QOS Notes: Part-2

Chapter: 6 Traffic policing and shaping;

  • Usually, policing is done on the ingress and shaping will be done on the egress.
  • Policing typically drops out-of-contract traffic, whereas shaping typically delays it.


  • How it works;
    • Tc – Time interval on which committed burst size is sent. In ms.
    • Bc – amount of traffic which is sent in Tc msec. In bits.
    • CIR – Committed Information Rate. By traffic contract.
    • Shaped Rate – configured value for shaping. Usually equals to CIR.
    • Be – Excess burst. Number of bits beyond Bc, that can be sent after period of inactivity.
    • Bc = Tc * CIR (or ‘shaped rate’)
    • Token buckets;
      • Each token for a bit to sent.
      • Bc tokens are generated every Tc sec and hold in a bucket.
      • One bucket size of packets is processed at a time.
      • Assume the bucket size is Bc+Be. If less than Bc amount of traffic was sent during last Tc, the bucket can now hold Bc+Be tokens to be sent in next Tc.
  • Traffic-shaping adaption;
    • When configuring shaping adaption, minimum (MIR or mincir) shaping rate and maximum shaping rates are configured. At first, CB shaping uses maximum configured rate. If it received BECN or FECN (Forward Explicit Congestion Notification), it reduces the shaping rate by 25% until it reaches MIR.
    • The rate grows again after 16 consecutive intervals occur without FECN/BECN.
  • CB shaping tools: Supports FIFO, WFQ, CBWFQ and LLQ.
  • Shaping queue –> Interface software queues -> Hardware queue (Tx Ring). If there is no packet in the s/w or h/w queue, packets can be placed directly on Tx Ring without doing any shape.


  • 3 colors (Marking) used by CB policing.
    • Conforming—Packet is inside the contract
    • Exceeding—Packet is using up a excess burst capability
    • Violating—Packet is totally outside the contract
  • Single-Rate, Two-Color (1 Bucket)
    • With Policing, think of each token as the right to send a single byte
    • CB policing replenishes tokens in the bucket in response to a packet arriving at the policing function
    • If the number of bytes in the packet is less than or equal to (<=) the number of tokens in the bucket, the packet conforms. CB policing removes tokens from the bucket equal to the number of bytes in the packet, and performs the action for packets that conform to the contract. (Vice Versa)
  • Dual Token Bucket (Single-Rate)
    • Packets that fit within Bc conform, those that require the extra bytes allowed by Be exceed, and those that go beyond even Be are considered to violate the traffic contract.
  • Dual Token Bucket (Dual Rate)
    • Two rates are configured. Committed Information Rate (CIR) and Peak Information Rate (PIR)
    • Decision;
      • If the number of bytes in the packet is less than or equal to (<=) the number of tokens in the CIR bucket, the packet conforms. CB Policing removes tokens from the CIR equal to the number of bytes in the packet, and performs the action for packets that conform to the contract. CB Policing also removes the same number of tokens from the PIR bucket.
      • If the packet does not conform, and the number of bytes in the packet is less than or equal to (<=) the number of tokens in the PIR bucket, the packet exceeds. CB Policing removes tokens from the PIR bucket equal to the number of bytes in the packet, and performs the action for packets that exceed the contract.
      • If the packet neither conforms nor exceeds, it violates the traffic contract. CB Policing does not remove tokens from either bucket, and performs the action for packets that violate the contract.

Shaping Configuration;

  • CB Shaping defaults to use a single FIFO queue when delaying packets, but it also supports several queuing methods for the shaping queues, including WFQ, CBWFQ, and LLQ
  • Configuration commands;
    • shape [average | peak] <CIR (bps) [Bc (bits) [Be (bits)]]>
      • Average: send out Bc  bits only per Tc interval.
      • Peak: send out send out Bc+Be per interval
    • shape [average | peak] percent <xxx>
      • Enables to configure CIR as percent of link BW.
    • shape adaptive <min-rate>
      • Enables shape adaptive with min-threshold value. Max-threshold value is CIR configured in ‘shape average’ command.
    • shape fecn-adapt
      • Enable Traffic Shaping reflection of FECN as BECN
    • show policy-map interface <>
      • Shows computed values such as Bc,Be, Tc etc.
  • If Bc, Be given in the commands, IOS calculates Tc = Bc/CIR. If not,
    • At lower shaping rates (less than 320 kbps), CB Shaping assumes a Bc of 8000 bits, and calculates Tc based on the formula Tc = Bc/CIR
    • For speeds higher than 320 kbps, CB Shaping instead uses a default Tc of .025 seconds
  • Be defaults to be equal to Bc.
  • We can configure LLQ, CBWFQ by using ‘service-policy’ command inside shape policy map.

