QOS notes
The majority of these notes are taken from a class I took at Networld+Interop conference, September 14-16, 1999. Francois Fluckiger (from CERN) was the instructor. They are for my personal reference, nothing more. A lot of these notes are copied directly from his slides. Note that this class was in 1999; standards may have progressed since then. I have updated some things, but not everything...
Table of Contents
L2-802.1p(D)/Q
- 802.1Q is the standard for Virtual LANs (VLANs)
- VLANs identified by tag field added to layer2 header
- VLAN Tag field contains a 3 bit User-Priority (UP) field
Note: 802.1p priority field in 802.1Q Tag: 3 bits; VLAN ID: 12 bits
- Every host in a VLAN may select one (out of 8) user priority
- User Priority mapped to Traffic Class
- Not one-to-one mapping: from 0 to 7 possible traffic classes. Defaults usually have 7 has highest and reserved for ntwrk ctrl traffic.
- User priority handled within switches by
- appropriate queueing
- discard policy
- Provides a simple label for classification (no complex parsing needed)
- |
802.1p/Q |
Priority |
Priority Code Point (PCP) |
Acronym |
Traffic Type |
Lowest |
1 |
BK |
Background |
|
0 |
BE |
Best Effort |
|
2 |
EE |
Excellent Effort |
|
3 |
CA |
Critical Applications |
|
4 |
VI |
Video |
|
5 |
VO |
Voice |
|
6 |
IC |
Internetwork Control |
Highest |
7 |
NC |
Network Control |
- IEEE 802.1/D does not specify number of queues
- Queues must be FIFO
- If multiple queues, (by default) Simple Priority Queuing (PQ)
- frame x forwarded only if all higher priority queues are empty
- i.e. high-priority queues get absolute priority
- see below for more
- User Priority setting can come from directly attached hosts or routers
- Host - QoS API mapping from e.g. RSVP param to traffic class
- Routers - mapping from e.g. RSVP param to traffic class
- Not addressed in 802.1p(D)/Q
- No recommendation about how sender should select value for user priority value.
- No assumption about the semantic of traffic classes "what does a class mean?"
- Only simple priority queing algorithm defined, but more sophisticated queuing may be later defined (e.g. WFQ).
- No resource reservation/admission control defined
L3-diffserv
- Set DiffServ Code Point (DSCP) into Type of Service (TOS) byte in IPv4 or Traffic Class octet in IPv6.
- DSCP could be set at node, but should be set at leaf router?
- Originally, TOS byte made up of RFC791 Precedence field (3 bits), RFC1349 ToS field (4 bits), plus the bit immediately following.
- Now, 6 bits go to DSCP, and 2 bits go to ECN (Explicit Congestion Notification).
- For DSCP, 32 values are for public use (21 are standardized). 32 are experimental.
- ECN
00 | sending device not capable of reading and responding (to) ECN |
01 or 10 | sending device is ECN capable and not experiencing congestion |
11 | Sending device is ECN capable and experiencing congestion, please throttle back rate of packet transmission to avoid losing packets |
- IETF recommends following groups for per hop behaviours:
DE (Default) |
Best effort forwarding. Recommended DSCP is 000000. |
AF (Assured Forwarding) PHB |
3 drop precedences (low, medium, high) each with 4 classes. In case of congestion, node will try to protect packets with higher drop-precedence values. (RFC2597)
|
Class 1 (lowest) |
Class 2 |
Class 3 |
Class 4 (highest) |
Low Drop |
AF11 (DSCP 10) |
AF21 (DSCP 18) |
AF31 (DSCP 26) |
AF41 (DSCP 34) |
Med Drop |
AF12 (DSCP 12) |
AF22 (DSCP 20) |
AF32 (DSCP 28) |
AF42 (DSCP 36) |
High Drop |
AF13 (DSCP 14) |
AF23 (DSCP 22) |
AF33 (DSCP 30) |
AF43 (DSCP 38) |
|
EF (Expedited Forwarding) PHB |
Highest prio. Node must supply a low-loss, low-latency, and assured bandwidth, path/queue through the node.
- Node is configured with a well-defined minimum departer rate.
- Conditioning (e.g. policing and shaping) should be put in place to guarantee that the arrival rate at the node is always less than the node's configured minimum departure rate.
Recommended DSCP is 101110 (46 decimal, 2E hex). |
VA (Voice Admit) PHB |
rfc 5865. identical chars to EF PHB. also admitted by network using CAC (call admission control). Recommended DSCP is 101100 (44 dec or 2C Hex) |
sample cisco router dscp qos cfg section
class-map match-any qos-gw-crit-traf
match ip dscp cs6
class-map match-any media
match ip dscp ef
class-map match-any control
match ip dscp cs3
match ip dscp af31
!
!
policy-map voip
class media
bandwidth percent 50
class control
bandwidth percent 5
class qos-gw-crit-traf
bandwidth percent 5
class class-default
fair-queue
IPv4 packet header (RFC791)
This section needs to be updated...
