Campus Qos Design Simplified Brkcrs 2501

Campus QoS Design—
Simplified
BRKCRS-2501
Tim Szigeti Jerome Henry

Principal Engineer Senior Technical Leader
szigeti@cisco.com jehenry@cisco.com
@tim_szigeti @wirelessccie
http://tinyurl.com/zuzevge
Agenda
• Campus QoS Design Considerations and Best Practices
• Cisco Catalyst 2960-X QoS Design
• Cisco Catalyst 3650/3850 QoS Design
• Cisco Catalyst 4500 QoS Design
• Cisco Nexus 7000/7700 QoS Design
• Campus WLAN QoS Design Considerations and Best Practices
• Cisco IOS XE WLC AVC/QoS Design
• Cisco AireOS WLC AVC/QoS Design
• What are we doing to make this simpler?
• Summary and References
Campus QoS Design
Considerations
and Best Practices
What Do You Consider First?
BRKRST-2056: The QoS Paradigm Shift

https://cisco.box.com/s/8izevlg4k6gaggh3cmrc16lugm6sdr8y
https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=83633&backBtn=true
Start by Defining Your QoS Strategy
Articulate Your Business Intent, Relevant Applications and End-to-End Strategy
https://cisco.box.com/s/6t7a0ahzh0pyqg6z1f86zauxund1fevd
The Case for Campus QoS
• The primary role of QoS in campus networks is to manage packet loss

• In campus networks, it takes only a few milliseconds of congestion to cause drops
• Rich media applications are extremely sensitive to packet drops
• Queuing policies at every node can prevent packet loss for real-time apps
• The secondary role of QoS in campus networks is to condition traffic at the access
edge, which can include any of the following:
• Trust
• Classify and Mark
• Police
Why Is Video So Sensitive to Packet Loss?
1920 lines of Vertical Resolution (Widescreen Aspect Ratio is 16:9)
1080p60
1080 lines of Horizontal Resolution
1080 x 1920 lines =
2,073,600 pixels per frame
x 24 bits of color per pixel
x 60 frames per second
= 2,985,984,000 bps
or 3 Gbps Uncompressed!
Cisco (H264/H.265) codecs transmit 3-5 Mbps per 1080p60 video stream
which represents over 99.8% compression (~ 1000:1)
Packet loss is proportionally magnified by compression ratios
Users can notice a single packet lost in 10,000—
Making HD Video One Hundred Times More Sensitive to Packet Loss than VoIP!
VoIP vs. HD Video—At the Packet Level
Voice Packets Video Packets

1400 1400
Video Video Video
Frame Frame Frame
1000 1000
Bytes
600 Audio 600
Samples
200 200
Time 20 msec 33 msec

Campus QoS Design Considerations
How Long Can Queue-Buffers Accommodate Line-Rate Bursts?
GE Linecard Example Begin dropping at 11 ms
but overall utilisation is only 1%!
140
Gbps Line Rate GE Linecard Example (WS-X6148)
KBytes Per ms
120
100 Total Per-Port Buffer: 5.4 MB
80
60 Total Per-Queue Buffer*: 1.35 MB
40
20 Gbps Line Rate: 1 Gbps = 125 MB/s
0 or 125 KB/ms
130
170
210
250
290
330
370
410
450
490
530
570
610
650
690
730
770
810
850
890
930
970
10
50
90
Total Per-Queue Buffering Capacity: 10.8 ms

ms
*Assuming (4) equal-sized queues

1 second
How Long Can Queue-Buffers Accommodate Line-Rate Bursts?
10-GE Linecard Example Begin dropping at 9 ms
but overall utilisation is still only 1%!
1400
10 Gbps Line Rate 10 GE Linecard Example (WS-X6908)
KBytes Per ms
1200
1000
Total Per-Port Buffer: 90 MB
800
600
Total Per-Queue Buffer*: 11.25 MB
400
200
Gbps Line Rate: 10 Gbps = 1.25 GB/s
0
or 1250 KB/ms
130
170
210
250
290
330
370
410
450
490
530
570
610
650
690
730
770
810
850
890
930
970
10
50
90
Total Per-Queue Buffering Capacity: 9.0 ms

ms
*Assuming (8) equal-sized queues

1 second
Oversubscription in the Campus GE Link
10GE Link
40GE Link
10GE Link
40GE Link
x 11
10GE Link
40GE Link
10GE Link
40GE Link
Know Your Tools
• Catalyst and Nexus switch hardware
• Software and Syntax
• Global Default QoS Settings
• Trust States and Conditional Trust
• Logical vs. Physical Interface QoS
• Ingress and Egress Queuing Models
Economy
Hardware Varies
Australian Version
2016 Cisco Live Melbourne
Utility
Performance
Economy
Hardware Varies
American Version
2015 Cisco Live San Diego
Utility
Performance
Economy
Hardware Varies
Italian Version
2015 Cisco Live Milan
Utility
Performance
Economy
Hardware Varies
German Version
2016 Cisco Live Berlin
Utility
Performance
Economy
Hardware Varies
Canadian Version
2015 Cisco Connect Toronto
Utility
Performance
Software and Syntax Variations
• Catalyst 2960-X / 3560 / 3750 are the last platforms to use Multilayer Switch QoS (MLS QoS)
• QoS is disabled by default and must be globally enabled with mls qos command
• Once enabled, all ports are set to an untrusted port-state
• Catalyst 3650/3850 and 4500 use IOS Modular QoS Command Line Interface (MQC)
• QoS is enabled by default
• All ports are trusted at layer 2 and layer 3 by default
• Catalyst 6500/6800 use Cisco Common Classification Policy Language (C3PL) QoS
• QoS is enabled by default (Sup2T) – Disabled by default (Sup720)
• C3PL presents queuing policies similar to MQC, but as a defined “type” of policy
• Nexus 7000/7700 use NX-OS QoS

• QoS is enabled by default
• NX-OS presents queuing policies similar to MQC, but as a defined “type” and with default class-map names
Trust Boundary
Trust Boundaries Untrusted / User-Administered Devices

no mls qos trust
Trust Boundary
The trust boundary is the edge where

• Layer 2 (CoS / UP) and/or
• Layer 3 (DSCP) Trusted Centrally-Administered Devices
mls qos trust dscp
markings are accepted or rejected
Trust Boundary
Centrally-Administered &
Conditionally-Trusted Devices
mls qos trust device
• cisco-phone
• cts
• ip-camera
• media-player
Policy Enforcement Points (PEPs)
• The Policy Enforcement Point (PEP) is the edge where classification and marking policies are enforced
• The PEP may or may not be the same as the trust boundary
• Multiple PEPs may exist for different types of network devices
• e.g. switch PEP vs. router PEP
Note: For the sake of simplification, in this deck PEP will refer to
Trust Boundary
classification and marking policy enforcement points (only)
Switch Router and will not include other policy enforcement points (e.g. queuing).
PEP PEP
Per-Port QoS vs. Per-VLAN QoS
Per-Port QoS Per-VLAN QoS

Policy map is applied to the
logical VLAN interface
VLAN Interfaces VLAN Interfaces
VLAN 10 VLAN 20 VLAN 10 VLAN 20
Physical Ports Physical Ports

Policy map is applied to the interface gig 1/1-48
physical switch port mls qos vlan-based
interface Vlan 10
interface gig 1/1-48
service-policy input MARKING
service-policy input MARKING
Per-Port/Per-VLAN QoS
VLAN Interfaces
DVLAN 10
VVLAN 110
DVLAN policy map is applied Trunked Physical Ports

to the Data VLAN (only)
on a given trunked switch port VVLAN policy map is applied
to the Voice VLAN (only)
on a given trunked switch port
EtherChannel QoS
• EtherChannels are comprised of logical (Port-Channel) interfaces and physical
(port-member) interfaces
• Ingress QoS policies are usually applied to the logical interfaces (but not always)
• Egress QoS policies (such as queuing) are always applied to the physical port-
member interfaces
Platform QoS Policies Applied to the QoS Policies Applied to the
(Logical) Port-Channel (Physical) Port-Member
Interface Interfaces
Catalyst 2960-X  Ingress & Egress
Catalyst 3650/3850  Ingress & Egress
Catalyst 4500  Ingress  Egress
Catalyst 6500  Ingress  Egress
Cisco Nexus 7000/7700  Ingress  Egress
Campus QoS Design Best Practices
• Always perform QoS in hardware rather than software when a choice exists
• Classify and mark applications as close to their sources as technically and
administratively feasible
• Police unwanted traffic flows as close to their sources as possible
• Enable queuing policies at every node where the potential for congestion exists
Campus Ingress QoS Models
No Trust (Untrusted)
Trust DSCP
Trust CoS
Trust Device / Conditional Trust
(if required and supported)

Ingress Queuing Policies
Marking Policies (Optional) Policing Policies
VVLAN Yes
VoIP Classifier Mark EF VoIP Policer (<128 kbps) No
Drop
Yes
Signaling Classifier Mark CS3 Signaling Policer (<32 kbps) No
Drop
Yes
Multimedia Conferencing Classifier
Mark AF41 MM-Conf Policer (<5 Mbps) No
Drop
DVLAN Yes
Signaling Classifier Mark CS3 Signaling Policer (<32 kbps) No
Drop
Yes
Transactional Data Classifier Mark AF21 Trans-Data Policer (<10 Mbps) No
Remark to CS1
Yes
Bulk Data Classifier Mark AF11 Bulk Data Policer (<10 Mbps) No
Remark to CS1
Yes
Scavenger Classifier Mark CS1 Scavenger Policer (<10 Mbps) No
Drop
Yes
Best Effort (Class-Default) Mark DF Best Effort Policer (<10 Mbps) No
Remark to CS1
Catalyst Hardware Queuing
1P3Q1T Example
Each queue has 1 Drop Threshold

1 Priority Queue
(the tail of the queue)
3 Non-Priority
Queues
1P3Q1T
Catalyst Hardware Queuing
1P3Q1T Example
Resume
Interrupt
Scheduling
Weighted Tail Drop (WTD) Operation
3T WTD Example
Tail Front
of of
Queue Queue
Direction
of
Packet
Flow
Red Minimum WTD Threshold 1:

Begin tail dropping red packets
Yellow Minimum WTD Threshold 2:

Begin tail dropping yellow packets
Tail of Queue is WTD Threshold 3

Weighted Random Early Detect (WRED) Operation
4T WTD Example
Tail Front
of of
Queue Queue
Direction
of
Packet
Flow
AF13 Minimum WRED Threshold:
Begin randomly dropping AF13 Packets


Maximum WRED Thresholds for AF11, AF12 and AF13 are set to the tail of the queue in this example
Campus Port QoS Roles
Untrusted Endpoint:
• Port Set to Untrusted State
(or Explicit Policy to Mark to DSCP 0)
• [Optional Ingress Marking and/or Policing]
• [Ingress and] Egress Queuing
Trusted Port
• Trust DSCP
Conditionally-Trusted Endpoint
(Default on all non-MLS QoS platforms)
• Conditional-Trust with Trust-CoS or DSCP
• [Optional Ingress Marking and/or Policing]
Campus QoS Design—At-A-Glance
Agenda
Cisco Catalyst 2960-X
QoS Design
Catalyst 2960-X
QoS Roles in the Campus Access
No Trust +
Ingress Queuing +
Egress Queuing
Trust DSCP +
Ingress Queuing +
Egress Queuing
Conditional Trust +
Ingress Queuing +
C2960-X Egress Queuing
Access
Switch Classification/Marking +
[Optional Policing] +
Distribution Ingress Queuing +
Switches Egress Queuing
Catalyst 2960-X
QoS Design Steps
1. Enable QoS
Note: Catalyst 2960-X is QoS compatible with the
2. Configure Ingress QoS Model(s): Catalyst 3560 & 3750, with the following exceptions:
 Trust Models • The Catalyst 3560 & 3750 support ingress queuing
policies, but the 2960-S does not.
 Conditional Trust Model
• Similarly, the Catalyst 3560 & 3750 support VLAN-
 Service Policy Models based QoS policies, but the 2960-X does not.
3. Configure Egress Queuing

Catalyst 2960-X
Enabling QoS and Trust Models
Enabling QoS:
mls qos Shaded commands are global
Trust-CoS Model Example:

mls qos map cos-dscp 0 8 16 24 32 46 48 56 Key commands/parameters in RED
mls qos trust cos Highlighted commands are interface specific
Trust-DSCP Model Example:

mls qos trust dscp Note: CoS 5 which is explicitly mapped to DSCP 46
Conditional-Trust Model Example:

mls qos trust device cisco-phone [or]
mls qos trust device cts [or] Note: Only one type of device may be configured at a time
mls qos trust device ip-camera [or]
mls qos trust device media-player
Catalyst 2960-X
Conditional Trust Model Example
Conditional Trust Policy to a Cisco IP Phone:

mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos trust device cisco-phone
mls qos trust cos Note: All CoS-to-DSCP values are left at default
(DSCP = CoS * 8)
Except for CoS 5 which is explicitly mapped to DSCP 46

