campus qos design- simplified · • qos is disabled by default and must be globally enabled with...

Campus QoS Design-Simplified

Roland Saville – Technical Leader Engineering

BRKCRS-2501

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Cisco Spark

Questions? Use Cisco Spark to communicate with the speaker after the session

1. Find this session in the Cisco Live Mobile App

2. Click “Join the Discussion”

3. Install Spark or go directly to the space

4. Enter messages/questions in the space

How

cs.co/ciscolivebot#BRKCRS-2501

• Campus QoS Design Considerations and Best Practices

• Cisco Catalyst 2960-X QoS Design

• Cisco Catalyst 3650/3850/9000 Series QoS Design

• Cisco Catalyst 4500 QoS Design

• Cisco Catalyst 6500/6800 QoS Design

• Cisco Nexus 7000/7700 QoS Design

• Meraki MS Series Switch QoS Design

• Campus WLAN QoS Design Considerations and Best Practices

• Cisco AireOS WLC AVC/QoS Design

• Meraki MR Series AP QoS Design

• What are we doing to make this simpler?

• Summary and References

Agenda

Campus QoS Design Considerations and Best Practices


What Do You Consider First?

BRKRST-2056: The QoS Paradigm Shift

https://cisco.box.com/s/8izevlg4k6gaggh3cmrc16lugm6sdr8y

https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=83633&backBtn=true

BRKCRS-2501 6

http://www.google.ca/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0CAcQjRw&url=http://www.123plans.co.uk/services/&ei=qqBoVdaiMKXksATt7ICIDg&bvm=bv.94455598,d.cWc&psig=AFQjCNGIzU3LAETaAgHZ3hfzuO5hkOAuDw&ust=1433006605900115

https://cisco.box.com/s/8izevlg4k6gaggh3cmrc16lugm6sdr8y



Start by Defining Your QoS StrategyArticulate Your Business Intent, Relevant Applications and End-to-End Strategy

https://cisco.app.box.com/v/QoS-AAGs

BRKCRS-2501 7



The Case for Campus QoS

• The primary role of QoS in campus networks is to manage packet loss

• In campus networks, it takes only a few milliseconds of congestion to cause drops

• Rich media applications are extremely sensitive to packet drops

• Queuing policies at every node can prevent packet loss for real-time apps

• The secondary role of QoS in campus networks is to condition traffic at the access edge, which can include any of the following:

• Trust

• Classify and Mark

• Police

BRKCRS-2501 8


10

80

lin

es o

f H

orizo

nta

l R

eso

lution

1920 lines of Vertical Resolution (Widescreen Aspect Ratio is 16:9)

1080p60

1080 x 1920 lines =

2,073,600 pixels per frame

x 24 bits of color per pixel

x 60 frames per second

= 2,985,984,000 bps

or 3 Gbps Uncompressed!

Cisco (H264/H.265) codecs transmit 3-5 Mbps per 1080p60 video stream

which represents over 99.8% compression (~ 1000:1)

Packet loss is proportionally magnified by compression ratios. Users can notice a single packet lost in 10,000—

Making HD Video One Hundred Times More Sensitive to Packet Loss than VoIP!

Why Is Video So Sensitive to Packet Loss?

BRKCRS-2501 9

http://www.google.ca/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0CAcQjRw&url=http://www.eurosport.com/formula-1/sebastian-vettel-beats-lewis-hamilton-in-monaco-fp3_sto4748082/story.shtml&ei=KahoVdnGGZLHsQTR8oCICw&bvm=bv.94455598,d.cWc&psig=AFQjCNFptHJYw3AH7H5UE_l4BduJmzPXzg&ust=1433008506023537


Audio

Samples

20 msec

Voice Packets

Bytes

200

600

1000

1400

Time

200

600

1000

1400

33 msec

Video Packets

Video

Frame

Video

Frame

Video

Frame

VoIP vs. HD Video—At the Packet Level

BRKCRS-2501 10


0

20

40

60

80

100

120

140

10

50

90

13

0

17

0

21

0

25

0

29

0

33

0

37

0

41

0

45

0

49

0

53

0

57

0

61

0

65

0

69

0

73

0

77

0

81

0

85

0

89

0

93

0

97

0

KB

yte

sP

er

ms

Gbps Line Rate

Campus QoS Design ConsiderationsHow Long Can Queue-Buffers Accommodate Line-Rate Bursts?

GE Linecard Example

Total Per-Port Buffer: 5.4 MB

Total Per-Queue Buffer*: 1.35 MB

Gbps Line Rate: 1 Gbps = 125 MB/s

or 125 KB/ms

Total Per-Queue Buffering Capacity: 10.8 ms

*Assuming (4) equal-sized queues

ms

GE Linecard Example (WS-X6148)

Begin dropping at 11 msbut overall utilization is only 1%!

1 secondBRKCRS-2501 11


KB

yte

sP

er

ms

10 Gbps Line Rate

Campus QoS Design ConsiderationsHow Long Can Queue-Buffers Accommodate Line-Rate Bursts?

10-GE Linecard Example

Total Per-Port Buffer: 90 MB

Total Per-Queue Buffer*: 11.25 MB

Gbps Line Rate: 10 Gbps = 1.25 GB/s

or 1250 KB/ms

Total Per-Queue Buffering Capacity: 9.0 ms

*Assuming (8) equal-sized queues

ms

0

200

400

600

800

1000

1200

1400

10

50

90

13

0

17

0

21

0

25

0

29

0

33

0

37

0

41

0

45

0

49

0

53

0

57

0

61

0

65

0

69

0

73

0

77

0

81

0

85

0

89

0

93

0

97

0

10 GE Linecard Example (WS-X6908)

1 second

Begin dropping at 9 msbut overall utilization is still only 1%!

BRKCRS-2501 12


Oversubscription in the Campus GE Link

10GE Link

40GE Link

BRKCRS-2501BRKCRS-2501 13


Oversubscription in the Campus

x 11

GE Link

10GE Link

40GE Link

BRKCRS-2501 14



10GE Link

40GE Link

BRKCRS-2501 15



10GE Link

40GE Link

BRKCRS-2501 16


Know Your Tools

• Catalyst and Nexus switch hardware

• Software and Syntax

• Global Default QoS Settings

• Trust States and Conditional Trust

• Logical vs. Physical Interface QoS

• Network Based Application Recognition (NBAR2)

• Domain Name System—Authoritative Source (DNS-AS)

• Ingress and Egress Queuing Models

BRKCRS-2501 17


Hardware Varies

Economy

Utility

Performance

BRKCRS-2501 18


Software and Syntax Variations

• Catalyst 2960-X / 3560-X / 3750-X are the last platforms to use Multilayer Switch QoS (MLS QoS)

• QoS is disabled by default and must be globally enabled with mls qos command

• Once enabled, all ports are set to an untrusted port-state

• Catalyst 3650/3850, Catalyst 9000, and Catalyst 4500 use IOS Modular QoS Command Line Interface (MQC)

• QoS is enabled by default

• All ports are trusted at layer 2 and layer 3 by default

• Catalyst 6500/6800 use Cisco Common Classification Policy Language (C3PL) QoS

• QoS is enabled by default (Sup2T & Sup6T) – Disabled by default (Sup720)


• C3PL presents queuing policies similar to MQC, but as a defined “type” of policy

• Nexus 7000/7700 use NX-OS QoS

• QoS is enabled by default


• NX-OS presents queuing policies similar to MQC, but as a defined “type” and with default class-map names

BRKCRS-2501 19


Untrusted / User-Administered Devicesno mls qos trust

Trusted Centrally-Administered Devicesmls qos trust dscp

Centrally-Administered &

Conditionally-Trusted Devicesmls qos trust device

• cisco-phone

• cts

• ip-camera

• media-player

Trust Boundary

Trust Boundaries

Trust Boundary

Trust Boundary

The trust boundary is the edge where

• Layer 2 (CoS / UP) and/or

• Layer 3 (DSCP)

markings are accepted or rejected

BRKCRS-2501 20


Conditional TrustTrust Boundary Extension to Cisco Devices

If a Cisco IP Phone is detected then the trust boundary extends to the IP Phone

The IP Phone sets CoS for Voice and Signaling and resets all else to 0

The access switch maps CoS-to-DSCP

Trust Boundary

* Non-Default Mapping

Access Switch CoS-to-DSCP

Mapping Table

CoS 7 DSCP CS7 (56)

CoS 6 DSCP CS6 (48)

CoS 5 DSCP EF (46)*

CoS 4 DSCP CS4 (32)

CoS 3 DSCP CS3 (24)

CoS 2 DSCP CS2 (16)

CoS 1 DSCP CS1 (8)

CoS 0 DSCP DF (0)

IP Phone

CoS Mapping Table

CoS 6-7 CoS 0

Voice CoS 5

Signaling CoS 3

CoS 0-4 CoS 0

BRKCRS-2501 21


Policy Enforcement Points (PEPs)

• The Policy Enforcement Point (PEP) is the edge where classification and marking policies are enforced

• The PEP may or may not be the same as the trust boundary

• Multiple PEPs may exist for different types of network devices

• e.g. switch PEP vs. router PEP

Trust Boundary

Router

PEP

Switch

PEP

Note: For the sake of simplification, in this deck PEP will refer to

classification and marking policy enforcement points (only)

and will not include other policy enforcement points (e.g. queuing).

BRKCRS-2501 22


Policy map is applied to the

physical switch port

VLAN 10 VLAN 20

Physical Ports

VLAN Interfaces

Policy map is applied to the

logical VLAN interface

Per-Port QoSPer-VLAN QoS

VLAN 10 VLAN 20

Physical Ports

VLAN Interfaces

Per-Port QoS vs. Per-VLAN QoS

interface gig 1/1-48

service-policy input MARKING

interface gig 1/1-48

mls qos vlan-based

interface Vlan 10

service-policy input MARKING

BRKCRS-2501 23


DVLAN 10

DVLAN policy map is applied

to the Data VLAN (only)

on a given trunked switch port

VVLAN 110

Trunked Physical Ports

VLAN Interfaces

VVLAN policy map is applied

to the Voice VLAN (only)

on a given trunked switch port

Campus QoS Design ConsiderationsPer-Port/Per-VLAN QoS

BRKCRS-2501 24


NBAR in Hardware—Yesterday

• Cisco Catalyst 6500 Sup32 Programmable Intelligent Services Accelerator (PISA)—Jan 2007

• Supported 90+ protocols

• Maximum Throughput: 2 Gbps

• MSRP ~$30K

BRKCRS-2501 25


NBAR2 in Hardware—Today

• UADP-based platforms:

• Catalyst 3650

• Catalyst 3850

• Catalyst 9000-series (UADP 2.0)

• Supported 1400+ protocols

• Maximum Throughput (Catalyst 3850 / 3650):

• ~500 connections per second

• Up to 5,000 bi-directional flows (24 access ports)

• Up to 10,000 bi-directional flows (48 access ports)

• MSRP (beginning at) ~$3K

1400% increase

90% decrease

BRKCRS-2501 26


DNS-Authoritative Source (DNS-AS)

• Application visibility end-to-end in the network

• Light-weight application detection process

• A scalable means of identifying encrypted & cloud applications

• An efficient means to distribute application metadata

• No client software requirement

• Simplified end-to-end policy enforcement

What is DNS-AS?

