Contents

QoS Introduction....................................................................................................................................1
Traffic Types and Requirements..........................................................................................................2
Data Traffic...........................................................................................................................................2
Voice Traffic.........................................................................................................................................2
Video Traffic........................................................................................................................................3
Things to remember...........................................................................................................................3
SRND Guide..............................................................................................................................................4
loss.........................................................................................................................................................5
Delay......................................................................................................................................................5
jitter.......................................................................................................................................................5
QOS mechanisms and Exam details....................................................................................................5
Classification and Marking...................................................................................................................6
Class of Service COS...........................................................................................................................9
TOS.......................................................................................................................................................10
DSCP and IP precedence..................................................................................................................11
DSCP AF Classes................................................................................................................................12
Traffic Classes........................................................................................................................................13
Policers and shapers.............................................................................................................................14
Queuing...................................................................................................................................................16
Queuing - FIFO, PQ, CQ, WFQ............................................................................................................17
Queuing - WFQ and CBWFQ...............................................................................................................19
CBWFQ and LLQ....................................................................................................................................20
Congestion Avoidance with WRED...................................................................................................21

QoS Introduction
What is quality of service?
 Quality of service is providing a better quality to certain applications at the
detriment of other applications, in the same way that we on the roads, certain
vehicles are prioritized of others such as ambulances or buses. We are prioritizing
certain traffic types. In other words, making sure that they go to the front of the
queue as an example versus other traffic types,
  certain traffic types such as voice or video or delay sensitive, they can't handle a lot
of delay. So, they'll be prioritized over traffic types that can handle delay such as FTP.
 It's also called Managed Unfairness. We are introducing unfairness into the network,
prioritizing certain traffic types of other traffic types. As an example, a very important
phone call from the CEO would be prioritized over someone watching YouTube
videos.

Traffic Types and Requirements

For the CCNA exam. You need to be aware of three traffic types and their traffic
characteristics.
Data Traffic
 Firstly, you have data. Data traffic is generally bursty and greedy. That's not always
the case but generally data applications such as FTP will grab as much bandwidth as
they can.
 If you give an FTP application 2 megabits per second, it'll take 2 (Mbps)
megabits per second. if you give it 4 megabits per second it's going to
take 4 megabits per second. So, data is bursty and greedy,
 it's sometimes smooth and benign. In other words, it doesn't grab all the
bandwidth that you give it but in a lot of cases data applications or bursty
and greedy.
 They also tend to be drop insensitive. In other words, if a packet is dropped it
doesn't matter because it's retransmitted.
 A lot of data applications use TCP which retransmits data if packets go missing,
 it's also Delay insensitive. So, as an example if packets are delayed by 500
milliseconds it's not a major problem. Now this really depends on the top of data
sent.
 There are two major categories of data applications.
 We have interactive data applications and,
 Non interactive data applications.
 Telnet as an example is interactive a large delay will degrade the
user experience. But if you downloading a file using FTP delay isn't
that important.

Voice Traffic

 Now, voice is very different to data, voice calls or smooth, in that they require a
certain amount of bandwidth and they require that all the time. They don't burst like
a data applications do.
 voice codecs such as G729 or G711, use a certain amount of bandwidth and they
need that for the entire voice call.
  So, they said to be smooth, they benign that don't try and grab bandwidth from
other applications.
 But they are very drop sensitive and very Delay sensitive.
 if your voice packets are dropped or delayed it will affect the voice conversation.
So, in a voice over IP scenario, it's very important that packets arrive without a lot
of delay and packets are not dropped.
 Voice is transmitted across UDP. So, there's no capability to transmit to the lost
voice.
 These are the one-way requirements for voice,
 latency less than 150 milliseconds
 jitter less than 30 milliseconds
 loss less than 1 percent
 bandwidth does vary depending on the codec used but as an example it's in
the range of 30 (Kbps) kilobits per second to 128 kilobits per second
Video Traffic
 video has characteristics of voice and characteristics of data in that,
 it's bursty and greedy.
 A video with a lot of movement requires more bandwidth a video where there's
not a lot of movement. So as an example, if you were watching a video stream
where there's a lot of action on the screen so people are moving around or cause
or racing or an ultimate example would be a video of a fire. There's a lot of
changes on the screen when videoing fire. It's going to grab a lot of bandwidth
and be very bursty, if you are videoing a stall scene. So as an example, you were
videoing a wall on a building with no movement. The bandwidth requirements
would be a lot less.
 The video however is drop sensitive like voice,
 it's Delay sensitive like voice and
 Uses UDP rather than TCP.
 So, the one-way requirements for video are similar to voice,
 delay or latency less than 150 milliseconds
 jitter less than 30 milliseconds
 loss between 0.1 and 1 percent
 bandwidth does vary depending on the video stream. As an example, if you're
watching 720P or 1080P or high definition, the bandwidth requirements can
be a lot higher.
 But for the CCNA, we'll use a value of 384 kilobits per second to 20 plus
megabits per second. (384Kbps – 20Mbps)
Things to remember
 So, the thing to remember is that video and voice are delay sensitive.
 They are drop sensitive. A lot of data traffic doesn't have those requirements. So,
data traffic such as FTP can be dropped, it can be delayed but voice traffic in an
audio stream or a video conference needs to be prioritized.
  So, the idea with quality of service is that, we going to give priority to some sessions
over other sessions. The packets of delay sensitive applications such as voice and
video are going to be prioritized over traffic from non-delay sensitive applications
such as FTP, will drop packets before we drop voice packets
 with HTP it doesn't matter, it will retransmit. But if we did drop voice packets and
video packets it would affect the user experience.
 So, with quality of service we are going to create policies and implement policies
using quality of service mechanisms on a network to prioritized certain traffic types
over other traffic types.

