Professional Documents
Culture Documents
https://cisco.box.com/v/CampusQoS
szigeti@cisco.com
Agenda
• Campus QoS Design Considerations and Best Practices
• Cisco Catalyst 2960-X QoS Design
• Cisco Catalyst 3650/3850 QoS Design
• Cisco Catalyst 4500 QoS Design
• Cisco Catalyst 6500/6800 QoS Design
• Cisco Nexus 7000/7700 QoS Design
• Campus WLAN QoS Design Considerations and Best Practices
• Cisco AireOS WLC AVC/QoS Design
• What are we doing to make this simpler?
• Summary and References
Campus QoS Design
Considerations and Best Practices
What Do You Consider First?
BRKRST-2046 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
Determining Business Relevance
How Important is an Application to Your Business?
BRKRST-2046 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
Translating Business-Relevance to QoS Policies
Apply RFC 4594-based Marking / Queuing / Dropping Treatments
Application Per-Hop Queuing & Application
Class Behavior Dropping Examples
VoIP Telephony EF Priority Queue (PQ) Cisco IP Phones (G.711, G.729)
Multimedia Conferencing AF4 BW Queue + DSCP WRED Cisco Jabber, Cisco WebEx
Multimedia Streaming AF3 BW Queue + DSCP WRED Cisco Digital Media System (VoDs)
Relevant
Network Control CS6 BW Queue EIGRP, OSPF, BGP, HSRP, IKE
Transactional Data AF2 BW Queue + DSCP WRED ERP Apps, CRM Apps, Database Apps
Bulk Data AF1 BW Queue + DSCP WRED E-mail, FTP, Backup Apps, Content Distribution
Irrelevant Scavenger CS1 Min BW Queue (Deferential) YouTube, Netflix, iTunes, BitTorrent, Xbox Live
BRKRST-2046 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
Translating Business-Relevance to QoS Policies
Apply RFC 4594-based Marking / Queuing / Dropping Treatments
Application Per-Hop Queuing & Application
Class Behavior Dropping Examples
VoIP Telephony EF Priority Queue (PQ) Cisco IP Phones (G.711, G.729)
Multimedia Conferencing AF4 BW Queue + DSCP WRED Cisco Jabber, Cisco WebEx
Multimedia Streaming AF3 BW Queue + DSCP WRED Cisco Digital Media System (VoDs)
Relevant
Network Control CS6 BW Queue EIGRP, OSPF, BGP, HSRP, IKE
Transactional Data AF2 BW Queue + DSCP WRED ERP Apps, CRM Apps, Database Apps
Bulk Data AF1 BW Queue + DSCP WRED E-mail, FTP, Backup Apps, Content Distribution
Irrelevant Scavenger CS1 Min BW Queue (Deferential) YouTube, Netflix, iTunes, BitTorrent, Xbox Live
BRKRST-2046 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
Start by Defining Your QoS Strategy
Articulate Your Business Intent, Relevant Applications and End-to-End Strategy
https://cisco.box.com/s/rprjqxtyzqvrbyy8keazk1gntefaxvql
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
The Case for Campus QoS
• The secondary role of QoS in campus networks is to condition traffic at the access
edge, which can include any of the following:
• Trust
• Classify and Mark
• Police
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
Why Is Video So Sensitive to Packet Loss?
1920 lines of Vertical Resolution (Widescreen Aspect Ratio is 16:9)
1080p60
1080 lines of Horizontal Resolution
1080 x 1920 lines =
= 2,985,984,000 bps
or 3 Gbps Uncompressed!
Cisco (H264/H.265) codecs transmit 3-5 Mbps per 1080p60 video stream
which represents over 99.8% compression (~ 1000:1)
Packet loss is proportionally magnified by compression ratios
Users can notice a single packet lost in 10,000—
Making HD Video One Hundred Times More Sensitive to Packet Loss than VoIP!
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
VoIP vs. HD Video—At the Packet Level
1000 1000
Bytes
200 200
Time
20 msec 33 msec© 2016 Cisco and/or its affiliates. All rights reserved. 13
Cisco Public
Campus QoS Design Considerations
How Long Can Queue-Buffers Accommodate Line-Rate Bursts?
GE Linecard Example Begin dropping at 11 ms
but overall utilization is only 1%!
140
Gbps Line Rate GE Linecard Example (WS-X6148)
120
100 Total Per-Port Buffer: 5.4 MB
KBytes Per ms
80
60 Total Per-Queue Buffer*: 1.35 MB
40
20 Gbps Line Rate: 1 Gbps = 125 MB/s
0 or 125 KB/ms
770
130
170
210
250
290
330
370
410
450
490
530
570
610
650
690
730
810
850
890
930
970
10
50
90
1400
1200
10 Gbps Line Rate 10 GE Linecard Example (WS-X6908)
1000
Total Per-Port Buffer: 90 MB
KBytes Per ms
800
600
Total Per-Queue Buffer*: 11.25 MB
400
200
Gbps Line Rate: 10 Gbps = 1.25 GB/s
0
or 1250 KB/ms
130
370
610
170
210
250
290
330
410
450
490
530
570
650
690
730
770
810
850
890
930
970
10
50
90
10GE Link
40GE Link
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
Oversubscription in the Campus GE Link
10GE Link
40GE Link
x 11
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
Oversubscription in the Campus GE Link
10GE Link
40GE Link
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
Oversubscription in the Campus GE Link
10GE Link
40GE Link
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Know Your Tools
• Catalyst and Nexus switch hardware
• Software and Syntax
• Global Default QoS Settings
• Trust States and Conditional Trust
• Logical vs. Physical Interface QoS
• Network Based Application Recognition (NBAR2)
• Domain Name System—Authoritative Source (DNS-AS)
• Ingress and Egress Queuing Models
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
Economy
Hardware Varies
American Version
2016 Cisco Live Las Vegas
Utility
Performance
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Economy
Hardware Varies
Italian Version
2015 Cisco Live Milan
Utility
Performance
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Economy
Hardware Varies
German Version
2016 Cisco Live Berlin
Utility
Performance
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Economy
Hardware Varies
Canadian Version
2015 Cisco Connect Toronto
Utility
Performance
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
Software and Syntax Variations
• Catalyst 2960-X / 3560 / 3750 are the last platforms to use Multilayer Switch QoS (MLS QoS)
• QoS is disabled by default and must be globally enabled with mls qos command
• Once enabled, all ports are set to an untrusted port-state
• Catalyst 3650/3850 and 4500 use IOS Modular QoS Command Line Interface (MQC)
• QoS is enabled by default
• All ports are trusted at layer 2 and layer 3 by default
• Catalyst 6500/6800 use Cisco Common Classification Policy Language (C3PL) QoS
• QoS is enabled by default (Sup2T) – Disabled by default (Sup720)
• All ports are trusted at layer 2 and layer 3 by default
• C3PL presents queuing policies similar to MQC, but as a defined “type” of policy
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Trust Boundary
Trust Boundary
Trust Boundary
Centrally-Administered &
Conditionally-Trusted Devices
mls qos trust device
• cisco-phone
• cts
• ip-camera
© 2016 Cisco and/or its•affiliates.
media-player
All rights reserved. Cisco Public
Conditional Trust
Trust Boundary Extension to Cisco Devices
Access Switch CoS-to-DSCP If a Cisco IP Phone is detected then the
Mapping Table trust boundary extends to the IP Phone
CoS 7 DSCP CS7 (56)
CoS 6 DSCP CS6 (48) The IP Phone sets CoS for Voice and
IP Phone CoS 5 DSCP EF (46)* Signaling and resets all else to 0
CoS Mapping Table CoS 4 DSCP CS4 (40)
CoS 6-7 CoS 0 CoS 3 DSCP CS3 (24)
CoS 2 DSCP CS2 (16) The access switch maps CoS-to-DSCP
Voice CoS 5
Signaling CoS 3 CoS 1 DSCP CS1 (8)
CoS 0-4 CoS 0 CoS 0 DSCP DF (0)
* Non-Default Mapping
Trust Boundary
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
Policy Enforcement Points (PEPs)
• The Policy Enforcement Point (PEP) is the edge where classification and marking policies are enforced
• The PEP may or may not be the same as the trust boundary
• Multiple PEPs may exist for different types of network devices
• e.g. switch PEP vs. router PEP
Note: For the sake of simplification, in this deck PEP will refer to
Trust Boundary
classification and marking policy enforcement points (only)
Switch Router and will not include other policy enforcement points (e.g. queuing).
PEP PEP
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Per-Port QoS vs. Per-VLAN QoS
Per-VLAN QoS
Per-Port QoS
Policy map is applied to the
logical VLAN interface
VLAN Interfaces VLAN Interfaces
VLAN 10 VLAN 20 VLAN 10 VLAN 20
interface Vlan 10
interface gig 1/1-48
service-policy input MARKING
service-policy input MARKING
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
Campus QoS Design Considerations
Per-Port/Per-VLAN QoS
VLAN Interfaces
DVLAN 10
VVLAN 110
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
Network Based Application Recognition (NBAR)
Intro/Overview: BRKCRS -1510 Prioritize Applications with Application Visibility and Control in Campus Network
Deep-Dive NBAR2 Operation: BRKRST-3057 The Blood and Guts and Gore of QoS
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
NBAR Protocol Packs (1400+ Applications)
BRKRST-3057 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
NBAR2 Scale & Performance Improvements
40% performance improvement in just 2 releases
NBAR2 Packet Processing
5%
Fast-Path
Processed
95%
Supported platforms: ISR-G2 (86x, 88x, 89x, 19xx, 29xx, 39xx), ISR 44xx, ASR1000, CSR 1000V,
WLC (2508, 8500, 7500, 55xx, 5760, 3850/5760 (AP based), IOS AP
ASA-CX
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
NBAR2 on Catalyst 3650/3850 Performance
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
NBAR2 Readiness Function (Targeted for IOS XE 16.5)
BRKRST-3057 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
DNS-Authoritative Source (DNS-AS)
What is DNS-AS?
