Professional Documents
Culture Documents
What is QoS?
As we know , data travel cross networks as small pieces we call it frames and inside it we have
packets and inside packets we have segments…etc.
Normally we might need some packets send faster than others or divide our link bandwidth
according to traffic type of protocol …..etc. and to do so we will need to classify our packets ,
marking it to give it different priorities and decide how packets will be handle in interface
queues. ….this what QoS talking about. To understand it we need first to understand any
network ordinary issues.
1-Congestion
This happened to interface when received amount of data flow bigger than what it can handle ,
this could happen for following reasons :
End to end delay
Variation in delay (Jitter)
Packet loss
Delay : period taken by packets when go out of sender interface till reach receiver interface .
Jitter : flow of stream packets arrived to receiver in wrong time order , this is would be bad if
stream packets was VOIP for instance .
Packet Loss: Packets dropped when link in congested state .
Congestion Points:
Aggregation Point :Router connecting to too many networks in one interface and doing
aggregation for them in another interface .
Speed mismatch :Data go through Router where it enter it with fastethernet and exit
from Ethernet interface .
LAN to WAN: same like speed mismatch , router connected to LAN with high speed but
on another side he connect to WAN (WAN is always slow links ).
1
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
1-add more Bandwidth but this not cost wise and maybe you would face limitations in
technologies used in infrastructure will not allow to add more Bandwidth .
Remember for optimal quality for Voice Traffic we use RTP header Compression + LLQ
For Interactive data Traffic we use TCP header Compression + CBWFQ
(Later we will talk about these queuing algorithms)
Delay Types
1-Processing Delay (related to device): period will be taken by Device such as router or layer3
switch to move packets from Input Interface to Output Interface.
2-Queuing Delay (related to device): period will be taken by packets waiting or staying in Device
output queue.
3-Serializetion Delay (related to media): period will be taken to put the frames in physical
media to go out
2
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
4-Propagation Delay (related to media): period will be taken by packets inside physical link
(medium) during travel from end to end.
Because of heavy congestion, pictures could be not clear, hearing sound in slow motion , video
is not sync with audio …etc.
When Interface Output Queue is full, any other packets coming to stay in this queue will not find
place on it and will be dropped ….this called Tail Drop .
3
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
4
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
In step four we create QoS policy where we will need one thing form the following :
Setting Minimum Bandwidth Guarantee
Setting Maximum Bandwidth Limit
Assign priorities to each class
Using other QoS tools like the queening mechanisms
Using traffic class table above we can gives priority standards where 5 most priority & 1 less
priority
QoS Models
IntServ provide very high QoS to IP packets, packets delivery is guaranteed, but had
limit scalability of network
DiffServ provide greatest scalability , network devices will recognize traffic classes
and provide deferent levels of QoS to different traffic class
RSVP
Is IP protocol use ip protocol id = 46 and TCP or UDP port# 3455 , its not routing
protocol but work in conjunction with them , it foucs in two traffic types : rate& delay
sensitive traffic .
Used in QoS engineering and its one of the ways to provide CAC for voice traffic in VOIP
networks , CAC call admission control : used to reserve numbers of VOIP calls
,(normally single call need 64Kbps ) example 2 calls = 64*2 = 128 Kbps ….cisco CUCM call
managers used RSVP to provide CAC service .
When pc or user application ask to reserve specific Bandwidth and incase resources are
available , RSVP will accept the reservation and download traffic classifier to assign temp
QoS class to this traffic flow in QoS forwarding path ( traffic classifier tell QoS
5
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
forwarding path how to classify specific flow packets and how to handle with it when
sending it).
RSVP can used by applications to send signal for QoS requirement to the Router , also
we can use queuing mechanisms with it to provide QoS service Level.
Example:
Guaranteed-rate : to allow application to reserve bandwidth match his requirements using
LLQ+RSVP
Controlled-load : to allow application to get high throughout and low delay using WRED+RSVP
WRED same as RED but will not randomly remove any packet to free space but will remove
packet according to how importance its .
Policing: drop or mark packet when reach specific Limit , mark here mean give it higher priority
than others
Shaping: queue packets when reach specific Limit , let’s say a packet reach queue but it was full
then it can wait in buffer for some time till a one of packets space in the queue become empty .
