Configuring Campus Switches To Support Voice and Video Applications

Configuring Campus Switches to
Support Voice and Video

Applications
© 2003, Cisco Systems, Inc. All rights reserved. 1

Objectives
• Accommodating Voice Traffic on Campus

Switches
• Configuring IP Multicast

Overview
• Campus networks carry a variety of data

with diverse purposes and impacts on
resources.
• Proper design and configuration efforts

will ensure that voice, video and data
traffic efficiently coexist on a single
Campus Infrastructure.

Cisco Infrastructure
• Cisco recommends an end-to-end single

vender (Cisco) solution.
• This way, each new application such as
video, Web, or telephony represents just
another media type over the same
infrastructure.
– Tasks such as QoS configuration and
network upgrades are made easier by using
a single vendor.

IP Telephony Integration

Voice VLANs
• Cisco Catalyst switches offer a "voice VLAN"

feature.
– The voice VLAN, also known as an auxiliary VLAN,
provides automatic VLAN association for IP
phones.
• Voice traffic is on a specific VLAN, and IP

subnet even though voice and data co-exist on
the same physical infrastructure.

Voice VLANs
When a phone is connected to the switch, the switch sends necessary

voice VLAN information to the IP phone.

Voice VLANs and Data VLANs
• Placing phone traffic onto a distinct

VLAN allows the phone traffic to be
segmented from the data traffic.
• QoS or security policies can be enforced
specifically for the traffic traversing the
phone VLANs without affecting the data
traffic.

Connecting a PC to the IP Phone
• To save switchport density and cable runs, a PC can be

connected to the integrated switch of the IP Phone.
• In order for the device and the phone to communicate, one
of the following must be true:
– They both use the same Layer 2 frame type.
– The phone uses 802.1p frames and the device uses
untagged frames.
– The phone uses untagged frames and the device uses
802.1p frames.
– The phone uses 802.1Q frames, and the voice VLAN equals
the native VLAN.

Connecting a PC to the IP Phone

Voice Design Considerations
• Deploying IP telephony in the enterprise campus requires
the implementation of various features particular to each
submodule.
• Within the Building Access submodule, these features
support IP telephony:
– Voice VLANs
– 802.1p/Q
– Hardware support for multiple output queues
– Hardware support for in-line power to IP phones
– PortFast
– Root Guard
– Unidirectional Link Detection (UDLD)
– UplinkFast
IP Telephony on the Network
• IP telephony places strict requirements on

the network infrastructure.
• Most IP telephony installations are built
on an existing network infrastructure.
– To support voice traffic the network may
require enhancements and upgrades with
priority given to voice traffic.

Campus Infrastructure Considerations
• What features are required for each network device?

– VLAN configuration, QoS, inline power
• Can the physical plan support IP Telephony?
– Cat5e minimum, available switchports and wall jacks
• How will the phones be powered?
– PoE on the switch or a separate inline power patch panel,
power bricks
• Is adequate bandwidth available?
– What other bandwidth intensive applications are running?
• Will a VoIP implementation require an complete network
overhaul?

Quality of Service
• QoS is the application of features and

functionality required to actively manage
and satisfy networking requirements of
applications sensitive to loss, delay, and
delay variation (jitter).
• QoS allows preference to be given to
critical application flows for the available
bandwidth.

QoS and Voice Traffic
• Congestion and latency can be caused by speed

mismatches, many-to-one switching fabrics and
aggregation.
• When packets are dropped due to network
congestion, these packets must be retransmitted,
causing further congestion.
– QoS ensures that prioritized voice traffic is not subject
to the existing network congestion and latency.

Switchport Commands for VoIP QoS

Switch Configuration Example
Switch(config)#interface fastethernet 0/4
Switch(config-if)#switchport voice vlan 110
Switch(config-if)#mls qos trust cos
Switch(config-if)#mls qos trust device cisco-phone
Switch(config-if)#ctrl-Z
Switch#show interfaces fastethernet 0/4

Switch#show mls qos interface fastethernet 0/4
FastEthernet0/4
trust state: trust cos
trust mode: trust cos
COS override: dis
default COS: 0
pass-through: none
trust device: cisco-phone

Step-by-Step Configuration

QoS by Network Layer

Delay and Packet Loss
• Delay (or latency) is the amount of time that it takes a packet

to reach the receiving endpoint from the sending endpoint.
– This time period is termed the "end-to-end delay"
– End-to-end delay can be broken into two areas:
• Fixed network delay
• Variable network delay
• Fixed network delay includes encoding and decoding time
(for voice and video), as well as the amount of time required
to traverse the media en route to the destination.
• Variable network delay refers to network conditions, such as
congestion, that may affect the overall time required for
transit.