Precedence and ToS: RFC791 and 1349
Precedence field
(relative discard priority)
|
Value | RFC791 semantics |
110 | Internetwork Control |
101 | Critical |
100 | Flash Override |
011 | Flash |
010 | Immediate |
001 | Priority |
000 | Routine |
|
ToS field
(relative delay priority)
|
Value | RFC1349 semantics |
1000 | minimize delay |
0100 | maximize throughput |
0010 | maximize reliability |
0001 | minimize monetary cost |
0000 | normal service |
|
IPv6 packet header
- DS field (RFC2474) coded in
- IPv4 ToS octet
- IPv6 Traffic Class octet
- 6-bit field to code the DS code point (DSCP field)
- Incompatable with existing definition of IPv4 ToS
|
|
Preserving partial backward compatibility
for experimental, local use | 'xxxxx1' | (32 values) |
for standardization | 'xxxxx0' | (24 values) |
reserved for IPv4 ToS compatibility | 'xxx000' | (7 values) |
best effort (default) | '000000' | (1 value) |
- Per Hop Behaviors (PHBs) are then set in each node (i.e. this TOS byte gets 20% of traffic, this TOS byte gets 30%, everything else gets rest). See Queuing behaviors below for more reference.
Standardized DHCP markings
Application/Network Service Classes
- IETF RFC4594 defines 12 ASCs (Application Service Classes)
via DSCPs.
- These can be mapped to 8 NSCs (Network Service Classes)
represented via 802.1q field
This table originally taken from Table 4-1 in Nortel VoIP Technologies
book
Application Service Class |
Elasticity |
DSCP |
DSCP mark |
QoS mark |
Loss |
Delay |
Network Control (net element msging such as routing) |
Both |
CS6 |
48 (dec) |
6 |
Low |
Low |
Telephony (VoIP audio) |
Inelastic |
EF |
46 (dec) |
5 |
Very Low |
Very Low |
Real-time Interactive (video) |
Inelastic |
CS4 |
32 (dec) |
|
Low |
Very Low |
Multimedia Conferencing (audio-video conferences with
rate adaptive CODECs) |
Rate adaptive |
AF4x |
AF41 - 34, AF42 - 36, AF43 - 38 |
|
Low/Med |
Very Low |
Signaling (app-signaling such as SIP) |
Inelastic |
was CS5, AF31 now CS3 |
was 40, 26 now 24 (dec) |
3 |
Low |
Low |
Broadcast Video (broadcast-quality trans - IPTV,
security video...) |
Inelastic |
was CS3 now AF41 |
was 24 now 34 |
4 |
Very Low |
Med |
Multimedia Streaming (audio-video transmissions -
podcasts, streaming video...) |
Elastic |
AF3x |
AF31 - 26, AF32 - 28, AF33 - 30 |
|
Low/Med |
Med |
Low Latency Data (delay-sensitive apps - client/server,
transaction-based svcs |
Elastic |
AF2x |
AF21 - 18, AF22 - 20, AF23 - 22 |
|
Low |
Low/Med |
High Throughput Data (file transfers - ftp, http...) |
Elastic |
AF1x |
AF11 - 10, AF12 - 12, AF13 - 14 |
|
Low |
Med/High |
OAM (ops data) |
Both |
CS2 |
16 |
|
Low |
Med |
Standard (best effort traffic) |
No spec |
DF |
0 |
|
Not
specified |
Low Priority Data (data that can be starved) |
Elastic |
AF1x |
|
|
High |
High |
ASC to NSC mappings
- Some switches will map DSCP (ASC) mappings to 802.1q (NSC)
mappings and ignore what is in that field
- Book says "If an IP packet arrives with a non-standard or
experimental DSCP value that is not mapped to any svc class, then this
packet must be treated as a DF-marked (default) packet."
- RFC4594 defines scheduler/queue types as rate or priority
- Priority Queuing looks at highest prio queue and sends
packets if packets exist. Then goes to next, etc.
- Rate-based queuing including things like WRR and WFQ (see
QoS
cheatsheet)
NSC Traffic Svc Classes
- App traffic can be divided into 2 categories
- Network Control - net traffic such as routing updates
- User traffic
- Interactive (human to human) - sensitive to delay,
loss, jitter. Delay perf on order of 10s of ms
- Responsive (human to server) - less affected by jitter.
Can tolerate longer delays than interactive traffic. Delay perf on
order of 100s of ms
- Timely (between servers or server to human) - daly
tolerance significantly longer than Responsive traffic. delay perf less
than 1 sec.