DiffServ
Designed to solve the limitations of best effort and IntServ models , its very similar to Soft QoS
concept
Soft QoS: where QoS mechanisms used without signaling , since properties that we used to
determine Bandwidth & Delay is managed individually by each router . This matter called PHB
Per Hop Behavior
And it’s the opposite of Hard QoS (IntServ).
6
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
So Simply,
IntServ had one protocol only RSVP
Match protocol HTTP < mean start using NBAR feature to classify traffic (http in this example)
We can match many different things such as access-group 101 or mac-address …etc
Show class-map
Policy-map Ramzy
Class Yasser
Priority 256 < give traffic classified in class map Yasser guaranteed bandwidth 256kbps
Or
Bandwidth 1000 < give traffic classified in class map Yasser WFQ guaranteed bandwidth
1000kbps
NOTE : anything else will follow class-default
Int s0/0
Service-policy OUT/IN Ramzy (apply policy map RAMZY inbound or outbound)
Show policy-map
7
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Classification: inspect packets to know what traffic type it carry ( inspect what is inside the box)
Marking: write information in the packet to make it easy for other network devices to identify it
and know what type of packets its .
Marking is not responsible for tell how to treat or deal with the packets , it just mark the packet .
Marking can be done through Layer 2 or Layer 3
Marking unlike Classification will not utilize a lot of CPU resources
Marking using Layer 2 can be implemented through one of the following in L2 Headers:
COS Ethernet
EXP MPLS
DE Frame Relay
Marking using Layer 3 can be implemented using 1 Byte called TOS in IP header with one of two
ways:
IP Precedence
DSCP
Layer 2 Marking:
DE bit in frame relay header to control CIR speed , 1=yes 0=no
EXP In MPLS similar to COS
COS (Class of service) in Ethernet header is 3 bits from 000 to 111 ( from 0 to 7 in decimal)
Remember in VLAN-ID COS will be in ‘PRI’ field
Notice call signaling is just the ones make phone ringing or watch quality of it so it take less
priority while Voice Call (5) is more importance since it’s the packet carry the actual all audio .
Layer 3 Marking :
We use 8 bits in IP header called TOS (Type Of Service) and marking using these 8 bits can be
done by
IP Precedence or DSCP
Since L2 Header always Re written by devices through the path , so L3 header marking is more
better to carry L3 marking from router to router
8
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
IP Precedence:
Its 8 bits but we only use the first 3 bits from the left xxx b bbb
With same table we used with COS
000 000 00
Drop Probability:
00 not used
01 Low
10 Medium
11 High < mean the highest probability to drop this packet if need it
Example : AF4 = 1001 1000 , AF4=1001 0000 which packet had higher Priority to be dropped ?
Answer is 1001 1000 since 11 mean high
Example : what 000 000 mean in DSCP ? it will mean Best Effort Level
9
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
PHB H M L
AF1 11 10 01
AF2 11 10 01
AF3 11 10 01
AF4 11 10 01
Example: AF43 & AF31 which packet will have higher probability to be dropped?
Answer is AF43
Here is why: AF43 3 mean here 11 , AF31 1 mean here 01
Example:
Class-map match-any Yasser
Match cos 1 2 3
Match dscp 1 2 af11
Policy-map Ramzy
Class Yasser
Set dscp af41 OR set precedence 5 < means mark packet in class Yasser with this af41 or ip
prece 5
Int s0/0
Service-policy out Ramzy
10
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Extended ping can be used to generate traffic with specific ip prece since we can set
precedence(TOS) value.
Example:
R1#ping
Protocol [ip]:
Target IP address: 10.1.1.2
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 10.1.1.1
Type of service [0]: 32
11
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
It’s the classification engine in IOS can recognize big number of applications including web based
& client/server applications which gives dynamic TCP/UDP port numbers . after recognize
applications we can gives special QoS service for it.
Applications now days need high performance and network must give the right service to
mission critical applications and provide enough bandwidth to let it work in the required
performance.
