1 QOS (3560/3750) overview
·
Classification and marking: mls qos ,qos maps,MQC
·
Policing: ingress policing is done via MQC, no egress
·
Congestion Management: SRR queuing, shared on
the ingress but both shared and shaped supported on egress.
·
Congestion avoidance: WTD where threshold values
and cos/dscp comes to play
2 Classification and marking
2.1 mls qos
SW3750(config-if)#do
sh mls qos
QoS
is enabled
QoS
ip packet dscp rewrite is enabled
with default switch config, any ingress markings will be identical to egress
markings.
once mls qos is configured, any ingress marking will be
reset to 0 -if additional configs are not done.
int
g0/1
mls
qos trust cos
mls
qos cos 2
mls
qos cos 2:any untagged(no vlan ID) will be re-written
to cos 2. So traffic on native vlan will be affected. if traffic is
coming from VLAN4 with cos 4, it will leave with cos 4
mls
qos cos 1
mls
qos cos override --> overrides the trust command and both
tagged and untagged traffic will be marked as cos 1
mls
qos trust device--> Trust the markings enforced by the device ie cisco
phone.
2.2 QOS maps
Maps are used to convert incoming l2/l3 markings for
customised l2/l3 markings. For implementations that use different classification
schemes these maps are required.
SW3750(config)#mls
qos map ?
cos-dscp
cos-dscp map: eight dscp values for cos 0-7
dscp-cos
dscp-cos map keyword
dscp-mutation
dscp-mutation map keyword
ip-prec-dscp
dscp values for ip precedences 0 - 7
policed-dscp
policed-dscp map keyword
with exception of dscp-mutation map, rest of
the maps can be directly configured and mappings will affect all ports configured
with mls qos trust dscp or cos.
With dscp-mutation, default map cannot be
used hence a custom dscp-mutation map is required and needs to be applied to
the required interfaces.
Following example re-marks DSCP 40 to 20 through the custom map MAP and is applied to the interface
mls
qos map dscp-mutation MAP 40 to 20
W1(config-if)#do
sh run int g0/1
Building
configuration...
Current
configuration : 281 bytes
!
interface
GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,100,110
switchport mode trunk
mls qos trust dscp
mls qos dscp-mutation MAP
2.3 MQC
·
ACL defines interesting traffic.
·
ACL is associated with a class-map
·
Class-map is associated with a policy-map and for
re-marking “set” key word is used
·
Service –policy is applied to the required
interfaces.
3 Ingress
3.1 Policing
·
Policing is done using MQC .
·
Switches do not have conform action unlike
routers
·
Exceed-action is drop or policed-dscp
3.1.1 Single rate policing
SW3750(config)#mls
qos
SW3750(config)#class
SW3750(config)#class-map
DSCP10
SW3750(config-cmap)#match
ip dscp 10
SW3750(config-cmap)#policy-map
PMAP
SW3750(config-pmap)#class
DSCP10
SW3750(config-pmap-c)#police
1000000 250000 exceed-action ?
drop drop packet
policed-dscp-transmit change dscp per policed-dscp map and send it
SW3750(config-pmap-c)#police
1000000 250000 exceed-action drop
SW3750(config-pmap-c)#int
g1/0/9
SW3750(config-if)#mls
qos trust dscp
SW3750(config-if)#service-policy
input PMAP
With Policed DSCP will transmit the packets instead of
dropping but the dscp will be remarked to a lower value.
Note. As this not cciev or ccier&S I doubt aggregate policing
or vlan based policing will be in play so that’s omitted for the time being :-)
3.2 Congestion Management SRR
·
Cisco 3560/3750
uses SRR with 1p1q3t for input
·
Configured globally- so impacts the entire
switch
·
Uses shared only
·
By default q2 is PQ and 10% of BW is allocated-
however you can configure q1 as PQ if required.
Note. Cisco 6500 uses WRR- from an exam point of view,
don’t think wrr will be in play as this qos on 6500 will be based on line
cards/ supervisor capabilities which are unknown.
