r4.2 ipqos technical presales. contents label based routing theoretical configuration example ipqos...

R4.2 IPQoS

Technical Presales

Contents

Label based RoutingTheoreticalConfigurationexample

IPQoSFeaturesImplementationConfigurationExampleScenario

Label based routing

Multiple QoS solution

Label based routing= Evolution of source based routingSource based routing :

Present in all SpeedTouch router products up to R4.1Allows to route traffic source and destination based to certain gateways or ports (= atm pvcs)= Fixed label with only source address parameter

Label based routingAvailable from R4.2 onwardsAllows classification of traffic on many criteriaRe-uses the firewall engine, thus all firewall criteria available

Source, destination, protocol, source port, destination port, …Allows routing of traffic through different atm pvcs with different qos classesCan be later combined with ip qos (6 queues per PVC).

Classification and routing

Classification happens before routingPacket enters the router and is classified

Labels are attached to routesRoutes with labels will have highest priorityRoutes with labels will only route packets with the correct labelsFirst match will be chosenUse of traffic stream cache

First time slow pathNext time : Fast path

intf intf

label fwd

Fast-pathclassifier

Slow-path

ConfigurationCLI onlyLabel menu

Creation/deletion of labelsTOS marking is possible

Label/rule menuCreation/deletion of rulesDefault chain = _auto_labels

Used for backwards compatibility or when still source based routes are configured

Default chain linked to user_labelsUser_labels chain to be used onlyEvery new rule must be attached to user_labels with a certain indexStatistics possible : rule stats

Labeling Mechanism

PacketX=2Y=5Z=4

Y=5?

X=2?

Z=4?

X=1?

Z=5?

Z=1?

Y=5?

(sub

)Cha

inX

is1

(sub

)Ch

ain

Xis

2

Label=Lbl1

Label=Lbl2

Label=Lbl2

Label=Lbl1

PacketX=2Y=5Z=5

Label: Lbl1

X=Y?Yes

No

True?

Label=Lbl1

Z=7? Label=Lbl1

Z=4? Label=_auto_Lbl1

Z=8? Label=_auto_Lbl2

Y=9? Label=_auto_Lbl3

(su

b)C

hain

Use

r_La

bels

(roo

t)C

hain

_A

uto

_Lab

els

A ‘rule’; ordered withina chain by index andcontaining conditions

The flow the packet followstrough the structure ofchains and rules

RulesSource Interface (preferably NOT used)

[srcintf [!]= <string>] Source Interface Group (preferably used)

[srcintfgrp [!]= <{wan|local|lan} or number>] IP

src [!]= <ip-range> (IP/mask notation)dst [!]= <ip-range> (IP/mask notation)

ToS (tagging)tos [!]= <number{0-255}>precedence [!]= <number{0-7}>dscp [!]= <number{0-63}>

Protocolprot [!] = <{icmp|igmp|ipinip|tcp|udp|ah|esp|ipcomp} or number>

Portsrcport [!] & srcportenddstport [!] & dstportend

Known ports = {echo|discard|systat|daytime|qotd|chargen|ftp-data|ftp|telnet|smtp|time|nicname|dns|domain|sql*net|bootps|bootpctftp|gopher|finger|www-http|kerberos|rtelnet|pop2|pop3|sunrpc|auth|sqlserv|nntp|sntp|ntp|ingres-net|netbios-ns|netbios-dgm|netbios-ssn|imap2|sql-net|pcmail-srv|snmp|snmptrap|bgp|irc-o|at-rtmp|at-nbp|at-echo|at-zis|ipx|imap3|clearcase|ulistserv|ldap|netware-ip|snpp|ike|exec|biff|login|who|syslog|printer|talk|ntalk|utime|rip|timed|netwall|uucp|uucp-rlogin|new-rwho|rtsp|...} or number>

Example

Scenario :2 pppoa sessions with traffic separation :

Session 1 : pppoa1Only icmp traffic

Session 2 : pppoa2Only UDP and TCP traffic

Required :4 labels :