- NSCs are a superset of six QoS classes defined in ITU-T
Y.1541.
taken from table 4-5 in Nortel VoIP Technologies
Network Control Traffic Category |
Network Service Class |
Target Applications |
Loss Tolerance |
Delay Tolerance |
Jitter Tolerance |
Trafic Profile |
Network Control |
Network |
|
Low to very low |
Low |
NA |
Variable sized packets |
Interactive |
Premium |
- VoIP Telephony
- Interactive video (video conferencing)
|
Very low to low |
Very low |
Very low to low |
Typically varaiable sized packets |
Interactive |
Platinum |
- Multimedia conferencing (rate adaptive)
- Application Signaling
|
Low to med |
Very low to low |
Low to med |
Variable sized packets |
Responsive |
Gold |
- Broadcast TV
- Pay-per-view movies and events
- Video surveillance and security
- Web casts - multimedia streaming
- Interactive gaming
|
Very low to med |
Med |
Low to high |
Variable sized packets |
Responsive |
Silver |
- Client/Server apps
- SNA term-to-host transactions (SNA over IP using DLSw)
- Web-based ordering
- Credit card transactions
- Financial wire transfers
- ERP apps
|
Low |
Low to med |
NA |
Variable sized packets |
Timely |
Bronze |
- Store and forward apps
- Email
- Billing record transfer
- Non-critical OAM&P (SNMP, TFTP, ...)
|
Low |
Med to high |
NA |
Variable-sized packets |
Timely |
Standard |
- All traf not in other classes
- Best Effort traffic
- Bulk data transfer
|
Typically not specified |
Typically not specified |
NA |
Variable-sized packets |
Timely |
Custom |
|
Custom Defined |
Custom Defined |
Custom Defined |
Specified |
RSVP
Resource Reservation Protocol - packets sent to reserve (and tear down) priority path (L3)
- "path" control message sent periodically by source to destination
- "path" establishes an RSVP route in intermediary routers
- sink/destination replies with a "resv" message, according to its capabilities
- "resv" reserve resources in node on route back
- if "path" not repeated after time-out, resources released
- "path" and "resv" are carried by ordinary best-effort datagrams
- if there's a problem during reservation, error msg sent to reciever is path fail. Teardown by either end to release reservations.
- Note that "reservation" requests can be merged by nodes in a multicast situation
When NOT to use RSVP(?)
- To prioritize traffic types, regardless of destination (use statically invoked class-based queuing)
- To create limited number of host-to-host pipes with guaranteed badwidth (use statically invoked queuing)
When possibly to use RSVP(?)
- To create dynamic pipes between hosts with service guarantees (use RSVP for host-to-host level flows)
- To create dynamic pipes between applications with service guarantees (use RSVP for application level flows (e.g. for videoconferencing where device might be doing something else))
- To create point-to-multipoint trees, with service guarantees
- Note that core network scalability is a concern, as the central routers would be supporting numerous per-flow reservations in high speed backbone. Reservation processing and storage (states) overhead in router; classification and scheduling overhead.
- consider edge-aggregation solutions to resolve scaling issues
Queue Types
FIFO
- No data prioritizing - Fair
Simple Priority Queueing (PQ)
- One queue per class
- high-p queues get absolute priority
- lower-p queues may overflow
- no bandwidth guarantees
- high-p traffic may use more than needed
- low-p traffic may get no service at all
Fair Queuing
- Round robin
- each queue recieves the same amount of bandwidth
Weighted Round Robin
- a technique for queue servicding
- queues drained in weighted round-robin
- no class gets more than a predetermined proportion of line capacity in times of congestion
- within a class, FIFO respected
- class-based queuing is an example of Weighted Round Robin (where Video get x%, voice, gets y%, mail get z%, etc....)
- note: weighting dificult to implement when packet size varies significantly
Weighted Fair queuing (WFQ)
- An improvement of Weighted round robin to take into account varying packet size
- Algorithm
- Traffic classified in weighted round robin queues
- Then packet which is serviced is the one with "smallest finish time, had the weighted round robin algorithm been used"
Congestion Control (including RED and WRED)
- Congestion control includes
- congestion avoidance
- congestion management (what to do when it occurs)
- In Internet, enabling congestion control technique based on queue management
- Queue management is
- a recommended mechanism to improve regular best-effort
- a mandatory mechanism to implement Diffserv AF
- TCP will throttle back when congestion is observed
- UDP will not.
- A high number TCP flows simultaneously active can cause problems as they all ramp up and back off at the same time. This is referred to as Global Synchronization problem.
Goals
- Reach a sustainable steady state where sender and receivers are synchronized
- Be able to absorb bursts on top of steady traffic
- Implies steady traffic does not consume all queue capacity
- Passive techniques (dropping packets from various places in queues) not optimal
- Back - Full queues, global synchronization problems (tcp noted above)
- Middle - Full queues, expensive (have to calculate random place in middle)
- Front - Full queues
Active dropping: RED
- Drop arriving packets probabilistically before the queue is full
- Probability of drop increases with queue size
- Queue size = time - averaged length, not instantaneious length
- Minimum threshold: av-size below which no packets are dropped
- Maximum threshold: av-size above which all packets are dropped
- if single queue, this is called "FIFO-RED".