The default ingress SRR settings are as follows:
SW1#sh
mls qos input-queue
Queue :
1 2
----------------------------------------------
buffers :
90 10
bandwidth
: 4 4
priority :
0 10 --q2 is the PQ
threshold1: 100
100
threshold2: 100
100
Each of the parameters and configuration details are as
follows:
SW3750(config)#mls
qos srr-queue input ?
bandwidth Configure SRR bandwidth
buffers Configure buffer allocation
cos-map Configure cos-map for a queue id
dscp-map Configure dscp-map for a queue id
priority-queue Configure priority scheduling
threshold Configure queue tail-drop thresholds-->
wtd
Bandwidth: Represent
the ratios of how the remaining bandwidth is allocated for each queue. by default once the PQ is serviced remaining
bandwidth is equally allocated the q1 and q2.
Following example q2 is serviced twice as much of q1 once
the PQ is serviced
SW1(config)#mls
qos srr-queue input bandwidth 4 8
SW1(config)#do
sh mls qos input-q
Queue :
1 2
----------------------------------------------
buffers :
90 10
bandwidth
: 4 8
priority :
0 10
threshold1: 100
100
threshold2: 100
100
Buffers-
determines the storage space for each queue
mls
qos srr-queue input buffer 25 75
25
– buffer size as % for q1
75
- buffer size as % for q2
Maps (cos-map
and dscp-map) By default there are two input maps dscp-input-q and
cos-input-q. These maps map the corresponding dscp/cos value to queue and drop thresholds
(for WTD). From the below outputs we can see that delay sensitive traffic is
allocated to q2 by default.
When configuring input or output queues for SRR the
configuration is as follows:
SW1(config)#mls
qos srr-queue ?
input
input keyword
output
output keyword
SW1#sh
mls qos map dscp-input-q
Dscp-inputq-threshold map:
d1 :d2
0 1 2
3 4 5
6 7 8
9
------------------------------------------------------------
0 :
01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01
1 :
01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01
2 :
01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01
3 :
01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01
4 :
02-01 02-01
02-01 02-01 02-01 02-01 02-01 02-01 01-01 01-01
5 : 01-01 01-01 01-01 01-01 01-01 01-01 01-01
01-01 01-01 01-01
6 :
01-01 01-01 01-01 01-01
SW1#sh
mls qos map cos-input-q
Cos-inputq-threshold map:
cos: 0
1 2 3
4 5 6 7
------------------------------------
queue-threshold: 1-1 1-1 1-1 1-1 1-1 2-1 1-1 1-1
The default values can be modified as below:
In this example EF is allocated to q1 with threshold 2
SW1(config)#mls
qos srr-queue input dscp-map queue 1 46
SW1(config)#mls
qos srr-queue input dscp-map threshold 2 46
SW1(config)#do
sh mls qos map dscp-in
Dscp-inputq-threshold map:
d1 :d2
0 1 2
3 4 5
6 7 8
9
------------------------------------------------------------
0 :
01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01
1 :
01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01
2 :
01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01
3 :
01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01
4 :
02-01 02-01 02-01 02-01 02-01 02-01 01-02 02-01 01-01 01-01
5 :
01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01 01-01
6 :
01-01 01-01 01-01 01-01
Priority: determines
which queue is the PQ. By default q2 is allocated 10% of the BW and is the PQ. As
q2 is the PQ, DSCP 40-47 are allocated to q2 by default.
The following command will make q1 priority with a 30% of
bw.
SW1(config)#mls
qos srr-queue input priority-queue 1 bandwidth 30
SW1(config)#do
sh mls qos input-q
Queue :
1 2
----------------------------------------------
buffers :
90 10
bandwidth
: 4 8
priority :
30 0
threshold1: 100
100
threshold2: 100
100
SW1(config)#mls
qos srr-queue input priority-queue 2 bandwidth 0 will disable PQ on ingress
3.3 Congestion Avoidance -WTD
Threshold: determines at which level the packets with
specific markings are dropped when there is congestion. 3x threshold values but only 2 is
configurable.
Following example configures q1 for 40% threshold1 and 80%
for threshold 2.