BRKCRS-2501 27


Internal

Network

DNS-AS Operation

1) Client requests a DNS Lookup

2) Access Switch examines the DNS request

3) Internal DNS Server returns a DNS response (A-Record)

4) Access Switch requests application metadata information by generating its own DNS query

5) Internal DNS Server returns application metadata (A-Record + TXT Record)

6) Access Switch maintains a Binding Table of application metadata

DNS Server App

Server

DNS Lookup:

mail.timco.com

DNS A-Record:

mail.timco.com is 172.16.0.7

DNS Lookup + TXT Record Request:

mail.timco.com

TXT Record:

172.16.0.7

mail.timco.com

App ID = 378

App Class: BULK-DATA

Business Relevance: YES

IP Address PTR App-ID App-Class Business-

Relevance

172.16.0.7 mail.timco.com 378 Bulk Data YES

BRKCRS-2501 28


1T

Catalyst Hardware Queuing1P3Q1T Example

1 Priority Queue

3 Non-Priority

Queues

1P3Q

Each queue has 1 Drop Threshold

(the tail of the queue)

BRKCRS-2501 30



BRKCRS-2501 31



Interrupt

Scheduling

BRKCRS-2501 31



Resume

Scheduling

BRKCRS-2501 31


Weighted Tail Drop (WTD) Operation3T WTD Example

Red Minimum WTD Threshold 1:

Begin tail dropping red packets

Yellow Minimum WTD Threshold 2:

Begin tail dropping yellow packets

Tail of Queue is WTD Threshold 3

Front

of

Queue

Tail

of

Queue

Direction

of

Packet

Flow

BRKCRS-2501 34


Weighted Random Early Detect (WRED) Operation4T WRED Example

AF13 Minimum WRED Threshold:

Begin randomly dropping AF13 Packets





Maximum WRED Thresholds for AF11, AF12 and AF13 are set to the tail of the queue in this example

Front

of

Queue

Tail

of

Queue

Direction

of

Packet

Flow

BRKCRS-2501 35


EtherChannel QoS

• EtherChannels are comprised of logical (Port-Channel) interfaces and physical (port-member) interfaces

• Ingress QoS policies are usually applied to the logical interfaces (but not always)

• Egress QoS policies (such as queuing) are usually applied to the physical port-member interfaces (but not always)

Platform QoS Policies Applied to the

(Logical) Port-Channel

Interface

QoS Policies Applied to the

(Physical) Port-Member

Interfaces

Catalyst 2960-X Ingress & Egress

Catalyst 3650/3850/9000 Ingress & Egress

Catalyst 4500 Ingress Egress

Catalyst 6500 Ingress Egress

Cisco Nexus 7000/7700 Ingress & Egress

BRKCRS-2501 36


Campus QoS Design Best Practices

• Always perform QoS in hardware rather than software when a choice exists

• Classify and mark applications as close to their sources as technically and administratively feasible

• Police unwanted traffic flows as close to their sources as possible

• Enable queuing policies at every node where the potential for congestion exists

BRKCRS-2501 37


Campus Port QoS Roles Untrusted Endpoint:

• Port Set to Untrusted State

(or Explicit Policy to Mark to DSCP 0)

• [Optional Ingress Marking and/or Policing]

• [Ingress and] Egress Queuing

Conditionally-Trusted Endpoint

• Conditional-Trust with Trust-CoS or DSCP

• [Optional Ingress Marking and/or Policing]


Trusted Port

• Trust DSCP

(Default on all non-MLS QoS platforms)


BRKCRS-2501 38


Campus QoS Design—At-A-Glance


BRKCRS-2501 39



• Cisco Catalyst 3650/3850/9000 QoS Design










Agenda

Cisco Catalyst 2960-XQoS Design


Catalyst 2960-XQoS Roles in the Campus Access

No Trust +

Ingress Queuing +

Egress Queuing

Trust DSCP +

Ingress Queuing +

Egress Queuing

Conditional Trust +

Ingress Queuing +

Egress Queuing

Classification/Marking +

[Optional Policing] +

Ingress Queuing +

Egress Queuing

Distribution

Switches

C2960-X

Access

Switch

BRKCRS-2501 42


Catalyst 2960-X

1. Enable QoS

2. Configure Ingress QoS Model(s):

Trust Models

Conditional Trust Model

Service Policy Models

3. Configure Egress Queuing

QoS Design StepsNote: Catalyst 2960-X is QoS compatible with the Catalyst 3560-X & 3750-X, with the following exceptions:

• The Catalyst 3560-X & 3750-X support ingress queuing policies, but the 2960-X does not.

• Similarly, the Catalyst 3560-X & 3750-X support VLAN-based QoS policies, but the 2960-X does not.

Note: Catalyst 2960-X must be running a LAN Base image to support the following QoSfeatures

• Policy maps

• Policing & marking

• Mapping tables

• Weighted Tail Drop (WTD)

BRKCRS-2501 43


Catalyst 2960-XEnabling QoS and Trust Models

mls qos trust dscp

Trust-DSCP Model Example:

mls qos trust device cisco-phone [or]

mls qos trust device cts [or]

mls qos trust device ip-camera [or]

mls qos trust device media-player

Conditional-Trust Model Example:

mls qos

Enabling QoS:Shaded commands are global

Highlighted commands are interface specificmls qos trust cos

Trust-CoS Model Example:mls qos map cos-dscp 0 8 16 24 32 46 48 56 Key commands/parameters in RED

Note: CoS 5 which is explicitly mapped to DSCP 46

Note: Only one type of device may be configured at a time

BRKCRS-2501 44


mls qos trust device cisco-phone

mls qos trust cos

Catalyst 2960-XConditional Trust Model Example

Conditional Trust Policy to a Cisco IP Phone:mls qos map cos-dscp 0 8 16 24 32 46 48 56

Note: All CoS-to-DSCP values are left at default

(DSCP = CoS * 8)

Except for CoS 5 which is explicitly mapped to DSCP 46

(Expedite Forwarding/EF, per RFC 3246 & 4594). CoS must be

matched as Cisco IP

Phones only remark

at Layer 2

BRKCRS-2501 45


policy-map MARKING-POLICY

class VOIP

set dscp ef

class MULTIMEDIA-CONFERENCING

set dscp af41

class SIGNALING

set dscp cs3

class TRANSACTIONAL-DATA

set dscp af21

class BULK-DATA

set dscp af11

class SCAVENGER

set dscp cs1

class class-default

set dscp default

Catalyst 2960-XMarking Policy Model Example – Policy-Map & Class-Maps

service-policy input MARKING-POLICY

class-map match-all VOIP

match access-group name VOIP

class-map match-all MULTIMEDIA-CONFERENCING

match access-group name MULTIMEDIA-CONFERENCING

class-map match-all SIGNALING

match access-group name SIGNALING

class-map match-all TRANSACTIONAL-DATA

match access-group name TRANSACTIONAL-DATA

class-map match-all BULK-DATA

match access-group name BULK-DATA

class-map match-all SCAVENGER

match access-group name SCAVENGER

BRKCRS-2501 46


Catalyst 2960-XMarking Policy Model Example – Access Control List

ip access-list extended SIGNALING

remark sccp

permit tcp any any eq 2000



remark rtsp



remark sip


permit udp any any eq 5060

remark sip-tls


permit udp any any eq 5061

!

BRKCRS-2501 47


mls qos map policed-dscp 0 10 18 to 8

[class-maps omitted for brevity]

policy-map MARKING&POLICING

class VVLAN-VOIP

set dscp ef

police 128k 8000 exceed-action drop

class VVLAN-SIGNALING

set dscp cs3



set dscp af41

police 5m 8000 exceed-action drop

class SIGNALING

set dscp cs3



set dscp af21

police 10m 8000 exceed-action policed-dscp-transmit

…

Catalyst 2960-XMarking & Policing Policy Example

service-policy input MARKING&POLICING

[continued]

class BULK-DATA

set dscp af11


class SCAVENGER

set dscp cs1

police 10m 8000 exceed-action drop

class DEFAULT

set dscp default


Note: Remarking is performed by configuring a

policed-DSCP map with the global configuration

command mls qos map policed-dscp, which

specifies which DSCP values are subject to

remarking if out-of-profile and what value these

should be remarked as.

In this example exceeding:

• Best Effort (DSCP 0)

• Bulk (AF11 / DSCP 10)

• Transactional Data (AF21 / DSCP 18)

are remarked to Scavenger (CS1 / DSCP 8).

BRKCRS-2501 48


Catalyst 2960-X1P3Q3T Egress Queuing Model

Network Management

Signaling

Realtime Interactive

Transactional Data

Multimedia Conferencing

Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF

Multimedia Streaming AF3

Broadcast Video

VoIP

Application

CS5

EF

Internetwork Control CS6

DSCP

Network Control (CS7)

Q1

Priority Queue

Queue 4

(5%)

Queue 2

(30%)

Default Queue

Queue 3 (35%)

Q2T3

Q2T2

Q4T2

Q4T1

Q2T1

CS6

CS7

EF

CS4

CS3

CS2

DF

CS1

AF1

AF4

AF3

AF2

1P3Q3T

CS5

BRKCRS-2501 49


! This section configures egress buffers and thresholds

mls qos queue-set output 1 buffers 15 30 35 20

mls qos queue-set output 1 threshold 1 100 100 100 100




! This section configures egress CoS-to-Queue mappings

mls qos srr-queue output cos-map queue 1 threshold 3 4 5

mls qos srr-queue output cos-map queue 2 threshold 1 2


mls qos srr-queue output cos-map queue 2 threshold 3 6 7



Catalyst 2960-X1P3Q3T Egress Queuing Model Config—Part 1 of 2

Note: The Catalyst 2960-X can also be configured to use an 8-queue model; however this model is NOT supported in a stack, nor is it supported if AutoQoS is enabled.

Allocates buffers to Q1, Q2, Q3 and Q4

(respectively)

Each queue has 4 thresholds:

• WTD Threshold 1

• WTD Threshold 2

• Reserved Threshold—buffers that may NOT

be shared with adjacent port-queues

• Maximum Threshold—maximum amount of

buffers may be borrowed from common buffer

pools (if available)

If the packet enters the switch on a port that is set

to trust cos then these CoS-to-Queue mappings

will be used to determine how the packet is

queued on egress

BRKCRS-2501 50


Catalyst 2960-X1P3Q3T Egress Queuing Model Config—Part 2 of 2

! This section configures egress DSCP-to-Queue mappings

mls qos srr-queue output dscp-map queue 1 threshold 3 32 40 46

mls qos srr-queue output dscp-map queue 2 threshold 1 16 18 20 22

mls qos srr-queue output dscp-map queue 2 threshold 1 26 28 30 34 36 38

mls qos srr-queue output dscp-map queue 2 threshold 2 24

mls qos srr-queue output dscp-map queue 2 threshold 3 48 56



mls qos srr-queue output dscp-map queue 4 threshold 2 10 12 14

! This section configures interface egress queuing parameters

queue-set 1

srr-queue bandwidth share 1 30 35 5

priority-queue out

If the packet enters the switch on a port

that is set to trust dscp then these

DSCP-to-Queue mappings will be used to

determine how the packet is queued on

egress

Enables the PQ Allocates bandwidth to each queue by means of a WRR weight.

Q1 weight is ignored, as it’s operating as a PQ

BRKCRS-2501 51



(Logical) Port-Channel Interface


(Physical) Port-Member Interfaces

Catalyst 2960/3560/3750 Classification & Marking (Ingress)

and Queuing (Egress)

All QoS policies are configured on the physical port-member interfaces only

Catalyst 2960-XEtherChannel QoS Design

BRKCRS-2501 52


Catalyst 2960-X QoS Design At-A-Glance


BRKCRS-2501 53



Catalyst 3560-X/3750-X QoS Design At-A-Glance


BRKCRS-2501 54














Agenda

Cisco Catalyst 3650/3850/9000 QoS Design


Catalyst 3650/3850/9300QoS Roles in the Campus Access

No Trust +

Egress Queuing

Trust DSCP +

Egress Queuing

Conditional Trust +

Egress Queuing

Classification/Marking +

[Optional Policing] +

Egress Queuing

Distribution

Switches

Catalyst

3650/3850/9300

Access Switch

BRKCRS-2501 57


Catalyst 9400 and 9500QoS Roles in the Campus Core and/or Distribution

Trust DSCP

+ Egress Queuing

Cisco Catalyst 9500

Campus Core Switches

Cisco Catalyst 9400

Campus Distribution Switches

BRKCRS-2501 58


Catalyst 3650/3850/9000


Trust DSCP / CoS Model (Default)

Conditional Trust Models



Wired Queuing Models: 2P6Q3T

QoS Design Steps

BRKCRS-2501 59


interface GigabitEthernet 1/0/1

trust device cisco-phone

service-policy input CISCO-IPPHONE

Catalyst 3650/3850/9000Conditional Trust Models

class-map match-any VOICE

match cos 5

class-map match-any SIGNALING

match cos 3

policy-map CISCO-IPPHONE

class VOICE

set dscp ef

class SIGNALING

set dscp cs3

class class-default

set dscp default



[or]

trust device cts

[or]

trust device ip-camera

[or]

trust device media-player

Conditional-Trust Models: Cisco IP Phone Conditional Trust ExampleConditional-Trust (Cisco IP Phone) Example:

Only one type of device can be configured for

conditional trust on an interface at a given time

BRKCRS-2501 60





Catalyst 3650/3850/9000Conditional Trust Models


match cos 5

class-map match-any SIGNALING

match cos 3


class VOICE

set dscp ef

class SIGNALING

set dscp cs3

class class-default

set dscp default



[or]

trust device cts

[or]

trust device ip-camera

[or]

trust device media-player

Conditional-Trust Models: Cisco IP Phone Conditional Trust ExampleConditional-Trust (Cisco IP Phone) Example:

As of IOS XE 16.5.1 match-all is supported on Catalyst 3850/3650

Both match-any and match-all are supported on Catalyst 9000 Series

Only one type of device can be configured for

conditional trust on an interface at a given time

CoS must be

matched as Cisco

IP Phones only

remark at Layer 2

CoS must be

matched as Cisco

IP Phones only

remark at Layer 2

BRKCRS-2501 60


Catalyst 3650/3850/9000

• ACL-based classification: match access-group ACL_NAME

• Syntax is identical to Catalyst 2K ACL-based classification & marking examples

• NBAR2 classification (Catalyst 3850/3650 IOS XE 16.3+ and Catalyst 9000): match protocol APPLICATION

Classification Options

BRKCRS-2501 62


Catalyst 3650/3850/9000Configuring NBAR2 QoS Policies


match protocol cisco-phone

match protocol cisco-jabber-audio

match protocol ms-lync-audio

match protocol citrix-audio

class-map match-any BROADCAST-VIDEO

match protocol cisco-ip-camera

class-map match-any REAL-TIME-INTERACTIVE

match protocol telepresence-media

class-map match-any CALL-SIGNALING

match protocol skinny

match protocol telepresence-control

class-map match-any TRANSACTIONAL-DATA

match protocol citrix

match protocol sap

…

policy-map NBAR-MARKING

class VOICE

set dscp ef

class BROADCAST-VIDEO

set dscp cs5

class REAL-TIME-INTERACTIVE

set dscp cs4

class CALL-SIGNALING

set dscp cs3


set dscp af21

class BULK-DATA

set dscp af11

class SCAVENGER

set dscp cs1

class class-default

set dscp default

match protocol enables NBAR2 classification

Note: Up to 16 match protocol statements are

supported per class-map and up to 255 match

protocol statements in all policies.