Label ICMP rule 0 : from LAN and protocol ICMP through pppoa1Label TCP rule 1 : from LAN and protocol TCP through pppoa2Label UDP rule 2 : from LAN and protocol UDP through pppoa2Label DNSLOCAL rule 3 : from local and protocol UDP port 53

Example : network setup

SpeedTouch 610Eth0 : 10.0.0.138

BRAS

InternetPC A : 10.0.0.201DG : 10.0.0.138

TCP traffic, through pppoa2

ICMP traffic, through pppoa1

PPPoA1192.168.2.19

PPPoA2192.168.2.21

Example : ConfigurationStart from a configuration with 2 pppoa sessions (nor routes yet)Create labels :

:label add name=dnslocal:label add name=icmp:label add name=tcp:label add name=udp

Create label rules : :label rule create chain=user_labels index=0 srcintfgrp=lan prot=icmp label=icmp:label rule create chain=user_labels index=1 srcintfgrp=lan prot=tcp label=tcp:label rule create chain=user_labels index=2 srcintfgrp=lan prot=udp label=udp:label rule create chain=user_labels index=3 srcintfgrp=local prot=udp dstport=dns label=dnslocal

Create routes to pppoa1 and pppoa2 ::ip rtadd dst=0.0.0.0/0 label=dnslocal intf=pppoa2:ip rtadd dst=0.0.0.0/0 label=icmp intf=pppoa1:ip rtadd dst=0.0.0.0/0 label=tcp intf=pppoa2:ip rtadd dst=0.0.0.0/0 label=udp intf=pppoa2

Remark :

PPP routes can be either added through the ppp session directly (pppoa/pppoe menu) or through the ip menu (use interface route). In this case the latter is used because multiple routes had to be added.

Diffserv

Theoretical overview

Skip this

What is Diffserv?

Instead of using explicit signaling for each connection, classify all your calls/connections into several classes and treat the traffic on a per-class basis.

Use Differentiated Services to prioritize network traffic Differentiated Services (DiffServ) architecture provides different types or levels of service for network trafficDiffServ Code Points (DSCP) are added to data packet headers to specify the expected type of serviceDiffServ enabled routers and network elements use DSCP codepoints to differentiate the network traffic

Diffserv architecture

DiffServ field Take the ToS bits in the IP header and redefine them:

Use the least significant 6 bits of the ToS filed as DiffServ Code PointsLast 2 bits Currently Unused

DiffServ Field(8-bits)

HeaderLength(4-bits)

Total Length(16-bits)

Source Address (32-bits)

Destination Address (32-bits)

TTL (8-bits) Protocol (8-bits) Checksum (16-bits)

Flags(3-bits)

Version(4-bits)

Identification (16-bits) Fragment offset (13-bits)

IP Datagram Header

DSCP - PHB

Each DSCP (0-63) specifies a Per-Hop-Behavior (PHB), which is a type of router-level QoS (RFC 2475)Traffic is classified at the entry to the network using DSCPCore routers simply does the forwarding based on the DSCPTraffic with certain DSCP is treated based on the Per Hop Behavior (PHB) PHB conforms to agreed-upon Service Level Agreement (SLA) between customer and vendorCommon PHBs:

Assured Forwarding (Assured Service)Expedited Forwarding (Premium Service)

AF / EF

Expedited Forwarding (EF)For critical applicationsFor applications that require a hard guarantee on the delay and jitterLow loss, low delay, low latencyImplementation: priority queues or weighted round robin (WRR)

Assured Forwarding (AF)For applications that require a better reliability than BE serviceA relative thingEnsure that high-priority packets are forwarded more reliably than low-priority packets Multiple DSCPs for AF

Assured Forwarding Code Points

View IPQoS table

IPQoS

4.2.7Single PVC solution

IPQoS agenda

IPQos FeaturesHigh Level Module OverviewInternal flowConfigurationExamples

R4.2.7 New FeaturesIP QoS

New Features : IPQoSWhat will it do for you?

Want your web browsing and e-mail access to slow down to v.32 speeds during Kazaa uploads?

Want your download speeds to be unaffected by your upstream traffic?

Want your MSN Messenger to be functioning independent of other activities?