SW1(config)#mls
qos srr-queue input threshold 1 40 80
SW1(config)#do
sh mls qos input-q
Queue :
1 2
----------------------------------------------
buffers :
90 10
bandwidth
: 4 8
priority :
30 0
threshold1: 40
100
threshold2: 80
100
SW1(config)#
The mappings of each cos or dscp values and thresholds are
done through input-q maps as mentioned earlier.
Following maps cos 0 -3 to threshold 1 and 4,6 and 7 threshold
2 of q1.cos5 is in its default setting.
SW1(config)#mls
qos srr-queue input cos-map queue 1
threshold 1 0 1 2 3
SW1(config)#mls
qos srr-queue input cos-map queue 1
threshold 2 4 6 7
SW1(config)#do
sh mls qos map cos-input
Cos-inputq-threshold map:
cos: 0
1 2 3
4 5 6 7
------------------------------------
queue-threshold: 1-1 1-1 1-1 1-1 1-2 2-1 1-2
1-2
4 Egress
4.1 Policing
With 3560 it seems that egress policing is not supported
SW1(config-if)#service-policy
output T
police
command is not supported for this interface
Configuration
failed!
Warning:
Assigning a policy map to the output side of an interface not supported
As workaround bandwidth limitations can be applied.
4.2 Egress Congestion Management
·
Cisco 3560/3750
uses SRR with 1p3q3t for output
·
Configured globally- so impacts the entire
switch
·
Can use shared &
shaped
·
When both configured shaped takes precedence
over shared
·
Shaped is
an absolute ratio where shares is relative
·
PQ is disabled by default, when enabled q1 is PQ and 1/25 which 4% of BW is allocated
·
All ports are mapped to qset 1 by default
SW1(config-if)#do
sh mls qos interface g0/1 q
GigabitEthernet0/1
QoS is disabled. When QoS is enabled,
following settings will be applied
Egress
Priority Queue : disabled
Shaped
queue weights (absolute) : 25 0 0 0
Shared
queue weights : 25 25 25 25
The
port bandwidth limit : 100 (Operational
Bandwidth:100.0)
The
port is mapped to qset : 1
The
highlighted area confirms that mls qos is not enabled!!
Priority queue:
Configured at the interface level and is disabled by default.
when enabled q1 is PQ and 1/25 which 4% of BW is
allocated
SW1(config-if)#priority-queue
out
When enabled, all DSCP 40-47 values are assigned to PQ. If
this is not desired the required dscp needs to be assigned to another queue.
Shaped
·
Does not use more than the allocated bandwidth
·
Inverse weight of the absolute value of is used to calculate the bw
srr-queue
bandwidth shape 40 40 0 0
40 = q1 is guaranteed 1/40 of bandwidth = 25mbps
Shared
· Can use more than allocated bw due to sharing
·
Weights
are used as a ratio to calculate bw- not absolute value.
·
Once the PQ and shaped queues are serviced
shared ratios comes into play when allocating the remaining bw.
int
g0/1
srr-queue
bandwidth share 20 30 30 30
this is a relative
weights for each q. as its relative sum l does not be 100
ie q1 gets (20/110)X 1000
Both shaped and shared enabled
int
g0/1
srr-queue
bandwidth share 100 100 50 40
srr-queue
bandwidth shape 50 50 0 0
In the above where both shaped and shared are configured,
shaped takes precedence over shared for all non-zero values.
So q1 gets (1/50)x 1000=20 mbps
q2 gets (1/50)x
1000=20 mbps
as shape value are zero revert to the values listed in
the shared configuration
therefore q3 (50/290) x (1000- 20(q1) -20(q2))= 165 mbps
Maps
Similar
to ingress, there are 2 maps that could be utilised for egress queuing.which maps
dscp or cos values to the respective queue.
