Deploying Quality of Service for Converged Networks
Transcript of Deploying Quality of Service for Converged Networks
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
111© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
2© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Deploying Quality of Service for Converged Networks
Session RST-2081
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
333© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Agenda
• Introduction
• Deployment Guide
• Monitoring QoS
• Case Studies
• Summary and References
444© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Motivation behind QoS
• Applications are sensitive to delay, jitter and packet loss
• There are non-adjustable components (e.g. propagation delay, switching delay, CRC errors)
• There are adjustable components associated with link congestion (buffering delay andpacket loss)
• Some congestion is likely in most networks
• Over-provisioning is NOT the solution
• Always good to carry an “insurance” policy
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
555© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Congestion Scenarios
CECE CECE
2 Mbps2 Mbps 1 Mbps1 Mbps
Speed MismatchSpeed Mismatch
1 Mbps
1 Mbps
1 Mbps
1 Mbps
1 Mbps
4 Mbps
Traffic Aggregation
CECE CECE
CECE
1 Mbps1 Mbps 1 Mbps1 Mbps
1 Mbps1 Mbps
Traffic AggregationTraffic Aggregation
666© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Time1 2 3 4 5 6 7 8 9 10 11 12 1 2 3
Time1 2 3 4 5 6 7 8 9 10 11 12 1 2 3
100%
Time1 2 3 4 5 6 7 8 9 10 11 12 1 2 3
Link Utilization
QoS Applicability
• Link over-provisioned
• May not be cost effective
• No QoS required but asafety net
100%
Link Utilization
100%
Link Utilization
• Transient congestion
• QoS most useful
• Link highly over-subscribed
• QoS somewhat useful but more bandwidth required
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
777© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Traffic Classification and Conditioning
Classification/Marking/Policing
Per-Hop Behavior
Queuing/Dropping
Ingress Node
Interior Node
Egress Node
TCBPHB
PHBTCBPHB
Differentiated Services Architecture(RFC 2274, RFC 2275)
888© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Per-Hop Behaviors (PHB)
• Expedited Forwarding (EF)
Building block for low delay/jitter/loss
Served at a certain rate with short/empty queues
• Assured Forwarding (AF)
High probability of delivery if profile is not exceeded
Four classes and three levels of drop precedence
Specific resources (BW, buffer space) allocated to each class at each node
• Best Effort (BE)
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
999© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Integrated Services Architecture(RFC-2210, 2211,2212,2215)
• Preserve the end-to-end semantics of IP for QoS
• Key end-points are the Senders and the Receivers
• Applications request desired service from the network for a set of Microflows
• Benefits of IntServ/RSVP
Fairly automatic—only need to provision RSVP bandwidth on the interface
Integrates well with a policy infrastructure
• Disadvantages of IntServ/RSVPState and signalling overhead for large networks Constant refresh messages
Imagine a Custom Postal Service for You!!
101010© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Handset
PBX
Cisco7200
Multimedia Server
MultimediaStation
Handset
Cisco 3600
Reserve 16KBW on this Line
I Need 16KBW and
100 msec Delay
This App Needs16K BW and
100 msec Delay
Integrated Services Architecture (Cont.)—The 3 Components of IntServ
• Specification of What Sender is Sending: (Rate,MTU,etc.)—The TSpec
• Specification of What the Receiver Needs: (Bandwidth,Path MTU, etc.)—The RSpec
• Specification of how the Signalling is done to the Network by the Sender and the Receiver:
RSVP is the Signalling Protocol for IntServ (Resource ReSerVation Protocol)
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
111111© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
IntServ/DiffServ Integration
• Supported on Cisco 2600, 36xx, 7200, and 7500 Series Routers
RSVP Installed on Interface
RSVP Installed Only to do Admission Control
CBWFQ Performs Classification, Policing
and Scheduling Core Routers Operate in a
DiffServ Domain
RSVP Installed on Interface
IntServ IntServDiffServ
121212© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Agenda
• Introduction
• Deployment Guide
• QoS Management
• Case Studies
• Summary and References
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
131313© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Five Steps to a Successful QoS Deployment
• Step 1: Identify application requirements—business priority and classification
• Step 2: Define policies
• Step 3: Test policies
• Step 4: Implement policies
• Step 5: Monitor and adjust
141414© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Deployment GuideStep 1: Identify Application Requirements
• Importance of an application to the customerWhat applications are considered “mission critical”?
• Network resources to meet needs of an applicationNetwork delay, delay variation, drop
• Derived from application propertiesApplication performance/quality requirements
Properties of the underlying transport protocol stack
• Applications with different properties/requirements should be queued separately
• Understand exhibited behaviour vs. expected behaviour
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
151515© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Deployment GuideStep 2: Define Policies
• Network topology and traffic flow
• Capacity of your network devices (CPU, software, etc.) and network links (speeds, overhead, congestion, etc.)
• Bottleneck and non-bottleneck links
• Trusted and untrusted sources
• Layer 2 vs. Layer 3 service model
• We will discuss about this in detail…
161616© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Deployment GuideStep 3: Test Policies
• Test QoS policies in the lab first
• Test policy in a small portion of the production network
• Run baseline tests with and without QoS under congestion conditions
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
171717© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Deployment GuideStep 4: Implement Policies
• Classify as close to the edge as possible
• Police and mark as early as possible
• Work toward your core applying inbound/outbound policies
• Phased deployment—apply your policies incrementally
• Be judicious in policy application (e.g. trivial traffic from branch to hub)
181818© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Deployment GuideStep 5: Monitor and Adjust
• Measure delay and loss fordifferent classes (e.g. SAA)
• Monitor application performance
• Adjust policies where necessary
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
191919© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Head Office
Branch
WAN Edge
Server Farm
SP Cloud
CE
CE
SiSi
SiSi
Consider the Following Network Topology
Deploying QoS End-to-End across the Network
Speed and Duplex SettingsSpeed and Duplex SettingsClassification/trust on Classification/trust on IP Phone and IP Phone and Access SwitchAccess SwitchMultiple Queues on Multiple Queues on Access PortsAccess Ports
QoSQoS——Campus AccessCampus Access
Layer 3 Policing, MarkingLayer 3 Policing, MarkingMultiple Queues on Multiple Queues on All Ports; Priority All Ports; Priority Queuing for VoIPQueuing for VoIPWRED within Data WRED within Data Queue for Congestion Queue for Congestion ManagementManagement
Capacity PlanningCapacity PlanningQueuingQueuingWREDWRED
QoSQoS——Campus DistributionCampus Distribution
Define SLADefine SLAClassification, MarkingClassification, MarkingLowLow--Latency QueuingLatency QueuingLink Fragmentation Link Fragmentation and Interleavingand InterleavingWRED and ShapingWRED and Shaping
QoSQoS——WAN EdgeWAN Edge QoSQoS——SP CloudSP Cloud
202020© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Head Office
Branch
WAN Edge
Server Farm
SP Cloud
CE
CE
SiSi
SiSi
Let us talk about the Access and Distribution Layers
Consider the Following Network Topology
Speed and Duplex SettingsSpeed and Duplex SettingsClassification/trust on Classification/trust on IP Phone and IP Phone and Access SwitchAccess SwitchMultiple Queues on Multiple Queues on Access PortsAccess Ports
QoSQoS——Campus AccessCampus Access
Layer 3 Policing, MarkingLayer 3 Policing, MarkingMultiple Queues on Multiple Queues on All Ports; Priority All Ports; Priority Queuing for VoIPQueuing for VoIPWRED within Data WRED within Data Queue for Congestion Queue for Congestion ManagementManagement
QoSQoS——Campus DistributionCampus Distribution
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
212121© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
QoS in the Campus, Access and DistributionIs it Required?
