SEEREN2 Summer School

Heraklion, Sept 25th

Routing Issues: QoS/CoS

Jean-Marc Uzé
Liaison Research & Education, EMEA
juze@juniper.net

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 1

 Agenda: QoS/CoS Workshop

‹ Module 1: Overview of QoS/CoS

‹ Module 2: JUNOS CoS implementation (J/M/T-Series)
‹ Module 3: Introduction to JUNOS CLI
‹ Module 4: GEANT2 QoS services Implementation

The content of this module is courtesy of

Dante (http://www.dante.net)
http://www.dante.net/nep/geantqos/
http://www.dante.net/tf-ngn/activities.html

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 2

 Module 4:
GEANT2 QoS services implementation

‹ GÉANT Network and Services

‹ Premium IP
‹ Less than Best Effort
‹ Queuing on GÉANT and status
‹ Router Configuration
‹ Premium IP Management

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 3

 GEANT2 / Dante
ƒ 10 Gb/s IP/MPLS backbone
with Juniper T640s, M160s,
M40s
ƒ 4 x 10 Gb/s to North America
ƒ Dark fiber and WDM optical
technology
ƒ Connecting 34 European
Countries and 30 National
R&E Networks
ƒ European connectivity to over
3000 R&E institutions
ƒ Advanced Services:
ƒ IPv6
ƒ Premium IP
ƒ Multicast v4 + v6
ƒ Best Effort
ƒ Less Than Best Effort
ƒ Layer 2 VPN

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 4

 Global Connectivity

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 5

 IP QoS Services on GÉANT

‹ Premium IP
ƒ upper-bounded one-way delay
ƒ upper-bounded IPDV
ƒ negligible packet loss
ƒ guaranteed capacity

‹ Less than Best Effort

ƒ class of traffic using the un-utilised Best Effort and
higher classes of service bandwidth

ƒ http://www.geant.net/server/show/nav.00700a009

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 6

 AGENDA

‹ GÉANT Network and Services

‹ Premium IP
‹ Less than Best Effort
‹ Queuing on GÉANT and status
‹ Router Configuration
‹ Premium IP Management

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 7

 Premium IP Model

‹ End-to-end service across multiple management

domains
™ using diffserv, ATM CBR or over-provisioning(!)
™ packet tagged DSCP 46 (EF - 101110)
™ destination aware service
™ packet with other DSCP are left untouched (packets from
other service)
™ Premium IP bandwidth limited to 10% of the link capacity
™ can cope with 20% in case of circuit failure

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 8

 GEANT and IP Premium Service

Source: http://www.dante.net/sequin

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 9

 Premium IP on GEANT
‹ Protection of authorised Premium IP traffic
™ under normal circumstances, the Premium IP traffic of a
circuit is limited to 10% of the circuit capacity
‹ 20% in case of another circuit failure
™ bullet-proof all the GÉANT accesses against unauthorised
Premium IP traffic (tagged DSCP 46) on all the ingress
interfaces
‹ if DSCP 46 packet arrives on GÉANT and part of an
unauthorised flow: classify the packet into the Best Effort
queue and remark it as Best Effort (DSCP 0)
‹ if DSCP 46 packet arrives on GÉANT and is part of an
authorised flow: check against policer according capacity
requested in the SLA (in-profile accepted, out-of-profile
dropped)

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 10

 Premium IP on GEANT
‹ Protection of authorised Premium IP traffic [cont]
™ per next AS rate-limitation (implemented by Juniper for GÉANT)
™ can also do source-destination IP addresses when NREN don’t do
it. (NREN = National Research & Education Network, a Dante
customer network directly connected to GEANT)

‹ Trust the Premium IP traffic received from a GÉANT backbone

interface.
™ Traffic checked at the GÉANT ingresses.

‹ Configure queuing mechanism on the backbone and access

interfaces.
™ strict-high priority is configured to the Premium IP queue.
‹ Don’t forget that the amount of Premium traffic expected in the
Premium IP queue is 10% of the link capacity (service over-
provisioned by a factor 9); this is assured by ingress policing.
™ 90% for the BE and 5% for the network control (and 5% for LBE)

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 11

 Test result end-to-end IP Premium
Jitter distribution in VBR traffic - BE & Premium IP

70%
60%
percentage of packets

50%
40%
30%
20%
10%
0%
0.00
0.19
0.38
0.56
0.75
0.94
1.13
1.31
1.50
1.69
1.88
2.07
2.25
2.44
2.63
2.82
3.01
3.19
3.38
3.57
3.76
Premium IP BE jitter[ms]

Avg. jitter vs. packet size - BE & Premium IP

14
12
avg. jitter [ms]

10
8
6
4
2
0
1
2
2
3
0
7
3
5

45
50
80
90
82
84
01
26
34
30
55
78
17
20
26
44
52
74
85
98

14
14
14
14
14
12

13
13
14
13
13
Premium IP BE packet size [bytes]

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 12

 AGENDA

‹ GÉANT Network and Services

‹ Premium IP
‹ Less than Best Effort
‹ Queuing on GÉANT and status
‹ Router Configuration
‹ Premium IP Management

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 13

 Less than Best Effort

‹ Class of traffic using the un-utilised Best effort and

higher classes of service bandwidth
ƒ in case of competition for resources, the LBE traffic will de
discarded before any Best-Effort or higher classes of traffic.
ƒ use the DSCP 8 (001000) - same as Internet2 scavenger service.