Requires IOS XE 16.3+ on Catalyst 3850/3650 for Wired Ports

BRKCRS-2501 63


Holy Grail QoS Configuration: NBAR2 1400+ App / 12-Class Model

BRKCRS-2501 64


Holy Grail QoS Configuration: NBAR2 1400+ App / 12-Class Modelclass-map match-all VOICE

match protocol attribute traffic-class voip-telephony

match protocol attribute business-relevance business-relevant

class-map match-all BROADCAST-VIDEO

match protocol attribute traffic-class broadcast-video


class-map match-all REAL-TIME-INTERACTIVE

match protocol attribute traffic-class real-time-interactive



match protocol attribute traffic-class multimedia-conferencing


class-map match-all MULTIMEDIA-STREAMING

match protocol attribute traffic-class multimedia-streaming



match protocol attribute traffic-class signaling


class-map match-all NETWORK-CONTROL

match protocol attribute traffic-class network-control


class-map match-all NETWORK-MANAGEMENT

match protocol attribute traffic-class ops-admin-mgmt



match protocol attribute traffic-class transactional-data



match protocol attribute traffic-class bulk-data



match protocol attribute business-relevance business-irrelevant

policy-map MARKING

class VOICE

set dscp ef


set dscp cs5


set dscp cs4


set dscp af41

class MULTIMEDIA-STREAMING

set dscp af31

class SIGNALING

set dscp cs3

class NETWORK-CONTROL

set dscp cs6

class NETWORK-MANAGEMENT

set dscp cs2


set dscp af21

class BULK-DATA

set dscp af11

class SCAVENGER

set dscp cs1

class class-default

set dscp default

BRKCRS-2501 64


Holy Grail QoS Configuration: NBAR2 1400+ App / 12-Class Modelclass-map match-all VOICE
































policy-map MARKING

class VOICE

set dscp ef


set dscp cs5


set dscp cs4


set dscp af41


set dscp af31

class SIGNALING

set dscp cs3


set dscp cs6


set dscp cs2


set dscp af21

class BULK-DATA

set dscp af11

class SCAVENGER

set dscp cs1

class class-default

set dscp default

Already supported on IOS/IOS XE Routers

Coming soon for Catalyst 3650/3850/9000

BRKCRS-2501 64


Catalyst 3650/3850/9000Marking & Policing Policy Example


class VVLAN-VOIP

set dscp ef

police 128K conform-action transmit exceed-action drop

class VVLAN-SIGNALING

set dscp cs3



set dscp af41

police 5M conform-action transmit exceed-action drop

class SIGNALING

set dscp cs3


…

[continued]


set dscp af21

police 10M conform-action transmit exceed-action set-dscp-transmit dscp table TABLE-MAP

class BULK-DATA

set dscp af11

police 100K conform-action transmit exceed-action set-dscp-transmit dscp table TABLE-MAP

class SCAVENGER

set dscp cs1

police 10M conform-action transmit exceed-action drop

class class-default

set dscp default

police 10M conform-action transmit exceed-action set-dscp-transmit dscp table TABLE-MAP

table-map TABLE-MAP

map from 0 to 8

map from 10 to 8

map from 18 to 8

Policers can may be

set to either remark or

drop excess traffic

Policing to remark traffic

is done by referencing

the previously-configured

table-map

All markdown and/or

mapping operations

are configured

through table-maps

BRKCRS-2501 67



service-policy input VLAN-POLICERS

Catalyst 3650/3850/9000Per-Port/Per-VLAN Policy

class-map VVLAN

match vlan 110

class-map DVLAN

match vlan 10

policy-map VLAN-POLICERS

class VVLAN

police 192000 conform-action transmit exceed-action drop

class DVLAN

police 50000000 conform-action transmit exceed-action drop

Individual (trunked) VLANs are

matched by the match vlan command

Individual (trunked) VLANs are

matched by the match vlan command

Policers are

applied on

a per-VLAN

basis

Policers are

applied on a

Per-VLAN basis

Per-VLAN policers are then applied on a Per-Port basis

BRKCRS-2501 68



PQ1

PQ2

BRKCRS-2501 69


Interrupt

Scheduling


PQ1

PQ2

BRKCRS-2501 69


Interrupt

Scheduling

Interrupt

Scheduling


PQ1

PQ2

BRKCRS-2501 69


Catalyst 3650/3850/90002P6Q3T with Weighted Tail Drop (WTD) Wired Port Egress Queuing Model

BWR =

Bandwidth

Remaining

WTD =

Weighted

Tail

Drop

PQ Level 2 (20%)

Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application

CS5

EF


DSCP


2P6Q3T

PQ Level 1 (10%)EF

CS5

CS4

Q6

(BWR 10%)

CS7 & CS6

CS3 & CS2

Q5

(BWR 10% + WTD)

Q4

(BWR 10% + DSCP-Based WTD)

Q3


Q2


Q1 (BWR 25%)DF

AF1

CS1

AF2

AF3

AF4

BRKCRS-2501 73


class-map match-any VOICE-PQ1

match dscp ef

class-map match-any VIDEO-PQ2

match dscp cs4

match dscp cs5

class-map match-any CONTROL-MGMT-QUEUE

match dscp cs7 cs6 cs3 cs2

class-map match-any MULTIMEDIA-CONFERENCING-QUEUE

match dscp af41 af42 af43

class-map match-any MULTIMEDIA-STREAMING-QUEUE


class-map match-any TRANSACTIONAL-DATA-QUEUE


class-map match-any SCAVENGER-BULK-DATA-QUEUE

match dscp cs1 af11 af12 af13

Catalyst 3650/3850/90002P6Q3T+WTD Wired Port Egress Queuing Config – Part 1of 2

BRKCRS-2501 74


policy-map 2P6Q3T

class VOICE-PQ1

priority level 1

police rate percent 10

class VIDEO-PQ2

priority level 2

police rate percent 20

class CONTROL-MGMT-QUEUE

bandwidth remaining percent 10

queue-buffers ratio 10

class MULTIMEDIA-CONFERENCING-QUEUE



queue-limit dscp af43 percent 80


…

interface range GigabitEthernet 1/0/1-48

service-policy output 2P6Q3T

[continued]

class MULTIMEDIA-STREAMING-QUEUE





class TRANSACTIONAL-DATA-QUEUE





class SCAVENGER-BULK-DATA-QUEUE



queue-limit dscp values af13 cs1 percent 80

queue-limit dscp values af12 percent 90

class class-default



Two-levels of priority

queuing are supported

Two-levels of priority

queuing are supportedAllocates

buffers to

queues

Tunes

WTD to

align to an

AF PHB

Catalyst 3650/3850/90002P6Q3T+WTD Wired Port Egress Queuing Config – Part 2 of 2

If a PQ is enabled then

non-PQs must use

bandwidth remaining

BRKCRS-2501 75


policy-map 50MBPS-SHAPER

class class-default

shape average 50000000

service-policy 2P6Q3T

Catalyst 3650/3850/9000Hierarchical QoS Policies—Queuing within Shaped Rate Example


service-policy output 50MBPS-SHAPER

Defines the sub-line rate (CIR)

Provides back-pressure to the system to

engage the (previously-defined) queuing

policy, so that packets are properly

prioritized within the sub-line rate

Only the Hierarchical Shaping policy is

attached to the interface(s)

BRKCRS-2501 76


Catalyst 3650/3850/9000

• All QoS policies are configured on the physical port-member interfaces only

EtherChannel QoS Design





Catalyst 3850 / 3650 /

9000

Classification & Marking (Ingress)

and Queuing (Egress)

BRKCRS-2501 77


Catalyst 3650/3850 QoS Design—At-A-Glance


BRKCRS-2501 78



NBAR QoS Attributes AAG


BRKCRS-2501 79














Agenda

Cisco Catalyst 4500 QoS Design


Catalyst 4500QoS Roles in the Campus Distribution

Trust DSCP +

Egress Queuing

Core Switches

Access

Switches Catalyst 4500

Distribution

Switches

BRKCRS-2501 82


Catalyst 4500


DSCP-Trust Model*

Conditional Trust Model



QoS Design Steps

*Note: Catalyst 4500 uses IOS MQC, which trusts by default;

therefore no explicit policy is required for DSCP trust

BRKCRS-2501 83


interface GigabitEthernet 3/1

qos trust device cisco-phone


Catalyst 4500Conditional Trust Example

class-map match-all VOICE

match cos 5


match cos 3


class VOICE

set dscp ef

class SIGNALING

set dscp cs3

class class-default

set dscp default

Catalyst 4500 supports both match-all (logical AND)

and match-any (logical OR) operators

Conditional trust command (trust device) must be

prefaced by qos on the Catalyst 4500

BRKCRS-2501 84


Catalyst 4500

• ACL-based classification: match access-group ACL_NAME

• Syntax is identical to Catalyst 2K ACL-based classification & marking examples

• DNS-AS classification (IOS 15.2(5)E / IOS XE 3.9.0E) match protocol attribute

• Note: The Catalyst 4500 does NOT support NBAR2

Classification Options

BRKCRS-2501 85


!

avc dns-as client enable

!

avc dns-as client trusted-domains

domain ^.*f1.*$

domain ^.*cisco.*$

domain *.toocoolforyou.net

domain *.sontowski.de

domain *.pension-solutions.de

domain *.bav-spezialist.de

domain *.sontowski-immobilien.de

domain *.pegasus-cp.de

domain *.via-vorsorge.de

domain *.blackberry.net

domain *.eu.blackberry.net

domain *.evorsorge.de

domain *.dns-as.org

domain *.nbar2web.org

domain *.f1-consult.com

domain *.f1-consult.de

domain *.f1-online.net

domain *.f1v4.net

domain *.f1v6.net

Catalyst 4500DNS-AS Classification & Marking Policy Example (Part 1 of 2)

IOS 15.2(5)E

IOS XE 3.9.0E

ip domain round-robin

ip domain-list toocoolforyou.net

ip domain-lookup source-interface Loopback0

ip domain-name toocoolforyou.net

ip name-server 192.168.167.244

ip name-server 192.168.168.244

Enables DNS-AS

Identifies domains from which metadata may be

received and trusted for policy-purposes

Configures basic DNS lookup-info

BRKRST-3004 - DNS-AS - Using DNS as a Source of Metadata to Identify your Applications for QoS


BRKCRS-2501 86



class-map match-all VOICE
































policy-map MARKING

class VOICE

set dscp ef


set dscp cs5


set dscp cs4


set dscp af41


set dscp af31

class SIGNALING

set dscp cs3


set dscp cs6


set dscp cs2


set dscp af21

class BULK-DATA

set dscp af11

class SCAVENGER

set dscp cs1

class class-default

set dscp default

IOS 15.2(5)E

IOS XE 3.9.0ESame ‘Holy Grail’ classification policy as on other router/switch platforms

Catalyst 4500 DNS-AS Classification & Marking Example (Part 2 of 2)

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwi9te3_r-DNAhWGgj4KHRGJCD0QjRwIBw&url=http://www.intriguing.com/mp/holygrail.php&bvm=bv.126130881,d.dmo&psig=AFQjCNHbbVjnLT9f0OO-kxGekIiVSjXojg&ust=1467947226684475



class VOIP

police 128k bc 8000

conform-action set-dscp-transmit ef

exceed-action drop

class SIGNALING

police 32k bc 8000

conform-action set-dscp-transmit cs3

exceed-action drop


police 5m bc 8000

conform-action set-dscp-transmit af41

exceed-action set-dscp-transmit af42


police 10m bc 8000



Catalyst 4500Marking & Policing Policy Example

interface GigabitEthernet 3/1

service-policy input MARKING&POLICING

class BULK-DATA

police 10m bc 8000



class SCAVENGER

police 10m bc 8000

conform-action set-dscp-transmit cs1

exceed-action drop

class class-default

police 10m bc 8000

conform-action set-dscp-transmit default

exceed-action set-dscp-transmit cs1

Marking/remarking is configured as part of the policing action

(i.e. no table-map or markdown-map is referenced)