Types of Delay
• Packetization delay – The amount of time that it takes to
segment data, sample and encode signals, process data,
and turn the data into packets
• Serialization delay – The amount of time that it takes to
place the bits of a packet encapsulated in a frame, onto the
physical media
• Propagation delay – The amount of time that it takes to
transmit the bits of a frame across the physical wire
• Processing delay – The amount of time that it takes for a
network device to take the frame from an input interface,
place it into a receive queue, and then place it into the
output queue of the output interface
• Queuing delay – The amount of time that a packet resides
in the output queue of an interface
• Delay variation – Delay variation (or jitter) is the difference
in the end-to-end delay between packets.

Classification and Marking

Layer 2 Marking: 802.1p and CoS

Layer 3 Marking: ToS, IP Precedence, DSCP

Best Effort
• Best-effort is a single service model in which an application

sends data whenever it must, in any quantity, without
requesting permission or first informing the network.
• Best-effort service is suitable for a wide range of networked
applications such as general file transfers, e-mail and Web
browsing.

Differentiated Services
• The Differentiated Services or DiffServ is an

IETF architecture standard.
• This architecture specifies that each packet
is classified upon entry into the network.
– The classification is carried in the IP packet
header, using either the IP precedence or the
preferred Differential Services Code Point
(DSCP).

Precedence and DSCP
• Represented using the first three (precedence) or six (DSCP) bits of

the Type of Service (ToS) field.
– The first 3 DSCP bits are the class selector bits
– The second 3 DSCP bits are the drop precedence bits
• Classification can also be carried in the Layer 2 frame in the form of
the Class of Service (CoS) field embodied in ISL and 802.1Q frames.

DSCP Code Points
Assured Forwarding - AF Expedited Forwarding - EF
Class Selector - Priority
Class 5
101
Class Selector Bits

40 – 47 (46)
Internetwork Control
Drop Precedence - Priority
Class 6
110
48 – 55
Network Control
Class 7
111
56 – 63

Layer 2 and 3 DiffServ

Layer 2 and QoS
• At the Datalink layer a raw Ethernet frame has

no fields to signify its QoS requirements.
• If QoS marking is required, then ISL or
802.1Q/p must be used as these provide a
three-bit Class of Service (CoS) field.

Layer 3 and QoS
• At the Network layer an IP packet contains a one

byte Type of Service (ToS) field, of which the
first three bits form the IP-Precedence field and
the first six bits form the DSCP fields.
• Either of these can be used to signify the QoS
requirements of an IP packet but not both.
• DSCP has precedence

QoS, CoS and ToS
CoS
ToS – IP Precedence
ToS – DSCP

Modular QoS CLI (MQC)
• The Modular QoS Command Line Interface or MQC is
central to Cisco’s model for implementing IOS based QoS
solutions.
• The MQC breaks down the tasks associated with QoS into
modules that:
– Identify traffic flows.
– Classify traffic flows as belonging to a common class of
QoS.
– Apply QoS policies to that class.
– Define the interfaces on which the policy should be
enforced.
• The modular nature of MQC allows the reuse of common
traffic classes and policies.

Creating Class-maps
• The class-map command is used to define a traffic class.

• The purpose of a traffic class is to classify traffic that
should be given a particular QoS.
• A traffic class contains three major elements:
1. a name - cisco
2. a series of match commands - match
3. and if more than one match command exists in the traffic class,
how to evaluate these match commands match-all | match-
any

Class-map Commands
switch(config)#ip access-list standard test
Switch(config)#class-map match-any cisco
Switch(config-cmap)#match access-group name test
Switch(config-cmap)#match interface fastethernet 0/1
• On the Catalyst 3550 and 6500 the Modular QoS

CLI allows multiple traffic classes to be configured
as a single traffic class, such as nested traffic
classes, or nested class maps.
• This nesting can be achieved with the use of the

match class-map command.

