets when an interface is
nearing congestion
© 2001, Cisco Systems, Inc. IP QoS Introduction-66
Another way of enforcing rate limits is to drop excess traffic. Committed Access
Rate (CAR) and Class-based Policing can be used for this purpose.
Weighted Random Early Detection (WRED) is a congestion-avoidance mechanism
that randomly drops packets when interfaces are nearing congestion.
Meter
Meter
The last mechanism that handles packets in the IOS is the queuing mechanism.
The figure lists most of the queuing mechanisms.
Meter
All queuing mechanisms include a drop policy. Most mechanisms use a simple tail-
drop scheme (the last packet to arrive is dropped if there is no room in the queue).
Weighted Fair Queuing (WFQ) uses a more intelligent dropping scheme, which
is discussed in the “IP QoS – Queuing mechanisms” module. Some queuing
mechanisms also include the Weighted Random Early Detection (WRED) to
prevent congestion in their queues.
Review Questions
Answer the following questions:
n Name the QoS building blocks.
n What is the purpose of classification?
n What is the purpose of marking?
n Which markers do you know?
n Which mechanisms can classify and mark packets?
n Which mechanisms have the ability to measure the rate of traffic?
n Which forwarding mechanisms do you know?
n Which queuing mechanisms do you know?
n How, when and where do routers drop packets?
Objectives
Upon completion of this lesson, you will be able to perform the following tasks:
n Describe a typical structure of an enterprise network
n Describe the need for QoS in enterprise networks
n List typical QoS requirements in enterprise networks
n List the QoS mechanisms that are typically used in enterprise networks
Core
(central sites
and
data centres)
This lesson describes typical Enterprise Networks to show the topology and
technologies involved in such networks. Designing IP QoS networks largely
depends on the topology and QoS requirements.
The figure illustrates a three-layered network:
1. The core interconnects the data center(s) with the distribution-layer routers.
2. The distribution layer routers concentrate links towards a number of access-
layer routers.
3. The access-layer routers connect branch offices to the network.
Most traffic in enterprise networks goes between branches and the data center.
Core
(central sites
and
data centres)
MPLS/VPN (new)
Access
(branch offices)
Modern enterprise networks can use MPLS/VPN backbones to get a virtual full
mesh even though most traffic still goes between the data center and the branches.
Implementing QoS in such environments requires QoS guarantees from the service
provider and provisioning in the enterprise part of the network.
The figure shows a case study where relatively low bandwidths are used which
calls for QoS to manage bandwidth according to the needs of the enterprise.
• Core - Distribution
– Custom queuing
• Distribution - Branch
– Priority queuing or
– Custom Queuing with a priority queue
• Options
– Traffic shaping
– Adaptation to Frame Relay congestion notification
The figure lists mechanisms that could be used to accommodate the need of the
enterprise. This solution would normally be used in networks where an old IOS
version is being used and an upgrade is not an option (due to the cost of getting
newer IOS versions, memory upgrade, flash upgrade, etc.). The listed mechanisms
(Priority Queuing and Custom Queuing) have been available since Cisco IOS
version 10.0.
• Core - Distribution
– Class-based Weighted Fair Queuing (CB-WFQ)
– Class-based Low Latency Queuing (CB-LLQ)
• Distribution - Branch
– Class-based Weighted Fair Queuing (CB-WFQ)
– Class-based Low Latency Queuing (CB-LLQ)
• Options
– Class-based Shaping
– Adaptation to Frame Relay congestion notification
– Class-based Policing
– Weighted Random Early Detection (WRED)
© 2001, Cisco Systems, Inc. IP QoS Introduction-79
This figure shows a solution using advanced mechanisms to provide better control
of bandwidth usage. This solution requires newer Cisco IOS software versions
(12.1 or 12.2, depending on the details of the implementation).
Review Questions
Answer the following questions:
n What is the typical enterprise network topology?
n How is resilience achieved?
n Based on which information do typical enterprise networks apply QoS?
Objectives
Upon completion of this lesson, you will be able to perform the following tasks:
n Describe a typical structure of a service provider network
n Describe the need for QoS in service provider networks
n List typical QoS requirements in service provider networks
n List the QoS mechanisms that can be used in service provider networks
Redundant connections
ATM, SONET/SDH, DPT, GE, ... Rings
Distribution
(regional POPs)
Single connections
Frame Relay, ATM, Leased line (analog, TDM), Optional redundant connections
dial-up (PSTN, ISDN, GSM), xDSL, (fast)ethernet, ... Dial backup
Access
(customers)
• Typical service provider networks use a high -speed partially-meshed core (backbone)
• Regional POPs use two or more connections to the core
• There may be another layer of smaller POPs connected to distribution-layer POPs
• Customers are usually connected to the service provide via a single point-to-point link (a
secondary link or a dial line can be used to improve resilience)
As the figure illustrates, Service Provider networks significantly differ from typical
enterprise networks. Enterprise Networks are used as a tool to support the
enterprise whereas with Service Providers the network is the business itself.
Enterprise networks are concerned with providing quality to business-critical
applications and Service Providers tend to broaden their service offering by
introducing QoS.
Service Providers want to offer customers more than plain connectivity. Service
Providers want to establish differentiated levels of service for customers with
incremental pricing and SLA agreements. The customer should not only shop
around among a number of service providers that offer connectivity to the Internet
or provide MPLS/VPNs, but also have a menu of services they can choose from.
Some customers are satisfied with the best-effort service; some want certain
service guarantees.
Service Provider networks would generally use newer Cisco IOS software and
can therefore deploy the latest available mechanisms. The case study is
implemented using CB-WFQ in combination with WRED and CB-LLQ at
networks edges (between access and distribution layer). WRED can be used on
high-speed links (on core links).
Review Questions
Answer the following questions:
n What is the typical topology of service provider networks?
n How is resilience achieved?
n Based on which information do typical service provider networks apply QoS?
Review Questions
Answer the following questions:
n Name the QoS building blocks.
Classification, marking, metering, dropping, policing, shaping and queuing.
n What is the purpose of classification?
Classification is used to assign packets to traffic classes with different
QoS requirements (behavior aggregates).
n What is the purpose of marking?
Marking is used to allow simplified classification on other devices in the
network.
n Which markers do you know?
IP precedence, DSCP, MPLS experimental bits, QoS group, Frame
Relay DE bit, ATM CLP bit, 802.1q CoS bits, ISL priority bits.
n Which mechanisms can classify and mark
packets?
Policy-based Routing (PBR)
Committed Access Rate (CAR)
QoS Policy Propagation through BGP (QPPB)
Class-based Policing
Class-based Marking
n Which mechanisms have the ability to measure
the rate of traffic?
Committed Access Rate (CAR)
Generic Traffic Shaping (GTS)
Frame Relay Traffic Shaping (FRTS)
Class-based Weighted Fair Queuing (CB-WFQ)
Class-based Low Latency Queuing (CB-LLQ)
Class-based Policing
Class-based Shaping
IP RTP Prioritization
n Which forwarding mechanisms do you know?
Process Switching, Fast Switching, Optimum Switching, NetFlow
Switching, CEF switching …
Review Questions
Answer the following questions:
n What is the typical enterprise network topology?
Enterprise networks typically use the hub-and-spoke topology.
n How is resilience achieved?
Resilience is achieved by using redundant links.
n Based on which information do typical enterprise
networks apply QoS?
Enterprise networks typically provide QoS to applications. Applications
are typically identified based on the TCP or UDP port numbers.
Review Questions
Answer the following questions:
n What is the typical topology of service provider
networks?
Typical service provider networks use a partially meshed core with a
redundant hub-and-spoke topology for the POPs.
n How is resilience achieved?
Resilience is achieved by using partial mesh (core) and redundant links
(distribution, access).
n Based on which information do typical service
provider networks apply QoS?
Service providers typically apply QoS to customer traffic. Customer
traffic is identified based on source or destination IP addresses.
Overview
This module describes the mechanisms that are used to classify and mark IP
packets. This module builds on the knowledge acquired from the introductory
module where classification and marking is discussed. Theoretical knowledge is
supplemented by detailing Policy-based routing (PBR) and QoS Policy Propagation
through BGP (QPPB) mechanisms.
Objectives
Upon completion of this module, you will be able to:
n Describe Policy-based routing and how it is used to classify and mark IP
packets
n Describe QoS Policy Propagation through BGP and how it is used to classify
and mark IP packets
n List other mechanisms that also support classification and marking capabilities
(Committed Access Rate, Class-based Policing and Class-based Marking)
Traffic Classification and Marking
Classification
• Most QoS mechanisms in the Cisco IOS
include some type of classification
• Some mechanisms classify packets
automatically, some require manual
configuration
Marking
• Only a small number of mechanisms also
include a marking capability
This module focuses on the QoS mechanisms that are used for classification and
marking purposes only. Most QoS mechanisms include some type of classification
but only a small number of mechanisms also include marking capability.
Classification is the term used for identifying a Behavior Aggregate to which a
packet belongs. A Behavior Aggregate is a collection of flows requiring the same
quality of service.
Marking is the term used for coloring packets by applying a class-identifying
value to one of the following markers: IP precedence, DSCP, QoS group (value is
local to a router), MPLS experimental bits (can be used only in MPLS-enabled
networks), ATM CLP bit (value can be used only within ATM networks), Frame
Relay DE bit (value can be used only within Frame Relay networks), IEEE 802.1q
or ISL cos/priority bits (value can be used on within LAN-switched networks).
2-2 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Traffic Classification and Marking
This module describes the two QoS mechanisms that are used purely for
classification and marking purposes:
n Policy-based Routing (PBR)
n QoS Policy Propagation through BGP (QPPB)
There are other QoS mechanisms that also support classification and marking:
n Committed Access Rate (CAR) – this mechanism is described in the “IP
QoS – Traffic Shaping and Policing” module
n Class-based Policing (CB-Policing) – this mechanism is described in the
“IP QoS – Modular QoS CLI (Chapter 2)” module
n Class-based Marking (CB-Marking) – this mechanism is described in the
“IP QoS – Modular QoS CLI (Chapter 2)” module
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-3
Policy-based Routing
Objectives
Upon completion of this lesson, you will be able to:
n Describe Policy Based Routing (PBR)
n Configure PBR on Cisco routers
n Monitor and troubleshoot PBR
2-4 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Policy-based Routing
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-5
PBR “match” and “set” Options
Set:
• Output interface (bypass the
Match on: routing table)
• Standard and extended access • Next-hop address (bypass the
lists routing table)
• Length of packets (min,max) • ToS field (QoS marking)
• IP precedence (QoS marking)
• QoS group (QoS marking)
IP
Input Output
interface interface
PBR classifies packets based on standard or extended access lists, the length of
packets and the incoming router interface (a route map is applied to an input
interface).
The route map sets the following parameters:
n Output interface: force the router to forward packets to an interface even if it
would not provide for optimal routing
n Next-hop address: to make a forwarding decision by using a different next-hop
address than the one determined by the routing table
n ToS value: the ToS value in this case applies to bits 4,3,2 and 1 of the ToS field
n IP precedence: three-bit field used to identify a class of service
n QoS group: the local parameter with an expanded value range
The first two parameters (output interface and next-hop address) are used to
bypass the default destination-based routing. The other three parameters are used
for QoS purposes (ToS value is less commonly used).
2-6 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
PBR Capabilities
Inbound Dropper
or
Classifier Marker
Locally-originated
Forwarding
Outbound
Meter
Shaper Queuing
Classifier Marker
Dropper
The figure illustrates the “full” QoS building-block scheme showing that PBR
works only on input and that it supports only classification and marking. The
“Forwarding” box could be colored as well since PBR can be used to make a
forwarding decision. PBR contains no mechanism for metering or dropping of data
packets.
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-7
Configuring Classification and
Marking Using PBR
2-8 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Route Map Rules
Router(config)#
route-map <name> [permit | deny] [<sequence-number>]
match <condition>
set <parameter>
• Route maps are identified by a case sensitive name
• Route maps can have multiple statements (same name,
different sequence number)
• Packets are processed in the specified sequence
• Packets not matched by the route map are forwarded using the
default destination-based forwarding
• If packets are matched by the “match” condition but the route
map statement is using the “deny” option, the default
destination-based forwarding is applied to the packet
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-9
PBR Classification
Router(config-route-map)#
match ip address <#acl>
Route maps have a number of match options but only two can be used for policy-
based routing purposes:
n match ip address is used to examine the packet’s headers with a standard or
an extended access list
n match length is used to mach packets based on their length
2-10 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
PBR Marking
Router(config-route-map)#
set ip precedence <precedence>
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-11
Applying a Route Map
Router(config-if)#
ip policy-map <route-map-name>
Once a route map is configured it must be applied to either packets coming into the
router through an interface or to packets being generated by the router.
The first command (ip policy-map) is used for forwarded packets.
The second command (ip local policy-map) is used for packets generated by a
router and is typically used for tunneling packets (e.g. DLSw)
Note Policy-based routing is a mechanism that puts interfaces into Process Switching
mode. This will significantly degrade performance. PBR has been available in
the fast-switching path since Cisco IOS version 11.3. The ip route-cache policy
command can be used on an interface to enable caching for PBR. This
command has been available since Cisco IOS software version 12.0.
2-12 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Monitoring and Troubleshooting
PBR
Router#
show route-map <name>
The show route-map command is used to display the route map with its match
and set options.
The debug ip policy command is used to display all packets being processed by
PBR.
The show ip policy command is used to see a list of all interfaces that are enabled
for PBR. The output also displays the corresponding route maps.
The show ip local policy command is used to display the configured parameters
for local PBR with a number of packets and bytes that have been policy-routed by
the local PBR.
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-13
Monitoring and Debugging
Policy Routing
Router#show
Router#show route-map
route-map CPE
CPE
route-map
route-map CPE,
CPE, permit,
permit, sequence
sequence 10
Match
Match clauses:
ip address
address (access-lists):
(access-lists): 199
Set clauses:
clauses:
ip precedence
precedence flash-override
flash-override
Policy routing matches: 3418 packets, 412108 bytes
route-map
route-map CPE,
CPE, permit,
permit, sequence
sequence 20
Match
Match clauses:
ip address
address (access-lists):
(access-lists): MatchPing
MatchPing
Set clauses:
clauses:
ip precedence
precedence priority
priority
Policy
Policy routing
routing matches:
matches: 8282 packets,
packets, 31045
31045 bytes
bytes
Router#show
Router#show access-list
access-list MatchPing
MatchPing
Extended
Extended IP
IP access
access list MatchPing
MatchPing
permit icmp any any echo (25 matches)
Router#
Router#
The figure shows a sample output of the show route-map and show access-list
commands.
2-14 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Monitoring and Debugging
Policy-based Routing
Router#debug
Router#debug ip
ip policy
policy
Policy
Policy routing
routing debugging
debugging is
is on
on
Router#ping
Router#ping 192.168.1.1
192.168.1.1
Type
Type escape
escape sequence
sequence to
to abort.
abort.
Sending
Sending 5,
5, 100-byte
100 -byte ICMP
ICMP Echos
Echos to
to 192.168.1.1,
192.168.1.1, timeout
timeout is
is 22 seconds:
seconds:
!!!!!
!!!!!
Success
Success rate
rate is
is 100
100 percent
percent (5/5),
(5/5), round-trip
round -trip min/avg/max
min/avg/max == 28/31/32
28/31/32 ms
ms
Router#
Router#
2d02h:
2d02h: IP:
IP: s=192.168.1.2
s=192.168.1.2 (local),
(local), d=192.168.1.1,
d=192.168.1.1, len
len 100,
100, policy
policy match
match
2d02h:
2d02h: IP:
IP: route
route map
map CPE,
CPE, item
item 20,
20, permit
permit
...
...
The debug ip policy command is similar to the debug ip packet except that the
debug ip policy only displays policy-routed packets. This command should be
used with caution as it may produce too much output.
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-15
IP Precedence Marking
Case Study #1
The case study involves a bank branch office where a single router connects two
LANs to the corporate network via one serial interface. This case study focuses
on the classification and marking part of a larger QoS solution, which includes
other QoS mechanisms.
2-16 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Case #1- Solution
Policy-based routing can be used to mark packets with IP precedence values. All
packets from Ethernet 0 are marked with IP precedence 2. Since matching is
applied to all packets no “match” command is needed in the route map. The other
route map is applied to the other Ethernet interface and it marks packets with IP
precedence 0.
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-17
IP Precedence Marking
Case Study #2
The second case study is more complicated because classification is not done
based on the input interface. Instead, classification if performed based on
application (TCP or UDP port numbers).