BRKCRS-2501 88


interface range GigabitEthernet 2/1-48

qos trust device cisco-phone

vlan 10

service-policy input DVLAN-POLICERS

vlan 110

service-policy input VVLAN-POLICERS

Catalyst 4500Per-Port/Per-VLAN QoS Policy Example

Per-Port/Per-VLAN policies can be applied to

a specific VLAN on a trunked interface via an

interface-VLAN configuration mode

Per-Port/Per-VLAN policies can be applied to

a specific VLAN on a trunked interface

via an interface-VLAN configuration mode

BRKCRS-2501 89


Catalyst 45001P7Q1T+Dynamic Buffer Limiting (DBL) Egress Queuing Model

Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application

CS5

EF


DSCP


1P7Q1T (+DBL)

PQ

EF

CS5

CS4

Q7

(BWR 10%)

CS7 & CS6

CS3 & CS2

Q6

(BWR 10%)

Q5

(BWR 10%)

Q4

(BWR 10%)

Q3

(BWR 4%)

Q2 (BWR 1%)

Q1 (25%)DF

AF1

CS1

AF2

AF3

AF4

BWR =

Bandwidth

Remaining

BRKCRS-2501 90


policy-map 1P7Q1T

class PRIORITY-QUEUE

priority









dbl

class BULK-DATA-QUEUE


dbl

class SCAVENGER-QUEUE


class class-default


dbl

class-map match-all PRIORITY-QUEUE

match dscp cs4 cs5 ef

class-map match-all CONTROL-MGMT-QUEUE


class-map match-all MULTIMEDIA-CONFERENCING-QUEUE


class-map match-all MULTIMEDIA-STREAMING-QUEUE


class-map match-all TRANSACTIONAL-DATA-QUEUE


class-map match-all BULK-DATA-QUEUE


class-map match-all SCAVENGER-QUEUE

match dscp cs1

Catalyst 45001P7Q1T+DBL Egress Queuing Config

service-policy output 1P7Q1T

Enables the PQ

If PQ is enabled then

bandwidth remaining

must be used

DBL can be enabled on a per-class basis, but

should not be enabled on the PQ or Control

traffic queues.

Enabling DBL on UDP-based queues and/or

Scavenger queue is optional

DBL can be enabled on a per-class basis, but

should not be enabled on the PQ or Control

traffic queues.

Enabling DBL on UDP-based queues and/or

Scavenger queue is optional

DBL can be enabled on a per-class basis,

but should not be enabled on the PQ or Control traffic queues

Enabling DBL on UDP-based queues and/or Scavenger queue

is optional

BRKCRS-2501 91


Catalyst 4500

• Classification & Marking (Ingress) QoS policies are configured on the logical Port-Channel interface

• Typically these are simply to enable DSCP trust (which requires no explicit configuration)

• Queuing (Egress) QoS policies are configured on the physical port-member interfaces




QoS Policies Applied to the (Physical)

Port-Member Interfaces

Catalyst 4500 Classification & Marking

(Ingress)

Queuing (Egress)

BRKCRS-2501 92


Catalyst 4500 Campus QoS Design At-A-Glance


BRKCRS-2501 93



DNS-AS At-A-Glance


BRKCRS-2501 94














Agenda

Cisco Catalyst 6500 & 6800QoS Design


Cisco Catalyst 6500/6800QoS Roles in the Campus Core

Trust DSCP

+ Ingress Queuing

+ Egress Queuing

Catalyst 6500/6800

Core Switches

BRKCRS-2501 97


Cisco Catalyst 6500/6800QoS Design Steps

1. Configure Ingress Queuing


Catalyst 6500 IOS C3PL trusts by default;


BRKCRS-2501 98


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


2P6Q4T

Voice-PQ1

(Priority Level 1)EF

Control/Mgmt Queue

(5% BWR)

CS6 & CS7

Multimedia-Streaming Queue

(20% BWR + DSCP-WRED)

Video-PQ2

(Priority Level 2)

Transactional Data Queue


Bulk Data Queue


Default Queue

(WRED)DF

AF1

CS1

AF2

AF3

AF4

Cisco Catalyst 6500/68002P6Q4T Ingress & Egress Queuing Models—DSCP-to-Queue

Ingress and Egress queuing models varies by line card/module.

Refer to the 6500/6800 QoSConfiguration Guide or data sheets to ensure that you use the proper queuing module for a given line card.

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/config_guide/sup2T/15_1_sy_swcg_2T/qos_policy_based_queueing.html

CS4

CS5

Multimedia-Conferencing Queue


CS2 & CS3

AF4

Additional Catalyst 6500-Sup2T/6T Queuing Models

are detailed in the Appendix

BRKCRS-2501 99

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/config_guide/sup2T/15_1_sy_swcg_2T/qos_policy_based_queueing.html


class-map type lan-queuing match-all VOICE-PQ1

match dscp ef

class-map type lan-queuing match-all VIDEO-PQ2

match dscp cs4 cs5

class-map type lan-queuing match-all CONTROL-MGMT-QUEUE


class-map type lan-queuing match-all MULTIMEDIA-CONFERENCING-QUEUE


class-map type lan-queuing match-all MULTIMEDIA-STREAMING-QUEUE


class-map type lan-queuing match-all TRANSACTIONAL-DATA-QUEUE


class-map type lan-queuing match-all SCAVENGER-BULK-DATA-QUEUE

match dscp cs1 af11 af12 af13

Cisco Catalyst 6500/6800—2P6Q4T ModelPart 1 of 3—Common Ingress & Egress Queuing Class-Maps

Unless specified otherwise, the

default C3PL class-map and

policy-map type is qos

(classification, marking, policing)

Class-maps and policy-maps

used for ingress and/or egress

queuing policies must be explicitly

configured as type lan-queuing

Note: A C3PL interface may support up to 4 QoS policies:• service-policy type qos input

• service-policy type qos output

• service-policy type lan-queuing input

• service-policy type lan-queuing output

BRKCRS-2501 100


Cisco Catalyst 6500/6800—2P6Q4T ModelPart 2 of 3—2P6Q4T Queuing Policy-Map

policy-map type lan-queuing 2P6Q4T

class VOICE-PQ1

priority level 1

class VIDEO-PQ2

priority level 2





random-detect dscp af41 percent 80 100








…

Policy-map must be defined as type lan-queuing

Enables egress Priority Queue 1 (highest level of service)

Enables egress Priority Queue 2 (can only be interrupted by PQ1)

Tunes WRED to better align

to the AF PHBTunes WRED to better align

to the AF PHB

bandwidth remaining is required

(as PQ is enabled)

BRKCRS-2501 101


Cisco Catalyst 6500/6800—2P6Q4T ModelPart 3 of 3—2P6Q4T Queuing Policy-Map (continued)[continued]



random-detect dscp-based




class BULK-DATA-QUEUE





random-detect dscp cs1 percent 50 100

class class-default


random-detect dscp default percent 80 100

service-policy type lan-queuing input 2P6Q4T

service-policy type lan-queuing output 2P6Q4T

type lan-queuing must also be

specified in the service-policy statement

BRKCRS-2501 102


Cisco Catalyst 6500/6800

• Classification & Marking (Ingress) QoS policies are configured on the logical Port-Channel interface

• No ingress policies typically needed for C6500/6800 EtherChannels

(as all ports trust DSCP & CoS by default)

• Queuing (Ingress & Egress) QoS policies are configured on the physical port-member interfaces






Catalyst 6500/6800 Classification & Marking

(Ingress)

Queuing (Ingress & Egress)

BRKCRS-2501 103


Cisco Catalyst 6500-Sup2T QoS Design At-A-Glance


BRKCRS-2501 104



Cisco Catalyst 6500-Sup720 QoS Design At-A-Glance


BRKCRS-2501 105




• Cisco Catalyst 3650/3850/9300/9500 QoS Design










Agenda

Cisco Nexus 7000/7700 QoS Design


Cisco Nexus 7000/7700QoS Roles in the Campus Core

Trust DSCP

+ Ingress Queuing

+ Egress Queuing

Cisco Nexus 7000/7700

Campus Core Switches

BRKCRS-2501 108


Cisco Nexus 7000/7700QoS Design Steps

1. Configure Ingress Queuing


NX-OS trusts by default;


BRKCRS-2501 109


8e-4q8q-in-q-default

Bandwidth 25%

Queue-Limit 30%

8e-4q8q-in-q4

Bandwidth 5%

Queue-Limit 30%

8e-4q8q-in-q3

Bandwidth 40%

Queue-Limit 30%

Cisco Nexus 7700 (F-Series)4Q1T Ingress Queuing (CoS-to-Queue) Model

8e-4q8q-in-q1

Bandwidth 30%

Queue-Limit 10%

Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application

CS5

EF


DSCP


4Q1T

CoS 5

CoS 7

CoS 6

CoS 2

CoS 4

CoS 1

DF

CoS 3

CoS 5

CoS 6

CoS

CoS 7

CoS 4

CoS 3

CoS 1

CoS 2

CoS 0

BRKCRS-2501 110


8e-4q8q-in-q1

Bandwidth 30%

Queue-Limit 10%

4Q1T

8e-4q8q-in-q-default

Bandwidth 25%

Queue-Limit 30%

8e-4q8q-in-q4

Bandwidth 5%

Queue-Limit 30%

8e-4q8q-in-q3

Bandwidth 40%

Queue-Limit 30%Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application

CS5

EF


DSCP


CS5

CS7CS6

AF4

CS3

CS1

CS2

DF

CS4

EF

AF3

AF1

AF2

Cisco Nexus 7700 (F-Series)4Q1T Ingress Queuing (DSCP-to-Queue) Model

BRKCRS-2501 111


class-map type queuing match-any 8e-4q8q-in-q1

match cos 5-7

no match dscp 40-63

match dscp 32, 40, 46, 48, 56


match cos 2-4

match dscp 16, 18, 20, 22

match dscp 24, 26, 28, 30

match dscp 34, 36, 38


match cos 1

match dscp 8, 10, 12, 14

class-map type queuing match-any 8e-4q8q-in-q-default

match cos 0

Cisco Nexus 7700 (F-Series)Part 1 of 2: 4Q1T-Ingress Queuing Class-Maps

Undesired default DSCP-to-

Ingress Queue mappings

need to be explicitly removed

NX-OS has (non-configurable)

system-defined names for

queuing class-maps

Similar to C3PL, NX-OS allows for

multiple types of QoS policies:

• type qos for classification,

marking and policing

• type queuing for ingress and

egress queuing

BRKCRS-2501 112


policy-map type queuing CAMPUS-F3-4Q1T-INGRESS

class type queuing 8e-4q8q-in-q1

bandwidth percent 30

queue-limit percent 10

class type queuing 8e-4q8q-in-q-default







bandwidth percent 5


interface Ethernet 1/1-24

service-policy type queuing input CAMPUS-F3-4Q1T-INGRESS

Cisco Nexus 7700 (F-Series)Part 2 of 2: 4Q1T-Ingress Queuing Policy-Map

Allocates buffers to queues

Used for Data Center Bridging

Exchange (DCBX) to advertise

QoS capabilities to any DCB-peers

Q2 is the Default Queue

BRKCRS-2501 113


8e-4q8q-out-q1

PQ-Shaped to 30%

8e-4q8q-out-q2

BWR 55%

8e-4q8q-out-q3

BWR 10%

8e-4q8q-out-q4

BWR 1%

8e-4q8q-out-q5

BWR 1%

8e-4q8q-out-q6

BWR 1%

8e-4q8q-out-q7

BWR 1%

8e-4q8q-out-q-default

BWR 31%

Cisco Nexus 7700 (F-Series)1P7Q1T Egress Queuing (CoS-to-Queue) Model

Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application

CS5

EF


DSCP


1P7Q1T

CoS 2

CoS 4

CoS 1

DF

CoS 3

CoS 5

CoS 6

CoS

CoS 7

CoS 5

CoS 7CoS 6

CoS 4

CoS 3

CoS 1

CoS 2

CoS 0

BRKCRS-2501 114


class-map type queuing match-any 8e-4q8q-out-q1

no match cos 0-7

match cos 5-7


no match cos 0-7

match cos 2-4


no match cos 0-7

match cos 1

Cisco Nexus 7700 (F-Series)Part 1 of 2: 1P7Q1T Egress Queuing Class-Maps

Note: Modifies the default

CoS-to-Queue mappings

BRKCRS-2501 115


policy-map type queuing APIC_EM-1P7Q1T-OUT

class type queuing 8e-4q8q-out-q1

priority level 1

shape average percent 30













class type queuing 8e-4q8q-out-q-default


Cisco Nexus 7700 (F-Series)Part 2 of 2: 1P7Q1T Egress Queuing Policy-Map

interface Ethernet 1/1-24

service-policy type queuing output CAMPUS-F3-1P3Q1T-EGRESS

Note: Queue-Limits

are not supported in

egress direction

Note: Indicates the

Priority Queue

BRKCRS-2501 116


Cisco Nexus 7700 QoS Design At-A-Glance


BRKCRS-2501 117













Agenda

Meraki MS Series Switch QoS Design


Meraki MS Series SwitchesQoS Roles in the Campus Access

No Trust

Ingress Classification/Marking

Trust DSCP

Egress Queuing

Distribution

Switches

Meraki MS

Series

Switches

QoS on Meraki switches is configured at the Network level, and applies to all switches in the Meraki Network

BRKCRS-2501 120


Meraki MS Series Switch QoSDSCP to CoS Map

• DSCP markings of incoming packets are mapped to one of the six configurable CoS queues on the switch for forwarding

• Multiple DSCP values can be mapped to the same CoS queue

• DSCP values do not have to be assigned to every CoS queue

Switch > Configure > Switch Settings

https://documentation.meraki.com/MS/Other_Topics/MS_Switch_Quality_of_Service_Defined

5

4

0

1

2

3

BRKCRS-2501 121

https://documentation.meraki.com/MS/Other_Topics/MS_Switch_Quality_of_Service_Defined


Meraki MS Series Switch QoS

• Each CoS queue is assigned a weight which determines the ratio of bandwidth assigned to the queue

• QoS guarantees a certain fraction of the uplink to each configured queue when the link is congested

• If a queue is not fully utilized, the bandwidth will be used by other queues

• Note: Meraki MS Series switches do not support strict priority queuing

BRKCRS-2501 122


Meraki MS Series Switch QoSDashboard QoS Rules for the Network

• Rules are user defined and processed from top to bottom

• A rule can apply to any combination of VLAN, protocol, source port, or destination port

• Each rule has one of the following actions – Trust or Set the DSCP marking

• As soon as the first QoS rule is added, the switch will trust DSCP markings on incoming packets that have a DSCP to CoS mappings. This rule is invisible and processed last.