In case new applications come out , NBAR can recognize it since cisco provide PDLM (Protocol
Description Language Module ) files contain rules NBAR will use to recognize these new
applications without the need to change IOS image or even reload the router
With NBAR we can classify HTTP traffic with URL , HOST or even MIME Type
NBAR supported by CBWFQ , Policing , DSCP , WRED
Protocol Discovery feature in NBAR allow to see applications currently running in our network
along with Packets / Bytes count and Bit rates for these applications
Int f0/0
Ip nbar protocol-discovery
(configure NBAR to discover traffic for all protocols known to NBAR on interface f0/0 , need cef
enabled , not require service policy enabled )
Sh ip nabr protocol-discovery
(display statistics for all interfaces which this feature enabled on)
PDLM (Protocol Description Language Module ) files extended the list of protocols which
NBAR can handle and recognize
PDLM file version could be Native (come embedded with IOS ) or Nonnative (we download from
cisco )
12
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
You must notice PDLM version & NBAR software Version in IOS before download
show ip nbar version
Note: sometimes we use different ports for our protocols than the standards ones , let’s say we
use port 4000 for DNS instead of 53 , to tell NBAR about that (up to 16 additional port numbers)
Ip nbar port-map dns tcp 4000
Note: let’s assume software company made application called yasserapp just for your network
and use specific port 8900 using udp and the 6th byte on it has the value dd45, to let NBAR
recognize it :
Ip nbar custom yasserapp udp 8900 6 hex dd45
As you can see with such ability we can even recognize the malicious applications as well.
Important
Remember that some QoS commands could be different
between from IOS 12 and IOS15
If one of the commands in this document is not working
for you, kindly check the following link for replacement
command.
http://www.cisco.com/c/en/us/td/docs/ios/qos/configuration/guide/15_0s/qos_15_0s_book/le
gacy_qos_cli_deprecation.html
13
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Queuing Algorithms
Inside router we have software queues where packets can wait before enter the interface to go
out of it through single hardware queue ( use FIFO Queuing Algorithm).
Software queue can changed , managed according to QoS Queuing Algorithms we use.
Routers determine the length of the hardware queue based on the configured bandwidth of the
interface
Congestion could happen on sub interfaces and (logical) software interfaces such as dialers ,
tunnels ..etc ,since they do not have their own transmit queue.
14
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Queuing Algorithms
Cisco IOS Software includes the following queuing tools:
FIFO Frist in Frist out , by default the only Queuing Algorithms Used with HW queue but we can
create it to SW queue as well. NO delay guarantee NO Bandwidth guarantee.
CQ Custom Queue
We have two types in this algorithm Round Robin RR , Weighted Round Robin WRR
NO delay guarantee But Bandwidth guarantee can be done by determine number of bytes send
through queue.
Round Robin RR
Packets will go out from each queue in equal manner , which mean one packet goes out from
queue 1 then one packet goes out from queue 2 and so on till queue 4 , then start again from
queue 1 .
15
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
WFQ command :
Fair-queue
Int s0/0
No fair-queue
Or
Fair-queue 100 16 0
100 = “CDT” is number of max packets can be in single queue before we start drop
( default is 64 , power of 2 with range from 16 to 4096 )
CDT mean will start drop packets after 100 packets from the most aggressive flow
Hold-queue limit
Is max time to keep the max number of packets stored (default is 1) preferred to be lower
number as much as we can since wfq consumes a lot of buffers
Int s0/0
Hold-queue 1 out
16
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
CBWFQ commands :
Bandwidth
Bandwidth percent
Bandwidth remaining percent
Queue-limit < set max number of packets that this queue can hold (default is 64)
Fair-queue < number of dynamic queues , can be configured in class-default as well.
We want http , https , ftp BW at least 20% , x-win app 10% , sql server 25% , any other traffic
types will take the rest of BW.