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
DNS Lookup
DNS+Lookup:
TXT Record Request:
mail.timco.com
mail.timco.com
DNS-AS Operation TXT Record:
DNS A-Record:
172.16.0.7
mail.timco.com is 172.16.0.7
mail.timco.com
App ID = 378
1) Client requests a DNS Lookup App Class: BULK-DATA
Business Relevance: YES
2) Access Switch examines the DNS request
DNS
Server App
3) Internal DNS Server returns a DNS response (A-Record) Internal Server
Network
4) Access Switch requests application metadata information by
generating its own DNS query
5) Internal DNS Server returns application metadata
(A-Record + TXT Record)
6) Access Switch maintains a Binding Table of application metadata
VVLAN Yes
VoIP Classifier Mark EF VoIP Policer (<128 kbps) No
Drop
Yes
Signaling Classifier Mark CS3 Signaling Policer (<32 kbps) No
Drop
Yes
Multimedia Conferencing Classifier
Mark AF41 MM-Conf Policer (<5 Mbps) No
Drop
DVLAN Yes
Signaling Classifier Mark CS3 Signaling Policer (<32 kbps) No
Drop
Yes
Transactional Data Classifier Mark AF21 Trans-Data Policer (<10 Mbps) No
Remark to CS1
Yes
Bulk Data Classifier Mark AF11 Bulk Data Policer (<10 Mbps) No
Remark to CS1
Yes
Scavenger Classifier Mark CS1 Scavenger Policer (<10 Mbps) No
Drop
Yes
Best Effort (Class-Default) Mark DF Best Effort Policer (<10 Mbps) No
Remark to CS1
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
Catalyst Hardware Queuing
1P3Q1T Example
Each queue has 1 Drop Threshold
1 Priority Queue
(the tail of the queue)
3 Non-Priority
Queues
1P3Q1T © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
Catalyst Hardware Queuing
1P3Q1T Example
Interrupt
Resume
Scheduling
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
Weighted Tail Drop (WTD) Operation
3T WTD Example
Tail Front
of of
Queue Queue
Direction
of
Packet
Flow
Maximum WRED Thresholds for AF11, AF12 and AF13 are set to the tail of the queue in this example
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
EtherChannel QoS
• EtherChannels are comprised of logical (Port-Channel) interfaces and physical
(port-member) interfaces
• Ingress QoS policies are usually applied to the logical interfaces (but not always)
• Egress QoS policies (such as queuing) are always applied to the physical port-
member interfaces
Platform QoS Policies Applied to the QoS Policies Applied to the
(Logical) Port-Channel (Physical) Port-Member
Interface Interfaces
Catalyst 2960-X Ingress & Egress
Catalyst 3650/3850 Ingress & Egress
Catalyst 4500 Ingress Egress
Catalyst 6500 Ingress Egress
Cisco Nexus 7000/7700 Ingress & Egress
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Campus Port QoS Roles
Untrusted Endpoint:
• Port Set to Untrusted State
(or Explicit Policy to Mark to DSCP 0)
• [Optional Ingress Marking and/or Policing]
• [Ingress and] Egress Queuing
Trusted Port
• Trust DSCP
Conditionally-Trusted Endpoint
(Default on all non-MLS QoS platforms)
• Conditional-Trust with Trust-CoS or DSCP
• [Ingress and] Egress Queuing
• [Optional Ingress Marking and/or Policing]
• [Ingress and] Egress Queuing © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
Campus QoS Design—At-A-Glance
https://cisco.box.com/s/55ckd6hbpjj8b1q2ok67mxyc73mldnwp
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
Agenda
• Campus QoS Design Considerations and Best Practices
• Cisco Catalyst 2960 QoS Design
• Cisco Catalyst 3650/3850 QoS Design
• Cisco Catalyst 4500 QoS Design
• Cisco Catalyst 6500/6800 QoS Design
• Cisco Nexus 7000/7700 QoS Design
• Campus WLAN QoS Design Considerations and Best Practices
• Cisco AireOS WLC AVC/QoS Design
• What are we doing to make this simpler?
• Summary and References
Cisco Catalyst 2960-X
QoS Design
Catalyst 2960-X
QoS Roles in the Campus Access
No Trust +
Ingress Queuing +
Egress Queuing
Trust DSCP +
Ingress Queuing +
Egress Queuing
Conditional Trust +
Ingress Queuing +
C2960-X Egress Queuing
Access
Switch Classification/Marking +
[Optional Policing] +
Distribution Ingress Queuing +
Switches Egress Queuing
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
Catalyst 2960-X Note: Catalyst 2960-X is QoS compatible with
QoS Design Steps the Catalyst 3560 & 3750, with the following
exceptions:
1. Enable QoS • The Catalyst 3560 & 3750 support ingress
queuing policies, but the 2960-X does not.
2. Configure Ingress QoS Model(s): • Similarly, the Catalyst 3560 & 3750 support
Trust Models VLAN-based QoS policies, but the 2960-X
Conditional Trust Model does not.
Service Policy Models
Note: Catalyst 2960-X must be running a LAN
3. Configure Egress Queuing Base image to support the following QoS
features
• Policy maps
• Policing & marking
• Mapping tables
• Weighted Tail Drop (WTD)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
Catalyst 2960-X
Enabling QoS and Trust Models
Enabling QoS:
mls qos Shaded commands are global
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
Catalyst 2960-X
Conditional Trust Model Example
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
Catalyst 2960-X
Marking Policy Model Example
class-map match-all VOIP policy-map MARKING-POLICY
match access-group name VOIP class VOIP
class-map match-all MULTIMEDIA-CONFERENCING set dscp ef
match access-group name MULTIMEDIA-CONFERENCING class MULTIMEDIA-CONFERENCING
class-map match-all SIGNALING set dscp af41
match access-group name SIGNALING class SIGNALING
class-map match-all TRANSACTIONAL-DATA set dscp cs3
match access-group name TRANSACTIONAL-DATA class TRANSACTIONAL-DATA
class-map match-all BULK-DATA set dscp af21
match access-group name BULK-DATA class BULK-DATA
class-map match-all SCAVENGER set dscp af11
match access-group name SCAVENGER class SCAVENGER
set dscp cs1
class class-default
set dscp default
service-policy input MARKING-POLICY
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
Note: Remarking is performed by configuring a
policed-DSCP map with the global configuration
command mls qos map policed-dscp, which
Catalyst 2960-X specifies which DSCP values are subject to
remarking if out-of-profile and what value these
should be remarked as.
Marking & Policing Policy Example
In this example exceeding:
• Best Effort (DSCP 0)
mls qos map policed-dscp 0 10 18 to 8 • Bulk (AF11 / DSCP 10)
• Transactional Data (AF21 / DSCP 18)
[class-maps omitted for brevity] are remarked to Scavenger (CS1 / DSCP 8).
policy-map MARKING&POLICING
class VVLAN-VOIP [continued]
set dscp ef class BULK-DATA
police 128k 8000 exceed-action drop set dscp af11
class VVLAN-SIGNALING police 10m 8000 exceed-action policed-dscp-transmit
set dscp cs3 class SCAVENGER
police 32k 8000 exceed-action drop set dscp cs1
class MULTIMEDIA-CONFERENCING police 10m 8000 exceed-action drop
set dscp af41 class DEFAULT
police 5m 8000 exceed-action drop set dscp default
class SIGNALING police 10m 8000 exceed-action policed-dscp-transmit
set dscp cs3 service-policy input MARKING&POLICING
police 32k 8000 exceed-action drop
class TRANSACTIONAL-DATA
set dscp af21
police 10m 8000 exceed-action policed-dscp-transmit
…
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
Catalyst 2960-X
1P3Q3T Egress Queuing Model
Application DSCP 1P3Q3T
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
Catalyst 2960-X
1P3Q3T Egress Queuing Model Config—Part 2 of 2 If the packet enters the switch on a port
that is set to trust dscp then these
! This section configures egress DSCP-to-Queue mappings DSCP-to-Queue mappings will be used to
determine how the packet is queued on
mls qos srr-queue output dscp-map queue 1 threshold 3 32 40 46 egress
mls qos srr-queue output dscp-map queue 2 threshold 1 16 18 20 22
mls qos srr-queue output dscp-map queue 2 threshold 1 26 28 30 34 36 38
mls qos srr-queue output dscp-map queue 2 threshold 2 24
mls qos srr-queue output dscp-map queue 2 threshold 3 48 56
mls qos srr-queue output dscp-map queue 3 threshold 3 0
mls qos srr-queue output dscp-map queue 4 threshold 1 8
mls qos srr-queue output dscp-map queue 4 threshold 2 10 12 14
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
Catalyst 2960-X QoS Design At-A-Glance
https://cisco.box.com/s/piu1vbsrg1vrnavemvqqlvwq9xqji64x
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
Catalyst 3650/3750 QoS Design At-A-Glance
https://cisco.box.com/s/zh9b5k1sqh91pp96rb27vwiotlu8ypdf
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
Agenda
• Campus QoS Design Considerations and Best Practices
• Cisco Catalyst 2960-X QoS Design
• Cisco Catalyst 3650/3850 QoS Design
• Cisco Catalyst 4500 QoS Design
• Cisco Catalyst 6500/6800 QoS Design
• Cisco Nexus 7000/7700 QoS Design
• Campus WLAN QoS Design Considerations and Best Practices
• Cisco AireOS WLC AVC/QoS Design
• What are we doing to make this simpler?
• Summary and References
Cisco Catalyst 3650/3850
QoS Design
Catalyst 3650/3850
QoS Roles in the Campus Access
No Trust +
Egress Queuing
Trust DSCP +
C3650/3850 Egress Queuing
Access
Switch Conditional Trust +
Egress Queuing
Classification/Marking +
[Optional Policing] +
Egress Queuing
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
Catalyst 3650/3850
QoS Design Steps
1. Configure Ingress QoS Model(s):
Trust DSCP Model*
Conditional Trust Models (wired ports only)
Service Policy Models (wired or wireless ports)
*Note: Catalyst 3650/3850 IOS MQC trusts all wired ports by default
Prior to IOS XE 3.3, wireless ports were set to an untrusted state by default.