- Maintains FIFO principals
- Drops pkts from each flow in proportion to ammount of bandwidth consumed
- Punishes high rate flows
- Not absolutely fair
Weighted RED (WRED)
- RED with multiple pairs of thresholds on the same queue
- One pair of thresholds per class of packet
- Used to implement Diffserv Assured (3 Drop Pref)
- When 2 classes only
- often, classes are for "in profile" and "out of profile"
- then this particular WRED called RIO (RED In:Out)
Cisco Switch Configure QoS - 2960
Taken from 'Catalyst 2960-X Switch QoS Configuration Guide, CIsco IOS
Release 15.0(2) EX'
mls qos (turn on QoS globally)
no mls qos rewrite ip dscp (enable DSCP transparency - don't change dscp markings)
show mls qos
show mls qos interface
cdp enable (enable cdp globally)
Trusting port including VoIP phones
interface interface-id
mls qos trust [cos | dscp | ip-precedence] (trust qos markings coming from this port)
mls qos cos {default-cos| override} (modify ports cos settings)
mls qos trust cos (trust cos markings coming from this port - if a phone?)
mls qos trust dscp (trust dscp markings coming from this port - if a phone?)
mls qos trust device cisco-phone (trust port markings if device cdp identifies as a cisco phone - switch sets voice packets to COS 5 and data packets to COS 0)
Trust next domain over
mls qos map dscp-mutation dscp-mutation-name in-dscp to out-dscp
interface interface-id
mls qos trust dscpmls qos dscp-mutation dscp-mutation-name
show mls qos maps dscp-mutation
Configure a QOS Policy
Classify Traffic
access-list access-list-number {deny | permit} source [source-wildcard]
OR
access-list access-list-number {deny | permit} protocol source source-wildcard destination destination-wildcard
show access-lists
layer 2 MAC ACL
mac access-list extended name
{permit | deny} {host srsc-MAC-addr mask | any | hosT dst-MAC-addr mask [type mask]
class-map {match-all | match-any} class-map-name
match {access-group acl-index-or-name | ip dscp dscp-list | ip precedence ip-precedence-list
Policy Maps
- can contain multiple class statements, each with diff match crit and policers
- can contained predefined def traff class explicitly placed at end of map
- separate policy-map class can exist for each type of traffic received through a port
- 1 policy map per ingress port
- ip-precedence-to-DSCP map only affect packets on ingress interfaces configured to trust IP precedence value
class-map [match-all | match-any] class-map-name
policy-map policy-map-name
class [class-map-name | class-default]
trust [cos | dscp | ip-precedence]
set {dscp new-dscp | ip precedence new-precedence}
police rate-bps burst-byte [exceed-action {drop | policed-dscp-transmit}]
interface (interface-id]
service-policy input policy-map-name
show policy-map [policy-map-name [class class-map-name]]
Aggregate Policer
Aggregate policer is shared by multiple traffic classes eithin same policy map.
mls qos aggregate-policer aggregate-policer-name rate-bps burst-byte exceed-action {drop | policed-dscp-transmit}
(burst-byte is the amount of bytes allowed to burst)
class-map [match-all | match-any] class-map-name
policy-map policy-map-name
class [class-map-name | class-default]
police aggregate aggregate-policer-name
interface interface-id
service-policy input policy-map-name
show mls qos aggregate-policer [aggregate-policer-name]
CoS-to-DSCP Map
mls qos map cos-dscp dscp1...dscp8
(matches 8 COS values (0-7) to DSCP values listed)
show mls qos maps cos-dscp
IP-Precedence-to-DSCP Map
mls qos map ip-prec-dscp dscp1...dscp8
(matches 8 ip precedence values (0-7) to DSCP values listed)
show mls qos maps ip-prec-dscp
policed-dscp map
mls qos map policed-dscp dscp-list to mark-down-dscp
e.g. policed-dscp 50 51 52 53 54 55 56 57 to 0
show mls maps policed-dscp
DSCP-to-CoS Map
Up to 8 DSCP values
mls qos map dscp-cos dscp-list to cos
e.g. mls qos map dscp-cos 0 8 16 24 32 40 48 50 to 0
show mls qos maps dscp-to_cos
DSCP-to-DSCP Mutation Map
mls qos map dscp-mutation dscp-mutation-name in-dscp to out-dscp
in-dscp can be up to 8 dscp markings
e.g. mls qos map dscp-mutation mutation1 1 2 3 4 5 6 7 to 0
interface interface-id
mls qos trust dscp
mls qos dscp-mutation dscp-mutation-name
show mls qos maps dscp-mutation
Cfging Egress Queue Characteristics
mls qos queue-set output qset-id buffers allocation1 ... allocation4
mls qos queue-set output qset-id threshold queue-id drop-threshold1 drop-threshold2 reserved-threshold maximum-threshold
- allocations are percentage applied to each queue
- qset-id is 1 or 2
- drop-thresholds are WTD thresholds as a percentage of queue's allocated memory
- reserved threshold is percentage guaranteed for the queue
- maximum threshold is max percentage memory that queue can have before packets are dropped if common pool is not empty
interface interface-id
queue-set qset-id
show mls qos interface [interface-id] buffers
Mapping DSCP or CoS Vals to Egress Queue and Threshold ID
mls qos srr-queue output dscp-map queue queue-id threshold threshold-id dscp1...dscp8
mls qos srr-queue output cos-map queue queue-id threshold threshold-id cos1...cos8
show mls qos maps
By default, DSCP values 0–15 are mapped to queue 2 and threshold 1. DSCP
values 16–31 are mapped to queue 3 and threshold 1. DSCP values 32–39 and 48–63 are mapped to queue 4 and threshold 1. DSCP values 40–47 are mapped
to queue 1 and threshold 1.