Policy-maps
• The policy-map command is used to create a traffic

policy.
• The purpose of a traffic policy is to configure the QoS
features to be associated with the traffic that has been
classified in the traffic class.
• Traffic policy contains three elements:
1. Policy Name
2. Traffic class specified with the class command
3. QoS policies to be applied to each class

Policy and Class-map Commands
Switch(config)#policy-map policy1
Switch(config-pmap)#class cisco
Switch(config-pmap-c)#bandwidth 3000
Switch(config-pmap-c)#exit
Switch(config-pmap)#class class-default
Switch(config-pmap-c)#bandwidth 2000
Switch(config-pmap)#exit
• The service policy command is used to attach

the traffic policy to an interface.
Switch(config)#interface fastethernet 0/1
Switch(config-if)#service-policy output policy1
Switch(config-if)#exit
Apply to outgoing packets
Classification at Access Layer
• In order to be effective, QoS should be implemented

end-to-end within a network as soon as possible at the
network edge or access layer.
• Frames and packets can be marked as important by
using Layer 2 Class of Service (CoS) settings in the User
Priority bits of the 802.1p portion of the 802.1Q header
or
• The IP Precedence/Differentiated Services Code Point
(DSCP) bits in the Type of Service (ToS) Byte of the IPv4
header

Trust – Do you trust me?
• In order to take advantage of COS at the edge

then the access layer device must “trust” the QoS
devices/applications it is connected to.
• The default action is for a switch with QoS

features activated not to trust edge devices that
have written CoS features into the frame.
– Any frames that enter the switch will have their CoS re-
written to the lowest priority of zero.
• If the edge device can be trusted then the switch

will switch the frame without changing the Cos
setting.
Trusted vs. Untrusted Ports
Trusted
Untrusted
Trusted

QoS Trust Boundaries

Class of Service at the Switch
• Depending on the switch model, it may be necessary to

first activate QoS:
switch(config)#mls qos
• This command is required on both the Catalyst 3550 and

the Catalyst 6500.
– The Catalyst 2950 has QoS enabled by default.
• The trust is configured on the switch port using the

command:
switch(config-if)#mls qos trust cos

Remember Native VLAN?
• If an untagged frame arrives at the switch port,
the switch will assign a default CoS to the frame
before forwarding it. (native VLAN)
• By default untagged frames are assigned a CoS

of zero.
• This can be changed using the interface

configuration command:
switch(config-if)#mls qos cos [cos-value]
– Where [cos-value] is a number between 0 and 7.
– Traffic that passes through the port will be
automatically tagged with the new CoS value.
Override the CoS Field
• In some cases it may be desirable not to trust any
CoS value that may be present in frames sourced
from an edge device.
• For this reason, it is possible to use the override

parameter to tell the switch to ignore any existing
CoS value that may be in the frame and apply the
default value.
switch(config-if)#mls qos cos [cos-value]

Switch(config-if)#mls qos cos override
– This will re-write the CoS value for any frame entering the
switch port to the default setting.
MAC ACL to Assign DSCP
• It is not always possible to classify the CoS of a

frame, based on an ingress port.
• The ingress port may be attached to a hub or a
simple workgroup switch that does not support
QoS.
– This hub or switch may be connecting to multiple
workstations that all require different CoS values.
– Differing types of devices may be on the same subnet
(IP ACL will not work)

MAC ACL to Assign DSCP
• Not all frames can be assigned a CoS based on

ingress port
Configure a MAC ACL
• However, in the QoS context, the permit and deny

actions in the access control entries (ACEs) have
different meanings than with security ACLs:
– If a match with a permit action is encountered, known
as the first-match principle, the specified QoS-related
action is taken.
– If a match with a deny action is encountered, the ACL
being processed is skipped, and the next ACL is
processed.
– If no match with a permit action is encountered and all
the ACLs have been examined, no QoS processing
occurs on the packet.
Switch(config)#mac access-list extended [name]

MAC ACL Example
Switch(config)#mac access-list extended receptionph
Switch(config-ext-macl)#permit host 000.0a00.0111 any
Switch(config-ext-macl)#exit
Switch(config)#
Switch(config)#class-map match-all ipphone
Switch(config-cmap)#match access-group name receptionph
Switch(config-cmap)#exit
Switch(config)#policy-map inbound-accesslayer
Switch(config-pmap)#class ipphone
Switch(config-pmap-c)#set ip dscp 40
Switch(config)#interface range fastethernet 0/1 - 24
config-if-range)#service-policy input inbound-accesslayer
Using an IP ACL
• Using the Modular QoS Command Line Interface (MQC) it is
possible to classify traffic based on its IP or TCP properties
• In this FTP example, an IP ACL is used to identify the packets:
Switch(config)#ip access-list extended 100

Switch(config-ext-nacl)#permit tcp any any eq ftp
• Traffic is classified as “reducedservice” if it is permitted by

the access list.
Switch(config)#class-map reducedservice
Switch(config-cmap)#match access-group 100
Policing and Marking
“out of profile”
• Traffic policing involves placing a constraint on

the maximum traffic rate.
• When the traffic rate reaches the configured
maximum rate, excess traffic is dropped or
remarked to a lower DSCP value
Policing Flow Chart
Packets that exceed the limits are said

to be “out of profile” or nonconforming.

