Archive for the ‘QOS’ Category

PPP Virtual template and Frame-relay

Posted: August 30, 2006 by sankar in QOS, WAN

To configure a virtual template for MLP LFI on a frame-relay subinterface, you have to remove the DLCI configured under that subinterface first before reapplying it back with the ppp keyword.

int s0/0

no frame-relay interface-dlci 30

 frame-relay interface-dlci 30 ppp virtual-template 1

Apply any LLQ, IP settings, ppp configs under the virtual template interface.

* Remove ip address of serial subinterface interface

* Remove DLCI of subinterface.

* Its recommended to do this configuration on the remote site first.

int s0/0.9

no ip address

frame-relay interface-dlci 900 ppp virtual-template 1

int virtual-template 1

ip add 10.1.1.1 255.255.255.0

ppp multilink

ppp multilink interleave

ppp multilink fragment-delay 10 — milliseconds.

service-policy output VATS

Frame relay voice adaptive traffic shaping

Posted: August 19, 2006 by cciestudy in QOS, WAN

** You will need to disable frame relay traffic shaping at the main interface level for this to work **

Configure LLQ for voice 

policy-map BR2-HQ
class RTP
priority percent 33
class Sig
bandwidth percent 2
class class-default
fair-queue
Configure Voice activated FRTS:

policy-map VATS  ———–  Line rate is 768kbps, CIR is 384kbps. Use 95 % of CIR for shape average and shape adaptive.
class class-default
shape average 729600 3648 0 
shape adaptive 364800
shape fr-voice-adapt deactivation 50
service-policy BR2-HQ
Configure FRTS class-map and apply VATS policy to the class-map

map-class frame-relay BR2-HQ
frame-relay fragment 480  ——— configures end-to-end FRF.12 fragmentation based on CIR of 384kbps
service-policy output VATS

interface Serial0/0
no ip address
encapsulation frame-relay
no dce-terminal-timing-enable
frame-relay fragmentation voice-adaptive deactivation 50
!
interface Serial0/0.201 point-to-point
ip address 10.201.2.2 255.255.255.0
frame-relay interface-dlci 201
class BR2-HQ

QoS for CUE CCM Integration

Posted: July 20, 2006 by cciestudy in Cisco Unity Express, QOS

One of the current limitations is that the JTAPI (CTI-quick buffer encoding [QBE]) signaling packets are unmarked (TOS = 0) when the Cisco Unity Express AIM transmits them. In order to correct this, use an access control list (ACL) on the router that has the Cisco Unity Express AIM installed to mark and prioritize the traffic.

The JTAPI signaling from the Cisco CallManager is correctly marked with a differentiated services code point (DSCP) value of CS3.

The JTAPI signaling protocol uses TCP port 2748. Dedicate 20 kbps per Cisco Unity Express site for this traffic.

All Real-Time Protocol (RTP) audio traffic from the Cisco Unity Express AIM or the IP phone is correctly marked with a DSCP value of 0xEF.

This example shows a sample configuration for this on the router where a.b.c.d is the IP address of the Cisco Unity Express AIM:

access-list 101 permit tcp host a.b.c.d any eq 2748
!
class-map match-all cti-qbe
 match access-group 101
!
policy-map cti-qbe
 class cti-qbe
 set dscp af31
 bandwidth 20
!
interface Serial0/1
 service-policy output cti-qbe

CIR calculation

Posted: July 10, 2006 by sankar in QOS, WAN

WHen calculating cir and mincir for FRTS, use 95 % of the CIR value. If CIR = 256k, it should be used as 256000. Do not multiply 256 with 1024.

Frame-relay fragment

Posted: July 10, 2006 by sankar in Cisco General, QOS, WAN

Frame-relay fragment is typically not needed for link speeds above 768 kbps.

If CIR is 256k and link speed is 480kbps, frame-relay fragment should be based off of PVC CIR ie 256 K.

QOS Aggregate policer

Posted: June 22, 2006 by sankar in 6500, QOS

************* IGNORE THIS POST..this is still a big confusion****************** 

When applying a qos aggregate policer to traffic, you dont need to apply it on every line.

set qos acl ip TestACL dscp 26 tcp any eq 2000 any 

set qos acl ip TestACL dscp 26 aggregate Policer any

DSCP settings for H323 and MGCP gateways

Posted: May 28, 2006 by cciestudy in Analog, ATA186, Fax, QOS

The setting below applies to packets generated by teh router itself.

