QoS

-> QoS -> Quality of Service -> tools network devices use to apply a different treatment (take different actions with) to packets in the network as they pass through the device. -> the actions are called Per-Hop Behaviour -> delay the message -> discard it												  -> change header fields -> the QoS tools manage the -> bandwidth (for example reserving a percentage of the total bandwidth for a spcific type of traffic) -> delay -> jitter -> packet loss -> types of traffic -> DATA traffic -> for interactive data applications -> QoS should focus on low delay and jitter -> Qos should aim to improve user's Quality of Experience -> for non interactive apps -> called batch traffic -> the delay and jitter do not matter much -> the bandwith should be just enough for packet loss not to occur -> VOICE traffic -> interactive traffic requirements -> 80Kbps minimum bandwidth -> 30 to 320 Kbps bandwidth required based on the codec used -> delay (one-way) -> 150ms or less -> Jitter -> 30ms or less -> packet loss -> 1% or less -> VIDEO traffic -> bandwidth -> 384Kbps - 20+ Mbps depending on -> the video codec -> the content of the video -> delay (one-way) -> 200 - 400 ms										  -> jitter -> 30 - 50 ms										   -> loss -> 0.1% to 1% -> QoS tools -> CLASSIFICATION AND MARKING -> CLASSIFICATION -> matching the fields in a message to make a choice to take some QoS action -> Example: -> routers perform classification to decide on which queue to place a packet -> in this example, Queuing is the QoS action -> the complex matching process (CLASSIFICATION) must be done on an early device (like the first switch), and then, based on the classification result the packet should be MARKED/ -> MARKING -> the process of changing fields in the headers (like DSCP field) based on a complex CLASSIFICATION -> the value of the changed (marked) field allows the networking devices make simpler and faster QoS classification -> marking can be done at -> layer 3 -> IP protocol -> DSCP field (6 bits) -> part of the ToS byte -> allows up to 64 different values -> DSCP value 46 is called EXPEDITED FORWARDING -> mostly used for voice traffic -> traffic which needs low latency, jitter and loss -> ASSURED FORWARDING -> a set of 12 DSCP values defining queuing and packet drop -> has the form of AFXY where -> X -> identifies the queue -> takes values from 1 to 4 where 1 is worst queue and 4 is best queue -> Y -> identifies the drop priority -> takes values from 1 to 3 where 1 is least likely to drop and 3 is most likely to be dropped -> DSCP values: 10 (AF11), 12 (AF12), 14 (AF13), 18 (AF21), 20 (AF22), 22 (AF23), 26 (AF31), 28 (AF32), 30 (AF33), 34 (AF41), 36 (AF42), 38 (AF43) -> example: 28 -> means AF32 -> second best queue (AF3Y) -> if the queue is full, it is most likely to be dropped than a AF31 packet, but less likely to be dropped than a AF33 packet -> CLASS SELECTOR -> values that provide backwards compatibility with the old IPv4 IPP (3 bit IP Precedence) field -> DSCP CS values: 0 (CS0), 8 (CS1), 16 (CS2), 24 (CS3), 32 (CS4), 40 (CS5), 48 (CS6), 56 (CS7) -> DSCP Guidelines -> DSCP EF -> Voice Payload -> AF4Y -> Interactive video (videoconferencing) -> AF3X -> Streaming video -> AF2X -> high priority, low latency data -> CS0 -> standard data -> a common method of marking when using QoS -> IPv6 protocol -> Traffic Class field (8 bits) -> layer 2 -> 802.1Q header -> PCP field (3 bits) -> QoS over trunk links -> 802.11 -> TID -> Traffic Identifier (3 bits) -> QoS over WiFi -> MPLS -> EXP field (3 bits) -> QoS over MPLS WAN -> trust boundary -> the point in the path of a packet flowing through the network, at which the networking devices can trust the QoS markings -> Example: the middle of the first access switch -> do not trust the QoS markings of the packet as received on the ingress port -> perform classification and marking -> the next networking devices will trust the packet's QoS markings as it comes from an interface which is inside the trust boundary (switch's egress interface) -> NBAR -> Cisco Network Based Application Recognition -> provides many more ways to perform packet classification -> basically uses application-signatures to identify applications -> QUEUING -> QoS tools for managing the queues that hold packets while they wait their turn to exit an interface. -> after a router has made a forwarding decision, and before being placed in the output queue, a packet may be subjected to services like ACL, NAT, etc -> the QUEUING system has two components -> a classifier function (CLASSIFICATION), to choose which queue a packet should be placed on																	  -> a SCHEDULER -> chooses from which queue to send messages when the interface is available -> it can perform queue prioritization -> Weighted ROUND ROBIN -> scheduling algorithm -> cycles through each queue in order -> takes a different number of messages from each queue and sends them -> achieves prioritization by sending different numbers of messages for each queue -> it is used in Class-Based Weighted Fair Queuing CBWFQ QoS tool, to guarantee a minimum amount of bandwidth to each queue -> LOW LATENCY QUEUING -> used along with the Round Robin when the former is unable to fulfill the requirements of one type of traffic (when jitter and delay still appear even though RR provides most bandwidth to the queue) -> it creates a special "priority queue" from which the messages will always be sent next, regardless of the RR cycle -> if the special priority queue takes all the