‹ Congestion on an interface due to LBE

ƒ should be transparent to the BE or higher classes of services
ƒ no BE or higher classes of services packet loss

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 14

 Less than Best Effort

‹ No end-to-end guarantees
ƒ no metric needed to quantitatively describe the service

‹ Can be supported on one interface

ƒ anywhere else, the LBE tagging should be passed transparently.

‹ Application scenarios
ƒ mirroring, test traffic, some GRID data transfers, network
backups, protection of research traffic from student dormitory
one.

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 15

 LBE Queuing Technique

‹ For algorithm with bandwidth shared assignment,

as Weighted Wound Robin and Weighted Fair
Queuing, a very small bandwidth share is allocated
to the LBE queue.
™ Typically between 0% and 5%

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 16

 LBE: Measurement with congestion

‹ One-way delay
ƒ Increase of LBE maximum one-way delay of 1.5ms
ƒ Increase of BE maximum one-way delay of 400µs

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 17

 LBE live test:
ER2002 Demo - VLBI - dataGRID
‹ Normal Traffic
+
Radio Astronomy Data
+
Less Than Best Effort
2.0 Gbit/s

‹ Normal Traffic
+
Less Than Best Effort
2.0 Gbit/s

‹ Normal Traffic
+
Radio Astronomy Data
500 Mbit/s
‹ Normal
Traffic

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 18

 AGENDA

‹ GÉANT Network and Services

‹ Premium IP
‹ Less than Best Effort
‹ Queuing on GÉANT and status
‹ Router Configuration
‹ Premium IP Management

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 19

 Queuing Technique

‹ WRR - Juniper M-series

ƒ Weight
ƒ Assure the queue to be given a minimum amount of
bandwidth proportional to the weight.
ƒ Priority
ƒ queue with high priority are served before the low priority
ƒ allow the BE (and other high priority queues) to be served first
until empty before serving the LBE one.

‹ WRED
ƒ is used to limit the queuing delay in case of congestion
ƒ use to protect one class of traffic over the other within a
queue.

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 20

 DSCP/ToS Values used by GEANT
‹ The DSCP/ToS values used in GÉANT to classify the traffic of the different
QoS classes are shown in the table below. In addition to the three service
classes offered to transiting traffic there is a DWS (IP commodity service)
and a Network Control class, which are traffic classes used internally to the
GÉANT network.

Service DSCP value ToS value Juniper alias ToS (hex) DSCP-ToS
binary
Premium IP 46 184 ef B8 101110 -
101110xx
LBE 8 32 cs1 20 001000 -
001000xx
DWS 32 128 cs4 80 100000 -
100000xx
Network 48 192 cs6 C0 110000 -
control 1 110000xx
Network 56 224 cs7 E0 111000 -
control 2 111000xx

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 21

 Juniper Networks and CoS Services
GEANT with IP Premium + LBE Service
Queue FC LP Service DSCP Weight Priority Buffer
0 BE low Best Effort / 90% Low 50%
high DWS 32
1 EF low Premium IP 46 N/A Strict- 15%
high / / high
2 LBE low Less than BE 8 5% low 30%
WRR
high Retag to BE 0
3 NC low Network control 48 5% high 5%
high Network control 56

‹ Junos CoS features include policing, (strict) priority

queuing, weighted round robin (WRR), precedence/DSCP
field rewrite, and random early drop RED.
‹ On a Juniper M-series Router each port has 4 Queues
Weighted Round Robin Percentages can be set for each
Queue
‹ New generation Q-PICs offers multiples queues per logical
interfaces (Ethernet VLAN, ATM PVC, etc.)
Source: http://www.dante.net/nep/geantqos/ and http://www.dante.net/tf-ngn/activities.html

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 22

 QoS Configuration on GEANT
‹ The configuration has completed on most of the
GEANT routers allowing Premium IP, BE and LBE to
co-exist.

™ The routers where the three services have been enable are
represented as green on the following map.

™ The routers coloured yellow are Juniper routers where

“old” FPCs have been re-used from TEN-155 (1999) These
old FPC’s that do not allow for the full functionality of QoS.
‹ As such BE is not ideally protected by LBE and the bandwidth
is effectively shared. Premium IP only is supported.