• “Buffer management is as important as bandwidth management”
• Delay is not an issue, but delay variation (jitter) is
• Multiple queues are required on all interfaces to prevent TX buffer congestions and packet drops
• Just throwing more bandwidth in the LAN will not solve the problem
222222© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
QoS in the Campus, Access and Distribution
• Trust Boundary Settingsuntrusted, trust-cos, trust-ipprec, trust-dscp, trust-ext
• Port Based Marking or Remarking for unmarked/untrusted traffic
• CoS to DSCP and DSCP to CoS Mapping
PC VLAN
Desktop PC
802.1Q Trunk with 802.1p Layer 2 CoS
802.1Q Trunk with 802.1p Layer 2 CoS
Native VLANNative VLAN
CoS 0
CoS 5
Auxiliary VLAN
IP Phone
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
232323© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
QoS in the Campus, Access and Distribution—Output Scheduling
• Up to four transmit queues
• Assign traffic to queues based on CoSStrict Priority Scheduling (SPS) or Weighted Round Robin (WRR) scheduling
• Configure queue size and weights
• Configure buffer size and threshold parameters for WRED
• Use policing to protect the uplink from over-subscription
Queue Mgr
WRR/SPQueue Scheduler
Queue 2Queue 2Queue 1
VoiceVoiceDataWeighted Round Robin or
Strict Priority Queuing Enabled for Scheduling
between Queues
Weighted Round Robin or Strict Priority Queuing Enabled for Scheduling
between Queues
242424© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Head Office
Branch
WAN Edge
Server Farm
SP Cloud
CE
CE
SiSi
SiSi
At the WAN Edge (CE/PE)
Consider the Following Network Topology
Classification, MarkingClassification, MarkingLowLow--Latency QueuingLatency Queuing
Link Fragmentation Link Fragmentation and Interleavingand Interleaving
WRED and ShapingWRED and ShapingSLA DefinitionSLA Definition
QoSQoS——WAN EdgeWAN Edge
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
252525© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Define Policies Enterprise Network with Traditional L2 Service
• SP sells layer-2 service
• Point-to-Point SLA from SP
• Enterprise WAN likely to get congested
• IP QoS required for VVD integration
• SP not involved in IP QoS
Site 2 Site 3
SP Cloud
Frame RelayATMPPP
Site 1CE
CECE
262626© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Identifying Applications (CE–PE Edge)Classification and Marking
• Marking—setting a value in the frame (Layer2) or packet (Layer3)
Packets marked in the edge for purpose of classification in the core
• Examples of some classification criteriaIncoming interface or FR DLCIStandard or Extended source/destination access list
DSCP or IP precedence valueLayer 3 packet lengthNBAR
VersionLength Len ID Offset TTL Proto FCS IP-SA IP-DA Data
ToS1 Byte
077 12233445566
IP Precedence
DSCP
Flow Controlfor DSCP
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
272727© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Identifying Applications (CE–PE Edge)NBAR RTP Payload Type Classification
• Eases classification of voice and video traffic
VoIP, streaming/real-time video, audio/video conferencing, fax over IP
• Distinguishes between RTP packets based on payload type and CODECS
• Removes dependencies on UDP Port Range and DSCP markings
• Support introduced in 12.2(8)T
match protocol rtp [audio | video | payload-type payload-string]
NEW
96–127Dynamic
4G.723 (Audio)
0 (mu-law) 8 (a-law)G.711 (Audio)
15G.728 (Audio)
18G.729 (Audio)
9G.722 (Audio)
2G.721 (Audio)
14 (Audio), 32 (Video), 33 (A-V)
MPEG-1 (A/V)
MPEG-2 (A/V)
31H.261 (Video)
Payload TypeCODEC
282828© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Identifying Applications (PE)Packet Length (L3) Based Classification
• Light-weight method of ensuring EF service on low-speed access
Large data packets invading LLQ cause delay
• Determine packet size distribution on various links
• SPs often want to restrict the uploads but allow practically unlimited downloads
Small TCP ACK Packets going upstream should not be dropped
• Supported on 7500, 7200 and lower end platforms from 12.2(13)T
match packet length min <n> max <m>
NEW
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
292929© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
768 kbps
Remote SitesT1
CentralSite
Frame Relay, ATM
128 kbps
256 kbps
512 kbps
T1
Buffering which will cause delayand eventually dropped packets
The Need for Traffic Shaping
1. Central to remote site speed mismatch2. To avoid remote to central site over-subscription3. To prohibit bursting above committed/subscribed rate
303030© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Voice Adaptive Traffic Shaping
• Allows customers to burst when no voice is present
• Decreases VC queuing delay at FR switches by reducing the sending rate to minCIR when voice is detected; return to CIR when voice is not present
• Avoid fragmentation if we do not detect voice packets
• Support introduced in 12.2(15)T
NEW
frame-relay fragmentation voice-adaptive deactivation 50map-class frame-relay voice_adaptive_classframe-relay adaptive-shaping voice deactivation 50
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
313131© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
The Need for Congestion Management (Queuing)
• Under congestion—who gets what share of the available bandwidth?