By default, CoS values 0 and 1 are mapped to queue 2 and threshold 1. CoS values 2 and 3 are mapped to queue 3 and threshold 1. CoS values 4, 6, and 7 are mapped to queue 4 and threshold 1. CoS value 5 is mapped to queue 1 and threshold 1.
Cfg SRR Shaped Weights on Egress Queues
Ratio of frequencies that scheduler sends packets from each queue.
interface interface-id
srr-queue bandwidth shape weight1 weight2 weight3 weight4
show mls qos interface interface-id queueing
Weight range is 0 to 65535. 0 means shared mode and srr-queue bandwidth share on interface comes into play. shaped mode overrides shared mode. weight1 default is 25. all others are 0.
Cfg SRR shared Weights on Egress Queues
Shared bandwidth guaranteed but not limited (excess can be used by other queues).
interface interface-id
srr-queue bandwidth share weight1 weight2 weight3 weight4
(weight range is 1 to 255)
show mls qos interface interface-id queueing
Cfg Egress Expedite Queue
This queue gets serviced until empty.
mls qos
interface interface-id
priority-queue out
NOTE: with expedite queue - weight1 is ignored
Limiting bw on egress intrfce
interface interface-id
srr-queue bandwidth limit weight1
weight1 is 10 to 90 (default 100)
Cisco Switch Configure QoS - 3850
From QoS Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3850
Switches)
Overview
- Classification - by ACL, DSCP, CoS, IP precedence, QoS-group
- Marking and mutation
- Shaping and policing - imposing max rate of traffic
- Queuing
- Bandwidth - avail capacity for traffic subject to QoS policies
- Trust
- Upstream - towards switch. sames as ingress. wireless to wired.
- Downstream - from switch. sames as egress. wired to wireless.
- NRT - non real time
- Modular QoS Command Line Interface (MQC) - platform-independent CLI to creat traffic policies and attach policies to interfaces
- traffic policy contains traffic class and one or more QoS features
- traffic class used to classify traffic
- QoS features determine how to treat classified traffic
wired
- Gig, 10Gig, VLAN settable
- installed using service-policy command
- up to 8 queues per port
port policies
- include port shaper and child policy
- child policy only apply to wireless ports. port shaper limited to 1G
Port Policy Format
- AP connected to switch port is detectd, and default hierarchical policy is applied
Default class map
class-map match-any non-client-nrt-class
(puts traffic in Q3 queue)
show class-map
Default policy map
policy-map port_child_policy
class non-client-nrt-class
bandwidth remaining ratio 10
System-defined policy map for wireless devices
port-child-policy can be customized
Policy-map policy_map_name
class class-default
shape average average_rate
service-policy port_child_policy
example port child policy
Policy-map port_child_policy
Class voice-policy-name (match dscp ef)
Priority level 1
Police (multicast-policer-name-voice) Multicast Policer
Class video-policy-name (match dscp af41)
Priority level 2
Police (multicast-policer-name-video) Multicast Policer
Class non-client-nrt-class traffic(match non-client-nrt)
Bandwidth remaining ratio (brr-value-nrt-q2)
Class class-default (NRT Data)
Bandwidth remaining ratio (brr-value-q3)
(puts voice and video to Q0 and Q1 queues - strict priority)
(brr-value-nrt-q2 and brr-value-q3 are directed to the Q2 and Q3 specified by class maps class-default and non-client-nrt - round robin)
Hierarchical Wireless QoS
- policy enforcement happens on switch port
Configuring QoS
Traffic Class
class-map {class-map name | match-any}
match access-group {index-number | name}
match class-map class-map-name
match cos cos-values
match dscp dscp-values (can be dscp names e.g. af11 af12)
match ip {dscp dscp-value | precedence precedence-value}
match non-client-nrt (wireless only - multicast and ap non-client bound traffic)
match qos-group qos-group-value (0-31)