• If an incoming packet has a DSCP marking set but no matching QoS rule or DSCP to CoS mapping, it will be placed in the default queue

BRKCRS-2501 123













Agenda

Campus WLAN QoS Design Considerations and Best Practices


The Case for Wireless QoS

• QoS is like a chain

• It’s only as strong as its weakest link

• The WLAN is one of the weakest links in enterprise QoS designs for three primary reasons:

1) Typical downshift in speed (and throughput)

2) Shift from full-duplex to half-duplex media

3) Shift from a dedicated media to a shared media

• WLAN QoS policies control both jitter and packet loss

BRKCRS-2501 126

http://www.google.ca/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&docid=kigp13Gz83g4NM&tbnid=qelMOY1wZJ4NPM:&ved=&url=http://stompoutmalaria.org/links/&ei=lvwUU6KvN-OW0QH-3oAg&bvm=bv.62286460,d.dmQ&psig=AFQjCNFEEZOLy0nmB0N7c8-2nQwZ9w1X_w&ust=1393970711376749


Wireless QoS-Specific Limitations

• No priority servicing

• No bandwidth guarantees

• Non-deterministic media access

• Only 4 levels of service

LAN QoS WLAN QoS

BRKCRS-2501 127

http://www.google.ca/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0CAcQjRw&url=http://www.autoinsuranceeasy123.com/four_way_stops.html&ei=BOloVZnEKsHksASc5oGwCQ&bvm=bv.94455598,d.cWc&psig=AFQjCNEghbRf6mAOOJOurSGURuRLIWHOSg&ust=1433025131981790


WLAN QoS Improvements Quantified

Application Original Metric Improved Metric Percentage

Improvement

Voice 15 ms max jitter 5 ms max jitter 300%

3.92 MOS

(Cellular Quality)

4.2 MOS

(Toll Quality)

Video 9 fps 14 fps 55%

Visual MOS:

Good

Visual MOS:

Excellent

Transactional Data 14 ms latency 2 ms latency 700%

http://www.cisco.com/en/US/prod/collateral/wireless/cisco_avc_application_improvement.pdf

BRKCRS-2501 128

http://www.cisco.com/en/US/prod/collateral/wireless/cisco_avc_application_improvement.pdf


Know Your Tools

• IEEE 802.11

• User Priorities (UP)

• Access Categories (AC)

• Arbitration Inter-frame Spacing (AIFS)

• Contention Windows (CW)

• Enhanced Distributed Coordination Function (EDCF)

• DSCPUP Mapping

• Trust Boundaries

• Policy-Enforcement Points

• Application Visibility and Control (AVC)

BRKCRS-2501 129


IEEE 802.11 User Priority (UP)

3 Bit Field allows for UP values 0-7

BRKCRS-2501 130


IEEE 802.11 UP Values and Access Categories

802.11

UP Value

802.11

Access Category

WMM

Designation

Cisco AireOS WLC

Designation

7 AC_VO Voice Platinum

6

5 AC_VI Video Gold

4

3 AC_BE Best Effort Silver

0

2 AC_BK Background Bronze

1

BRKCRS-2501 131


IEEE 802.11 Arbitration Inter-Frame Spacing (AIFS) and Contention Windows (CW)

Access

Category

AIFS

(Slot Times)

Voice 2

Video 2

Best Effort 3

Background 7

Access Category

CWmin

(Slot Times)

CWmax

(Slot Times)

Voice 3 7

Video 7 15

Best-Effort 15 1023

Background 15 1023

• Due to the nature of wireless as a shared media, a Congestion Avoidance algorithm (CSMA/CA) must be utilized

• Wireless senders have to wait a fixed amount of time (the AIFS)

• Wireless senders also have to wait a random amount of time (the Contention Window)

• AIFS and Contention Window timers vary by Access Category

BRKCRS-2501 132

http://www.google.ca/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0CAcQjRw&url=http://toplowridersites.com/four-way-stop-sign-rules/&ei=aqvwVK6pEczzoASSv4KACA&bvm=bv.87269000,d.cGU&psig=AFQjCNHz2cJH5qiZ7BiV_cHp_Yxj_LUCiQ&ust=1425145054017352


2+1=3

2+1=3

3+1=4

7+1=8

EDCF Operation

Voice

Video

Best Effort

Background

Round 1

Collision

2+3=5

2+7=9

3+15=18

7+15=22

2+2=4

2+1=3

3+15=18

7+15=22

Voice

Video

Best Effort

Background

Voice

Video

Best Effort

Background

Round 2 Round 3

Voice Video

BRKCRS-2501 133


3-Bit UP 6-Bit DSCP

UP

802.11 Frame

DSCP DSCP

CAPWAP Packet

DSCP DSCP

IP Packet

Downstream DSCP-to-UP Default Mapping

BRKCRS-2501 134


Default IETF DSCP to IEEE 802.11 UP MappingSub-Optimal QoS Design Example

Transactional Data

Voice

4-Class Enterprise Model

Based on IETF 4594

Best Effort

Signaling

Voice

Access

Category

Four-Class Wireless Model

Based on IEEE 802.11e

Best Effort

Access

Category

Video

Access

Category

Background

Access

Category

UP 7

UP 5

UP 3

UP 2

UP 6

UP 4

UP 0

UP 1

AF2

EF

DSCP

DF

CS3

BRKCRS-2501 136


Downstream DSCP-to-UP Mapping ModelRatified Cisco Consensus Model (June 2015)

IEEE 802.11 Model

Voice

Access

Category

Best Effort

Access

Category

Video

Access

Category

Background

Access

Category

UP 7

UP 5

UP 3

UP 2

UP 6

UP 4

UP 0

UP 1

OAM

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

Voice + DSCP-Admit

RFC 4594-Based Model

CS5

EF + 44


DSCP


• Provides distinction

between elastic and

inelastic video classes

• Aligns RFC 4594

recommendations into the

IEEE 802.11 model

• Requires several custom

DSCP-to-UP mappings

Remark /

Drop

if not in

use

BRKCRS-2501 137


6-Bit DSCP

DSCP

IP Packet

DSCP

CAPWAP Packet

DSCPUP

802.11 Frame

DSCP

3-Bit UP

Upstream UP-to-DSCP Default Mapping

First 3 Bits are copiedLast 3 Bits are zeroed-out

Key Point:

Radio Upstream

QoS requires the

device to set UP

markings correctly

BRKCRS-2501 138


6-Bit DSCP

DSCP

IP Packet

DSCP

CAPWAP Packet

DSCPUP

802.11 Frame

DSCP

Upstream DSCP Trust Model

All 6 Bits are copied6-Bit DSCP

BRKCRS-2501 139


IETF Draft on DSCPUP Mapping

• Reconciles RFC 4594 with IEEE 802.11

• Summarizes our internal consensus on DSCP-to-UP mapping

• Advocates DSCP-trust in the upstream direction (vs. UP-to-DSCP mapping)

https://www.ietf.org/id/draft-ietf-tsvwg-ieee-802-11-11.txt

BRKCRS-2501 140

https://www.ietf.org/id/draft-ietf-tsvwg-ieee-802-11-11.txt


Cisco WLAN QoS Design At-A-Glance


BRKCRS-2501 141














Agenda

Cisco AireOS WLC AVC/QoS Design


Cisco AireOS WLC

• Customizable DSCPUP Mappings (introduced in AireOS 8.1MR) modify the QoS Roles of the AP and WLC:

QoS Roles in the Wireless LAN

Centralized Deployment Model

PEPTrust Boundary

CAPWAP Tunnel

AireOS WLC

BRKCRS-2501 144


Cisco AireOS WLC

• Customizable DSCPUP Mappings (introduced in AireOS 8.1MR) modify the QoS Roles of the AP and WLC:

• Trust Boundary moves to the AP

• PEP remains at the WLC

QoS Roles in the Wireless LAN

Centralized Deployment Model

PEPTrust Boundary

CAPWAP Tunnel

AireOS WLC

With AireOS 8.1MR+ the trust-boundary can be extended to the AP

BRKCRS-2501 144


Cisco AireOS WLC

1. Tune EDCA and CAC

2. Select and Tune the WLAN QoS Profile

3. Configure an AVC Profile

4. Apply the QoS and AVC Profile to the WLAN and Enable Application Visibility

5. Modify default DSCP-to-UP mappings and enable Upstream DSCP-Trust

QoS Design Steps

BRKCRS-2501 146


AireOS WLCStep 1) Tuning EDCA and CAC

BRKCRS-2501 147


AireOS WLCStep 2) Tuning QoS Profiles

• QoS Profiles are applied to both upstream & downstream flows on egress

• The WLAN QoS Profile defines:

WLAN Maximum Priority

• It recommended to set the Maximum Priority to voice on multiservice WLANs

Unicast and Multicast Default Priority

• Typically these values are recommended to be set to best effort

• QoS Profiles override/control AVC Profiles

The WLAN Maximum Priority is a DSCP and UP Marking Ceiling

If you want to preserve voice markings, then you *MUST* set this to voice

BRKCRS-2501 149


AireOS WLCStep 3) Creating AVC Profiles

• AVC Profiles are applied to both upstream and downstream flows on WLC ingress

• an AVC Profile can contain a maximum of 32 application rules

• AVC profiles can be overridden by QoS Profiles

• So be sure to align these!

Voice EF

Broadcast Video (CS5)

Real-Time Interactive (CS4)

Multimedia-Conferencing (AF41)

Call-Signaling (CS3)

Transactional Data (AF21)

Bulk Data (AF11)

Scavenger (CS1)

BRKCRS-2501 150


AireOS WLC

• Select the desired QoS and AVC Profiles to apply to the WLAN

• Check the box to enable Application Visibility

Step 4) Attaching QoS & AVC Profiles and Enabling AVC

BRKCRS-2501 151


AireOS WLCStep 5) DSCP-to-UP Mapping and DSCP-Trust

Step 1: Disable the current

QoS map

Step 2: Configure DSCP-to-

UP mapping

Step 3: Configure DSCP-to-

UP

mapping exceptions

Step 4: Enable DSCP-trust,

the new QoS maps, and the

802.11 networks

BRKCRS-2501 152


AireOS WLCFastlane QoS Alternative

• Step 1: Enable Fastlane on the WLAN

• Step 2: Create an AVC Profile and replace the default profile created by Fastlane (AireOS8.3.112 and higher only)

or

Edit the existing AUTOQOS-AVC-PROFILE generated by Fastlane (AireOS 8.3.102 and higher only)

BRKCRS-2501 153


Cisco AirOS QoS Design At-A-Glance


BRKCRS-2501 154



Cisco AirOS QoS Mapping At-A-Glance


BRKCRS-2501 155














Agenda

Meraki MR Series AP QoS Design


Meraki MR Series AP QoSBandwidth Shaping

• Configured through the Meraki Dashboard

• Supports separate upload and download limits

• Per-SSID and per-device/user limits

• Support for per-user bandwidth limits when a customer-hosted RADIUS server is used

• SpeedBurst allows up to 4 times the configured rate for 5 seconds

https://documentation.meraki.com/MR/Firewall_and_Traffic_Shaping/Traffic_and_Bandwidth_Shaping

BRKCRS-2501 158

https://documentation.meraki.com/MR/Firewall_and_Traffic_Shaping/Traffic_and_Bandwidth_Shaping


Meraki MR Series AP QoSTraffic Shaping – Configure > Firewall and Traffic shaping

• Identifies traffic based on Layer 3 or Layer 7 (application) signatures and enforces QoS

• Rule Definition – 2 Options

• Select from pre-defined application categories

• Custom rule definitions specifying HTTP hostnames, port number, IP address range, or combinations of IP address range and port

• Rule Action – Shaping and/or Prioritization

• Allow unlimited bandwidth usage – ignoring limits set for a particular SSID

• Obey the SSID limits defined on the Access Control page

• Apply more restrictive limits than specified for the SSID

BRKCRS-2501 159


Meraki MR Series AP QoSUpstream and Downstream QoS

• Default mapping of DSCP to 802.11 AC

• Upstream QoS sent by the client is honored.