bandwitdh available, so much so that Round Robin can no longer forward messages from the other queues, the phenom is called "queue starvation". -> when a queue starvation occurs -> the queuing strategy alone (RR) has no effect on the special policy queue as the former has precedence. -> the bandwith on the special priority queue must be limited via a QoS POLICY -> if the bandwidth limiting POLICY provides too low bandwidth for the special priority queue, QoS CAC tools must be used -> Call Admission Controls -> allows for the prioritized traffic to be routed out of another link -> prioritization strategies -> CBWFQ for data and noninteractive voice and video -> data from business-critical applications must be given a bigger bandwidth percentage via CBWFQ -> LLQ for voice and video -> separate LLQ special priority queues for voice and video so different policies can be applied to each -> enough bandwith must be given for each LLQ queue so the policer never would discard traffic -> CAC tools to avoid adding too much voice or video to the network -> SHAPING AND POLICING -> both tools are used to monitor the bit rate of the traffic that flow through a device, and keep that bit rate at, or below, the preconfigured speed. -> when packets arrive at the interface -> if the packets do not exceed the preconfigured bit rate, they are let through the normal path -> if the packets exceed the preconfigured bit rate -> if SHAPING is in place, the incoming messages will be delayed by queuing -> if POLICING, the messages will be either discarded, or marked with a "priority to be discarded" mark. -> POLICING -> measures the traffic rate over time for comparison to the configured policing rate. -> if the traffic exceeds a preconfigured bit rate, packets will be discarded or marked. -> when the traffic is marked, it is actually let through. If however, there would be congestion somewhere in the network, the marked traffic is prioritized to be discarded. -> allows for bursts of speed exceeding the limit, after a period of inactivity. -> it can be enabled in either direction but is usually enabled at ingress. -> used by ISP to control the user bandwith -> the user get the bandwidth they paid for -> the ISP devices are safe from congestion -> SHAPING -> Shapers measure the traffic rate over time for comparison to the configured shaping rate -> Shapers allow for bursting after a period of inactivity -> Shapers are enabled on an interface for egress -> Shapers slow down packets by queuing them (LLQ/CBWFQ) and over time releasing them from the queue, towards the egress interface, at the shaping rate -> the shaper's function is given by the configured shaping rate, the egress interface maximum transmit speed and the TIME INTERVAL -> the time in which the shaper completes a sending-resting cycle. -> for example: -> 1 Gbps egress interface, 200Mbps shaping rate and 1 second time interval -> the shaper receives the traffic in its queues and applies LLQ/CBWFQ logic to them -> the traffic is then released towards the exit interface at a 1 Gbps speed, but only for 200 ms -> the shaper will then wait another 800 ms to release more traffic. -> this means that over a 1000 ms (1 sec) interval, only 200 Mb of data were sent -> if the rest time is not suitable for the type of traffic, the time interval can be shortened -> 0.1 seconds (100 ms) time interval -> the shaper would send at 1 Gbps for 20 ms which would amount to 20 Mb/100 ms/cycle -> as the time interval is a tenth of a second, the shaper would repeat the cycle 10 times in a second which would amount to 200 Mbps -> used when, for some reason, it is beneficial to limit the transmit speed (like sending traffic towards an ISP which would discard it if it would exceed the policing rate) -> 10 ms time interval is reccomended to support voice and video traffic -> CONGESTION AVOIDANCE -> QoS tool that attempts to reduce overall packet loss by discarding packets used in TCP connections -> it makes use of TCP's own windowing mechanism, discarding packets, thus determining hosts to shrink windows sizes, decreasing down the traffic rate. -> without congestion avoidance, when queues on networking devices would fill, all incoming packets would be dropped, which would result in much more data losses (tail drop). -> congestion avoidance -> drops no packets when the queues are below a minimum threshold. -> when the queue congestion is above the minimum threshold, a percentage of packets are dropped. -> when the queue congestion is above the maximum threshold, all incoming packets are dropped. -> it also supports queue prioritization, traffic classes, etc. -> observations -> classification and marking -> the complex classification process (based on traffic type, subnet, destination, application, etc) must be done on the early life of a packet. -> based on this classification, the packet is then marked -> subsequent networking devices will use the marked field to perform QoS decisions -> this will avoid having each device perform complex classification logic, during the packet flow -> this will increase up the network performance -> matching packets for QoS classification can be done using ACLs. -> Cisco IP Phones by default mark voice payload traffic with DSCP 46 (EF) and voice signaling packets (used to set up the voice call) with DSCP CS3 -> terms and explanations -> flow -> all the data moving from one application to another in one direction -> in a data exchange there are 2 flows, one for each direction