(Expedite Forwarding/EF, per RFC 3246 & 4594).
CoS must be
matched as Cisco IP
Phones only remark
at Layer 2
Catalyst 2960-X
Marking Policy Model Example
class-map match-all VOIP policy-map MARKING-POLICY
match access-group name VOIP class VOIP
class-map match-all MULTIMEDIA-CONFERENCING set dscp ef
match access-group name MULTIMEDIA-CONFERENCING class MULTIMEDIA-CONFERENCING
class-map match-all SIGNALING set dscp af41
match access-group name SIGNALING class SIGNALING
class-map match-all TRANSACTIONAL-DATA set dscp cs3
match access-group name TRANSACTIONAL-DATA class TRANSACTIONAL-DATA
class-map match-all BULK-DATA set dscp af21
match access-group name BULK-DATA class BULK-DATA
class-map match-all SCAVENGER set dscp af11
match access-group name SCAVENGER class SCAVENGER
set dscp cs1
class class-default
set dscp default
service-policy input MARKING-POLICY
Note: Remarking is performed by configuring a
policed-DSCP map with the global configuration
command mls qos map policed-dscp, which
Catalyst 2960-X specifies which DSCP values are subject to
remarking if out-of-profile and what value these
should be remarked as.
Marking & Policing Policy Example
In this example exceeding:
• Best Effort (DSCP 0)
mls qos map policed-dscp 0 10 18 to 8 • Bulk (AF11 / DSCP 10)
• Transactional Data (AF21 / DSCP 18)
[class-maps omitted for brevity] are remarked to Scavenger (CS1 / DSCP 8).
policy-map MARKING&POLICING
class VVLAN-VOIP [continued]
set dscp ef class BULK-DATA
police 128k 8000 exceed-action drop set dscp af11
class VVLAN-SIGNALING police 10m 8000 exceed-action policed-dscp-transmit
set dscp cs3 class SCAVENGER
police 32k 8000 exceed-action drop set dscp cs1
class MULTIMEDIA-CONFERENCING police 10m 8000 exceed-action drop
set dscp af41 class DEFAULT
police 5m 8000 exceed-action drop set dscp default
class SIGNALING police 10m 8000 exceed-action policed-dscp-transmit
set dscp cs3 service-policy input MARKING&POLICING
police 32k 8000 exceed-action drop
class TRANSACTIONAL-DATA
set dscp af21
police 10m 8000 exceed-action policed-dscp-transmit
…
Catalyst 2960-X
1P3Q3T Egress Queuing Model
Application DSCP 1P3Q3T
Network Control (CS7) AF1 Q4T2

Queue 4
CS1 (5%) Q4T1
Internetwork Control CS6
VoIP EF Default Queue

DF
Broadcast Video CS5 Queue 3 (35%)
Multimedia Conferencing AF4 CS7 Q2T3
Realtime Interactive CS4 CS6
Multimedia Streaming AF3 CS3 Q2T2

Queue 2
Signaling CS3 AF4 (30%) Q2T1
Transactional Data AF2 AF3
Network Management CS2 AF2

CS2
Bulk Data AF1
EF
Scavenger CS1 Q1
CS5
Best Effort DF Priority Queue
CS4
Catalyst 2960-X
Note: The Catalyst 2960-X can also be
1P3Q3T Egress Queuing Model Config—Part 1 of 2 configured to use an 8-queue model; however
this model is NOT supported in a stack, nor is
it supported if AutoQoS is enabled.
! This section configures egress buffers and thresholds

mls qos queue-set output 1 buffers 15 30 35 20 Allocates buffers to Q1, Q2, Q3 and Q4
(respectively)
mls qos queue-set output 1 threshold 1 100 100 100 100
mls qos queue-set output 1 threshold 4 60 100 100 400 Each queue has 4 thresholds:
• WTD Threshold 1
! This section configures egress CoS-to-Queue mappings • WTD Threshold 2
mls qos srr-queue output cos-map queue 1 threshold 3 4 5 • Reserved Threshold—buffers that may NOT
mls qos srr-queue output cos-map queue 2 threshold 1 2 be shared with adjacent port-queues
• Maximum Threshold—maximum amount of
mls qos srr-queue output cos-map queue 2 threshold 2 3 buffers may be borrowed from common buffer
mls qos srr-queue output cos-map queue 2 threshold 3 6 7 pools (if available)
mls qos srr-queue output cos-map queue 3 threshold 3 0
mls qos srr-queue output cos-map queue 4 threshold 3 1
If the packet enters the switch on a port that is set
to trust cos then these CoS-to-Queue mappings
will be used to determine how the packet is
queued on egress
Catalyst 2960-X
1P3Q3T Egress Queuing Model Config—Part 2 of 2 If the packet enters the switch on a port
that is set to trust dscp then these
! This section configures egress DSCP-to-Queue mappings DSCP-to-Queue mappings will be used to
determine how the packet is queued on
mls qos srr-queue output dscp-map queue 1 threshold 3 32 40 46 egress
mls qos srr-queue output dscp-map queue 2 threshold 1 16 18 20 22
mls qos srr-queue output dscp-map queue 2 threshold 1 26 28 30 34 36 38
mls qos srr-queue output dscp-map queue 2 threshold 2 24
mls qos srr-queue output dscp-map queue 2 threshold 3 48 56
mls qos srr-queue output dscp-map queue 4 threshold 2 10 12 14
! This section configures interface egress queuing parameters

queue-set 1
srr-queue bandwidth share 1 30 35 5
priority-queue out
Enables the PQ Allocates bandwidth to each queue by means of a WRR weight.

Q1 weight is ignored, as it’s operating as a PQ
Catalyst 2960-X QoS Design At-A-Glance
Catalyst 3650/3750 QoS Design At-A-Glance
Agenda
Cisco Catalyst 3650/3850
QoS Design
Catalyst 3650/3850
QoS Roles in the Campus Access
No Trust +
Egress Queuing
Trust DSCP +
C3650/3850 Egress Queuing
Access
Switch Conditional Trust +
Egress Queuing
Classification/Marking +
[Optional Policing] +
Egress Queuing
Wireless Per-Port / Per-SSID / Per-Client Policies:

[Optional: Classification/ Marking]
[Optional: Policing]
Distribution 2P2Q+AFD Egress Queuing
Switches
Catalyst 3650/3850
QoS Design Steps
1. Configure Ingress QoS Model(s):
 Trust DSCP Model*
 Conditional Trust Models (wired ports only)
 Service Policy Models (wired or wireless ports)

 Wired Queuing Models: 8Q3T or 1P7Q3T or 2P6Q3T
 Wireless Queuing Model: 2P2Q+AFD
*Note: Catalyst 3650/3850 IOS MQC trusts all wired ports by default
Prior to IOS XE 3.3, wireless ports were set to an untrusted state by default.
However, this default setting can be globally disabled with the following command:
no qos wireless-default-untrust
Beginning with IOS XE 3.3, wireless ports are also trusted by default
Catalyst 3650/3850 Only match-any is supported
(i.e. match-all is not supported)
Conditional Trust Models
Conditional-Trust
Cisco IP Phone (Cisco IP Phone)
Conditional TrustExample:
Example
class-map match-any VOICE CoS
CoSmust
mustbebe
match cos 5 matched
matchedasasCisco
Conditional-Trust Models: class-map match-any SIGNALING
Cisco
IP
IPPhones
Phonesonly
only
interface GigabitEthernet 1/0/1 match cos 3 remark
remarkat
atLayer
Layer22
trust device cisco-phone [or]
trust device cts [or] policy-map CISCO-IPPHONE
trust device ip-camera [or] class VOICE
trust device media-player set dscp ef
class SIGNALING
set dscp cs3
Only one type of device can be configured for class class-default
conditional trust on an interface at a given time set dscp default
interface GigabitEthernet 1/0/1
trust device cisco-phone
service-policy input CISCO-IPPHONE
Catalyst 3650/3850
Marking Policy Example
[class-maps omitted for brevity] ! This section attaches the service-policy
policy-map MARKING-POLICY ! to a wired interface(s)
class VOIP interface range GigabitEthernet 1/0/1-48
set dscp ef service-policy input MARKING
class MULTIMEDIA-CONFERENCING
set dscp af41 ! This section attaches the service-policy
class SIGNALING ! to a wireless interface(s) at the SSID level
set dscp cs3 wlan EMPLOYEE-WLAN
class TRANSACTIONAL-DATA service-policy input MARKING
set dscp af21
class BULK-DATA ! This section attaches the service-policy
set dscp af11 ! to a wireless interface(s) at the client level
class SCAVENGER wlan EMPLOYEE-WLAN
set dscp cs1 service-policy client input MARKING
class default
set dscp default
Inclusion of the client keyword applies
the service-policy at the client level
All markdown and/or
Catalyst 3650/3850 mapping operations
are configured
through table-maps
Marking & Policing Policy Example—Part 1 of 2
policy-map MARKING&POLICING …[continued]
class VVLAN-VOIP class TRANSACTIONAL-DATA
set dscp ef set dscp af21 table-map TABLE-MAP
police 128k police 10m map from 0 to 8
conform-action transmit conform-action transmit map from 10 to 8
exceed-action drop exceed-action TABLE-MAP map from 18 to 8
class VVLAN-SIGNALING class BULK-DATA
set dscp cs3 set dscp af11
police 32k police 10m
conform-action transmit conform-action transmit
exceed-action drop exceed-action TABLE-MAP
class MULTIMEDIA-CONFERENCING class SCAVENGER
set dscp af41 set dscp cs1 Policing to remark traffic
police 5m police 10m is done by referencing
conform-action transmit conform-action transmit the previously-configured
exceed-action drop exceed-action drop table-map
class SIGNALING class class-default
set dscp cs3 set dscp default
police 32k police 10m
conform-action transmit conform-action transmit
exceed-action drop exceed-action TABLE-MAP
… Policers can may be set to either remark or drop excess traffic
Catalyst 3650/3850
Service policies applied to the
Marking & Policing Policy Example—Part 2 of 2 SSID level are actually
applied to the BSSID
(that is, per SSID/AP pair)
! This section attaches the service-policy to a wired interface(s)
interface range GigabitEthernet 1/0/1-48
service-policy input POLICING
! This section attaches the service-policy to a wireless interface(s) at the SSID level
! The policy will be applied to all clients belonging to the SSID at an aggregate level
wlan EMPLOYEE-WLAN
service-policy input POLICING
! This section attaches the service-policy to a wireless interface(s) at the client level
! The policy will be applied to individual clients at an aggregate level
wlan EMPLOYEE-WLAN
service-policy client input POLICING
The inclusion of the client keyword
changes the application of the policer
from the SSID-aggregate level to the
client-aggregate level
Catalyst 3650/3850
Per-Port/Per-VLAN Policy
class-map VVLAN
match vlan 110 Individual
Individual (trunked)
(trunked) VLANs
VLANs are
are
class-map DVLAN matched
matched byby the
the match
match vlan
vlan command
command
match vlan 10
policy-map VLAN-POLICERS
class VVLAN
police 192k
conform-action transmit exceed-action drop Policers are applied on a per-VLAN
Policers are applied on a Per-VLAN basis
class DVLAN basis
police 50m
conform-action transmit exceed-action drop
interface GigabitEthernet 1/0/1

service-policy input VLAN-POLICERS Per-VLAN policers are then applied on a Per-Port basis
Catalyst Hardware Queuing PQ1
2P6Q3T Example
PQ2
Interrupt
Interrupt
Scheduling
Scheduling
Catalyst 3650/3850
2P6Q3T with Weighted Tail Drop (WTD) Wired Port Egress Queuing Model
Application DSCP 2P6Q3T BWR =

Bandwidth
Network Control (CS7) EF PQ Level 1 (10%) Remaining
Internetwork Control CS6 CS5
PQ Level 2 (20%) WTD =
CS4
VoIP EF Weighted
CS7 & CS6 Tail
Broadcast Video CS5 Q6
Drop
CS3 & CS2 (BWR 10%)
Multimedia Conferencing AF4
Q5
AF4
Realtime Interactive CS4 (BWR 10% + WTD)
Multimedia Streaming AF3 AF3 Q4

