Configuring QoS PDF
Preview Configuring QoS
Configuring QoS • FindingFeatureInformation, page 1 • PrerequisitesforQoS, page 1 • RestrictionsforQoS, page 3 • InformationAboutQoS, page 4 • HowtoConfigureQoS, page 33 • MonitoringStandardQoS, page 92 • ConfigurationExamplesforQoS, page 93 • WheretoGoNext, page 104 • AdditionalReferences, page 104 • FeatureHistoryandInformationforQoS, page 105 Finding Feature Information Yoursoftwarereleasemaynotsupportallthefeaturesdocumentedinthismodule.Forthelatestfeature informationandcaveats,seethereleasenotesforyourplatformandsoftwarerelease. UseCiscoFeatureNavigatortofindinformationaboutplatformsupportandCiscosoftwareimagesupport. ToaccessCiscoFeatureNavigator,gotohttp://www.cisco.com/go/cfn.AnaccountonCisco.comisnot required. Prerequisites for QoS BeforeconfiguringstandardQoS,youmusthaveathoroughunderstandingoftheseitems: •Thetypesofapplicationsusedandthetrafficpatternsonyournetwork. •Trafficcharacteristicsandneedsofyournetwork.Forexample,isthetrafficonyournetworkbursty? Doyouneedtoreservebandwidthforvoiceandvideostreams? •Bandwidthrequirementsandspeedofthenetwork. Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches) 1 Configuring QoS QoS ACL Guidelines •Locationofcongestionpointsinthenetwork. QoS ACL Guidelines FollowtheseguidelineswhenconfiguringQoSwithaccesscontrollists(ACLs): •ItisnotpossibletomatchIPfragmentsagainstconfiguredIPextendedACLstoenforceQoS.IPfragments aresentasbest-effort.IPfragmentsaredenotedbyfieldsintheIPheader. •OnlyoneACLperclassmapandonlyonematchclass-mapconfigurationcommandperclassmapare supported.TheACLcanhavemultipleACEs,whichmatchfieldsagainstthecontentsofthepacket. •AtruststatementinapolicymaprequiresmultiplehardwareentriesperACLline.Ifaninputservice policymapcontainsatruststatementinanACL,theaccesslistmightbetoolargetofitintotheavailable QoShardwarememory,andanerrorcanoccurwhenyouapplythepolicymaptoaport.Whenever possible,youshouldminimizethenumberoflinesisaQoSACL. Related Topics CreatinganIPStandardACLforIPv4Traffic, onpage47 CreatinganIPExtendedACLforIPv4Traffic, onpage48 CreatinganIPv6ACLforIPv6Traffic, onpage50 CreatingaLayer2MACACLforNon-IPTraffic, onpage52 Policing Guidelines Note Tousepolicing,theswitchmustberunningtheLANBaseimage. •TheportASICdevice,whichcontrolsmorethanonephysicalport,supports256policers(255 user-configurablepolicersplus1policerreservedforsysteminternaluse).Themaximumnumberof user-configurablepolicerssupportedperportis63.Policersareallocatedondemandbythesoftware andareconstrainedbythehardwareandASICboundaries. Youcannotreservepolicersperport;thereisnoguaranteethataportwillbeassignedtoanypolicer. •Onlyonepolicerisappliedtoapacketonaningressport.Onlytheaveragerateandcommittedburst parametersareconfigurable. •OnaportconfiguredforQoS,alltrafficreceivedthroughtheportisclassified,policed,andmarked accordingtothepolicymapattachedtotheport.OnatrunkportconfiguredforQoS,trafficinallVLANs receivedthroughtheportisclassified,policed,andmarkedaccordingtothepolicymapattachedtothe port. •IfyouhaveEtherChannelportsconfiguredonyourswitch,youmustconfigureQoSclassification, policing,mapping,andqueueingontheindividualphysicalportsthatcomprisetheEtherChannel.You mustdecidewhethertheQoSconfigurationshouldmatchonallportsintheEtherChannel. •IfyouneedtomodifyapolicymapofanexistingQoSpolicy,firstremovethepolicymapfromall interfaces,andthenmodifyorcopythepolicymap.Afteryoufinishthemodification,applythemodified Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches) 2 Configuring QoS General QoS Guidelines policymaptotheinterfaces.Ifyoudonotfirstremovethepolicymapfromallinterfaces,highCPU usagecanoccur,which,inturn,cancausetheconsoletopauseforaverylongtime. General QoS Guidelines ThesearethegeneralQoSguidelines: •YouconfigureQoSonlyonphysicalports;thereisnosupportforitattheVLANlevel. •Controltraffic(suchasspanning-treebridgeprotocoldataunits[BPDUs]androutingupdatepackets) receivedbytheswitcharesubjecttoallingressQoSprocessing. •Youarelikelytolosedatawhenyouchangequeuesettings;therefore,trytomakechangeswhentraffic