Policy-map Ramzy
Class web
Bandwidth percent 20
Bandwidth remaining 76 < mean 76% of the remaining 80%
Class-map xwin
Bandwidth percent 10
Class-map sql
Bandwidth percent 25
17
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Int s0/0
Service-policy out Ramzy
Note: if existing available traffic is used only with http , http will utilize more than 20% since we
did not have policing yet . Will talk about it later
Commands used :
Priority bandwidth
Priority percent
LLQ Rule:
PQ= max 33% of BW of Sum of all guarantees
Sum of all guarantees = max 75% (including PQ)
Remaining 25% left free for signals & management traffic
Same example we used in cbwfq lets add we want the FRIST 10% of our BW for VOIP
Class-map voip
Match protocol rtp audio
Policy-map Ramzy
Class voip
Priority percent 1 < which means create police for voip traffic to be always have the highest
priority to use the first 10% of BW
18
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Tail Drop Issue : not able to know the different importance’s of packets
TCP Synchronization issue
TCP Starvation issue
19
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
WRED Commands
Random-detect dscp-based ( enabled DSCP-based WRED can be configured in policy-map &
applied under interfaces with random detect group or service-policy )
Remember WRED random-detect & WFQ queue-limit are mutually exclusive for class policy
Example:
Enable CBWFQ to prioritize traffic according to the following :
-Class mission-critical is marked using dscp AF2 and should get 30% of interface bandwidth
-Class bulk is marked using dscp AF1 and should get 20% of interface bandwidth
-All other traffic should be per-flow fair-queued
-use differentiated WRED to prevent congestion in all three classes
class-map mission-critical
match ip dscp AF21 AF22 AF23 cs2
class-map bulk
match ip dscp AF11 AF12 AF13 cs1
policy-map POLICY1
class mission-critical
bandwidth percent 30
random-detect dscp-based
random-detect dscp af21 32 40 10 < each random-detect dscp will create profile for specified AF
random-detect dscp af22 28 40 10
random-detect dscp af23 24 40 10
random-detect dscp cs2 24 40 10
class bulk
bandwidth percent 20
random-detect dscp-based
random-detect dscp af11 32 26 10
random-detect dscp af12 28 26 10
random-detect dscp af13 24 26 10
random-detect dscp cs1 22 26 10
class class-default
fair-queue
random-detect dscp-based
20
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Auto QoS
Its CLI wizard tool to create QoS without the need to know all details about QoS technology and
the mechanisms used with QoS.
It contains 2 phases:
Auto QoS Cannot be configured if QoS policy (service policy) is attached to the interface
CEF must be enabled
Classifies interface as low speed (less than or equal 768 Kbps ) or high speed (greater
than or equal 768 Kbps )
Token is the right to send specific number of bits ( we put this info inside Bucket )
21
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
==============================================================================
22
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
TC= BC/CIR
BC committed Burst is measurement by bits for the total amount of traffic can be send through
TC
CIR Committed Information Rate is the customer link speed that SP allow
TC=BC/Shaping rate
BE Excess Burst Size is the most number of bits in BC that can be send after a stopping period
bps is speed rate allowed (from 8000 to 200 million) (rememebr 1000 is 10kbps)
brust-normal (from 1000 to 51200000 default is 1500)
Brust-max is Excess Burst size
23
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Conform-action what we will do with packet if it’s not exceed or equal to the rate we
specified
Exceed-action what we will do if we exceeded the allowed rate
Violate-action what we will do with packets violate the normal burst or max burst
24
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
25
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Shaping can be configured per interface traffic shaping or class-based traffic shaping
int s0/0
traffic-shape- rate 250000 4000 8000 4096
Class-based shaping
Link efficiency
Improve Link efficiency and make use of the most bandwidth on it.
Why 768kbps?
10-15 ms is the max time to put VOIP packet in cable
If speed = or less than 768 and we put 1500 data packet it will take more than 15 ms
PPP Multilink lets us bundle multiple physical interfaces into a single logical interface.
We can use this to load balance
When we use PPP multilink we can bundle the two serial links into one logical layer 3 interface
and we’ll do load balancing on layer 2. PPP multilink will break the outgoing packets into smaller
pieces, puts a sequence number on them and sends them out the serial interfaces.
Another feature of PPP multilink is fragmentation.
This could be useful when you are sending VoIP between the two routers.
26
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Multilink PPP offers fragmenting the data packets and interleaving the voice packets between
the data fragments.
This way a large data packet will not delay a voice packet for too long.
ppp multilink fragment delay command lets us configure the maximum delay.
Compression
This simply means Compress data so not take much size ,BUT remember compression will cause
delay.
policy-map MYMAP
class MYCLASS
compression header ip rtp/tcp
sh ip rtp header-compression
27
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
The QoS Hierarchical Queuing Framework (HQF) feature enables you to manage quality of
service (QoS) at three different levels:
The physical interface level
The logical interface level
The class level
for QoS queuing and shaping mechanisms by using the modular QoS command-line interface
(MQC) to provide a granular and flexible overall QoS architecture.
Queuing based QoS policies are not supported on LAG (port-channel) interfaces.
When data passes through an interface using HQF, the data is classified so that it traverses the
branches of the tree. Data arrives at the top of the tree and is classified on one of the leaves.