2-18 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Case #2 - Solution
WAN core
E0
interface
interface eth
eth 0
0 Core
ip
ip policy-map
policy-map set-prec
set-prec
Branch
Mark
Mark IP
IP precedence:
precedence: !!
office
route-map
route-map set-prec permit
set-prec permit 10
10
Telnet
Telnet = 22 match
match ip
ip address
address CorporateWebTraffic
CorporateWebTraffic
Corporate
Corporate Web
Web == 1 set
set ip precedence 11
everything
everything else
else == 0 route-map
route-map set-prec
set-prec permit
permit 20
20
match
match ip
ip address
address TN3270
TN3270
set
set ip precedence 22
route-map
route-map set-prec
set-prec permit
permit 30
30
set
set ip precedence 00
!!
ip
ip access-list
access-list extended
extended CorporateWebTraffic
CorporateWebTraffic
permit
permit tcp
tcp any
any 10.1.1.0
10.1.1.0 0.0.0.255
0.0.0.255 eq
eq www
www
ip
ip access-list
access-list extended
extended TN3270
TN3270
permit
permit tcp
tcp any
any any
any eq
eq telnet
telnet
A route map is created with three statements, one for each application:
n The first statement uses an access list to identify corporate web traffic
(destination port 80). IP precedence 1 is applied to these packets.
n The second statement uses another access list to identify outbound telnet
sessions. IP precedence 2 is applied to these packets.
n The last statement sets IP precedence 0 to all other packets.
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-19
Route Map - Review
2-20 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Summary
Policy based routing is used for two purposes:
n Bypassing the traditional destination-based forwarding
n Marking of IP packets with Ip precedence or QoS group
Lesson Review
n What are the applications of Policy-based Routing?
n What configuration tool is used to implement PBR?
n How can PBR be applied to IP traffic?
n Describe the classification options with PBR.
n Describe the marking options with PBR.
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-21
QoS Policy Propagation through BGP (QPPB)
Objectives
Upon completion of this lesson, you will be able to:
n Describe the QPPB mechanism
n Configure the QPPB mechanism on Cisco routers
n Monitor and troubleshoot QPPB
2-22 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
IP QoS Policy Propagation
Through BGP (QPPB)
QoS Policy Propagation through BGP is a mechanism that can be split into two
parts:
n Policy propagation via BGP, where a QoS policy is encoded into a BGP
attribute. BGP Communities are typically used to encode a QoS policy.
n Marking of packets with IP precedence or QoS group based on the QoS policy
learned via BGP.
BGP Policy is usually set on ingress routers (ingress for route propagation, egress
for packet forwarding) in an Autonomous System. BGP then carries the
information to other routers in the AS and translates (using a route map) this
information into IP precedence or QoS group. Marking is then enabled on per-
interface basis.
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-23
QPPB Capabilities
Inbound Dropper
or
Classifier Marker
Locally-originated
Forwarding
Outbound
Meter
Shaper Queuing
Classifier Marker
Dropper
Similar to PBR, QPPB also supports classification and marking only on the input
interface.
2-24 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
BGP Marking
Meter
Inbound
traffic
stream
Classifier Marker Dropper
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-25
Cisco Express Forwarding
Review
2-26 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Review: Standard IP Switching
The figure illustrates how BGP routing information is used on routers that are
configured with the default switching operation:
n A BGP entry is inserted into the main routing table (the network points to the
BGP next-hop address.
n A recursive routing lookup is needed when the first packet arrives. After the
output interface is identified, a cache entry is generated. Multi-access media
requires additional information from the ARP cache.
n The subsequent packets are forwarded using the fast-switching cache.
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-27
Review: CEF Switching
ARP cache
IP address Layer 2 header IP address MAC address
Adjacency
1.5.4.1 MAC header 1.5.4.1 0c.00.11.22.33.44
table
... ... ... ...
CEF switching is different from the default operation in the following ways:
n CEF switching cache (the FIB table and the adjacency table) reflects the
information from the main routing table. Changes in the FIB table are not
triggered by packets but by changes in the main routing table itself.
n The CEF switching cache is split into two tables:
n Forwarding Information Base (FIB) which contains all networks that
are taken from the routing table. Those entries point to directly accessible
next-hops. Adjacency pointers are used to get information about these
next-hops from the Adjacency table
n Adjacency table contains a list of directly connected neighboring IP
devices. A layer-2 header is created in advance to accelerate the
encapsulation process.
2-28 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
CEF Switching with QoS
Packet Marking
Address Prefix AS-Path Next hop Communities Other attr.
BGP table 10.0.0.0 /8 42 13 1.2.3.4 37:12
... ... ... ... ... BGP table...
map
ARP cache
IP address Layer 2 header IP address MAC address
Adjacency
1.5.4.1 MAC header 1.5.4.1 0c.00.11.22.33.44
table
... ... ... ...
When using CEF for packet marking a table map is used in the BGP configuration
mode to process routes inserted into the routing table. A route map (used as a table
map in BGP) can translate any BGP parameter or attribute into IP precedence or
QoS group. This information is then passed on to the FIB table.
Once packet marking is enabled the router will perform two CEF lookups:
n The first lookup is used to mark packets
n The second lookup is used to make a forwarding decision
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-29
QPPB Configuration Tasks
Before configuring routers to support QPPB, a QoS design, which must include the
following, is needed:
n BGP attribute used to encode class of service (BGP Communities are usually
used)
n Marker (when using QPPB only IP precedence or QoS group can be used)
The following configuration steps are necessary on routers that perform packet
marking:
n Enable CEF
n Create a route map that translates a BGP attribute into IP precedence or QoS
group
n Apply the route map to process BGP routes before they are entered into the
main routing table.
n Enable per interface marking.
2-30 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Setting IP Precedence or QoS
Group in the IP Routing Table
Router(config-router)#
table-map <route-map-name>
Router(config)#
route-map <name> permit <seq>
set ip precedence <precedence>
set ip qos-group <group>
Use the table -map command in the BGP configuration mode to populate the main
routing table with the class of service information.
A route map can “tag” networks with IP precedence, QoS group or both.
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-31
Enable Per-interface Packet
Marking
Router(config-if)#
bgp-policy source ip-prec-map
Once the FIB table contains the class of service information (IP precedence or
QoS group), marking can be configured on input interfaces.
CEF-based marking is performed based on the following:
n Find the source address (taken from the packet being marked) in the FIB
table and mark it with the IP precedence value attached to the
address/network. Use the bgp-policy source ip-prec-map interface
command to mark the packet.
n Find the source address (taken from the packet being marked) in the FIB
table and mark it with the QoS group value attached to the address/network.
Use the bgp-policy source ip-qos-map interface command to mark the
packet.
2-32 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Enable Per-interface Packet
Marking
Router(config-if)#
bgp-policy destination ip-prec-map
n Find the destination address (taken from the packet being marked) in the
FIB table and mark it with the IP precedence value attached to the
address/network. Use the bgp-policy destination ip-qos-map interface
command to mark the packet.
n Find the destination address (taken from the packet being marked) in the
FIB table and mark it with the QoS group value attached to the
address/network. Use the bgp-policy destination ip-qos-map interface
command to mark the packet.
All four commands can be attached to the same interface (although not
recommended) and they are processed in the following order:
n Source-based IP precedence marking
n Source-based QoS group marking
n Destination-based IP precedence marking (overrides source-based marking)
n Destination-based QoS group marking (overrides source-based marking)
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-33
Case Study
WAN core
NAP router NAP router POP router
Customer
AS 24 AS 12 (AS 73)
This case study shows how customer networks can be marked with a BGP
community identifying a class of service, which is then propagated throughout the
Autonomous System 12 and used on edge routers to classify and mark packets
towards the customer networks with IP precedence flash (IP precedence 3).
Each IP precedence value is also identified by a name:
IP precedence IP precedence
value name
0 Routine
1 Priority
2 Immediate
3 Flash
4 Flash-override
5 Critical
6 Internet
7 Network
2-34 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Step #1
Distribute QoS functions
WAN core
NAP router NAP router POP router
Customer
AS 24 AS 12 (AS 73)
To achieve the same level of quality in both directions the packets going to and
coming from the customer network must first be classified and marked.
Classification and marking of packets coming from the customer network is trivial:
n PBR without a match statement is used on the interface connection from the
customer network to the ISP’s network.
n Another option is to use other mechanisms such as Committed Access Rate
(CAR), Class-based Policing or Class-based Marking.
Classifying and marking packets going to the customer network is a more difficult
task because:
n Classifying and marking must be performed on all edge routers.
n Classifying and marking requires the identification of the customer network.
Using PBR, CAR, CB-Policing or CB-Marking does not scale because it
involves the use of access lists (this is especially difficult if customer networks
are dynamically learned via BGP).
QPPB is the only scalable mechanism that can classify and mark packets based on
their source or destination IP address.
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-35
Step #2
Select QoS mechanisms
WAN core
NAP router NAP router POP router
Customer
AS 24 AS 12 (AS 73)
CEF-based marking
The case study will employ PBR to do the marking of outbound packets (from the
customer perspective). QPPB will be used to mark inbound packets on remote
edge (border) routers.
2-36 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Step #3 - Design Individual QoS
Mechanisms
WAN core
NAP router NAP router POP router
Customer
AS 24 ASSet
12 FIB table (AS 73) on
based
BGP community
Customers networks are tagged with BGP Community 12:17 and sent to all internal
BGP neighbors.
Edge routers use a table map to translate BGP Community 12:17 into IP
precedence 3.
Destination-based precedence marking is enabled on interfaces connecting the AS
to other ASs.
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-37
Mark Routes Coming From AS 73
WAN core
NAP router NAP router POP router
Customer
AS 24 AS 12 (AS 73)
router bgp 12
neighbor 1.2.3.4 remote-as 73
neighbor 1.2.3.4 route-map Premium in
!
route-map Premium permit 10
set community 12:17 additive
The figure illustrates how a route map is used to process inbound BGP routing
updates coming from the customer’s AS 73. The BGP community attribute 12:17 is
added to the routing updates.
2-38 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Configure Community
Propagation
WAN core
NAP router NAP router POP router
Customer
AS 24 AS 12 (AS 73)
router bgp 12
neighbor 2.3.4.5 remote-as 12
neighbor 2.3.4.5 send-community
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-39
Set FIB Table Based on BGP
Community
WAN core
NAP router NAP router POP router
router bgp 12 Customer
AS 24 AS 12
table-map PremiumCheck (AS 73)
!
route-map PremiumCheck permit 10
match community 17
set ip precedence flash
!
route-map PremiumCheck permit 20
set ip precedence 0
!
ip community-list 17 permit 12:17
The edge routers use route maps to translate BGP Community values into
appropriate IP precedence values. The figure illustrates how all routes carrying
BGP community 12:17 are tagged with IP precedence 3 in the routing table and the
FIB table. All other networks are tagged with IP precedence 0.
Note Setting IP precedence 0 on all packets not specifically matched by a table map is
also a security feature because it prevents IP precedence spoofing. Anyone
trying to use a high IP precedence value (e.g. 6 or 7) will be remarked with IP
precedence 0 and get the best-effort service.
2-40 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Configure CEF Packet Marking
WAN core
NAP router NAP router POP router
Customer
AS 24 AS 12 (AS 73)
ip cef
!
interface hssi 0/0
bgp-policy destination ip-prec-map
!
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-41
IP QoS and BGP Interaction
Review
2-42 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Summary
QPPB is a mechanism that is used to implement more scalable QoS solutions. It
uses BGP to propagate QoS policy information and CEF to mark packets with IP
precedence or QoS group.
Lesson Review
n Why is QPPB needed?
n How is QoS policy propagated through a network?
n How are QoS traffic classes defined by QPPB?
n Which IP forwarding mechanisms support QPPB?
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-43
Other QoS Mechanisms with Classification and
Marking Capability
Objectives
Upon completion of this lesson, you will be able to:
n Explain how most QoS mechanisms support some type of classification
n Name CAR, CB-Policing and CB-Marking as mechanisms that support
classification and marking
2-44 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Classification
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-45
Marking
2-46 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Committed Access Rate (CAR)
CAR is a mechanism used to limit the traffic rate of a class and optionally mark
packets with one of the following markers:
n IP precedence
n DSCP
n MPLS experimental bits
n QoS group
CAR can also mark packets with two different values depending on whether they:
n Conform to the policy (packet is within the contractual bit-rate)
n Exceed the policy (packet is over the contractual bit-rate)
Conforming and exceeding packets can be marked with different values.
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-47
Class-based Policing
2-48 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Class-based Marking
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-49
Summary
The following mechanisms are used for classification and marking purposes:
n Policy-based Routing (PBR)
n QoS Policy Propagation through BGP (QPPB)
n Committed Access Rate (CAR)
n Class-based Policing
n Class-based Marking
PBR is a mechanism that was primarily intended for bypassing the destination-
based forwarding and marking packets with IP precedence or QoS group.
QPPB is a mechanism that can also be used to mark packets with IP precedence
or QoS group. Its main advantage is scalability.
Lesson Review
n Which mechanisms in IOS support classification and marking of packets?
n Which fields or parameters can be used to mark packets in Cisco IOS?
2-50 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Summary
After completing this module, you should be able to perform the following tasks:
n Describe Policy-based routing and how it is used to classify and mark IP
packets
n Describe QoS Policy Propagation through BGP and how it is used to classify
and mark IP packets
n List other mechanisms that also support classification and marking capabilities
(Committed Access Rate, Class-based Marking)
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-51
Review Questions and Answers
Policy-based Routing
Question: What are the applications of Policy-based Routing?
Answer: PBR is used to bypass the destination-based forwarding or to classify
and mark packets.
Question: What configuration tool is used to implement PBR?
Answer: Route maps are used to implement PBR.
Question: How can PBR be applied to IP traffic?
Answer: PBR can be applied to input packets or packets originated by the
router.
Question: Describe the classification options with PBR.
Answer: PBR’s classification options include standard and extended access lists
as well as packet size based classification. PBR can also classify based on the
input interface because it is used on per-interface basis.
Question: Describe the marking options with PBR.
Answer: PBR can set the next-hop address or output interface to bypass the
default destination based forwarding. PBR can also mark packets with the
following options: ToS bits, IP precedence or QoS group.
2-52 IP QoS Classification and Marking Copyright 2001, Cisco Systems, Inc.
Other QoS Mechanisms with Classification and Marking Capability
Question: Which mechanisms in IOS support classification and marking of
packets?
Answer:
Policy-based Routing (PBR)
Committed Access Rate (CAR)
QoS Policy Propagation through BGP (QPPB)
Class-based Policing
Class based Marking
Question: Which fields or parameters can be used to mark packets in Cisco IOS?
Answer: IP precedence, DSCP, MPLS experimental bits, QoS group, Frame Relay
DE bit, ATM CLP bit, 802.1q CoS bits, ISL priority bits.
Copyright 2001, Cisco Systems, Inc. IP QoS Classification and Marking 2-53
Queuing Mechanisms
Overview
This module describes the queuing mechanisms that can be used on output
interfaces.
It includes the following topics:
n Queuing Overview
n FIFO Queuing
n Priority Queuing
n Custom Queuing
n Weighted Fair Queuing
n Distributed Weighted Fair Queuing
n Modified Deficit Round-robin
n IP RTP Prioritization
Objectives
Upon completion of this module, you will be able to perform the following tasks:
n Describe and configure FIFO Queuing (FQ)
n Describe and configure Priority Queuing (PQ)
n Describe and configure Custom Queuing (CQ)
n Describe and configure basic Weighted Fair Queuing (WFQ), distributed WFQ,
ToS-based distributed WFQ and QoS-group-based distributed WFQ
n Describe and configure Modified Weighted Round-robin (MDRR) queuing
n Describe and configure IP RTP Prioritization
Queuing Overview
Objectives
Upon completion of this lesson, you will be able to perform the following tasks:
n Understand how queuing works on Cisco routers
n List the most used queuing mechanisms
The lesson discusses how output queuing mechanisms are implemented on Cisco
routers running Cisco IOS. It discusses most of the queuing mechanisms in detail,
except Class-based Weighted Fair Queuing and Class-based Low-latency
Queuing, which are discussed in the “IP QoS – Modular QoS CLI (Chapter 2)”
module.
Software Hardware
Output
Forwarder Queuing Queue Interface
System (TxQ)
Hardware
Software Queue Yes Hardware Queue No
Empty? Full? Queue
(TxQ)
No Yes
Software
Queuing
System
The implementation of software queuing was optimized for periods when the
interface is not congested. The software queuing system is bypassed whenever
there is no packet in the software queue and there is room in the hardware queue.
The software queue is, therefore, only used when data must wait to be placed into
the hardware queue.
The double queuing strategy (software and hardware queue) has its impacts on the
result of overall queuing:
n Software queue is used for a certain reason. If the hardware queue is too long
it will contain a large number of packets scheduled in the FIFO fashion. This is
probably against the QoS design that required a certain complex software
queuing system (for example, Custom Queuing).