isataminimum. •Theswitchsupportshomogeneousstackingandmixedstacking.Mixedstackingissupportedonlywith theCatalyst2960-Sswitches.Ahomogenousstackcanhaveuptoeightstackmembers,whileamixed stackcanhaveuptofourstackmembers.AllswitchesinaswitchstackmustberunningtheLANBase image. Restrictions for QoS ThefollowingaretherestrictionsforQoS: •Tousethesefeatures,theswitchmustberunningtheLANBaseimage:stacking,DSCP,auto-QoS, trustedboundary,policing,marking,mappingtables,andweightedtaildrop. •Ingressqueueingisnotsupported. •Theswitchsupports4defaultegressqueues,withtheoptiontoenableanadditional4egressqueuesfor atotalof8.ThisoptionisonlyavailableonastandaloneswitchrunningtheLANBaseimage. •Werecommendthatyoudonotenable8egressqueuesbyusingthemlsqossrr-queueoutputqueues 8command,whenrunningthefollowingfeaturesinyourconfiguration: ◦Auto-QoS ◦AutoSmartPort ◦EnergyWise Runningthesefeatureswith8egressqueueenabledinasingleconfigurationisnotsupportedonthe switch. •YoucanconfigureQoSonlyonphysicalports.VLAN-basedQoSisnotsupported.Youconfigurethe QoSsettings,suchasclassification,queueing,andscheduling,andapplythepolicymaptoaport.When configuringQoSonaphysicalport,youapplyanonhierarchicalpolicymaptoaport. •IftheswitchisrunningtheLANLiteimageyoucan: ◦ConfigureACLs,butyoucannotattachthemtophysicalinterfaces.YoucanattachthemtoVLAN interfacestofiltertraffictotheCPU. ◦Enableonlycostrustatinterfacelevel. Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches) 3 Configuring QoS Information About QoS ◦EnableSRRshapingandsharingatinterfacelevel. ◦EnablePriorityqueueingatinterfacelevel. ◦Enableordisablemlsqosrewriteipdscp. •TheswitchmustberunningtheLANBaseimagetousethefollowingQoSfeatures: ◦Policymaps ◦Policingandmarking ◦Mappingtables ◦WTD Information About QoS QoS Implementation Typically,networksoperateonabest-effortdeliverybasis,whichmeansthatalltraffichasequalpriorityand anequalchanceofbeingdeliveredinatimelymanner.Whencongestionoccurs,alltraffichasanequalchance ofbeingdropped. WhenyouconfiguretheQoSfeature,youcanselectspecificnetworktraffic,prioritizeitaccordingtoits relativeimportance,andusecongestion-managementandcongestion-avoidancetechniquestoprovide preferentialtreatment.ImplementingQoSinyournetworkmakesnetworkperformancemorepredictableand bandwidthutilizationmoreeffective. TheQoSimplementationisbasedontheDifferentiatedServices(Diff-Serv)architecture,astandardfromthe InternetEngineeringTaskForce(IETF).Thisarchitecturespecifiesthateachpacketisclassifieduponentry intothenetwork. TheclassificationiscarriedintheIPpacketheader,using6bitsfromthedeprecatedIPtypeofservice(ToS) fieldtocarrytheclassification(class)information.ClassificationcanalsobecarriedintheLayer2frame. Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches) 4 Configuring QoS QoS Implementation ThespecialbitsintheLayer2frameoraLayer3packetareshowninthefollowingfigure: Figure 1: QoS Classification Layers in Frames and Packets Layer 2 Frame Prioritization Bits Layer2Inter-SwitchLink(ISL)frameheadershavea1-byteUserfieldthatcarriesanIEEE802.1pclassof service(CoS)valueinthethreeleast-significantbits.OnportsconfiguredasLayer2ISLtrunks,alltrafficis inISLframes. Layer2802.1Qframeheadershavea2-byteTagControlInformationfieldthatcarriestheCoSvalueinthe threemost-significantbits,whicharecalledtheUserPrioritybits.OnportsconfiguredasLayer2802.1Q trunks,alltrafficisin802.1QframesexceptfortrafficinthenativeVLAN. OtherframetypescannotcarryLayer2CoSvalues. Layer2CoSvaluesrangefrom0forlowpriorityto7forhighpriority. Layer 3 Packet Prioritization Bits Layer3IPpacketscancarryeitheranIPprecedencevalueoraDifferentiatedServicesCodePoint(DSCP) value.QoSsupportstheuseofeithervaluebecauseDSCPvaluesarebackward-compatiblewithIPprecedence values. Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches) 5 Configuring QoS QoS Basic Model IPprecedencevaluesrangefrom0to7.DSCPvaluesrangefrom0to63. End-to-End QoS Solution Using Classification AllswitchesandroutersthataccesstheInternetrelyontheclassinformationtoprovidethesameforwarding treatmenttopacketswiththesameclassinformationanddifferenttreatmenttopacketswithdifferentclass information.Theclassinformationinthepacketcanbeassignedbyendhostsorbyswitchesorroutersalong theway,basedonaconfiguredpolicy,detailedexaminationofthepacket,orboth.Detailedexaminationof thepacketisexpectedtooccurclosertotheedgeofthenetwork,sothatthecoreswitchesandroutersarenot overloadedwiththistask. Switchesandroutersalongthepathcanusetheclassinformationtolimittheamountofresourcesallocated pertrafficclass.ThebehaviorofanindividualdevicewhenhandlingtrafficintheDiff-Servarchitectureis calledper-hopbehavior.Ifalldevicesalongapathprovideaconsistentper-hopbehavior,youcanconstruct anend-to-endQoSsolution. ImplementingQoSinyournetworkcanbeasimpletaskorcomplextaskanddependsontheQoSfeatures offeredbyyourinternetworkingdevices,thetraffictypesandpatternsinyournetwork,andthegranularity ofcontrolthatyouneedoverincomingandoutgoingtraffic. QoS Basic Model ToimplementQoS,theswitchmustdistinguishpacketsorflowsfromoneanother(classify),assignalabel toindicatethegivenqualityofserviceasthepacketsmovethroughtheswitch,makethepacketscomplywith theconfiguredresourceusagelimits(policeandmark),andprovidedifferenttreatment(queueandschedule) inallsituationswhereresourcecontentionexists.Theswitchalsoneedstoensurethattrafficsentfromit meetsaspecifictrafficprofile(shape). Figure 2: QoS Basic Wired Model Actions at Ingress Port Actionsattheingressportincludeclassifyingtraffic,policing,marking,andscheduling: •ClassifyingadistinctpathforapacketbyassociatingitwithaQoSlabel.TheswitchmapstheCoSor DSCPinthepackettoaQoSlabeltodistinguishonekindoftrafficfromanother.TheQoSlabelthat isgeneratedidentifiesallfutureQoSactionstobeperformedonthispacket. Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches) 6 Configuring QoS QoS Basic Model •Policingdetermineswhetherapacketisinoroutofprofilebycomparingtherateoftheincomingtraffic totheconfiguredpolicer.Thepolicerlimitsthebandwidthconsumedbyaflowoftraffic.Theresultis passedtothemarker. •Markingevaluatesthepolicerandconfigurationinformationfortheactiontobetakenwhenapacketis outofprofileanddetermineswhattodowiththepacket(passthroughapacketwithoutmodification, markingdowntheQoSlabelinthepacket,ordroppingthepacket). Note Queueingandschedulingareonlysupportedategressandnotatingressontheswitch. Actions at Egress Port Actionsattheegressportincludequeueingandscheduling: •QueueingevaluatestheQoSpacketlabelandthecorrespondingDSCPorCoSvaluebeforeselecting whichofthefouregressqueuestouse.Becausecongestioncanoccurwhenmultipleingressports simultaneouslysenddatatoanegressport,WTDdifferentiatestrafficclassesandsubjectsthepackets todifferentthresholdsbasedontheQoSlabel.Ifthethresholdisexceeded,thepacketisdropped. •SchedulingservicesthefouregressqueuesbasedontheirconfiguredSRRsharedorshapedweights. Oneofthequeues(queue1)canbetheexpeditedqueue,whichisserviceduntilemptybeforetheother queuesareserviced. Classification Overview Classificationistheprocessofdistinguishingonekindoftrafficfromanotherbyexaminingthefieldsinthe packet.ClassificationisenabledonlyifQoSisgloballyenabledontheswitch.Bydefault,QoSisglobally disabled,sonoclassificationoccurs. Duringclassification,theswitchperformsalookupandassignsaQoSlabeltothepacket.TheQoSlabel identifiesallQoSactionstobeperformedonthepacketandfromwhichqueuethepacketissent. TheQoSlabelisbasedontheDSCPortheCoSvalueinthepacketanddecidesthequeueingandscheduling actionstoperformonthepacket.Thelabelismappedaccordingtothetrustsettingandthepackettypeas showninClassificationFlowchart, onpage10. Youspecifywhichfieldsintheframeorpacketthatyouwanttousetoclassifyincomingtraffic. Related Topics IngressPortActivity EgressPortActivity ConfiguringaQoSPolicy, onpage46 Non-IP Traffic Classification Thefollowingtabledescribesthenon-IPtrafficclassificationoptionsforyourQoSconfiguration. Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches) 7 Configuring QoS QoS Basic Model Table 1: Non- IP Traffic Classifications Non-IP Traffic Classification Description TrusttheCoSvalue TrusttheCoSvalueintheincomingframe(configurethe porttotrustCoS),andthenusetheconfigurable CoS-to-DSCPmaptogenerateaDSCPvalueforthepacket. Layer2ISLframeheaderscarrytheCoSvalueinthe3 least-significantbitsofthe1-byteUserfield. Layer2802.1QframeheaderscarrytheCoSvalueinthe3 most-significantbitsoftheTagControlInformationfield. CoSvaluesrangefrom0forlowpriorityto7forhigh priority. TrusttheDSCPortrustIPprecedencevalue TrusttheDSCPortrustIPprecedencevalueintheincoming frame.Theseconfigurationsaremeaninglessfornon-IP traffic.Ifyouconfigureaportwitheitheroftheseoptions andnon-IPtrafficisreceived,theswitchassignsaCoSvalue andgeneratesaninternalDSCPvaluefromtheCoS-to-DSCP map.TheswitchusestheinternalDSCPvaluetogenerate aCoSvaluerepresentingthepriorityofthetraffic. Performclassificationbasedonconfigured PerformtheclassificationbasedonaconfiguredLayer2 Layer2MACACL MACaccesscontrollist(ACL),whichcanexaminethe MACsourceaddress,theMACdestinationaddress,and otherfields.IfnoACLisconfigured,thepacketisassigned 0astheDSCPandCoSvalues,whichmeansbest-effort traffic.Otherwise,thepolicy-mapactionspecifiesaDSCP orCoSvaluetoassigntotheincomingframe. Afterclassification,thepacketissenttothepolicingandmarkingstages. IP Traffic Classification ThefollowingtabledescribestheIPtrafficclassificationoptionsforyourQoSconfiguration. Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches) 8 Configuring QoS QoS Basic Model Table 2: IP Traffic Classifications IP Traffic Classification Description TrusttheDSCPvalue TrusttheDSCPvalueintheincomingpacket(configuretheporttotrust DSCP),andassignthesameDSCPvaluetothepacket.TheIETFdefines the6most-significantbitsofthe1-byteToSfieldastheDSCP.Thepriority representedbyaparticularDSCPvalueisconfigurable.DSCPvaluesrange from0to63. YoucanalsoclassifyIPtrafficbasedonIPv6DSCP. ForportsthatareontheboundarybetweentwoQoSadministrative domains,youcanmodifytheDSCPtoanothervaluebyusingthe configurableDSCP-to-DSCP-mutationmap. TrusttheIPprecedencevalue TrusttheIPprecedencevalueintheincomingpacket(configuretheport totrustIPprecedence),andgenerateaDSCPvalueforthepacketbyusing theconfigurableIP-precedence-to-DSCPmap.TheIPVersion4 specificationdefinesthe3most-significantbitsofthe1-byteToSfieldas theIPprecedence.IPprecedencevaluesrangefrom0forlowpriorityto 7forhighpriority. YoucanalsoclassifyIPtrafficbasedonIPv6precedence. TrusttheCoSvalue TrusttheCoSvalue(ifpresent)intheincomingpacket,andgeneratea DSCPvalueforthepacketbyusingtheCoS-to-DSCPmap.IftheCoS valueisnotpresent,usethedefaultportCoSvalue. IPstandardoranextendedACL PerformtheclassificationbasedonaconfiguredIPstandardoranextended ACL,whichexaminesvariousfieldsintheIPheader.IfnoACLis configured,thepacketisassigned0astheDSCPandCoSvalues,which meansbest-efforttraffic.Otherwise,thepolicy-mapactionspecifiesa DSCPorCoSvaluetoassigntotheincomingframe. OverrideconfiguredCoS OverridetheconfiguredCoSofincomingpackets,andapplythedefault portCoSvaluetothem.ForIPv6packets,theDSCPvalueisrewrittenby usingtheCoS-to-DSCPmapandbyusingthedefaultCoSoftheport.You candothisforbothIPv4andIPv6traffic. Afterclassification,thepacketissenttothepolicingandmarkingstages. Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches) 9 Configuring QoS QoS Basic Model Classification Flowchart Figure 3: Classification Flowchart Access Control Lists YoucanuseIPstandard,IPextended,orLayer2MACACLstodefineagroupofpacketswiththesame characteristics(class).YoucanalsoclassifyIPtrafficbasedonIPv6ACLs. Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches) 10
Description:The list of books you might like