Policing configuration;

  • We configure Bc, Be in bytes and not as bits as in shaping.
  • Configuration commands;
  • Single-rate: Single bucket;
    • police <bps> bc <bytes> conform-action <action> exceed-action <action>
  • Single-rate: Duel Bucket;
    • police <bps> bc <bytes> be <bytes> conform-action <action> exceed-action <action> violate-action <action>
  • Duel-rate: 3 color;
    • police cir <bps> bc <bytes> pir <bps> be <bytes> conform-action <action>…..
    • CIR, PIR can be configuring as percent of link bandwidth.
  • Action-list;
    • drop- drop the packet
    • Set-dscp-transmit – set the DSCP and transmit the packet
    • Set-prec-transmit – Set the IP precedence and sends the packet
    • Set-qos-transmit – Set the QOS group ID and sends the packet
    • Set-clp-transmit – set the ATM CLP bit and sends the packets
    • transmit – send the packet
  • CB policing defaults for Bc and Be;
    • Bc = CIR /32 (or) 1500, whichever is greater.
  • Be = PIR /32

Chapter-7 : Congestion avoidance through drop policies:

  • For TCP communication between 2 hosts, there are 2 windows;
    • Advertised window – receiver allowed sender to send ‘x’ bytes. Will be in TCP header
    • Congestion window (CWND) – Sender calculates it, according to network congestion.
    • The CWND is designed to let the sender react to network congestion by slowing down its sending rate.
    • Steps;
      • A TCP sender fails to receive an acknowledgment in time, signifying a possible lost packet.
      • The TCP sender sets CWND to the size of a single segment.
      • Another variable, called slow start threshold (SSTHRESH) is set to 50 percent of the CWND value before the lost segment.
      • After CWND has been lowered, slow start governs how fast the CWND grows up until the CWND has been increased to the value of SSTHRESH.(exponential way)
      • After the slow start phase is complete, congestion avoidance governs how fast CWND grows after CWND > SSTHRESH. (linear way)
  • UDP senders do not reduce or increase the sending rate depending on network congestion.
  • Tail Drop – due to Q full.
  • Global synchronization – when tail drop occurs without WRED, the TCP packets will be dropped all at a time and many TCP connections will reduce the window size.
  • TCP starvation –  output queue being filled with larger volumes of UDP, causing TCP connections to have packets tail dropped

Random Early Detection (RED);

  • IOS supports only WRED, ECN and FRED.
  • Average queue depth is calculated. Average Q depth = 99.8% of previous average Q depth + 0.02% of current Q dept.(can be changed by exponential constant used for calculation)
  • Two threshold values are configured. Minimum threshold and maximum threshold value.
  • If average Q dept < Min – No packet drop
    • If Min< Avg. Q dept < Max – percent of packets are dropped. % increase from 0 to a value called Maximum Discard Percentage (MDP)
    • If Avg. Q dept > Max, all packets are discarded.

Weighted RED (WRED);

  • {Min, Max. threshold, MPD} values for each specific DSCP.
  • Configure WRED inside each class. Above values take effect for packets matching that class.
  • Cannot configure WRED with “Priority” command. (LLQ)
  • When enabled directly on an interface, WRED has the unfortunate side effect of disallowing other queuing tools to be used.
  • Configurations;
    • random-detect [dscp-based | prec-based]
      • Interface or class configuration mode; enables WRED, specifying whether to react to precedence or DSCP.
    • random-detect precedence/dscp <precedence/dscp> <min> <max> <MPD>
      • configures min,max threshold and percentage of packet discard for specific precedence/dscp value.
    • random-detect exponential-weighting-constant <1 to 16>
      • Used in the calculation of average queue depth.
    • Show commands;
      • show queueing random-detect
        • shows the packet statistics about random drop/tail drop.
      • Show interface gi/serial x/y
        • Shows the queuing method. To check whether RED is configured.

Explicit Congestion Notification;

  • Concept same as WRED.
  • ECN provides the same benefit as WRED, without discarding packets
  • In the DS field (8 bit), first 6 bits are used as DSCP value. Remaining 2 bits are
    • ECT – ECN Capable Transport
    • CE – Congestion Experienced
  • In summary, the WRED ECN logic works just like WRED without ECN, until a packet has been randomly chosen for discard (when average queue depth is between the min and max thresholds). At that point:
    • If ECN = 00, discard the packet
    • Otherwise, set ECN = 11, and forward the packet.
  • “random-detect ecn” command is added in addtion to WRED random-detect commands.