• DSCP field within the traffic sent from the client is maintained on the Ethernet network

• Fastlane support with the ability to install a wireless profile on iOS devices via the Meraki EMM

BRKCRS-2501 160













Agenda

What are we doing to make this simpler?


The Why / How / What of Enterprise Networking

Transform our customers’ businesses

through powerful yet simple networks.

Why

How What

Cisco Enterprise

Vision

BRKCRS-2501 163


How Are We Simplifying Campus QoS?

• Simplifying Hardware

• Simplifying Software

• Simplifying Cisco Validated Designs

• Automating Cisco Validated Designs

• AutoQoS

• Fastlane for iOS

• APIC-EM EasyQoS

• DNA-C Application Policy

BRKCRS-2501 164


AutoQoS SRND4 At-A-Glance


BRKCRS-2501 165



Optimized Wi-Fi Connectivity Prioritized Business applications

Intelligent, and efficient

roaming is automatically

configured

iOS and Cisco devices recognize each other and

enable special capabilities

Business data gets priority

and speed even if network is

congested

Reduces complexity - IT can focus on the business– the

network does the heavy lifting

Cisco-Apple partnership – Better Together

BRKCRS-2501 166


DNA-C Application Policy / EasyQoS Solution

Wireless AP

Trust Boundary

PEP

4Q (WMM)

Catalyst 3650

Trust Boundary

PEP

2P6Q3T

Catalyst 4500

1P7Q1T

Catalyst 6500

1P3Q4T

1P7Q4T

2P6Q4T

…

Nexus 7700

F3: 1P7Q1T

WLC

PEP

ASR/ISRs

MQC

Catalyst 2960-X

Trust Boundary

PEP

1P3Q3T

Wireless AP

Trust Boundary

PEP

4Q (WMM)

EM

Applications can interact with APIC-EM via Northbound

APIs, informing the network of application-specific and

dynamic QoS requirements

Southbound APIs translate

business-intent to platform-

specific configurations

Network Operators express high-level

business-intent through DNA-C Application

Policy / APIC-EM EasyQoS

BRKCRS-2501 167


Deploy End-to-End DSCP-Based Queuing Policies

EM

DNA-C Application Policy / EasyQoS seamlessly

interconnects all types of hardware and software

queuing models to achieve consistent and

compatible end-to-end treatments aligned with the

expressed business-intent

BRKCRS-2501 168


Your Choice

ip access-list extended APIC_EM-MM_STREAM-ACLremark citrix - Citrixpermit tcp any any eq 1494permit udp any any eq 1494permit tcp any any eq 2598permit udp any any eq 2598remark citrix-static - Citrix-Staticpermit tcp any any eq 1604permit udp any any eq 1604permit tcp any any range 2512 2513permit udp any any range 2512 2513remark pcoip - PCoIPpermit tcp any any eq 4172permit udp any any eq 4172permit tcp any any eq 5172permit udp any any eq 5172remark timbuktu - Timbuktupermit tcp any any eq 407permit udp any any eq 407remark xwindows - XWindowspermit tcp any any range 6000 6003remark vnc - VNCpermit tcp any any eq 5800permit udp any any eq 5800permit tcp any any range 5900 5901permit udp any any range 5900 5901exitip access-list extended APIC_EM-SIGNALING-ACLremark h323 - H.323permit tcp any any eq 1300permit udp any any eq 1300permit tcp any any range 1718 1720permit udp any any range 1718 1720

www.cisco.com/go/apicem

BRKCRS-2501 169

http://www.cisco.com/go/apicem













Agenda

Summary & References


Key Takeaways

• Start by defining your QoS Strategy

• Campus QoS is needed primarily to control packet drops

• WLAN QoS is needed to control both jitter and packet drops

• Know your QoS toolset, as this varies platform-to-platform

• Cisco provides many At-A-Glance guides to get you up and running quickly

• Cisco also provides Cisco Validated Design guides for more detail

• Cisco is continuing to focus on simplifying QoS—both in hardware and software

• DNA-C Application Policy / EasyQoS delivers maximum simplicity for Campus QoS

BRKCRS-2501 172


Campus QoS Design 4.0—In-Depth

• Enterprise Quality of Service Design 4.0 http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND_40/QoSIntro_40.html

• Campus QoS Design 4.0 http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND_40/QoSCampus_40.html

• WLAN QoS Design (BYOD CVD) http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/BYOD_Design_Guide/BYOD_AVC.html

Comprehensive Design Chapters

BRKCRS-2501 173

http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND_40/QoSIntro_40.html

http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND_40/QoSCampus_40.html

http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/BYOD_Design_Guide/BYOD_AVC.html


Recommended ReadingEnd-to-End QoS (v2)

• Release Date: Jan 2014

• Page Count: 1040

• Comprehensive QoS design guidance for PINs and platforms:

• Campus Catalyst 3750/4500/6500

• WLAN WLC 5508 / Catalyst 3850 NGWC

• Data Center Nexus 1000V/2000/5500/7000

• WAN & Branch Cisco ASR 1000 / ISR G2

• MPLS VPN Cisco ASR 9000 / CRS-3

• IPSec VPNs Cisco ISR G2

• ISBN: 1-58714-369-0

http://www.amazon.com/End---End-QoS-Network-Design/dp/1587143690/

BRKCRS-2501 174

http://www.amazon.com/End---End-QoS-Network-Design/dp/1587143690/


Recommended ReadingAPIC-EM EasyQoS Solution Design Guide

https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Dec2017/APIC-EM-EasyQoS-DesignGuide-Dec2017.pdf

BRKCRS-2501 175

https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Dec2017/APIC-EM-EasyQoS-DesignGuide-Dec2017.pdf


Cisco Spark

Questions? Use Cisco Spark to communicate with the speaker after the session

1. Find this session in the Cisco Live Mobile App

2. Click “Join the Discussion”

3. Install Spark or go directly to the space

4. Enter messages/questions in the space

How

cs.co/ciscolivebot#BRKCRS-2501


• Please complete your Online Session Evaluations after each session

• Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt

• All surveys can be completed via the Cisco Live Mobile App or the Communication Stations

Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at www.ciscolive.com/global/on-demand-library/.

Complete Your Online Session Evaluation

http://ciscolive.com/Online

http://www.ciscolive.com/global/on-demand-library/


Continue Your Education

• Demos in the Cisco campus

• Walk-in Self-Paced Labs

• Tech Circle

• Meet the Engineer 1:1 meetings

• Related sessions

BRKCRS-2501 178

Thank you

Appendix:Catalyst 6500/6800 Queuing Models


Catalyst 65xx-E / 6807-XL with Sup2T/6TIngress & Egress Queueing Models

* 1P7Q4T can be implementing as an alternate ingress queueing structure to 2P6Q4T

• Ingress Queue Structures

• 1Q8T CoS to Queue Mapping CoS-based Tail-Drop



• 8Q4T DSCP to Queue Mapping DSCP-based WRED

• 8Q8T CoS to Queue Mapping CoS-based WRED

• 1P7Q2T DSCP to Queue Mapping DSCP-based WRED

• Ingress & Egress Queue Structures

• 2P6Q4T DSCP to Queue Mapping DSCP-based WRED

• Egress Queue Structures

• 1P3Q8T CoS to Queue Mapping Cos-based WRED

• 1P3Q4T CoS to Queue Mapping CoS-based WRED

• 1P7Q4T DSCP to Queue Mapping DSCP-based WRED*

• 1P7Q8T CoS to Queue Mapping CoS-based WRED

BRKCRS-2501 182

1Q8T – Ingress QueueingCoS to Queue MappingCoS-based Tail-Drop


1Q8T Ingress Queueing Linecards

• WS-X6704-10GE with CFC

• WS-X6724-SFP with CFC

• WS-X6748-SFP and WS-X6748-GE-TX with CFC

BRKCRS-2501 184


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


1Q8T

CoS 1

Catalyst 65xx-E/6807-XL with Sup2T/6T1Q8T Ingress Queuing Models—CoS-to-Queue Mapping w/ COS-based Tail-Drop

CoS 0

CoS 2

CoS 4

CoS 3

CoS 5

CoS 6

CoS 7

Q1T1—65%

Q1T2—70%

Q1T3—75%

Q1T4—80%

Q1T7—95%

All noted thresholds are

tail-drop thresholds

Q1T6—90%

Q1T5—85%

Q1T8—100%

CoS 2

CoS 4

CoS 0

CoS 3

CoS 5

CoS 6

CoS

CoS 7

CoS 1

BRKCRS-2501 185


policy-map type lan-queuing APIC_EM-QUEUING-1Q8T-IN

class class-default

queue-limit cos 7 percent 100








Catalyst 65xx-E/6807-XL—1Q8T Ingress Model

Un-configured CoS values default to threshold 8 which is 100%. May not need to configure the CoS 7 value, as this should default to 100%. However, it is shown here for completeness.

Recommend to explicitly configure it.

Interface GigabitEthernet1/1

service-policy type lan-queuing input APIC_EM-QUEUING-1Q8T-IN

BRKCRS-2501 186



• VS-S2T-10G and VS-S2T-10G-XL with Gigabit Ethernet ports enabled

• Applies to all ports on the Supervisor 2T

BRKCRS-2501 188


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


Catalyst 65xx-E/6807-XL with Sup2T2Q4T Ingress Queuing Models—CoS-to-Queue Mapping

2Q4T

Q2 40% BW

Q1 60% BW

CoS 0

CoS 1

CoS 2

CoS 3

CoS 5

CoS 6

CoS 7

CoS 2

CoS 4

CoS 0

CoS 3

CoS 5

CoS 6

CoS

CoS 7

CoS 4

CoS 1

BRKCRS-2501 189


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


Catalyst 65xx-E/6807-XL with Sup2T2Q4T Ingress Queuing Models—CoS-to-Queue Mapping w/ CoS-based Tail-Drop

2Q4T

Q1T1—85%

Q1T2—90%

Q1T3—95%

Q1T4—100%

Q2T1—85%

Q2T2—90%

Q2T3—95%

Q2T4—100%

Q2 40% BW

Q1 60% BW

CoS1

Cos 0

CoS 2

CoS 4

CoS 3

CoS 5

CoS 6

CoS 7

CoS 2

CoS 4

CoS 0

CoS 3

CoS 5

CoS 6

CoS

CoS 7



CoS 1

BRKCRS-2501 190


class-map type lan-queuing match-all APIC_EM-Q2-2Q4T-QUEUE

match cos 7 6 5 4


class APIC_EM-Q2-2Q4T-QUEUE






class class-default






interface GigabitEthernet1/3/1


interface TenGigabitEthernet1/3/4


Un-configured CoS values default to threshold 8 which is 100%. May not need to configure the CoS 7 or CoS 3 values, as this should default to 100%, but is shown here for completeness.

Recommend explicitly configuring thresholds however.

BRKCRS-2501 191



• WS-X6724-SFP with DFC4/DFC4XL upgrade (WS-F6k-DFC4-A, WS-F6k-DFC4-AXL)

• WS-X6748-SFP and WS-X6748-GE-TX with DFC4/DFC4XL upgrade (WS-F6k-DFC4-A, WS-F6k-DFC4-AXL)

• WS-X6824-SFP-2T and WS-X6824-SFP-2TXL

• WS-X6848-SFP-2T, WS-X6848-SFP-2TXL, WS-X6848-TX-2T and WS-X6848-TX-2TXL

BRKCRS-2501 193


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


Cisco Catalyst 65xx-E/6807-XL with Sup2T2Q8T Ingress Queuing Models—CoS-to-Queue Mapping

2Q8T

Q2 40% BW

Q1 60% BW

CoS 0

CoS 1

CoS 2

CoS 3

CoS 5

CoS 6

CoS 7

CoS 2

CoS 4

CoS 1

CoS 0

CoS 3

CoS 5

CoS 6

CoS

CoS 7

CoS 4

BRKCRS-2501 194


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


Cisco Catalyst 65xx-E/6807-XL with Sup2T2Q8T Ingress Queuing Models—CoS-to-Queue Mapping w/ CoS-based Tail-Drop

2Q8T

Q1T1—85%

Q1T2—90%

Q1T3—95%

Q1T4—100%

Q2T1—85%

Q2T2—90%

Q2T3—95%

Q2T4—100%

Q2 40% BW

Q1 60% BW

CoS1

Cos 0

CoS 2

CoS 4

CoS 3

CoS 5

CoS 6

CoS 7

CoS 2

CoS 4

CoS 0

CoS 3

CoS 5

CoS 6

CoS

CoS 7

CoS 1



BRKCRS-2501 195



match cos 7 6 5 4








class class-default








Un-configured CoS values default to threshold 8 which is 100%. May not need to configure the CoS 7 or CoS3 values, as this should default to 100%.

