Upload
mohammad-asad
View
224
Download
0
Embed Size (px)
Citation preview
8/3/2019 INE QOS
1/17
watch guard-- XPM5 Model
QOS
BW shortagedelay (end-to-end) - fixed or variable
jitterpacket poss
Advanced Qyeuing strategy- MDRR , WFQ , CBWFQ , LLQ- compress payloads- compress headers
Bandwidth versus clock rate
- bandwidth commands is what is reported to process on the router -- bandwith tell the router that i have this much BW on this interface
Latency (delay)- Propogation delay : speed of light in media- serialization delay : clock all bits onto the wire-processing delay : time spent for router to take inout ans move to output interface-packetization delay : turn the data into packets-queuing dealy : variable value : time spent in the queue of the output interfaces
packet loss-common reason
- tail drop- less common
- input quesu due to cpu congestion- ignore - no buffer spacce on router- overrun - congested cpu cannot assign free buffer- frame error - CRC , runt , giant
- effects of packet loss- WRED
- Shaping / policing
VOIP Traffic (ex RTP)-constant bit rate-one way latency appx 150ms-one way jitter - vrattion within 30 ms- one way packet loss 1 %- up to 106 kbps per call- 150 bps & L2 over head per call gor control traffic- these are identical for vidro conferncing except it requires higher bandwidth
-tctp vs udp and icmp
8/3/2019 INE QOS
2/17
- adaptive flows- aggressive flows
- bulk transfer ftp/http-interactive traffic ICA / RDP / telnet
- fragile flows- video traffic
- variable bit rate
- mangement and control plane traffic
Qos implementation methods- cli- MQC (modular qos comamnds)--invented for specially CBWFQ
- class maps- policy maps- service-policy maps
- Auto qos- Cisco works
Input / output quue- both quesus types consume memory chunks from buffer pools- for input queues , one queue per interface , always FIFO ; 75 packets by default- for output queue , there is a software queue and a hardware queue ; the software queue can be FIFO or FANCY Queuing.
Hardware queue- HW queue or transmit ring (TX-ring)typically smaller than software queue ans always FIFO-tx-ring - limit - output hardware queue- hold-queue in out - software queue manipulation
note: Cisco recommend not to use hardware queue coz its always depend on physical interface bandwidth and cisco ios automatically tunes it
QOS models- Best effor -- FIFO- INterServ- RSVP - per hop behavor dependent - hard qos- DifferServ
- classfication- congestion mangement- congestion avoidence-shaping / policing- link Efficeincy
================================
QOS Part 2
8/3/2019 INE QOS
3/17
DiffServ Model-Network recognizes Different calsses and provides different level of qos.- Very Complex
- classfication- marking-congestion management
- congestion avoidance- shaping / policing- link efficiency
ISL trunk- 4 bit user Code field used to carry " class of service " COS marking
802.1Q
- 3 bit priority field used to carry " class of service" of service " COSMarking802.1p
you can have 8 differnet markings under 802.1q
marking binary service level0 00 routinng1 001 priority2 010 immediate3 011 flash4 100 flash override5 101 critical6 110 internetwork control
7 111 network control
you can use marking between 0 to 55 cos is always voice traffic6 & 7 are used by routing so never to use this marking
Frame Realy- 3 bit different bits used in the frame relay header for QOS- FECN - Forward explicit congestion nottification- BECN - Baclward ECN- DE - Discard eligible bit
ATM- CLP bit - Cell Loss priority
MPLS- 3 bit traffic class field
- formely called Experimental bits (for QOS in mpls)
8 bit TOS field in IP Header used for qos
8/3/2019 INE QOS
4/17
IP Precedence- first 3 high-order bits of the type of service byte in the ip header traffic class field
CHART
marking binary service level0 00 routinng1 001 priority2 010 immediate3 011 flash4 100 flash override5 101 critical6 110 internetwork control7 111 network control
Cisco recommends to have atleast 6 to 11 classes with wos designing and implemen
tations
DSCP -- new model of qos
DSCP (Diffserv code point)- first 6 high-order bits of the TOS byte in the header- last 2 bits of TOS byte are for congestion notification
Trust Boundary --- always trsut as close to device level.