Committed Access Rate (CAR)
• CAR implements both classification services and policing

through rate limiting.
• The classification services of CAR allow traffic flow limits

to be placed on incoming traffic.
• These limits specify the average rate, rate-bps, and the

burst rate, burst-byte, that is permissible.
– Traffic that is nonconforming either because it exceeds
the average rate or the burst rate specified can be
marked down in terms of DSCP.
– Traffic is then dropped based on the new DSCP value as
part of congestion avoidance
CAR Configuration
• The policy-map command that enables CAR is

'police' and is specified for a given class of
traffic.
Switch(config)#police [rate-bps] [burst-bps] [exceed-action
{drop | policed-dscp-transmit}]
• In order to mark down the DSCP value of

nonconforming traffic, the switch uses a map to
translate between the initial DSCP value and the
marked down DSCP.

Configuring Classification using CAR
• Create an IP standard ACL to permit traffic,

this will be used to match traffic.
• Traffic that matches this ACL will receive a
DSCP value in the incoming packet is trusted
• In the following example, traffic that exceeds
an average traffic rate of 48000 bps and a
normal burst size of 8000 bytes is marked
down.

CAR Example – drop
Switch(config)#access-list 1 permit 10.1.0.0 0.0.255.255

Switch(config)#class-map ipclass1
Switch(config-cmap)#match access-group 1
Switch(config-cmap)#exit
Switch(config)#policy-map flow1t
Switch(config-pmap)#class ipclass1
Switch(config-pmap-c)#trust dscp
Switch(config-pmap-c)#police 48000 8000 exceed-action drop
Switch(config-pmap)#exit
Switch(config)#interface gigabitethernet0/1
Switch(config-if)#service-policy input flow1t

Scheduling
• The process of assigning packets to one of

multiple queues, based on classification, for
priority treatment through the network is called
scheduling.
• Examples of different scheduling techniques are:
– First In First Out - FIFO
– Weighted Fair Queuing - WFQ
– Class Based Weighted Fair Queuing - CBWFQ

First In First Out
• The simplest form of scheduling and the default for

interfaces 2 Mbps and faster.
• The FIFO queue offers no preferential service for traffic,
packets are forwarded in the order they are received.

Weighted Fair Queuing
• Weighted Fair Queuing (WFQ) classifies traffic entering the queue

based on traffic flows.
– Classification can be based on source and destination addresses,
the protocol and TCP port numbers
• Each flow is given its own queue.
• WFQ services each of these queues on a round robin basis.
– Every flow of traffic has an equal share of the available bandwidth
• In some cases, the “weight” needs to be modified so that WFQ
does not share bandwidth on a round-robin basis, but is influenced
by the class or priority of the traffic in the flow.

Weighted Fair Queuing
Weighted fair queuing is activated on

a Layer 3 interface:
Router(config)#interface serial 0/0
Router(config-if)#fair-queue

WFQ and IP Precedence
• WFQ is IP precedence-aware.
• WFQ can detect higher priority packets marked
with precedence and schedule them faster.
– Higher priority packets are assigned a lower
weight and a greater share of the total bandwidth
• In order for WFQ to be truly fair, every flow
would have to have the same precedence.

Weight and Precedence
• Weight is calculated inversely to precedence.

– The higher the precedence, the lower the weight
W=K/precedence + 1
K = 4096 with Cisco IOS 12.0(4)T and earlier
releases, and 32384 with 12.0(5)T and later
releases.
• Bandwidth is proportional to precedence.

– Each flow will get precedence + 1 parts of the link
1 + 2 + 3 + 4 + 5 + 6 + 7 + 8 = 36
Therefore, precedence 0 traffic will get 1/36 of
the bandwidth, precedence 1 traffic will get
2/36, and precedence 7 traffic will get 8/36.
Class Based WFQ (CBWFQ)
• Allows for user defined traffic classes using match

criteria including protocols, ACLs, and input
interfaces.
– CBWFQ provides for up to 64 classes -- WFQ is limited
to 7 classifications (queues)
• Once a class has been defined according to its
match criteria, characteristics can be assigned to it.
– To characterize a class, bandwidth, weight, and
maximum packet limit are specified.