Data then traverses down the hierarchy (tree) until it is transmitted out the interface at the root
(trunk).
28
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
For example, the following configuration builds the hierarchy shown in the figure 1
below:
policy-map class
class c1
bandwidth 14
class c2
bandwidth 18
policy-map map1
class class-default
shape average 64000
service-policy class
policy-map map2
class class-default
shape average 96000
map-class frame-relay fr1
service-policy output map1
map-class frame fr2
service-policy output map2
interface serial4/1
encapsulation frame-relay
frame-relay interface-dlci 16
class fr1
frame-relay interface-dlci 17
class fr2
Figure1. HQF Tree Structure (Hierarchical Policy with Queuing Features at Every Level)
You can apply class-based queuing to any traffic class in the parent or child level of a hierarchical
policy and obtain service levels for different sessions or subscribers.
29
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Labs
IntSrv-RSVP Lab
R1
int loop0
ip add 1.1.1.1 255.255.255.0
ip rsvp bandwidth 400 180
int f0/0
ip add 10.1.12.1 255.255.255.0
ip rsvp bandwidth 400 180
R2
int loop0
ip add 2.2.2.2 255.255.255.0
ip rsvp bandwidth 400 180
int f0/0
ip add 10.1.12.2 255.255.255.0
ip rsvp bandwidth 400 180
30
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Verification:
R1
R1(config)#ip rsvp sender-host 10.1.12.2 10.1.12.1 tcp 0 0 10 5
10.1.12.2 Receiver
10.1.12.1 Sender
tcp can be udp or ip also
0 destination port
0 source port
10 specifies 10kbps for session bandwidth
5 max of burst in kilo Bytes per second
Command Purpose
Router# show ip rsvp interface [type number] Displays RSVP-related interface information.
Router# show ip rsvp installed [type number] Displays RSVP-related filters and bandwidth
information.
Router# show ip rsvp neighbor [type number] Displays current RSVP neighbors.
Router# show ip rsvp sender [type number] Displays RSVP sender information.
Router# show ip rsvp request [type number] Displays RSVP request information.
Router# show ip rsvp reservation [type Displays RSVP receiver information.
number]
31
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Task 1
In R1
-all traffic generated from loop 0 should assigned to queue 1
-all IP traffic from R1 loop0 to R2 loop0 should be assigned to Queue 2
-all telnet traffic should be assigned to Queue 3
-all HTTP traffic should be assigned should be assigned to Queue 4
-TFTP should be assigned to Queue 5
-the rest of traffic should assigned Queue 6
Config t
queue-list 1 protocol ip 2 list 100
queue-list 1 interface lo0 1
queue-list 1 protocol ip 3 tcp 23
queue-list 1 protocol ip 4 tcp 80
queue-list 1 protocol ip 6 udp 69
queue-list 1 default 5
int f0/0
custom-queue-list 1
32
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Task 2
Let’s consider that total bandwidth was 15000 Bytes
Configure R1 such that bandwidth is allocated as follow:
queue 1,2,6 should receive 10% of Bandwidth
queue 3,5 should receive 20% of Bandwidth
queue 4 should receive 30% of Bandwidth
config t
queue-list 1 queue 1 byte-count 1500
queue-list 1 queue 2 byte-count 1500
queue-list 1 queue 6 byte-count 1500
queue-list 1 queue 3 byte-count 3000
queue-list 1 queue 5 byte-count 3000
queue-list 1 queue 4 byte-count 4500
1500/15000 = 0.1*100=10%
3000/15000=0.2*100= 20%
4500/15000=0.3*100= 30%
Byte-count means the average number of bytes the system allows to be delivered from a given
queue during a particular cycle.
We can use keyword limit instead of byte-count
Limit means maximum number of packets allowed in each of the custom queues
33
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
In R1
-all traffic generated from loop0 interface should be assigned to High Queue
-all IP traffic from R1 loop0 to R2 loop0 should be assigned to Low Queue
-all HTTP traffic should be assigned should be assigned to Medium Queue
-TFTP should be assigned to Normal Queue
-the rest of traffic should assigned Low Queue
int f0/0
priority-group 1
sh queueing priority
A value of 0 for any of the four arguments means that the queue can be of unlimited size for
that particular queue.