So why use the hardware queue at all? Or why not just set its length to one? That
would force all packets to go through the software queue and be scheduled one by
one to the interface for transmission. This approach has the following drawbacks:
n Each time a packet is transmitted, the interface driver interrupts the CPU and
requests more packets to be delivered into its hardware queue. Some queuing
mechanisms have complex scheduling that takes time to deliver more packets.
The interface does not send anything during that time (link utilization is
decreased) if the hardware queue is empty because its maximum size is one.
n The CPU schedules packets one by one instead of many at the same time (in
the same interrupt interval). This increases the CPU utilization.
Choosing the appropriate length of the hardware queue is very important. The
default TxQ size is determined by the IOS based on the bandwidth of the media
and should be fine for most queuing implementations. Faster interfaces have longer
hardware queues because they produce less delay. Slower interfaces have shorter
hardware queues to prevent too much delay in the worst-case scenario where the
entire hardware queue is full of MTU-sized packets.
Forwarded Packets
Hardware
Queuing System
Class 2? Add/Drop Queue 2
Hardware Q Interface
Scheduler
• Each queuing mechanism has three main components that define it:
– Classification (selecting the class)
– Insertion policy (determining whether a packet can be enqueued)
– Service policy (scheduling packets to be put into the hardware queue)
The figure illustrates the actions that have to be taken before a packet can be
transmitted:
n Most queuing mechanisms include classification of packets.
n Once a packet is classifie d, a router has to determine whether it can put the
packet into the queue or it has to drop the packet. Most queuing mechanisms
will drop a packet only if the corresponding queue is full (tail-drop). Some
mechanisms use a more intelligent dropping scheme (Weighted Fair Queuing)
or a random dropping scheme (Weighted Random Early Detection).
n If the packet is allowed to be enqueued it will be put into the FIFO queue for
that particular class.
n Packets are then taken from the individual per-class queues and put into the
hardware queue.
Queuing systems differ in the following ways:
n Classification options: some mechanisms classify packets automatically (for
example, WFQ), while other mechanisms require manual configuration of
classification (for example, PQ or CQ).
n Insertion policy: most queuing mechanisms use the tail-dropping scheme.
n Scheduling policy: this is the most important part of every queuing mechanism
because it determines the order in which the packets will leave the router.
Review Questions
Answer the following questions:
n Which queuing mechanisms do Cisco routers support?
n When is a software queuing mechanisms not used?
n How does TxQ length affect the software queuing system?
Objectives
Upon completion of this lesson, you will be able to perform the following tasks:
n Describe FIFO queuing
n Describe the drawbacks of FIFO queuing
n Configure FIFO queuing on Cisco routers
n Monitor and troubleshoot FIFO queuing
Forwarded Packets
FIFO queuing has no classification because all packets belong to the same class.
Packets are dropped when the output queue is full (tail-drop). The scheduler
services packets in the order they arrived.
Software FIFO queue is basically an extension of the hardware FIFO queue.
+ Benefits
• Simple and fast (one single queue with a simple
scheduling mechanism)
• Supported on all platforms
• Supported in all switching paths
• Supported in all IOS versions
– Drawbacks
• Unfair allocation of bandwidth among multiple flows
• Causes starvation (aggressive flows can monopolize
links)
• Causes jitter (bursts or packet trains temporarily fill
the queue)
© 2001, Cisco Systems, Inc. Queuing Mechanisms-15
FIFO queuing might be regarded as the fairest queuing mechanism but it has a long
list of drawbacks:
n FIFO does not fairly allocate bandwidth among multiple flows. Some flows
receive more bandwidth because they use larger packets or send more packets.
n FIFO is extremely unfair when an aggressive flow is contesting with a fragile
flow. Aggressive flows send a large number of packets, many of which are
dropped. Fragile flows send a modest amount of packets and most of them are
dropped because the queue is always full due to the aggressive flow. This type
of behavior is called starvation.
n Short or long bursts cause a FIFO queue to fill. Packets entering an almost full
queue have to wait a long time before they can be transmitted. Another time,
the queue might be empty causing packets of the same flow to experience
almost no delay. Variation in delay is called jitter.
In spite of all the drawbacks FIFO is still the most used queuing mechanism
because of the following benefits:
n It is simple and fast. Most high-end routers with fast interfaces are not really
challenged by the drawbacks mentioned earlier. Furthermore, routers are not
capable of complex classification and scheduling when they have to process a
large number of packets per second. FIFO is, therefore, the most suitable
queuing mechanisms on these platforms.
n It is supported on all platforms.
n It is supported in all IOS versions.
Router(config-if)#
no fair-queue
fair-queue
Router(config-if)#
hold-queue <buffers>
<buffers> out
One of the considerations when using FIFO queuing is the maximum burst size.
Routers allow (by default) up to 40 packets to be in the output queue. Shortening
the queue causes more drops, especially for bursty sessions. Lengthening the
queue allows more packets to be enqueued. A long queue should be used to allow
bursts without drops.
The hold-queue command is used to set the maximum number of packets in the
output queue.
The example shows how FIFO can be enabled on an interface that uses WFQ by
default. The serial interface in question has the default bandwidth of 128 kbps
(below 2 Mbps). The ethernet interface has the default bandwidth of 10 Mbps
(above 2 Mbps) and requires no configuration.
The maximum output queue size was also slightly increased from the default 40 to
50.
FIFO queuing is not supported by a large arsenal of show and debug commands.
The show interface command can be used to determine the queuing strategy of
an interface and to display the following statistics:
n The current queue size (buffer usage)
n The maximum queue size (default 40 or whatever is configured with the
hold-queue out command)
Review Questions
Answer the following questions:
n Why is FIFO the fastest queuing mechanism?
n Describe the classification and scheduling of FIFO queuing.
n List the drawbacks of FIFO queuing.
Objectives
Upon completion of this lesson, you will be able to perform the following tasks:
n Describe Priority Queuing
n Describe the benefits and drawbacks of Priority Queuing
n Configure Priority Queuing on Cisco routers
n Monitor and troubleshoot Priority Queuing
Forwarded Packets
Hardware
Medium? Tail-drop Queue 2 Queuing System
Pre-emptive
Scheduler Hardware Q Interface
Priority Queuing (PQ) is one of the first mechanisms that allowed classification of
packets into multiple classes. Scheduling is done in strict priority.
PQ can classify packets into one of the four queues:
n High queue
n Medium queue
n Normal queue (the default queue)
n Low queue
Scheduling prefers packets in the same order. Each class uses one FIFO queue,
where packets are dropped if a queue is full.
Priority Queuing is basically a collection of four parallel FIFO queues. Each queue
suffers from all FIFO problems isolated to the class (unfair, starvation, delay,
jitter). Each queue uses the tail-drop scheme when the queue is full.
Each of the four queues can be configured with the maximum number of packets
that it can hold.
Packet in No
HIGH
queue?
Packet in No
Yes
MEDIUM
queue?
Packet in No
Yes
NORMAL
queue?
Packet in No
Yes
LOW
queue?
Yes
Dispatch Packet
And start checking the Hardware Q
HIGH queue again
Priority Queuing uses strict priority scheduling. As long as there are packets in the
high queue no other queue will be served. If the high queue is empty the router
starts serving the medium queue.
Congestion in any of the queues, except the low queue, causes a different type of
starvation. A congested higher-priority queue causes all lower-priority queues to
starve (class starvation).
+ Benefits
• Provides low-delay propagation to high-priority
packets
• Supported on most platforms
• Supported in all IOS versions (above 10.0)
– Drawbacks
• All drawbacks of FIFO queuing within a single class
• Starvation of lower -priority classes when higher-
priority classes are congested
• Manual configuration of classification on every hop
The configuration of Priority Queuing can be split into the following four steps:
1. Classify data into four classes
2. Assign a queue to each class
3. Set the maximum queue size (if the default is not appropriate)
4. Apply the priority queuing system to one or more interfaces
Router(config)#
priority-list list-number
list-number protocol protocol-name
{high|medium|normal|low} queue-keyword keyword-value
The first three configuration steps are achieved using the priority-list command.
A Priority Queuing system is identified with a common number (list-number).
Priority Queuing supports the following direct classification options of IP packets:
1. Match fragments
2. Match packets based on their size
3. Match packets based on their source or destination TCP/UDP port number
A far more powerful classification tool is an access list (standard or extended).
Router(config)#
priority-list list-number interface intf {high|medium|normal|low}
{high|medium|normal|low}
Note The priority-list commands are evaluated in the order they were entered. This is
especially important when overlapping classification is configured for separate
queues.
For example:
Line 1: all IP traffic goes into the high priority queue
Line 2: all TCP traffic goes into the medium queue
The medium queue in this example would never g et any packets because it
appears second in the configuration and it is a subset of the first line.
Router(config-if)#
priority-group list
Priority Queuing uses the following default maximum queue sizes for the four
queues:
n High queue has a default queue limit of 20
n Medium queue has a default queue limit of 40
n Normal queue has a default queue limit of 60
n Low queue has a default queue limit of 80
The last configuration step is to apply a priority-list to an interface. Use the
priority-group command with a corresponding priority-list number to enable
Priority Queuing on an interface.
E0
WAN core
E1
Core
interface
interface serial0
serial0
Branch priority-group
priority-group 1
office
priority-list
priority-list 1 protocol
protocol ip high list 101
priority-list
priority-list 1 interface
interface ethernet
ethernet 00 medium
medium
priority-list
priority-list 1 default normal
priority-list
priority-list 1 queue-limit 20 40 60 80
access-list
access-list 101
101 permit
permit tcp
tcp any
any any
any eq 23
The figure illustrates a simple example where outbound traffic is classified into the
following three classes:
1. All outbound telnet sessions (access list 101) are using the high priority queue
2. All traffic coming into the router via interface Ethernet 0 is forwarded through
the medium queue
3. All other traffic is using the default normal queue
Router#
show interface
interface interface
Router#
show queue
queue interface
interface
The show interface command can be used to determine the queuing strategy of
an interface. If the queuing strategy is PQ some statistics are also displayed.
The show queueing priority command can be used to display all non-default
parameters of priority lists.
Note To use the show queueing command, you must enter at least the first six
characters to differentiate the command (show queuei vs. show queue).
Router#show
Router#show interface
interface serial
serial 1/0
1/0
Serial1/0
Serial1/0 isis up,
up, line
line protocol
protocol is
is up
up
Hardware
Hardware is
is M4T
M4T
Internet
Internet address
address is
is 20.0.0.1/8
20.0.0.1/8
MTU
MTU 1500
1500 bytes,
bytes, BW
BW 19
19 Kbit,
Kbit, DLY
DLY 20000
20000 usec,
usec, rely
rely 255/255,
255/255, load
load 93/255
93/255
Encapsulation
Encapsulation HDLC,
HDLC, crc
crc 16,
16, loopback
loopback not
not set
set
Keepalive
Keepalive set
set (10
(10 sec)
sec)
Last
Last input
input 00:00:00,
00:00:00, output
output 00:00:00,
00:00:00, output
output hang
hang never
never
Last
Last clearing
clearing ofof "show
"show interface"
interface" counters
counters never
never
Input
Input queue:
queue: 0/75/0
0/75/0 (size/max/drops);
(size/max/drops); Total
Total output
output drops:
drops: 00
Queueing
Queueing strategy:
strategy: priority-list
priority-list 11
Output
Output queue
queue (queue
(queue priority:
priority: size/max/drops):
size/max/drops):
high:
high: 0/20/0,
0/20/0, medium:
medium: 0/40/0,
0/40/0, normal:
normal: 0/60/0,
0/60/0, low:
low: 0/80/0
0/80/0
55 minute
minute input
input rate
rate 18000
18000 bits/sec,
bits/sec, 88 packets/sec
packets/sec
55 minute
minute output
output rate
rate 7000
7000 bits/sec,
bits/sec, 88 packets/sec
packets/sec
…… rest
rest ignored
ignored ...
...
The show interface command displays the parameters and the statistics of all four
priority queues. The first parameter is the current size of the queue, the second is
the maximum allowed size of the queue and the third parameter is the number of
drops since the last clearing of counters.
Router#show
Router#show queueing
queueing priority
Current
Current priority
priority queue
queue configuration:
configuration:
List
List Queue Args
Args
11 high
high protocol ip list 101
11 medium
medium interface
interface Ethernet6/0
Review Questions
Answer the following questions:
n When would you use priority queuing?
n What are the benefits and drawbacks of priority queuing?
n How many classes does priority queuing support?
n How does priority queuing schedule packets?
Objectives
Upon completion of this lesson, you will be able to perform the following tasks:
n Describe Custom Queuing
n Describe the benefits and drawbacks of Custom Queuing
n Configure Custom Queuing on Cisco routers
n Monitor and troubleshoot Custom Queuing
Forwarded Packets
Hardware
Class 2? Tail-drop Queue 2 Queuing System
Round
Robin Hardware Q Interface
Scheduler
Custom Queuing (CQ) is similar to Priority Queuing in the way it is configured and
in the supported classification options. The scheduling, however, is completely
different.
CQ uses up to 16 queues that can be used for user-defined classes. The
classification options are identical to those of Priority Queuing.
The scheduling mechanism uses the round-robin service where each queue is
allowed to forward a certain number of bytes (not packets).
Tail-drop is still used within each individual queue.
Custom Queuing (similar to Priority Queuing) can classify IP packets with the
following tools:
n Direct matching on the source interface.
n Standard or extended IP Access list. Extended IP access lists support matching
on the following parameters:
– Source IP address
– Destination IP address
– Source TCP or UDP port number or port range
– Destination TCP or UDP port number or port range
– IP precedence (high-order three bits of the ToS field)
– DSCP (high-order six bits of the ToS field)
– ToS value (bits one through four of the ToS field)
– Fragments
– TCP flags (ACK, SYN, RST, URG, PSH)
n Direct matching of TCP or UDP source and destination port numbers.
n Direct matching of fragments.
n Direct matching of packets based on their size.
Once the packet is classified a router has to determine if the packet can be
enqueued. The packet is dropped if the queue is full.
Each queue, unless configured otherwise, can buffer up to 20 packets before the
first packet is dropped.
No
Is Queue N
Packet in No Next Queue Yes
over the
Queue N? (increase N)
threshold?
Yes
Dispatch
Packet Hardware Q
Custom Queuing uses round-robin scheduling, where each queue gets some
service (bandwidth). Each queue is configured with the number of bytes
(byte-count) it can send in one round. The last packet is always sent, even if the
total amount of bytes sent in one round is above the limit (byte-count). The router
then starts processing the next queue.
The figure illustrates the worst case scenario where the following parameters were
used to implement Custom Queuing on an interface:
n MTU of the interface is 1500 bytes
n Byte-count is 3000 (twice the MTU)
The example shows how the router first sent two packets with a total size of 2999
bytes. Since this is still within the limit (3000) the router can send the next packet
(MTU-sized). The result was that the queue received almost 50% more bandwidth
in this round than it should.
This is one of the drawbacks of Custom Queuing – it does not allocate bandwidth
accurately.
The limit or weight of the queue is configured in bytes. The accuracy of Custom
Queuing depends on the weight (byte-count) and the MTU.
If the ratio between the byte-count and the MTU is too small CQ will not allocate
bandwidth accurately.
If the ratio between the byte-count and the MTU is too large CQ will cause long
delays. This problem is discussed in detail on the next two pages.
Queue 1
5999 4500
Round
Queue 2 Robin 64 kbps
Scheduler
4499 3000 MTU=1500
Queue 3
2999 1500
BW
BW (Queue 1) == bc1/(bc1+bc2+bc3)
bc1/(bc1+bc2+bc3) == 4500/9000 == 50%
Delay
Delay (Queue
(Queue 1)
1) = (bc2+bc3)/Bandwidth = 562ms
Worst-case
Worst-case Delay
Delay (Queue
(Queue 1) = ((bc2+1499) +(bc3+1499))/Bandwidth
+(bc3+1499))/Bandwidth == 937ms
The figure shows several calculations where the worst-case maximum delay was
reduced by reducing both the MTU and the byte-counts.
Note The calculation merely shows the impact the MTU and the byte-count have on
the delay. Lowering the MTU is not a recommended solution because it
potentially increases the CPU utilization of the router due to fragmentation of
packets.
+ Benefits
• Guarantees throughput to traffic classes (prevents
starvation between traffic classes)
• Supported on most platforms
• Supported in all IOS versions (above 10.0)
– Drawbacks
• All drawbacks of FIFO queuing within a single class
• Manual configuration of classification on every hop
• Not accurate bandwidth allocation
• High jitter due to implementation of scheduling
In addition to all the benefits and drawbacks of Priority Queuing, Custom Queuing
can also guarantee bandwidth to up to 16 classes.
Custom Queuing can cause all queues to experience delay due to the
implementation of scheduling (one round can take a long time).