match vlan vlan-value
match wlan user-priority wlan-value (802.11e values 0-7)
match wlan user-priority 7
Traffic Policy
policy-map policy-map-name
class {class-name | class-default}
admit
bandwidth {kbs-value | percent percentage | remaining {ratio ratio}}
police {target_bit_rate | cir | rate}
priority {kbs | level level-value | percent percentage-value}
queue-buffers ratio ratio-limit
queue-limit {packets | cos | dscp | percent}
service-policy policy-map-name
set {cos | dscp | ip | precedence | qos-group | wlan}
shape average {target_bit_rate | percent value}
Class-Based Packet Marking
policy-map policy-name
class class-name
set cos {cos-value | cos table table-map-name | dscp table table-map-name |
precedence table table-map-name | qos-group table
table-map-name | wlan user-priority table table-map-name}
set dscp {dscp-value | default | dscp table table-map-name | ef | precedence table table-map-name |
qos-group table table-map-name | wlan user-priority table table-map-name}
set ip {dscp | precedence} value
set precedence {precedence-value | cos table table-map-name | dscp table table-map-name |
precedence table table-map-name | qos-group table table-map-name}
set qos-group {qos-group-value | dscp table table-map-name | precedence table table-map-name}
set wlan user-priority {wlan-user-priority-value | cos table table-map-name |
dscp table table-map-name | qos-group table table-map-name |
wlan table table-map-name}
show policy-map
Attaching a traffic policy to an interface
interface type
service-policy {input policy-map | output policy-map }
show policy map [policy-map-name [class class-map-name]]
Class Maps for Voice/Video
class-map class-map-name
match dscp dscp-value-for-voice
class-map class-map-name
match dscp dscp-value-for-video
Configuring Table Maps
enable the mapping and conversion of one field to another using a table (e.g. cos to dscp)
table-map name {default {default-value | copy | ignore} | exit | map {from from-value to to-value } | no}
map from value to value
show table-map
policy-map
class class-default
set cos dscp table table-map-name
Disabling Wireless Traffic Trust
qos wireless-default-untrust
Call Admission Control
class-map class-name
match dscp dscp-value
table-map name
default copy
policy-map policy-name
class class-map-name
priority level level_value
police [target_bit_rate | cir | rate ]
admit cac wmm-tspec
rate value
wlan-up value
policy-map policy-name
class class-map-name
set dscp dscp table table_map_name
set wlan user-priority dscp table table_map_name
shape average {target-bit-rate | percent percentage}
queue-buffers {ratio ratio-value}
service-policy policy_map_name
show policy-map
Configuring Bandwidth
policy-map policy-name
class class-name
bandwidth {Kb/s | percent percentage | remaining { ratio ratio }}
Configuring Police
policy-map policy-name
class class-name
police {target_bit_rate [burst-bytes | bc | confirm-action | pir] |
cir {target_bit_rate | percent percentage} | rate {target_bit_rate |
percent percentage} conform-action transmit exceed-action {drop [violate action] |
set-cos-transmit | set-dscp-transmit | set-prec-transmit | transmit [violate action] }}
Configuring Priority
policy-map policy-name
class class-name
priority {kbs [burst_in_bytes] | level level-value [burst_in_bytes] |
percent percentage-value [burst_in_bytes]}
Priority level 1 is more important than priority level 2. Priority level 1 reserves bandwidth that is processed first for QoS, so its latency is very low. Both priority level 1 and 2 reserve bandwidth.
Configuring Queue Buffers
policy-map policy-name
class class-name
bandwidth {kbs-value | percent percentage | remaining {ratio ratio-value}}
queue-buffers {ratio ratio-value}
Configuring Queue Limits
Weighted Tail Drop. 3 threshold classes. Up to 400% of resrved buffer fr common pool.