Let’s say we want to change the queues sizes based on the following :
High = 80
Medium = 60
Normal = 40
Low = 20
priority-list 1 queue-limit 80 60 40 20
34
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
WFQ Lab
In R1 s0/0 the congestive discard threshold value should be set to 128 and Only 512 dynamic
queues should be created , max number of packets that WFQ can hold for all queues is 1200
R1
int s0/0
fair-queue 128 512
hold-queue 1200 out
35
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
CBWFQ Lab
Same CQ topology
Remember
CBWFQ extend the WFQ functionality to support user-defined classes
CBWFQ reserves multiple FIFO queues in the WFQ system.
The default queue limit is 64 , after that packets will be tail dropped.
WRED can be used with CBWFQ to prevent congestion.
CBWFQ guarauntess bandwidth according to weights assigned to different
classes in MQC.
Weights defined based on bandwidth , bandwidth percent and bandiwdth
remaining percent keywords.
By default only 75% of bandwidth can be defined .
Task 1
Configure R1 so when congestion happen, the specified amount of bandwidth is allocated to the
following protocols in f0/0:
R1
Config t
ip cef
class-map TFTP
match protocol tftp
class-map URL
match protocol http host www.cbtme.com
class-map HTTP
match protocol http
class-map FTP
match protocol ftp
policy-map TST
class TFTP
bandwidth 2000
class URL
bandwidth 6000
class HTTP
bandwidth 5000
class FTP
bandwidth 3000
36
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
int f0/0
serivce-policy out TST
Task 2
Configure max queue size for the calls made to www.cbtme.com to 128 packets
policy-map TST
class URL
queue-limit 128
Task 3
policy-map TST
class class-default
fair-queue 1024
37
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Task 4
Configure R1 for
TFTP up to 25% of available Bandwidth
HTTP up to 35% of available Bandwidth
FTP up to 20% of available Bandwidth
class-map TFTP
match protocol tftp
class-map HTTP
match protocol http
class-map FTP
match protocol ftp
policy-map TST
class TFTP
bandwidth percent 25
class HTTP
bandwidth percent 35
class FTP
bandwidth percent 20
int f0/0
service-policy out TST
If you use bandwidth then you cannot use bandwidth percent in same
policy map
Notice 25+35+20 = 80% while be default 75% of bandwidth is what we can play with
So ftp need 20% while remaining is 15%
int f0/0
max-reserved-bandwidth 85
38
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Convert CQ to CBWFQ:
Answer:
Calculate the total configured Byte-count used by the Custom Queue:
3000+4500+4500+3000= 15000
Calculate the percentage of the bandwidth assigned to each protocol based on the total Byte-
count:
www=3000/15000 * 100 = 20% of Bandwidth
telnet=4500/15000 * 100 = 30% of Bandwidth
smtp=4500/15000 * 100 = 30% of Bandwidth
rest of traffic=3000/15000 * 100 = 20% of Bandwidth
As we can see total is 100% so we need to modify max reserved bandwidth on the interface
int f0/0
max-reserved-bandwidth 100
class-map WWW
match protocol http
class-map TELNET
match protocol telnet
class-map SMTP
match protocol smtp
policy-map TST
class WWW
bandwidth percent 20
class TELNET
bandwidth percent 30
class SMTP
bandwidth percent 30
class class-default
bandwidth percent 20
int f0/0
service-policy out TST
39
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
LLQ Lab
Same CQ topology
LLQ brings strict priority queuing to CBWFQ , this allows time delay sensitive
traffic such as voice to be queued and sent first before any other packets.
Unlike its legacy counterpart PQ , it ONLY use single queue and its NOT subject
to starvation.
Traffic with IP Prece of 5 should be allocated 25% of Bandwidth, this traffic type should ensure
with expedited forwarding , traffic exceeding this threshold must be dropped.