• Examples: CBWFQ, LLQ
Outbound PacketsOutbound PacketsSchedulerScheduler
Packets inVarious Queues
Packets inVarious Queues
323232© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Priority Percentage Support for Low Latency Queuing (LLQ)
policy-map Multiserviceclass VoIPpriority percent 10
class businessbandwidth remaining percent 30
class class-defaultbandwidth remaining percent 20
No 75%Rule
policy-map Multiserviceclass VoIPpriority percent 10
class businessbandwidth percent 30
class databandwidth percent 20
75% Rule
Same Policy Map Can Be Applied to Multiple Interfaces and Interfaces with Varying Bandwidth (MLP Bundles, Dialer)
Supported Introduced in 12.2(2)T
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
333333© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
The Need for Congestion Avoidance
• Dropping can occur in the edge or core due to policing or buffer exhaustion
• If a queue fills up, all packets at tail end of queue get dropped—called tail-drop
• Tail-drop results in simultaneous TCP window shrinkage of large number of sessions, resulting in “global synchronization”
• WRED enables intelligent packet drop decision when average queue depth exceeds a minimum threshold
343434© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Weighted Random Early Detection—Explicit Congestion Notification
TOS Octet
Source Destination
IP Packet
1111
TCP Ack11
ECNEchoECNEcho
ECTbit
ECTbit
CEbitCEbit
11Congestion Experienced
01ECP Capable Transport
10ECN Capable Transport
00Non ECN-Capable
Short web transfers and low bandwidth Telnet prefer not to wait for TCP retransmit timer to expire
WRED ECN Supported on Cisco 800, 1400, 1600, 1751, 3600, 3700, and 7000 Series Routers From 12.2(8)T
NEW
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
353535© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
The Need for RTP Header Compressionon Slow Speed Links
PROBLEM: Header = 2 X Payload
19.5 kbps28 Kbps20 kbpsG.729A at 33 pps
25.6 kbps42.4 Kbps26.4 kbpsG.729A at 50 pps75 kbps84 Kbps75.5 kbpsG.711 at 33 pps
81.6 kbps106 Kbps82.4 kbpsG.711 at 50 pps
Frame Relay4 Bytes of Header
ATM53 Bytes Cells witha 48 Byte Payload
PPP6 Bytes of Header
CODEC
BENEFIT: Reduction in Voice Bandwidth Requirement
10 kbps14.Kbps10.5 kbpsG.729A at 33 pps
11.2 kbps21.2 Kbps12 kbpsG.729A at 50 pps65.5 kbps56 Kbps66 kbpsG.711 at 33 pps
67 kbps84.8 Kbps68 kbpsG.711 at 50 pps
Frame Relay4 Bytes of Header
PPPoATM53 Bytes Cells witha 48 Byte Payload
PPP6 Bytes of Header
CODEC
363636© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
10mbps Ethernet 10mbps Ethernet
VoiceVoice 1500 Data Bytes1500 Data Bytes VoiceVoice VoiceVoice 1500 Data Bytes1500 Data Bytes VoiceVoice VoiceVoice 1500 Data Bytes1500 Data Bytes VoiceVoice
~214ms Serialization Delay~214ms Serialization Delay
Voice Packet60 bytes
Every 20 ms
Voice Packet60 bytes
Every >214 ms
Voice Packet60 bytes
Every >214 ms
Benefit: Reduce the Jitter in Voice CallsBenefit: Reduce the Jitter in Voice Calls
Problem: Large Packets “Freeze Out” VoiceProblem: Large Packets “Freeze Out” Voice
The Need for Fragmentation and Interleaving on Slow Speed Links
• Implemented via Multilink PPP (MLP) over FR, ATM, and leased lines • Fragments are interleaved with the real-time packets, reducing the
serialization delay experienced by voice packets
56kb WAN
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
373737© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Define a Per Hop Behavior (PHB)Condition Traffic Entering/Exiting the Network (TCB)
Define PoliciesPutting It All Together…
Real-Time InteractiveReal-Time Interactive
Real-Time StreamingReal-Time Streaming
InteractiveInteractive Background and Bulk
Background and Bulk
PolicingPolicing
DroppingDropping
QueuingQueuing
MarkingMarking
Best EffortBest Effort
EFEF AF3xAF3x AF2xAF2x AF1xAF1x DefaultDefault
Priority 512
Priority 512
Tail DropTail Drop
Bandwidth Percent 25Bandwidth Percent 25
Tail DropTail Drop
Bandwidth Percent 20Bandwidth Percent 20
DWREDDWRED
Bandwidth Percent 10Bandwidth Percent 10
DWREDDWRED
AvailableAvailable
DWREDDWRED
512k512k 256k256k 128k128k 128k128k NoneNone
For Example:
383838© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Define Policies (Cont.)Enabling QoS in the WAN Edge (CE–PE)
• Use LLQ on all WAN interfaces in an AVVID networkVoice (DSCP=EF) é LLQVideo conferencing (DSCP=AF41) Call control (DSCP=AF31) Streaming video (DSCP=AF11)
• Traffic shaping is required for all FR and ATM links• MLP encapsulation to enable CRTP and LFI on low speed
ATM and ATM/FR links• VC bundling in case of multiple VCs between 2 destinations
QoS-EnabledWAN
General Guidelines
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
393939© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Head Office
Branch
WAN Edge
Server Farm
SP Cloud
CE
CE
SiSi
SiSi
Capacity PlanningCapacity PlanningQueuingQueuingWREDWRED
QoSQoS——SP CloudSP Cloud
But…You Could Be Buying a Layer 3 Service
Consider the Following Network Topology
404040© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Define PoliciesEnterprise Network with IP Service
• Customer buys layer-3service from SP
• Point-to-Cloud SLA from SP for conforming traffic
• Enterprise WAN likely to get congested
• SP involved in IP QoS
• Any site can transmit up to ICR into the cloud
• Any site can receive up to ECR from the cloud
Service Provider
PE
PE PE
ICR256kICR256k
ECR512KECR512K
ECR—Egress Committed RateICR—Ingress Committed Rate
ICR768kICR768k
ECR512KECR512K
ICR512kICR512kECR
512KECR512K
Site 2 Site 3
Site 1
CECE
CE
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
414141© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Define Policies (Cont.)Know the SLA Offered by Your SP
• SLA typically includes between 3 and 5 classes
• Real-time traffic gets fixed bandwidth allocation
• Data traffic gets variable bandwidth allocation with minimum guarantee
• Frequently, bandwidth allocations defined as percentage of sub-rate (e.g. PVC CIR, shaped rate)
• Additional classes not visible to customer may exist at the edge (e.g. management/control traffic)
SLA per PVC/VLAN
SLA per Interface (Possibly Sub-Rate)
Physical BandwidthPhysical
Bandwidth
Physical BandwidthPhysical
Bandwidth
424242© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
The Need for Traffic Policing
• Restrict traffic class to certain rate, so that packets exceeding/violating contract can be remarked to a different DiffServ class or dropped
• RFC 2697: A single rate three color markerMark conforming traffic to low drop priority, mark exceeding traffic with high drop precedence, and drop violating traffic
• RFC 2698: A two rate three color markerNeed to enforce peak rate for a service separately from a committed rate, modeling the FR concept in pure IP networks
• Color Aware Policer support from 12.2(7th)T
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
434343© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Two Rate Three Color Policer –How does it work ?