Recommend explicitly configuring thresholds

BRKCRS-2501 196

8Q4T – Ingress QueueingDSCP to Queue MappingDSCP-based WRED



• VS-S2T-10G, VS-S2T-10G-XL with Gigabit Ethernet ports disabled

• WS-X6908-10G-2T, WS-X6908-10G-2TXL

• WS-X6816-10T-2T, WS-X6816-10T-2TXL, WS-X6816-10G-2T, WS-X6816-10G-2TXL in performance mode

• WS-X6716-10G-3C, WS-X6716-10G-3CXL, WS-X6716-10T-3C, WS-X6716-10T-3CXL with a DFC4 or DFC4XL upgrade (WS-F6k-DFC4-E, WS-F6k-DFC4-EXL) in performance mode)

BRKCRS-2501 198


How to Disable or Display the State of GigabitEthernet Interfaces on the Sup2T

o23-6500-1#show platform qos module 3

QoS is enabled globally

Port QoS is enabled globally

QoS serial policing mode enabled globally

Distributed Policing is Disabled

Secondary PUPs are enabled

QoS Trust state is DSCP on the following interface:

EO0/2 Gi1/1 Gi1/2 Gi1/3 Gi1/4 Gi1/5 Gi1/6 Gi1/7 Gi1/8 Gi1/9

Gi1/10 Gi1/11 Gi1/12 Gi1/13 Gi1/14 Gi1/15 Gi1/16 Gi1/17 Gi1/18 Gi1/19



Gi1/40 Gi1/41 Gi1/42 Gi1/43 Gi1/44 Gi1/45 Gi1/46 Gi1/47 Gi1/48 Te2/1

Te2/2 Te2/3 Te2/4 Te2/5 Te2/6 Te2/7 Te2/8 Gi3/1 Gi3/2 Gi3/3

Te3/4 Te3/5 Te5/1 Te5/2 Te5/3 Te5/4 Te5/5 Te5/6 Te5/7 Te5/8

Te5/9 Te5/10 Te5/11 Te5/12 Te5/13 Te5/14 Te5/15 Te5/16 Te6/1 Te6/2

Te6/3 Te6/4 CPP CPP.1 Vl1

QoS 10g-only mode supported: Yes [Current mode: Off]

Global Policy-map: ingress[]

…

o23-6500-1(config)#platform qos 10g-only Global command disables GigabitEthernet interfaces on the

Sup2T.

Global command to show whether the

GigabitEthernet interfaces on the Sup2T

are enabled or disabled

GigabitEthernet interfaces on the

Sup2T are currently enabled

BRKCRS-2501 199


How to Enable or Display Performance Mode on Linecards

o23-6500-1#show hw-module slot 5

oversubscription

port-group oversubscription-mode

1 enabled

2 enabled

3 enabled

4 disabled

o23-6500-1(config)#no hw-module slot 5 oversubscription port-group 4

Global command enables

performance mode on a port

group of a linecard

Global command to show whether the

oversubscription is enabled or disabled

(performance mode) per port group of a

linecard

BRKCRS-2501 200


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


8Q4T

EF

DF

AF1

CS1

AF2

AF3

Cisco Catalyst 65xx-E/6807-XL with Sup2T8Q4T Ingress Queuing Models—DSCP-to-Queue Mapping

AF4

CS7

Multimedia-Conferencing Queue (20% BW + DSCP-WRED)

Multimedia-Streaming Queue (20% BW + DSCP-WRED)

Transactional Data Queue (10% BW + DSCP-WRED)

Bulk Data Queue (4% BW + DSCP-WRED)

CS6

CS3

CS2

Control Queue (10% BW)

CS5

CS4

Realtime Queue (10% BW)

Scavenger Queue (1% BW)

Default Queue (25% BW + DSCP-WRED)

BRKCRS-2501 201


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


8Q4T

EF

DF

AF11

AF12

AF13

CS1

AF21

AF22

AF23

AF31

AF32

AF33

Cisco Catalyst 65xx-E/6807-XL with Sup2T8Q4T Ingress Queuing Models—DSCP-to-Queue with DSCP-WRED

AF41

AF42

AF43

CS7

Q6T2—70%

Q6T3—80%

Q6T1—60%

Multimedia-Conferencing Queue (20% BW + DSCP-WRED)

Multimedia-Streaming Queue (20% BW + DSCP-WRED)

Q5T2—70%

Q5T3—80%

Q5T1—60%

Transactional Data Queue (10% BW + DSCP-WRED)

Q4T2—70%

Q4T3—80%

Q4T1—60%

Q3T2—70%

Q3T3—80%

Q3T1—60% Bulk Data Queue (4% BW + DSCP-WRED)

CS6

CS3

CS2

Control-Plane Queue (10% BW)

CS5

CS4

Realtime Queue (10% BW)


Default Queue (25% BW + DSCP-WRED)


Min WRED thresholds

All max WRED thresholds

Are set to 100%

BRKCRS-2501 202


class-map type lan-queuing match-all APIC_EM-REALTIME-8Q4T-QUEUE


class-map type lan-queuing match-all APIC_EM-CONTROL-8Q4T-QUEUE


class-map type lan-queuing match-all APIC_EM-MM_CONF-8Q4T-QUEUE


class-map type lan-queuing match-all APIC_EM-MM_STREAM-8Q4T-QUEUE


class-map type lan-queuing match-all APIC_EM-TRANS_DATA-8Q4T-QUEUE


class-map type lan-queuing match-all APIC_EM-BULK_DATA-8Q4T-QUEUE


class-map type lan-queuing match-all APIC_EM-SCAVENGER-8Q4T-QUEUE

match dscp cs1

Catalyst 65xx-E/6807-XL —8Q4T Ingress Model

BRKCRS-2501 203


policy-map type lan-queuing APIC_EM-QUEUEING-8Q4T-IN

class APIC_EM-REALTIME-8Q4T-QUEUE


class APIC_EM-CONTROL-8Q4T-QUEUE


class APIC_EM-MM_CONF-8Q4T-QUEUE






class APIC_EM-MM_STREAM-8Q4T-QUEUE







BRKCRS-2501 204


[continued]

class APIC_EM-TRANS_DATA-8Q4T-QUEUE






class APIC_EM-BULK_DATA-8Q4T-QUEUE

bandwidth percent 4





class APIC_EM-SCAVENGER-8Q4T-QUEUE

bandwidth percent 1

class class-default




service-policy type lan-queuing input APIC_EM-QUEUEING-8Q4T-IN


BRKCRS-2501 205


8Q8T Ingress Queueing LinecardsWS-X6704-10GE supported with a DFC4/DFC4XL upgrade (WS-F6k-DFC4-A, WS-F6k-DFC4-AXL)

o23-6500-1#show module

Mod Ports Card Type Model Serial No.

--- ----- -------------------------------------- ------------------ -----------

1 48 CEF720 48 port 10/100/1000mb Ethernet WS-X6748-GE-TX SAL10478SWP

2 8 DCEF2T 8 port 10GE WS-X6908-10G SAL172682AK

3 5 Supervisor Engine 2T 10GE w/ CTS (Acti VS-SUP2T-10G SAL1702WNR0

5 16 CEF720 16 port 10GE WS-X6716-10GE SAL1228WYB7

6 4 CEF720 4 port 10-Gigabit Ethernet WS-X6704-10GE SAL15013XBH

…

Mod Sub-Module Model Serial Hw Status

---- --------------------------- ------------------ ----------- ------- -------

1 Centralized Forwarding Card WS-F6700-CFC SAD074308C9 1.1 Ok

2 Distributed Forwarding Card WS-F6K-DFC4-E SAL17152T2R 1.2 Ok

3 Policy Feature Card 4 VS-F6K-PFC4 SAL1638N3R3 1.2 Ok

3 CPU Daughterboard VS-F6K-MSFC5 SAL1702WNG1 1.5 Ok

5 Distributed Forwarding Card WS-F6K-DFC4-E SAL1541SQHX 1.1 Ok

6 Centralized Forwarding Card WS-F6700-CFC SAL1518CRZ3 4.1 PwrDown

BRKCRS-2501 207


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


8Q8T

CoS 5

CoS 0

CoS 1

CoS 2

CoS 3

Cisco Catalyst 65xx-E/6807-XL with Sup2T8Q8T Ingress Queuing Models—CoS-to-Queue Mapping with COS-based WRED

CoS 4

CoS 6

CoS 2

CoS 4

CoS 1

CoS 0

CoS 3

CoS 5

CoS 6

CoS

CoS 7

CoS 7

Q8-VoIP-Broadcast Queue (10% BW )

Q5-Multimedia-Realtime Queue (20% BW)

Q4-Streaming-Signaling Queue (20% BW)

Q3-Transactional-Management Queue (10% BW)

Q6-Internetwork Control Queue (5% BW)

Q7-Network Control Queue (5% BW)

Q2-Bulk-Scavenger Queue (5% BW)

Q1-Default Queue (25% BW)

BRKCRS-2501 208



match cos 7

Class-map type lan-queuing match-all APIC_EM-Q7-8Q8T-QUEUE

match cos 6


match cos 5


match cos 4


match cos 3


match cos 2


match cos 1


BRKCRS-2501 209


policy-map type lan-queuing APIC_EM-QUEUEING-8Q8T-IN




bandwidth percent 5


bandwidth percent 5








bandwidth percent 5

class class-default



service-policy type lan-queuing input APIC_EM-QUEUEING-8Q8T-IN

BRKCRS-2501 210

1P7Q2T – Ingress QueueingDSCP to Queue MappingDSCP-based WRED


1P7Q2T Ingress Queueing Linecards

• WS-X6716-10G-3C, WS-X6716-10G-3CXL, WS-X6716-10T-3C, WS-X6716-10T-3CXL with a DFC4 or DFC4XL upgrade (WS-F6k-DFC4-E, WS-F6k-DFC4-EXL) in oversubscription mode

• WS-X6816-10T-2T, WS-X6816-10T-2TXL, WS-X6816-10G-2T, WS-X6816-10G-2TXL in oversubscription mode

BRKCRS-2501 212


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


1P7Q2T

EF

DF

AF1

CS1

AF2

AF3

Cisco Catalyst 65xx-E/6807-XL with Sup2T1P7Q2T Ingress Queuing Models—DSCP-to-Queue Mapping

AF4

CS7

Multimedia-Conferencing Queue (20% BWR + DSCP-WRED)

Multimedia-Streaming Queue (15% BWR + DSCP-WRED)

Transactional Data Queue (15% BWR + DSCP-WRED)

Bulk Data Queue (9% BWR + DSCP-WRED)

CS6

CS3

CS2

Control Plane Queue (10% BWR)

CS5

CS4

Realtime Queue (Priority)


Default Queue (30% BWR + DSCP-WRED)

BRKCRS-2501 213


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


1P7Q2T

EF

DF

AF11

AF12

AF13

CS1

AF21

AF22

AF23

AF31

AF32

AF33

Cisco Catalyst 65xx-E/6807-XL with Sup2T1P7Q2T Ingress Queuing Models—DSCP-to-Queue Mapping (DSCP-WRED)

AF41

AF42

AF43

CS7

Q6T2—80%

Q6T1—70%



Q5T1—70%

Q5T2—80%


Q4T2—80%

Q4T1—70%

Q3T2—80%

Q3T1—70%Bulk Data Queue (9% BWR + DSCP-WRED)