Want your sip call to be Interrupted because of sudden ftp session?

NO !!! => you need QoS

New Features : IPQoSWhat problem are we really solving?

LAN WANGatewayEthernet

10-100 Mbps

ADSL0.1-1 Mbps

DelayDelay VariationUncontrolled Packet Loss

Packet Loss=> tcp slowdown=> voice degradation=> game hiccups=> video “noise”

Delay=> tcp choke (BW=Window/Delay)=> slow response time for web browsing

Delay Variation (jitter)=> extra buffering delay on voice

New Features : IPQoS How it works – 600 series


10-100 Mbps

ADSL0.1-1 Mbps

Limited Delay Limited Delay Variation

Controlled Packet Loss

Best Effort

Highest Priority

•traffic is assigned to one of 6 queues•1 : Expedited Forwarding : Absolute top

priority traffic (rate limited)•2-5 : Assured Forwarding : each queue is given

it’s fair share of the available bandwidth•6 : Best Effort : take what is left

•Upstream IP traffic is identified based on •“labels” : IP header based : Configured on CPE•Diffserv Codepoints : Set by applications•VLAN tags (802.1p) : Set by endpoints ?•TCP Ack : => Ack filtering

New Features : IPQoS How it works – 500 series


10-100 Mbps

ADSL0.1-1 Mbps

Limited Delay Limited Delay Variation

Controlled Packet Loss

Best Effort

Highest Priority

•Residential QoS focused on•Plug and play operation

•VLAN, DiffServ•Priority

•EF: VoIP, Gaming•AF: interactive sessions (http, https, telnet, VPN pass-through)•BE : the rest

•Implementation :•EF queues collapsed to 2 queues (tcp ack, data)•WFQ between 2 Queues•=> Diffserv compliant (EF, BE) NOT AF compliant (4 Queues needed)

New Features : IPQoSHow it works – For Dummies?

For Dummies? Yes ! Through well chosen defaults in the (custom) templates

Application Label DiffServ TCP Ack

Web (Http)

Emal ( pop, imap)

Windows / MSN Messenger

Rtp (SIP data)

SIP phones (280/282)

Download (ftp) speed unaffected by upload activity

…

New Features : IPQoSWhat’s kept for R5.3

Per flow rate limiting (4.2.7 EF rate limiting only)Alg based labeling (SIP calls)Head-of-Line blocking (AAL5 fragmentation)

IPQoS implementationR4.2.7

IPQoS in 4.2.7

Classification and labellingIP QoS queues (up to 6, minimum 4) per VP/VCHierarchical Fixed Priority (strict) and Weighted Fair Queuing Scheduling (WFQ)Tail Drop and Propagation discard strategiesClassification of data and configuration of a corresponding internal Class (0..15)

Defclass: Default class of assigned connection.Ackclass: Class of ACK segments of TCP connection.

Default set of labels with corresponding ClassRate limiting for real-time queueTCP-ACK filtering and prioritisation

High-Level Module Overview

Automatically class mappingVLAN User PriorityATM QoS

DSCP – AF/EF

Routed data path - WFQ

IPQoS – TCP ACK

ACK filteringACK prioritisationDefault enabled

Less packetsFaster

ACK - Piggy backing packetsare not handled this way

Lower priority queue will be used

ACK seq: 32 26 21 12

Highest ACK replace first & drop others

ACK seq: 32

Configuration

intfIpqos config

Queuing mechanismQueuing rules

Label configQueuing order / Classification

Label rulesData matching

IPQoS config - CLI

Ipqos configdest =<> The destination of the interface. (phonebook entry)

[state = <{disabled|enabled}>] Enable, disable IP QoS for the interface.[discard = <{tail|early}>] Packet discard strategy (congestion).[priority = <{wfq|strict}>] Subqueue priority algorithm.[realtimerate = <number{1-100}>] Percentage of bandwith.[burstsize = <number{1-128}>] Burstsize in kilo bytes.[weight1 = <number{1-96}>] Weight of queue 1 used for WFQ[weight2 = <number{1-96}>][weight3 = <number{1-96}>] [weight4 = <number{1-96}>] [maxpackets = <number{0-100}>] Maximum number of packets in all queues.[maxbytes = <number{0-128}>] Maximum size in kilo bytes in all queues.