However, this default setting can be globally disabled with the following command:
no qos wireless-default-untrust
Beginning with IOS XE 3.3, wireless ports are also trusted by default
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
Catalyst 3650/3850 Only match-any is supported
(i.e. match-all is not supported)
Conditional Trust Models
Conditional-Trust
Cisco IP Phone (Cisco IP Phone)
Conditional TrustExample:
Example
class-map match-any VOICE CoS
CoSmust
mustbebe
match cos 5 matched
matchedasasCisco
Conditional-Trust Models: class-map match-any SIGNALING
Cisco
IP
IPPhones
Phonesonly
only
interface GigabitEthernet 1/0/1 match cos 3 remark
remarkat
atLayer
Layer22
trust device cisco-phone [or]
trust device cts [or] policy-map CISCO-IPPHONE
trust device ip-camera [or] class VOICE
trust device media-player set dscp ef
class SIGNALING
set dscp cs3
class class-default
Only one type of device can be configured for set dscp default
conditional trust on an interface at a given time
interface GigabitEthernet 1/0/1
trust device cisco-phone
service-policy input CISCO-IPPHONE
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
Catalyst 3650/3850
Classification Options
Presentation ID © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
match protocol enables NBAR2 classification
Catalyst 3650/3850 IOS XE 16.3 Note: Up to 16 match protocol statements are
supported per class-map
Configuring NBAR2 QoS Policies policy-map NBAR-MARKING
class-map match-any VOICE class VOICE
match protocol cisco-phone set dscp ef
match protocol cisco-jabber-audio class BROADCAST-VIDEO
match protocol ms-lync-audio set dscp cs5
match protocol citrix-audio class REAL-TIME-INTERACTIVE
class-map match-any BROADCAST-VIDEO set dscp cs4
match protocol cisco-ip-camera class CALL-SIGNALING
class-map match-any REAL-TIME-INTERACTIVE set dscp cs3
match protocol telepresence-media class TRANSACTIONAL-DATA
class-map match-any CALL-SIGNALING set dscp af21
match protocol skinny class BULK-DATA
match protocol telepresence-control set dscp af11
class-map match-any TRANSACTIONAL-DATA class SCAVENGER
match protocol citrix set dscp cs1
match protocol sap class class-default
class-map match-any BULK-DATA set dscp default
match protocol attribute category email
match protocol attribute category file-sharing Note:
Note: Multiple
Multiple application
application protocols
protocols can
can be
be
match protocol attribute sub-category backup-systems identified using attributes, including:
identified using attributes, including:
class-map match-any SCAVENGER •• category
category
match protocol attribute category gaming •• sub-category
sub-category
match protocol attribute application-group skype-group •• application-group
application-group More to come!66
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Holy Grail QoS Configuration: NBAR2 1400+ App / 12-Class Model
class-map match-all VOICE
match protocol attribute traffic-class voip-telephony policy-map MARKING
match protocol attribute business-relevance business-relevant class VOICE
class-map match-all BROADCAST-VIDEO set dscp ef
match protocol attribute traffic-class broadcast-video class BROADCAST-VIDEO
match protocol attribute business-relevance business-relevant set dscp cs5
class-map match-all REAL-TIME-INTERACTIVE class REAL-TIME-INTERACTIVE
match protocol attribute traffic-class real-time-interactive set dscp cs4
match protocol attribute business-relevance business-relevant class MULTIMEDIA-CONFERENCING
class-map match-all MULTIMEDIA-CONFERENCING set dscp af41
match protocol attribute traffic-class multimedia-conferencing class MULTIMEDIA-STREAMING
match protocol attribute business-relevance business-relevant set dscp af31
class-map match-all MULTIMEDIA-STREAMING
class SIGNALING
match protocol attribute traffic-class multimedia-streaming
set dscp cs3
match protocol attribute business-relevance business-relevant
class-map match-all SIGNALING
class NETWORK-CONTROL
match protocol attribute traffic-class signaling set dscp cs6
match protocol attribute business-relevance business-relevant class NETWORK-MANAGEMENT
class-map match-all NETWORK-CONTROL set dscp cs2
match protocol attribute traffic-class network-control class TRANSACTIONAL-DATA
match protocol attribute business-relevance business-relevant set dscp af21
class-map match-all NETWORK-MANAGEMENT class BULK-DATA
match protocol attribute traffic-class ops-admin-mgmt set dscp af11
match protocol attribute business-relevance business-relevant class SCAVENGER
class-map match-all TRANSACTIONAL-DATA set dscp cs1
match protocol attribute traffic-class transactional-data class class-default
match protocol attribute business-relevance business-relevant set dscp default
class-map match-all BULK-DATA
match protocol attribute traffic-class bulk-data
match protocol attribute business-relevance business-relevant Already supported on IOS/IOS XE Routers
class-map match-all SCAVENGER
match protocol attribute business-relevance business-irrelevant Coming soon for Catalyst 3650/3850
IOS XE 16.5 (Spring 2017)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
All markdown and/or
Catalyst 3650/3850 mapping operations
are configured
through table-maps
Marking & Policing Policy Example—Part 1 of 2
policy-map MARKING&POLICING …[continued]
class VVLAN-VOIP class TRANSACTIONAL-DATA
set dscp ef set dscp af21 table-map TABLE-MAP
police 128k police 10m map from 0 to 8
conform-action transmit conform-action transmit map from 10 to 8
exceed-action drop exceed-action TABLE-MAP map from 18 to 8
class VVLAN-SIGNALING class BULK-DATA
set dscp cs3 set dscp af11
police 32k police 10m
conform-action transmit conform-action transmit
exceed-action drop exceed-action TABLE-MAP
class MULTIMEDIA-CONFERENCING class SCAVENGER
set dscp af41 set dscp cs1 Policing to remark traffic
police 5m police 10m is done by referencing
conform-action transmit conform-action transmit the previously-configured
exceed-action drop exceed-action drop table-map
class SIGNALING class class-default
set dscp cs3 set dscp default
police 32k police 10m
conform-action transmit conform-action transmit
exceed-action drop exceed-action TABLE-MAP
… Policers can may be set to either remark or drop excess traffic
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 68
Catalyst 3650/3850
Per-Port/Per-VLAN Policy
class-map VVLAN
match vlan 110 Individual
Individual (trunked)
(trunked) VLANs
VLANs are
are
class-map DVLAN matched
matched byby the
the match
match vlan
vlan command
command
match vlan 10
policy-map VLAN-POLICERS
class VVLAN
police 192k
conform-action transmit exceed-action drop Policers are applied on a per-VLAN
Policers are applied on a Per-VLAN basis
class DVLAN basis
police 50m
conform-action transmit exceed-action drop
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 69
Catalyst Hardware Queuing PQ1
Interrupt
Scheduling
Interrupt
Scheduling
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 70
Catalyst 3650/3850
2P6Q3T with Weighted Tail Drop (WTD) Wired Port Egress Queuing Model
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 71
Catalyst 3650/3850
2P6Q3T+WTD Wired Port Egress Queuing Config – Part 1of 2
class-map match-any VOICE-PQ1 Note: On platforms with shared buffer and TCAM
match dscp ef architectures (2960/3560/3750/3650/3850/4500),
class-map match-any VIDEO-PQ2 show policy-map interface commands do not report
match dscp cs4 per-port packets or byte-counters.
match dscp cs5 This is a limitation of shared hardware architectures.
class-map match-any CONTROL-MGMT-QUEUE
match dscp cs7 cs6 cs3 cs2
class-map match-any MULTIMEDIA-CONFERENCING-QUEUE
match dscp af41 af42 af43
class-map match-any MULTIMEDIA-STREAMING-QUEUE
match dscp af31 af32 af33
class-map match-any TRANSACTIONAL-DATA-QUEUE
match dscp af21 af22 af23
class-map match-any SCAVENGER-BULK-DATA-QUEUE
match dscp cs1 af11 af12 af13
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 72
Catalyst 3650/3850 If a PQ is enabled then
2P6Q3T+WTD Wired Port Egress Queuing Config – Part 2 of 2 non-PQs must use
bandwidth remaining
policy-map 2P6Q3T Two-levels of priority [continued]
class VOICE-PQ1 queuing are supported class MULTIMEDIA-STREAMING-QUEUE
priority level 1 bandwidth remaining percent 10 Allocates
police rate percent 10 queue-buffers ratio 10 buffers to
class VIDEO-PQ2 queue-limit dscp af33 percent 80 non-PQs
priority level 2 queue-limit dscp af32 percent 90
police rate percent 20 queue-limit dscp af31 percent 100
class CONTROL-MGMT-QUEUE class TRANSACTIONAL-DATA-QUEUE
bandwidth remaining percent 10 bandwidth remaining percent 10
queue-buffers ratio 10 queue-buffers ratio 10
class MULTIMEDIA-CONFERENCING-QUEUE queue-limit dscp af23 percent 80 Tunes WTD
bandwidth remaining percent 10 queue-limit dscp af22 percent 90 WTD
to better
to
queue-buffers ratio 10 queue-limit dscp af21 percent 100 align to an
queue-limit dscp af43 percent 80 class SCAVENGER-BULK-DATA-QUEUE AF PHB
queue-limit dscp af42 percent 90 bandwidth remaining percent 5
queue-limit dscp af41 percent 100 queue-buffers ratio 10
… queue-limit dscp values af13 cs1 percent 80
queue-limit dscp values af12 percent 90
queue-limit dscp values af11 percent 100
interface range GigabitEthernet 1/0/1-48 class class-default Needed if >3
service-policy output 2P6Q3T bandwidth remaining percent 25 DSCPs are
queue-buffers ratio 25 mapped to WTD
thresholds
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
This feature is explained in detail in BRKRST-3057 “The Blood and Guts and Gore of QoS”
Queue-Soft-Multiplier Function
policy-map 50MBPS-SHAPER
class class-default Defines the sub-line rate (CIR)
shape average 50000000
service-policy 2P6Q3T Provides back-pressure to the system to
interface GigabitEthernet 1/0/1 engage the (previously-defined) queuing
service-policy output 50MBPS-SHAPER policy, so that packets are properly
prioritized within the sub-line rate
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 75
Catalyst 3650/3850 QoS Design—At-A-Glance
https://cisco.box.com/s/59zvfbxza76iptay6u620bn1w9unm7ak
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 76
NBAR QoS Attributes AAG
https://cisco.box.com/s/3jxd2439e1rhu6zjh9q4d0uxcpf734n9
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Agenda
• Campus QoS Design Considerations and Best Practices
• Cisco Catalyst 2960-X QoS Design
• Cisco Catalyst 3650/3850 QoS Design
• Cisco Catalyst 4500 QoS Design
• Cisco Catalyst 6500/6800 QoS Design
• Cisco Nexus 7000/7700 QoS Design
• Campus WLAN QoS Design Considerations and Best Practices
• Cisco AireOS WLC AVC/QoS Design
• What are we doing to make this simpler?
• Summary and References
Cisco Catalyst 4500
QoS Design
Catalyst 4500
QoS Roles in the Campus Distribution
Trust DSCP +
Egress Queuing
Core Switches
Access
Switches Catalyst 4500
Distribution
Switches
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 80
Catalyst 4500
QoS Design Steps
1. Configure Ingress QoS Model(s):
DSCP-Trust Model*
Conditional Trust Model
Service Policy Models
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 81
Catalyst 4500
Conditional Trust Example
class-map match-all VOICE
match cos 5 Catalyst 4500 supports both match-all (logical AND)
class-map match-all SIGNALING and match-any (logical OR) operators
match cos 3
policy-map CISCO-IPPHONE
class VOICE
set dscp ef
class SIGNALING
set dscp cs3
class class-default
set dscp default
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 82
Catalyst 4500
Classification Options
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 83
IOS 15.2(5)E
Catalyst 4500 IOS XE 3.9.0E
DNS-AS Classification & Marking Policy Example (Part 1 of 2)
! Enables DNS-AS
avc dns-as client enable
!