SRND Guide
A great resource for learning quality of service, is the Enterprise quality of service solution
reference network design guide or SRND guide. At the time of this recording the guide was
last updated in April 2014. I've added the guide below the video, but you can find it by
doing a search in Google. for example, for quality of service SRND guide.

We are told that there's an updated version. If you want to buy the latest version, you'd
need to purchase this book end to end quality of service network design. That's not
required for CCNA. So, for the CCNA course I would simply use this document and the
videos that I'm recording.

This guide has been around for a long time, so it was originally drafted in April 2005.
A lot of the quality of service mechanisms that we're discussing haven't changed over the
years. The reliance on some such as a link fragmentation into leaving has been reduced as
wind speeds have increased but a lot of the concepts remain the same.
So, if you want to study this in more detail have a look at this guide. But I'm going to
summarize the details for you. And I'll do a demonstration to try and explain some of the
options as required for the CCNA exam and ICND2 exam,
So, in the CCNA exam, if I do a search for quality of service, you are expected to
know basic quality of service concepts including marking, device trust, prioritization of a
voice, video and data, shaping, policing and congestion management. These are quality of
service mechanisms. The same topics are listed in the ICND 2 exam.
So, the SRND guide starts out by looking at why is quality of service important? What are
the tool sets or mechanisms available to you? And there's some additional information.
 Now, quality of services essentially important because we need to prioritization
some traffic at the detriment of other traffic. As an example, if it's an emergency and
an ambulance need to take someone to hospital or reach someone that's injured on
motorways or highways we have dedicated lanes, so that an ambulance can get to a
hospital quicker. We are providing a better quality of service to an ambulance than
to other vehicles on the road and the same is true with quality of service.
  We want to provide a higher priority or better quality of service to traffic types such
as voice and video, because of the delay requirements and other requirements that
those traffic types have when compared to other traffic top such as FTP or HTTP.
Now, the transmission quality of a network is determined by the following factors.

loss
 Firstly loss.
 How many packets will be lost? Now this is important for voice conversations.
Voice will degrade as an example when packets are lost. We want to have a low
loss of packets in a voice conversation, for FTP loss of packets isn't as important
because FTP uses TCP and will simply retransmit to the packets. But you can't
retransmit voice packets if voice packets are lost, they are lost, and it will affect
the voice quality.

Delay
 Delay is the finite amount of time that it takes a packet to reach the receiving end
point, after being transmitted from the sending end point.
 As an example, If you are using a phone it's the amount of time that it takes for
me to speak till it reaches your ear. In other words, how long does it take for the
voice to travel from me to you. Now the roundtrip delay of a voice conversation
needs to be less than 300 milliseconds, anything greater than that is going to
affect the voice quality. FTP once again can tolerate much higher delays

jitter
 Variable delay or also called jitter, is the difference in end to end delay between
packets. So, if the delay varies between packet arrival, that is known as Jitter.
 jitter once again cause problems in a voice conversation.

QOS mechanisms and Exam details

So, what is the Cisco quality of service toolset. The SRND guide discusses the following
mechanisms or quality of service tool sets that allow you to implement quality of service.
This is what is emphasized in the CCNA exam.
The exam talks about Marking, Device trust, prioritization, Shaping, Policing and Congestion
management. And if you look at the mechanisms listed in the SRND guide we have
classification and Marking, policing and markdown, scheduling, link specific tools and there
are some additional options such as AutoQoS and call it Mission Control.
Here is a graphic showing the quality of service tool set. Now these mechanisms apply to
differentiated services or (DiffServ), into serve has its own mechanisms and best effort
essentially doesn't have these mechanisms. It simply treats all traffic the same.
 Firstly, we have admission control, will your call as an example be permitted across
the IP network. If there is oversubscription of the link voice call may need to take an
alternative path.
 Classification and marking are essentially looking at traffic types and putting them
into classes. So, is it a voice traffic, if it is then it goes into a certain class? Is it a video
traffic then it would go into a different class? Is it FTP it would go into a third class?
 We have policing and Markdown, if you are sending too much traffic. Traffic could be
dropped, or the quality of service given to you could be lowered.
 Then we have scheduling which includes queuing and dropping.
 We have traffic shaping and
 link specific mechanisms

Classification and Marking

we will start off with classification and marking
 when you send a package with FedEx or DHL. That package needs to be marked for
next day delivery or urgent delivery or standard delivery.
 A label gets put onto the package to indicate how important that package is, when
the package is sent from one depo to another. They don't open the package to
determine the quality of service that that package would get. They look at the label
and the label determine the quality of service that the package gets.
 In the same way, when a telephone sent packets into a network. It needs to mark
those packets as important so that every switch and router along the path can treat
the packet differently when compared to say FTP sent by PC.
 So, when packets are forwarded from the phone to the first switch, it needs to
indicate using some kind of marking or label or field that the packet is important. It
needs to be treated better than say an FTP packet.
 when switch 1 sends the packet to switch 2, it needs to indicate to that switch that
the packet is important and in the same way when the second switch sends that
 packet to the router, it needs to indicate to the router that the packet is of great
importance.