Router(config)#
queue-list list-number protocol protocol-name
protocol-name
queue-number
queue-number queue-keyword keyword-value
Router(config)#
queue-list list-number interface incoming-intf queue-number
queue-number
Custom queuing uses the same classification options as Priority Queuing. Instead
of using names queues are numbered (1 to 16).
Router(config)#
queue-list list-number default
default queue-number
Router(config)#
queue-list list queue
queue queue-number byte-count bc
n Use the byte-count option to change the default weight of a queue (default
equals MTU size)
n Use the limit option to change the number of packets that a queue can hold
(default is 20)
Forwarded Packets
Custom Queuing has
Custom Queuing System queue 0 for system and
link-level messages which
use pre-emptive scheduling
Class 0? Tail-drop Queue 0
Pre -emptive
Scheduler Hardware Q Intf
Class 2? Tail-drop Queue 2
Round
Robin
Scheduler
Custom queuing has another queue—Queue 0. This queue is used for system
packets (routing protocols, link-level messages).
This queue is not served by the round-robin scheduler. Instead, a strict priority
scheduler is used to prioritize packets from this queue.
Forwarded Packets
Pre -emptive
Scheduler Hardware Q Intf
Class 2? Tail-drop Queue 2
The strict priority scheduler can be extended to other queues that are normally
served by the round-robin scheduler.
The figure illustrates how Queue 1 was moved into the priority-scheduled part of
the Custom Queuing system. The delimiter can be set to any queue by specifying
the lowest custom queue (Queue 2 in this example). In fact, Custom Queuing can
be turned into Priority Queuing with 17 queues if Queue 16 is selected as the
lowest custom queue.
Router(config)#
queue-list list-number lowest-custom queue-number
queue-number
E0
WAN core
interface
interface serial 1/0
1/0
E1 custom-queue-list 5 Core
Branch !!
queue-list
queue-list 55 protocol
protocol ip
ip 11 list
list 101
101
office
queue-list
queue-list 5 queue 1 limit 40
queue-list
queue-list 5 lowest-custom
lowest-custom 22
queue-list
queue-list 5 interface
interface ethernet
ethernet 0/0
0/0 22
queue-list
queue-list 55 queue
queue 22 byte-count
byte-count 3000
queue-list
queue-list 5 protocol ip 3
queue-list
queue-list 55 queue
queue 33 byte-count
byte-count 5000
queue-list
queue-list 5 default
default 4
!!
access-list
access-list 101 permit
permit ip any any precedence
precedence 5
The figure shows a sample configuration where four queues are used:
n Queue 1 is used for delay-sensitive applications (marked with IP precedence
5). It uses the strict priority scheduler.
n Queue 2 is used for all packets coming from interface Ethernet0/0.
n Queue 3 is used for all IP packets that do not end in one of the first two
queues.
n Queue 4 is used for all other traffic.
Router#show
Router#show interface
interface serial
serial 1/0
1/0
Serial1/0
Serial1/0 isis up,
up, line
line protocol
protocol is
is up
up
Hardware
Hardware isis M4T
M4T
Internet
Internet address
address is
is 20.0.0.1/8
20.0.0.1/8
MTU
MTU 1500
1500 bytes,
bytes, BW
BW 19
19 Kbit,
Kbit, DLY
DLY 20000
20000 usec,
usec, rely
rely 255/255,
255/255, load
load 107/255
107/255
Encapsulation
Encapsulation HDLC,
HDLC, crc
crc 16,
16, loopback
loopback not
not set
set
Keepalive
Keepalive set
set (10
(10 sec)
sec)
Last
Last input
input 00:00:00,
00:00:00, output
output 00:00:00,
00:00:00, output
output hang
hang never
never
Last
Last clearing
clearing of
of "show
"show interface"
interface" counters
counters never
never
Input
Input queue:
queue: 0/75/0
0/75/0 (size/max/drops);
(size/max/drops); Total
Total output
output drops:
drops: 00
Queueing
Queueing strategy:
strategy: custom-list
custom-list 55
Output
Output queues:
queues: (queue
(queue #:
#: size/max/drops)
size/max/drops)
0:
0: 0/20/0
0/20/0 1:
1: 0/40/0
0/40/0 2:
2: 0/20/0
0/20/0 3:
3: 0/20/0
0/20/0 4:
4: 0/20/0
0/20/0
5:
5: 0/20/0
0/20/0 6:
6: 0/20/0
0/20/0 7:
7: 0/20/0
0/20/0 8:
8: 0/20/0
0/20/0 9:
9: 0/20/0
0/20/0
10:
10: 0/20/0
0/20/0 11:
11: 0/20/0
0/20/0 12:
12: 0/20/0
0/20/0 13:
13: 0/20/0
0/20/0 14:
14: 0/20/0
0/20/0
15:
15: 0/20/0
0/20/0 16:
16: 0/20/0
0/20/0
…… rest
rest ignored
ignored ...
...
Router#show
Router#show queueing
queueing custom
Current
Current custom
custom queue
queue configuration:
List
List Queue Args
Args
55 33 default
default
55 11 protocol
protocol ip
ip list 101
55 22 interface
interface Ethernet0/0
55 11 byte-count
byte-count 3000 limit 40
55 22 byte-count
byte-count 5000
The show queueing custom command can be used to display all non-default
parameters of Custom Queuing.
Review Questions
Answer the following questions:
n When would you use custom queuing?
n What are the benefits and drawbacks of custom queuing?
n How many classes does custom queuing support?
n How does custom queuing schedule packets?
Objectives
Upon completion of this lesson, you will be able to perform the following tasks:
n Describe WFQ
n Describe the benefits and drawbacks of WFQ
n Configure WFQ on Cisco routers
n Monitor and troubleshoot WFQ
Weighted Fair Queuing (WFQ) was introduced as a solution to the problems of the
following queuing mechanisms:
n FIFO queuing causes starvation, delay and jitter
n PQ causes starvation of other lower-priority classes and suffers from all FIFO
problems within each of the four queues
n CQ causes long delays and also suffers from all FIFO problems within each of
the 16 queues
The idea of WFQ is to:
n Have a dedicated queue for each flow (no starvation, delay or jitter within the
queue)
n Fairly and accurately allocate bandwidth among all flows (minimum scheduling
delay, guaranteed service)
n Use IP precedence as weight when allocating bandwidth
Forwarded Packets
Hardware
Flow 2? WFQ-drop Queue 2 Queuing System
WFQ
Scheduler Hardware Q Interface
n WFQ uses automatic classification. Manually defined classes are not supported.
n WFQ dropping is not a simple tail-drop. WFQ drops packets of the most
aggressive flows.
n WFQ scheduler is a simulation of a TDM system (time-division multiplexer).
The bandwidth is equally distributed to all active flows.
• Implementation parameters
–Queuing platform: central CPU or VIP
–Classification mechanism
–Weighted fairness
• Modified Tail-Drop within each queue
WFQ classification has to identify individual flows (the term conversation is also
used to signify flows). A flow is identified based on the following information taken
from the IP header and the TCP or UDP headers:
n Source IP address
n Destination IP address
n Protocol number (identifying TCP or UDP)
n Type of Service Field
n Source TCP/UDP port number
n Destination TCP/UDP port number
All these parameters are usually fixed for a single flow, although there are some
exceptions:
n A QoS design could mark packets with different IP precedence values even if
they belong to the same flow. This kind of behavior should be avoided when
using WFQ.
n Some applications change port numbers (for example, TFTP).
If packets of the same flow do not have the same parameters (for example, a
different ToS field) the packets can end up in different queues and reordering can
occur.
The parameters are used as input for a hash algorithm that produces a fixed-length
number that is used as the index of the queue.
WFQ uses a fixed number of queues. The hash function is used to assign a queue
to a flow. There are eight additional queues for system packets and optionally up to
1000 queues for RSVP flows.
WFQ uses 256 queues by default. The number of queues can be configured in the
range between 16 and 4096 (the number must be a power of 2).
If there are a large number of concurrent flows it is very likely that two flows
could end up in the same queue. It is recommended to have several times as many
queues as there are flows (on the average). This may not be possible in larger
environments where the number of concurrent flows is in thousands.
The probability of two flows ending up in the same flow could be calculated using
the following formula:
Queues!
P =1−
Queues Flows
⋅ ( Queues − Flows)!
The following table lists the probability values for 3 sizes of the WFQ system (64,
128 and 256 queues), with the number of concurrent flows from 5 to 40.
Flows 64 queues 128 queues 256 queues
5 15% 8% 4%
10 52% 30% 16%
15 83% 57% 34%
20 96% 79% 53%
25 100% 92% 70%
30 100% 98% 83%
35 100% 99% 91%
40 100% 100% 96%
No No Enqueue
N-th packet N>HQO? N>CDT?
packet
Yes Yes
Worst Worst
Yes No
Finish Finish
Time? Time?
No Yes
Old
Drop the packet with
the worst finish time
(old) and enqueue the
N-th packet (new)
New
• HQO (hold-queue out limit) is the max . number of packets that the WFQ system can hold
• CDT (congestive discard threshold) is the threshold when WFQ starts dropping packets of
the most aggressive flow
• N is the number of packets in the WFQ system when the N -th packet arrives
The figure illustrates the dropping scheme of WFQ. The process can be split into
the following steps:
Step 1 Drop the new packet if the WFQ system is full (hold-queue limit reached) and the
new packet has the worst finish time (the last in the entire system).
Step 2 Drop the packet with the worst finish time in the WFQ system if the system is full.
Enqueue the new packet.
Step 3 Drop the new packet if the queue, where the packet should be enqueued, is the
longest (not in packets but in the finish time of the new packet) and there are more
packets in the WFQ system than the CDT.
Step 4 Otherwise enqueue the new packet.
The following case study is used to describe how packets are dropped in different
situations.
The WFQ system was reduced to a modest hold-queue limit of ten and a
congestive discard threshold of eight.
There are already ten packets in the WFQ system. The new packet would be the
eleventh and also the last in the entire WFQ system. The packet is dropped.
In this example there are also ten packets in the system when the eleventh packet
arrives. The new packet, if enqueued, would not be the last in the system. The
packet is therefore allowed to be enqueued and the last packet in the system is
deleted.
This example illustrates how WFQ can drop packets even if the WFQ system is
still within the hold-queue limit. The system, however, is above the CDT limit. In
this case a packet can be dropped if it is the last in the system.
This example is different from the previous one in that the new packet would not
be the last in the WFQ system. The packet can be enqueued and no other packet
is dropped.
There is an exception to the CDT rule —if the WFQ system is above the CDT
limit, and the new packet would be the last in the system, the packet is still
enqueued if the flow queue is empty.
The dropping strategy is not directly influenced by IP precedence.
The length of queues (for scheduling purposes) is not in packets but in the time it
would take to transmit all the packets in the queue. The following pages discuss the
WFQ scheduling issue in detail.
The end result is that WFQ adapts to the number of active flows (queues) and
allocates equal amounts of bandwidth to each flow (queue).
The side effect is that flows with small packets (usually interactive flows) get a
much better servic e because they do not need a lot of bandwidth. They, however,
need low-delay, which they get because small packets have a low finish time.
FT(B1)=50+300 A1[100]
B1[300]
FT(A2)=100+20 A2[20]
FT(B2)=350+300 FT(A3)=120+10 A3[10]
B2[300]
t
100 70 60 50 0
B2 B1 A3 A2 A1
© 2001, Cisco Systems, Inc. Queuing Mechanisms-78
The figure illustrates how two queues (Queue A and Queue B) are contesting for
link bandwidth. For this example, assume the time units are in milliseconds and time
T (value 0 is used in the figure) is the starting point.
Queue A is receiving packets in the following order and the following times:
n Packet A1 arrives at time T + 0ms and would require 100ms to be transmitted
n Packet A2 arrives at time T + 60ms (the input interface is obviously faster than
the output interface because the arrival time of packet A2 is before the finish
time of packet A1) and would require 20 ms to be transmitted
n Packet A3 arrives at time T + 60ms (the input interface is obviously much
faster than the output interface) and would require 10 ms to be transmitted
Queue B is receiving packets in the following order and the following times:
n Packet B1 arrives at time T + 50ms and would require 300ms to be transmitted
n Packet B2 arrives at time T + 100ms and would also require 300ms to be
transmitted
The finish time of packets in Queue A are:
n Packet A1 has a finish time which is the sum of the current time (because the
queue was empty at the time of arrival) and the time it takes to transmit this
packet (100ms): FTA1 = 0ms + 100ms = 100ms
n Packet A2 has a finish time which is the sum of the finish time of the last
packet in Queue A (Packet A1) and the time it would take to transmit this
packet (20ms): FTA2 = 100ms + 20ms = 120ms
Precedence-1
Virtual Packet Size = Real Packet Size / (IP precedence + 1)
packets appear
half the real size
This figure introduces the weight into the finish time calculation. The time it takes
to transmit the packet is divided by IP precedence increased by one (to prevent
division by zero).
The WFQ implementation in Cisco routers was optimized in the following way:
n The real time it takes to transmit the packet is not relevant. The packet size can
be used instead because it is proportional to the transmit time.
n The packet size is not divided by IP precedence (division is a CPU-intensive
operation). Instead, the size is multiplied by a fixed value (one multiplication
value for each IP precedence value).
Packets with IP precedence one appear half the size they really are. The result is
that these packets receive twice as much bandwidth as packets with IP
precedence zero.
The first formula in the figure is the first optimisation where the finish time is really
the sum of packet sizes divided by an increased IP precedence value.
The second formula shows further optimisation where, instead of dividing, the
packet size is multiplied by 4096/(IP precedence + 1). A value for each IP
precedence is stored in a table and it does not have to be calculated for each
packet.
Packets belonging to RSVP flows and system packets have special low weights
that guarantee them more bandwidth.
Note Cisco IOS versions after 12.0(5)T use a new formula where the weight is
calculated on the following formula: Weight = 32384 / (IP precedence +1)
IP Precednece Weight
0 4096
1 2048
2 1365
3 1024
4 819
5 682
6 585
7 512
32 (virtual IP precedence) 128 (PAC-Priority)
1024 (virtual IP precedence) 4 (RSVP)
The table above shows the mapping between IP precedence values and WFQ
weights.
Note According to the new formula for weight in Cisco IOS versions after 12.0(5)T the
following values are used:
The case study above is concerned with the propagation of voice packets across a
128 kbps link without using RSVP.
Assume that VoIP is using G.729 codec that uses approximately 30 kbps of
bandwidth (including RTP, UDP, IP and frame headers).
All voice packets are marked with IP precedence 5.
n The first calculation is where a voice session is contesting for available
bandwidth with 5 precedence-0 data sessions. WFQ would guarantee 69 kbps
to the voice session.
n The second calculation is where the same voice session is contesting for
available bandwidth with 20 precedence-0 data sessions. WFQ would now
guarantee only 29 kbps to the voice session.
The conclusion is that, although WFQ can give a much better service to flows with
small packets or high IP precedence value, it is not an exact tool that can
guarantee a fixed amount of bandwidth.
+ Benefits
• Simple configuration (classification does not have to be
configured)
• Guarantees throughput to all flows
• Drops packets of most aggressive flows
• Supported on most platforms
• Supported in all IOS versions (above 11.0)
– Drawbacks
• All drawbacks of FIFO queuing within a single queue
• Multiple flows can end up in one queue
• Does not support the configuration of classification
• Can not provide fixed bandwidth guarantees
• Performance limitations due to complex classification and
scheduling mechanisms
© 2001, Cisco Systems, Inc. Queuing Mechanisms-83
Router(config-intf)#
fair-queue [cdt [dynamic-queues [reservable-queues]]]
• congestive-discard-threshold (CDT)
–Number of messages allowed in the WFQ
system before the router starts dropping
new packets for the longest queue.
–The value can be in the range from 1 to
4096 (default is 64)
Router(config-intf)#
fair-queue [cdt [dynamic-queues [reservable-queues]]]
• dynamic-queues
– Number of dynamic queues used for best-effort
conversations (values are: 16, 32, 64, 128, 256,
512, 1024, 2048, and 4096 - the default is 256)
• reservable-queues
– Number of reservable queues used for reserved
conversations in the range 0 to 1000 (used for
interfaces configured for features such as RSVP -
the default is 0)
The number of dynamic queues can also be changed from the default number of
256 queues.
The maximum number of reservable queues should be set when RSVP requires
guarantees for the reserved bandwidth.
Router(config-if)#
hold-queue max-limit out
The same hold-queue command that can be used with FIFO queuing can also be
used with WFQ. The default hold-queue limit with WFQ is 1,000 packets.
The WFQ system will generally never reach the hold-queue limit because the CDT
limit starts dropping packets of aggressive flows. Under special circumstances it
would be possible to fill the WFQ system. For example, a denial-of-service attack
that floods the interface with a large number of packets (each different) could fill
all queues at the same rate.