NEW
444444© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
PEPEManagedCE
ManagedCE
PEPEUnmanagedCE
UnmanagedCE
Managed CEManaged CE Unmanaged CEUnmanaged CE
At the CE PE EdgeTraffic Leaving the Enterprise Network
• Output QoS policy on CE controlledby SP
• SP enforces SLA using the outputQoS policy on CE
• Output policy uses queuing, dropping and optionally, shaping
• Elaborate traffic classification or mapping of existing markings
• Slow links require LFI/cRTP
• Output QoS policy on CE controlled by customer
• SP enforces SLA using input QoS policy (policing) on PE
• Customer defines output policy with queuing, dropping, shaping based on business priorities
• Elaborate traffic classification or mapping of existing customer markings on PE router
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
454545© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
PEPEManagedCE
ManagedCE
PEPEUnmanagedCE
UnmanagedCE
Managed CEManaged CE Unmanaged CEUnmanaged CE
At the CE PE Edge (Cont.)Traffic Leaving the Enterprise Network
CE
Output PolicyClassification/ Marking/Mapping
LLQWRED
[Shaping]
[LFI/cRTP]
PE
Input Policy<Not required>
CE
Output PolicyClassification/ Marking/Mapping
LLQWRED
[Shaping]
[LFI/cRTP]
PE
Input PolicyClassification/ Marking/Mapping
Policing
464646© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
PEPEManagedCE
ManagedCE
PEPEUnmanagedCE
UnmanagedCE
Managed CEManaged CE Unmanaged CEUnmanaged CE
At the CE PE Edge (Cont.) Traffic Leaving Service Provider Network
• SP enforces SLA using the outputQoS policy on PE
• Output policy uses queuing, dropping and optionally, shaping
• Slow links require LFI/cRTP
• No input QoS policy on CE needed
• SP enforces SLA using the outputQoS policy on PE
• Output policy uses queuing, dropping and optionally, shaping
• Slow links require LFI/cRTP
• Input QoS policy on CE irrelevant
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
474747© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
At the CE PE Edge (Cont.) Traffic Leaving Service Provider Network
CE
Input Policy
<Not needed>
PE
Output Policy
LLQ
WRED[Shaping]
[LFI/cRTP]
CE
Input Policy
<Irrelevant>
PE
Output Policy
LLQ
WRED[Shaping]
[LFI/cRTP]
PEPEManagedCE
ManagedCE
PEPEUnmanagedCE
UnmanagedCE
Managed CEManaged CE Unmanaged CEUnmanaged CE
484848© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
PE-1 PE-2
CE-2
CE-1
CE-3
In-prof=30 KbpsOut-prof = 0
In-prof=30 KbpsOut-prof = 900 Kbps
In-prof=30 KbpsOut-prof = 930 Kbps with DE/CLP
CIR=30KbpsCIR=30Kbps
Enterprise Network with IP ServiceEgress Commit Rate (ECR)
• Customer problemsBuy CIR per Class (IN-PROFILE)
Data Class can burst to Aggregate Rate AR (OUT-PROFILE)
• Provider problemsGuarantee only IN-PROFILE traffic per class
OUT-PROFILE traffic transported with no commitment
Customer does not want to be policed
Due to TCP burstiness, OUT-PROFILE always happens
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
494949© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Enterprise Network with IP Service—ECR and Three-Level Hierarchical Policer
• IN PROFILE SLA guaranteed, extra IN-PROFILE re-colored to OUT-PROFILE, SAA traffic should not be re-colored
• DELAY/DROP for IN-PROFILE not impacted by extra IN-PROFILE
• OUT-PROFILE is controlled by WRED
• Three level hierarchical policy needed to implement this solution
Aggregate Shaper at parent level
Minimum bandwidth guarantees and WRED at child level
At the third level we exclude SAA packets and mark the EXTRA IN PROFILE traffic as OUT PROFILE and set the ATM-CLP bit
• Support introduced in 12.2(15)T
NEW
505050© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Define PoliciesService Provider Backbone (P to P)
PE
PE
Service Provider
PE
P
P
P
• QoS complexity resides at the edge
• Backbone only deals with classes
• Over-provisioning sometimes touted as best alternative
ExpensiveDOS attacksFailure conditionsPlanning mistakesUnexpected traffic demandSP cannot generally solve end-to-end QoS for customers with over-provisioning
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
515151© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Define PoliciesService Provider Backbone (P to P)
• SP implements SLA using output QoS policy
• Subset of classes may be used
• Typically, 2 or 3 classes (real time, business, BE)
• Output policy uses queuing and dropping
LLQ and WRED
P/PEP/PE
Backbone NodeBackbone Node
525252© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Agenda
• Introduction
• Deployment Guide
• QoS Management
• Case Studies
• Summary and References
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
535353© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
The QoS Management Circle
Classif
y
Classif
y Monitor
Monitor
Adjust
Service Levels
545454© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Understand Application NeedsUnderstand Application Needs
Construct a QoS Policy (Queuing, Dropping, Signaling, etc.)Construct a QoS Policy (Queuing, Dropping, Signaling, etc.)
Test the QoS Policy (Lab, Portion of Network)Test the QoS Policy (Lab, Portion of Network)
Adjust and Implement a QoS PolicyAdjust and Implement a QoS Policy
Monitor Key Network Hotspots!
↑
Monitor Key Network Hotspots!
↑
Remember the Five Steps to Deploying QoS?
Management Management TasksTasks
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
555555© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Adjust and Implement a QoS Policy
Problem:
1. How did the QoS Policy help the applications?
2. Which classes are causing or still having problems?
Cisco Solution:
1. Cisco IOS® Service Assurance Agent (SA Agent)Monitor Drops, Drop Rate, Delay, Jitter, etc.
2. Compare ‘Pre-QoS’ and ‘Post-QoS’ parameters to know effect of QoS!
3. Cisco IOS Class-Based QoS MIB (CBQoSMonMIB)Information on each interface/PVC where QoS is configured
Per class Bit Rate, Drop Rate, Feature Counters, etc.
565656© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Adjust and Implement a QoS Policy (Cont.)