DSCP & PHBs ( Per hob behaviour)- Default PHB - 000000- Assured Forwarding ( AF 1 , 2, 3, & 4)- Expedited Forwarding ( EF) - 101110- Class Slector - 101000 (40)
EF PHB- EF (101110)-46- the marking for voice traffic- big confusion point - with assured forwarding code points , the (11 the 5th and 6th bit value ) will indicate HIGH DROP probability - with this class , it means NO DROP.
Assured ForardingAF classes PHB- 100110 ( AF43)-aaadd0 where d is drop probability- the drop probabilities - 01 , 10 , 11 for low medium . high
AF 11 is low drop then AF13
higher in interclasses hogher is better like af31 better than af13but inner class lower is beetter like af11 is better than af13
8/3/2019 INE QOS
5/17
IPV6- the header as a traffic class byte that works just like ToS field with DSCP- there is also a 20bit flow label - transit router do not need to look deep inthe packet to identify the flow....
QOS Groups - Marking type
- used on the local router only!- a way to mark traffic without manipulating the traffic in any way
PHB ( per hop behaviour)
Trust Boundaries- the host or a phone set the qos --- do we traust this marking or not- do we reclassify and remark- ideally- calssify and mark traffic as close as to the source- typically the trust boundary is the device itself- or the access layer- or the distribution layer- typically never the core- ip phone marks the traffic as voice- every network node can respond approproately....
NBAR ( Network based application recognition
- two jobs in the network - qos classification and protocol discovery ( Analysis)- qos calssificaiotn inside the MQC is our : famous : usage ; match protocol- pre-defined definitions in the ios and you can extend then using PDLMS.- NBAR requires CEF- Non-fragmented , non MPLS , IP traffic only- Not supported on etherchannel , logic interfaces , dialer interface , tunneled or encryption .
- Applications that use static TCP & UDP port nuimbers-- App that use dynamic TCP and UDP ports-- NOn tcp & non udp ip protocols , for example ICMP , EIGRP , GRE- ALso - deep packet inspection can be done - for example web traffic carrying ajpg
PDLM - packet definition language modules- upgrades to the builtin definitions of protocols- PDLMs not already in the IOS are non-native
Custom Define Custom protocls- you can add your own protocols- they can be refernced in the match protocol and port-map syntax
# ip nbar custom MyAPP 8 ascii SAMPLE tcp range 2000 2999
8/3/2019 INE QOS
6/17
Pre-classification- qos for use with GRE and IPSEC Vpns- An encrypted packet header cannot be read for the QOS marking
ToS Byte preservation- ipsec duplicated the original ToS byte into the new encrypted packets header.- Qos mechanism sess the header and ToS byte just like normal
- Since 11.3T - this even works with GRE/ IPSEC tunnels- ToSbytt copied into GRE header , then into the ipSEC header.- This is not ToS Byte preservation feature- this allows for qos calssification based on more than just the ToS byte
- A clone is created of all original packet headers ; then the clone is used forqos on the output interface.- cloned header never leave the local router- GRE & IPSEC are supported- Due to performance enhancements recommended even when all you want to see is ToS byte.
QPPB- qos policy propogation via BGP- Allows Packet classifcation usiong access lists , BGP community listes and BGPAs paths- required CEF
--> E.g- BGP routes coming from AS 200 will be marked with a special community
value 0f 100:11 ingress at R1- R1 will send these values to R2- R2 is configured to set the IP precedence for the AS200 Prefixes
Mechanics- encode a value using the BGP coomunity , AS path , prefix , other BGP attribute.- translate the attribute into the either ip precednece or qos group.- we use this feature to propogate qos policy for source or destination in the network.
FLOWS#
1-FIFO2-WFQ-sort traffic into conversation , this is automatic --we cnanot contorl- dedicated queue for each flow- allocate BW fairly- Use ip precedence to provide our managed unfairness
- fair ---interactive flows (based on packet size) can be placed at front of sogtware queue- high volume talker willnot monopolize the interface
What is Flow?- the router can identify using thing like
- sourve / dst
8/3/2019 INE QOS
7/17
- port number- Tos- Src /Dst ports
- note the a flow is unidirectional- parameted used for hash algorithn that is used as the index for the queue
how many queues are used.?- 8 for system packets- up to 1000 for RSVP- number for Diffserv flows is based on BW- - less than 64k - 16
- more than 512 k - 256- one issue - flows can end up in same
queue =----- probability is 15% for 5 concurrent flows and 64 queues..