Now this introduces the concept of a trust boundary. Who do we trust in the network? as an
example. Does the router trust switch 2, the switch 2 trusts switch 1 as an example, if these
devices trust the markings that they receive from each other or the quality of service
settings that they receive from one another, then the trust boundary ends over here (switch
1)?
 In other words, the switch doesn't trust the phone and the switch doesn't trust the
PC.

If, however, the switch didn't trust the phone the trust boundary would be extended to the
phone as is the case, with a lot of IP phones we could have a PC connected to a phone. So,
we could connect the PC to the back of the phone and in that case the trust boundary
would end at the phone.

In other words, the switches and the router trust the phone, but they don't trust the PC. So,
if the PC sends traffic to the phone telling the phone that its traffic is important the phone
will not trust those markings. All those values and would override them, in the same way
which one doesn't trust the markings or Value sent by the PC, but it would trust the
markings or value sent by the phone, and again switch 2 will trust what switch one tells it
and the router would trust switch 2.
as an analogy. If you go to the airport and your ticket says that you have a first-class ticket
you will be treated differently to someone who has an economy class ticket. But the people
at the airport won't accept a ticket that you've just made up. So, if you just printed out your
own ticket they are not going to trust that unless they can reference it officially.

 So, in a situation like this, the phone has to indicate to the switch that its traffic is
important. So, it needs a mechanism or a way to tell Switch 1 that its traffic is more
important than the PC traffic.
 Now there are two main ways to do this. We either mark at Layer 2 or mark at layer
3. So, in the same way that FedEx or DHL will mark a parcel. In other words, they put
a sticker or a barcode on the parcel to indicate that the parcel is of great importance
and should be delivered the next day.
 The phone will mark the packets that it sends to the switch either at layer 2 or 3 to
indicate that the packets are important,
 Assuming that switch 1 accepts those markings. It will send the packets to switch 2
with the relevant markings. Markings are important in packets because when they
arrive at a switch such a switch 2 it needs to make a decision which class does the
packet belong to. In other words, is a platinum is it gold, is it Silver, is it bronze or to
use an airline analogy, is it first class or business class or economy class.
 packets within the class will be treated the same way. So, the switch needs to
determine which class the packets go into. So again, platinum, gold, silver and so
forth and then it will treat those packets accordingly.
 So how does a phone or a switch indicate to another switch or router. The level of
importance of packets, now to use the airline analogy again this is very similar to a
ticket that you'd get. So does your ticket indicate that you're a first-class passenger
or business class or economy class. Think of the markings as a ticket. The ticket is an
indicator of the service that you'll receive.
 So, when the phone sends a voice packets to the switch it's going to mark them add
a layer 2 using an 802.1q marking. I'll show you the details of the markings when I do
a wireshark capture in a moment. But for now, I understand that when you speak
into a phone so let's assume these are your voice waves, a phone transcodes that
 into a digital signal of zeros and ones. They're put into UDP packets that are
encapsulated in IP which in turn encapsulated in Ethernet and are sent to the switch.
 So, at layer 2 we have an 802.1q header. The reason why is that, Ethernet doesn't
have these additional markings, as an example if using Ethernet II (2 two) it has no
way to indicate the importance of a packet.
 So, when we capture the frame you'll see in a moment that we have a destination
address we'll have a source address and then we'll have an802.1q header and then
the actual voice within the packet.
 So. 802.1q header has a priority field so this is 3 bits in size also called costs or Class
of service or Cos.
 It's 3 bits in size. So, the binary values go from 000 all the way to triple one 111.

Class of Service COS

 So, the phone once again is sending a layer 2 marking to the switch using 802.1q,
the markings in binary are in the range 000 all the way to triple 1 (111).
 So, in binary it looks like this in decimal they'll have values like this. And I'll add five
here because that's one used by voice.
 So, an 802.1Q header has a field called a priority field or also called COS, it's three
bits in size, values are on this range.

 ->on the same way when you get a traffic light and it's a red. You stop or when it's
green you go. These markings in of themselves don't mean anything. It's the
interpretation of the marking that counts.
 We've all agreed that a red light means stop and a green light means go, in the same
way the convention is. That voice is marked with a value of 5. That's true in Cisco
environments. If you have phones from other vendors they may use a cost of 6. So,
you need to ensure that your phones and your switches and your routers are
configured to agree what these values mean.
  So, the idea with marking is we marking packets to indicate it to another device how
important the data is.