policy-map policy-name
class class-name
bandwidth {kbs-value | percent percentage | remaining {ratio ratio-value}}
queue-limit { packets packets
| cos {cos-value { maximum-threshold-value | percent percentage }
| values {cos-value | percent percentage } }
| dscp {dscp-value {maximum-threshold-value | percent percentage}
| match packet {maximum threshold value | percent percentage}
| default {maximum-threshold-value | percent percentage}
| ef {maximum-threshold-value | percent percentage}
| dscp values dscp-value}
| percent percentage }}
example
-------
queue-limit dscp 3 percent 20
queue-limit dscp 4 percent 30
queue-limit dscp 5 percent 40
Configuring Shaping
policy-map policy-name
class class-name
shape average {target-bit-rate | percent percentage}
Monitoring
show class-map [class_map_name]
show policy-map [policy_map_name]
show policy-map interface { Auto-template | Capwap |
GigabitEthernet | GroupVI | InternalInterface | Loopback | Null |
Port-channel | TenGigabitEthernet | Tunnel | Vlan | Brief | class |
input | output | wireless }
show policy-map interface wireless ap [access point]
show policy-map interface wireless ssid [ssid]
show policy-map interface wireless client [client]
show policy-map session [ input | output | uid UUID ]
show table-map
show policy-map interface wireless ssid name ssid-name radio type {24ghz | 5ghz} ap name ap-name
Auto-QoS
Configuring & monitoring
interface interface-id
auto qos voip {cisco-phone | cisco-softphone | trust}
auto qos video {cts | ip-camera | media-player}
auto qos classify [police]
auto qos trust {cos | dscp}
show autoqos
show running-config | i autoQos
show running-config | i AutoQos
show auto qos interface interface-id
show policy-map interface interface
Auto-QoS Cos or DSCP generates
auto qos trust cos
OR
auto qos trust dscp
The following policy maps are created and applied when running this command:
AutoQos-4.0-Trust-Cos-Input-Policy
OR
AutoQos-4.0-Trust-Dscp-Input-Policy
AutoQos-4.0-Output-Policy
The following class maps are created and applied when running this command:
class-default (match-any)
AutoQos-4.0-Output-Priority-Queue (match-any)
AutoQos-4.0-Output-Control-Mgmt-Queue (match-any)
AutoQos-4.0-Output-Multimedia-Conf-Queue (match-any)
AutoQos-4.0-Output-Trans-Data-Queue (match-any)
AutoQos-4.0-Output-Bulk-Data-Queue (match-any)
AutoQos-4.0-Output-Scavenger-Queue (match-any)
AutoQos-4.0-Output-Multimedia-Strm-Queue (match-any)
Auto-QoS cisco-phone
auto qos voip cisco-phone
The following policy maps are created and applied when running this command:
AutoQos-4.0-CiscoPhone-Input-Policy
AutoQos-4.0-Output-Policy
The following class maps are created and applied when running this command:
AutoQos-4.0-Voip-Data-CiscoPhone-Class (match-any)
AutoQos-4.0-Voip-Signal-CiscoPhone-Class (match-any)
AutoQos-4.0-Default-Class (match-any)
class-default (match-any)
AutoQos-4.0-Output-Priority-Queue (match-any)
AutoQos-4.0-Output-Control-Mgmt-Queue (match-any)
AutoQos-4.0-Output-Multimedia-Conf-Queue (match-any)
AutoQos-4.0-Output-Trans-Data-Queue (match-any)
AutoQos-4.0-Output-Bulk-Data-Queue (match-any)
AutoQos-4.0-Output-Scavenger-Queue (match-any)
AutoQos-4.0-Output-Multimedia-Strm-Queue (match-any)
Auto-QoS cisco-softphone
auto qos voip cisco-softphone
The following policy maps are created and applied when running this command:
AutoQos-4.0-CiscoSoftPhone-Input-Policy
AutoQos-4.0-Output-Policy
The following class maps are created and applied when running this command:
AutoQos-4.0-Voip-Data-Class (match-any)
AutoQos-4.0-Voip-Signal-Class (match-any)
AutoQos-4.0-Multimedia-Conf-Class (match-any)
AutoQos-4.0-Bulk-Data-Class (match-any)
AutoQos-4.0-Transaction-Class (match-any)
AutoQos-4.0-Scavanger-Class (match-any)
AutoQos-4.0-Signaling-Class (match-any)
AutoQos-4.0-Default-Class (match-any)
class-default (match-any)
AutoQos-4.0-Output-Priority-Queue (match-any)
AutoQos-4.0-Output-Control-Mgmt-Queue (match-any)
AutoQos-4.0-Output-Multimedia-Conf-Queue (match-any)
AutoQos-4.0-Output-Trans-Data-Queue (match-any)
AutoQos-4.0-Output-Bulk-Data-Queue (match-any)
AutoQos-4.0-Output-Scavenger-Queue (match-any)
AutoQos-4.0-Output-Multimedia-Strm-Queue (match-any)
3850 QoS Examples
Endpoint hardphone
interface GigabitEthernet1/0/24
...
trust device cisco-phone
auto qos voip cisco-phone (configures things below)
...