Chapter-8: Link Efficiency tools;

Payload and Header compression;

  • The ratio of original number of bytes, divided by the compressed number of bytes—a value called the compression ratio.
  • TCP header compression compresses the IP and TCP header (originally 40 bytes combined) down to between 3 and 5 bytes. Similarly, RTP header compression compresses the IP, UDP, and RTP headers (originally 40 bytes combined) to 2 to 4 bytes.
  • RTP header compression typically provides a good compression result for voice traffic, because VoIP tends always to use small packets.
  • compression header ip [tcp |rtp]” command inside class-map of a policy-map enables header compression. By default, both TCP and RTP if no options are given.
  • Configuring compression tells a router to compress packets it will send, and to decompress packets it receives. Hence, compression should be enabled on both ends of the link.
  • To read statistics about compressed packets, use – “show policy-map interface x/y input/output

Link Fragmentation and Interleaving;

  • To make delay sensitive packets egress out of interface quickly.
  • Consider the length of the data-link headers and trailers when choosing the size of the fragments.
  • Multilink PPP-LFI;
  • If a packet is greater than specified byte, fragment the packet and place the fragment in a different queue. Interleaving occurs when scheduler considers that queue as strict priority queue.
  • Optimal fragment size(bits) = Max-delay * bandwidth
    • Where BW is the configured value on the interface
    • And Max-delay is set using “ppp multilink fragment-delay” option.
    • Maximum delay is configurable.
  • Frame Relay LFI using FRF.12
  • FRF.11-c for voice VC. FRF.12 for data VC. Need FRTS to be enabled.
  • 2 FIFO queues are used. PQ high queue and PQ normal queue.
  • Fragment size = Max delay * BW
  • Fragment size is configurable
  • Always base FRF.12 fragmentation sizes on the clock rate (access rate) of the slower of the two access links, not on CIR.

Multilink PPP configuration:

  • ppp multilink – Multilink interface configuration mode .Enables multilink PPP on the interface
  • ppp multilink interleave –“”;Enables interleaving of unfragmented frame
  • ppp multilink fragment delay – “” ; Configures fragment delay. Enables MLP fragmentation
  • ppp multilink fragment disable – “”; Disables MLP fragmentation
  • ppp multilink group – “” . add interface to multilink group
  • show ppp multilink – Displays Interface in same multilink group
  • show interfaces – Lists statistics and status about each interface, including multilink virtual interfaces
  • show queueing interface
  • Create a virtual multilink interface using “interface multilink x” command. Configure IP address and “ppp multilink” and “ppp multilink group”
  • On the physical interface enable “encapsulation ppp” and then above 2 commands.
  • Configure “ppp multilink fragment-delay” and “ppp multilink interleave” on the interface multilink. Then configure priority queuing to see the effect of interleave. “ip rtp priority xxx

Frame Relay Fragmentation Configuration;

  • encapsulation frame-relay – enable on interface mode.
  • frame-relay traffic-shaping – enables FRTS on the interface
  • frame-relay class test1– interface/sub-interface command. Applies map-class  ‘test1’
  • frame-relay interface-dlci  101 ietf – Subinterface command to provide DLCI value.
  • map-class frame-relay test1 – global config mode to create a map-class ‘test1’
  • frame-relay fragment  <bytes> – provide all frame relay QOS configuration inside the map-class.
  • show frame-relay fragment interface – shows fragmentation statistics.

Chapter-9 LAN QOS;