(BWR 10% + DSCP-Based WTD)
Signaling CS3
Q3
(BWR 10% + DSCP-Based WTD)
Network Management CS2
AF1 Q2
Bulk Data AF1
CS1 (BWR 5% + DSCP-Based WTD)
Scavenger CS1
Best Effort DF DF Q1 (BWR 25%)

Catalyst 3650/3850
2P6Q3T+WTD Wired Port Egress Queuing Config – Part 1of 2
class-map match-any VOICE-PQ1 Note: On platforms with shared buffer and TCAM
match dscp ef architectures (2960/3560/3750/3650/3850/4500),
class-map match-any VIDEO-PQ2 show policy-map interface commands do not report
match dscp cs4 per-port packets or byte-counters.
match dscp cs5 This is a limitation of shared hardware architectures.
class-map match-any CONTROL-MGMT-QUEUE
match dscp cs7 cs6 cs3 cs2
class-map match-any MULTIMEDIA-CONFERENCING-QUEUE
match dscp af41 af42 af43
class-map match-any MULTIMEDIA-STREAMING-QUEUE
class-map match-any TRANSACTIONAL-DATA-QUEUE
class-map match-any SCAVENGER-BULK-DATA-QUEUE
match dscp cs1 af11 af12 af13
Catalyst 3650/3850 If a PQ is enabled then
2P6Q3T+WTD Wired Port Egress Queuing Config – Part 2 of 2 non-PQs must use
bandwidth remaining
policy-map 2P6Q3T [continued]
class VOICE-PQ1 class MULTIMEDIA-STREAMING-QUEUE
Two-levels of priority bandwidth remaining percent 10
priority level 1 Allocates
queuing are supported queue-buffers ratio 10
police rate percent 10 buffers to
class VIDEO-PQ2 queue-limit dscp af33 percent 80 non-PQs
priority level 2 queue-limit dscp af32 percent 90
police rate percent 20 queue-limit dscp af31 percent 100
class CONTROL-MGMT-QUEUE class TRANSACTIONAL-DATA-QUEUE
bandwidth remaining percent 10 bandwidth remaining percent 10
queue-buffers ratio 10 queue-buffers ratio 10
class MULTIMEDIA-CONFERENCING-QUEUE queue-limit dscp af23 percent 80 Tunes WTD
bandwidth remaining percent 10 queue-limit dscp af22 percent 90 WTD
to better
to
queue-buffers ratio 10 queue-limit dscp af21 percent 100 align to an
queue-limit dscp af43 percent 80 class SCAVENGER-BULK-DATA-QUEUE AF PHB
queue-limit dscp af42 percent 90 bandwidth remaining percent 5
queue-limit dscp af41 percent 100 queue-buffers ratio 10
… queue-limit dscp values af13 cs1 percent 80
queue-limit dscp values af12 percent 90
queue-limit dscp values af11 percent 100
interface range GigabitEthernet 1/0/1-48 class class-default Needed if >3
service-policy output 2P6Q3T bandwidth remaining percent 25 DSCPs are
queue-buffers ratio 25 mapped to WTD
thresholds
Catalyst 3650/3850
Hierarchical QoS Policies—Queuing within Shaped Rate Example
policy-map 50MBPS-SHAPER
class class-default Defines the sub-line rate (CIR)
shape average 50000000
service-policy 2P6Q3T Provides back-pressure to the system to
interface GigabitEthernet 1/0/1 engage the (previously-defined) queuing
service-policy output 50MBPS-SHAPER policy, so that packets are properly
prioritised within the sub-line rate
Only the Hierarchical Shaping policy is

attached to the interface(s)
Catalyst 3650/3850 QoS Design—At-A-Glance
Agenda
Cisco Catalyst 4500
QoS Design
Catalyst 4500
QoS Roles in the Campus Distribution
Trust DSCP +
Egress Queuing
Core Switches
Access
Switches Catalyst 4500
Distribution
Switches
Catalyst 4500
QoS Design Steps
1. Configure Ingress QoS Model(s):
 DSCP-Trust Model*
 Conditional Trust Model
 Service Policy Models
*Note: Catalyst 4500 uses IOS MQC, which trusts by default;

therefore no explicit policy is required for DSCP trust
Catalyst 4500
Conditional Trust Example
class-map match-all VOICE
match cos 5 Catalyst 4500 supports both match-all (logical AND)
class-map match-all SIGNALING and match-any (logical OR) operators
match cos 3
policy-map CISCO-IPPHONE
class VOICE
set dscp ef
class SIGNALING
set dscp cs3
class class-default
set dscp default
interface GigabitEthernet 3/1

qos trust device cisco-phone
service-policy input CISCO-IPPHONE
Conditional trust command (trust device) must be

prefaced by qos on the Catalyst 4500
Catalyst 4500
Marking Policy Example
[class-maps omitted for brevity]
policy-map MARKING-POLICY
class VOIP
set dscp ef
class MULTIMEDIA-CONFERENCING
set dscp af41
class SIGNALING
set dscp cs3
class TRANSACTIONAL-DATA
set dscp af21
class BULK-DATA
set dscp af11
class SCAVENGER
set dscp cs1
class class-default
set dscp default
interface GigabitEthernet 3/1

service-policy input MARKING-POLICY
Catalyst 4500
Marking & Policing Policy Example
policy-map MARKING&POLICING class BULK-DATA
class VOIP police 10m bc 8000
police 128k bc 8000 conform-action set-dscp-transmit af11
conform-action set-dscp-transmit ef exceed-action set-dscp-transmit af12
exceed-action drop class SCAVENGER
class SIGNALING police 10m bc 8000
police 32k bc 8000 conform-action set-dscp-transmit cs1
conform-action set-dscp-transmit cs3 exceed-action drop
exceed-action drop class class-default
class MULTIMEDIA-CONFERENCING police 10m bc 8000
police 5m bc 8000 conform-action set-dscp-transmit default
conform-action set-dscp-transmit af41 exceed-action set-dscp-transmit cs1
exceed-action set-dscp-transmit af42
class TRANSACTIONAL-DATA interface GigabitEthernet 3/1
police 10m bc 8000 service-policy input MARKING&POLICING
conform-action set-dscp-transmit af21
exceed-action set-dscp-transmit af22
Marking/remarking is configured as part of the policing action
(i.e. no table-map or markdown-map is referenced)
Catalyst 4500
Per-Port/Per-VLAN QoS Policy Example
interface range GigabitEthernet 2/1-48
qos trust device cisco-phone
vlan 10 Per-Port/Per-VLAN policies can be applied to
service-policy input DVLAN-POLICERS a specific VLAN on a trunked interface via an
vlan 110 interface-VLAN
via an interface-VLAN
configuration
configuration
mode mode
service-policy input VVLAN-POLICERS
Catalyst 4500
1P7Q1T+Dynamic Buffer Limiting (DBL) Egress Queuing Model
Application DSCP 1P7Q1T (+DBL)
Network Control (CS7) EF

Internetwork Control CS6 CS5 PQ
CS4
VoIP EF
CS7 & CS6 Q7
Broadcast Video CS5
CS3 & CS2 (BWR 10%)
Q6
AF4
Realtime Interactive CS4 (BWR 10%)
Multimedia Streaming AF3 AF3 Q5

(BWR 10%)
Signaling CS3
Q4
(BWR 10%)
Q3 BWR =
AF1
Bulk Data AF1 (BWR 4%) Bandwidth
Remaining
Scavenger CS1 CS1 Q2 (BWR 1%)
Best Effort DF DF Q1 (25%)

Catalyst 4500 If PQ is enabled then
bandwidth remaining
1P7Q1T+DBL Egress Queuing Config must be used
class-map match-all PRIORITY-QUEUE Enables the PQ policy-map 1P7Q1T

match dscp cs4 cs5 ef class PRIORITY-QUEUE
class-map match-all CONTROL-MGMT-QUEUE priority
match dscp cs7 cs6 cs3 cs2 class CONTROL-MGMT-QUEUE
class-map match-all MULTIMEDIA-CONFERENCING-QUEUE bandwidth remaining percent 10
match dscp af41 af42 af43 class MULTIMEDIA-CONFERENCING-QUEUE
class-map match-all MULTIMEDIA-STREAMING-QUEUE bandwidth remaining percent 10
match dscp af31 af32 af33 class MULTIMEDIA-STREAMING-QUEUE
class-map match-all TRANSACTIONAL-DATA-QUEUE bandwidth remaining percent 10
match dscp af21 af22 af23 class TRANSACTIONAL-DATA-QUEUE
class-map match-all BULK-DATA-QUEUE bandwidth remaining percent 10
match dscp af11 af12 af13 dbl
class-map match-all SCAVENGER-QUEUE class BULK-DATA-QUEUE
match dscp cs1 bandwidth remaining percent 4
dbl
class SCAVENGER-QUEUE
DBL can be enabled on a per-class basis, but
DBL can be enabled on a per-class basis, bandwidth remaining percent 1
should not be enabled on the PQ or Control
but should not be enabled on the PQ or Control traffic queues class class-default
traffic queues.
bandwidth remaining percent 25
Enabling DBL on UDP-based queues and/or Scavenger queue dbl
Enabling DBL on UDP-based queues and/or
is optional
Scavenger queue is optional service-policy output 1P7Q1T
Catalyst 4500 Campus QoS Design At-A-Glance
Agenda
Cisco Catalyst 6500 & 6800
QoS Design
QoS Roles in the Campus Core
Catalyst 6500/6800
Core Switches
Trust DSCP
+ Ingress Queuing
+ Egress Queuing
QoS Design Steps
1. Configure Ingress Queuing

Catalyst 6500 IOS C3PL trusts by default;

All Catalyst 6500-Sup2T
Cisco Catalyst 6500/6800 Queuing Models are detailed
in the Appendix
2P6Q4T (Ingress & Egress Queuing Models—DSCP-to-Queue
Application-Class DSCP 2P6Q4T
Ingress and Egress
queuing models
Network Control (CS7) Voice-PQ1 varies by line
EF card/module.
(Priority Level 1)
VoIP EF CS5 Video-PQ2

CS4 (Priority Level 2) Refer to the
Broadcast Video CS5 6500/6800 QoS
CS6 & CS7 Control/Mgmt Queue
Configuration Guide
CS2 & CS3 (5% BWR)
or data sheets to
Realtime Interactive CS4 Multimedia-Conferencing Queue ensure that you use
AF4 (20% BWR + DSCP-WRED) the proper queuing
Multimedia Streaming AF3 AF4
module for a given
Signaling CS3 AF3 Multimedia-Streaming Queue line card.
(20% BWR + DSCP-WRED)
Transactional Data AF2
AF2 Transactional Data Queue
Network Management CS2 (10% BWR + DSCP-WRED)
Bulk Data AF1 AF1 Bulk Data Queue

Scavenger CS1 CS1 (5% BWR + DSCP-WRED)
Default Queue
Best Effort DF DF
(WRED)
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/config_guide/sup2T/15_1_sy_swcg_2T/qos_policy_based_queueing.html
Unless specified otherwise, the
default C3PL class-map and
Cisco Catalyst 6500/6800—2P6Q4T Model policy-map type is qos
(classification, marking, policing)
Part 1 of 3—Common Ingress & Egress Queuing Class-Maps
class-map type lan-queuing match-all VOICE-PQ1 Class-maps and policy-maps
match dscp ef used for ingress and/or egress
class-map type lan-queuing match-all VIDEO-PQ2 queuing policies must be explicitly
match dscp cs4 cs5 configured as type lan-queuing
class-map type lan-queuing match-all CONTROL-MGMT-QUEUE
class-map type lan-queuing match-all MULTIMEDIA-CONFERENCING-QUEUE
class-map type lan-queuing match-all MULTIMEDIA-STREAMING-QUEUE
class-map type lan-queuing match-all TRANSACTIONAL-DATA-QUEUE
class-map type lan-queuing match-all SCAVENGER-BULK-DATA-QUEUE
match dscp cs1 af11 af12 af13
Note: A C3PL interface may support up to 4 QoS policies:

• service-policy type qos input
• service-policy type qos output
• service-policy type lan-queuing input
• service-policy type lan-queuing output
Cisco Catalyst 6500/6800—2P6Q4T Model
Part 2 of 3—2P6Q4T Queuing Policy-Map
Policy-map must be defined as type lan-queuing
policy-map type lan-queuing 2P6Q4T

class VOICE-PQ1
priority level 1 Enables egress Priority Queue 1 (highest level of service)
class VIDEO-PQ2
priority level 2 Enables egress Priority Queue 2 (can only be interrupted by PQ1)
class CONTROL-MGMT-QUEUE
bandwidth remaining percent 5 bandwidth remaining is required
class MULTIMEDIA-CONFERENCING-QUEUE (as PQ is enabled)
random-detect dscp af41 percent 80 100
random-detect dscp af43 percent 60 100 Tunes WRED to better align
class MULTIMEDIA-STREAMING-QUEUE to the AF PHB
…
Cisco Catalyst 6500/6800—2P6Q4T Model
Part 3 of 3—2P6Q4T Queuing Policy-Map (continued)
[continued]
class TRANSACTIONAL-DATA-QUEUE
random-detect dscp-based
class BULK-DATA-QUEUE
random-detect dscp cs1 percent 50 100
class class-default
random-detect dscp default percent 80 100
service-policy type lan-queuing input 2P6Q4T
service-policy type lan-queuing output 2P6Q4T
“type lan-queuing” must also be

specified in the service-policy statement
Cisco Catalyst 6500-Sup2T QoS Design At-A-Glance
Cisco Catalyst 6500-Sup720 QoS Design At-A-Glance
Agenda
Cisco Nexus 7000/7700
QoS Design
QoS Roles in the Campus Core

Campus Core Switches
Trust DSCP
+ Ingress Queuing
+ Egress Queuing
QoS Design Steps
1. Configure Ingress Queuing

NX-OS trusts by default;

Cisco Nexus 7700 (F3)
4Q1T Ingress Queuing (CoS-to-Queue) Model
Application DSCP CoS 4Q1T
Network Control (CS7) CoS 7

8e-4q8q-in-q1
Internetwork Control CS6 CoS 6 CoS 5 Bandwidth 30%
Queue-Limit 10 %
VoIP EF
CoS 5
Broadcast Video CS5
Multimedia Conferencing AF4 8e-4q8q-in-q-default

CoS 4 CoS 0 Bandwidth 25%
Realtime Interactive CS4 Queue-Limit 30%
Multimedia Streaming AF3
CoS 3 CoS 7
Signaling CS3
CoS 6
Transactional Data AF2 8e-4q8q-in-q3
CoS 4 Bandwidth 40%
CoS 2
Network Management CS2 CoS 3 Queue-Limit 30%
Bulk Data AF1 CoS 2

CoS 1
Scavenger CS1 8e-4q8q-in-q4
CoS 1 Bandwidth 5%
Best Effort DF DF Queue-Limit 30%
4Q1T Ingress Queuing (DSCP-to-Queue) Model
Application DSCP 4Q1T
Network Control (CS7)

EF
8e-4q8q-in-q1
Internetwork Control CS6 CS5 Bandwidth 30%
CS4 Queue-Limit 10%
VoIP EF
Broadcast Video CS5
Multimedia Conferencing AF4 8e-4q8q-in-q-default

DF Bandwidth 25%
Realtime Interactive CS4 Queue-Limit 30%
CS7
Signaling CS3 CS6
Transactional Data AF2 AF4 8e-4q8q-in-q3
AF3 Bandwidth 40%
Network Management CS2 CS3 Queue-Limit 30%
AF2
Bulk Data AF1 CS2
Scavenger CS1 AF1 8e-4q8q-in-q4
Bandwidth 5%
Best Effort DF CS1 Queue-Limit 30%
Similar to C3PL, NX-OS allows for multiple types of
QoS policies:
Cisco Nexus 7700 (F3) • type qos for classification, marking and policing
• type queuing for ingress and egress queuing
Part 1 of 2: 4Q1T-Ingress Queuing Class-Maps
class-map type queuing match-any 8e-4q8q-in-q1
match cos 5
no match dscp 40-63 NX-OS has (non-configurable) system-defined names
match dscp 32, 40, 46 for queuing class-maps
match cos 2-4, 6-7
match dscp 16, 18, 20, 22
match dscp 24, 26, 28, 30 Undesired default DSCP-to-Ingress Queue mappings
match dscp 34, 36, 38 need to be explicitly removed
match dscp 48, 56
match cos 1
match dscp 8, 10, 12, 14
class-map type queuing match-any 8e-4q8q-in-q-default
match cos 0
Part 2 of 2: 4Q1T-Ingress Queuing Policy-Map
policy-map type queuing CAMPUS-F3-4Q1T-INGRESS
class type queuing 8e-4q8q-in-q1 Used for Data Centre Bridging
bandwidth percent 30 Exchange (DCBX) to advertise
queue-limit percent 10 QoS capabilities to any DCB-peers
class type queuing 8e-4q8q-in-q-default
bandwidth percent 25 Q2 is the Default Queue
queue-limit percent 30
class type queuing 8e-4q8q-in-q3
bandwidth percent 40
queue-limit percent 30 Allocates buffers to queues
class type queuing 8e-4q8q-in-q4
bandwidth percent 5
queue-limit percent 30
interface Ethernet 1/1-24

service-policy type queuing input CAMPUS-F3-4Q1T-INGRESS
1P7Q1T Egress Queuing (CoS-to-Queue) Model
Application DSCP CoS 1P7Q1T
Network Control (CS7) CoS 7

CoS 5 8e-4q8q-out-q1
Internetwork Control CS6 CoS 6 PQ-Shaped to 30%
VoIP EF 8e-4q8q-out-q2
CoS 5 CoS 7
BWR 5%
Broadcast Video CS5
8e-4q8q-out-q3
Multimedia Conferencing AF4 CoS 6 BWR 5%
CoS 4
Realtime Interactive CS4
Multimedia Streaming AF3 BWR 20%
CoS 3
Signaling CS3 8e-4q8q-out-q5
CoS 3 BWR 20%
CoS 2
Network Management CS2 BWR 15%
Bulk Data AF1 8e-4q8q-out-q7

CoS 1 CoS 1
BWR 10%
Scavenger CS1
8e-4q8q-out-q-default
Best Effort DF DF CoS 0 BWR 25%
Part 1 of 2: 1P7Q1T Egress Queuing Class-Maps
class-map type queuing match-any 8e-4q8q-out-q1
match cos 5
match cos 7
match cos 6
match cos 4
match cos 3
match cos 2
match cos 1
Note: These are the default CoS-to-Queue mappings.

As such, this step is optional
(unless current settings are non-default).
Part 2 of 2: 1P7Q1T Egress Queuing Policy-Map
policy-map type queuing CAMPUS-F3-1P7Q1T-EGRESS
class type queuing 8e-4q8q-out-q1
priority level 1
shape average percent 30
class type queuing 8e-4q8q-out-q6 Note: Queue-Limits are not supported in egress direction
class type queuing 8e-4q8q-out-q-default
interface Ethernet 1/1-24
service-policy type queuing output CAMPUS-F3-1P7Q1T-EGRESS
Cisco Nexus 7700 QoS Design At-A-Glance
Agenda
Campus WLAN QoS Design
Considerations
and Best Practices
The Case for Wireless QoS
• QoS is like a chain

• It’s only as strong as its weakest link
• the WLAN is one of the weakest links in
enterprise QoS designs for three primary reasons:
1) Typical downshift in speed (and throughput)
2) Shift from full-duplex to half-duplex media
3) Shift from a dedicated media to a shared media
• WLAN QoS policies control both jitter and packet loss

Wireless QoS-Specific Limitations
• No priority servicing
LAN QoS WLAN QoS
• No bandwidth guarantees
• Non-deterministic media access
• Only 4 levels of service
WLAN QoS Improvements Quantified
Application Original Metric Improved Metric Percentage
Improvement
Voice 15 ms max jitter 5 ms max jitter 300%
3.92 MOS 4.2 MOS
(Cellular Quality) (Toll Quality)
Video 9 fps 14 fps 55%
Visual MOS: Visual MOS:
Good Excellent
Transactional Data 14 ms latency 2 ms latency 700%
http://www.cisco.com/en/US/prod/collateral/wireless/cisco_avc_application_improvement.pdf
Know Your Tools
• IEEE 802.11
• User Priorities (UP)
• Access Categories (AC)
• Arbitration Inter-frame Spacing (AIFS)
• Contention Windows (CW)
• Enhanced Distributed Coordination Function (EDCF)
• DSCPUP Mapping
• Trust Boundaries
• Policy-Enforcement Points
• Application Visibility and Control (AVC)
IEEE 802.11 User Priority (UP)
3 Bit Field allows for UP values 0-7

IEEE 802.11 UP Values and Access Categories
802.11e 802.11e WMM Cisco AireOS WLC
UP Value Access Category Designation Designation
7 AC_VO Voice Platinum
6
5 AC_VI Video Gold
4
3 AC_BE Best Effort Silver
0
2 AC_BK Background Bronze
1
IEEE 802.11 Arbitration Inter-Frame Spacing (AIFS)
and Contention Windows (CW)
• due to the nature of wireless as a shared media, a Congestion Avoidance algorithm (CSMA/CA) must be utilized
• wireless senders have to wait a fixed amount of time (the AIFS)
• wireless senders also have to wait a random amount of time (the Contention Window)
• AIFS and Contention Window timers vary by Access Category
Access AIFS CWmin CWmax

Category (Slot Times) Access Category (Slot Times) (Slot Times)
Voice 2 Voice 3 7
Video 2 Video 7 15
Best Effort 3 Best-Effort 15 1023

Background 7 Background 15 1023
EDCF Operation
Round 1 Round 2 Round 3

Voice 2+1=3 2+3=5 2+2=4
Video 2+1=3 2+7=9 2+1=3
Best Effort 3+1=4 3+15=3 3+15=18
Background 7+1=8 7+15=22 7+15=22
Collision Voice Video

Downstream DSCP-to-UP Default Mapping
3-Bit UP 6-Bit DSCP

802.11 Frame CAPWAP Packet IP Packet
UP DSCP DSCP DSCP DSCP

Default DSCP-to-UP Mapping Table
DSCP 802.11 UP WLC QoS Profile
56-63 7 Platinum
(Voice)
48-55 6
IETF PHB for VoIP: EF 40-47 46 5 Gold
(Video)
32-39 4
24-31 3 Silver
(Best Effort)
0-7 0
16-23 2 Bronze
(Background)
8-15 1
Per RFC 4594 & 3246

Default IETF DSCP to IEEE 802.11 UP Mapping
Sub-Optimal QoS Design Example
4-Class Enterprise Model Four-Class Wireless Model
Based on IETF 4594
DSCP Based on IEEE 802.11e
UP 7 Voice
Voice EF Access
UP 6 Category
UP 5 Video
Signaling CS3 Access
UP 4 Category
UP 3 Best Effort
Transactional Data AF2 Access
UP 0 Category
Background
UP 2
Best Effort DF Access
UP 1
Category
Downstream DSCP-to-UP Mapping Model
Ratified Cisco Consensus Model (June 2015)
RFC 4594-Based Model DSCP IEEE 802.11 Model

Remark /
• Plugs potential security Network Control (CS7) Drop
if not in UP 7 Voice
vulnerabilities Internetwork Control CS6
use Access
• Provides distinction
Voice + DSCP-Admit EF + 44 UP 6 Category
between elastic and Broadcast Video CS5
inelastic video classes Multimedia Conferencing AF4 UP 5 Video
• Aligns RFC 4594 Realtime Interactive CS4 Access
recommendations into the
UP 4 Category
IEEE 802.11 model
Signaling CS3
UP 3 Best Effort
• Requires several custom Transactional Data AF2 Access
DSCP-to-UP mappings
OAM CS2 UP 0 Category
Bulk Data AF1
Scavenger CS1 UP 2 Background

Access
Best Effort DF UP 1 Category
Upstream UP-to-DSCP Default Mapping
DSCP UP DSCP DSCP DSCP
Key Point:
Radio Upstream
QoS requires the
device to set UP
markings correctly
3-Bit UP 6-Bit DSCP First 3 Bits are copied
Last 3 Bits are zeroed-out
Upstream DSCP Trust Model
DSCP UP DSCP DSCP DSCP
6-Bit DSCP 6-Bit DSCP All 6 Bits are copied

IETF Draft on
DSCPUP Mapping
• Reconciles RFC 4594 with
IEEE 802.11
• Summarises our internal
consensus on DSCP-to-UP
mapping
• Advocates DSCP-trust in the
upstream direction
(vs. UP-to-DSCP mapping)
https://tools.ietf.org/html/draft-szigeti-tsvwg-ieee-802-11-00
Cisco WLAN QoS Design At-A-Glance
Agenda
Cisco IOS XE WLC
AVC/QoS Design
Cisco IOS XE WLC
QoS Roles in the Wireless LAN Centralised Deployment Model
CAPWAP Tunnel
• IOS XE WLCs can be deployed
in either a Centralised or a
Converged Access Deployment CT5760 WLC
Model Trust Boundary