Customer Problem:
• Make it “simpler, cheaper and faster”1. Consistency of CLI and semantics across interfaces
and devices
2. Simple tool to store QoS Policies and provision large networks
Cisco Solution:1. The Modular QoS CLI (MQC)
2. Cisco AutoQoS3. For Enterprises, Cisco QoS Policy Manager (QPM)
4. For Service Providers, Cisco ISC (Solutions Center)
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
575757© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Monitor Key Network Parameters
Customer Problem:
• To keep QoS tuned to deliver the best possible results for the applications/users, we need the same tools as in “adjusting” the test QoS policies, but on a wider scale
Solution:
• Cisco IOS SA Agent, CBQoSMonMIB and NBAR PD MIB work hand-in-hand
• Front-end applications to these infrastructure components
CiscoWorks Service Management Solution (SMS)
Infovista IV Suite
Concord e-Health
585858© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
More on the Cisco QoS Management Tools
Let us talk a little bit about these tools…1. Service Assurance Agent
2. Cisco Class-Based QoS MIB
3. NBAR Protocol Discovery MIB
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
595959© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Service Assurance Agent (SAA)
• Is the packet loss acceptable?
• What is the network latency?
• Are the network applications performing well?
• Can you monitor Service Level Agreements?
SAASAA
Provides Active Monitoring of Network Infrastructure
Voice
VideoE-Learning
Cisco IOS
606060© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Service Assurance Agent (SAA)—Measuring the Network
• Active Traffic Generation within Cisco IOS®
using SAA ProbesMonitor network performance and health
Test and troubleshoot network problems
• Measurement of key end-to-end network metricsNetwork Delay
Packet Loss
Network Delay Variation (jitter)
Connectivity
History and distributions of network statistics
• Scheduling of packet streams and threshold violation notification
• Across the board support for most Cisco IOS devices
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
616161© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
More on the Cisco QoS Management Tools (Cont.)
Let’s Talk a Little Bit about These Tools…1. Service Assurance Agent
2. Cisco Class-Based QoS MIB
3. NBAR Protocol Discovery MIB
626262© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Class-Based QoS MIB (CBQoSMonMIB)
• Primary accounting mechanism for MQC-based QoS
• Statistics for active MQC configuration on a per-policy/per-interface or PVC basis
• Monitor pre- and post- policy bit ratesFor example, “How many packets are being dropped or marked?”
• Read access only, no SNMP configuration
• Support introduced in 12.1(5)T
Pre Policy Post Policy Pre- Post
Bronze
Silver
Gold
BronzeSilver
GoldBronzeSilver
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
636363© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Class-Based QoS MIB Table
packets and bytes statistics per class
packets per matching criteria
class based policer statistics
Class queuing statistics per policy
Traffic shaping statistics
WRED packet counters on a per DSCP/Precedence basis
cbQosClassMapStats
cbQosMatchStmtStats
cbQosPoliceStats
cbQosQueueingStats
cbQosTSStats
cbQosREDClassStats
DescriptionTable
646464© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Baseline Monitoring and QoS Policy Validation Using CBQoSMonMIB and QPM
• Monitor per DiffServ class CBQoSMIB enables monitoring of all traffic on a per class basis
• Validate QoS deploymentQPM reads the detailed QoS statistics provided by CBQoSMonMIB
Headquarters
Cisco Router
Cisco 7200
CallManagerCluster
Remote Office
MarkMark
Cisco QPMCisco QPMSwitch
RouterMonitorMonitor
WAN
ApplicationServer
NAM
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
656565© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
More on the Cisco QoS Management Tools (Cont.)
Let’s Talk a Little Bit about These Tools…1. Service Assurance Agent
2. Cisco Class-Based QoS MIB
3. NBAR Protocol Discovery MIB
666666© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Cisco NBAR Protocol Discovery MIB
BENEFITS
• Real-time statistics on applications
• SNMP MIB support
• Per-interface, per-application, bi-directional (input and output) statistics:
Bit rate (bps)
Packet counts
Byte counts
Support introduced in 12.2(15)T
NEW
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
676767© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Cisco NBAR Protocol Discovery Statistics
router# sh run int fa6/0!interface FastEthernet0/0ip address 10.0.147.3 255.255.255.0ip nbar protocol-discovery
end
Router# show ip nbar protocol-discovery interface FastEthernet 6/0FastEthernet6/0
Input Output Protocol Packet Count Packet Count
Byte Count Byte Count 5 minute bit rate (bps) 5 minute bit rate (bps)
------------------------ ------------------------ ------------------------http 316773 0
26340105 0 3000 0
pop3 4437 7367 2301891 339213 3000 0
snmp 279538 14644 319106191 673624 0 0
ftp 8979 7714 906550 694260 0 0
…Total 17203819 151684936
19161397327 50967034611 4179000 6620000
686868© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
CISCO-NBAR-PROTOCOL-DISCOVERY-MIB Tables
Tables Listed in Order They Are Listed in the MIBCISCO-NBAR-PROTOCOL-DISCOVERY-MIB (CNPD-MIB)
rising/falling trap
NBAR enable/Time
All NBAR by interface
Top N table config by interface
Top N table statistics
Protocol threshold configuration
History of falling rising events
Enable traps
List of all protocols supported
cnpdMIBNotifications
cnpdStatus
cnpdAllStats
cnpdTopNconfig
cnpdTopNstats
cnpdThresholdconfig
cnpdThresholdhistory
cnpdNotificationsconfig
cnpdSupportedProtocols
DescriptionTable
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
696969© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Cisco NBAR Protocol Discovery Thresholds and Traps
• User can set thresholds on individual protocols on an interface, or on a statistic regardless of protocol
Thresholds for any combination of supported protocols/and or all protocols
• Configurable statistic typesInterface in, out and sumBytes, Packets, and Bit rate
• If the threshold is breached, the information is stored for prolonged period of time
• A notification (Trap) is generated and sent to the user with a summary of threshold information
707070© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Headquarters
Cisco Router
Cisco 7200
CallManagerCluster
Remote OfficeWAN
ApplicationServer
NAM
Baseline Monitoring on a per Application Basis Using Cisco NBAR PD MIB
• Focus on top/critical 5 to 10 applications Identify apps by filter (IP addr, port, protocol, NBAR)
See traffic by top applications before QoS deployment
• Analyze remote site activityWhat does business critical traffic throughput look like on remote router interface?