avc dns-as client trusted-domains
domain ^.*f1.*$
Identifies domains from which metadata may be
domain ^.*cisco.*$ received and trusted for policy-purposes
domain *.toocoolforyou.net
domain *.sontowski.de
domain *.pension-solutions.de
domain *.bav-spezialist.de
domain *.sontowski-immobilien.de Configures basic DNS lookup-info
domain *.pegasus-cp.de
domain *.via-vorsorge.de
domain *.blackberry.net
domain *.eu.blackberry.net
domain *.evorsorge.de ip domain round-robin
domain *.dns-as.org ip domain-list toocoolforyou.net
domain *.nbar2web.org ip domain-lookup source-interface Loopback0
domain *.f1-consult.com ip domain-name toocoolforyou.net
domain *.f1-consult.de ip name-server 192.168.167.244
domain *.f1-online.net ip name-server 192.168.168.244
domain *.f1v4.net
domain *.f1v6.net
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 84
Catalyst 4500 DNS-AS Classification & Marking Example (Part 2 of 2) IOS 15.2(5)E
class-map match-all VOICE Same ‘Holy Grail’ classification policy as on
match protocol attribute traffic-class voip-telephony other router/switch platforms IOS XE 3.9.0E
match protocol attribute business-relevance business-relevant
class-map match-all BROADCAST-VIDEO
match protocol attribute traffic-class broadcast-video
policy-map MARKING
match protocol attribute business-relevance business-relevant
class VOICE
class-map match-all REAL-TIME-INTERACTIVE
set dscp ef
match protocol attribute traffic-class real-time-interactive
class BROADCAST-VIDEO
match protocol attribute business-relevance business-relevant
set dscp cs5
class-map match-all MULTIMEDIA-CONFERENCING
class REAL-TIME-INTERACTIVE
match protocol attribute traffic-class multimedia-conferencing
set dscp cs4
match protocol attribute business-relevance business-relevant
class MULTIMEDIA-CONFERENCING
class-map match-all MULTIMEDIA-STREAMING
set dscp af41
match protocol attribute traffic-class multimedia-streaming
class MULTIMEDIA-STREAMING
match protocol attribute business-relevance business-relevant
set dscp af31
class-map match-all SIGNALING
class SIGNALING
match protocol attribute traffic-class signaling
set dscp cs3
match protocol attribute business-relevance business-relevant
class NETWORK-CONTROL
class-map match-all NETWORK-CONTROL
set dscp cs6
match protocol attribute traffic-class network-control
class NETWORK-MANAGEMENT
match protocol attribute business-relevance business-relevant
set dscp cs2
class-map match-all NETWORK-MANAGEMENT
class TRANSACTIONAL-DATA
match protocol attribute traffic-class ops-admin-mgmt
set dscp af21
match protocol attribute business-relevance business-relevant
class BULK-DATA
class-map match-all TRANSACTIONAL-DATA
set dscp af11
match protocol attribute traffic-class transactional-data
class SCAVENGER
match protocol attribute business-relevance business-relevant
set dscp cs1
class-map match-all BULK-DATA
class class-default
match protocol attribute traffic-class bulk-data
set dscp default
match protocol attribute business-relevance business-relevant
class-map match-all SCAVENGER
match protocol attribute business-relevance business-irrelevant © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Catalyst 4500
Marking & Policing Policy Example
policy-map MARKING&POLICING class BULK-DATA
class VOIP police 10m bc 8000
police 128k bc 8000 conform-action set-dscp-transmit af11
conform-action set-dscp-transmit ef exceed-action set-dscp-transmit af12
exceed-action drop class SCAVENGER
class SIGNALING police 10m bc 8000
police 32k bc 8000 conform-action set-dscp-transmit cs1
conform-action set-dscp-transmit cs3 exceed-action drop
exceed-action drop class class-default
class MULTIMEDIA-CONFERENCING police 10m bc 8000
police 5m bc 8000 conform-action set-dscp-transmit default
conform-action set-dscp-transmit af41 exceed-action set-dscp-transmit cs1
exceed-action set-dscp-transmit af42
class TRANSACTIONAL-DATA interface GigabitEthernet 3/1
police 10m bc 8000 service-policy input MARKING&POLICING
conform-action set-dscp-transmit af21
exceed-action set-dscp-transmit af22
Marking/remarking is configured as part of the policing action
(i.e. no table-map or markdown-map is referenced)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 86
Catalyst 4500
Per-Port/Per-VLAN QoS Policy Example
interface range GigabitEthernet 2/1-48
qos trust device cisco-phone
vlan 10 Per-Port/Per-VLAN policies can be applied to
service-policy input DVLAN-POLICERS a specific VLAN on a trunked interface via an
vlan 110 interface-VLAN
via an interface-VLAN
configuration
configuration
mode mode
service-policy input VVLAN-POLICERS
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 87
Catalyst 4500
1P7Q1T+Dynamic Buffer Limiting (DBL) Egress Queuing Model
Application DSCP 1P7Q1T (+DBL)
https://cisco.box.com/s/o59teb64t4zxwdrfadz1kngv4eorucwe
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 90
DNS-AS At-A-Glance
https://cisco.box.com/s/bhkegry3mwuugqxnktusq327daegvwpt
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 91
Agenda
• Campus QoS Design Considerations and Best Practices
• Cisco Catalyst 2960-X QoS Design
• Cisco Catalyst 3650/3850 QoS Design
• Cisco Catalyst 4500 QoS Design
• Cisco Catalyst 6500/6800 QoS Design
• Cisco Nexus 7000/7700 QoS Design
• Campus WLAN QoS Design Considerations and Best Practices
• Cisco AireOS WLC AVC/QoS Design
• What are we doing to make this simpler?
• Summary and References
Cisco Catalyst 6500 & 6800
QoS Design
Cisco Catalyst 6500/6800
QoS Roles in the Campus Core
Catalyst 6500/6800
Core Switches
Trust DSCP
+ Ingress Queuing
+ Egress Queuing
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 94
Cisco Catalyst 6500/6800
QoS Design Steps
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 95
All Catalyst 6500-Sup2T
Cisco Catalyst 6500/6800 Queuing Models are detailed
in the Appendix
2P6Q4T (Ingress & Egress Queuing Models—DSCP-to-Queue
Application-Class DSCP 2P6Q4T
Ingress and Egress
queuing models
Network Control (CS7) Voice-PQ1 varies by line
EF card/module.
(Priority Level 1)
Internetwork Control CS6
Default Queue
Best Effort DF DF
(WRED)
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/config_guide/sup2T/15_1_sy_swcg_2T/qos_policy_based_queueing.html
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 96
Unless specified otherwise, the
default C3PL class-map and
Cisco Catalyst 6500/6800—2P6Q4T Model policy-map type is qos
(classification, marking, policing)
Part 1 of 3—Common Ingress & Egress Queuing Class-Maps
class-map type lan-queuing match-all VOICE-PQ1 Class-maps and policy-maps
match dscp ef used for ingress and/or egress
class-map type lan-queuing match-all VIDEO-PQ2 queuing policies must be explicitly
match dscp cs4 cs5 configured as type lan-queuing
class-map type lan-queuing match-all CONTROL-MGMT-QUEUE
match dscp cs2 cs3 cs6 cs7
class-map type lan-queuing match-all MULTIMEDIA-CONFERENCING-QUEUE
match dscp af41 af42 af43
class-map type lan-queuing match-all MULTIMEDIA-STREAMING-QUEUE
match dscp af31 af32 af33
class-map type lan-queuing match-all TRANSACTIONAL-DATA-QUEUE
match dscp af21 af22 af23
class-map type lan-queuing match-all SCAVENGER-BULK-DATA-QUEUE
match dscp cs1 af11 af12 af13
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 98
Cisco Catalyst 6500/6800—2P6Q4T Model
Part 3 of 3—2P6Q4T Queuing Policy-Map (continued)
[continued]
class TRANSACTIONAL-DATA-QUEUE
bandwidth remaining percent 10
random-detect dscp-based
random-detect dscp af21 percent 80 100
random-detect dscp af22 percent 70 100
random-detect dscp af23 percent 60 100
class BULK-DATA-QUEUE
bandwidth remaining percent 5
random-detect dscp-based
random-detect dscp af11 percent 80 100
random-detect dscp af12 percent 70 100
random-detect dscp cs1 percent 50 100
class class-default
random-detect dscp-based
random-detect dscp default percent 80 100
service-policy type lan-queuing input 2P6Q4T
service-policy type lan-queuing output 2P6Q4T
https://cisco.box.com/s/wg249lub38h7eemp8tj9d9s5srctuztw
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 100
Cisco Catalyst 6500-Sup720 QoS Design At-A-Glance
https://cisco.box.com/s/b0kb6w0rymxk3ylh9bemlwnf7awt0b0i
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 101
Agenda
• Campus QoS Design Considerations and Best Practices
• Cisco Catalyst 2960-X QoS Design
• Cisco Catalyst 3650/3850 QoS Design
• Cisco Catalyst 4500 QoS Design
• Cisco Catalyst 6500/6800 QoS Design
• Cisco Nexus 7000/7700 QoS Design
• Campus WLAN QoS Design Considerations and Best Practices
• Cisco AireOS WLC AVC/QoS Design
• What are we doing to make this simpler?
• Summary and References
Cisco Nexus 7000/7700
QoS Design
Cisco Nexus 7000/7700
QoS Roles in the Campus Core
Trust DSCP
+ Ingress Queuing
+ Egress Queuing
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 104
Cisco Nexus 7000/7700
QoS Design Steps
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 105
Cisco Nexus 7700 (F-Series)
4Q1T Ingress Queuing (CoS-to-Queue) Model
Application DSCP CoS 4Q1T
Network Control (CS7) CoS 7
CoS 7 8e-4q8q-in-q1
Internetwork Control CS6 CoS 6 Bandwidth 30%
CoS 6
VoIP EF CoS 5 Queue-Limit 10%
CoS 5
Broadcast Video CS5
Multimedia Conferencing AF4 8e-4q8q-in-q-default
CoS 4 Bandwidth 25%
Realtime Interactive CS4 CoS 0
Queue-Limit 30%
Multimedia Streaming AF3
CoS 3
Signaling CS3
CoS 4 8e-4q8q-in-q3
Transactional Data AF2
CoS 2 CoS 3 Bandwidth 40%
Network Management CS2 Queue-Limit 30%
CoS 2
Bulk Data AF1
CoS 1
Scavenger CS1 8e-4q8q-in-q4
Best Effort DF DF CoS 1 Bandwidth 5%
Queue-Limit 30%
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 106
Cisco Nexus 7700 (F-Series)
4Q1T Ingress Queuing (DSCP-to-Queue) Model
Application DSCP 4Q1T
Network Control (CS7) CS7
CS6 8e-4q8q-in-q1
Internetwork Control CS6 EF Bandwidth 30%
VoIP EF CS5 Queue-Limit 10%
CS4
Broadcast Video CS5
Multimedia Conferencing AF4 8e-4q8q-in-q-default
Realtime Interactive CS4 DF Bandwidth 25%
Queue-Limit 30%
Multimedia Streaming AF3
Signaling CS3 AF4
AF3 8e-4q8q-in-q3
Transactional Data AF2
CS3 Bandwidth 40%
Network Management CS2 AF2 Queue-Limit 30%
Bulk Data AF1 CS2
Scavenger CS1 8e-4q8q-in-q4
AF1
Best Effort DF Bandwidth 5%
CS1
Queue-Limit 30%
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 107
Cisco Nexus 7700 (F-Series) Similar to C3PL, NX-OS allows for
multiple types of QoS policies:
Part 1 of 2: 4Q1T-Ingress Queuing Class-Maps • type qos for classification,
marking and policing
• type queuing for ingress and
egress queuing
class-map type queuing match-any 8e-4q8q-in-q1
match cos 5-7
no match dscp 40-63 Undesired default DSCP-to-
match dscp 32, 40, 46, 48, 56 Ingress Queue mappings
class-map type queuing match-any 8e-4q8q-in-q3 need to be explicitly removed
match cos 2-4
match dscp 16, 18, 20, 22
match dscp 24, 26, 28, 30
match dscp 34, 36, 38 NX-OS has (non-configurable)
class-map type queuing match-any 8e-4q8q-in-q4 system-defined names for
match cos 1 queuing class-maps
match dscp 8, 10, 12, 14
class-map type queuing match-any 8e-4q8q-in-q-default
match cos 0
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 108
Cisco Nexus 7700 (F-Series)
Part 2 of 2: 4Q1T-Ingress Queuing Policy-Map
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 109
Cisco Nexus 7700 (F-Series)
1P7Q1T Egress Queuing (CoS-to-Queue) Model
Application DSCP CoS 1P7Q1T
VoIP EF CoS 4
CoS 5 CoS 3 8e-4q8q-out-q2
Broadcast Video CS5 BWR 55%
CoS 2
Multimedia Conferencing AF4
CoS 4 CoS 1 8e-4q8q-out-q3
Realtime Interactive CS4 BWR 10%
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 110
Cisco Nexus 7700 (F-Series)
Note: Q1 is the
Part 1 of 2: 1P7Q1T Egress Queuing Class-Maps Priority Queue
Note: CoS 0
Note: Modifies the default implicitly mapped to
CoS-to-Queue mappings the default queue
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 111
Cisco Nexus 7700 (F-Series)
Part 2 of 2: 1P7Q1T Egress Queuing Policy-Map
policy-map type queuing CAMPUS-F3-1P7Q1T-EGRESS
Note: Queue-Limits
class type queuing 8e-4q8q-out-q1
priority level 1 are not supported in
shape average percent 30 egress direction
class type queuing 8e-4q8q-out-q2
bandwidth remaining percent 55
class type queuing 8e-4q8q-out-q3
bandwidth remaining percent 10
class type queuing 8e-4q8q-out-q4
bandwidth remaining percent 1 A
A four-queue
four-queue egress
egress QoSQoS
class type queuing 8e-4q8q-out-q5 model
model isis used
used to
to align
align to
to
bandwidth remaining percent 1 the
the 4-queue
4-queue Ingress
Ingress and
and
class type queuing 8e-4q8q-out-q6 Fabric
Fabric QoS
QoS Models.