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 23

 Current QoS Configuration on GEANT

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 24

 AGENDA

‹ GÉANT Network and Services

‹ Premium IP
‹ Less than Best Effort
‹ Queuing on GÉANT and status
‹ Router Configuration
‹ Premium IP Management

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 25

 Router Configuration

‹ Each router in the GÉANT network contains certain QoS

building blocks in order to configure Per Hop Behaviors (PHB).
The configuration shown here is taken from a Juniper M160
router with JUNOS 5.7 and with E-FPC (enhanced FPCs) and
SDH interfaces.

‹ Classifiers, schedulers and rewrite rules can be associated to

each interface. In GÉANT two types of interface configurations
are used for QoS
™ a backbone interface
™ an access interface (i.e. the interface where the traffic from an
NREN is entering GÉANT)

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 26

 DSCP and ToS Values
‹ Type of Service field illustration

‹ Illustration of DSCP Type of Service field

configuration

Service DSCP value ToS value Juniper alias ToS (hex) DSCP-ToS binary
Premium IP 46 184 ef B8 101110 - 101110xx
LBE 8 32 cs1 20 001000 - 001000xx
DWS 32 128 cs4 80 100000 - 100000xx
Network control 1 48 192 cs6 C0 110000 - 110000xx
Network control 2 56 224 cs7 E0 111000 - 111000xx

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 27

 Router Interfaces

‹ Backbone interface ‹ Access interface

so-7/0/0 { so-0/2/3 {
scheduler-map MAP-BASIC; scheduler-map MAP-BASIC;
unit 0 { unit 0 {
classifiers { classifiers {
dscp backbone-classifier; dscp access-classifier;
} }
rewrite-rules { rewrite-rules {
dscp basic-rewrite-rules; dscp basic-rewrite-rules;
} }
} }
} }

In addition, the access interface may contain filters in order to classify and police
Premium IP traffic.
The following configurations apply to all (access and backbone) interfaces.

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 28

 Drop Profiles
‹ Drop profile define the parameters used by the
Random Early Detection (RED) mechanism that
MAY be used in a queue

dws-drop-profile {
fill-level 35 drop-probability 10;
fill-level 40 drop-probability 100;
}
be-drop-profile {
fill-level 15 drop-probability 30;
fill-level 19 drop-probability 50;
fill-level 24 drop-probability 70;
fill-level 30 drop-probability 100;
}
less-than-be-drop-profile {
fill-level 25 drop-probability 30;
fill-level 30 drop-probability 50;
fill-level 40 drop-probability 70;
fill-level 50 drop-probability 100;
}

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 29

 Queues and Schedulers
1. Associate a name with each queue

‹ Note: a queue is sometimes also called a forwarding class

forwarding-classes {
queue 0 best-effort;
queue 1 expedited-forwarding;
queue 2 less-than-best-effort;
queue 3 network-control;
}

The Premium IP traffic is classified into the expedited-forwarding

queue. The naming of the queues is performed once and applies to
all interfaces of the router.

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 30

 Queues and Schedulers
2. Define scheduler configurations
‹ scheduler weight, queue size and priority as set at the GÉANT
router for each queue:
sch-best-effort {
transmit-rate percent 90;
buffer-size percent 50;
priority low;
}
sch-expedited-forwarding {
buffer-size percent 15;
priority strict-high;
}
sch-less-than-best-effort {
transmit-rate percent 5;
buffer-size percent 30;
priority low;
drop-profile-map loss-priority low protocol any drop-profile less-than-be-drop-profile;
drop-profile-map loss-priority high protocol any drop-profile be-drop-profile;
}
sch-network-ctrl {
transmit-rate percent 5;
buffer-size percent 5;
priority high;
}

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 31

 Queues and Schedulers
3. Associate a scheduler with a queue (FC)

‹ The main advantage of the scheduler-map is that it

can be applied to more than one interface.

MAP-BASIC {
forwarding-class best-effort scheduler sch-best-effort;
forwarding-class expedited-forwarding scheduler sch-expedited-forwarding;
forwarding-class less-than-best-effort scheduler sch-less-than-best-effort;
forwarding-class network-control scheduler sch-network-ctrl;
}

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 32

 Classification
‹ The classifier is a functional block located at the input interface that sets three internal
bits for each IP packet
™ Two bits that select the output-queue. There are four output queues, also called forwarding-
classes, per port.
™ One bit to indicate the loss-priority, the packets classified in an output-queue can have two
different values of loss-priority (low or high).