PEP
• In either model:
• Trust Boundary is at the AP Converged Access Deployment Model
• PEP is at the AP
CAPWAP Tunnel
Catalyst
3650/3850
Or 4500-Sup8
Trust Boundary
PEP
Cisco IOS XE WLC
AVC/QoS Design Steps
1. Enable Application Visibility
a) Create a Flow Record
b) (Optional) Create a Flow Exporter
c) Create a Flow Monitor
d) Apply the Flow Monitor to the WLAN
2. Configure a AVC Policy

3. Configure a AFD Policy
4. Configure Custom DSCPUP Table Maps + Upstream DSCP-Trust
WHAT you want to MONITOR
Cisco IOS XE WLC

WHERE you want to SEND
Enabling Application Visibility
Step 1: Create a Flow Record Step 2: (Optional) Create a Flow Exporter
flow record AVC-FLOW-RECORD flow exporter AVC-FLOW-EXPORTER Note: Lancope collects
description BASIC-AVC-FLOW-RECORD destination 10.10.10.10 Netflow on port 2055
match ipv4 protocol transport udp 2055
match ipv4 source address Note: Cisco Prime
destination 10.20.20.20
match ipv4 destination address Infrastructure collects
transport udp 9991
match transport source-port Netflow on port 9991
match transport destination-port Step 3: Create a Flow Monitor COMBINE
match flow direction flow monitor AVC-FLOW-MONITOR (WHAT with WHERE)
match application name record AVC-FLOW-RECORD
match wireless ssid exporter AVC-FLOW-EXPORTER
collect counter bytes long
collect counter packets long
Step 4: Apply the Flow Monitor to the WLAN
collect wireless ap mac address wlan EMPLOYEE-WLAN
collect wireless client mac address ip flow monitor AVC-FLOW-MONITOR input
ip flow monitor AVC-FLOW-MONITOR output
Specifies
WHICH interface and
WHAT you want to COLLECT
WHICH direction
Match protocol enables NBAR2 classification
Cisco IOS XE WLC Note: Only 4 match protocol statements are supported per class-map
Configuring AVC-Based QoS Policies policy-map AVC-MARKING

class VOICE
class-map match-any VOICE set dscp ef
match protocol cisco-phone class BROADCAST-VIDEO
class-map match-any BROADCAST-VIDEO set dscp cs5
match protocol cisco-ip-camera class REAL-TIME-INTERACTIVE
class-map match-any REAL-TIME-INTERACTIVE set dscp cs4
match protocol telepresence-media class CALL-SIGNALING
class-map match-any CALL-SIGNALING set dscp cs3
match protocol skinny class TRANSACTIONAL-DATA
match protocol telepresence-control set dscp af21
class-map match-any TRANSACTIONAL-DATA class BULK-DATA
match protocol citrix set dscp af11
match protocol sap class SCAVENGER
class-map match-any BULK-DATA set dscp cs1
match protocol attribute category email class class-default
match protocol attribute category file-sharing set dscp default
match protocol attribute sub-category backup-systems
Note: Multiple
Note: Multiple application
application protocols
protocols can
can be
be
class-map match-any SCAVENGER
identified using
identified using attributes,
attributes, including:
including:
match protocol attribute category gaming
•• category
category
match protocol attribute application-group skype-group
•• sub-category
sub-category
•• application-group
application-group
More to come!
IOS XE Approximate Fair Drop (AFD)
Policer Voice Queue Strict

Priority
Policer Video Queue
Client VQ SSID VQ Radio VQ Weighted

Scheduling
Min or Max BW
Allocation Data Queue
Default Shaper Radio Agg
Default Shaper
AFD BLOCK
Policer Multicast Queue
Wireless Port Egress Queuing

IOS XE WLC AFD
2P2Q+Approximate Fair Drop (AFD) Wireless Port Egress Queuing Model
Application Classes DSCP 2P2Q with AFD
EF Q0
Voice EF CS6 Priority Level 1
CS3 (Limited to 10% of BW)
Q1
Interactive Video AF4 AF4 Priority Level 2
(Limited to 20% of BW)
Network Control CS6
Signaling CS3 AF1
AF2 Q2
Bulk Data AF1
Unicast-
Non-Realtime Queue
CS1
(63% BWR)
DF
Scavenger CS1
Q3
Multicast Non-Realtime Queue
Best Effort DF (7% BWR)
IOS XE WLC AFD
2P2Q+AFD Wireless Port Egress Queuing Config
class-map match-any REALTIME-1
match dscp ef
match dscp cs6
Note: This policy is applied automatically to all wireless ports.
match dscp cs3
Therefore, no explicit service-policy command is required
class-map match-any REALTIME-2
to attach the policy to a wireless interface(s).
match dscp af41
match dscp af42
match dscp af43
policy-map port_child_policy
class non-client-nrt-class System-defined (but configurable) queuing policy
bandwidth remaining ratio 7
class REALTIME-1
priority level 1 System defined queue for multicast wireless traffic
police rate percent 10 conform-action transmit exceed-action drop
class REALTIME-2
priority level 2 Two-levels
Two-levels of
of priority
priority queuing
queuing are
are supported
supported
police rate percent 20 conform-action transmit exceed-action drop
class class-default
bandwidth remaining ratio 63
Default unicast queue (non-priority queue)
IOS-XE WLC QoS Design
Step 4) Configure Custom Table Maps – Part 1 of 2
Table Map DSCP_TO_DSCP DSCP-to-DSCP is used for upstream from wireless,
from 8 to 8 to verify that only standard DSCP values are forwarded to the LAN
from 10 to 10
from 12 to 12
from 14 to 14
from 16 to 16
from 18 to 18
from 20 to 20
from 22 to 22
from 24 to 24
from 26 to 26
from 28 to 28 policy-map TRUST-SSID-IN
from 30 to 30 class class-default
from 32 to 32 set dscp dscp table DSCP_TO_DSCP
from 34 to 34
from 36 to 36 This policy trusts RFC 4594 DSCPs received from the client
from 38 to 38 and bleaches (zeroes-out) all other non-standard DSCP values
from 40 to 40
from 44 to 44
from 46 to 46
default ignore
IOS-XE WLC QoS Design
Step 4) Configure Custom Table Maps – Part 2 of 2
Table Map DSCP_TO_UP policy-map QUEUING-SSID-CHILD DSCP_TO_UP Mapping
from 8 to 1 class VOICE-PQ1
aligns IETF (RFC 4594)
from 10 to 2 priority level 1
police cir 6000000 bc 187500
with IEEE (802.11) for
from 12 to 2
from 14 to 2 conform-action transmit downstream flows.
from 16 to 0 exceed-action drop
from 18 to 3 admit cac wmm-tspec
from 20 to 3 rate 1500 (kbps)
from 22 to 3 wlan-up 6
from 24 to 4 class VIDEO-PQ2
from 26 to 4 priority level 2
from 28 to 4 police cir 6000000 bc 187500
from 30 to 4 conform-action transmit
from 32 to 5 exceed-action drop
from 34 to 4
from 36 to 4 policy-map QUEUING-SSID Standard DSCPs are
from 38 to 4 class class-default preserved (via table-map
from 40 to 5 set dscp dscp table DSCP_TO_DSCP from previous slide)
from 44 to 6 set wlan user-priority dscp table DSCP_TO_UP
from 46 to 6 bandwidth remaining ratio 100 UP markings are derived
default 0 service-policy APIC_EM-QUEUING-SSID-CHILD from DSCP_TO_UP Map
Cisco IOS XE QoS Design At-A-Glance
Agenda
Cisco AireOS WLC
AVC/QoS Design
Cisco AireOS WLC
QoS Roles in the Wireless LAN
• Customisable DSCPUP Mappings (introduced in AireOS 8.1MR)

modify the QoS Roles of the AP and WLC:
• Trust Boundary moves to the AP
• PEP remains at the WLC
Centralised Deployment Model
CAPWAP Tunnel
AireOS WLC
Trust Boundary
PEP
With AireOS 8.1MR+ the
trust-boundary can be
extended to the AP
Cisco AireOS WLC
QoS Design Steps
1. Select and Tune the WLAN QoS Profile
2. Configure an AVC Profile
3. Apply the QoS and AVC Profile to the WLAN and Enable Application Visibility
4. Modify default DSCP-to-UP mappings and enable Upstream DSCP-Trust
AireOS WLC
Tuning QoS Profiles
• QoS Profiles are applied to both upstream
& downstream flows on egress
• The WLAN QoS Profile defines:
WLAN Maximum Priority
• It recommended to set the Maximum
Priority to voice on multiservice WLANs
Unicast and Multicast Default Priority
• Typically these values are
recommended to be set to best effort
• QoS Profiles override/control

AVC Profiles
The WLAN Maximum Priority is a DSCP and UP Marking Ceiling

If you want to preserve voice markings, then you *MUST* set
this to voice
AireOS WLC
Creating AVC Profiles
• AVC Profiles are applied to both
upstream and downstream flows
on WLC ingress
• an AVC Profile can contain a
maximum of 32 application rules
• AVC profiles can be overridden
by QoS Profiles
• So be sure to align these!
AireOS WLC
Attaching QoS and AVC Profiles and Enabling AVC
• Select the desired QoS and AVC Profiles to apply to the WLAN
• Check the box to enable Application Visibility
AireOS QoS Policy Deployment
Step 4) Configure Downstream DSCP-to-UP Mapping and
Enable Upstream DSCP-Trust—Configuration (Part 1 of 2)
Step 1: Disable the Current QoS Map
(Cisco WLC) > config qos qosmap disable
Step 2: Configure the UP-to-DSCP Maps

(Cisco WLC) > config qos qosmap up-to-dscp-map 0 0 0 63
(Cisco WLC) > config qos qosmap up-to-dscp-map 1 8
Step 3: Configure DSCP-to-UP Mapping Exceptions
(Cisco Controller) > config qos qosmap dscp-to-up-exception 46 6
Step 4: Enable DSCP-Trust, the New Qos Maps and the 802.11 Networks
(Cisco Controller) > config qos qosmap trust-dscp-upstream enable
(Cisco Controller) > config qos qosmap enable
Enables Upstream DSCP-Trust

Cisco AirOS QoS Design At-A-Glance
Cisco AirOS QoS Mapping At-A-Glance
Agenda
What are we doing to
make this simpler?
The Why / How / What of Enterprise Networking
Cisco
Enterprise
Vision
Why Transform our customers’ businesses

through powerful yet simple networks.
How What
AutoQoS SRND4 At-A-Glance
EasyQoS Solution
Applications can interact with APIC-EM via Northbound
APIs, informing the network of application-specific and
dynamic QoS requirements
Network Operators express high-level

business-intent to APIC-EM EasyQoS
EM
Southbound APIs translate
business-intent to platform-
specific configurations
Wireless AP ASR/ISRs Wireless AP

Trust Boundary MQC Trust Boundary
PEP Catalyst 4500 Nexus 7700 PEP
4Q (WMM) 1P7Q1T F3: 1P7Q1T 4Q (WMM)
Catalyst 3650 Catalyst 6500 WLC Catalyst 2960-X