  • Bandwidth is not a substitute for LAN QoS! LAN QoS is a buffer management issue.
  • Catalyst – 2950 QOS;
    • Enhanced and standard IOS version
  • Classification and marking based on Cos Field available in 802.1Q trunking. (First 3-bit)
  • Layer-2 to Layer-3 Mapping;
    • Switch can examine both L2 Cos and L3 DSCP bits. It can also translate/map from one layer to other.
    • “show mls qos maps” to view the default dscp-cos and cos-dscp mappings.
  • By Default, Cisco IP phone marks voice-signal traffic with Cos value of 3 and DSCP value of AF13 (decimal 26) and marks voice-media traffic with Cos value of 5 and DSCP value of EF (decimal 46)
  • To change default cos-dscp mappings, “mls qos map cos-dscp” command.
  • Trust Boundary;
    • Place as close to the source
    • By default, all interfaces are in ‘untrusted’ state. This means all cos value received will be overwritten with cos value of 0. Also DSCP is mapped to 0.
    • “show mls qos interface” to view the state of an interface.
    • Configuring trust boundary;
      • “mls qos trust cos [pass-through]”
        • Configures interface to trust the cos value of all frames received. With ‘pass-through’ option, it prevents the switch from overwriting the original dscp value with the values in map
      • “mls qos trust device cisco-phone”
        • Trust Cos values only if a cisco IP phone is attached. Trust the Cos for packets from IP phone and reset the Cos value of packets originated from the PC attached to phone.
      • “mls qos trust dscp”
        • To trust dscp value of all the packets received on that interface.
      • “switchport priority extend [cos <value> | trust]”
        • Used along with “mls qos trust device cisco-phone” command. This command overwrites the Cos value of packets originated from PC with the value specified. Default is “0”.
        • “trust” option enables switch to accept cos value originated from the PC.
        • To change default cos value for packets received on an interface configure “mls qos cos <value>| override”. All untagged frames with be marked with cos value configured. “override” option to override the original cos value with configured. Overrides all cos settings.
  • Congestion Management
    • Each fastethernet interface on C2950 has single ingress queue and four egress queues.
    • Egress queues can be configured as strict priority, Weighted Round Robin(WRR), or both.
    • After frames enters an interface, below checks are done;
      • Is the Cos trusted?
      • Is the DSCP trusted?
      • Does the packet matches with ACL and marked with Cos ?
      • If not, set Cos and DSCP to default (0). Use Cos value to determine the proper egress queue. Q4 –highest priority and Q1- Lowest Priority.
    • Strict priority queuing
      • Q4 queue is handled and only if Q4 is empty, other queues are serviced.
      • “wrr-queue cos-map [Q_id] [cos value]” to configure which cos value should map to queue ID.
      • Strict priority scheduling is the default scheduling method used in Cat
    • WRR scheduling;
      • Similar to strict priority queuing but a check is made before serving high priority queues.  “weight” is assigned to each queue which is number of packets served per queue. “wrr-queue qos bandwidth <w1>…<w4>”
    • Strict and WRR;
      • Combination of above 2 methods where weight for queue-4 is set to 0. Means, when there is packet in queue-4, strict priority occurs and if not, WRR is implemented for other 3 queues.
    • strict priority queuing is the preferred scheduling method for networks that support real-time applications, such as IP telephony.
  • Policing
    • A policer measures the data rate of arriving packets, identifies conforming (“in-profile”) and nonconforming traffic flows(“out of profile”), and takes action on the traffic flows based upon the traffic contract.
    • Inside policy-map, “ police <rate-bps> <burst-byte> [exceed-action {drop | dscp <value>}]
    • Applied only on the ingress.
  • Auto-QOS;
    • “auto qos voip trust” – enables cos trust on that interface and modify the Cos-dscp mapping and configures strict priority.
    • “auto qos voip cisco-phone” – enables cos trust from IP phone using “mls qos trust cisco-phone” and modify the Cos-dscp mapping and configures strict priority.

    Chapter-10 QOS Best practice

    • QOS Service Level Agreement (SLA);
      • Delay, Jitter and Packet loss.
      • Packets are classified as gold, silver and best-effort.
    • For Voice traffic;
      • Delay <= 150ms
      • Jitter <=30 ms
      • Packet Loss < 1 %
    • For Video traffic;
      • Same as above + Bandwidth fluctuation = 20%
    • Classification/Marking best practice;
      • Classification and marking at the trust boundary near to source.
    • Best Marking values;
      • Traffic type : DSCP Marking: Cos Value
      • Voice traffic: EF : 5
      • Bulk traffic: AF1x : 1
      • Transactional traffic: AF2x : 2
      • Mission-Critical Application: AF3x : 3
      • Interactive video traffic: AF4x : 4
      • IP routing: CS6 : 6
      • Streaming video: CS4 : 4
      • Voice/Video signaling: AF31/CS3 : 3
      • Network Management: CS2 : 2
      • Scavenger traffic: CS1 : 1
      • Unclassified traffic: CS0 : 0
    • Congestion Management best practice;
      • LLQ for low latency traffic like voice and interactive video traffic
      • CBWFQ for guaranteed minimal level of BW for each classified traffic.
    • Congestion Avoidance best practice;
      • WRED is best for CBWFQ which uses TCP applications.
      • Low latency traffic like voice should never be eligible for WRED.
      • DSCP-based congestion avoidance for other traffic.
This entry was posted in QOS. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s