 So, when the packets are sent from Switch 1 to switch 2 as an example, switch 2 can
read the packets, and see that they marked with a cost of 5 and then prioritize them
accordingly. So, prioritized them as important voice traffic.
 Now one of the problems with 802.1q, layer 2 markings, is it requires 802.1q trunk
ports, a link such as this between a switch and a router. Maybe using a router port on
a switch which means that 802.1q trunking is not used.
 If you send traffic across a serial link as an example or a WAN. 802.1q tagging is not
used. You may as an example be using PPP or HDLC on a serial link.
 So, layer 2 markings such as 802.1q aren’t end-end (end to end) and therefore you
may want to use a layer 3 marking.
TOS

 A phone can indicate that its traffic is important by marking traffic at layer 3. now at
layer 3 we would be using an IP version 4 header or IP version 6 header. in this
course will concentrate on an IP version 4.
 in an IP version for header, there's a field called type of service. It consists of eight
binary values. Now, in the old days we used to only look at the most significant (left
side of the box) three bits. So, these three bits of the head were read by routers and
networking devices to determine how important the traffic is.
 Now, in the same way as COS, the values are from (zero) 0 all the way up to (seven)
7. So, 0, 1, 2 all the way up to 7.
 voice once again would be marked with a COS value of (five) 5. So, a phone as an
example would markets traffic at layer 2 and then market at layer 3, to indicate how
important the traffic is.
 The problem with this mechanism is we only have seven classes. Class zero would be
used for best effort. In other words, you're not going to get a decent quality of
service and often six or seven or both are used for network protocols. So, you are
limited in the number of classes that you can use for traffic.
  So, voice may be using five, video may be using 4. What are you going to use for
EIGRP or business traffic versus HTTP traffic versus other traffic on your network?
You're running out of classes and in addition the classes weren't standardized so any
traffic could end up in any class.
 So, this was adjusted to use six binary bits. And this is known as DSCP or
differentiated services code points.

DSCP and IP precedence

 It's the same field in the IP version 4 header. It's just the interpretation of the bits
rather than using 3 bits, 6 bits in the header are read and marked to determine how
important the traffic is. This is known as IP precedence.
 So, when only 3 bits are used it's known as IP precedence when six bits are used. It's
known as differentiated services code points or DSCP.
 Now DSCP is backward compatible to IP precedence. These values in DSCP are
known as class selector values or CS values.
 So, you may see someone talk about this (101) being I.P precedence five but they
might also mention this is class Selector 5.
 It depends whether we are using the old naming convention of IP precedence or the
new DSCP descriptions.

 So, in DSCP we are marking at layer 3. We are using the type of service field in an IP
version 4 header for example. But only six bits of the header are used.
 when the six bits are set to zeros that's known as Best Effort (BE). Class Selective
value still exist, as an example if it's set to this (001 000) that's IP precedence 1 or
class selector 1.
 But in addition, they have what are called an Assured forwarding classes. We have a
short forwarding class, short forwarding class 2, 3 and 4. So, we have these new
 classes Assured forwarding class (AF) 1, 2, 3 and 4. This number indicates the first
three binary bits in the type of service field (TOS)
 but a short forwarding class has number such as 0, 1, 2 and 3.
 So Assured forwarding class 1 actually has 3 values. There is AF11, AF12 and AF13.
So, the first three binary bits gives you your class. So, AF1, the second two binary
bits(in green color) gives you the second number and this is known as the drop of
probability.
 How probable is it that truck traffic will be dropped within class AF of 1, the higher
the number the more likely of your traffic being dropped within this class.
 When this congestion and you've set up the right mechanisms the traffic will be
dropped first (AF13) then this (AF12 traffic and then that (AF11) traffic.
 within Assured forwarding class 2, We also have AF21, AF22. AF23. The same is true
for class 3 and class 4
 The higher the first number, the more important your traffic but the higher the
second number within a class such as AF11, AF12, AF13. the less important your
traffic, the more likely that it will be dropped.

DSCP AF Classes

So, in DSCP,
 we are marking at layer 3, we are using the type of service field in an IP version 4
header for example. but only s6 bits of the header are used.
 when the six bits are set to zeros that's known as best effort.
 Class Selector value still exist. So as an example, if it's set to this (001 000) that's IP
precedence 1(IPP1) or Class Selector 1 (CS1) But in addition they have what are
called Assured forwarding classes1, assured forwarding classes2, Assured forwarding
classes.
 So, we have this new classes, Assured forwarding classes1, 2, 3 and 4.
 This (001) number indicates the first three binary bits in the type of service field
 but assured forwarding classes have numbers such as 0 1 2 and 3.
 So, assured forwarding class 1 actually has 3 values. AF 11, AF12 and AF 13.
 So, the first three binary bits (001), gives you your class so AF1, the second
two binary(01) bits gives you the second number and this is known as the
drop of probability. How probable is it ,that truck traffic will be dropped
 within class A of 1 (AF11), the higher the number the more likely of your
traffic being dropped within this class.
 When this congestion and you've set up the right mechanisms, this (AF13)
traffic will be dropped first then this (AF12) traffic and then that (AF11) traffic
 within assured forwarding class 2. We also have AF 1, AF 2 and AF 3.The same is
true for class 3 and class 4,
 The higher the first number, the more important your traffic but the higher the
second number within a class such as AF 11, AF12 and AF 13. The less important
your traffic, the more likely that it will be dropped.