The figure explains the default behavior of WFQ. As mentioned previously, WFQ
is automatically enable d on all interfaces slower than 2Mbps. WFQ is also required
on interfaces using Multilink PPP.
WFQ cannot be used if reordering of frames is not allowed due to sequence
numbering of Layer-2 frames or if the switching path does not support WFQ.
Router#
show queue interface
The same show commands can be used as with other queuing mechanisms:
n show interface
n show queue
n show queueing
Router#show
Router#show interface
interface serial
serial 1/0
1/0
Hardware
Hardware is
is M4T
M4T
Internet
Internet address
address isis 20.0.0.1/8
20.0.0.1/8
MTU
MTU 1500
1500 bytes,
bytes, BWBW 19
19 Kbit,
Kbit, DLY
DLY 20000
20000 usec,
usec, rely
rely 255/255,
255/255, load
load 147/255
147/255
Encapsulation
Encapsulation HDLC,
HDLC, crc
crc 16,
16, loopback
loopback not
not set
set
Keepalive
Keepalive set
set (10
(10 sec)
sec)
Last
Last input
input 00:00:00,
00:00:00, output
output 00:00:00,
00:00:00, output
output hang
hang never
never
Last
Last clearing
clearing of
of "show
"show interface"
interface" counters
counters never
never
Input
Input queue:
queue: 0/75/0
0/75/0 (size/max/drops);
(size/max/drops); Total
Total output
output drops:
drops: 00
Queueing
Queueing strategy:
strategy: weighted
weighted fair
fair
Output
Output queue:
queue: 0/1000/64/0
0/1000/64/0 (size/max
(size/max total/threshold/drops)
total/threshold/drops)
Conversations
Conversations 0/4/256
0/4/256 (active/max
(active/max active/max
active/max total)
total)
Reserved
Reserved Conversations
Conversations 0/0
0/0 (allocated/max
(allocated/max allocated)
allocated)
55 minute
minute input
input rate
rate 18000
18000 bits/sec,
bits/sec, 88 packets/sec
packets/sec
55 minute
minute output
output rate
rate 11000
11000 bits/sec,
bits/sec, 99 packets/sec
packets/sec
…… rest
rest deleted
deleted ...
...
The show interface command can be used to determine the queuing strategy. The
summary statistics are also displayed.
The sample output in the figure shows that there are currently no packets in the
WFQ system that allows up to 1,000 packets (hold-queue limit) with CDT 64.
WFQ is using 256 queues. The maximum number of concurrent conversations
(active queues) was 4.
Router#show
Router#show queue
queue serial
serial 1/0
1/0
Input
Input queue:
queue: 0/75/0
0/75/0 (size/max/drops);
(size/max/drops); Total
Total output
output drops:
drops: 00
Queueing
Queueing strategy:
strategy: weighted
weighted fair
fair
Output
Output queue:
queue: 2/1000/64/0
2/1000/64/0 (size/max
(size/max total/threshold/drops)
total/threshold/drops)
Conversations
Conversations 2/4/256
2/4/256 (active/max
(active/max active/max
active/max total)
total)
Reserved
Reserved Conversations
Conversations 0/0
0/0 (allocated/max
(allocated/max allocated)
allocated)
(depth/weight/discards/tail
(depth/weight/discards/tail drops/interleaves)
drops/interleaves) 1/4096/0/0/0
1/4096/0/0/0
Conversation
Conversation 124,
124, linktype:
linktype: ip,
ip, length:
length: 580
580
source:
source: 193.77.3.244,
193.77.3.244, destination:
destination: 20.0.0.2,
20.0.0.2, id:
id: 0x0166,
0x0166, ttl:
ttl: 254,
254,
TOS:
TOS: 00 prot:
prot: 6,
6, source
source port
port 23,
23, destination
destination port
port 11033
11033
(depth/weight/discards/tail
(depth/weight/discards/tail drops/interleaves)
drops/interleaves) 1/4096/0/0/0
1/4096/0/0/0
Conversation
Conversation 127,
127, linktype:
linktype: ip,
ip, length:
length: 585
585
source:
source: 193.77.4.111
193.77.4.111 destination:
destination: 40.0.0.2,
40.0.0.2, id:
id: 0x020D,
0x020D, ttl:
ttl: 252,
252,
TOS:
TOS: 00 prot:
prot: 6,
6, source
source port
port 23,
23, destination
destination port
port 11013
11013
The show queue command also displays the flow (conversation) statistics:
n Queue depth is the number of packets in the queue
n Weight is 4096/(IP precedence + 1) or 32384/(IP precedence + 1),
depending on the Cisco IOS version
n Discards is the number of drops due to the CDT limit
n Tail drops is the number of drops due to the hold-queue limit
The table shows the main differences between WFQ, PQ and CQ.
Review Questions
Answer the following questions:
n How does WFQ classify packets?
n When does WFQ drop packets?
n How does WFQ schedule packets?
Objectives
Upon completion of this lesson, you will be able to perform the following tasks:
n Describe and configure dWFQ
n Describe and configure ToS-based dWFQ
n Describe and configure QoS-group-based dWFQ
n Monitor and troubleshoot WFQ
The distributed versions of Weighted Fair Queuing are implemented on Cisco 7x00
series routers with Versatile Interface Processors (VIPs). There are four different
versions of distributed WFQ, three of which are discussed in this module:
n Flow-based dWFQ or simply dWFQ
n ToS-based dWFQ
n QoS-group-based dWFQ or QoS-based dWFQ
VIP is basically a router within a router. It has its own processor and its own
(different) version of the IOS. Most features implemented on VIPs have different
functionality than those available on the Route Switch Processor (RSP).
Forwarded Packets
Hardware
Flow 2? WFQ-drop Queue 2 Queuing System
WFQ
Scheduler Hardware Q Interface
IP TCP Payload
WFQ Classification uses the
following parameters:
• source IP address
• destination IP address
• source TCP or UDP port
Src. Dst. Proto. Src. Dst. • destination TCP or UDP
Addr. Addr. Port Port port
• transport protocol
Classification identifies flows but it does not use the ToS field. It uses all the other
parameters that identify a flow (conversation):
n Source IP address
n Destination IP address
n Protocol number (identifying TCP or UDP)
n Source TCP/UDP port number
n Destination TCP/UDP port number
The number of queues is 512 and cannot be changed.
No No Enqueue
N-th packet M>QL? N>AQL?
packet
Yes Yes
No
M>IQL?
Yes
• QL (queue limit) is the maximum number of packets the selected que ue can hold
• AQL (aggregate queue limit) is the max. number of packets that the dWFQ system can hold
• IQL (individual queue limit) is the max. number of packets that an individual queue a
congested dWFQ system can hold
• N is the number of packets in the dWFQ system when the N -th packet arrives
• M is the number of packets in the queue to which the packet is cl assified
When a new packet is to be inserted into one of the queues the router follows
these rules:
1. Enqueue the packet if the WFQ system is within the aggregate queue limit
2. Enqueue the packet if the queue is within the individual queue limit
3. Otherwise, drop the packet
Hardware
Queue 2 Queuing System
dWFQ
Scheduler
(Calendar Calendar Queue Hardware Q Interface
Queuing)
Queue N
The scheduler uses the same finish time calculation except it does not include the
weight. It is a pure Fair Queuing mechanism.
The scheduler was also optimized for performance (Calendar Queuing).
Router(config-if)#
fair-queue
fair-queue
Router(config)#
fair-queue aggregate-limit
aggregate-limit aggregate-packets
Use these two commands to change the default limits that govern the dropping of
packets when individual queues and the WFQ system are congested.
interface
interface FastEthernet
FastEthernet 1/1/0
ip
ip address
address 80.0.2.70
80.0.2.70 255.255.255.0
255.255.255.0
fair-queue
fair-queue
fair-queue
fair-queue aggregate-limit
aggregate-limit 200
200
fair-queue
fair-queue individual-limit
individual-limit 30
30
!!
Router#show
Router#show interfaces
interfaces FastEthernet1/1/0
FastEthernet1/1/0
FastEthernet1/1/0
FastEthernet1/1/0 isis up,
up, line
line protocol
protocol is
is up
up
Hardware
Hardware is
is cyBus
cyBus FastEthernet
FastEthernet Interface,
Interface, address
address is
is 0007.f618.4448
0007.f618.4448
Description:
Description: pkt
pkt input
input i/f
i/f for
for WRL
WRL tests
tests (to
(to pagent)
pagent)
Internet
Internet address
address is
is 80.0.2.70/24
80.0.2.70/24
MTU
MTU 1500
1500 bytes,
bytes, BW
BW 100000
100000 Kbit,
Kbit, DLY
DLY 100
100 usec,
usec, rely
rely 255/255,
255/255, load
load 1/255
1/255
Encapsulation
Encapsulation ARPA,
ARPA, loopback
loopback not
not set,
set, keepalive
keepalive not
not set,
set, 100BaseTX/FX
100BaseTX/FX
ARP
ARP type:
type: ARPA,
ARPA, ARP
ARP Timeout
Timeout 04:00:00
04:00:00
Last
Last input
input never,
never, output
output 01:11:01,
01:11:01, output
output hang
hang never
never
Last
Last clearing
clearing of
of "show
"show interface"
interface" counters
counters 01:12:31
01:12:31
Queueing
Queueing strategy:
strategy: VIP-based
VIP-based fair
fair queuing
queuing
Output
Output queue
queue 0/40,
0/40, 00 drops;
drops; input
input queue
queue 0/75,
0/75, 00 drops
drops
30
30 second
second input
input rate
rate 00 bits/sec,
bits/sec, 00 packets/sec
packets/sec
30
30 second
second output
output rate
rate 00 bits/sec,
bits/sec, 00 packets/sec
packets/sec
…… rest
rest deleted
deleted ...
...
The usual show interface command reveals that VIP-based fair queuing is
enabled (dWFQ). Some other show commands used with other queuing
mechanisms do not display any valuable information (RSP regards this interface as
FIFO).
Router#show
Router#show interface
interface fastethernet
fastethernet 1/1/0 fair
fair
FastEthernet
FastEthernet 1/1/0
1/1/0 queue size 0
pkts
pkts output
output 0,
0, wfq drops 0, nobuffer
nobuffer drops
drops 0
WFQ:
WFQ: aggregate
aggregate queue
queue limit
limit 200 individual
individual queue
queue limit
limit 30
max available buffers 0
+ Benefits
• Automatic classification
• High performance
– Drawbacks
• Does not support the configuration of classification
• Does not use IP precedence as weight
• Only supported on Cisco 7x00 series routers with
VIP 2-40 or newer
The distributed version of WFQ has one advantage over normal WFQ: better
performance.
The main drawbacks include:
n Lack of tuning capability
n Not weighted
n Only supported on VIPs
Forwarded Packets
Hardware
Class 2? WFQ-drop Queue 2 Queuing System
dWFQ
Scheduler Hardware Q Interface
The ToS-based dWFQ differs from Flow-based dWFQ in the following ways:
n Classification is done based on the two low-order IP precedence bits
n Scheduling is configurable by setting weights manually
n Four queues are used
IP Payload
ToS -based dWFQ
IP Classification uses the two
Prec. low -order IP precedence bits
to classify packets
XXX 00000
IP precedence
Queue 1 0 and 4
#queue
(2-bit index of Queue 2 1 and 5
the queue)
Queue 3 2 and 6
Queue 4 3 and 7
The classification uses the two low-order IP precedence bits. The result of
classification is that:
n Packets with IP precedence values 0 and 4 are classified into Queue 0
n Packets with IP precedence values 1 and 5 are classified into Queue 1
n Packets with IP precedence values 2 and 6 are classified into Queue 2
n Packets with IP precedence values 3 and 7 are classified into Queue 3
Weights that determine how much bandwidth is guaranteed to each class are
configured in percentage points.
Weights can be assigned to Queues 1¸ 2 and 3. Queue 0 gets the rest of the
bandwidth.
Router(config-intf)#
fair-queue tos
Router(config-intf)#
fair-queue tos num
num weight weight
weight
tos number - 2 low order precedence bits (only classes 1, 2 and 3 can be configured
with weight; class 0 takes the remaining bandwidth)
weight - percentage of the output link bandwidth allocated to this class (the sum for all
classes cannot exceed 99)
Defaults:
unclassified traffic is assigned to class 0;
class 1 - 20, class 2 - 30, class 3 - 40
class 0 has the remaining weight (100%-W1-W2-W3); default 10
© 2001, Cisco Systems, Inc. Queuing Mechanisms -111
Router(config-if)#
fair-queue tos
tos num limit class-packets
• Configures maximum number of packets allowed in the selected queue
• If not configured, the default is individual-limit
• If queue limit is not configured it is set to the number of available buffers
multiplited by weight
Router(config-if)#
fair-queue
fair-queue individual-limit
individual-limit individual-packet
individual-packet
These three optional commands can be used to control individual queue sizes.
The default behavior is:
n Aggregate queue limit equals maximum available buffers
n Individual queue limit equals one quarter of maximum available buffers
n Per-queue limit equals maximum available buffers multiplied by weight
interface
interface Hssi0/0/0
Hssi0/0/0
ip address 188.1.3.70 255.255.255.0
fair-queue tos
tos
fair-queue tos
tos 1 weight
weight 20
fair-queue tos
tos 1 limit 27
fair-queue tos
tos 2 weight
weight 30
fair-queue tos
tos 2 limit 27
fair-queue tos
tos 3 weight
weight 40
fair-queue tos
tos 3 limit 27
!!
Class
Class 0:
0: weight
weight 10
10 limit
limit 20 qsize
qsize 00 pkts
pkts output
output 947
947 drops
drops 00
Class
Class 1:
1: weight
weight 20
20 limit
limit 27 qsize
qsize 00 pkts
pkts output
output 00 drops
drops 00
Class
Class 2:
2: weight
weight 30
30 limit
limit 27 qsize
qsize 00 pkts
pkts output
output 00 drops
drops 00
Class
Class 3:
3: weight
weight 40
40 limit
limit 27 qsize
qsize 00 pkts
pkts output
output 00 drops
drops 00
+ Benefits
• Automatic classification
• Guarantees throughput to all classes
• High performance
– Drawbacks
• All drawbacks of FIFO queuing within a single class
• Does not support the configuration of classification
• Only four classes are supported
• Unusual interpretation of IP precedence (high-priority packets
with IP precedence 6 and 7 share queues with lower-priority
packets with IP precedence 2 and 3)
• Only supported on Cisco 7x00 series routers with VIP 2-40 or
newer
© 2001, Cisco Systems, Inc. Queuing Mechanisms -115
Forwarded Packets
Hardware
Class 2? WFQ-drop Queue 2 Queuing System
dWFQ
Scheduler Hardware Q Interface
QoS
group
Classification is performed using the QoS group parameter to select one of the 100
queues. The QoS group parameter is local to the router so it has to be set on every
hop using one of the QoS mechanisms that supports marking:
n Policy-based Routing (PBR)
n QoS Policy Propagation through BGP(QPPB)
n Committed Access Rate (CAR)
n Class-based Policing
n Class-based Marking
Router(config-intf)#
fair-queue qos-group
qos-group
Router(config-intf)#
fair-queue qos-group
qos-group num weight weight
qos-group number - classes 1 through 99 can be configured with weight; class 0 takes
the remaining bandwidth
weight - percentage of the output link bandwidth allocated to this class (the sum for all
classes cannot exceed 99)
Defaults:
unclassified traffic is assigned to class 0;
class 1 - 20, class 2 - 30, class 3 - 40
class 0 has the remaining weight (100%-W1-W2-W3); default 10
© 2001, Cisco Systems, Inc. Queuing Mechanisms -119
Note Replacing ToS-based dWFQ with QoS-group-based dWFQ causes all packets
to go into Queue 0 because classification is no longer perform ed based on IP
precedence value. Some additional configuration steps are necessary.
interface
interface FastEthernet1/0/0
FastEthernet1/0/0
bgp-policy
bgp-policy destination
destination ip-qos-map
ip-qos-map
!!
...
...
!!
interface
interface Hssi0/0/0
Hssi0/0/0
ip
ip address
address 188.1.3.70
188.1.3.70 255.255.255.0
255.255.255.0
bgp-policy
bgp-policy destination
destination ip-prec-map
ip-prec-map
fair-queue
fair-queue qos-group
qos-group
fair-queue
fair-queue aggregate-limit
aggregate-limit 60
fair-queue
fair-queue qos-group
qos-group 1 weight
weight 10
fair-queue
fair-queue qos-group
qos-group 2 weight
weight 30
fair-queue
fair-queue qos-group
qos-group 2 limit
limit 27
27
!!