default

IPQoS queue config – CLI

Propagation from a queue to the next lower priority queueipqos queue config

dest =<> The destination of the interface. (phonebook entry)queue = <number{0-5}> The number of the subqueue.[propagate = <{disabled|enabled}>] Propagate the packets in lower priority queue

(instead of dropping)[maxpackets = <number{0-100}>] Maximum number of packets in subqueue.[maxbytes = <number{0-128}>] Maximum subqueue size in kilo bytes.

Default set of labels WFQ

Per VP/VC

Labels (CLI)

Label add name <voip>Label config name = <{voip}> Name of label to config.

[classification = <{ignore|overwrite|increase}>] Methods of classification.[defclass = <number{0-15}>] Default class of assigned connection.[ackclass = <number{0-15}>] Class of ACK segments of TCP connection.[ttloverwrite = <{disabled|enabled}>] Enable/disable ttl overwrite.[ttl = <number{0-255}>] The Time To Live in the IP packet (ttl-

overwrite).[tosmarking = <{disabled|enabled}>] Enable/disable tos marking.[tos = <number{0-255}>] The Type of Service specification in the IP

packet (tos-marking).[trace = <{disabled|enabled}>] Enable/disable tracing for this label.

Labels / rules

Rules = Label based routing

Multiple PVC’sSame labels / rules possibleOther destination of routing = other PVC = other queues

Example configurationsDefault queues RT & BEWFQ with different weightsACK prioritisation for maximal downstream

IPQoS example 1


BRAS

InternetPC A : 10.0.0.10DG : 10.0.0.138

IPoA192.168.150.1

PC A : 10.0.0.2DG : 10.0.0.138

=>:ipoa ifconfig intf=ipoa dest=ipoa-qos=>:ip apadd ...=>:ipqos config dest=ipoa-qos state=enabled

=>:label rule create chain=user_labels index=0 src=10.0.0.2 label=RealTime

=>:label rule create chain=user_labels index=1 src=!10.0.0.2 label=BestEffort

Example 1

Statistics

UDP flood from PCVoIP call

Label rule stats

Ipqos queue stats

Example 2 WFQ

SpeedTouch 610Eth0 : 10.0.0.138IPoA 192.168.150.2

PC A : 10.0.0.1DG : 10.0.0.138WFQ2 5%

BRAS

Internet

PC C : 10.0.0.3DG : 10.0.0.138WFQ4 75%FTP server

PC B : 10.0.0.2DG : 10.0.0.138WFQ3 15%

Example 2 WFQ:ipqos config dest=ipoa2 state=enabled priority=wfq weight1=5 weight2=5

weight3=15 weight4=75

Default labels:

Rules::label rule create chain=user_labels src=10.0.0.1 label=WFQ2:label rule create chain=user_labels src=10.0.0.2 label=WFQ3:label rule create chain=user_labels src=10.0.0.3 label=WFQ4

Example 3 ACK


BRAS

InternetPC A : 10.0.0.10DG : 10.0.0.138

IPoA192.168.150.1

:label config name=ack-prio classification=increase defclass=4 ackclass=14

:label rule create chain=user_labels src=10.0.0.0/24 label=ack-prio

MAXIMAL downstream bandwith use!

IPQoS scenario

IPQoS scenario - WFQ

ATM 512kb uplink (100%)128kb Real Time & overload = drop (=25%)256kb Gold & overload = propagate to Silver (=50% guaranteed)Silver = Best Effort (rest)

RT queue 5 / 25%

WFQ

BE queue 0 /no label match

PQ

Silver weight=30Gold weight=66

0-5

6-7

8-9

10-11

12-13

14-15

WFQ 3 weight=2WFQ 4 weight=2

WANLAN

IPQoS scenario - BW

RealTime traffic has 25% from 512kb = 128kbRemaining 512kb –128kb = 384kb for WFQ66% of 384kb = 253kb Gold30% of 384kb = 115kb Silver

All available BW will be usedIn case of no RT traffic, minimum guaranteed BW:

Gold = 66% of 512kb = 338kb

Guaranteed:128kb RT256kb Gold + propagation to Silver

Upstream BW cont.

