Section 10.4: Configuring QoS
QoS trust can be configured in the following two manners:
• Per-interface; or
• As part of a QoS policy on specific traffic types.
Per-interface trust is illustrated below. Policy trust is illustrated in Section 11.4.2.
10.4.1: Per-interface QoS Trust
In this instance, one of the values listed below is trusted and used when a switch makes forwarding decisions:
• Inbound CoS from the trunking tags
• DSCP from the inbound IP packet headers
• IP Precedence from the inbound IP packet headers
Use the following command on each interface when QoS information is trusted:
Switch(config-if)# mls qos trust {cos | dscp | ip-precedence}
Use the following command on each interface when QoS information is NOT trusted (default setting):
Switch(config-if)# no mls qos trust
Inbound QoS information (trusted or untrusted) must be mapped into internal DSCP values. With Class of Service (CoS) , every one of the eight CoS values are mapped into an internal DSCP value.
Use the following global configuration command to amend the default mapping, where each of the dscp values is a figure 0 to 63:
Switch(config)# mls qos map cos-dscp dscpl ... dscp8
Every one of the eight IP Precedence values is mapped into an internal DSCP value.
Use the following global configuration command to amend the default mapping, where each of the dscp values is a figure 0 to 63:
Switch(config)# mls qos map ip-prec-dscp dscpl ... dscp8
Inbound DSCP values could be mapped into different internal DSCP values by means of a DSCP mutation map. The default configuration is no DSCP mutation.
To define a DSCP mutation map, start by creating a named map that contains a maximum of eight entries. Each of the dscp values is a number between 0 and 63. This is done by repeating the following global configuration command:
Switch(config)# mls qos map dscp-mutation dscp-mutation-name in-dscp to outdscp
Next, use the following interface configuration command to apply the mutation map to a particular ingress interface:
Switch(config-if)# mls qos dscp-mutation dscp-mutation-name
10.4.2: Defining a QoS Policy
Start at defining the QoS class by using the following global configuration command:
Switch(config)# class-map class-name [match-all | match-any]
Several conditions can be configured into the class map to match different traffic types. Use the match-all keyword when the class should match against all the conditions. This is the default setting. The match-any keyword used enable any of these conditions to activate a match. Packets can be classified with access lists or Network-Based Application Recognition (NBAR). NBAR matches against more intricate fields. The NBAR attribute is updated at intervals to support the recognition of recently developed applications.
Next, exit the class map configuration mode to define the IP access list with the access-list access-list-number or the ip access-list extended command.
Use the following class map configuration command to tie a traffic flow with NBAR:
Switch(config-cmap)# match protocol protocol-name
When NBAR is enabled on an interface packets are inspected as well. The switch CPU has to process all traffic moving in and out of an interface. This is not as effective as CEF switching and performance through that interface could be negatively impacted.
Class maps must be specified to enable traffic to be classified for the policy. Use the following global configuration command to specify the QoS policy:
Switch(config)# policy-map policy-name
Next, use the following policy map configuration command to specify each class map that will be used:
Switch(config-pmap)# class class-name
Once the class maps are set up to classify traffic, the DSCP value or the IP Precedence value must be marked by using one of the following policy map configuration commands:
Switch(config-pmap)# set ip dscp dscp-value
or
Switch(config-pmap)# set ip precedence ip-precedence-value
The DSCP value is a number 0 to 63 while the IP Precedence value is a number 0 to 7 To enable policy trust, use the following policy map configuration command:
Switch(config-pmap)# trust {cos | dscp | ip-precedence}
A QoS policy map can be applied to the physical interface on a switch once it is classified and defined. Because an interface can only contain one active policy applied in each direction, an inbound traffic policy and an outbound traffic policy can be applied to an interface.
The following interface configuration command is employed to start using a policy:
Switch(config-if)# service-policy [input | output] policy-name
10.4.3: Configuring and Tuning Egress Scheduling
Packet scheduling pertains to the manner in which a switch places a packet into an egress queue and also deals with the manner in which queues are serviced. Each queue is serviced according to its weight with reference to the other queues. Catalyst switches support the Weighted Round Robin scheduling algorithm that checks the weighting values to find out the ratio of packets to send from one queue as opposed to another. Interfaces with two standard queues are allocated weights 4 and 255. The second queue gets almost 64 times the quantity of data it sends for each one unit of data from the first queue. The quantity of weight values that can be set depends on the number of common egress queues that an interface has. The weight values extend from 1 to 255.
Use the following interface configuration command to alter a queue's weights:
Switch(config-if)# wrr-queue bandwidth weight1 weight2 [ weight3] [ weight4]
10.4.4: Congestion Prevention
Congestion prevention or avoidance is configured with Weighted Round Robin configuration commands.
Internal DSCP Values are mapped to CoS Values for Queuing which are in turn used for egress scheduling and queuing.
Use the following global configuration command to modify the default DSCP to CoS mappings:
Switch(config)# mls qos map dscp-cos dscp-list to cos-value
The dscp-list can take the form of an individual DSCP value ranging from 0 - 63, a hyphenated variety of values, or it can be multiple values and ranges that are separated by commas.
WRR locates packets in egress queues based on the mapping between a CoS value and a queue number.
Use the following interface configuration command to specify the map that links CoS values to particular egress queue drop thresholds:
Switch(config-if)# wrr-queue cos-map queue-id threshold-id cos-list
Packets that have with a CoS value named in the cos-list will be placed in the specified queue with the threshold ID applied. The CoS values are halved: CoS 0 and 1 fall in queue 1 threshold 1; CoS 2 fall in queue 1 threshold 2, CoS 4 fall in queue 2 threshold 1. CoS 5 is always put in the ‘strict priority queue' when the queue is reachable. CoS 6 and 7 fall in queue 2 threshold 2.
Every switch interface has WRED enabled as a default configuration. Use the following interface configuration command to enable the option when it has been previously overridden:
Switch(config-if)# wrr-queue random-detect queue-id
WRED maintains two thresholds, namely a minimum threshold and a maximum threshold, for each queue for the majority of interface types. WRED cannot drop any packets when the queue level falls below the minimum threshold. WRED drops all new packets when the queue level is over the maximum threshold. When the queue the level is between the minimum and maximum standards, WRED can drop packets according to a rate that is relevant to the level of the queue
Use the following interface configuration command to define the WRED thresholds:
Switch(config-if)# wrr-queue random-detect {max-threshold |
min-threshold} queue-id threshold-percent-1 ... threshold-percent-N
The lowest priority queue, queue 1 has a minimum threshold of 0 and a maximum threshold of 40 percent. The low priority queue is constantly vulnerable to random drops. Queue 2, a higher priority queue has a minimum of 0 and a maximum threshold of 100 percent. This queue's level must reach 100 percent before all packets are dropped.