ip cef
class-map TFTP
match protocol tftp
class-map HTTP
match protocol http
class-map FTP
match protocol ftp
class-map PERC5
match ip precedence 5
policy-map TST
class TFTP
bandwidth percent 15
class HTTP
bandwidth percent 25
class FTP
bandwidth percent 20
class PERC5
priority percent 25
int f0/0
max-reserved-bandwidth 85
service-policy out TST
40
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
This table lists the functional differences between the Bandwidth and Priority commands:
41
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Configure R1:
class-map Priority with ip precedence 4 , Bandwidth Guaranteed 35%
class-map Bulk with ip precedence 2 & 3 , Bandwidth Guaranteed 25%
class-map Best-effort with ip precedence 0 & 1 , Bandwidth Guaranteed 20%
class-map Bulk
match ip precedence 2 3
class-map Priority
match ip precedence 4
policy-map TST
class Best-effort
bandwidth percent 20
random-detect
random-detect precedence 0 20 40 10
random-detect precedence 1 22 40 10
class Bulk
bandwidth percent 25
random-detect
random-detect precedence 2 24 40 10
random-detect precedence 3 26 40 10
class Priority
bandwidth percent 35
random-detect
random-detect precedence 4 28 40 10
int f0/0
max-rserved-bandwidth 80
service-policy out TST
42
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
By default WRED is precedence based and uses 8 default WRED profiles , one for each
IP Prec value.
If we change it to be DSCP based it will use up to 64 profiles
int f0/0
random-detect dscp-based
class-map Priority
Enable ENC
class-map Bulk
Min Threshold= 30
Max Threshold= 40
MPD= 1 out of 18
class-map Best-effort
Min Threshold= 26
Max Threshold= 40
MPD= 1 out of 10
R1
class-map Best-effort
match ip dscp af23
class-map Bulk
match ip dscp af22
class-map Priority
match ip dscp af21
policy-map TST
class Best-effort
bandwidth percent 20
random-detect dscp-based
random-detect dscp af23 26 40 10
43
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
class Bulk
bandwidth percent 25
random-detect dscp-based
random-detect dscp af22 30 40 18
class Priority
bandwidth percent 35
random-detect dscp-based
random-detect dscp ecn
int f0/0
max-rserved-bandwidth 80
service-policy out TST
What is ECN?
its extension to WRED , it marks packets instead of dropping them when the average
queue length exceeds a configured threshold value/
Routers and hosts could use this marking as signal that the network is congested and
slow down sending packets
44
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Task 1
Configure R1 f0/0 with the following policy:
HTTP , FTP , ICMP traffic should be rate limited to 10 Mbps outbound
Telnet , SMTP should be limited to 8 Mbps
Traffic exceeding these thresholds should be dropped and traffic conforming to these
threshold shoudl be transmitted
Do not use access-list ( That is why will use NBAR in the following answer )
R1
class-map match-any qos1 (remember if match-any not configured , match-all is default)
match protocol http
match protocol ftp
match protocol icmp
policy-map tst
class qos1
police 1000000 conform-action transmit exceed-action drop
notice when configure rate-limit the normal-burst & maximum burst must be
configured , when use police command we do not need to and system will use CIR/32
or 1500 bytes whichever one is higher as the normal burst.
class qos2
police 8000000 conform-action transmit exceed-action drop
int f0/0
service-policy out tst
show policy-map int f0/0
45
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Task 2
Configure R2 f0/0 for :
Outgoing telnet traffic should be limited to 10Mbps , this traffic should be configured
with min amount of normal burst
Outgoing tftp traffic should be limited to 8Mbps with 40000 bps of normal burst
Both telnet and tftp traffic exceeding this policy shoudl be dropped and if they conform
they should be transmitted
class-map telnet
match protocol telnet
class-map tftp
match protocol tftp
policy-map tst
class telnet
police 1000000 1000 conform-action transmit exceed-action drop
class tftp
police 8000000 5000 conform-action transmit exceed-action drop
int f0/0
service-policy out tst
46
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Task 3
R1 has two servers connected to f0/1
Server1 mac add 0000.1111.1111
Server2 mac add 0000.2222.2222
We cannot use match source-address mac since it applied to inbound only , instead
we will use mac address access-list
R1
access-list 700 permit 0000.1111.1111
access-list 701 permit 0000.2222.2222
class-map server1
match access-group 700
class-map server2
match access-group 701
policy-map tst
class server1
police 1000000 conform-action transmit exceed-action drop
class server2