Theoretical subdivide = max RT + Max Gold + max Silver

RT 128kbGold 256kb Silver 128kb

WFQ

Less RT + max Gold + max Silver traffic

RTGold Silver

WFQ

BW 512kb

Less RT + less Silver + max Gold traffic

RTGold Silver

WFQ

Less RT + less Gold + max Silver traffic

RTGold Silver

WFQ

Upstream BW cont.2

Theoretical subdivide = max RT + Max Gold + max Silver

RT 128kbGold 256kb Silver 128kb

WFQ

Less Gold + less Silver + more RT traffic

RTGold Silver

BW 512kb

Less Gold + more Silver + more RT traffic

RTGold Silver

IPQoS scenario - config

IPQoS scenario - label

Scenario overview


BRAS

Internet

PC A : 10.0.1.3DG : 10.0.1.138

IPoA192.168.150.1

Phone : 10.0.1.2DG : 10.0.1.138

PC B : 10.0.1.6DG : 10.0.1.138

FTP-server

FTP-uploadRT-trafficUDP-flood

Gold traffic

IPQoS advanced dbgIPQoS Scenario / user.ini

Label rule stats

Are labels matching ?

IPQoS queue stats

Clear stats: => ipqos queue stats clear enable

Td call cmd=“aqm ts”

Replaced = removed packets by BLUEDropped = tail dropAdded = in queueRemoved = out queueMarked = Tos

19 packets in queue 5

Td call cmd=“atml stats”

Ctrl-qATM troughput <> compare with adsl info

Uptream is full

user.ini[ phone.ini ]add name=dsl addr=0*38 type=ipoa

[ ipoa.ini ]ifadd intf=ipoa dest=dslifconfig intf=ipoaifattach intf=ipoa

[ ipqos.ini ]config dest=dsl state=enabled realtimerate=25 burstsize=2 weight1=30 weight2=66 weight3=2 weight4=2queue config dest=dsl queue=0queue config dest=dsl queue=1queue config dest=dsl queue=2 propagate=enabledqueue config dest=dsl queue=3queue config dest=dsl queue=4queue config dest=dsl queue=5

User.ini (cont.)[ label.ini ]add name=BestEffortadd name=Goldadd name=RealTimeadd name=Silveradd name=WFQ1add name=WFQ2add name=WFQ3add name=WFQ4config name=BestEffort classification=increase defclass=4 ackclass=4config name=Gold classification=increase defclass=8 ackclass=8config name=RealTime classification=increase defclass=14 ackclass=14config name=Silver classification=increase defclass=6 ackclass=6config name=WFQ1 classification=increase defclass=6 ackclass=6config name=WFQ2 classification=increase defclass=8 ackclass=8config name=WFQ3 classification=increase defclass=10 ackclass=10config name=WFQ4 classification=increase defclass=12 ackclass=12chain create chain=user_labelsrule create chain=user_labels index=0 src=10.0.1.2 label=RealTimerule create chain=user_labels index=1 src=10.0.1.3 label=RealTimerule create chain=user_labels index=2 src=10.0.1.1 label=Goldrule create chain=user_labels index=3 src=10.0.1.4 label=Goldrule create chain=user_labels index=4 src=10.0.1.5 label=Goldrule create chain=user_labels index=5 src=10.0.1.6 label=Gold

TSSM - setup

Internet

FTP-server

BRAS

FTP-uploads-3 WFQ with different weight-RT & rate-limiting-Full BW download-???

IPoA – ptp / no NATPVC 8/35 ftpA: 10.0.1.1/24

ftpB: 10.0.2.1/24

ftpC: 10.0.3.1/24

ftpD: 10.0.4.1/24

10.1.1.1/24

10.2.2.1/24

10.3.3.1/24

10.4.4.1/24

r4.2 ipqos technical presales. contents label based routing theoretical configuration example ipqos...

Documents