SW1(config)#do
sh mls qos map dscp-o
Dscp-outputq-threshold map:
d1 :d2
0 1 2
3 4 5
6 7
8 9
------------------------------------------------------------
0 :
02-01 02-01 02-01 02-01 02-01 02-01 02-01 02-01 02-01 02-01
1 :
02-01 02-01 02-01 02-01 02-01 02-01 03-01 03-01 03-01 03-01
2 :
03-01 03-01 03-01 03-01 03-01 03-01 03-01 03-01 03-01 03-01
3 :
03-01 03-01 04-01 04-01 04-01 04-01 04-01 04-01 04-01 04-01
4 : 01-01 01-01 01-01 01-01 01-01
01-01 01-01 01-01 04-01 04-01
5 :
04-01 04-01 04-01 04-01 04-01 04-01 04-01 04-01 04-01 04-01
6 :
04-01 04-01 04-01 04-01
SW1(config)#do
sh mls qos map cos-ou
Cos-outputq-threshold map:
cos: 0
1 2 3
4 5 6 7
------------------------------------
queue-threshold: 2-1 2-1 3-1 3-1 4-1 1-1 4-1 4-1
cos
6 is assigned to q1
SW1(config)#mls
qos srr-queue output cos-map queue 1 6
cos
6 is assigned to threhold2
SW1(config)#mls
qos srr-queue output cos-map queue 1 threshold 2 6
SW1#sh
mls qos map cos-output-q
Cos-outputq-threshold map:
cos: 0
1 2 3
4 5 6 7
------------------------------------
queue-threshold: 2-1 2-1 3-1 3-1 4-1 1-1 1-2 4-1
Bandwidth: determines the max bandwidth per port
SW1(config-if)#srr-queue
bandwidth limit 30
The
port bandwidth limit : 100
SW1(config-if)#srr-queue
bandwidth limit ?
<10-90>
enter bandwidth limit for interface
as percentage
SW1(config)#do
sh mls qos int g0/1 q
GigabitEthernet0/1
Egress
Priority Queue : enabled
Shaped
queue weights (absolute) : 25 0 0 0
Shared
queue weights : 25 25 25 25
The
port bandwidth limit : 30 (Operational
Bandwidth:30.44)
The
port is mapped to qset : 1
4.3 Egress Congestion avoidance
·
Similar to ingress WTD is used to provide congestion
management and is configured as using a template
referred to as qset .
·
Qset is used assign the output threshold values to each of
the 4 queues.
·
By default all ports are assigned to qset 1
Queueset:
1
Queue :
1 2 3
4
----------------------------------------------
buffers :
25 25 25
25
threshold1: 100
200 100 100
threshold2: 100
200 100 100
reserved :
50 50 50
50
maximum :
400 400 400
400
Queueset:
2
Queue :
1 2 3
4
----------------------------------------------
buffers :
25 25 25
25
threshold1: 100
200 100 100
threshold2: 100
200 100 100
reserved :
50 50 50
50
maximum :
400 400 400
400
if we want to affect the entire switch, qest 1 is modified
and if we want to influence only a subset of ports qset2 is modified and applied
to the respective interfaces.
SW1(config)#
mls qos queue-set output 2 threshold 1 60 70 100 100
SW1(config)#int
g0/1
SW1(config-if)#queue-set
2
SW1(config-if)#do
sh mls qos int g0/1 q
GigabitEthernet0/1
Egress
Priority Queue : enabled
Shaped
queue weights (absolute) : 25 0 0 0
Shared
queue weights : 25 25 25 25
The
port bandwidth limit : 30 (Operational
Bandwidth:30.44)
The
port is mapped to qset : 2
SW1(config-if)#do
sh mls qos queue-set 2
Queueset:
2
Queue :
1 2 3
4
----------------------------------------------
buffers :
25 25 25
25
threshold1: 60
200 100 100
threshold2: 70
200 100 100
reserved :
100 50 50
50
maximum :
100 400 400
400
Sources:
·
Micronics R&S bootcamp
· http://mrncciew.com/2012/11/26/375035602960-wired-qos/
End-to-End QoS Network Design: Tim Szigeti
· Kevin Wallace’s video on 3560/3750 qos
End-to-End QoS Network Design: Tim Szigeti
· Kevin Wallace’s video on 3560/3750 qos