ManagementApplication
ManagementApplication
SAPCustom appVoIPE-mail
Remote Router InterfaceRemote Router Interface
View Statistics for Top Applications
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
717171© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Agenda
• Introduction
• Deployment Guide
• QoS Management
• Case Studies
• Summary and References
727272© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Case Studies
• Large Enterprise Deployment
Voice, Video, Bulk and Best Effort
• QoS for VoIP
Accelerated deployment via Cisco AutoQoS
• Site-to-Site VPN
QoS for an enterprise running IPSec VPN end-to-end through a SP network
• Enterprise Network with IP Services
QoS end-to-end through a SP network selling IP Services
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
737373© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Large Enterprise Deployment—Description
• Large multinational company based in US with more than 400 offices across 3 continents
• All circuits are high-speed OC-3, DS3 or E3
• Large converged network with business critical ERP applications, web, voice, streaming video and e-mail
• Driving factor was the need to provide consistent application performance and the decision to move to VoIP (savings of $ 50,000/month in toll charges)
• Heavy usage of CBQoSMIB for reporting and monitoring purposes
747474© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Large Enterprise Deployment—Solution
• Implemented a complete DSCP model
• Four classes of serviceReal-Time—VoIP and streaming video (separate bandwidth class for video in case of slow speed links)
Interactive—Database lookups, Citrix and Telnet
Best Effort—Default class and control traffic
Bulk—Large FTPs and backups
• MLP used as encapsulation mechanism on slow speed VoIP links to enable RTP HC and LFI
• No redundant versions of database across multiple locations due to better site to site response times
• Heavy usage of CBQoSMIB for reporting and monitoring purposes
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
757575© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Large Enterprise Deployment—WAN Topology
North America
AsiaEuropeHigh-Speed ATM/FR
Access to MPLS VPN Core
Packets Entering the Network Packets Entering the Network Are Colored at EdgeAre Colored at Edge
MLPPP, CRTP and LFI MLPPP, CRTP and LFI for VoIP Links < 768Kfor VoIP Links < 768K
LLQ (Output Policy) for VoIP, Streaming LLQ (Output Policy) for VoIP, Streaming Video and Traffic from Data CenterVideo and Traffic from Data Center
WRED for Active Queue Management of WRED for Active Queue Management of TCP Flows in Data ClassesTCP Flows in Data Classes
FR
767676© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Large Enterprise Deployment—Challenges
• LLQ on frame does not take advantage of VC burst capabilities
Enable MQC-based FR adaptive shaping
FR VATS permits bursting to line rate when only data is present, strict CIR enforced when voice is present
• Jitter issues in video on slow speed links in case of large flows in Best Effort Class
Overprovision the video class bandwidth and enable WRED in Best Effort Class
For 7500s, hierarchical scheduling in BE class
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
777777© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Case Studies
• Large Enterprise DeploymentVoice, Video, Bulk and Best Effort
• QoS for VoIPAccelerated Deployment via Cisco AutoQoS
• Site-to-Site VPNQoS for an enterprise running IPSec VPN end-to-end through a SP network
• Enterprise Network with IP ServicesQoS end-to-end through a SP network selling IP Services
NEW
787878© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Deploying QoS for VoIP
Goal: Deploy Consistent, End-to-End QoS for VoIPGoal: Deploy Consistent, End-to-End QoS for VoIP
FR WAN
WANWAN
Classification and Trust Classification and Trust BoundaryBoundaryMarking/RemarkingMarking/RemarkingEgress Queue SchedulingEgress Queue SchedulingBuffer ManagementBuffer Management
Intelligent Classification Intelligent Classification Bandwidth ProvisioningBandwidth ProvisioningAdmission ControlAdmission ControlShapingShapingLink Fragmentation and Link Fragmentation and InterleavingInterleavingHeader CompressionHeader Compression
Layer 3 PolicingEgress Scheduling(Multiple Queues with WRR)Priority Queuing for VoIPBuffer Management
Access LayerAccess Layer Distribution Layer
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
797979© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
•• Identify Traffic of InterestIdentify Traffic of Interest
•• Trust and UntrustTrust and Untrust
•• Link Efficiency Link Efficiency Mechanisms Mechanisms
•• CoS to DSCP to CoS to DSCP to Queue mappingQueue mapping
•• WRR and WRED WRR and WRED parametersparameters
•• Transport specific Transport specific featuresfeatures
•• Monitor the Monitor the Performance of Performance of Voice TrafficVoice Traffic
•• Consistent EndConsistent End--toto--End QoS across End QoS across LAN and WANLAN and WAN
•• Platform Platform ConsistencyConsistency
• Classes• Bandwidth Requirements• High Speed vs. Low Speed QoS• Buffer Management
Deploying QoS for VoIP—The Manual Way
ApplicationClassificationApplication
Classification
PolicyGeneration
PolicyGeneration
Configuration
Monitoringand
Reporting
Monitoringand
Reporting
ConsistencyConsistency
KeyElementsof QoS
Deployment
KeyElementsof QoS
Deployment
808080© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Deploying QoS for VoIP—Cisco AutoQoS in the LAN
• Simplifies QoS configuration for VoIP• Optimal voice performance
Parameters based on Cisco Best Practices, extensive lab testing,and input from a broad base of AVVID installations
• Intelligent policy generationSupport for Cisco IP Phone and Cisco Soft PhoneAutomatically decides on trust and extended trust boundary settings
User can bypass telephone and connect their PC directly to the switchDisables trust when IP phone is relocated
Configures CoS to DSCP to Queue mapping, WRR settings, etc.
• Supported on static, dynamic-access, voice VLAN, and trunk ports
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
818181© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Catalyst® 6500 Series Switch
set port macro 4/1 ciscoipphone 10 110Port 4/1 has been fully configured for ciscoipphone. Data vlan set to 10, auxiliary vlan set to 110, port based autoqos configured.
Global autoqos configured on all ports.
set qos autoqos
All ingress and egress QoS scheduling parameters configured on all ports.CoS to DSCP, DSCP to COS and IP Precedence to DSCP maps configured. Global QoS configured
set port qos autoqos 4/1 voip ciscoipphone
Port 4/1 has been fully configured for voip.Global autoqos configured on all ports
Deploying QoS for VoIP—Cisco AutoQoS in the LAN (Cont.)
