ONT Notes – Queuing

Aaron Conaway — Sun, 24 Jan 2010 04:22:06 +0000

Here are some more notes from my studies. Of course, no one cares about them but me, but it’s my blog. I’m sure someone will find it useful. Please help to correct dumbass mistakes.

Congestion
- Speed mismatch – traffic leaves a lower-bandwidth interface than the one it came in on
- Aggregation problem – lots of links with one egress of equal bandwidth
- Confluence problem – a bunch of traffic needs to egress out of the same interface
Queuing
- Transmit queue (TxQ) – hardware queue; there’s only one you can’t touch
- Software queue – where packets wait to be sent; there are many queue-types that you modified to police traffic
FIFO
- If I beat you to the router, I leave the router first.
- Possible long delays, jitter, and starvation
Priority queuing (PQ)
- Four queues
  - High-priority
  - Medium-priority
  - Normal-priority
  - Low-priority
- Scheduler starts from high and work to low
- When the high queue is empty, it processes a packet from medium, then starts all over
- Can you say starvation?
Round robin queuing (RR)
- One packet from this queue, one from the next, etc., then start over again
Custom queuing (CQ)
- Weighted round robin
- Queues are given weights (bandwidth guarantees)
Weighted Fair Queuing (WFQ)
- Default queuing on slow links ( < E1 )
- Divides traffic into flows
- Equal bandwidth is given to each flow
- Provides faster scheduling to low-volume flows
- Provides more bandwidth to higher-priority flows
- Flows identified by a hash
  - Source IP
  - Destination IP
  - Protocol number
  - ToS
  - Source port
  - Destination port
- Each unique has is a new flow
- No way to allocate bandwidth among the flows
- By default, up to 256 queues are made, but that is changeable to a power of 2 between 16 and 4096
- If the max number of flows is reached, queues are reused for other flows
- If a queue is full, a packet may be dropped.
- WFQ early dropping drops packets when the queue reaches the congestive discard threshold (CDT)
- Advantages
  - Simple configuration
  - No starvation
  - Guarantee processing of all flows
  - Drops packets from big-hitter flows
  - Faster service no low-hitters (interactive) flows
  - Standard on (nearly) all IOS devices
- Disadvantages
  - Classification and scheduling are not configurable
  - Only on slow links
  - No guarantee of bandwidth or delay
Class-based Weighted Fair Queuing (CBWFQ)
- User-defined queues for flexibility
- Configured with class-maps via MQC
- Weights are calculated based on values give in class-map
  - Bandwidth – guarantee this much bandwidth
  - Bandwidth percent – give me this much of the available bandwidth
  - Bandwidth remaining percent
- Advantages
  - User-defined traffic classes
  - Each queue gets its own bandwidth
  - Scalability
- Disadvantages
  - No delay guarantee (not good for real-time application like voice)
- Configuring
Low-latency Queuing
- Includes strict priority queue for delay-sensitive data
- Strict priority queue is policed to avoid starvation of other queues
- Configured the same way as normal CBWFQ, but with the priority keyword
- This configuration makes TESTCM2 a priority queue

Aaron Conaway

I like to lean my head to the left, hit it with the palm of my right hand, and document what knowledge falls out.

Website - More Posts

ONT Notes – Classification, Marking, and NBAR

Aaron Conaway — Fri, 22 Jan 2010 16:32:58 +0000

Here’s another set of notes from my ONT studies. I’m sure someone will find it useful. Please help to correct dumbass mistakes.

Classification is done with traffic desriptors
- Ingress interface
- CoS value on ISL or 802.1P frames
- Source/destination IP address
- IP Precedence or DSCP value
- MPLS EXP
- Application type
Layer 3 QoS
- Type of Service (ToS) is 8-bit field.
- First 3 bits of ToS are the IP precedence.
- First 6 bits of ToS are the DSCP value.
- Last 2 bits of ToS are explicit congestion notification (ECN).
Layer 2 QoS
- Ethernet
  - Class of Service (CoS)
  - On 802.1P frame
  - 3-bit priority (PRI) field
    - 000 – Routine – Best-effort
    - 001 – Priority – Medium priority
    - 010 – Immediate – High priority
    - 011 – Flash – Call signaling
    - 100 – Flash-Override – Video conferencing
    - 101 – Critical – Voice bearer
    - 110 – Internet – Reserved
    - 111 – Network – Reserved
- Frame Relay
  - 1-bit discard eligible (DE) field
- ATM
  - 1-bit cell loss priority (CLP) field
- MPLS (layer 2 1/2)
  - 3-bit experimental (EXP) field
  - By default, the 3 most significant ToS bits (IP Precedence bits) are copied to EXP
Per-hop Behavior (PHB)
- “an externally observable fowarding behavior of a network node toward a group of IP packets that have the same DSCP value”
- In other words, treat packets with the same DSCP value in the same manner – scheduling, queuing, policing, etc.
- Behavior aggregate (BA) is a group of packets with the same DSCP value
DSCP
- DSCP is chopped up into 4 PHBs
  - Class selector PHB – (000) old IP precedence compatibility
  - Default PHB – (000) best effort
  - Assured forwarding (AF) PHB – (001, 010, 011, 100) guarantee bandwidth
    - Provides 4 queues for 4 classes of traffic (AF1-4)
    - Also specifies drop preference (ex., AF41, A13) where second number is preference (higher is more probable to be dropped)
    - Each queue must have (W)RED to avoid drops
    - No queue is any better than the other
    - Backward compatible with IP precedence
- - Expedited forwarding (EF) PHB – (101) low delay
    - Minimum delay
    - Bandwidth guarantee
    - Policing
Trust boundaries
- Establish DSCP values as close to the source as possible
  - On the device (IP phone), access switch, or distribution switch
  - The core should never assign DSCP values
- Only trust DSCP values from devices you trust
- Examine and rewrite values from untrust sources
Network-based Application Recognition (NBAR)
- Protocol discovery – discovers what protocols you’re running on your network
- Traffic statistics collection – keeps tracks of stats on each protocol
- Traffic classification – NBAR protocols can be used in class-maps to define traffic to be services
- Packet description language models (PDLMs) – table of what protocols NBAR recognizes
- Limitations
  - Doesn’t work on EtherChannel interfaces
  - Only handles 24 URLs, hosts, or MIME types
  - Only analyzes first 400 bytes of the packets
  - Requires CEF
  - Doesn’t work on HTTPS, multicasts, or fragments
  - Ignored traffic destined for the router itself
- NBAR commands
  - Router(config)# ip nbar pdlm pdlm-name : Update the PDLM table
  - Router(config)# ip nbar port-map protocol-name [tcp|udp] port-number : Adds an entry to the PDLM table
  - Router# show ip nbar port-map protocol-name : Shows what’s in the PDLM table
  - Router# show ip nbar protocol-discovery : Shows what’s been discovered
  - Router(config-cmap)# match protocol name : a class-map match for an NBAR-discovered protocol
- Special protocol matching
  - Can match beyond the port number with deep packet inspection
  - Matches HTTP hostname, URL, or MIME type
  - Matches fast-track P2P
  - Matches RTP content

Aaron Conaway

I like to lean my head to the left, hit it with the palm of my right hand, and document what knowledge falls out.

Website - More Posts

Aaron's Worthless Words » marking

ONT Notes – Queuing

Aaron Conaway

ONT Notes – Classification, Marking, and NBAR

Aaron Conaway