service-policy input AutoQos-4.0-CiscoPhone-Input-Policy
service-policy output AutoQos-4.0-Output-Policy
policy-map AutoQos-4.0-CiscoPhone-Input-Policy
class AutoQos-4.0-Voip-Data-CiscoPhone-Class
set dscp ef
police cir 128000 bc 8000
conform-action transmit
exceed-action set-dscp-transmit dscp table policed-dscp (cs1 set)
class AutoQos-4.0-Voip-Signal-CiscoPhone-Class
set dscp cs3
police cir 32000 bc 8000
conform-action transmit
exceed-action set-dscp-transmit dscp table policed-dscp (cs1 set)
class-map match-any AutoQos-4.0-Voip-Data-CiscoPhone-Class
match cos 5
class-map match-any AutoQos-4.0-Voip-Signal-CiscoPhone-Class
match cos 3
policy-map AutoQos-4.0-Output-Policy
class AutoQos-4.0-Output-Priority-Queue
priority level 1 percent 30
class AutoQos-4.0-Output-Control-Mgmt-Queue
bandwidth remaining percent 10
queue-limit dscp cs2 percent 80
queue-limit dscp cs3 percent 90
queue-limit dscp cs6 percent 100
queue-limit dscp cs7 percent 100
queue-buffers ratio 10
class AutoQos-4.0-Output-Multimedia-Conf-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class AutoQos-4.0-Output-Trans-Data-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class AutoQos-4.0-Output-Bulk-Data-Queue
bandwidth remaining percent 4
queue-buffers ratio 10
class AutoQos-4.0-Output-Scavenger-Queue
bandwidth remaining percent 1
queue-buffers ratio 10
class AutoQos-4.0-Output-Multimedia-Strm-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class class-default
bandwidth remaining percent 25
queue-buffers ratio 25
class-map match-any AutoQos-4.0-Output-Priority-Queue
match dscp cs4 cs5 ef
match cos 5
class-map match-any AutoQos-4.0-Output-Control-Mgmt-Queue
match dscp cs2 cs3 cs6 cs7
match cos 3
class-map match-any AutoQos-4.0-Output-Multimedia-Conf-Queue
match dscp af41 af42 af43
match cos 4
class-map match-any AutoQos-4.0-Output-Trans-Data-Queue
match dscp af21 af22 af23
match cos 2
class-map match-any AutoQos-4.0-Output-Bulk-Data-Queue
match dscp af11 af12 af13
match cos 1
class-map match-any AutoQos-4.0-Output-Scavenger-Queue
match dscp cs1
class-map match-any AutoQos-4.0-Output-Multimedia-Strm-Queue
match dscp af31 af32 af33
Endpoint untrusted
interface GigabitEthernet2/0/28
---
---
service-policy input Qos-CompanyUntrusted-Input-Policy
service-policy output AutoQos-4.0-Output-Policy
table-map dscp-to-default-000000
default 0
class-map match-any Qos-CompanyRTP-Conf-Class
match access-group name Qos-CompanyRTP-Conf
ip access-list extended Qos-CompanyRTP-Conf
permit udp any any range 16384 32767
permit tcp any any range 16384 32767
class-map match-any Qos-Company-Signaling-Class
match access-group name Qos-Company-Acl-Signaling
ip access-list extended Qos-Company-Acl-Signaling
permit tcp any any range 2000 2002
permit tcp any any range 5060 5061
permit udp any any range 5060 5061
permit tcp any any range 1718 1720
permit udp any any range 1718 1720
class-map match-any Qos-Company-gateway-critical-traffic
match access-group name Qos-Company-gateway-critical-Conf
ip access-list extended Qos-Company-gateway-critical-Conf
permit tcp any any eq 22
policy-map Qos-CompanyUntrusted-Input-Policy
class Qos-CompanyRTP-Conf-Class !typical cisco rtp range
set dscp ef
police cir 30000000
conform-action transmit
exceed-action set-dscp-transmit dscp table dscp-to-default-000000
class Qos-Company-Signaling-Class !sccp sip h323
set dscp cs3
police cir 5000000
conform-action transmit
exceed-action set-dscp-transmit dscp table dscp-to-default-000000
class Qos-Company-gateway-critical-traffic
set dscp cs6
police cir 5000000
conform-action transmit
exceed-action set-dscp-transmit dscp table dscp-to-default-000000
class class-default
set dscp default
Endpoint trusted
class-map match-any Qos-CompanyTrusted-RTPOut-Class
match dscp ef
class-map match-any Qos-CompanyTrusted-SignalingOut-Class
match dscp cs3
class-map match-any Qos-CompanyTrusted-gw-crit-traffic
match dscp cs6
!policy-map Qos-CompanyTrusted-Input-Policy
!copy dscp and cos is one for one by default
policy-map Qos-CompanyTrusted-Output-Policy
class Qos-CompanyTrusted-RTPOut-Class !marked media/rtp
!dscp ef
!priority level 1
bandwidth percent 30
!police cir 30000000
! conform-action transmit
! exceed-action drop
class Qos-CompanyTrusted-SignalingOut-Class !marked signalling
!dscp cs3
bandwidth percent 5
! police cir 5000000
! conform-action transmit
! exceed-action drop
class Qos-CompanyTrusted-gw-crit-traffic
!dscp cs6
bandwidth percent 5
! police cir 5000000
! conform-action transmit
! exceed-action drop
class class-default
!dscp default (0)
bandwidth percent 60
int TenGigabitEthernet1/1/3
service-policy output Qos-CompanyTrusted-Output-Policy
int TenGigabitEthernet2/1/3
service-policy output Qos-CompanyTrusted-Output-Policy