CBWFQ Class Characteristics
• The bandwidth assigned to a class is the

guaranteed bandwidth delivered to that class
during congestion.
• After a queue has reached its configured packet

limit, queuing of additional packets to the class
causes further packets to be dropped.
• A default class can be configured with a

'bandwidth' policy-map class configuration
command, for all unclassified traffic
– This traffic is put into a single FIFO or WFQ queue and
given treatment according to the configured bandwidth.
CBWFQ Example

Configuring CBWFQ
Router(config)#mls qos
Router(config)#class-map prioritytraffic
Router(config-cmap)#match dscp 50
Router(config)#policy-map prioritybw
Router(config-pmap)#class class-default fair-queue
Router(config-pmap-c)#class prioritytraffic bandwidth percent 40
queue-limit 200
Router(config)#interface gigabitethernet0/1
Router(config-if)#service-policy output prioritybw

Configuring Campus Switches To Support Voice and Video Applications

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Configuring Campus Switches To Support Voice and Video Applications

Uploaded by

Copyright:

Available Formats

Configuring Campus Switches to

Support Voice and Video

© 2003, Cisco Systems, Inc. All rights reserved. 1

• Accommodating Voice Traffic on Campus

© 2003, Cisco Systems, Inc. All rights reserved. 2

• Campus networks carry a variety of data

• Proper design and configuration efforts

© 2003, Cisco Systems, Inc. All rights reserved. 3

• Cisco recommends an end-to-end single

© 2003, Cisco Systems, Inc. All rights reserved. 4

© 2003, Cisco Systems, Inc. All rights reserved. 5

• Cisco Catalyst switches offer a "voice VLAN"

• Voice traffic is on a specific VLAN, and IP

© 2003, Cisco Systems, Inc. All rights reserved. 6

When a phone is connected to the switch, the switch sends necessary

© 2003, Cisco Systems, Inc. All rights reserved. 7

• Placing phone traffic onto a distinct

© 2003, Cisco Systems, Inc. All rights reserved. 8

• To save switchport density and cable runs, a PC can be

© 2003, Cisco Systems, Inc. All rights reserved. 9

© 2003, Cisco Systems, Inc. All rights reserved. 10

• IP telephony places strict requirements on

© 2003, Cisco Systems, Inc. All rights reserved. 12

• What features are required for each network device?

© 2003, Cisco Systems, Inc. All rights reserved. 13

• QoS is the application of features and

© 2003, Cisco Systems, Inc. All rights reserved. 14

• Congestion and latency can be caused by speed

© 2003, Cisco Systems, Inc. All rights reserved. 15

© 2003, Cisco Systems, Inc. All rights reserved. 16

Switch#show interfaces fastethernet 0/4

© 2003, Cisco Systems, Inc. All rights reserved. 17

© 2003, Cisco Systems, Inc. All rights reserved. 18

© 2003, Cisco Systems, Inc. All rights reserved. 19

• Delay (or latency) is the amount of time that it takes a packet

© 2003, Cisco Systems, Inc. All rights reserved. 20

© 2003, Cisco Systems, Inc. All rights reserved. 21

© 2003, Cisco Systems, Inc. All rights reserved. 22

© 2003, Cisco Systems, Inc. All rights reserved. 23

© 2003, Cisco Systems, Inc. All rights reserved. 24

• Best-effort is a single service model in which an application

© 2003, Cisco Systems, Inc. All rights reserved. 25

• The Differentiated Services or DiffServ is an

© 2003, Cisco Systems, Inc. All rights reserved. 26

• Represented using the first three (precedence) or six (DSCP) bits of

© 2003, Cisco Systems, Inc. All rights reserved. 27

Class Selector Bits

© 2003, Cisco Systems, Inc. All rights reserved. 28

© 2003, Cisco Systems, Inc. All rights reserved. 29

• At the Datalink layer a raw Ethernet frame has

© 2003, Cisco Systems, Inc. All rights reserved. 30

• At the Network layer an IP packet contains a one

© 2003, Cisco Systems, Inc. All rights reserved. 31

© 2003, Cisco Systems, Inc. All rights reserved. 32

© 2003, Cisco Systems, Inc. All rights reserved. 33

• The class-map command is used to define a traffic class.

© 2003, Cisco Systems, Inc. All rights reserved. 34

• On the Catalyst 3550 and 6500 the Modular QoS

• This nesting can be achieved with the use of the

© 2003, Cisco Systems, Inc. All rights reserved. 35

• The policy-map command is used to create a traffic

© 2003, Cisco Systems, Inc. All rights reserved. 36

• The service policy command is used to attach