Router#show
Router#show interfaces
interfaces fair-queue
fair-queue
Hssi0/0/0
Hssi0/0/0 queue
queue size
size 00
pkts
pkts output
output 4,
4, wfq
wfq drops
drops 0,
0, nobuffer
nobuffer drops
drops 00
WFQ:
WFQ: aggregate
aggregate queue
queue limit
limit 60
60 individual
individual queue
queue limit
limit 96
96
max
max available
available buffers
buffers 386
386
Class
Class 0:
0: weight
weight 60
60 limit
limit 231
231 qsize
qsize 00 pkts
pkts output
output 44 drops
drops 00
Class
Class 1:
1: weight
weight 10
10 limit
limit 38
38 qsize
qsize 00 pkts
pkts output
output 00 drops
drops 00
Class
Class 2:
2: weight
weight 30
30 limit
limit 27
27 qsize
qsize 00 pkts
pkts output
output 00 drops
drops 00
The show interface fair-queue command only displays information for queues
with a weight higher than zero.
+ Benefits
• Guarantees throughput to all classes
• A large number of classes (100)
• High performance
– Drawbacks
• All drawbacks of FIFO queuing within a single class
• Requires other QoS mechanisms to set QoS group
• Only supported on Cisco 7x00 series routers with
VIP 2-40 or newer
IP
ToS dWFQ precedence 4 Manual VIP
The figure illustrates the comparison of all versions of Weighted Fair Queuing.
n Traditional WFQ is only available on low-end (LE) routers and the Route
Switch Processor (RSP) of Cisco 7x00 series routers
n All three distributed versions are only available on VIP-based interfaces of
Cisco 7x00 series routers
Class-based WFQ is now available on low-end routers, the RSP and on the VIP
(distributed)
Review Questions
Answer the following questions:
n Which distributed Weighted Fair Queuing mechanisms do you know?
n What are the main differences between dWFQ versions?
n What platforms support dWFQ?
Objectives
Upon completion of this lesson, you will be able to perform the following tasks:
n Describe MDRR queuing
n Describe the benefits and drawbacks of MDRR queuing
n Configure MDRR queuing on Cisco GSR routers
n Monitor and troubleshoot MDRR
Forwarded Packets
Tail -drop
Class 1? VOQ 1
WRED
Hardware
Tail -drop
Class 2? VOQ 2 Queuing System
WRED
or
MDRR
Crossbar Interface
Scheduler
Switching Fabric
Tail -drop
Class 8? VOQ 8
WRED
DRR was the first implementation that was later improved by allowing one queue
to be high priority.
IP
precedence
0
VOQ 0
IP
precedence VOQ 1
1
VOQ 2
IP VOQ 7
precedence
7
Classification is done using IP precedence to put packets into one of the eight
Virtual Output Queues (VOQ). One of these queues can be configured as high
priority.
Tail-drop
or Virtual Output Queue
WRED
Each queue uses the tail-drop scheme unless it is configured with WRED.
Round
VOQ 1
Robin
Scheduler
VOQ 7
Round
VOQ 1
Robin
Scheduler
VOQ 7
MDRR can schedule one queue ahead of all the others if it is configured as a Strict
Priority queue. This queue can be used for delay-sensitive applications (for
example, voice).
The problem of this solution is that it can cause other queues to starve if the high
priority queue is congested.
Round
VOQ 1
Robin
Scheduler
VOQ 7
The high priority queue can be set to Alternate Priority mode where all other
queues still get service, even if the high-priority queue is congested.
The high priority queue, however, experiences slightly more delay because it has to
wait for the currently served queue to reach its threshold or be emptied.
+ Benefits
• Accurate bandwidth allocation (takes into account the deficit
from the previous round as opposed to Custom Queuing)
• Prevents head-of-line blocking in front of the crossbar
switching fabric
• Supports low-latency queuing (strict priority and alternate
priority)
• High performance
– Drawbacks
• Limited classification tools (only IP precedence)
• Limited number of classes (only 8)
• Only supported on Cisco 12000 series routers (GSR)
MDRR is a high performance queuing mechanism that supports eight classes and
allocates bandwidth according to configured weights. It also supports one queue
for low-delay propagation of packets.
Router(config)#
cos-queue-group cos-queue-group-name
cos-queue-group-name
Router(config-cos-que)#
queue queue-number weight
Router(config-cos-que)#
queue low-latency {alternate-priority weight|strict-priority}
Router(config-if)#
tx-cos cos-queue-group-name
One of the queues can be turned into a high priority queue. The type of queue is
determined by the alternate-priority or strict-priority keywords.
The last step is to apply the cos-queue-group to an output interface.
Router(config)#
slot-table-cos slot-table-name
• Define a slot table name and enter slot table configuration mode
Router(config-slot-cos)#
destination slot
slot {slot-number|all}
{slot-number|all} cos-queue-group-name
Router(config)#
rx-cos-slot line-card-number cos-queue-group-name
MDRR can also be applied to traffic leaving the line card through the Crossbar
Switching Matrix.
A slot-table -cos has to be configured where the destination line cards are
specified using the destination slot command.
The slot table is then applied to one or more line cards using the rx-cos-slot
command.
interface
interface POS3/0
POS3/0
ip address 1.0.0.1 255.0.0.0
tx-cos
tx-cos C4template
C4template
!!
cos-queue-group
cos-queue-group C4template
precedence 0 queue 0
precedence 1 queue 1
precedence 2 queue 1
precedence 3 queue 2
precedence 4 queue 2
precedence 5 queue low-latency
precedence 6 queue 3
precedence 7 queue 3
queue 0 10
10
queue 1 20
20
queue 2 40
40
queue
queue low-latency
low-latency alternate-priority
alternate-priority 80
80
exit
exit
!!
To
To Fabric
Fabric Queues
Queues (DRR
(DRR configured)
configured) C7template
Queue
Queue Average
Average High
High Water
Water Mark
Mark Weight
Weight
00 712.000
712.000 5562.000
5562.000 10
10
11 702.000
702.000 7716.000
7716.000 10
10
22 702.000
702.000 11540.000
11540.000 10
10
33 753.000
753.000 14368.000
14368.000 10
10
44 0.000
0.000 0.000
0.000 10
10
55 0.000
0.000 0.000
0.000 10
10
66 0.000
0.000 0.000
0.000 10
10
Low latency
Low latency 0.000
0.000 0.000
0.000 10
10
...
...
Review Questions
Answer the following questions:
n Describe the scheduling mechanism of MDRR.
n Which two types of low-latency queuing does MDRR support?
n What are the benefits and drawbacks of MDRR?
n Where can MDRR be applied?
Objectives
Upon completion of this lesson, you will be able to perform the following tasks:
n Describe IP RTP prioritization
n Describe the benefits and drawbacks of IP RTP prioritization
n Configure IP RTP prioritization on Cisco routers
n Monitor and troubleshoot IP RTP Prioritization
Forwarded Packets
High
Priority?
RTP
Flow 2? WFQ-drop Queue 2 Hardware Q Interface
WFQ
Scheduler
Scheduler
IP RTP Prioritization supports one high priority queue. Packets from this queue are
scheduled ahead of other packets as long as they are within the configured rate.
Excess packets are dropped.
Forwarded Packets
IP UDP Payload
UDP
Destination port
No WFQ
Queuing
System
Packet
Token Yes
within RTP Queue
Bucket Contract?
No
Packets that exceed the policy are dropped. A token Bucket model is used to
measure the arrival rate of packets into this queue.
+ Benefits
• Adds low-latency queuing to WFQ and CB-
WFQ
• Prevents starvation of other traffic
– Drawbacks
• Poor classification options
• Obsoleted by Class-based Low-latency
Queuing
Router(config-if)#
ip rtp priority
priority starting-port port-range
port-range bandwidth
bandwidth
interface
interface Serial0/0
Serial0/0
bandwidth
bandwidth 128
ip
ip address
address 10.0.0.1
10.0.0.1 255.255.255.252
encapsulation ppp
ppp
fair-queue
fair-queue Up to 75% of configured bandwidth is
ip
ip rtp priority 16384 16383 50
50 reservable.
!!
BWavail = BW * 0.75 - BWRTP
Router#show
Router#show queue
queue serial0/0
serial0/0
Input
Input queue:
queue: 0/75/0/0
0/75/0/0 (size/max/drops/flushes);
(size/max/drops/flushes); Total
Total output
output dr
drops:
ops: 00
Queueing
Queueing strategy:
strategy: weighted
weighted fair
fair
Output
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations
Conversations 0/1/256
0/1/256 (active/max
(active/max active/max
active/max total)
total)
Reserved
Reserved Conversations
Conversations 0/0
0/0 (allocated/max
(allocated/max allocated)
allocated)
Available
Available Bandwidth
Bandwidth 46
46 kilobits/sec
kilobits/sec
Router#
Router#
The sample configuration shows how 50 kbps of bandwidth is guaranteed for RTP
traffic. The show queue command shows there is only 46 kbps of bandwidth (128
kbps • 75% -50 kbps = 46 kbps) remaining for WFQ.
Review Questions
Answer the following questions:
n When would you use IP RTP prioritization?
n What are the drawbacks of IP RTP prioritization?
n How many high-priority queues does IP RTP prioritization support?
FIFO Queuing
Question: Why is FIFO the fastest queuing mechanism?
Answer: It has no classification and the simplest scheduling mechanism.
Question: Describe the classification and scheduling of FIFO queuing.
Answer: FIFO has only one queue and all packets are enqueued into this queue.
Scheduling takes packets out of the queue in the order they arrived (first come
first serve).
Question: List the drawbacks of FIFO queuing.
Answer: FIFO queuing can cause starvation and jitter.
Priority Queuing
Question: When would you use priority queuing?
Answer: To provide minimum-delay forwarding for delay-sensitive packets.
Question: What are the benefits and drawbacks of priority queuing?
Answer: PQ has all the drawbacks of FIFO queuing within each class and in
addition it can cause starvation of lower-priority classes.
Question: How many classes does priority queuing support?
Answer: PQ supports four classes.
Question: How does priority queuing schedule packets?
Custom Queuing
Question: When would you use custom queuing?
Answer: CQ is used to guarantee bandwidth to traffic classes.
Question: What are the benefits and drawbacks of custom queuing?
Answer: CQ has all the drawbacks of FIFO queuing within each class. In
addition CQ can cause jitter due to the implementation of scheduling.
Question: How many classes does custom queuing support?
Answer: CQ supports up to 16 classes.
Question: How does custom queuing schedule packets?
Answer: CQ uses weighted round robin scheduling to ensure that each class is
serviced.
IP RTP Prioritization
Question: When would you use IP RTP prioritization?
Answer: To provide low-latency queuing with IOS versions that do not support
CB-LLQ.
Question: What are the drawbacks of IP RTP prioritization?
Answer: Limited classification options (only one UDP port range is supported).
Question: How many high-priority queues does IP RTP prioritization support?
Answer: One per interface.
Overview
This module describes for the QoS mechanisms that are used to limit the available
bandwidth to traffic classes. It discusses two options—traffic policing and traffic
shaping. Committed Access Rate (CAR) is discussed as a mechanism to provide
traffic policing. Generic Traffic Shaping (GTS) and Frame Relay Traffic Shaping
(FRTS) are discussed as traffic shaping mechanisms.
It includes the following topics:
n Traffic Shaping and Policing
n Generic Traffic Shaping
n Frame Relay Traffic Shaping
n Committed Access Rate
Objectives
Upon completion of this module, you will be able to perform the following tasks:
n Describe and configure Generic Traffic Shaping (GTS)
n Describe and configure Frame Relay Traffic Shaping (FRTS)
n Describe and configure Committed Access Rate (CAR)
n Identify other mechanisms that support traffic shaping and policing (Class-
based Policing and Class-based Shaping)
Traffic Shaping and Policing
Overview
The lesson introduces mechanisms for traffic policing and traffic shaping.
Committed Access Rate (CAR), Generic Traffic Shaping (GTS) and Frame Relay
Traffic Shaping (FRTS) are introduced in this section.
Objectives
Upon completion of this lesson, you will be able to perform the following tasks:
n Describe the need for implementing traffic policing and shaping mechanisms
n List traffic policing and shaping mechanisms available in Cisco IOS
n Describe the benefits and drawbacks of traffic shaping and policing
mechanisms
4-2 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Traffic Shaping and Policing
Meter
Both shaping and policing mechanisms are used in a network to control the rate at
which traffic is admitted into the network. Both mechanisms use classification, so
they can differentiate traffic. They also use metering to measure the rate of traffic
and compare it to the configured shaping or policing polic y.
The difference between shaping and policing can be described in terms of their
rate-limiting implementation:
n Shaping meters the traffic rate and delays excessive traffic so that it stays
within the desired rate limit. With shaping, traffic bursts are smoothed out
producing a steadier flow of data. Reducing traffic bursts helps reduce
congestion in the core of the network.
n Policing drops excess traffic in order to control traffic flow within specified
limits. Policing does not introduce any delay to traffic that conforms to traffic
policies. It can however, cause more TCP retransmissions, because traffic in
excess of specified limits is dropped.
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-3
Why Use Rate Limiting
4-4 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Typical Traffic Shaping or
Policing Applications
High-speed Low-speed
link link
WAN
FastEthernet
64 kbps single physical link
on one side
128 kbps
Server
Farm Internet
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-5
Shaping vs. Policing
• Benefits of Shaping
– Shaping does not drop packets
– Shaping supports interaction with Frame Relay
congestion indication
• Benefits of Policing
– Policing supports marking
– Less buffer usage (shaping requires an additional
queuing system)
4-6 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
How do Routers Measure Traffic
Rate
Bandwidth
Link bandwidth
Exceeding traffic
Rate limit
Conforming Traffic
Time
• Routers use the Token Bucket mathematical model to keep
track of packet arrival rate
• The Token Bucket model is used whenever a new packet is
processed
• The return value is conform or exceed
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing-9
In order to perform rate limiting, routers must meter (or measure) traffic rates
through their interfaces. To enforce a rate limit, metered traffic is said to:
n Conform to the rate limit, if the rate of traffic is below or equal to the
configured rate limit
n Exceed the rate limit, if the rate of traffic is above the configured rate limit
The metering is usually performed with an abstract model called a token bucket,
which is used when processing each packet. The token bucket can calculate
whether the current packet conforms or exceeds the configured rate limit on an
interface.
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-7
Token Bucket
200
700
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -10
The token bucket is a mathematical model used in a device that regulates the data
flow. The mode has two basic components:
n Tokens: where each token represents the permission to send a fixed number of
bits into the network
n The bucket: which has the capacity to hold a specified amount of tokens
Tokens are put into the bucket at a certain rate by the operating system. Each
incoming packet, if forwarded, takes tokens from the bucket, representing the
packet’s size.
If the bucket fills to capacity, newly arriving tokens are discarded. Discarded
tokens are not available to future packets.
If there are not enough tokens in the bucket to send the packet, the regulator may:
n Wait for enough tokens to accumulate in the bucket (traffic shaping)
n Discard the packet (policing)
The figure shows a token bucket, with the current capacity of 700 bytes. When a
500-byte packet arrives at the interface, its size is compared to the bucket capacity
(in bytes). The packet conforms to the rate limit (500 bytes < 700 bytes), and the
packet is forwarded. 500 tokens are taken out of the token bucket leaving 200
tokens for the next packet.
4-8 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Token Bucket
200
300
byte
s
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -11
When the next packet arrives immediately after the first packet, and no new
tokens have been added to the bucket (which is done periodically), the packet
exceeds the rate limit. The packet size is greater than the current capacity of the
bucket, and the exceed action is performed (drop in the case of pure policing, delay
in the case of shaping).
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-9
Token Bucket
Be
Link BW
Bc of tokens is added Link
Utilization
every Tc [ms]
Bc Bc Bc Bc Bc Bc Average BW
Tc = Bc / CIR (CIR)
Bc + B e
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -12
Token bucket implementations usually rely on three parameters: CIR, Bc and Be.
CIR is the Committed Information Rate (also called the committed rate, or the
shaped rate). Bc is known as the burst capacity. Be is known as the excess burst
capacity. Tc is an interval constant that represents time. A Bc of tokens are
forwarded without constraint in every Tc interval.
In the token bucket metaphor, tokens are put into the bucket at a certain rate,
which is Bc tokens every Tc seconds. The bucket itself has a specified capacity. If
the bucket fills to capacity (Bc + Be), it will overflow and therefore newly arriving
tokens are discarded. Each token grants permission for a source to send a certain
number of bits into the network. To send a packet, the regulator must remove,
from the bucket, the number of tokens equal in representation to the packet size.
For example, if 8000 bytes worth of tokens are placed in the bucket every 125
milliseconds, the router can steadily transmit 8000 bytes every 125 milliseconds, if
traffic constantly arrives at the router.