Traffic Classes
Now before traffic policies can be applied to packets.
 The packets need to be put into class. So, as an example, before you're allowed to
take a first-class seat, someone checks your ticket to ensure that you are a first-class
passenger.
 So, in other words, before quality of service is applied to your packet, the router
or switch needs to determine which class you belong to.
 If you belong to the platinum class you will get a Platinum service.
 But if you belong to the economy class, you'll only get an economy service.
 But before the services applied. The Router or switch needs to determine which class
you belong to. And I can do that as an example by looking at the marking
 A FedEx sorting Depot will sort packets based on the marking on a package.
Packages with next day delivery or High importance will be processed differently to
packages that have standard delivery markings on them.
 Best Practices, state that you should classify and Mark as close to the edge of the
network as possible. So, as an example IP phones will mark their traffic as it leaves
the IP phone, for other traffic type you want to try and do your classification and
marking on your Edge switches.
 So, marking takes place on the edge. But every device along the path uses
classification to determine what quality of service that traffic gets. It can do the
classification based on three criteria,
 either by looking at the marking in a header such as the COS or DSCP value.
 It could also look at IP addressing such as the destination IP subnet that you're
going to or source IP address or layer 2 MAC address or some other addressing
criteria.
 So as an example, it could look at a destination port number.
 Are you going to a specific IP address and specific port number?
 Or are you going to something like Cisco.com versus Facebook.com so, a
domain address.
 In addition, routers can support deeper payload inspections by using application
signatures. So, by using network-based application recognition or NBAR. A router
can look deep into a package to determine how important the traffic is.
 So NBAR uses layers 4 to 7 for deep packet inspection. It is more CPU intensive and
therefore you generally only do it at the edge of your network.
  Most applications can be identified using layer3 or layer 4 criteria such as IP
addresses or a well-known port numbers, but other applications require a deeper
packet inspection.
 As an example, HTTP uses port 80. You don't want your routers classifying traffic
going to Cisco.com in the same way as Facebook.com. Both of them could be using
port 80 or port 443 HTTPS.
 So, you may need to look deeper into the package to determine where it's going. So
as an example, look at the domain name and then do your quality of service based
on the destination domain name
 NBAR supports two modes of operation
 we have passive mode and
 active mode
 passive mode provides real time statistics on applications per protocol interface and
gives bidirectional statistics such as bit rate packet and byte counts.
 Active mode classifieds applications for traffic marking so that quality of service
policies can be applied.
So, are we actively looking at traffic types and then applying quality of service or are we just
viewing statistics of traffic going through the network?
So, a passive mode Provide statistics but doesn't do marking. Active mode allows you to do
markings and apply quality of service policies.

Policers and shapers

 Once traffic is identified, it can be treated in a number of different ways. You could
as an example give it a minimum amount of bandwidth. You could give it a
maximum amount of bandwidth or a limit on the amount of bandwidth that it can
send
 some queuing mechanisms provide a minimum bandwidth guarantee.
 Policing and shaping the limit the amount of traffic that you can transmit. So, polices
and shapers are both rate limiters, but they differ in how they treat excess traffic.
 As a general rule of thumb polices will drop excess traffic whereas traffic shapers
will delay excess traffic.
 In this example we've got traffic sent at different rates and administrator has
configured a maximum limit however, as shown by the line here.
  With policing any excess traffic is automatically dropped. So, policing will perform
checks for traffic violations against a configured rate set by an administrator which
could be you. The action that a policing takes in response to traffic will either be
dropping the traffic is shown here or it could Remark excess traffic and still transmit
to the traffic.
 There are different options you could just transmit the traffic as long as you are
below the threshold. You could configure a policer to send the traffic without any
modification as long as it's below the configured threshold.
 when it goes above the configured threshold. You could remarket but still transmit it
and that would be true for traffic between the threshold and a second threshold. But
any traffic exceeding the second threshold would be dropped.
 We have this concept of try color or three-color implementation. When traffic is
below the first threshold it's transmitted as normal, when it exceeds the first
threshold but it's below a second threshold. It will be remarked to a lower class.
 So, in other words you are moved from first class to economy as an example.
 But the traffic is still transmitted.
 And when you go above the second threshold you're simply kicked off the plane
when a data network the traffic is dropped.
 What's important to understand about polices is, they do not delay traffic, they will
check the traffic and either remarket and transmit it or drop it.
 They do not buffer, or delay traffic.
 shaper is on the other hand will delay traffic.
 So, they try and smooth traffic out by buffering it. So, if we look at our original traffic
when it's short notice the curve here is a lot smoother as the traffic is delayed so that
it falls within a configured bit rate.
 So, the shaper doesn't drop the traffic but smooths it out by delaying that traffic to
make sure that over a period of time, the traffic falls within a configured bit rate.
 shaper is usually used to meet service level agreements, when the traffic spikes
above the contracted rate, the excess traffic is buffered and is delayed until it falls
below the contracted rate.
 Polices are a lot harsher. They will drop…. as whereas a shaper will try and smooth
the traffic out over a period of time to get it below a configured rate.