User Enables AutoQoSUser Enables AutoQoS
Generated by AutoQoSGenerated by AutoQoS
Generated by AutoQoSGenerated by AutoQoS
828282© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Interface GigabitEthernet0/1mls qos trust device cisco-phonemls qos trust cosauto qos voip cisco-phonewrr-queue bandwidth 20 1 80 0wrr-queue queue-limit 80 1 20 1wrr-queue cos-map 1 0 1 2 4wrr-queue cos-map 3 3 6 7wrr-queue cos-map 4 5priority-queue out
Interface FastEthernet0/1mls qos trust device cisco-phonemls qos trust cosauto qos voip cisco-phonewrr-queue bandwidth 20 1 80 0wrr-queue min-reserve 1 5wrr-queue min-reserve 2 6wrr-queue min-reserve 3 7wrr-queue min-reserve 4 8wrr-queue cos-map 1 0 1 2 4wrr-queue cos-map 3 3 6 7 wrr-queue cos-map 4 5priority-queue out
Catalyst 3550 Series Switch
Deploying QoS for VoIP—Cisco AutoQoS in the LAN (Cont.)
Generated Generated by AutoQoSby AutoQoS
You Enable AutoQoSYou Enable AutoQoS
You Enable AutoQoSYou Enable AutoQoS
Generated Generated by AutoQoSby AutoQoS
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
838383© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Deploying QoS for VoIP—Cisco AutoQoS in the WAN
• Simplifies QoS configuration for VoIPA single command enables Cisco QoS for VoIP
• Generated parameters and configuration can be user modified
• Intelligent policy generationBased on available bandwidth and underlying L2 technologyClassifies VoIP bearer and signaling (H.323, Skinny, H.225 Unicast, SIP and MGCP) trafficAutomatically enables Link Fragmentation settings, if required
• Supported on FR, ATM, HDLC, PPP and FR-to-ATM links
• Provides RMON alerts, if VoIP packet are dropped
848484© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
interface Serial4/0encapsulation frame-relay
frame-relay traffic-shaping!interface Serial4/0.1 point-to-pointbandwidth 256ip address 10.1.71.1 255.255.255.0frame-relay interface-dlci 100class AutoQoS-VoIP-FR-Serial4/0-100auto qos voip
frame-relay ip rtp header-compression!map-class frame-relay AutoQoS-VoIP-FR-Serial4/0-100frame-relay cir 256000frame-relay bc 2560frame-relay be 0frame-relay mincir 256000service-policy output AutoQoS-Policy-UnTrustframe-relay fragment 320
Deploying QoS for VoIP—Cisco AutoQoS in the WAN (Cont.)
FrameRelay
FRTS Enabled FRTS Enabled by AutoQoSby AutoQoS
You Specify BW, IP You Specify BW, IP Addr and FR DLCIAddr and FR DLCI
You Enable AutoQoSYou Enable AutoQoS
CRTP ConfigurationCRTP ConfigurationGenerated by AutoQoSGenerated by AutoQoS
FRTS and FRF.12FRTS and FRF.12Settings GeneratedSettings Generated
by AutoQoSby AutoQoS
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
858585© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
class-map match-any AutoQoS-VoIP-RTP-Untrustmatch protocol rtp audiomatch access-group name AutoQoS-VOIP-RTCP
class-map AutoQoS-VoIP-Control-Untrustmatch access-group name AutoQoS-VOIP-Control
class-map match-any AutoQoS-VOIP-Remarkmatch ip dscp efmatch ip dscp af31
!policy-map AutoQoS-Policy-Untrustclass-map AutoQoS-VoIP-RTP-Untrust
priority percent 70set dscp ef
class AutoQoS-VoIP-Control-Untrustbandwidth percent 5set dscp af31
class AutoQoS-VoIP-Remarkset dscp default
class class-defaultfair-queue
Deploying QoS for VoIP—Cisco AutoQoS in the WAN (Cont.)
FrameRelay
Classification DoneClassification Doneby AutoQoSby AutoQoS
Provisioning DoneProvisioning Doneby AutoQoSby AutoQoS
868686© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Case Studies
• Large Enterprise DeploymentVoice, Video, Bulk and Best Effort
• QoS for VoIPAccelerated deployment via Cisco AutoQoS
• Site-to-Site VPNQoS for an enterprise running IPSec VPN end-to-end through a SP network
• Enterprise Network with IP ServicesQoS end-to-end through a SP network selling IP Services
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
878787© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Site-to-Site VPN—Requirements
• Enterprise customer buys a point to point service from service provider and requires 4 classes of service:
Real-time (Voice): no loss, low latency, low jitter, guaranteed bandwidth
Business Class (ERP Applications): low loss, guaranteed bandwidth
Interactive Class (Telnet,): low loss, low latency, guaranteed bandwidth
Normal (other traffic): Best Effort
• Site-to-Site VPN service, two site example
888888© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Site-to-Site VPN—Topology
Customer Needs Site-to-Site IP VPN Service with 4 Different Service Classes
L3 Service from SP
CE
CE
CORE
PE
PE
PE
PE
PP
P P
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
898989© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Site-to-Site VPN—Issues
• Additional header and trailer overhead of IPSec and GRE with voice packets
• Voice delay budget increased by crypto engine processing
• Crypto engines (FIFO) randomly drop packets when congested
Voice quality suffers through IPSec tunnel
• CRTP and IPSec are incompatible standards
• Voice and data in same IPSec/GRE tunnel, both encrypted
• QoS re-ordering of IPSec sequenced packets can lead to anti-replay drops
QoS Requirements Are Same as in a Typical L2 Service Deployment, Except…
909090© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
IPHdr
GREGRE
RTP
IPHdr
RTPUDPUDP
UDPUDP VoiceVoice
VoiceVoiceGRE IPHdr
ESPPad/NH
ESPAuth
ESPHdr
ESPIV
GRE IPHdr GREGRE IP
Hdr RTPIPSecHdr
IPSecHdr UDPUDP VoiceVoice
IPSec—136 Bytes
(Tunnel Mode)
IP GRE—84 Bytes
G 729—60 Bytes
20202020
202020
2020
4
888
8
8
4
12
12
12 122–257
Site-to-Site VPN Issues—G 729 CODEC Overhead with GRE and IPSec
Resulting Layer 3 Packet Sizes:G.729 = 136 bytes @ 50 pps = 54.4 kbpsG.711 = 280 bytes @ 50 pps = 112 kbps
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
919191© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Encrypt2-10ms
Decrypt2-10ms
Propa–gationPropa–gation
Coder45msCoder45ms
FRTS< 10msFRTS
< 10msQueuing
64K6ms
Queuing64K6ms Network
(FR Sw)Network(FR Sw)
Dejitter50ms
Dejitter50ms
Serial -ization
64k3ms
Serial -ization
64k3ms
Site-to-Site VPN Issues (Cont.)—Increase in Voice Delay Budget
Expect IPSec Encryption to Add 2–10 ms
…Minimal Impact to Delay Budget
Goal = 100–250ms
194 ms as Shown
< 60 ms Based on SP’s SLA
929292© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Site-to-Site VPN Issues (Cont.)—LLQ Before Crypto Engine
• Enabled by configuring LLQ policy on output interface
• Engages when Crypto Engine is congested
• Supported on Cisco 2600, 3600, 3700, 7100, and 7200 Series Routers from 12.2(13)T
BestEffort
LLQDD
CryptoEngine
DataData
VoIPVoIPLLQ Classification
Output InterfaceOutput
Interface
VV
Input
Interface
Input
InterfaceVV DD VV DD DD
VVVVVVVV
VVDDDDDD
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
939393© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
V*V* DD V*V* DD
Site-to-Site VPN—When to Use QoS Pre-Classify
• Currently required when using hardware encryption and service-policy on output interface
• Maintains original IP Header (port, protocol, source/dest IP address, etc.) for output QoS policy
• Unrequired when QoS policy uses ToS byte only
• Apply to both crypto map and IP GRE tunnel (if IP GRE is used)
Router Can Make QoS Decisions Basedon Encrypted Elements in the Packets
Unencrypted VPN Router
Encrypted
DDDataData
VoIPVoIP V*V*
?*?*?? ?*?*??