Models.
bandwidth remaining percent 1
class type queuing 8e-4q8q-out-q7
bandwidth remaining percent 1 Banwidth
Banwidth remaining
remaining
class type queuing 8e-4q8q-out-q-default percent
percent 11 is
is the
the minimum
minimum
bandwidth remaining percent 31 bandwidth
bandwidth allotment.
allotment.
interface Ethernet 1/1-24
service-policy type queuing output CAMPUS-F3-1P3Q1T-EGRESS
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 112
Cisco Nexus 7700 QoS Design At-A-Glance
https://cisco.box.com/s/16ub7n5o56q0cdvuku62lfrnufdpe04a
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 113
Agenda
• Campus QoS Design Considerations and Best Practices
• Cisco Catalyst 2960-X QoS Design
• Cisco Catalyst 3650/3850 QoS Design
• Cisco Catalyst 4500 QoS Design
• Cisco Catalyst 6500/6800 QoS Design
• Cisco Nexus 7000/7700 QoS Design
• Campus WLAN QoS Design Considerations and Best Practices
• Cisco AireOS WLC AVC/QoS Design
• What are we doing to make this simpler?
• Summary and References
Campus WLAN QoS Design
Considerations and Best Practices
The Case for Wireless QoS
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 116
Wireless QoS-Specific Limitations
• No priority servicing LAN QoS WLAN QoS
• No bandwidth guarantees
• Non-deterministic media access
• Only 4 levels of service
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 117
WLAN QoS Improvements Quantified
Application Original Metric Improved Metric Percentage
Improvement
Voice 15 ms max jitter 5 ms max jitter 300%
3.92 MOS 4.2 MOS
(Cellular Quality) (Toll Quality)
Video 9 fps 14 fps 55%
Visual MOS: Visual MOS:
Good Excellent
Transactional Data 14 ms latency 2 ms latency 700%
http://www.cisco.com/en/US/prod/collateral/wireless/cisco_avc_application_improvement.pdf
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 118
Know Your Tools
• IEEE 802.11
• User Priorities (UP)
• Access Categories (AC)
• Arbitration Inter-frame Spacing (AIFS)
• Contention Windows (CW)
• Enhanced Distributed Coordination Function (EDCF)
• DSCPUP Mapping
• Trust Boundaries
• Policy-Enforcement Points
• Application Visibility and Control (AVC)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 119
IEEE 802.11 User Priority (UP)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 120
IEEE 802.11 UP Values and Access Categories
802.11e 802.11 WMM Cisco AireOS WLC
UP Value Access Category Designation Designation
7 AC_VO Voice Platinum
6
5 AC_VI Video Gold
4
3 AC_BE Best Effort Silver
0
2 AC_BK Background Bronze
1
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 121
IEEE 802.11 Arbitration Inter-Frame Spacing (AIFS)
and Contention Windows (CW)
• due to the nature of wireless as a shared media, a Congestion Avoidance algorithm (CSMA/CA) must be utilized
• wireless senders have to wait a fixed amount of time (the AIFS)
• wireless senders also have to wait a random amount of time (the Contention Window)
• AIFS and Contention Window timers vary by Access Category
Video 2 Video 7 15
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 122
EDCF Operation
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 123
Downstream DSCP-to-UP Default Mapping
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Default DSCP-to-UP Mapping Table
DSCP 802.11 UP WLC QoS Profile
56-63 7 Platinum
(Voice)
48-55 6
IETF PHB for VoIP: EF 40-47 46 5 Gold
(Video)
32-39 4
24-31 3 Silver
(Best Effort)
0-7 0
16-23 2 Bronze
(Background)
8-15 1
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 125
Default IETF DSCP to IEEE 802.11 UP Mapping
Sub-Optimal QoS Design Example
4-Class Enterprise Model Four-Class Wireless Model
Based on IETF 4594
DSCP Based on IEEE 802.11e
UP 7 Voice
Voice EF Access
UP 6 Category
UP 5 Video
Signaling CS3 Access
UP 4 Category
UP 3 Best Effort
Transactional Data AF2 Access
UP 0 Category
Background
UP 2
Best Effort DF Access
UP 1
Category
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 126
Downstream DSCP-to-UP Mapping Model
Ratified Cisco Consensus Model (June 2015)
Key Point:
Radio Upstream
QoS requires the
device to set UP
markings correctly 3-Bit UP 6-Bit DSCP
First 3 Bits are copied
Last 3 Bits are zeroed-out
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Upstream DSCP Trust Model
https://tools.ietf.org/html/draft-ietf-tsvwg-ieee-802-11-00
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco WLAN QoS Design At-A-Glance
https://cisco.box.com/s/63d6fnpb9da37ga6qast2uomxwhbeqla
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 131
Agenda
• Campus QoS Design Considerations and Best Practices
• Cisco Catalyst 2960-X QoS Design
• Cisco Catalyst 3650/3850 QoS Design
• Cisco Catalyst 4500 QoS Design
• Cisco Catalyst 6500/6800 QoS Design
• Cisco Nexus 7000/7700 QoS Design
• Campus WLAN QoS Design Considerations and Best Practices
• Cisco AireOS WLC AVC/QoS Design
• What are we doing to make this simpler?
• Summary and References
Cisco AireOS WLC
AVC/QoS Design
Cisco AireOS WLC
QoS Roles in the Wireless LAN
CAPWAP Tunnel
AireOS WLC
Trust Boundary
PEP
With AireOS 8.1MR+ the
trust-boundary can be
extended to the AP © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 134
Cisco AireOS WLC
QoS Design Steps
1. Select and Tune the WLAN QoS Profile
2. Configure an AVC Profile
3. Apply the QoS and AVC Profile to the WLAN and Enable Application Visibility
4. Modify default DSCP-to-UP mappings and enable Upstream DSCP-Trust
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 135
AireOS WLC
Tuning QoS Profiles
• QoS Profiles are applied to both upstream
& downstream flows on egress
• The WLAN QoS Profile defines:
WLAN Maximum Priority
• It recommended to set the Maximum
Priority to voice on multiservice WLANs
Unicast and Multicast Default Priority
• Typically these values are
recommended to be set to best effort
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 137
AireOS WLC
Attaching QoS and AVC Profiles and Enabling AVC
• Select the desired QoS and AVC Profiles to apply to the WLAN
• Check the box to enable Application Visibility
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 138
AireOS QoS Policy Deployment
Step 4) Configure Downstream DSCP-to-UP Mapping and
Enable Upstream DSCP-Trust—Configuration (Part 1 of 2)
Step 1: Disable the Current QoS Map
(Cisco WLC) > config qos qosmap disable
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
AireOS QoS Policy Deployment
Step 4) Configure Downstream DSCP-to-UP Mapping and
Enable Upstream DSCP-Trust—Configuration (Part 2 of 3)
Step 3: Configure DSCP-to-UP Mapping Exceptions
(Cisco Controller) > config qos qosmap dscp-to-up-exception 56 0
(Cisco Controller) > config qos qosmap dscp-to-up-exception 48 0
(Cisco Controller) > config qos qosmap dscp-to-up-exception 46 6
(Cisco Controller) > config qos qosmap dscp-to-up-exception 44 6
(Cisco Controller) > config qos qosmap dscp-to-up-exception 40 5
(Cisco Controller) > config qos qosmap dscp-to-up-exception 38 4
(Cisco Controller) > config qos qosmap dscp-to-up-exception 36 4
(Cisco Controller) > config qos qosmap dscp-to-up-exception 34 4
(Cisco Controller) > config qos qosmap dscp-to-up-exception 32 5
(Cisco Controller) > config qos qosmap dscp-to-up-exception 30 4
(Cisco Controller) > config qos qosmap dscp-to-up-exception 28 4
(Cisco Controller) > config qos qosmap dscp-to-up-exception 26 4
(Cisco Controller) > config qos qosmap dscp-to-up-exception 24 4
(Cisco Controller) > config qos qosmap dscp-to-up-exception 22 3
(Cisco Controller) > config qos qosmap dscp-to-up-exception 20 3
(Cisco Controller) > config qos qosmap dscp-to-up-exception 18 3
(Cisco Controller) > config qos qosmap dscp-to-up-exception 16 0
(Cisco Controller) > config qos qosmap dscp-to-up-exception 14 2
(Cisco Controller) > config qos qosmap dscp-to-up-exception 12 2
(Cisco Controller) > config qos qosmap dscp-to-up-exception 10 2
(Cisco Controller) > config qos qosmap dscp-to-up-exception 8 ©12016 Cisco and/or its affiliates. All rights reserved. Cisco Public
AireOS QoS Policy Deployment
Step 4) Configure Downstream DSCP-to-UP Mapping and
Enable Upstream DSCP-Trust—Configuration (Part 3 of 3)
Step 4: Enable DSCP-Trust, the New Qos Maps and the 802.11 Networks
(Cisco Controller) > config qos qosmap trust-dscp-upstream enable
(Cisco Controller) > config qos qosmap enable
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco AirOS QoS Design At-A-Glance
https://cisco.box.com/s/ahkkshs67ogq446j9z1sail2n6e2gn3a
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 142
Cisco AirOS QoS Mapping At-A-Glance
https://cisco.box.com/s/x5kd241zxi71bx49x7pu5kwck598xsyx
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 143
Agenda
• Campus QoS Design Considerations and Best Practices
• Cisco Catalyst 2960-X QoS Design
• Cisco Catalyst 3650/3850 QoS Design
• Cisco Catalyst 4500 QoS Design
• Cisco Catalyst 6500/6800 QoS Design
• Cisco Nexus 7000/7700 QoS Design
• Campus WLAN QoS Design Considerations and Best Practices
• Cisco AireOS WLC AVC/QoS Design
• What are we doing to make this simpler?
• Summary and References
What are we doing to make this
simpler?
The Why / How / What of Enterprise Networking
Cisco
Enterprise
Vision
Why
Transform our customers’ businesses
through powerful yet simple networks.