If there is no traffic at all, 8000 bytes per 125 milliseconds get accumulated in the
bucket, up to the maximum size (Bc+Be). One second’s accumulation therefore
collects 64000 bytes worth of tokens, which can be transmitted immediately in the
case of a burst. The upper limit, Bc+Be, defines the maximum amount of data,
which can be transmitted in a single burst, at the line rate.
Note Again, note that the token bucket mechanism used for traffic shaping has both a
token bucket and a queue used to delay packets. If the token bucket did not have
a data buffer, it would be a policer. For traffic shaping, packets that arrive that
cannot be sent immediately (because there are not enough tokens in the bucket)
are delayed in the data buffer.
4-10 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Although token bucket permits burstiness, traffic bursts are bound. This guarantee
is made so that traffic flow will never send faster than the token bucket's capacity.
In the long-term, this means that the transmission rate will not exceed the
established rate at which tokens are placed in the bucket (the committed rate).
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-11
Traffic Shaping and Policing
Mechanisms
• Shaping Mechanisms:
– Generic Traffic Shaping (GTS)
– Frame Relay Traffic Shaping (FRTS)
– Class-based Shaping
• Policing Mechanisms:
– Committed Access Rate (CAR)
– Class-based Policing
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -13
There are five token-bucket based rate-limiting methods available in Cisco IOS.
Three methods are shaping mechanisms:
n Generic traffic shaping
n Frame Relay traffic shaping
n Class-based shaping
Two methods are policing mechanisms:
n Committed access rate
n Class-based policing
All these methods are discussed next in specific sections.
4-12 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Summary
After completing this lesson, you should be able to perform the following tasks:
n Describe the need for implementing traffic policing and shaping mechanisms
n List traffic policing and shaping mechanisms available in Cisco IOS
n Describe the benefits and drawbacks of traffic shaping and policing
mechanisms
Lesson Review
Answer the following questions:
1. How do shaping and policing mechanisms keep track of the traffic rate?
2. Which shaping mechanisms are available with the Cisco IOS software?
3. Which policing mechanisms are available with the Cisco IOS software?
4. What are the main differences between shaping and policing?
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-13
Generic Traffic Shaping
Overview
This lesson describes the Generic Traffic Shaping (GTS) mechanism.
Objectives
Upon completion of this lesson, you will be able to perform the following tasks:
n Describe the GTS mechanism
n Describe the benefits and drawbacks of GTS
n Configure GTS on Cisco routers
n Monitor and troubleshoot GTS
4-14 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Generic Traffic Shaping
Meter
Shaper
Classifier Marker
Dropper
Traffic
stream
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -18
Generic Traffic Shaping (GTS) shapes traffic by reducing the outbound traffic flow
to avoid congestion. This is achieved by constraining traffic to a particular bit rate
using the token bucket mechanism. GTS is applied on a per-interface basis and can
use access lists to select the traffic to shape. It works with a variety of Layer-2
technologies, including Frame Relay, ATM, Switched Multi-megabit Data Service
(SMDS) and Ethernet.
As shown in the block diagram, GTS performs three basic functions:
n Classification of traffic, so that different traffic classes can have different
policies applied to them
n Metering, using a token-bucket mechanism, to distinguish between conforming
and exceeding traffic
n Shaping, using buffering, to delay exceeding traffic and shape it to the
configured rate limit
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-15
GTS Building Blocks
Shaping
Forwarder Classifier Yes No
WFQ
No
No Shaping
Classifier Yes Yes WFQ
No
Yes
Shaping
Classifier Yes No
WFQ
Yes
No
Physical Interface
queue(s)
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -19
4-16 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
GTS Overview
• GTS is multiprotocol
• GTS uses WFQ as the shaping queue
• GTS can be implemented in combination with
any queuing mechanisms:
– FIFO Queuing
– Priority Queuing (PQ)
– Custom Queuing (CQ)
– Weighted Fair Queuing (WFQ)
• GTS works on output only
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -20
The GTS implementation in Cisco IOS supports multiple protocols and works on a
variety of interface types. WFQ is used as the shaping delay queue, providing fair
scheduling within a traffic class. Other queuing strategies (FIFO, PQ, CQ and
WFQ) may be employed after GTS to provide traffic scheduling on the shaped
traffic. Also, GTS only works at the output of an interface.
GTS can be used to shape all outbound traffic on an interface or it can separately
shape multiple classes. Classification is performed using any type of access list
including all non-ip access lists.
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-17
GTS Implementation
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -21
Packet flow through GTS is implemented using three queues. The first, the shaping
queue, is WFQ-based and shapes traffic according to the specified rate using a
token bucket model. This queue dispatches packets to the software queue, which
may be configured with other queuing mechanisms (PQ, CQ, WFQ or FIFO). If
the software queue is empty, traffic is forwarded directly to the output hardware
queue.
GTS supports distributed implementation on VIP adapters. This offloads traffic
shaping from the route switch processor (RSP) to the Versatile Interface
Processor (VIP), and constructs all of the queues in VIP packet memory. Only IP
traffic can be shaped with dWFQ. Another requirement is that dCEF switching
must be enabled.
4-18 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Configuring GTS
Router(config-if)#
traffic-shape rate bit-rate [burst-size [excess-
burst-size]]
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -22
To enable traffic shaping for outbound traffic on an interface, use the traffic-
shape rate interface configuration command. Of the parameters to be specified,
bit-rate is the only mandatory one. The burst-size and excess-burst-size are
optional.
Generic traffic shaping can be used in all switching paths. Older Cisco IOS
versions may use slower switching paths when GTS is in effect.
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-19
Configuring GTS
Router(config-if)#
traffic-shape rate bit-rate [burst-size [excess-
burst-size]]
Bit rate (in bits per second) is configured as the average traffic rate to which the
traffic should be shaped on the output of the interface.
Burst size (in bits) can be configured to allow for varying levels of allowed
burstiness. That is, traffic, which bursts over the average traffic rate, also
conforms if it falls within the burst rate in an interval. By default, this is set to one
eighth of the average traffic rate, which sets the Tc at one eighth of a second. This
parameter is equivalent to the Frame Relay Bc parameter.
4-20 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Configuring GTS
Router(config-if)#
traffic-shape rate bit-rate [burst-size [excess-
burst-size]]
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-21
Configuring GTS
Router(config-if)#
traffic-shape group access-list bit-rate [burst
[excess-burst]]
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -25
4-22 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
GTS
Example #1
In the first GTS example, an ISP wants to control the amount of traffic injected
into the Frame Relay WAN by the customer. The SP service uses an E1 line as
the access line, limits the customer to 256 Kbps on the average, but also permits
bursts of up to thirty seconds at the E1 line rate.
The parameters are calculated based on the service requirements. CIR (the
average bit rate) is set at the specified average rate, the burst size is set to one
eighth of the CIR (32000 bits), and the excess burst size reflects the allowed thirty-
second burst at full E1 line rate.
The excess burst size was calculated using the following formula:
1. Each second of transmission at line-speed requires 2 Mbits
2. Thirty second burst therefore requires 30 x 2 Mbits
3. The excess burst size is 30 x 2048000 = 61440000
It takes thirty seconds to empty the token bucket. How long does it take to fill it up
again?
The token bucket is emptied at 2Mbps but it is replenished at 256kbps. It takes
eight times as long to fill it as it does to empty it. Every thirty second burst would,
therefore, require a four-minute silence on the line to accumulate tokens.
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-23
GTS
Example #1
WAN
Core
Customer
interface
interface ethernet
ethernet0/0
0/0
traffic-shape
traffic-shape rate
rate 256000
256000 32000
32000 61440000
61440000
!!
interface
interface serial1/0
serial 1/0
traffic-shape
traffic-shape rate
rate 256000
256000 32000
32000 61440000
61440000
The figure shows the router configuration required to implement this service. All
the output traffic is shaped, and the shaping needs to be configured on all customer
edge sites, which will perform admission control using GTS.
4-24 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
GTS
Example #2
WAN
Core
Customer
interface
interface ethernet
ethernet 0/0
0/0
traffic-shape
traffic-shape group
group 101
101 64000
64000
interface
interface serial
serial 1/0
1/0
traffic-shape
traffic-shape group
group 101
101 64000
64000
!!
access-list
access -list 101
101 permit
permit tcp
tcp any
any any
any eq
eq www
www
In the second example, a customer wants to limit web usage, so that web traffic
never uses more than 64 Kbps on the access link. The router configuration is
shown in the figure, using default parameters for traffic bursts. An access list
defines web traffic as the only shaped traffic. All other traffic bypasses GTS and
can use the full access line bandwidth.
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-25
Monitoring GTS
Router(config)#
show traffic-shape
Router#show traffic-shape
access Target Byte Sustain Excess Interval Increment Adapt
I/F list Rate Limit bits/int bits/int (ms) (bytes) Active
Se3/3 100000 2000 8000 8000 80 1000 -
The figure shows the results of the show traffic-shape command issued on a
router that shapes traffic to 100kbps with Bc and Be set to 8000.
To display the current traffic-shaping configuration, use the show traffic-shape
command. To display the current traffic -shaping statistics, use the show traffic-
shape statistics command. Output of both the commands is detailed in the
ensuing figures.
Information displayed includes:
n The rate that traffic is shaped to
n The maximum number of bytes transmitted per internal interval
n Configured sustained bits per interval
n Configured excess bits in the first interval
n Interval being used internally (may be smaller than the committed burst divided
by the CIR)
n Number of bytes that will be sustained per internal interval
n If Frame Relay has FECN/BECN adaptation configured
4-26 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Monitoring GTS
Router(config)#
show traffic-shape statistic
Router#show traffic-shape
traffic-shape statistic
statistic
Access
Access Queue
Queue Packets
Packets Bytes
Bytes Packets
Packets Bytes
Bytes Shaping
Shaping
I/F List
List Depth
Depth Delayed Delayed Active
Active
Se3/3 77 16091
16091 3733112
3733112 414
414 96048
96048 yes
yes
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-27
If the number of delayed packets is very high (compared to the total number of
packets) then there are probably non-responsive aggressive flows being shaped
and the queue depth could show high buffer utilization.
If the number of delayed packets is zero then it is very likely that the access list
does not match any traffic.
4-28 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Monitoring GTS
Router(config)#
show traffic-shape queue
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -31
The show traffic-shape queue command displays the contents of the shaping
queue associated with an interface.
This command can be used to determine the types of flows that are congesting the
shaping queue. The command displays the parameters that are used for
classification within WFQ:
n Source IP address
n Destination IP address
n Time to live (TTL)
n Type of Service (ToS) field
n Protocol ID
n Source port number
n Destination port number
The example shows that there is a non-responsive UDP flow (protocol 17)
congesting the shaping queue.
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-29
GTS on Frame Relay Interfaces
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -32
GTS applies on a per-interface basis, can use access lists to select the traffic to
shape, and works with a variety of Layer-2 technologies, including:
n Frame Relay
n ATM
n Switched Multi-megabit Data Service (SMDS)
n Ethernet
On a Frame Relay subinterface, GTS can be set up to shape to a specified rate
and to adapt dynamically to available bandwidth by integrating Frame Relay
congestion signaling with GTS.
4-30 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Frame Relay Refresher
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -33
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-31
Frame Relay FECN/BECN
Congestion Control
Switch
Switch monitors
monitors all
all
transmit
transmit queues
queues for
for
congestion
congestion
R
S
e
e
Frame 1 FECN c
n Frame 11
Frame
Frame e
d No Congestion this Side Congestion this Side
Relay i
e Relay
v
r Switch
Frame
Frame 22 BECN Frame 2 e
r
Same Virtual Circuit (VC)
• FR Switch detects congestion on output queue and informs:
– The receiver by setting the FECN bit on forwarded frames
– The source by setting the BECN bit on frames going in the opposite
direction
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -34
A Frame Relay switch can explicitly report congestion in two directions: Forward
and Backward. When a frame queue inside a switch is congested, the switch will
generate congestion signals based on the FECN and BECN bits. If congestion
occurs in a queue towards the main receiver of traffic, FECN signals are sent to
the receiving Layer-2 endpoint and BECN signals are sent to the sending Layer-2
endpoint. FECN and BECN bits are not sent as separate frames, but are
piggybacked inside data frames.
4-32 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
GTS Frame Relay Congestion
Adaptability
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -35
BECN is the flag that the sending DTE (router as a Frame Relay endpoint) is able
to integrate to determine the congestion status of the Layer-2 WAN.
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-33
GTS Frame Relay Congestion
Adaptability Mechanisms
• Bit-rate adaptation
– Traffic shaping bit-rate is reduced when a packet
with BECN bit is received in the Tc
– Traffic shaping bit-rate is increased if no BECN
bits were received in the Tc
• FECN to BECN propagation
– A test packet with BECN bit set is sent to the
sender if a packet with FECN bit set is received
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -36
4-34 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
An Example of BECN Integration
becn
9000
BECN Integration
becn
7000
6000
5000
Inc
4000
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -37
The figure shows the shaped rate of a token bucket-based GTS responding to
BECN packets it received. As mentioned, the rate is reduced to three-quarters of
the previous rate for every Tc interval, which saw at least one BECN message
received at the router. When no BECN messages are received in a Tc period, the
shaped rate is brought up slowly, up one-sixteenth of the current rate.
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-35
FECN to BECN Propagation
R
S e
FECN
e c
n Frame e
Congestion
d Relay i
e v
Switch
Switch
r BECN in e
Q.922Test r
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -38
4-36 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Configuring Bit-rate Adaptation
Router(config-if)#
traffic-shape adaptive [bit-rate]
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -39
Frame Relay bit rate adaptation is configured using the traffic-shape adaptive
command, which specifies the lower limit to which the shaped rate should be
reduced in presence of incoming BECN signals. By default, this is half the
configured sustained (committed) rate in GTS. The bit rate is configured in bits per
second.
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-37
Configuring FECN to BECN
propagation
Router(config-if)#
traffic-shape
traffic-shape fecn-adapt
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -40
4-38 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
GTS Frame Relay
Adaptation Design
Conservative scenario
• Set shaping rate to CIR
• Set minimum rate to MIR (or 1/2 CIR)
Optimistic scenario
• Set shaping rate to EIR
• Set minimum rate to CIR
Realistic scenario
• Set shaping rate to EIR
• Set minimum rate to MIR (or 1/2 CIR)
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -41
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-39
GTS Frame Relay Adaptation
Example
WAN
Core
Customer interface
interface serial 0/0
0/0
traffic-shape
traffic-shape rate
rate 64000 8000 8000
traffic-shape
traffic-shape adaptive
adaptive 48000
48000
• EIR = 64 kbps
• CIR = 48 kbps
• Assumption: Frame Relay network is usually not
congested
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -42
This GTS shape rate adaptation example shows a configuration of GTS, where
traffic is shaped to the EIR of 64 Kbps, with the adaptive floor being equal to CIR,
which is contracted at 48 Kbps. No FECN-to-BECN propagation is configured.
This example would work optimally only if the Frame Relay network is unlikely to
get congested because setting the adaptive floor to the CIR cannot lower the
shaping rate below the CIR. Lowering the rate below the contracted CIR may be
necessary in most commercial Frame Relay networks.
4-40 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Summary
n GTS can be applied only on output interfaces
n GTS performs traffic shaping or smoothing
n GTS cannot mark or drop packets
n GTS supports BECN and FECN in Frame Relay environments
n GTS does not support cascaded policies
n GTS does not provide managed discard
n GTS cannot run in distributed mode
n GTS supports only extended IP access lists
n GTS supports RSVP as it uses WFQ
Lesson Review
Answer the following questions:
1. What software queuing mechanisms are supported in combination with GTS?
2. Which queuing structure does GTS use?
3. What features does GTS include when used on Frame Relay interfaces?
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-41
Frame Relay Traffic Shaping
Overview
The section describes the Frame Relay Traffic Shaping (FRTS) mechanism.
Objectives
Upon completion of this section, you will be able to perform the following tasks:
n Describe the FRTS mechanism
n Describe the benefits and drawbacks of FRTS
n Compare the GTS and FRTS mechanisms
n Configure FRTS on Cisco routers
n Monitor and troubleshoot FRTS
4-42 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Frame Relay
Traffic Shaping
Meter
Shaper
Classifier Marker
Dropper
Traffic
stream
Cisco has long provided support for FECN for DECnet and OSI, and BECN for
SNA traffic using LLC2 encapsulation and DE bit support. FRTS builds upon this
existing Frame Relay support with additional capabilities that improve the scalability
and performance of a Frame Relay network, thereby increasing the density of VCs
and improving response time.
Frame Relay Traffic Shaping (FRTS) can eliminate bottlenecks in Frame Relay
networks that have high-speed connections at the central site and low-speed
connections at branch sites. Rate enforcement can be configured to limit the rate
at which data is sent on the VC at the central site.