‹ Best Effort (BE) and Less than Best Effort (LBE) traffic is classified by the classifier rules
as shown below.
‹ Note that it is also possible to classify packets by means of an input firewall filter
™ This is used for classifying Premium IP traffic according to the source/destination address and
optionally the DSCP value of the packet. Excess Premium IP traffic is discarded (policer)

Backbone Classifier Access Classifier

dscp backbone-classifier { dscp access-classifier {
import default; import default;
forwarding-class best-effort { forwarding-class best-effort {
loss-priority low code-points [ af11 af12 af13 ]; loss-priority low code-points [ af11 af12 af13 ];
loss-priority high code-points cs4; }
} forwarding-class less-than-best-effort {
forwarding-class less-than-best-effort { loss-priority low code-points cs1;
loss-priority low code-points cs1; loss-priority high code-points [ ef cs4 ];
} }
}

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 33

 Marking
‹ The marking of packets with a DSCP value is the last QoS
action performed before the transmission of the packet
(hence after firewall filter evaluation)

dscp basic-rewrite-rules {
forwarding-class best-effort {
loss-priority high code-point cs4;
} Service
Incoming DSCP New DSCP
forwarding-class expedited-forwarding { value value

loss-priority low code-point ef; Authorised Premium IP 46 46/drop

} Un-authorised Premium
IP
46 0/5
forwarding-class network-control {
DWS 32 0
loss-priority low code-point nc1;
LBE 8 8
loss-priority high code-point nc2;
}
Network Control 48/56 48

forwarding-class less-than-best-effort { Best Effort other values Unchanged

loss-priority high code-point be;

loss-priority low code-point cs1;
}
}

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 34

 AGENDA

‹ GÉANT Network and Services

‹ Premium IP
‹ Less than Best Effort
‹ Queuing on GÉANT and status
‹ Router Configuration
‹ Premium IP Management

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 35

 Useful Tool
‹ Feature of the NANOG traceroute to discover the
DSCP changes along the path (Simon Leinen from
Switch:-)

[root]# ./traceroute -t 184 193.171.2.1

traceroute to 193.171.2.1 (193.171.2.1), 30 hops max, 40 byte
packets
1 css7-ATM4-0-0-101-dmsk.man.poznan.pl (150.254.160.62) 1 ms 1
ms 1
ms
2 150.254.163.118 (150.254.163.118) 2 ms 2 ms 2 ms
3 z-pozmanu-oc3.poznan-gw.pol34.pl (212.191.127.49) 2 ms 2 ms 2
ms
4 pol-34.pl1.pl.geant.net (62.40.103.109) 2 ms 2 ms 2 ms
5 pl.cz1.cz.geant.net (62.40.96.45) 22 ms (TOS=0!) 22 ms 22 ms
6 cz.de1.de.geant.net (62.40.96.38) 30 ms 30 ms 30 ms
7 de1-1.de2.de.geant.net (62.40.96.130) 30 ms 30 ms 31 ms
8 de.at1.at.geant.net (62.40.96.5) 43 ms 43 ms 43 ms
9 aconet-gw.at1.at.geant.net (62.40.103.2) 43 ms 43 ms 43 ms
10 193.171.2.1 (193.171.2.1) 45 ms * 45 ms

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 36

 Need for Automation
‹ Service management was done manually
‹ Service set up, maintenance and
termination was done by phone calls and
emails
‹ Considerable manual effort required
‹ Complexity in keeping track of:
™ Path information
™ Current and future reservations
™ Premium IP utilisation levels
™ Changes in network topology

‹ Multi-party communication

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 37

 System Architecture
‹ Java web-based architecture
‹ Using Apache 1.3 web server, Tomcat
servlet container & MySQL Database

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 38

 Premium IP Reservation Tool Features (1)
‹ Authentication & Authorisation
‹ Path Finder
™ Find shortest path between two end points
‹ Dynamic based upon configured IS-IS cost
‹ Utilisation Monitoring
™ Check Premium IP reservation levels on each
intermediate link along the path
™ Take into account all active reservation during
the given time period
™ Display the available Premium IP capacity

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 39

 Premium IP Reservation Tool Features (2)
‹ Reservation Management
™ View,Request, Modify, Cancel
™ Based upon available Premium IP capacity
‹ Contact management
‹ IP Address management

‹ Automated email notification

™ toUser, DANTE - Premium IP team, NOC
™ upon Reservation Request, Modification,
Cancellation
‹ Router Configuration update (script)
‹ Others: IS-IS cost, Reports, Archival,
System Administration...
Copyright © 2006 Juniper Networks, Inc. www.juniper.net 40
Copyright © 2006 Juniper Networks, Inc. www.juniper.net 41
 Thank you

Jean-Marc Uzé
Liaison Research & Education, EMEA
juze@juniper.net

Mobile: +33615432512
31 Place Ronde, 92986 Paris-La-Defense, France

Copyright © 2006 Juniper Networks, Inc. www.juniper.net 42