How What
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Apple / Cisco Fastlane for iOS (AireOS 8.3)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 147
EasyQoS Solution
Applications can interact with APIC-EM via Northbound
APIs, informing the network of application-specific and
dynamic QoS requirements
EM
Southbound APIs translate
business-intent to platform-
specific configurations
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Your Choice
ip access-list extended APIC_EM-MM_STREAM-ACL
remark citrix - Citrix
permit tcp any any eq 1494
permit udp any any eq 1494
permit tcp any any eq 2598
permit udp any any eq 2598
remark citrix-static - Citrix-Static
permit tcp any any eq 1604
permit udp any any eq 1604
permit tcp any any range 2512 2513
permit udp any any range 2512 2513
remark pcoip - PCoIP
permit tcp any any eq 4172
permit udp any any eq 4172
permit tcp any any eq 5172
permit udp any any eq 5172
remark timbuktu - Timbuktu
permit tcp any any eq 407
permit udp any any eq 407
remark xwindows - XWindows
permit tcp any any range 6000 6003
remark vnc - VNC
permit tcp any any eq 5800
permit udp any any eq 5800
permit tcp any any range 5900 5901
permit udp any any range 5900 5901
exit
ip access-list extended APIC_EM-SIGNALING-ACL
remark h323 - H.323
permit tcp any any eq 1300
permit udp any any eq 1300
permit tcp any any range 1718 1720 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Agenda
• Campus QoS Design Considerations and Best Practices
• Cisco Catalyst 2960-X QoS Design
• Cisco Catalyst 3650/3850 QoS Design
• Cisco Catalyst 4500 QoS Design
• Cisco Catalyst 6500/6800 QoS Design
• Cisco Nexus 7000/7700 QoS Design
• Campus WLAN QoS Design Considerations and Best Practices
• Cisco AireOS WLC AVC/QoS Design
• Cisco IOS XE WLC AVC/QoS Design
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 153
Campus QoS Design 4.0—In-Depth
Comprehensive Design Chapters
• Enterprise Quality of Service Design 4.0
http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_S
RND_40/QoSIntro_40.html
• Campus QoS Design 4.0
http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_S
RND_40/QoSCampus_40.html
• WLAN QoS Design (BYOD CVD)
http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/
Unified_Access/BYOD_Design_Guide/BYOD_AVC.html
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 154
Recommended Reading
End-to-End QoS (v2)
• Release Date: Jan 2014
• Page Count: 1040
• Comprehensive QoS design
guidance for PINs and platforms:
• Campus Catalyst 3750/4500/6500
• WLAN WLC 5508 / Catalyst 3850 NGWC
• Data Center Nexus 1000V/2000/5500/7000
• WAN & Branch Cisco ASR 1000 / ISR G2
• MPLS VPN Cisco ASR 9000 / CRS-3
• IPSec VPNs Cisco ISR G2
• ISBN: 1-58714-369-0
http://www.amazon.com/End---End-QoS-Network-Design/dp/1587143690/
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
I NO LONGER Recommended Reading
End-to-End QoS (v2) – USE EASYQOS INSTEAD!!!
Amazon.com
• ReleaseOverall
Date:Rating:
Jan 2014
“The best ever book on QoS on the market. Bravo to the author.”
• Page Count: 1040
“AWESOME RESUME OF QoS TECHNOLOGIES”
• Comprehensive QoS design
“I strongly recommend this book to anyone working with Cisco infrastructure.”
guidance for PINs and platforms:
“This book
• is
Campus Catalystpresentation
an all-encompassing 3750/4500/6500
and tutorial on Cisco Quality of
Service (QoS)”
• WLAN WLC 5508 / Catalyst 3850 NGWC
“QoS is •intimidating; however, Nexus
Data Center this book 1000V/2000/5500/7000
is a tremendous resource that will ease
your anxiety.”
• WAN & Branch Cisco ASR 1000 / ISR G2
“This book is kept in my cubicle and is already filled with highlights, notes in the
margin, •andMPLS VPN Cisco
many dog-eared pages.” ASR 9000 / CRS-3
• IPSec VPNs Cisco ISR G2
“QOS is often misunderstood, and he explains it very well. The explanations are
thorough to help understand each case”
• ISBN: 1-58714-369-0
http://www.amazon.com/End---End-QoS-Network-Design/dp/1587143690/
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
When Completing Your Session Evaluation…
Please keep in mind:
BRKCRS-2501 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 157
Complete Your Online Session Evaluation
• Give us your feedback to be
entered into a Daily Survey
Drawing. A daily winner will
receive a $750 Amazon gift card.
• Complete your session surveys
through the Cisco Live mobile
app or from the Session Catalog
on CiscoLive.com/us.
BRKCRS-2501 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 158
Participate in the “My Favorite Speaker” Contest
Promote Your Favorite Speaker and You Could Be a Winner
• Promote your favorite speaker through Twitter and you could win $200 of Cisco
Press products (@CiscoPress)
• Send a tweet and include
• Your favorite speaker’s Twitter handle @tim_szigeti
• Two hashtags: #CLUS #MyFavoriteSpeaker
• You can submit an entry for more than one of your “favorite” speakers
• Don’t forget to follow @CiscoLive and @CiscoPress
• View the official rules at http://bit.ly/CLUSwin
BRKCRS-2501 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 159
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Table Topics
• Meet the Engineer 1:1 meetings
• Related sessions
BRKCRS-2501 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 160
Thank you
Appendix A
Catalyst 6500 Queuing Models
Catalyst 65xx-E / 6807-XL with Sup2T
Ingress & Egress Queueing Models
• Ingress Queue Structures
• 1Q8T CoS to Queue Mapping CoS-based Tail-Drop
• 2Q4T CoS to Queue Mapping CoS-based Tail-Drop
• 2Q8T CoS to Queue Mapping CoS-based Tail-Drop
• 8Q4T DSCP to Queue Mapping DSCP-based WRED
• 8Q8T CoS to Queue Mapping CoS-based WRED
• 1P7Q2T DSCP to Queue Mapping DSCP-based WRED
* 1P7Q4T can be implementing as an alternate ingress queueing structure to 2P6Q4T on some linecards, but we have chosen to
implement the 2P6Q4T instead with Easy-Qos, as it is a superior queueing structure and consistent with the Catalyst 3650/3850.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
1Q8T – Ingress Queueing
CoS to Queue Mapping
CoS-based Tail-Drop
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
1Q8T Ingress Queueing Linecards
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL with Sup2T
1Q8T Ingress Queuing Models—CoS-to-Queue Mapping with COS-based Tail-Drop
Application-Class DSCP CoS 1Q8T
CoS 7 Q1T8—100%
Network Control (CS7)
CoS 7
Internetwork Control CS6 CoS 6
Q1T7—95%
VoIP EF CoS 6
CoS 5
Broadcast Video CS5
Q1T6—90%
CoS 5
Multimedia Conferencing AF4
CoS 4
Q1T5—85%
Realtime Interactive CS4
CoS 4
Multimedia Streaming AF3
CoS 3 Q1T4—80%
Signaling CS3 CoS 3
Transactional Data AF2
CoS 2 Q1T3—75% All noted thresholds are
Network Management CS2 CoS 2
tail-drop thresholds
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL—1Q8T Ingress Model
Interface GigabitEthernet1/1
service-policy type lan-queuing input APIC_EM-QUEUING-1Q8T-IN
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
2Q4T – Ingress Queueing
CoS to Queue Mapping
CoS-based Tail-Drop
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
2Q4T Ingress Queueing Linecards
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL with Sup2T
2Q4T Ingress Queuing Models—CoS-to-Queue Mapping
Application-Class DSCP CoS 2Q4T
VoIP EF CoS 6
CoS 5
Broadcast Video CS5
CoS 5
Multimedia Conferencing AF4
CoS 4
Realtime Interactive CS4
CoS 4
Multimedia Streaming AF3
CoS 3
Signaling CS3 CoS 3 Q1 60% BW
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL with Sup2T
2Q4T Ingress Queuing Models—CoS-to-Queue Mapping with CoS-based Tail-Drop
Application-Class DSCP CoS 2Q4T
CoS 7 Q2T4—100%
Network Control (CS7)
CoS 7
Internetwork Control CS6 CoS 6
Q2T3—95%
VoIP EF CoS 6
CoS 5
Broadcast Video CS5 Q2T2—90%
CoS 5
Multimedia Conferencing AF4
CoS 4 Q2 40% BW
Q2T1—85%
Realtime Interactive CS4
CoS 4
Multimedia Streaming AF3
CoS 3 Q1T4—100%
Signaling CS3 CoS 3 Q1 60% BW
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL—2Q4T Ingress Model
class-map type lan-queuing match-all APIC_EM-Q2-2Q4T-QUEUE
match cos 7 6 5 4
interface GigabitEthernet1/3/1
service-policy type lan-queuing input APIC_EM-QUEUING-2Q4T-IN
interface TenGigabitEthernet1/3/4
service-policy type lan-queuing input APIC_EM-QUEUING-2Q4T-IN
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
2Q8T – Ingress Queueing
CoS to Queue Mapping
CoS-based Tail-Drop
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
2Q8T Ingress Queueing Linecards
• WS-X6724-SFP with DFC4/DFC4XL upgrade (WS-F6k-DFC4-A, WS-F6k-DFC4-AXL)
• WS-X6748-SFP and WS-X6748-GE-TX with DFC4/DFC4XL upgrade (WS-F6k-DFC4-
A, WS-F6k-DFC4-AXL)
• WS-X6824-SFP-2T and WS-X6824-SFP-2TXL
• WS-X6848-SFP-2T, WS-X6848-SFP-2TXL, WS-X6848-TX-2T and WS-X6848-TX-
2TXL
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL with Sup2T
2Q8T Ingress Queuing Models—CoS-to-Queue Mapping
Application-Class DSCP CoS 2Q8T
VoIP EF CoS 6
CoS 5
Broadcast Video CS5
CoS 5
Multimedia Conferencing AF4
CoS 4
Realtime Interactive CS4
CoS 4
Multimedia Streaming AF3
CoS 3
Signaling CS3 CoS 3 Q1 60% BW
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL with Sup2T
2Q8T Ingress Queuing Models—CoS-to-Queue Mapping with CoS-based Tail-Drop
Application-Class DSCP CoS 2Q8T
CoS 7 Q2T4—100%
Network Control (CS7)
CoS 7
Internetwork Control CS6 CoS 6
Q2T3—95%
VoIP EF CoS 6
CoS 5
Broadcast Video CS5 Q2T2—90%
CoS 5
Multimedia Conferencing AF4
CoS 4 Q2 40% BW
Q2T1—85%
Realtime Interactive CS4
CoS 4
Multimedia Streaming AF3
CoS 3 Q1T4—100%
Signaling CS3 CoS 3 Q1 60% BW
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL—2Q8T Ingress Model
class-map type lan-queuing match-all APIC_EM-Q2-2Q8T-QUEUE
match cos 7 6 5 4
interface GigabitEthernet1/3/2
service-policy type lan-queuing input APIC_EM-QUEUING-2Q8T-IN
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
8Q4T – Ingress Queueing
DSCP to Queue Mapping
DSCP-based WRED
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
8Q4T Ingress Queueing Linecards