So where would you use policers and where would you use shapers.
 policers are generally used as ingress tools. In other words, the traffic is dropped
before it's processed so that you don't waste valuable resources.
 If a packet is going to be dropped anyway you might as well drop it on the ingress
or incoming interface of a Router so that you don't waste valuable bandwidth and
CPU cycles to move it from one interface to another, to a routing Look-Up and so
forth and then drop the packet.
 Policers can be used on Egress to control the amount of traffic sent out of an
interface but are generally used to enforce a traffic policy on ingress, as an example
your service provider may have an ingress policer to ensure that you don't send too
much traffic. As an example, you could have paid for 100 megabits per second
 internet link but the physical interface that connects you to your service provider
could be gigabit ethernet. So, to ensure that you don't transmit more than 100
megabits per second, the service provider on the ingress interface on the ISP side
will implement a policer to drop traffic that exceeds 100 megabits per second
 when traffic is exceeded. The policer can either drop the traffic or Remark the traffic.
 The disadvantage of a policer is that dropping traffic which results seem TCP resend
 TCP is designed to retransmit traffic that's being dropped. So, when a policer is
dropping a lot of traffic it causes a lot of TCP retransmissions or resends.
 Policers don't introduce jitter or delay because they simply drop the packet. They
don't delay it whereas shapers introduce delay and jitter by slowing down packets or
buffering them for a period of time before transmitting them.
 shapers are a lot gentler than polices. So generally, they are deployed between an
enterprise customer and the service provider to ensure that you don't exceed the
contracted rate.
 Again, using the example of a customer connected to a service provider via a Gilbert
interface, the customer will slow itself down under the 100 megabits per second
threshold to ensure that it doesn't send traffic to the service provider who will simply
drop the traffic
 shapers result in fewer TCP retransmissions because they are not dropping the traffic
they are delaying it or slowing the traffic down.

 So, in summary policing drops or remarks. It doesn't buffer. It causes TCP

retransmissions it doesn't introduce jitter and delay
 shapers don't drop traffic. They delay the traffic but that can result in additional
delay or jitter. Shaping is a lot gentler on traffic. Policing is very harsh. Causes
retransmissions.

Queuing
Not think all of us have experienced congestion management in our lives.
you get to the airport and you want to check in there's a queue or a line so you have to wait
before your bags can be processed.
You get to security at the airport and you have to wait in a queue or a line. You're driving
on the highway or motorway and the lanes have been closed. It results in congestion which
results in a queuing mechanism being used to filter the traffic.
So, queuing mechanisms manage congestion, different queuing mechanisms can be used.
In the U.S. as an example. You have TSA pre-check so that helps you get through security
quicker, if you've got a first-class airplane ticket you're going to be processed quicker or
better at check in than if you've got an economy class ticket
an ambulance will take priority on a motorway or a highway when this congestion versus a
standard car. So, different queuing mechanisms can be used to determine how traffic is
processed.
with round robin queuing mechanisms. All traffic is treated the same way. That means that
everyone is treated the same way but results in delay for real time traffic. You could also
implement a strict queuing mechanism where high priority traffic is always processed first.
The advantage of that is voice packets will be transmitted first. But if there's a lot of voice
traffic or high priority traffic it could result in starvation of less important traffic. if you're
constantly sending a lot of voice and video your FTP traffic may never be transmitted
because you are always transmitting video and voice first in a strict priority queuing
mechanism.
So, with Congestion management we have queueing or buffering which determines the
ordering of packets in the output buffers. ,In other words, it determines how traffic leaves a
router interface or leaves a switch interface. You do have ingress queues but for now we'll
just concentrate on a grace queuing mechanisms.
Queuing is only required when there's congestion. If you're driving on the highway or
motorway late at night and there are six lanes and there are only a few cars there's no need
to have a queuing mechanism. So, Queuing is used when there's congestion. Hence the
term congestion management
when queues fill up, packets are reordered. So, that high priority packets are sent out of a
Router interface first rather than lower priority packets. So again, when this congestion, you
may have high priority packets and low priority packets arriving. A queuing mechanism is
used to determine which packets should be processed first and then they are scheduled for
transmission out of the interface of a router.
So, when packets arrive they're put into classes, and will be processed on how important
they are or based on the queuing algorithm used. More important packets will be
transmitted first before less important traffic as an example. So, it'll be scheduled for
sending out of the interface of the router before less important packets.
So, queuing is the logic of ordering packets and output buffers. Scheduling is a process of
deciding which packet should be sent up next. Scheduling occurs regardless of whether
there is congestion on the link.
Queuing is only activated when congestion occurs, when queues fill up packets are
rewarded so that higher priority packets can be sent out before a lower priority packets.