Trust Boundary 1P3Q4T PEP Trust Boundary
PEP 1P7Q4T PEP
2P6Q3T 2P6Q4T 1P3Q3T
…
Deploy End-to-End DSCP-Based Queuing Policies
EasyQoS seamlessly interconnects all types of
hardware and software queuing models to achieve
consistent and compatible end-to-end treatments
aligned with the expressed business-intent
EM
Apple/Cisco
Fastlane for iOS Solution
Coming Soon… Will include “AutoQoS for AirOS”
Agenda
Summary & References
Key Takeaways
• Start by defining your QoS Strategy
• Campus QoS is needed primarily to control packet drops
• WLAN QoS is needed to control both jitter and packet drops
• Know your QoS toolset, as this varies platform-to-platform
• Cisco provides many At-A-Glance guides to get you up and running quickly
• Cisco also provides Cisco Validated Design guides for more detail
• Cisco is continuing to focus on simplifying QoS solutions
Campus QoS Design 4.0—In-Depth
Comprehensive Design Chapters
• Enterprise Quality of Service Design 4.0
http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_S
RND_40/QoSIntro_40.html
• Campus QoS Design 4.0
http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_S
RND_40/QoSCampus_40.html
• WLAN QoS Design (BYOD CVD)
http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/
Unified_Access/BYOD_Design_Guide/BYOD_AVC.html
Recommended Reading
End-to-End QoS (v2)
• Release Date: Jan 2014
• Page Count: 1040
• Comprehensive QoS design
guidance for PINs and platforms:
• Campus Catalyst 3750/4500/6500
• WLAN WLC 5508 / Catalyst 3850 NGWC
• Data Center Nexus 1000V/2000/5500/7000
• WAN & Branch Cisco ASR 1000 / ISR G2
• MPLS VPN Cisco ASR 9000 / CRS-3
• IPSec VPNs Cisco ISR G2
• ISBN: 1-58714-369-0
http://www.amazon.com/End---End-QoS-Network-Design/dp/1587143690/
Recommended Reading
End-to-End QoS (v2)
Amazon.com
• ReleaseOverall
Date:Rating:
Jan 2014
“The best ever book on QoS on the market. Bravo to the author.”
• Page Count: 1040
“AWESOME RESUME OF QoS TECHNOLOGIES”
• Comprehensive QoS design
“I strongly recommend this book to anyone working with Cisco infrastructure.”
guidance for PINs and platforms:
“This book
• is an all-encompassing
Campus Catalystpresentation
3750/4500/6500
and tutorial on Cisco Quality of
Service (QoS)”
• WLAN WLC 5508 / Catalyst 3850 NGWC
“QoS is •intimidating; however, Nexus
Data Center this book 1000V/2000/5500/7000
is a tremendous resource that will ease
your anxiety.”
• WAN & Branch Cisco ASR 1000 / ISR G2
“This book is kept in my cubicle and is already filled with highlights, notes in the
margin, •andMPLS VPN Cisco
many dog-eared pages.” ASR 9000 / CRS-3
• IPSec VPNs Cisco ISR G2
“QOS is often misunderstood, and he explains it very well. The explanations are
thorough to help understand each case”
• ISBN: 1-58714-369-0
http://www.amazon.com/End---End-QoS-Network-Design/dp/1587143690/
Participate in the “My Favorite Speaker” Contest
Promote Your Favorite Speaker and You Could Be a Winner
• Promote your favorite speaker through Twitter and you could win $200 of Cisco
Press products (@CiscoPress)
• Send a tweet and include
• Your favorite speaker’s Twitter handle @tim_szigeti
• Two hashtags: #CLUS #MyFavoriteSpeaker
• You can submit an entry for more than one of your “favorite” speakers
• Don’t forget to follow @CiscoLive and @CiscoPress
• View the official rules at http://bit.ly/CLUSwin
Q&A
Complete Your Online Session Evaluation
Give us your feedback and receive a
Cisco 2016 T-Shirt by completing the
Overall Event Survey and 5 Session
Evaluations.
– Directly from your mobile device on the Cisco Live
Mobile App
– By visiting the Cisco Live Mobile Site
http://showcase.genie-connect.com/ciscolivemelbourne2016/
– Visit any Cisco Live Internet Station located
throughout the venue
Learn online with Cisco Live!
T-Shirts can be collected Friday 11 March Visit us online after the conference
for full access to session videos and
at Registration presentations.
www.CiscoLiveAPAC.com
Thank you
Appendix
Catalyst 6500 Queuing Models
Catalyst 65xx-E / 6807-XL with Sup2T
Ingress & Egress Queueing Models
• Ingress Queue Structures
• 1Q8T CoS to Queue Mapping CoS-based Tail-Drop
• 8Q4T DSCP to Queue Mapping DSCP-based WRED
• 8Q8T CoS to Queue Mapping CoS-based WRED
• 1P7Q2T DSCP to Queue Mapping DSCP-based WRED
• Ingress & Egress Queue Structures

• 2P6Q4T DSCP to Queue Mapping DSCP-based WRED
• Egress Queue Structures

• 1P3Q8T CoS to Queue Mapping Cos-based WRED
• 1P3Q4T CoS to Queue Mapping CoS-based WRED
• 1P7Q4T DSCP to Queue Mapping DSCP-based WRED*
• 1P7Q8T CoS to Queue Mapping CoS-based WRED
* 1P7Q4T can be implementing as an alternate ingress queueing structure to 2P6Q4T on some linecards, but we have chosen to
implement the 2P6Q4T instead with Easy-Qos, as it is a superior queueing structure and consistent with the Catalyst 3650/3850.
1Q8T – Ingress Queueing
CoS to Queue Mapping
CoS-based Tail-Drop
1Q8T Ingress Queueing Linecards
• WS-X6704-10GE with CFC

• WS-X6724-SFP with CFC
• WS-X6748-SFP and WS-X6748-GE-TX with CFC
Cisco Catalyst 65xx-E/6807-XL with Sup2T
1Q8T Ingress Queuing Models—CoS-to-Queue Mapping with COS-based Tail-Drop
Application-Class DSCP CoS 1Q8T
CoS 7 Q1T8—100%
CoS 7
Internetwork Control CS6 CoS 6
Q1T7—95%
VoIP EF CoS 6
CoS 5
Broadcast Video CS5
Q1T6—90%
CoS 5
CoS 4
Q1T5—85%
CoS 4
CoS 3 Q1T4—80%
Signaling CS3 CoS 3
CoS 2 Q1T3—75% All noted thresholds are
Network Management CS2 CoS 2
tail-drop thresholds
Bulk Data AF1 Q1T2—70%

CoS 1 CoS 0
Scavenger CS1
Q1T1—65%
Best Effort DF CoS 0 CoS 1
Cisco Catalyst 65xx-E/6807-XL—1Q8T Ingress Model
policy-map type lan-queuing APIC_EM-QUEUING-1Q8T-IN

class class-default Un-configured CoS values default to
queue-limit cos 7 percent 100 threshold 8 which is 100%. May not
queue-limit cos 6 percent 95
need to configure the CoS 7 value, as
this should default to 100%.
However, it is shown here for
queue-limit cos 2 percent 75 completeness.
queue-limit cos 0 percent 70 Recommend to explicitly configure it.
Interface GigabitEthernet1/1
service-policy type lan-queuing input APIC_EM-QUEUING-1Q8T-IN
CoS-based Tail-Drop
• VS-S2T-10G and VS-S2T-10G-XL with Gigabit Ethernet ports enabled

• Applies to all ports on the Supervisor 2T
2Q4T Ingress Queuing Models—CoS-to-Queue Mapping
Network Control (CS7) CoS 7 Q2 40% BW

CoS 7
VoIP EF CoS 6
CoS 5
Broadcast Video CS5
CoS 5
CoS 4
CoS 4
CoS 3
Signaling CS3 CoS 3 Q1 60% BW

CoS 2
Bulk Data AF1

CoS 1 CoS 0
Scavenger CS1

2Q4T Ingress Queuing Models—CoS-to-Queue Mapping with CoS-based Tail-Drop
CoS 7 Q2T4—100%
CoS 7
Q2T3—95%
VoIP EF CoS 6
CoS 5
Broadcast Video CS5 Q2T2—90%
CoS 5
CoS 4 Q2 40% BW
Q2T1—85%
CoS 4
CoS 3 Q1T4—100%

CoS 2 Q1T3—95%
Network Management CS2 CoS 2 All noted thresholds are
tail-drop thresholds
Q1T2—90%
Bulk Data AF1
CoS 1 Cos 0
Scavenger CS1
Q1T1—85%
Best Effort DF CoS 0 CoS1
class-map type lan-queuing match-all APIC_EM-Q2-2Q4T-QUEUE
match cos 7 6 5 4
policy-map type lan-queuing APIC_EM-QUEUING-2Q4T-IN Un-configured CoS values

default to threshold 8 which is
class APIC_EM-Q2-2Q4T-QUEUE
100%. May not need to
bandwidth percent 40 configure the CoS 7 or CoS 3
queue-limit cos 7 percent 100 values, as this should default to
queue-limit cos 6 percent 95 100%, but is shown here for
queue-limit cos 5 percent 90 completeness.
queue-limit cos 4 percent 85 Recommend explicitly
class class-default configuring thresholds however.
interface GigabitEthernet1/3/1
interface TenGigabitEthernet1/3/4
CoS-based Tail-Drop
• WS-X6724-SFP with DFC4/DFC4XL upgrade (WS-F6k-DFC4-A, WS-F6k-DFC4-AXL)
• WS-X6748-SFP and WS-X6748-GE-TX with DFC4/DFC4XL upgrade (WS-F6k-DFC4-
A, WS-F6k-DFC4-AXL)
• WS-X6824-SFP-2T and WS-X6824-SFP-2TXL
• WS-X6848-SFP-2T, WS-X6848-SFP-2TXL, WS-X6848-TX-2T and WS-X6848-TX-
2TXL
2Q8T Ingress Queuing Models—CoS-to-Queue Mapping
Network Control (CS7) CoS 7 Q2 40% BW

CoS 7
VoIP EF CoS 6
CoS 5
Broadcast Video CS5
CoS 5
CoS 4
CoS 4
CoS 3

CoS 2
Bulk Data AF1

CoS 1 CoS 0
Scavenger CS1

2Q8T Ingress Queuing Models—CoS-to-Queue Mapping with CoS-based Tail-Drop
CoS 7 Q2T4—100%
CoS 7
Q2T3—95%
VoIP EF CoS 6
CoS 5
Broadcast Video CS5 Q2T2—90%
CoS 5
CoS 4 Q2 40% BW
Q2T1—85%
CoS 4
CoS 3 Q1T4—100%

CoS 2 Q1T3—95%
All noted thresholds are
Q1T2—90% tail-drop thresholds
Bulk Data AF1
CoS 1 Cos 0
Scavenger CS1
Q1T1—85%
Best Effort DF CoS 0 CoS1
match cos 7 6 5 4
policy-map type lan-queuing APIC_EM-QUEUING-2Q8T-IN

bandwidth percent 40 Un-configured CoS values
queue-limit cos 7 percent 100 default to threshold 8 which is
queue-limit cos 6 percent 95 100%. May not need to
queue-limit cos 5 percent 90 configure the CoS 7 or CoS 3
queue-limit cos 4 percent 85 values, as this should default to
class class-default 100%.
queue-limit cos 2 percent 95 Recommend explicitly configuring
queue-limit cos 0 percent 90 thresholds
8Q4T – Ingress
Queueing
DSCP to Queue Mapping
DSCP-based WRED
• VS-S2T-10G, VS-S2T-10G-XL with Gigabit Ethernet ports disabled*

• WS-X6908-10G-2T, WS-X6908-10G-2TXL
• WS-X6816-10T-2T, WS-X6816-10T-2TXL, WS-X6816-10G-2T, WS-X6816-
10G-2TXL in performance mode
• WS-X6716-10G-3C, WS-X6716-10G-3CXL, WS-X6716-10T-3C, WS-X6716-
10T-3CXL with a DFC4 or DFC4XL upgrade (WS-F6k-DFC4-E, WS-F6k-
DFC4-EXL) in performance mode)
* Potentially similar behavior with the Sup2T ports as seen in slides #25 & #26
How to Disable or Display the State of GigabitEthernet
Interfaces on the Sup2T
o23-6500-1(config)#platform qos 10g-only Global command disables GigabitEthernet interfaces on the
Sup2T.
o23-6500-1#show platform qos module 3

QoS is enabled globally
Port QoS is enabled globally
QoS serial policing mode enabled globally
Global command to show whether the
Distributed Policing is Disabled GigabitEthernet interfaces on the Sup2T
Secondary PUPs are enabled are enabled or disabled
QoS Trust state is DSCP on the following interface:
EO0/2 Gi1/1 Gi1/2 Gi1/3 Gi1/4 Gi1/5 Gi1/6 Gi1/7 Gi1/8 Gi1/9
Gi1/10 Gi1/11 Gi1/12 Gi1/13 Gi1/14 Gi1/15 Gi1/16 Gi1/17 Gi1/18 Gi1/19
Gi1/40 Gi1/41 Gi1/42 Gi1/43 Gi1/44 Gi1/45 Gi1/46 Gi1/47 Gi1/48 Te2/1
Te2/2 Te2/3 Te2/4 Te2/5 Te2/6 Te2/7 Te2/8 Gi3/1 Gi3/2 Gi3/3
Te3/4 Te3/5 Te5/1 Te5/2 Te5/3 Te5/4 Te5/5 Te5/6 Te5/7 Te5/8
Te5/9 Te5/10 Te5/11 Te5/12 Te5/13 Te5/14 Te5/15 Te5/16 Te6/1 Te6/2
Te6/3 Te6/4 CPP CPP.1 Vl1 GigabitEthernet interfaces on the
QoS 10g-only mode supported: Yes [Current mode: Off] Sup2T are currently enabled
Global Policy-map: ingress[]
…
How to Enable or Display Performance Mode on Linecards
Global command enables
performance mode on a port
o23-6500-1(config)#no hw-module slot 5 oversubscription port-group 4 group of a linecard
o23-6500-1#show hw-module slot 5

oversubscription
port-group oversubscription-mode
1 enabled
2 enabled
3 enabled
4 disabled
Global command to show whether the
oversubscription is enabled or disabled
(performance mode) per port group of a
linecard
8Q4T Ingress Queuing Models—DSCP-to-Queue Mapping
8Q4T
Application-Class DSCP
EF Realtime Queue
Network Control (CS7) CS5 (10% BW)
CS4
CS7
VoIP EF
CS6 Control Queue
Broadcast Video CS5 CS3 (10% BW)
CS2
AF4
Realtime Interactive CS4 Multimedia-Conferencing Queue
(20% BW + DSCP-WRED)
AF3 Multimedia-Streaming Queue
Signaling CS3 (20% BW + DSCP-WRED)
Transactional Data AF2 AF2 Transactional Data Queue