WFQ DROP- CDT ( congestive discard threshold )controls early dropping of packet from the most aggressive flows
- the HQO ( Hold queue out ) limit controls the maximum packets in the WFQ system- Note : The ip presedence has no effect on the dropping strategy.
Weight in WFQ- weight is calculated from ip precedence- lowest :finish times" are chosen first to transmit , finish time is a factor of :
- packet length- ip precedence
WFQ pros and cons ( No control when Congestion occurs on priority traffic)- prossimplesupported almost everywhereprevents aggresive flows from starving othersbetter than nothing- Consmultiple flows in one queueno contorl
WFQ can be default- WFQ is the default on physical interface less than 2MB- also interface configured on Multilink PPP
CBWFQ Overview ( also known as low latency queueing)
- WFQ on STEROIDS!- remeber what CB always tell us .... MQC- support for user defined traffic classes
8/3/2019 INE QOS
8/17
- Gurantee at least a certian amount of bandwidth for traffic classes
Why is it the ultimate?
PQ - sure voice quality rocks - but at the risk of queue starvation
CQ - voice suffers from delay
- WFQ- come on - too fair- All legacy methods are rough with the per-interface cli config- CBWFQ and its extension method - LLQ are the ultimate
CBWFQ Scheduling- like the predecessor ; weights are key
- weight are definedbw in kbps% of bandwidth% of remaining availble BW
- you cannot mix approach
pros & cons- voice traffic can still suffer from too much delay
LLQ = CBWFQ + PQPQ is policied
LLQ= CBWFQ + PQ
use Voice bandwidth calculator
====================
QOS 4
-> Congestion Avoidance ( Tail DRops)
--> TCP Sender- Adaptive flows- start sending few packets - then increase exponentially- if there is issue with ACK - TCP slow start kicks-Think about tail drop in relation to this can cause global synchronizat
ion
RED ( Random early Detection)- tail drop can be avoided
- prevent the ocngestion in the first place- randomly drop packets before the queue reaches capacity- increase the drop rate as the queue gets more full
8/3/2019 INE QOS
9/17
- random drops prevent global sync
RED Profiles- Minimum threshold- when the average queue hits this or goes above - ra
ndom drops start- maximum threshold - tail drop- mark probability denominator
OVerview:
shaping - queues excess packets to say under a certain ratepolicing - drops the packets if excess from the defined BW
WHy police?>- fat access is available , but not needed- limit rate of certian apps or traffic calsses- to mark down excedding traffic
WHy shaping?
-to prevent congestion in the wan where as asymetric BW exists- to match the CIR
POlicing Vs Shaping- policing
- ingress & Egree- drop or remark-- less buffer usage
- Shaping- egress only- queue ( Buffer)
- Support frame congestoin indicators
Compression- TCP header and CB TCP header compression
- compress the IP and TCP header & RTP header ; 40 bytes down to 2 or 4bytes
- reduce delay increase BW- Uses for voice
LFI ( Link Efficiency information)- multilink PPP with interleaci
software queue---> TxRingLLQ------> FIFO
Cisco swtches has their own qos mechnism for each type of switch
8/3/2019 INE QOS
10/17
layer 2 switches Example given below:e.gEngress INterfaces4Q1P3Tmeanings4--> queus
1 --> priority queue3 --> drop thresholds
RR ( Round Robin )MDRR( Modified Deficied RR)WRRSHRR
Note : Read the switch documentation before applying the QOS mechnism
mls qos --> multilayer qos
8/3/2019 INE QOS
11/17
8/3/2019 INE QOS
12/17
8/3/2019 INE QOS
13/17
8/3/2019 INE QOS
14/17
8/3/2019 INE QOS
15/17
8/3/2019 INE QOS
16/17
8/3/2019 INE QOS
17/17