Queuing - FIFO, PQ, CQ, WFQ

Well now let's look at some of the congestion management queuing mechanisms.
 There are many queuing mechanisms some of these are older and are inefficient for
modern rich media networks. In other words, they were good in the past but are not
good for voice over IP and video running across a data network.
 So, let's start with a FIFO (First in First Out) queue. This consists of a single queue
with packets that are sent in the exact order that they arrived. We've probably all
experienced the queuing mechanism in the real world. In this example we have
people wanting to pay for their purchases. There's only one cashier that they can pay
people or service in first come first serve order. In other words, first in first out this
lady arrived first so she served first. This gentleman arrived second so he served a
second and so forth and so on. This is the front of the queue. This is the back of the
queue and people are served in that order.
 In the same way in a FIFO queuing algorithm on a router, packets are served in the
order that they arrived. This is the front of the queue. This is the back of the queue.
New packets are queued at the back, packets at the front of the queue are de queue
and forward it for transmission.
 The problem with this queuing mechanism is of voice packets can be delayed by
larger data packets. Everyone has served in the same way which may work well in
some cases in the real world but that wouldn't work as an example if there was an
emergency and an ambulance as an example needed to go to the front of the queue
and a truck carrying cement or dry goods as an example should wait for the
ambulance.
 You don't want a slow-moving truck or lorry in front of an ambulance. You want an
ambulance to go to the front of the queue. In the same way you want to voice
packets to be able to go to the front of the queue.
 So, FIFO is not good for voice and video.
 In another older queuing mechanism is a priority queue (PQ).
 This consists of four queues that are served in a strict priority order, in this queuing
algorithm we had four queues
 a high
 medium
 normal and
 low queue
 by enforcing a strict priority, the lower priority queues are served only when the
higher priority queues are empty.
 So, when traffic arrives ,if it's classified as important. it's put into the high priority key
 classification could be done on protocol or source interface or some other criteria.
 Traffic in the high priority queue is always serviced first, only when the high and
medium queues are empty, is the normal queue processed
 the low priority queue is only processed when the high medium and normal queues
are empty. So, this is the problem, the low priority queue could starve if there is
constant traffic in the high, medium or normal keys. so low priority queues could be
stopped by higher priority queues. It was an older mechanism which was fine in the
past but doesn't serve well for modern networks.
 Again, in a priority queue we have four queues high, medium, normal and low. high
priority queues are always serviced before low priority queues. The problem here is it
could result in starvation of lower priority queues.
  a third queuing algorithm is custom queuing (CQ).
 This consists of up to 16 queues serviced in a round robin fashion. In order to
prevent starvation, it provides traffic guarantees. The problem with this method
however is that it doesn't provide strict priority for real time traffic.
 So as an example, we've got incoming packets. They are classified into various
queues. They can be up to 16 of them, they can be of different sizes. so, you could
provide more bandwidth to some queues compared to other queues.
 The problem with custom queuing however, is that if you have important voice
traffic arriving, it will only be serviced in its round or in its turn. So as an example, the
voice is processed now and then it's the turn of the second queue, and a new voice
packet arrives that a new voice packet is not going to be processed until queue3,
queue4. Queue5 and all the way up to queue 16 is serviced and then it comes
around back to voice
 customer queuing uses a round robin cubing schedular. So, once voice is processed
it becomes the turn of the second key. The scheduler doesn't come back to the first
queue or the voice queue until it's processed all the other queues.
 So, the problem with this method is it introduces delay, there is no priority for voice,
so voice traffic often gets delayed, which introduces delay and jitter and effects of
voice quality.
 So, neither FIFO, priority queueing or custom queuing are ideal for a modern
network.
 a Forth algorithm is way for queuing.
 This is an algorithm that divides the Internet bandwidth by the number of Flows,
thus trying to ensure proper distribution of the bandwidth for all applications. it
provides generally a good service for real time traffic, but they are no bandwidth
guarantees for particular flows and some Flows can actually stop other flows.

Queuing - WFQ and CBWFQ

So, in a Weighted Fair Queuing (WFQ) scheduling algorithm, packets are classified based on
flows rather than classes
 So, a flow classification would be done as an example and source and destination IP
address, the protocol and a port number.
 The idea with Weighted Fair queuing is that a weight is added to a flow based on
different criteria such as IP precedence or RSVP, which is a Resource Reservation
Protocol.
Weighted Fair Queuing however, prioritizes smaller packets over larger packets. So, it's a
fairer queuing algorithm in that it provides a better quality of service for small packets,
small packets are generally used for interactive sessions, says an example of voice packet
may only be 20 bytes in size whereas an FTP packet could be 1500 bytes in size.
 So, larger payloads or larger packets are generally sent by data applications
 Interactive applications such as telnet or ssh or voice tend to have smaller packets.
  So Weighted Fair Queuing prioritizes smaller packets over larger packets, and you
can increase that prioritizes by adding a weight to smaller packets based on IP
precedents as an example.
So, in brief a voice packet that's 20 bytes but has an IP precedence of 5 will appear to be
four bytes in size. In other words, 20 bytes divided by 5. It appears to be smaller and
therefore it prioritizes over large data packets. So uses clever scheduling algorithm to
prioritize smaller interactive packets which you can make appear even smaller by increasing
the IP precedence of the packet, so that smaller packets are transmitted to before larger
packets.
The problem with Weighted Fair Queuing is, it doesn't provide bandwidth guarantees. So as
an example, FTP could stop of HTTP traffic, data flows can starve out one another. So
therefore, Cisco developed Class-based Weighted Fair Queuing where you can guarantee
bandwidth to specific classes and to provide dynamic fairness of other flows.
So, Class-based Weighted Fair Queuing essentially allows you to create different classes
where you can specify a minimum bandwidth for specific classes of traffic, and Weighted
Fair Queuing could be used on the best effort class, to ensure that traffic is handled fairly in
the best effort class.

CBWFQ and LLQ

So, class-based weighted fair queueing ensure that traffic classes get fair bandwidth
guarantees. In other words, you can guarantee a minimum bandwidth to HTTP, a minimum
bandwidth to FTP, minimum bandwidth to voice traffic, video traffic and so on.
But there's no latency guarantees. In other words, there is no priority queue. class-based
weighted fair queueing is suitable only for data networks.
 So, Cisco developed a low latency queuing or LLQ Which to give you the full name is
priority queue Class based weighted for queuing.
 In other words, it's class-based weighted fair queueing with an added priority queue.
So, it takes the previous model of class-based weighted fair queueing and adds a
queue with strict priority for real time traffic.
 So, the idea is when packets arrive based on the Class or classification mechanism
that you decide, traffic is put into different classes.
 Voice traffic is put into the priority queue and is prioritize over other traffic types.
FTP, HTTP and other traffic type are put into their own classes with minimum
bandwidth guarantees.
 No to ensure that the priority queue doesn't starve, the other queues, the priority
queue has a minimum bandwidth guarantee but it's also policed. So, it also has a
maximum bandwidth limit.
 So, when you specify the priority of the low latency priority queue, that is actually a
minimum and maximum, which provides a minimum bandwidth guarantee for voice
but also ensure that voice doesn't starve the other traffic types.
Congestion Avoidance with WRED

Let's discuss ways to avoid congestion.