* Potentially similar behavior with the Sup2T ports as seen in slides #25 & #26
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
How to Disable or Display the State of GigabitEthernet
Interfaces on the Sup2T
o23-6500-1(config)#platform qos 10g-only Global command disables GigabitEthernet interfaces on the
Sup2T.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
How to Enable or Display Performance Mode on Linecards
Global command enables
performance mode on a port
o23-6500-1(config)#no hw-module slot 5 oversubscription port-group 4 group of a linecard
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL with Sup2T
8Q4T Ingress Queuing Models—DSCP-to-Queue Mapping
8Q4T
Application-Class DSCP
EF Realtime Queue
Network Control (CS7) CS5 (10% BW)
CS4
Internetwork Control CS6
CS7
VoIP EF
CS6 Control Queue
Broadcast Video CS5 CS3 (10% BW)
CS2
Multimedia Conferencing AF4
AF4
Realtime Interactive CS4 Multimedia-Conferencing Queue
(20% BW + DSCP-WRED)
Multimedia Streaming AF3
AF3 Multimedia-Streaming Queue
Signaling CS3 (20% BW + DSCP-WRED)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL with Sup2T
8Q4T
8Q4T Ingress Queuing Models—
EF
DSCP-to-Queue with DSCP-WRED CS5
Realtime Queue All noted thresholds are
(10% BW) Min WRED thresholds
Application-Class DSCP CS4
DF Default Queue
(25% BW + ©DSCP-WRED)
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL —8Q4T Ingress Model
class-map type lan-queuing match-all APIC_EM-REALTIME-8Q4T-QUEUE
match dscp cs4 cs5 ef
class-map type lan-queuing match-all APIC_EM-CONTROL-8Q4T-QUEUE
match dscp cs2 cs3 cs6 cs7
class-map type lan-queuing match-all APIC_EM-MM_CONF-8Q4T-QUEUE
match dscp af41 af42 af43
class-map type lan-queuing match-all APIC_EM-MM_STREAM-8Q4T-QUEUE
match dscp af31 af32 af33
class-map type lan-queuing match-all APIC_EM-TRANS_DATA-8Q4T-QUEUE
match dscp af21 af22 af23
class-map type lan-queuing match-all APIC_EM-BULK_DATA-8Q4T-QUEUE
match dscp af11 af12 af13
class-map type lan-queuing match-all APIC_EM-SCAVENGER-8Q4T-QUEUE
match dscp cs1
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL —8Q4T Ingress Model
policy-map type lan-queuing APIC_EM-QUEUEING-8Q4T-IN
class APIC_EM-REALTIME-8Q4T-QUEUE
bandwidth percent 10
class APIC_EM-CONTROL-8Q4T-QUEUE
bandwidth percent 10
class APIC_EM-MM_CONF-8Q4T-QUEUE
bandwidth percent 20
random-detect dscp-based
random-detect dscp af41 percent 80 100
random-detect dscp af42 percent 70 100
random-detect dscp af43 percent 60 100
class APIC_EM-MM_STREAM-8Q4T-QUEUE
bandwidth percent 20
random-detect dscp-based
random-detect dscp af31 percent 80 100
random-detect dscp af32 percent 70 100
random-detect dscp af33 percent 60 100
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL —8Q4T Ingress Model
[continued]
class APIC_EM-TRANS_DATA-8Q4T-QUEUE
bandwidth percent 10
random-detect dscp-based
random-detect dscp af21 percent 80 100
random-detect dscp af22 percent 70 100
random-detect dscp af23 percent 60 100
class APIC_EM-BULK_DATA-8Q4T-QUEUE
bandwidth percent 4
random-detect dscp-based
random-detect dscp af11 percent 80 100
random-detect dscp af12 percent 70 100
random-detect dscp af13 percent 60 100
class APIC_EM-SCAVENGER-8Q4T-QUEUE
bandwidth percent 1
class class-default
random-detect dscp-based
random-detect dscp default percent 80 100
interface TenGigabitEthernet1/3/4
service-policy type lan-queuing input APIC_EM-QUEUEING-8Q4T-IN
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
8Q8T – Ingress Queueing
CoS to Queue Mapping
CoS-based Tail-Drop
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
8Q8T Ingress Queueing Linecards
• WS-X6704-10GE supported with a DFC4/DFC4XL upgrade
(WS-F6k-DFC4-A, WS-F6k-DFC4-AXL)
o23-6500-1#show module
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
1 48 CEF720 48 port 10/100/1000mb Ethernet WS-X6748-GE-TX SAL10478SWP
2 8 DCEF2T 8 port 10GE WS-X6908-10G SAL172682AK
3 5 Supervisor Engine 2T 10GE w/ CTS (Acti VS-SUP2T-10G SAL1702WNR0
5 16 CEF720 16 port 10GE WS-X6716-10GE SAL1228WYB7
6 4 CEF720 4 port 10-Gigabit Ethernet WS-X6704-10GE SAL15013XBH
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL —8Q8T Ingress Model
class-map type lan-queuing match-all APIC_EM-Q8-8Q8T-QUEUE
match cos 7
Class-map type lan-queuing match-all APIC_EM-Q7-8Q8T-QUEUE
match cos 6
class-map type lan-queuing match-all APIC_EM-Q6-8Q8T-QUEUE
match cos 5
class-map type lan-queuing match-all APIC_EM-Q5-8Q8T-QUEUE
match cos 4
class-map type lan-queuing match-all APIC_EM-Q4-8Q8T-QUEUE
match cos 3
class-map type lan-queuing match-all APIC_EM-Q3-8Q8T-QUEUE
match cos 2
class-map type lan-queuing match-all APIC_EM-Q2-8Q8T-QUEUE
match cos 1
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL —8Q8T Ingress Model
policy-map type lan-queuing APIC_EM-QUEUEING-8Q8T-IN
class APIC_EM-Q8-8Q8T-QUEUE
bandwidth percent 10
class APIC_EM-Q7-8Q8T-QUEUE
bandwidth percent 5
class APIC_EM-Q6-8Q8T-QUEUE
bandwidth percent 5
class APIC_EM-Q5-8Q8T-QUEUE
bandwidth percent 20
class APIC_EM-Q4-8Q8T-QUEUE
bandwidth percent 20
class APIC_EM-Q3-8Q8T-QUEUE
bandwidth percent 10
class APIC_EM-Q2-8Q8T-QUEUE
bandwidth percent 5
class class-default
interface TenGigabitEthernet1/3/4
service-policy type lan-queuing input APIC_EM-QUEUEING-8Q8T-IN
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
1P7Q2T – Ingress Queueing
DSCP to Queue Mapping
DSCP-based WRED
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
1P7Q2T Ingress Queueing Linecards
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL with Sup2T
1P7Q2T Ingress Queuing Models—DSCP-to-Queue
Mapping 1P7Q2T
Application-Class DSCP EF
Realtime Queue
CS5 (Priority)
Network Control (CS7)
CS4
Internetwork Control CS6
CS7
VoIP EF CS6 Control Plane Queue
CS3 (10% BWR)
Broadcast Video CS5 CS2
Multimedia Conferencing AF4
AF4
Realtime Interactive CS4 Multimedia-Conferencing Queue
(20% BWR + DSCP-WRED)
Multimedia Streaming AF3
AF3 Multimedia-Streaming Queue
(15% BWR + DSCP-WRED)
Signaling CS3
DF Default Queue
(30% BWR +©DSCP-WRED)
2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL - 1P7Q2T Ingress Model
class-map type lan-queuing match-all APIC_EM-REALTIME-1P7Q2T-QUEUE
match dscp cs4 cs5 ef
class-map type lan-queuing match-all APIC_EM-CONTROL-1P7Q2T-QUEUE
match dscp cs2 cs3 cs6 cs7
class-map type lan-queuing match-all APIC_EM-MM_CONF-1P7Q2T-QUEUE
match dscp af41 af42 af43
class-map type lan-queuing match-all APIC_EM-MM_STREAM-1P7Q2T-QUEUE
match dscp af31 af32 af33
class-map type lan-queuing match-all APIC_EM-TRANS_DATA-1P7Q2T-QUEU
match dscp af21 af22 af23
class-map type lan-queuing match-all APIC_EM-BULK_DATA-1P7Q2T-QUEUE
match dscp af11 af12 af13
class-map type lan-queuing match-all APIC_EM-SCAVENGER-1P7Q2T-QUEUE
match dscp cs1
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL —1P7Q2T Ingress Model
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL - 1P7Q2T Ingress Model
[continued]
class APIC_EM-TRANS_DATA-1P7Q2T-QUEU
bandwidth remaining percent 15
class APIC_EM-BULK_DATA-1P7Q2T-QUEUE
bandwidth remaining percent 9
class APIC_EM-SCAVENGER-1P7Q2T-QUEUE
bandwidth remaining percent 1
class class-default
interface TenGigabitEthernet1/3/4
service-policy type lan-queuing input APIC_EM-QUEUEING-1P7Q2T-IN
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
2P6Q4T Ingress & Egress Queueing
DSCP to Queue Mapping
DSCP-based WRED
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
2P6Q4T Ingress Queueing Linecards
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL with Sup2T
2P6Q4T (Ingress & Egress Queuing Models—DSCP-to-Queue)
Application-Class DSCP 2P6Q4T
Network Control (CS7) Voice-PQ1
EF (Priority Level 1)
Internetwork Control CS6
CS4
VoIP EF CS5 Video-PQ2
(Priority Level 2)
Broadcast Video CS5 AF4
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL with Sup2T
2P6Q4T (Ingress & Egress Queuing Models—
2P6Q4T
DSCP-to-Queue with DSCP WRED
Voice-PQ1
EF (Priority Level 1)
Application-Class DSCP
CS4
Network Control (CS7) Video-PQ2
CS5
(Priority Level 2)
Internetwork Control CS6 AF4
VoIP EF
CS7 & CS6 Control Plane Queue
Broadcast Video CS5 CS3 & CS2 (10% BWR)
Q2T3—80%
Network Management CS2 AF11
Bulk Data Queue
AF12 Q2T2—70%
(14% BWR + DSCP-WRED)
Bulk Data AF1 AF13
CS1 Q2T1—60%
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL—2P6Q4T Model
Part 1 of 3—Common Ingress & Egress Queuing Class-Maps
class-map type lan-queuing match-all APIC_EM-VOICE-2P6Q4T-PQ1
match dscp ef
class-map type lan-queuing match-all APIC_EM-VIDEO-2P6Q4T-PQ2
match dscp cs4 cs5 af41 af42 af43
class-map type lan-queuing match-all APIC_EM-CONTROL-2P6Q4T-QUEUE
match dscp cs2 cs3 cs6 cs7
class-map type lan-queuing match-all APIC_EM-MM_STREAM-2P6Q4T-QUEUE
match dscp af31 af32 af33
class-map type lan-queuing match-all APIC_EM-TRANS_DATA-2P6Q4T-QUEUE
match dscp af21 af22 af23
class-map type lan-queuing match-all APIC_EM-BULK_DATA-2P6Q4T-QUEUE
match dscp af11 af12 af13
class-map type lan-queuing match-all APIC_EM-SCAVENGER-2P6Q4T-QUEUE
match dscp cs1
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL—2P6Q4T Model
Part 2 of 3—2P6Q4T Queuing Policy-Map
policy-map type lan-queuing APIC_EM-QUEUING-2P6Q4T
class APIC_EM-VOICE-2P6Q4T-PQ1
priority level 1
class APIC_EM-VIDEO-2P6Q4T-PQ2
priority level 2
class APIC_EM-CONTROL-2P6Q4T-QUEUE
bandwidth remaining percent 10
class APIC_EM-MM_STREAM-2P6Q4T-QUEUE
bandwidth remaining percent 20
random-detect dscp-based
random-detect dscp af31 percent 80 100
random-detect dscp af32 percent 70 100
random-detect dscp af33 percent 60 100
class APIC_EM-TRANS_DATA-2P6Q4T-QUEUE
bandwidth remaining percent 20
random-detect dscp-based
random-detect dscp af21 percent 80 100
random-detect dscp af22 percent 70 100
random-detect dscp af23 percent 60 100
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL—2P6Q4T Model
Part 3 of 3—2P6Q4T Queuing Policy-Map (continued)
[continued]
class APIC_EM-BULK_DATA-2P6Q4T-QUEUE
bandwidth remaining percent 14
random-detect dscp-based