police 2000000 conform-action transmit exceed-action drop
int f0/1
service-policy out tst
47
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Task 4
Ensure http , ftp , icmp traffic on R3 f0/0 is policed 10 Mbps in weekdays from 11:00 am to 3:00
am , traffic transmit only if conform the policy
R3
time-rane weekdays
periodic weekdays 11:00 to 15:00
class-map qos
match access-group 100
policy-map tst
class qos
police 1000000 conform-action trans exceed-act drop
int f0/0
service-policy out tst
48
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Task 5
class-map HTTP
match protocol http
policy-map tst
class HTTP
police cir 10000000 pir 20000000 conform-action transmit exceeded-action set-prece-trans 4
violate-action drop
int f0/0
service-policy out tst
Task 6
Users in vlan 22 connect to web server 10.1.12.100 ensure that this traffic is policed to 30
percent of the bandwidth of f0/1 interface
class-map www
match access-group 100
policy-map tst
class www
police cir percent 30
int f0/1
service-policy out tst
Task 7
Configure R2 to
Traffic up to 10mb should be sent as is
Traffic exceeding 10mbps up to 20 mbps should be marked with ip prec 4and
transmitted
Traffic exceeding 20 mbps should always be dropped
policy-map tst
class class-default
police cir percent 10 pir percent 20 conform-action trans exceed-action set-perc-trans 4
violation-act drop
int f0/0
service-policy out tst
49
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
tc=bc/cir
bc= tc * cir = 4*16000
task did not ask for Be so it will be 0
policy-map tst
class class-default
shape average 16000 64000 0
int f0/0
service-policy out tst
50
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Task 1
R2 must be configured with policing for icmp echo request messages to rate limit it up to 50kbps
using control plane policy
class-map icmp
match access-group 120
policy-map tst
class icmp
polcie 50000 conform transmit exceed drop
control-plane
service-policy in tst
51
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Task 2
class-map telnet
match access-group 130
policy-map tst
class telnet
drop
control-plane
servivce-policy out tst
from r2
telnet 10.1.1.1
telnet 1.1.1.1
Task 3
control-plane
service-policy type logging in tst
from r1
ping 10.1.1.2 size 1500
52
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
First we will need to create few files in R3 to deal with it later as its website files
R3#tclsh
R3(tcl)#puts [open "flash:yt.jpg" w+] {kokowawa }
R3#tclsh
R3(tcl)#puts [open "flash:index.html" w+] {kokowawa }
R3(tcl)#exit
R3#sh flash:
R3
ip host www.youtube.com 80.80.80.80
ip http server
no ip http secure-server
ip http path flash:
ip dns server
R2
ip name-server 10.23.23.3
ip domain-lookup
R1
ip name-server 10.23.23.3
ip domain-lookup
53
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
R2
class-map match-any cbtme
match protocol http host *google*
match protocol http url "*.jpeg|*.jpg|*.html"
match protocol http host R3.CBTME.com*
match protocol http mime image*
!
!
policy-map auda
class cbtme
drop
interface FastEthernet0/0
service-policy input auda
To verify:
R1#copy http://80.80.80.80/yt.jpg null:
%Error opening http://80.80.80.80/yt.jpg (I/O error)
54
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Explanation
NBAR common used [Match] commands
class-map cbtme
match protocol http host 80.80.80.80
55
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
class-map cbtme
match protocol http url *.jpg
R2(config)#class-map MATCH-HTTP
R2(config-cmap)#no match protocol http url *.jpg
R2(config-cmap)#match protocol http mime image/jpeg
56
Introduction to QoS CCIE & CCSI: Yasser Ramzy Auda
Challenge:
Explain what each command will do if we apply this class-map on egress interface ?
Resources:
http://www.cisco.com/cgi-bin/tablebuild.pl/pdlm
http://packetlife.net/blog/2008/jul/30/policing-versus-shaping/
https://networklessons.com/quality-of-service/qos-traffic-shaping-explained/
https://networklessons.com/quality-of-service/qos-traffic-policing-explained/
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos/config_library/15-mt/qos-15-mt-
library.html
https://packetpushers.net/how-does-qos-work/
http://lostintransit.se/category/qos/
http://packetlife.net/blog/category/quality-service/
Commercial book:
http://www.ciscopress.com/store/end-to-end-qos-network-design-quality-of-service-for-
9780133116106
Commercial videos:
http://www.ciscopress.com/store/end-to-end-quality-of-service-network-design-livelessons-
9781587144127
Good Luck
CCIE & CCSI: Yasser Auda
https://www.facebook.com/YasserRamzyAuda
https://learningnetwork.cisco.com/people/yasserramzy
https://www.youtube.com/user/yasserramzyauda
57