949494© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Case Studies
• Large Enterprise DeploymentVoice, Video, Bulk and Best Effort
• QoS for VoIPAccelerated deployment via Cisco AutoQoS
• Site-to-Site VPNQoS for an enterprise running IPSec VPN end-to-end through a SP network
• Enterprise Network with IP ServicesQoS end-to-end through a SP network selling IP Services
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
959595© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Enterprise Network with IP Services—The Works
• SP sells L3 services with following four levels of serviceReal-Time
Business High
Business Low
Best Effort
• Business driver for Enterprise—ad-hoc any to any video conferencing from more than 60 sites across the US
Each site connected via T1 connection at minimum
VC units run standard 384Kbps IPVC streams
• Customer also has several mission critical business applications that need prioritization
• Managed CE environment
969696© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Enterprise Network with IP Services—Challenges
• Point-to-Cloud Model—SP is involved in QoS
• Challenges
Current provisioning mechanism guaranteed more than 150% of available bandwidth
No accounting for routing protocols and L2 overhead
SP not preserving DSCP marking across their cloud—Remark DSCP to indicate to themselves whether packets are within or violating contract
DLSW+ application configured to set its ToS value to 5 by default (same as IPVC)
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
979797© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Enterprise Network with IP Services—The Solution
• Customer purchased services in the ratio 5:6:2:1
• Customer migrated to a complete DSCP modelSimpler from a classification and provisioning perspective
Monitoring and Management advantages
• Workaround for SP remarking: NBAR deployed at WAN edge to re-classify and re-mark INBOUND traffic from the WAN
• Routing and control traffic in business high class
• Percentage based provisioning mechanism
• QPM 3.0 for monitoring traffic statistics via CBQoSMIB
989898© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
class-map match-all VIDEOmatch access-group 120
class-map match-all SAPmatch protocol custom-10
class-map match-all SNAmatch protocol dlsw
class-map match-all TELNETmatch protocol telnet
class-map match-all NOTESmatch protocol notes
class-map match-any WWWmatch protocol httpmatch protocol secure-http
class-map match-all FTP-GRAPHICSmatch access-group 105match protocol ftp
class-map match-all REAL-TIMEmatch ip dscp ef
class-map match-any BUSINESS-HIGHmatch ip dscp af31 match ip dscp af32 match ip dscp af33 match ip dscp cs3
class-map match-any BUSINESS-LOWmatch ip dscp af21 match ip dscp af22 match ip dscp af23
Enterprise Network with IP Services—Configuration
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
999999© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Enterprise Network with IP Services—Configuration (Cont.)
policy-map MARKINGclass VIDEOset ip dscp efclass SAPset ip dscp af31class SNAset ip dscp af32class TELNETset ip dscp af33class NOTESset ip dscp af21class WWWset ip dscp af22class FTP-GRAPHICSset ip dscp af23class class-defaultset ip dscp default
policy-map WAN-EDGEclass REAL-TIMEpriority 512
class BUSINESS-HIGHbandwidth percent 45random-detect dscp-basedclass BUSINESS-LOWbandwidth percent 15random-detect dscp-basedclass class-defaultfair-queuerandom-detect dscp-based
100100100© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Enterprise Network with IP Services—Configuration (Cont.)
interface FastEthernet0/0service-policy input MARKING!interface Serial0/0encapsulation frame-relay IETFframe-relay traffic-shaping!interface Serial0/0.1 point-to-pointdescription SP Cktframe-relay interface-dlci 101class FRTS
!map-class frame-relay FRTSframe-relay cir 1536000frame-relay bc 15360frame-relay mincir 1536000service-policy input MARKINGservice-policy output WAN-EDGE
SP Core
}}
CE
PE
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
101101101© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Agenda
• Introduction
• Deployment Guide
• QoS Management
• Case Studies
• Summary and References
102102102© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Summary
• Lots of new tool enhancements (NBAR, LLQ, Shaping, Policing, etc.) available
• Single class for latency sensitive traffic, additional classes to implement data SLAs
• It is all about Buffer Management in the Campus, Access and Distribution Layers
• Enterprise WAN edge QoS is dependent on the kind of service that is purchased from the SP
• Marking, Queuing and Shaping enabled at the WAN edge
• Queuing and WRED dropping based on packet marking enabled in the SP core
• QoS is an end-to-end proposition
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
103103103© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
References
• QoS on CCO
http://www.cisco.com/ios/qos
• QoS Configuration Guide
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/qos_c/
• QoS command reference guide
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/qos_r/index.htm
• AVVID QoS Design Guide
http://www.cisco.com/univercd/cc/td/doc/product/voice/ip_tele/avvidqos/index.htm
104104104© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Recommended Reading
IP Quality of ServiceISBN: 1578701163
Cisco Catalyst QoS: Quality of Service in Campus NetworksISBN: 1587051206
Cisco Multiservice Switching Networks ISBN: 1587050684
Available on-site at the Cisco Company Store
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
105105105© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Recommended Reading
Cisco DQOS Exam Certification Guide (IP Telephony Self-Study)ISBN: 1587200589Available in Aug 2003
Available on-site at the Cisco Company Store
106106106© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2
Please Complete Your Evaluation Form
Session RST-2081
Copyright © 2003, Cisco Systems, Inc. All rights reserved. Printed in USA.8176_05_2003_c2.scr
107107107© 2003, Cisco Systems, Inc. All rights reserved.RST-2081 8176_05_2003_c2