random-detect dscp af11 percent 80 100
random-detect dscp af12 percent 70 100
random-detect dscp af13 percent 60 100
class APIC_EM-SCAVENGER-2P6Q4T-QUEUE
bandwidth remaining percent 1
class class-default
random-detect dscp-based
random-detect dscp default percent 80 100
interface TenGigabitEthernet1/1/13
service-policy type lan-queuing input APIC_EM-QUEUEING-2P6Q4T
service-policy type lan-queuing output APIC_EM-QUEUEING-2P6Q4T
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
1P3Q8T – Egress Queueing
CoS to Queue Mapping
CoS-based Tail-Drop
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
1P3Q8T Egress Queueing Linecards
• WS-X6724-SFP, WS-X6748-SFP and WS-X6748-GE-TX with CFC
• WS-X6724-SFP, WS-X6748-SFP, and WS-X6748-GE-TX with a DFC4 or
DFC4XL upgrade (WS-F6k-DFC4-A, WS-F6k-DFC4-AXL)
• WS-X6824-SFP-2T and WS-X6824-SFP-2TXL
• WS-X6848-SFP-2T, WS-X6848-SFP-2TXL, WS-X6848-TX-2T and WS-
X6848-TX-2TXL
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL with Sup2T
1P3Q8T Egress Queuing Models—CoS-to-Queue Mapping
1P3Q8T
Application-Class DSCP CoS
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL with Sup2T
1P3Q8T Egress Queuing Models—CoS-to-Queue Mapping with CoS-WRED
1P3Q8T
Application-Class DSCP CoS
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL—1P3Q8T Egress Model
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL —1P3Q8T Egress Model
interface GigabitEthernet1/3/2
service-policy type lan-queuing output APIC_EM-QUEUING-1P3Q8T-OUT
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
1P3Q4T – Egress Queueing
CoS to Queue Mapping
CoS-based Tail-Drop
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
1P3Q4T Egress Queueing Linecards
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL with Sup2T
1P3Q4T Egress Queuing Models—CoS-to-Queue Mapping
1P3Q4T
Application-Class DSCP CoS
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL with Sup2T
1P3Q4T Egress Queuing Models—CoS-to-Queue Mapping with CoS WRED
1P3Q4T
Application-Class DSCP CoS
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL —1P3Q4T Egress Model
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL —1P3Q4T Egress Model
interface GigabitEthernet1/3/1
service-policy type lan-queuing output APIC_EM-QUEUING-1P3Q4T-OUT
interface TenGigabitEthernet1/3/4
service-policy type lan-queuing output APIC_EM-QUEUING-1P3Q4T-OUT
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
1P7Q4T –Egress Queueing
DSCP to Queue Mapping
DSCP-based WRED
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
1P7Q4T Egress Queueing Linecards
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL with Sup2T
1P7Q4T Egress Queuing Models—DSCP-to-Queue Mapping
1P7Q4T
Application-Class DSCP EF
Realtime Queue
CS5 (Priority)
Network Control (CS7)
CS4
Internetwork Control CS6
CS7
VoIP EF CS6 Control Plane Queue
CS3 (10% BWR)
Broadcast Video CS5 CS2
Multimedia Conferencing AF4
AF4
Realtime Interactive CS4 Multimedia-Conferencing Queue
(20% BWR + DSCP-WRED)
Multimedia Streaming AF3
AF3 Multimedia-Streaming Queue
(15% BWR + DSCP-WRED)
Signaling CS3
DF Default Queue
(30% BWR + DSCP-WRED)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL —1P7Q4T Egress Model
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL —1P7Q4T Egress Model
policy-map type lan-queuing APIC_EM-QUEUING-1P7Q4T-OUT
class APIC_EM-REALTIME-1P7Q4T-QUEUE
priority
class APIC_EM-CONTROL-1P7Q4T-QUEUE
bandwidth remaining percent 10
class APIC_EM-MM_CONF-1P7Q4T-QUEUE
bandwidth remaining percent 20
random-detect dscp-based
random-detect dscp af41 percent 80 100
random-detect dscp af42 percent 70 100
random-detect dscp af42 percent 60 100
class APIC_EM-MM_STREAM-1P7Q4T-QUEUE
bandwidth remaining percent 15
random-detect dscp-based
random-detect dscp af31 percent 80 100
random-detect dscp af32 percent 70 100
random-detect dscp af33 percent 60 100
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL —1P7Q4T Egress Model
[continued]
class APIC_EM_TRANS_DATA-1P7Q4T-QUEUE
bandwidth remaining percent 15
random-detect dscp-based
random-detect dscp af21 percent 80 100
random-detect dscp af22 percent 70 100
random-detect dscp af23 percent 60 100
class APIC_EM_BULK_DATA-1P7Q4T-QUEUE
bandwidth remaining percent 9
random-detect dscp-based
random-detect dscp af11 percent 80 100
random-detect dscp af12 percent 70 100
random-detect dscp af13 percent 60 100
class APIC_EM_SCAVENGER-1P7Q4T-QUEUE
bandwidth remaining percent 1
class class-default
random-detect dscp-based
random-detect dscp default percent 80 100
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL —1P7Q4T Egress Model
interface TenGigabitEthernet1/3/4
service-policy type lan-queuing output APIC_EM-QUEUING-1P7Q4T-OUT
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
1P7Q8T – Egress Queueing
CoS to Queue Mapping
CoS-based Tail-Drop
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
1P7Q8T Egress Queueing Linecards
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL with Sup2T
1P7Q8T Egress Queuing Models—CoS-to-Queue Mapping with COS-based WRED
1P7Q8T
Application-Class DSCP CoS
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL —1P7Q8T Egress Model
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Catalyst 65xx-E/6807-XL —1P7Q8T Egress Model
interface TenGigabitEthernet1/3/4
service-policy type lan-queuing output APIC_EM-QUEUING-1P7Q8T-OUT
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Appendix B
Cisco IOS XE WLC
AVC/QoS Design
Cisco IOS XE WLC
QoS Roles in the Wireless LAN Centralized Deployment Model
CAPWAP Tunnel
• IOS XE WLCs can be deployed
in either a Centralized or a
Converged Access Deployment CT5760 WLC
• In either model:
• Trust Boundary is at the AP Converged Access Deployment Model
• PEP is at the AP
CAPWAP Tunnel
Catalyst
3650/3850
Or 4500-Sup8
Trust Boundary
PEP
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 232
Cisco IOS XE WLC
AVC/QoS Design Steps
1. Enable Application Visibility
a) Create a Flow Record
b) (Optional) Create a Flow Exporter
c) Create a Flow Monitor
d) Apply the Flow Monitor to the WLAN
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 233
WHAT you want to MONITOR
Specifies
WHICH interface and
WHAT you want to COLLECT
© 2016 Cisco and/orWHICH
its affiliates. All direction
rights reserved. Cisco Public 234
Cisco IOS XE WLC Match protocol enables NBAR2 classification
AFD BLOCK
Wireless Port Egress Queuing © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
IOS XE WLC AFD
2P2Q+Approximate Fair Drop (AFD) Wireless Port Egress Queuing Model
Application Classes DSCP 2P2Q with AFD
EF Q0
Voice EF CS6 Priority Level 1
CS3 (Limited to 10% of BW)
Q1
Interactive Video AF4 AF4 Priority Level 2
(Limited to 20% of BW)
Network Control CS6
AF2 Q2
Bulk Data AF1
Unicast-
Non-Realtime Queue
CS1
(63% BWR)
Transactional Data AF2
DF
Scavenger CS1
Q3
Multicast Non-Realtime Queue
Best Effort DF (7% BWR)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 237
IOS XE WLC AFD
2P2Q+AFD Wireless Port Egress Queuing Config
class-map match-any REALTIME-1
match dscp ef
match dscp cs6
Note: This policy is applied automatically to all wireless ports.
match dscp cs3
Therefore, no explicit service-policy command is required
class-map match-any REALTIME-2
to attach the policy to a wireless interface(s).
match dscp af41
match dscp af42
match dscp af43
policy-map port_child_policy
class non-client-nrt-class System-defined (but configurable) queuing policy
bandwidth remaining ratio 7
class REALTIME-1
priority level 1 System defined queue for multicast wireless traffic
police rate percent 10 conform-action transmit exceed-action drop
class REALTIME-2
priority level 2 Two-levels
Two-levels of
of priority
priority queuing
queuing are
are supported
supported
police rate percent 20 conform-action transmit exceed-action drop
class class-default
bandwidth remaining ratio 63
Default unicast queue (non-priority queue)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 238
IOS-XE WLC QoS Design
Step 4) Configure Custom Table Maps – Part 1 of 2
Table Map DSCP_TO_DSCP DSCP-to-DSCP is used for upstream from wireless,
from 8 to 8 to verify that only standard DSCP values are forwarded to the LAN
from 10 to 10
from 12 to 12
from 14 to 14
from 16 to 16
from 18 to 18
from 20 to 20
from 22 to 22
from 24 to 24
from 26 to 26
from 28 to 28 policy-map TRUST-SSID-IN
from 30 to 30 class class-default
from 32 to 32 set dscp dscp table DSCP_TO_DSCP
from 34 to 34
from 36 to 36 This policy trusts RFC 4594 DSCPs received from the client
from 38 to 38 and bleaches (zeroes-out) all other non-standard DSCP values
from 40 to 40
from 44 to 44
from 46 to 46
default ignore
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
IOS-XE WLC QoS Design
Step 4) Configure Custom Table Maps – Part 2 of 2
Table Map DSCP_TO_UP policy-map QUEUING-SSID-CHILD DSCP_TO_UP Mapping
from 8 to 1 class VOICE-PQ1
aligns IETF (RFC 4594)
from 10 to 2 priority level 1
police cir 6000000 bc 187500
with IEEE (802.11) for
from 12 to 2
from 14 to 2 conform-action transmit downstream flows.
from 16 to 0 exceed-action drop
from 18 to 3 admit cac wmm-tspec
from 20 to 3 rate 1500 (kbps)
from 22 to 3 wlan-up 6
from 24 to 4 class VIDEO-PQ2
from 26 to 4 priority level 2
from 28 to 4 police cir 6000000 bc 187500
from 30 to 4 conform-action transmit
from 32 to 5 exceed-action drop
from 34 to 4
from 36 to 4 policy-map QUEUING-SSID Standard DSCPs are
from 38 to 4 class class-default preserved (via table-map
from 40 to 5 set dscp dscp table DSCP_TO_DSCP from previous slide)
from 44 to 6 set wlan user-priority dscp table DSCP_TO_UP
from 46 to 6 bandwidth remaining ratio 100 UP markings are derived
default 0 service-policy APIC_EM-QUEUING-SSID-CHILD from DSCP_TO_UP Map
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco IOS XE QoS Design At-A-Glance
https://cisco.box.com/s/t8ts51s0wqk2lyqtx0f3ans5dc3m4bai
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 241