CS6

CS3

CS2


CS5

CS4





Min WRED thresholds


Are set to 100%

BRKCRS-2501 214


class-map type lan-queuing match-all APIC_EM-REALTIME-1P7Q2T-QUEUE


class-map type lan-queuing match-all APIC_EM-CONTROL-1P7Q2T-QUEUE


class-map type lan-queuing match-all APIC_EM-MM_CONF-1P7Q2T-QUEUE


class-map type lan-queuing match-all APIC_EM-MM_STREAM-1P7Q2T-QUEUE


class-map type lan-queuing match-all APIC_EM-TRANS_DATA-1P7Q2T-QUEU


class-map type lan-queuing match-all APIC_EM-BULK_DATA-1P7Q2T-QUEUE


class-map type lan-queuing match-all APIC_EM-SCAVENGER-1P7Q2T-QUEUE

match dscp cs1

Cisco Catalyst 65xx-E/6807-XL - 1P7Q2T Ingress Model

BRKCRS-2501 215


policy-map type lan-queuing APIC_EM-QUEUEING-1P7Q2T-IN

class APIC_EM-REALTIME-1P7Q2T-QUEUE

priority

class APIC_EM-CONTROL-1P7Q2T-QUEUE


class APIC_EM-MM_CONF-1P7Q2T-QUEUE


class APIC_EM-MM_STREAM-1P7Q2T-QUEUE


Catalyst 65xx-E/6807-XL —1P7Q2T Ingress Model

BRKCRS-2501 216


[continued]

class APIC_EM-TRANS_DATA-1P7Q2T-QUEU


class APIC_EM-BULK_DATA-1P7Q2T-QUEUE


class APIC_EM-SCAVENGER-1P7Q2T-QUEUE


class class-default


service-policy type lan-queuing input APIC_EM-QUEUEING-1P7Q2T-IN

Catalyst 65xx-E/6807-XL - 1P7Q2T Ingress Model

BRKCRS-2501 217

2P6Q4T Ingress & Egress QueueingDSCP to Queue MappingDSCP-based WRED


2P6Q4T Ingress Queueing Linecards

• WS-X6904-40G-2T and WS-X6904-40G-2TXL

• C6800-8P10G, C6800-8P10G-XL

• C6800-16P10G, C6800-16P10G-XL

• C6800-32P10G, C6800-32P10G-XL

BRKCRS-2501 219


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


2P6Q4T

Voice-PQ1


Control Plane Queue

(10% BWR)

CS7 & CS6

Multimedia-Streaming Queue


Video-PQ2

(Priority Level 2)



Bulk Data Queue


Default Queue

(35% BWR + WRED)DF

AF1

AF2

AF3

Cisco Catalyst 65xx-E/6807-XL with Sup2T2P6Q4T (Ingress & Egress Queuing Models—DSCP-to-Queue)

CS4

CS5

Scavenger Queue


AF4

CS1

CS3 & CS2

BRKCRS-2501 220


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


2P6Q4T

Voice-PQ1


Control Plane Queue

(10% BWR)

CS7 & CS6

Video-PQ2

(Priority Level 2)

Default Queue

(35% BWR + WRED)DF

Cisco Catalyst 65xx-E/6807-XL with Sup2T2P6Q4T (Ingress & Egress Queuing Models—DSCP-to-Queue with DSCP WRED

CS4

CS5

Scavenger Queue

(1% BWR )

AF4

CS1

CS3 & CS2

CS1

AF11

AF12

AF13

AF21

AF22

AF23

AF31

AF32

AF33

Multimedia-Streaming Queue (20% BWR + DSCP-WRED)Q4T2—70%

Q4T3—80%

Q4T1—60%

Transactional Data Queue (20% BWR + DSCP-WRED)Q3T2—70%

Q3T3—80%

Q3T1—60%

Q2T2—70%

Q2T3—80%

Q2T1—60%


BRKCRS-2501 221


class-map type lan-queuing match-all APIC_EM-VOICE-2P6Q4T-PQ1

match dscp ef

class-map type lan-queuing match-all APIC_EM-VIDEO-2P6Q4T-PQ2

match dscp cs4 cs5 af41 af42 af43





class-map type lan-queuing match-all APIC_EM-TRANS_DATA-2P6Q4T-QUEUE


class-map type lan-queuing match-all APIC_EM-BULK_DATA-2P6Q4T-QUEUE


class-map type lan-queuing match-all APIC_EM-SCAVENGER-2P6Q4T-QUEUE

match dscp cs1

Cisco Catalyst 65xx-E/6807-XL—2P6Q4T ModelPart 1 of 3—Common Ingress & Egress Queuing Class-Maps

BRKCRS-2501 222


Cisco Catalyst 65xx-E/6807-XL—2P6Q4T ModelPart 2 of 3—2P6Q4T Queuing Policy-Map

policy-map type lan-queuing APIC_EM-QUEUING-2P6Q4T

class APIC_EM-VOICE-2P6Q4T-PQ1

priority level 1

class APIC_EM-VIDEO-2P6Q4T-PQ2

priority level 2









class APIC_EM-TRANS_DATA-2P6Q4T-QUEUE






BRKCRS-2501 223


Cisco Catalyst 65xx-E/6807-XL—2P6Q4T ModelPart 3 of 3—2P6Q4T Queuing Policy-Map (continued)

[continued]

class APIC_EM-BULK_DATA-2P6Q4T-QUEUE






class APIC_EM-SCAVENGER-2P6Q4T-QUEUE


class class-default




service-policy type lan-queuing input APIC_EM-QUEUEING-2P6Q4T

service-policy type lan-queuing output APIC_EM-QUEUEING-2P6Q4T

BRKCRS-2501 224

1P3Q8T – Egress QueueingCoS to Queue MappingCoS-based Tail-Drop


1P3Q8T Egress Queueing Linecards

• WS-X6724-SFP, WS-X6748-SFP and WS-X6748-GE-TX with CFC

• WS-X6724-SFP, WS-X6748-SFP, and WS-X6748-GE-TX with a DFC4 or DFC4XL upgrade (WS-F6k-DFC4-A, WS-F6k-DFC4-AXL)

• WS-X6824-SFP-2T and WS-X6824-SFP-2TXL

• WS-X6848-SFP-2T, WS-X6848-SFP-2TXL, WS-X6848-TX-2T and WS-X6848-TX-2TXL

BRKCRS-2501 226


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


1P3Q8T

Cisco Catalyst 65xx-E/6807-XL with Sup2T1P3Q8T Egress Queuing Models—CoS-to-Queue Mapping

CoS 2

CoS 4

CoS 1

CoS 0

CoS 3

CoS 5

CoS 6

CoS

CoS 7

Control Plane Queue

(10% BWR)


(45% BWR + COS-WRED)

Default Queue

(45% BWR + COS WRED)

Realtime Queue

(Priority)

CoS 5

CoS 0

CoS 1

CoS 2

CoS 3

CoS 4

CoS 6

CoS 7

BRKCRS-2501 227


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


1P3Q8T

Cisco Catalyst 65xx-E/6807-XL with Sup2T1P3Q8T Egress Queuing Models—CoS-to-Queue Mapping with CoS-WRED

CoS 2

CoS 4

CoS 1

CoS 0

CoS 3

CoS 5

CoS 6

CoS

CoS 7

Control Plane Queue

(10% BWR)



Default Queue


Realtime Queue

(Priority)

CoS 5

CoS 0

CoS 1

CoS 2

CoS 3

CoS 4

CoS 6

CoS 7

Q2T1—70%

Q2T2—80%

Q2T1—70%

Q2T2—80%


Min WRED thresholds


Are set to 100%

BRKCRS-2501 228



match cos 4 5


match cos 6 7


match cos 2 3

Catalyst 65xx-E/6807-XL—1P3Q8T Egress Model

BRKCRS-2501 229


policy-map type lan-queuing APIC_EM-QUEUING-1P3Q8T-OUT


priority





random-detect cos-based

random-detect cos 3 percent 80 100


class class-default




Cisco Catalyst 65xx-E/6807-XL —1P3Q8T Egress Model


service-policy type lan-queuing output APIC_EM-QUEUING-1P3Q8T-OUT

BRKCRS-2501 230



• VS-S2T-10G and VS-S2T-10G-XL with Gigabit Ethernet ports enabled

BRKCRS-2501 232


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


1P3Q4T

Cisco Catalyst 65xx-E/6807-XL with Sup2T1P3Q4T Egress Queuing Models—CoS-to-Queue Mapping

CoS 2

CoS 4

CoS 1

CoS 0

CoS 3

CoS 5

CoS 6

CoS

CoS 7

Control Plane Queue

(10% BWR)



Default Queue


Realtime Queue

(Priority)

CoS 5

CoS 0

CoS 1

CoS 2

CoS 3

CoS 4

CoS 6

CoS 7

BRKCRS-2501 233


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


1P3Q4T

Cisco Catalyst 65xx-E/6807-XL with Sup2T1P3Q4T Egress Queuing Models—CoS-to-Queue Mapping with CoS WRED

CoS 2

CoS 4

CoS 1

CoS 0

CoS 3

CoS 5

CoS 6

CoS

CoS 7

Control Plane Queue

(10% BWR)



Default Queue


Realtime Queue

(Priority)

CoS 5

CoS 0

CoS 1

CoS 2

CoS 3

CoS 4

CoS 6

CoS 7

Q2T1—70%

Q2T2—80%

Q2T1—70%

Q2T2—80%


Min WRED thresholds


Are set to 100%

BRKCRS-2501 234



match cos 4 5


match cos 6 7


match cos 2 3

Catalyst 65xx-E/6807-XL —1P3Q4T Egress Model

BRKCRS-2501 235




priority








class class-default









BRKCRS-2501 236

1P7Q4T –Egress QueueingDSCP to Queue MappingDSCP-based WRED



• WS-X6716-10G-3C, WS-X6716-10G-3CXL, WS-X6716-10T-3C, WS-X6716-10T-3CXL with a DFC4 or DFC4XL upgrade (WS-F6k-DFC4-E, WS-F6k-DFC4-EXL) in performance or oversubscription mode

• WS-X6816-10T-2T, WS-X6816-10T-2TXL, WS-X6816-10G-2T, WS-X6816-10G-2TXL in performance or oversubscription mode

• WS-X6908-10G-2T and WS-X6908-10G-2TXL

BRKCRS-2501 238


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


1P7Q4T

EF

DF

AF1

CS1

AF2

AF3

Cisco Catalyst 65xx-E/6807-XL with Sup2T1P7Q4T Egress Queuing Models—DSCP-to-Queue Mapping

AF4

CS7





CS6

CS3

CS2


CS5

CS4




BRKCRS-2501 239


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


1P7Q4T

EF

DF

AF11

AF12

AF13

CS1

AF21

AF22

AF23

AF31

AF32

AF33

Cisco Catalyst 65xx-E/6807-XL with Sup2T

1P7Q4T Egress Queuing Models—DSCP-to-Queue with DSCP-WRED

AF41

AF42

AF43

CS7

Q6T2—70%

Q6T1—60%



Q5T1—60%

Q5T2—70%


Q4T2—70%

Q4T1—60%

Q3T2—70%

Q3T1—60% Bulk Data Queue (9% BWR + DSCP-WRED)

CS6

CS3

CS2

Control Queue (10% BWR)

CS5

CS4


Scavenger Queue (1% BWR)



Min WRED thresholds


Are set to 100%

Q6T3—80%

Q5T3—80%

Q3T3—80%

Q4T3—80%

BRKCRS-2501 240






class-map type lan-queuing match-all APIC_EM-MM_CONF-1P7Q4T-QUEUE




class-map type lan-queuing match-all APIC_EM_TRANS_DATA-1P7Q4T-QUEUE


class-map type lan-queuing match-all APIC_EM_BULK_DATA-1P7Q4T-QUEUE


class-map type lan-queuing match-all APIC_EM_SCAVENGER-1P7Q4T-QUEUE

match dscp cs1


BRKCRS-2501 241




priority



class APIC_EM-MM_CONF-1P7Q4T-QUEUE













BRKCRS-2501 242


[continued]

class APIC_EM_TRANS_DATA-1P7Q4T-QUEUE






class APIC_EM_BULK_DATA-1P7Q4T-QUEUE






class APIC_EM_SCAVENGER-1P7Q4T-QUEUE


class class-default






BRKCRS-2501 243



• WS-X6704-10GE with CFC

• WS-X6704-10GE with a DFC4 or DFC4XL upgrade (WS-F6k-DFC4-A, WS-F6k-DFC4-AXL)

BRKCRS-2501 245


Network Management

Signaling


Transactional Data


Bulk Data

AF2

CS3

CS4

AF4

CS2

AF1

Scavenger CS1

Best Effort DF


Broadcast Video

VoIP

Application-Class

CS5

EF


DSCP


1P7Q8T

CoS 5

CoS 0

CoS 1

CoS 2

CoS 3

Cisco Catalyst 65xx-E/6807-XL with Sup2T1P7Q8T Egress Queuing Models—CoS-to-Queue Mapping w/ CoS-based WRED

CoS 4

CoS 6

CoS 2

CoS 4

CoS 1

CoS 0

CoS 3

CoS 5

CoS 6

CoS

CoS 7

CoS 7

Q8-VoIP-Broadcast Queue (Priority)

Q5 - Multimedia-Realtime Queue (20% BWR)

Q4 - Streaming-Signaling Queue (20% BWR)

Q3-Transactional-Management Queue (10% BWR)

Q6 - Internetwork Control Queue (5% BWR)

Q7 - Network Control Queue (5% BWR)

Q2 - Bulk-Scavenger Queue (10% BWR)

Default Queue (30% BWR)

BRKCRS-2501 246


class-map type lan-queuing match-all APIC_EM-Q8-1P7Q8T-QUEUE

match cos 7


match cos 6


match cos 5


match cos 4


match cos 3


match cos 2


match cos 1


BRKCRS-2501 247



class APIC_EM-Q8-1P7Q8T-QUEUE

priority













class class-default




BRKCRS-2501 248

campus qos design- simplified · • qos is disabled by default and must be globally enabled with...

Documents