Using FRTS, rate enforcement can be configured to either the CIR or some other
defined value such as the excess information rate on a per-VC basis. The ability
to allow the transmission speed used by the router to be controlled by criteria other
than line speed (that is, by the CIR or the excess information rate) provides a
mechanism for sharing media by multiple VCs. Bandwidth can be allocated per
VC, creating a virtual time-division multiplexing (TDM) network.
PQ, CQ and WFQ can also be defined at the VC or subinterface level. Using
these queuing methods allows for finer granularity in prioritising and queuing of
traffic, thus providing more control over the traffic flow on an individual VC. If CQ
is combined with the per-VC queuing and rate enforcement capabilities, Frame
Relay VCs are enabled to carry multiple traffic types, such as IP, SNA and IPX,
with guaranteed bandwidth for each traffic type.
Using information contained in the BECN-tagged packets received from the
network, FRTS can also dynamically throttle traffic. With BECN-based throttling,
packets are held in the buffers of the router to reduce the data flow from the
router into the Frame Relay network. The throttling is done on a per-VC basis and
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-43
the transmission rate is adjusted based on the number of BECN-tagged packets
received.
With the Cisco FRTS feature, ATM ForeSight closed loop congestion control can
be integrated to actively adapt to downstream congestion conditions.
4-44 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
FRTS Building Blocks
Enough
No classifier, shaping Shaping
Tokens? No
performed on individual VC Queue
Enough No Shaping
Forwarder Tokens? Yes
+ Queue
Frame Relay maps
Yes
Enough Shaping
Tokens? No
Queue
Yes
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-45
FRTS Overview
• FRTS is multiprotocol
• FRTS can use one of the following queuing
mechanisms as the shaping queue:
– Priority Queuing (PQ)
– Custom Queuing (CQ)
– Weighted Fair Queuing (WFQ)
• FRTS can only be implemented in
combination with WFQ on the interface
• FRTS works on output only
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -50
4-46 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
GTS vs. FRTS
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -51
The figure compares GTS to FRTS, based on their main differences. Generic
Traffic Shaping:
n Works on any (sub) interface type
n Shapes traffic on that (sub)interface basis
n Can use any physical interface queuing (FIFO, PQ, CQ or WFQ)
n Only uses WFQ as the shaping queue (that is, on the input of the shaper)
In contrast, Frame Relay Traffic Shaping:
n Works only on Frame Relay (sub) interfaces
n Shapes traffic inside individual FR Virtual Circuits
n Only permits WFQ as the physical interface queuing method
n Can use any queuing method as the shaping queue (that is, on the input of the
shaper)
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-47
Configuring FRTS
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -52
Enabling FRTS on an interface enables both traffic shaping and per-VC queuing on
all the interface's PVCs and SVCs. Traffic shaping enables the router to control
the circuit's output rate and, if configured, to react to congestion notification
information. Queuing enables per-VC scheduling of traffic to be shaped.
Configuring FRTS involves:
Step 1 Defining the shaping parameters with the map-class command
Step 2 Enabling FRTS on the physical interface
Step 3 Applying the shaping parameters to all, or selected, VCs on that interface
4-48 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Creating a Map Class
Router(config)#
map-class frame-relay name
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -53
The map-class frame -relay command defines the per-VC shaping and queuing
parameters. A case-sensitive name must be assigned to each map class.
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-49
Define Map-class Shaping Queue
Router(config-map-class)#
frame-relay priority-group number
4-50 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Define Traffic Shaping
Parameters
Router(config-map-class)#
frame-relay [in|out]
[in|out] cir
cir bit-rate
frame-relay [in|out]
[in|out] bc bits
frame-relay [in|out] be bits
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -55
Per-VC traffic shaping parameters specify shaping behavior for the configured
map class. Two configuration mechanisms are available:
n Specification of CIR, Bc and Be parameters of the per-VC token bucket
n Specification of per-VC average rate and peak rate, where Bc and Be are
computed from the default Tc, average rate and peak rate
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-51
Define Congestion Adaptation
Mechanism
Router(config-map-class)#
frame-relay adaptive-shaping
adaptive-shaping becn|foresight
becn|foresight
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -56
As part of the map class definition, either BECN or ForeSight are used as the
congestion backward notification mechanism to which traffic shaping will adapt.
The BECN adaptation feature is the same as with GTS, thus the router reacts to
received BECN signals by reducing its shaping rate.
The ForeSight adaptation feature uses the network traffic control software used in
Cisco Frame Relay switches. When the ForeSight feature is enabled on the switch,
the switch will periodically send out a ForeSight message based on the time value
configured. The time interval can range from 40 to 5000 milliseconds. The
ForeSight feature allows Cisco Frame Relay routers to process and react to
ForeSight messages and adjust VC-level traffic shaping in a timely manner.
Note The ForeSight feature is only available in combination with Cisco WAN switches.
The difference between the BECN and ForeSight congestion notification methods
is that BECN requires a user packet to be sent in the direction of the congested
DLCI to convey the signal. The sending of user packets is not predictable and,
therefore, is not reliable as a notification mechanism. Rather than wait for user
packets to provide the congestion notification, timed periodic ForeSight messages
guarantee that the router receives notification before congestion becomes a
problem. Traffic can be slowed down in the direction of the congested DLCI.
4-52 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Define Dedicated Queue for VoFR
Packets
Router(config-map-class)#
frame-relay voice bandwidth bps queue depth
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -57
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-53
Enable FRTS on an Interface
Router(config-if)#
frame-relay traffic-shaping
After the map class is configured, traffic shaping must be applied to the physical
interface. As mentioned, WFQ is the only supported mechanism on the physical
interface running FRTS.
4-54 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Apply FRTS to a VC
Router(config-if)#
frame-relay class map-class-name
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -59
Map class settings are then applied to all or specific VCs on an interface or
subinterface. All VCs without shaping information are not shaped and only use the
physical interface queuing discipline (WFQ).
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-55
Frame Relay Traffic Shaping
Example
interface Serial1/1
frame-relay
frame -relay traffic-shaping
!
interface Serial1/1.1 point-to-point
point-to-point
frame-relay
WAN interface-dlci 101
frame -relay 101
class
class slow_vcs
slow_vcs
!
interface Serial1/1.2 Core
point-to-point
point-to-point
frame-relay
frame -relay interface-dlci 102
102
class
class fast_vcs
fast_vcs
Customer !
map-class
map-class frame-relay
frame-relay fast_vcs
fast_vcs
frame-relay
frame -relay custom-queue-list
custom-queue-list 11
frame-relay
frame -relay traffic-rate 32000 64000
!
map-class
map-class frame-relay
frame-relay slow_vcs
slow_vcs
frame-relay
frame -relay priority-group 1
frame-relay
frame -relay traffic-rate 9600
9600 16000
16000
The figure shows an FRTS configuration example, where two VCs are individually
shaped with two map class parameter sets. In this example, two generic map
classes are defined, one for generic fast VCs and the other for slow VCs. The fast
VC map class uses custom queuing to allocate bandwidth within the shaped rate.
The slow VC map class uses priority queuing to always forward mission-critical
traffic, and then shape it to the required rate.
4-56 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Frame Relay QoS Autosense
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -61
When used in conjunction with traffic shaping, the router can respond to changes in
the network dynamically. This optional feature allows the router to learn QoS
parameters from the Cisco switch and use them for traffic shaping, configuration,
or management purposes.
Enhanced Local Management Interface (ELMI) also simplifies traffic shaping
configuration on the router. Previously, users needed to configure traffic shaping
rate enforcement values, possibly for every VC. Enabling ELMI reduces the
chance of specifying inconsistent or incorrect values when configuring the router.
It is not necessary to configure traffic shaping on the interface to enable ELMI.
One option is to enable it to learn what values being used by the switch. If the
router is required to respond to the QoS information received from the switch by
adjusting the output rate, traffic shaping must be configured on the interface using
the frame-relay traffic-shaping command in interface configuration mode.
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-57
Configuring QoS Autosense
Router(config-if)#
frame-relay qos-autosense
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -62
4-58 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Monitoring Frame Relay Traffic
Shaping
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -63
The listed show commands enable monitoring of per-VC QoS and general GTS
parameters.
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-59
Display PVC Information
Router#
show frame-relay pvc
• Displays VC QoS and shaping parameters
Router#show
Router#show frame-relay
frame-relay pvc
pvc 2020
PVC
PVC Statistics
Statistics for
for interface
interface Serial4/0
Serial4/0 (Frame
(Frame Relay
Relay DCE)
DCE)
DLCI
DLCI == 20,
20, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial4/0.1Serial4/0.1
input
input pkts
pkts 16963
16963 output
output pkts
pkts 33632
33632 in
in bytes
bytes 4669839
4669839
out
out bytes
bytes 12442428
12442428 dropped pkts
pkts 00 in
in FECN
FECN pkts
pkts 00
in
in BECN
BECN pkts
pkts 00 out
out FECN
FECN pkts
pkts 00 out
out BECN
BECN pkts
pkts 00
in DE pkts
in DE pkts 0 0 out DE pkts
out DE pkts 0 0
out
out bcast
bcast pkts
pkts 31361
31361 out
out bcast
bcast bytes
bytes 9095644
9095644
Shaping
Shaping adapts
adapts toto BECN
BECN
pvc
pvc create
create time
time 1w3d,
1w3d, last
last time
time pvc
pvc status
status changed
changed 1w3d
1w3d
cir
cir 64000
64000 bc
bc 64000
64000 be
be 00 limit
limit 1000
1000 interval
interval 125
125
mincir 32000
mincir 32000 byte increment 1000 BECN response
byte increment 1000 BECN response yes yes
pkts
pkts 1103
1103 bytes
bytes 1632516
1632516 pkts
pkts delayed
delayed 1091
1091 bytes
bytes delayed
delayed 16287
16287
shaping
shaping active
active
traffic
traffic shaping
shaping drops 1136
Current
Current fair
fair queue
queue configuration:
configuration:
Discard
Discard Dynamic
Dynamic Reserved
Reserved
threshold
threshold queue
queue count
count queue
queue count
count
64
64 16
16 00
Output
Output queue
queue size
size 46/max
46/max total 50/drops 1136
The show frame -relay pvc command displays information about individual FR
PVC status and provides information about:
n Configured CIR
n Shaping
n Queuing
n Congestion adaptation
4-60 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Display Shaping Statistics
Router#
show traffic-shape statistics
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -65
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-61
If the number of delayed packets is very high (compared to the total number of
packets) then there are probably non-responsive aggressive flows being shaped
and the queue depth could show high buffer utilization.
If the number of delayed packets is zero then it is very likely that the access list
does not match any traffic.
4-62 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Display Shaping Queue
Information
Router#
show traffic-shape queue
(depth/weight/discards/tail
(depth/weight/discards/tail drops/interleaves)
drops/interleaves) 46/32384/1377/0/0
46/32384/1377/0 /0
Conversation
Conversation 5,
5, linktype:
linktype: ip,
ip, length:
length: 1504
1504
source:
source: 193.77.3.1,
193.77.3.1, destination:
destination: 193.77.3.1,
193.77.3.1, id:
id: 0x00F4,
0x00F4, ttl:
ttl: 255,
255, prot:
prot: 1
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -66
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-63
Display Shaping Queue
Information
PE_2#show
PE_2#show traffic-shape
traffic-shape queue
queue
Traffic
Traffic queued
queued in
in shaping
shaping queue
queue on
on Serial4/0.1
Serial4/0.1 dlci
dlci 20
20
Queueing
Queueing strategy:
strategy: priority-group
priority-group 11
Queueing
Queueing Stats:
Stats: high 16/20/19 (queue/size/max total/drops)
Packet
Packet 1,
1, linktype:
linktype: ip,
ip, length:
length: 1504,
1504, flags:
flags: 0x10000048
source:
source: 193.77.3.1,
193.77.3.1, destination:
destination: 193.77.3.1,
193.77.3.1, id:
id: 0x0141,
0x0141, ttl:
ttl: 255,
255, prot:
prot: 11
data:
data: 0x0800
0x0800 0x9105
0x9105 0x2659
0x2659 0x1F89
0x1F89 0x0000
0x0000 0x0000
0x0000 0x3819
0x3819
0x223C
0x223C 0xABCD
0xABCD 0xABCD
0xABCD 0xABCD
0xABCD 0xABCD
0xABCD 0xABCD
0xABCD 0xABCD
0xABCD
Packet
Packet 2,
2, linktype:
linktype: ip,
ip, length:
length: 1504,
1504, flags:
flags: 0x10000048
source:
source: 193.77.3.1,
193.77.3.1, destination:
destination: 193.77.3.1,
193.77.3.1, id:
id: 0x0141,
0x0141, ttl:
ttl: 255, prot:
prot: 11
data:
data: 0xABCD
0xABCD 0xABCD
0xABCD 0xABCD
0xABCD 0xABCD
0xABCD 0xABCD
0xABCD 0xABCD
0xABCD 0xABCD
0xABCD
0xABCD
0xABCD 0xABCD
0xABCD 0xABCD
0xABCD 0xABCD
0xABCD 0xABCD
0xABCD 0xABCD
0xABCD 0xABCD
0xABCD
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -67
The show traffic-shape queue command also displays the contents of the shaping
queue associated with an interface.
The example shows the contents of the high queue in the Priority Queuing system
used as the shaping queue.
4-64 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Summary
n FRTS enables granular, per-VC queuing and shaping definition
n FRTS can be applied only on output interfaces
n FRTS enables per-VC queuing, which is performed before shaping
n FRTS performs traffic shaping or smoothing within a VC
n FRTS supports the same congestion adaptation mechanisms as GTS
Lesson Review
Answer the following questions:
1. What are the main differences between GTS and FRTS?
2. Where can FRTS be used?
3. What classification options does FRTS have?
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-65
Committed Access Rate
Overview
The lesson describes the Committed Access Rate (CAR) mechanism.
Objectives
Upon completion of this lesson, you will be able to perform the following tasks:
n Describe the CAR mechanism
n Describe the benefits and drawbacks of CAR
n Describe the differences between CAR, GTS and FRTS
n Configure CAR on Cisco routers
n Monitor and troubleshoot CAR
4-66 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Committed Access Rate
Meter
Inbound
or
Outbound
Classifier Marker Dropper
Committed Access Rate (CAR) provides the capability to allow the service
provider to rate-limit traffic in and out of router interfaces, thereby enabling various
forms of ingress and egress rate-limiting in a network. CAR is a policing
mechanism, not a queuing mechanism. Therefore it does not buffer or delay
packets, which do or do not conform to the policy, but simply rate-limits them
according to a simple “forward or drop” policy, according to the configuration.
CAR also uses a token-bucket metering mechanism, similar to GTS, but without a
delay queue.
The CAR rate-limiting feature manages a network's access bandwidth policy by
ensuring that traffic falling within specified rate parameters is sent, while dropping
packets that exceed the acceptable amount of traffic or sending them with a
different priority. CAR is often configured on interfaces at the edge of a network
to limit traffic into or out of the network.
CAR can also be used for packet marking. The operator can specify a policy that
determines which packets should be assigned to which traffic class, and use CAR
to implement the marking. The IP header already provides a mechanism to do this,
namely the three precedence bits in the ‘type of service’ field in the IP header.
CAR allows the setting of policies, based on information in the IP or TCP header
such as IP address, application port, physical port or sub-interface, IP protocol,
etc., to decide how the precedence bits should be marked or “colored.” Once
marked, appropriate treatment can be given in the backbone to ensure that
premium packets receive premium service in terms of bandwidth allocation, delay
control, etc.
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-67
Note CAR can also be used to police (or “recolor”) precedence bits set externally to
the network either by the customer or by a downstream service provider. Thus
the network can decide to either accept or override external decisions.
4-68 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
CAR on Input and Output
Meter
Forwarding
Outbound
Meter
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-69
CAR Implementation
Software Hardware
CAR Queue Queue
(FIFO, PQ,
(FIFO)
CQ, WFQ, ...)
© 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing -74
4-70 IP QoS Traffic Shaping and Policing Copyright 2001, Cisco Systems, Inc.
Interface-wide CAR Diagram
drop
transmit
Class
Class 1?
1? CAR
CAR
continue
drop
transmit Output Queue
Class
Class 2?
2? CAR
CAR or
Forward
continue
drop
transmit
Class n? CAR
CAR
Copyright 2001, Cisco Systems, Inc. IP QoS Traffic Shaping and Policing 4-71
CAR Diagram
Meter
Meter
Yes Forward
Yes / No
Conforms?
Conforms? Transmit?
Transmit? or
Enqueue
No
Go to
Mark?
Mark? Yes
Continue?
Continue? Next
CAR command
Yes No
Set
Set IP
IP prec?
prec? Set
SetIP
IPPrecedence
Precedence
Much more than documents.
Discover everything Scribd has to offer, including books and audiobooks from major publishers.
Cancel anytime.