 The main mechanism that we'll discuss here is WRED or Weighted Random Early
Detection. WRED is a way to avoid congestion. But before we discuss WRED. let's
look at the problem.
 Queue on router and switches are finite. In other words, they can only hold or buffer
a certain number of packets. If it's a burst of traffic and the buffers are overrun. In
other words, there are more packets arriving, than can be transmitted and buffered
by a router or switch, it will start dropping packets
 when the queue fills up, all new packets arriving will be dropped, that's called tail
drop.
 As an analogy think of a bucket. The bucket is filling up with water packets. Once
the bucket is full or in the case of router or switch, the queue is full. Any new
packets that arrive are dropped because there's no space to buffer them or hold
them in memory.
 Now when tail drop is used, it results in wasted bandwidth, especially when using
TCP.
 Here is an example of what happens when tail drop is used and you've got lots of
TCP Flows, this 100 percent is 100 percent utilization of an interface.
 The Y-axis is utilization of an interface with 100 percent indicated by this line.
 X-axis is time. So, what happens is, if multiple flows start sending traffic and tail
drop occurs at this point. Packets from all flows are dropped.
 Now what happens with TCP is that, when packets are dropped. The TCP senders
slow down. In other words, they back off, they slow down and then they slowly
increase the window size again to increase the speed of forwarding.
 So, what happens is the utilization of interface goes down because the three
senders back off. In other words, they slow down.
 They then increase they will decide to increase the number of packets that they
are transmitting before getting an acknowledgement. But when the buffers are
full again, packets are dropped from all these flows including any new flows that
start sending traffic.
 So, in this case we have four and is backing off or slowing down.
 Again, they increase their window size and increase the number of packets that
they can transmit before getting an acknowledgement. And eventually it gets to
the point where the buffers of a router or switch are full again. Packets from all
flows are dropped so they all slow down.
 So, the problem is, when the bucket is full. Packets from multiple flows are being
received. There's no space to buffer them, so packets are dropped from all the flows,
all sender back off at the same time and then increase speed at the same time.
 So, you end up having what's called a global synchronization where multiple senders
are increasing their window size at the same time.
  they are slowing down at the same time,
 increasing the speed at the same time
 slowing down at the same time and so forth and so on over time.
 you'll never get full utilization of the interface.
 Now the idea with WRED and Congestion avoidance is you randomly drop packets
from multiple flows before the queue fills up. So, in other words before the bucket is
full or the cube is full you are ready dropping packets from flows, but you do that
randomly.
 So, you might drop a packet from Flow 1, which means flow one will slow down. But
while sender 1 is slowing down, sender 2 is increasing its speed because its packets
haven't been dropped.
 So, while one host is slowing down, another one is increasing its speed.
 This happens randomly. So, you've got some host increasing their speed and
some slowing down at the same time. Instead of all of them slowing down and
all of them speeding up at the same time.
 So, Cisco uses WRED, which introduces this randomness to allow a better utilization
of an interface’s bandwidths, because some are slowing down and some are
speeding up at the same time, which in aggregate gives you a better utilization of
the interface.
 So, the idea with WRED is you have a minimum threshold and a maximum threshold
 these values are below the size of the full Queue. So, the idea is, when the average
queue size average acute depth is below the minimum threshold no packets have
dropped
 when the average queue depth goes above the minimum threshold but is below the
maximum threshold. We have a random drops of packets, but when it goes over the
maximum threshold we have full drops of a traffic Class.
 The reason why we have “W” as an Weighted Random Early Detection is you can
weight this based on different classes. So, you can have different maximum
thresholds for different traffic classes. You may want to start dropping all FTP traffic
before you drop HTTP traffic. So, you can create a different minimum and maximum
threshold so that certain traffic types are tail dropped or fully dropped before other
traffic times.
 That can be based as an example an IP precedence or DSCP.
 So, the idea with WRED is we start dropping packets before the queue is full. We are
avoiding congestion by pre-selecting which packets get dropped and typically only
want to drop TCP packets because TCP Flows will retransmit.
 So, randomly dropping packets instead of tail dropping them avoids global
synchronization. Different TCP flows are increasing their speed while others are
slowing down. So, you get better utilization of a link.
 You also ensure that there is buffer space left for your voice packets. So, you will set
your maximum threshold low enough so that FTP packets are fully dropped, while
ensuring that they still space left in the buffer for voice traffic.
 So, in summary we have multiple quality of service mechanisms.
 We have classification and marking
 we have policing shaping and remarking
 we have congestion management or scheduling tools and
  we have a link specific tools such as link-fragmentation and interleaving
 the CCNA course is only an introduction to quality of service. Have a look at the
quality of service SRND guide for more information about quality of service and
good examples of how to apply quality of service on physical switches and routers.