AF1 Bulk Data Queue
Bulk Data AF1 (4% BW + DSCP-WRED)
Scavenger CS1 CS1 Scavenger Queue (1% BW)
Best Effort DF Default Queue

DF
8Q4T
8Q4T Ingress Queuing Models—
EF
DSCP-to-Queue with DSCP-WRED CS5
Realtime Queue All noted thresholds are
(10% BW) Min WRED thresholds
Application-Class DSCP CS4
Network Control (CS7) CS7 All max WRED thresholds

CS6 Control-Plane Queue Are set to 100%
Internetwork Control CS6 CS3 (10% BW)
CS2
VoIP EF
AF41 Q6T3—80%
Broadcast Video CS5 Multimedia-Conferencing Queue
AF42 Q6T2—70% (20% BW + DSCP-WRED)
Multimedia Conferencing AF4 AF43
Q6T1—60%
Q5T3—80% Multimedia-Streaming Queue
AF31
Multimedia Streaming AF3 AF32 (20% BW + DSCP-WRED)
Q5T2—70%
AF33
Signaling CS3 Q5T1—60%
Transactional Data AF2 AF21 Q4T3—80%

AF22 Q4T2—70% Transactional Data Queue
Network Management CS2 AF23 Q4T1—60%
Bulk Data AF1 AF11 Q3T3—80%

AF12 Q3T2—70% Bulk Data Queue
Scavenger CS1 (4% BW + DSCP-WRED)
AF13 Q3T1—60%
Best Effort DF
CS1 Scavenger Queue (1% BW)
DF Default Queue
Cisco Catalyst 65xx-E/6807-XL —8Q4T Ingress Model
class-map type lan-queuing match-all APIC_EM-REALTIME-8Q4T-QUEUE
match dscp cs4 cs5 ef
class-map type lan-queuing match-all APIC_EM-CONTROL-8Q4T-QUEUE
class-map type lan-queuing match-all APIC_EM-MM_CONF-8Q4T-QUEUE
class-map type lan-queuing match-all APIC_EM-MM_STREAM-8Q4T-QUEUE
class-map type lan-queuing match-all APIC_EM-TRANS_DATA-8Q4T-QUEUE
class-map type lan-queuing match-all APIC_EM-BULK_DATA-8Q4T-QUEUE
class-map type lan-queuing match-all APIC_EM-SCAVENGER-8Q4T-QUEUE
match dscp cs1
policy-map type lan-queuing APIC_EM-QUEUEING-8Q4T-IN
class APIC_EM-REALTIME-8Q4T-QUEUE
class APIC_EM-CONTROL-8Q4T-QUEUE
class APIC_EM-MM_CONF-8Q4T-QUEUE
class APIC_EM-MM_STREAM-8Q4T-QUEUE
[continued]
class APIC_EM-TRANS_DATA-8Q4T-QUEUE
class APIC_EM-BULK_DATA-8Q4T-QUEUE
bandwidth percent 4
class APIC_EM-SCAVENGER-8Q4T-QUEUE
bandwidth percent 1
class class-default
service-policy type lan-queuing input APIC_EM-QUEUEING-8Q4T-IN
8Q8T – Ingress
Queueing
CoS-based Tail-Drop
• WS-X6704-10GE supported with a DFC4/DFC4XL upgrade
(WS-F6k-DFC4-A, WS-F6k-DFC4-AXL)
o23-6500-1#show module
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
1 48 CEF720 48 port 10/100/1000mb Ethernet WS-X6748-GE-TX SAL10478SWP
2 8 DCEF2T 8 port 10GE WS-X6908-10G SAL172682AK
3 5 Supervisor Engine 2T 10GE w/ CTS (Acti VS-SUP2T-10G SAL1702WNR0
5 16 CEF720 16 port 10GE WS-X6716-10GE SAL1228WYB7
6 4 CEF720 4 port 10-Gigabit Ethernet WS-X6704-10GE SAL15013XBH
Mod Sub-Module Model Serial Hw Status

---- --------------------------- ------------------ ----------- ------- -------
1 Centralized Forwarding Card WS-F6700-CFC SAD074308C9 1.1 Ok
2 Distributed Forwarding Card WS-F6K-DFC4-E SAL17152T2R 1.2 Ok
3 Policy Feature Card 4 VS-F6K-PFC4 SAL1638N3R3 1.2 Ok
3 CPU Daughterboard VS-F6K-MSFC5 SAL1702WNG1 1.5 Ok
5 Distributed Forwarding Card WS-F6K-DFC4-E SAL1541SQHX 1.1 Ok
6 Centralized Forwarding Card WS-F6700-CFC SAL1518CRZ3 4.1 PwrDown
8Q8T Ingress Queuing Models—CoS-to-Queue Mapping with COS-based WRED
8Q8T
Application-Class DSCP CoS
Network Control (CS7) CoS 7 Q8-VoIP-Broadcast Queue

CoS 5 (10% BW )
CoS 7 Q7-Network Control Queue
VoIP EF (5% BW)
CoS 5
Broadcast Video CS5
Q6-Internetwork Control Queue
Multimedia Conferencing AF4 CoS 6 (5% BW)
CoS 4
Realtime Interactive CS4 Q5-Multimedia-Realtime Queue
CoS 4 (20% BW)
CoS 3
Signaling CS3 Q4-Streaming-Signaling Queue
CoS 3 (20% BW)
CoS 2 Q3-Transactional-Management Queue
Network Management CS2 CoS 2 (10% BW)
Bulk Data AF1

CoS 1 Q2-Bulk-Scavenger Queue
Scavenger CS1 CoS 1 (5% BW)
Best Effort DF CoS 0 Q1-Default Queue

CoS 0 (25% BW)
match cos 7
Class-map type lan-queuing match-all APIC_EM-Q7-8Q8T-QUEUE
match cos 6
match cos 5
match cos 4
match cos 3
match cos 2
match cos 1
policy-map type lan-queuing APIC_EM-QUEUEING-8Q8T-IN
bandwidth percent 5
bandwidth percent 5
bandwidth percent 5
class class-default
service-policy type lan-queuing input APIC_EM-QUEUEING-8Q8T-IN
1P7Q2T – Ingress
Queueing
DSCP-based WRED
1P7Q2T Ingress Queueing Linecards

DFC4-EXL) in oversubscription mode
10G-2TXL in oversubscription mode
1P7Q2T Ingress Queuing Models—DSCP-to-Queue
Mapping 1P7Q2T
Application-Class DSCP EF
Realtime Queue
CS5 (Priority)
CS4
CS7
VoIP EF CS6 Control Plane Queue
CS3 (10% BWR)
Broadcast Video CS5 CS2
AF4
Signaling CS3

AF1 Bulk Data Queue
Bulk Data AF1 (9% BWR + DSCP-WRED)
Scavenger CS1 Scavenger Queue (1% BW)

CS1
DF (30% BWR + DSCP-WRED)
Cisco Catalyst 65xx-E/6807-XL with Sup2T 1P7Q2T
1P7Q2T Ingress Queuing Models—DSCP-
EF
to-Queue Mapping (DSCP-WRED) CS5
Realtime Queue All noted thresholds are
(Priority) Min WRED thresholds
All max WRED thresholds
Network Control (CS7) CS7 Are set to 100%
CS6 Control Plane Queue
Internetwork Control CS6 CS3 (10% BWR)
CS2
VoIP EF
AF41 Q6T2—80%
Broadcast Video CS5 Multimedia-Conferencing Queue
AF42 (20% BWR + DSCP-WRED)
Multimedia Conferencing AF4 AF43 Q6T1—70%

Q5T2—80% Multimedia-Streaming Queue
AF31
Multimedia Streaming AF3 AF32 (15% BWR + DSCP-WRED)
AF33 Q5T1—70%
Signaling CS3

AF22 Transactional Data Queue
Q4T1—70% (15% BWR + DSCP-WRED)

AF12 Bulk Data Queue
Scavenger CS1 Q3T1—70% (9% BWR + DSCP-WRED)
AF13
Best Effort DF
CS1 Scavenger Queue (1% BW)
DF Default Queue
Cisco Catalyst 65xx-E/6807-XL - 1P7Q2T Ingress Model
class-map type lan-queuing match-all APIC_EM-REALTIME-1P7Q2T-QUEUE
class-map type lan-queuing match-all APIC_EM-CONTROL-1P7Q2T-QUEUE
class-map type lan-queuing match-all APIC_EM-MM_CONF-1P7Q2T-QUEUE
class-map type lan-queuing match-all APIC_EM-MM_STREAM-1P7Q2T-QUEUE
class-map type lan-queuing match-all APIC_EM-TRANS_DATA-1P7Q2T-QUEU
class-map type lan-queuing match-all APIC_EM-BULK_DATA-1P7Q2T-QUEUE
class-map type lan-queuing match-all APIC_EM-SCAVENGER-1P7Q2T-QUEUE
match dscp cs1
Cisco Catalyst 65xx-E/6807-XL —1P7Q2T Ingress Model
policy-map type lan-queuing APIC_EM-QUEUEING-1P7Q2T-IN

class APIC_EM-REALTIME-1P7Q2T-QUEUE
priority
class APIC_EM-CONTROL-1P7Q2T-QUEUE
class APIC_EM-MM_CONF-1P7Q2T-QUEUE
class APIC_EM-MM_STREAM-1P7Q2T-QUEUE
Cisco Catalyst 65xx-E/6807-XL - 1P7Q2T Ingress Model
[continued]
class APIC_EM-TRANS_DATA-1P7Q2T-QUEU
class APIC_EM-BULK_DATA-1P7Q2T-QUEUE
class APIC_EM-SCAVENGER-1P7Q2T-QUEUE
class class-default
service-policy type lan-queuing input APIC_EM-QUEUEING-1P7Q2T-IN
2P6Q4T Ingress &
Egress Queueing
DSCP-based WRED
2P6Q4T Ingress Queueing Linecards
• WS-X6904-40G-2T and WS-X6904-40G-2TXL

• C6800-8P10G, C6800-8P10G-XL
• C6800-16P10G, C6800-16P10G-XL
• C6800-32P10G, C6800-32P10G-XL
2P6Q4T (Ingress & Egress Queuing Models—DSCP-to-Queue)
Application-Class DSCP 2P6Q4T
Network Control (CS7) Voice-PQ1
EF (Priority Level 1)
CS4
VoIP EF CS5 Video-PQ2
(Priority Level 2)
Broadcast Video CS5 AF4
Multimedia Conferencing AF4 CS7 & CS6 Control Plane Queue

CS3 & CS2 (10% BWR)
Multimedia Streaming AF3 Multimedia-Streaming Queue

Signaling CS3
Transactional Data Queue
Transactional Data AF2 AF2 (20% BWR + DSCP-WRED)
Network Management CS2 Bulk Data Queue

Bulk Data AF1
Scavenger Queue
CS1 (1% BWR + DSCP-WRED)
Scavenger CS1
DF Default Queue
Best Effort DF (35% BWR + WRED)
2P6Q4T (Ingress & Egress Queuing Models—
2P6Q4T
DSCP-to-Queue with DSCP WRED
Voice-PQ1
EF (Priority Level 1)
Application-Class DSCP
CS4
Network Control (CS7) Video-PQ2
CS5
(Priority Level 2)
Internetwork Control CS6 AF4
VoIP EF
CS7 & CS6 Control Plane Queue
Broadcast Video CS5 CS3 & CS2 (10% BWR)
Multimedia Conferencing AF4 Q4T3—80%

Realtime Interactive CS4 AF32 Q4T2—70% (20% BWR + DSCP-WRED)
AF33 Q4T1—60%
Signaling CS3 AF22 Q3T2—70% (20% BWR + DSCP-WRED)
Q2T3—80%
Bulk Data Queue
AF12 Q2T2—70%
Bulk Data AF1 AF13
CS1 Q2T1—60%
Scavenger CS1 Scavenger Queue

CS1 (1% BWR )
Best Effort DF
DF Default Queue
(35% BWR + WRED)
Cisco Catalyst 65xx-E/6807-XL—2P6Q4T Model
Part 1 of 3—Common Ingress & Egress Queuing Class-Maps
class-map type lan-queuing match-all APIC_EM-VOICE-2P6Q4T-PQ1
match dscp ef
class-map type lan-queuing match-all APIC_EM-VIDEO-2P6Q4T-PQ2
match dscp cs4 cs5 af41 af42 af43
class-map type lan-queuing match-all APIC_EM-TRANS_DATA-2P6Q4T-QUEUE
class-map type lan-queuing match-all APIC_EM-BULK_DATA-2P6Q4T-QUEUE
class-map type lan-queuing match-all APIC_EM-SCAVENGER-2P6Q4T-QUEUE
match dscp cs1
Part 2 of 3—2P6Q4T Queuing Policy-Map
policy-map type lan-queuing APIC_EM-QUEUING-2P6Q4T
class APIC_EM-VOICE-2P6Q4T-PQ1
priority level 1
class APIC_EM-VIDEO-2P6Q4T-PQ2
priority level 2
class APIC_EM-TRANS_DATA-2P6Q4T-QUEUE
Part 3 of 3—2P6Q4T Queuing Policy-Map (continued)
[continued]
class APIC_EM-BULK_DATA-2P6Q4T-QUEUE
class APIC_EM-SCAVENGER-2P6Q4T-QUEUE
class class-default
service-policy type lan-queuing input APIC_EM-QUEUEING-2P6Q4T
service-policy type lan-queuing output APIC_EM-QUEUEING-2P6Q4T
1P3Q8T – Egress
Queueing
CoS-based Tail-Drop
1P3Q8T Egress Queueing Linecards
• WS-X6724-SFP, WS-X6748-SFP and WS-X6748-GE-TX with CFC
• WS-X6724-SFP, WS-X6748-SFP, and WS-X6748-GE-TX with a DFC4 or
DFC4XL upgrade (WS-F6k-DFC4-A, WS-F6k-DFC4-AXL)
• WS-X6824-SFP-2T and WS-X6824-SFP-2TXL
• WS-X6848-SFP-2T, WS-X6848-SFP-2TXL, WS-X6848-TX-2T and WS-
X6848-TX-2TXL
1P3Q8T Egress Queuing Models—CoS-to-Queue Mapping
1P3Q8T
Network Control (CS7) CoS 7 CoS 5

Realtime Queue
Internetwork Control CS6 CoS 6 (Priority)
CoS 4
VoIP EF
CoS 5
Broadcast Video CS5 CoS 7 Control Plane Queue
CoS 6 (10% BWR)
CoS 4
CoS 3
CoS 3
Signaling CS3 CoS 2 (45% BWR + COS-WRED)
CoS 2
Bulk Data AF1 CoS 0

CoS 1
Scavenger CS1 Default Queue
(45% BWR + COS WRED)
1P3Q8T Egress Queuing Models—CoS-to-Queue Mapping with CoS-WRED
1P3Q8T

Realtime Queue
CoS 4
VoIP EF
CoS 5
CoS 6 (10% BWR)
CoS 4
CoS 3 Q2T2—80%
CoS 3
Transactional Data AF2 Q2T1—70%
CoS 2 All noted thresholds are
Network Management CS2 Min WRED thresholds
Q2T2—80%
Bulk Data AF1 CoS 0
CoS 1 All max WRED thresholds
Are set to 100%
Q2T1—70%
Cisco Catalyst 65xx-E/6807-XL—1P3Q8T Egress Model

match cos 4 5
match cos 6 7
match cos 2 3
Cisco Catalyst 65xx-E/6807-XL —1P3Q8T Egress Model
policy-map type lan-queuing APIC_EM-QUEUING-1P3Q8T-OUT

priority
random-detect cos-based
random-detect cos 3 percent 80 100
class class-default
service-policy type lan-queuing output APIC_EM-QUEUING-1P3Q8T-OUT
1P3Q4T – Egress
Queueing
CoS-based Tail-Drop
• VS-S2T-10G and VS-S2T-10G-XL with Gigabit Ethernet ports enabled

1P3Q4T Egress Queuing Models—CoS-to-Queue Mapping
1P3Q4T

Realtime Queue
CoS 4
VoIP EF
CoS 5
CoS 6 (10% BWR)
CoS 4
CoS 3
CoS 3
CoS 2
Bulk Data AF1 CoS 0

CoS 1
1P3Q4T Egress Queuing Models—CoS-to-Queue Mapping with CoS WRED
1P3Q4T

Realtime Queue
CoS 4
VoIP EF
CoS 5
CoS 6 (10% BWR)
CoS 4
CoS 3 Q2T2—80%
CoS 3
Transactional Data AF2 Q2T1—70%
CoS 2 All noted thresholds are
Network Management CS2 Min WRED thresholds
Q2T2—80%
Bulk Data AF1 CoS 0
CoS 1 All max WRED thresholds
Are set to 100%
Q2T1—70%

match cos 4 5
match cos 6 7
match cos 2 3

priority
class class-default
1P7Q4T –Egress
Queueing
DSCP-based WRED

DFC4-EXL) in performance or oversubscription mode
10G-2TXL in performance or oversubscription mode
• WS-X6908-10G-2T and WS-X6908-10G-2TXL
1P7Q4T Egress Queuing Models—DSCP-to-Queue Mapping
1P7Q4T
Application-Class DSCP EF
Realtime Queue
CS5 (Priority)
CS4
CS7
VoIP EF CS6 Control Plane Queue
CS3 (10% BWR)
Broadcast Video CS5 CS2
AF4
Signaling CS3

AF1 Bulk Data Queue
Bulk Data AF1 (9% BWR + DSCP-WRED)
Scavenger CS1 Scavenger Queue (1% BW)

CS1
DF (30% BWR + DSCP-WRED)
1P7Q4T
1P7Q4T Egress Queuing Models—
EF
DSCP-to-Queue with DSCP-WRED CS5 Realtime Queue
(Priority) All noted thresholds are
Min WRED thresholds
Network Control (CS7) CS7 All max WRED thresholds
CS6 Control Queue Are set to 100%
Internetwork Control CS6 CS3 (10% BWR)
CS2
VoIP EF
Broadcast Video CS5 AF41 Q6T3—80%

Multimedia-Conferencing Queue
AF42 Q6T2—70% (20% BWR + DSCP-WRED)
Multimedia Conferencing AF4 AF43 Q6T1—60%

AF31 Q5T3—80% Multimedia-Streaming Queue
Multimedia Streaming AF3 AF32 Q5T2—70% (15% BWR + DSCP-WRED)
AF33 Q5T1—60%
Signaling CS3

Network Management CS2 AF23 Q4T1—60%

AF12 Q3T2—70% Bulk Data Queue
Scavenger CS1 (9% BWR + DSCP-WRED)
AF13 Q3T1—60%
Best Effort DF
CS1 Scavenger Queue (1% BWR)
DF Default Queue

class-map type lan-queuing match-all APIC_EM-MM_CONF-1P7Q4T-QUEUE
class-map type lan-queuing match-all APIC_EM_TRANS_DATA-1P7Q4T-QUEUE
class-map type lan-queuing match-all APIC_EM_BULK_DATA-1P7Q4T-QUEUE
class-map type lan-queuing match-all APIC_EM_SCAVENGER-1P7Q4T-QUEUE
match dscp cs1
priority
class APIC_EM-MM_CONF-1P7Q4T-QUEUE
[continued]
class APIC_EM_TRANS_DATA-1P7Q4T-QUEUE
class APIC_EM_BULK_DATA-1P7Q4T-QUEUE
class APIC_EM_SCAVENGER-1P7Q4T-QUEUE
class class-default
1P7Q8T – Egress
Queueing
CoS-based Tail-Drop
• WS-X6704-10GE with CFC

• WS-X6704-10GE with a DFC4 or DFC4XL upgrade (WS-F6k-DFC4-A, WS-
F6k-DFC4-AXL)
1P7Q8T Egress Queuing Models—CoS-to-Queue Mapping with COS-based WRED
1P7Q8T
Network Control (CS7) CoS 7 Q8-VoIP-Broadcast Queue

CoS 5 (Priority)
VoIP EF CoS 7 Q7 - Network Control Queue

(5% BWR)
CoS 5
Broadcast Video CS5
Q6 - Internetwork Control Queue
Multimedia Conferencing AF4 CoS 6 (5% BWR)
CoS 4
Realtime Interactive CS4 Q5 - Multimedia-Realtime Queue
(20% BWR)
Multimedia Streaming AF3 CoS 4
CoS 3
Signaling CS3 Q4 - Streaming-Signaling Queue
(20% BWR)
CoS 3
CoS 2 Q3-Transactional-Management Queue
Network Management CS2 CoS 2 (10% BWR)
Bulk Data AF1

CoS 1 Q2 - Bulk-Scavenger Queue
Scavenger CS1 CoS 1 (10% BWR)
Best Effort DF CoS 0 Default Queue

CoS 0 (30% BWR)
class-map type lan-queuing match-all APIC_EM-Q8-1P7Q8T-QUEUE

match cos 7
match cos 6
match cos 5
match cos 4
match cos 3
match cos 2
match cos 1

class APIC_EM-Q8-1P7Q8T-QUEUE
priority
class class-default

Campus Qos Design Simplified Brkcrs 2501

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Campus Qos Design Simplified Brkcrs 2501

Uploaded by

Copyright:

Available Formats

Campus QoS Design—

Tim Szigeti Jerome Henry

BRKRST-2056: The QoS Paradigm Shift

• The primary role of QoS in campus networks is to manage packet loss

2,073,600 pixels per frame

x 24 bits of color per pixel

x 60 frames per second

Voice Packets Video Packets

Time 20 msec 33 msec

Total Per-Queue Buffering Capacity: 10.8 ms

*Assuming (4) equal-sized queues

Total Per-Queue Buffering Capacity: 9.0 ms

*Assuming (8) equal-sized queues

• Nexus 7000/7700 use NX-OS QoS

Trust Boundaries Untrusted / User-Administered Devices

The trust boundary is the edge where

Per-Port QoS Per-VLAN QoS

Physical Ports Physical Ports

DVLAN policy map is applied Trunked Physical Ports

(if required and supported)

Each queue has 1 Drop Threshold

Red Minimum WTD Threshold 1:

Yellow Minimum WTD Threshold 2:

Tail of Queue is WTD Threshold 3

AF12 Minimum WRED Threshold:

AF11 Minimum WRED Threshold:

3. Configure Egress Queuing

Trust-CoS Model Example:

Trust-DSCP Model Example:

Conditional-Trust Model Example:

Conditional Trust Policy to a Cisco IP Phone:

Except for CoS 5 which is explicitly mapped to DSCP 46

Network Control (CS7) AF1 Q4T2

VoIP EF Default Queue

Multimedia Conferencing AF4 CS7 Q2T3

Realtime Interactive CS4 CS6

Multimedia Streaming AF3 CS3 Q2T2

Network Management CS2 AF2

! This section configures egress buffers and thresholds

! This section configures interface egress queuing parameters

Enables the PQ Allocates bandwidth to each queue by means of a WRR weight.

Wireless Per-Port / Per-SSID / Per-Client Policies:

2. Configure Egress Queuing

interface GigabitEthernet 1/0/1

Application DSCP 2P6Q3T BWR =

Multimedia Streaming AF3 AF3 Q4

Best Effort DF DF Q1 (BWR 25%)

Only the Hierarchical Shaping policy is

2. Configure Egress Queuing

*Note: Catalyst 4500 uses IOS MQC, which trusts by default;

interface GigabitEthernet 3/1

Conditional trust command (trust device) must be

interface GigabitEthernet 3/1

Network Control (CS7) EF

Multimedia Streaming AF3 AF3 Q5

Best Effort DF DF Q1 (25%)

class-map match-all PRIORITY-QUEUE Enables the PQ policy-map 1P7Q1T

1. Configure Ingress Queuing

Catalyst 6500 IOS C3PL trusts by default;

VoIP EF CS5 Video-PQ2

Bulk Data AF1 AF1 Bulk Data Queue

Note: A C3PL interface may support up to 4 QoS policies:

policy-map type lan-queuing 2P6Q4T