For H323 gateways

Default for signaling is af31 (26). Need to change this to cs3 (24).

dial-peer voice 1500 voip
ip qos dscp cs3 signaling 

For MGCP gateways

mgcp ip qos dscp cs3 signaling

TOS bit setting (SCCP)

Posted: May 26, 2006 by sankar in Analog, ATA186, QOS

Default value :0x000068b8

 0110 1000 1011 1000 (ignoring leading 0's)

 0-7 digits represents RTP payload. Maps to DSCP 46 or TOS 5 (leading 3 digits 011)

8 – 15 digits represents Voice signalling. Maps to DSCP 26 or TOS 3 (leading 3 digits are 101)

To change the voice signalling to DSCP 24 (according to CM 4.1 specs) the new value of TOS is

0x000060b8     (Change bit 11)

Qos for WAN

Posted: May 25, 2006 by sankar in QOS, WAN

Fair Queueing

fair-queue <congestive discard threshold>

fair-queue 128 <dynamic queues> <reservable queues>

after these many packets (128) in each queue, rest of packets are tail dropped

CBWFQ

class-map <name>
match access-group <number>
or
match ip dscp or match dscp
match ip precedence or match precedence
or
match input-interface
or
match protocol <protocol>

policy-map <name>
class <class1>
bandwidth <kbps> or
bandwidth percent <percent>

class <class2>
bandwidth <kbps>
queue-limit <number of packets> — defines number of packets that may be queued for this class

*** Upto 64 classes may be defined inside a policy map.
*** The total bandwidth allocated to all classes should add to 75%
*** 25% is used for routing and control traffic

This value can be changed using
ints0/0
max-reserved-bandwidth <value>

Random Early Detection

Enabling WRED instead of tail drop (which is the default)

policy-map <name>
class <class1>
bandwidth <kbps>
randmom-detect
random-detect exponential-weighting-constant <value>

The exp. weighting constant is used to find out the avg. length of queues.
The first random-detect command enables WRED for that class.

Configuring LLQ

class-map match-all VoiceB
match dscp ef
class-map match-all VoiceC
match dscp af31
class-map match-all Data
match access-group 101
!
!
policy-map CBWFQ
class VoiceB
priority percent 45
class Data
bandwidth percent 20
class VoiceC
bandwidth percent 10
class class-default
fair-queue 128
!
interface Serial0/0 .

encapsulation frame-relay

service-policy output CBWFQ — LLQ cannot be applied to sub interfaces

If you have sub interfaces use this template:
class-map match-all VoiceB
match dscp ef
class-map match-all VoiceC
match dscp af31
class-map match-all Data
match access-group 101
class-map match-all VoiceBearer
!
!
policy-map CBWFQ
class VoiceB
priority percent 45
class Data
bandwidth percent 20
class VoiceC
bandwidth percent 10
class class-default
fair-queue 128
map-class frame-relay LLQ
service-policy output CBWFQ

int s0/0
encapsulation frame-relay
frame-relay traffic-shaping
———– always enable shaping before applying map-class to subinterface
!

int s0/0.101
frame-relay interface-dlci 101
class LLQ

map-class frame-relay LLQ
service-policy output CBWFQ
frame-relay cir 120000
frame-relay mincir 60000

LLQ – Calculating Total bandwidth:
===========================

*** The bandwidth percent allocates bandwidth as a percentage of total bandwidth on link.

*** For a frame-relay PVC ,if minCIR is configured, total bandwidth = mincir
*** For a frame-relay PVC , if minCIR is not configured, total bandwidth = cir/2

*** Default CIR of 56000 bps is applied if no map-class is configured or a map-class with no cir/mincir settings r configured.
Ways to apply LLQ on a FR sub interface:
——————————————

a. Apply it on main interface and disable Traffic shaping and fair queue.

class-map match-all VoiceB
match dscp ef
class-map match-all VoiceC
match dscp af31
class-map match-all Data
match access-group 101
class-map match-all VoiceBearer
!
!
policy-map CBWFQ
class VoiceB
priority percent 45
class Data
bandwidth percent 20
class VoiceC
bandwidth percent 10
class class-default
fair-queue 128

int s0/0
no frame-relay traffic-shaping
no fair-queue
service-policy output CBWFQ
max-reserved-bandwidth 75 —- this is default. YOu may change this. This command is not supported with FR subinterfaces.

b. Apply on sub interface (point to point) using a map-class directly on the sub int. Enable TS on main interface.

class-map match-all VoiceB
match dscp ef
class-map match-all VoiceC
match dscp af31
class-map match-all Data
match access-group 101
class-map match-all VoiceBearer
!
!
policy-map CBWFQ
class VoiceB
priority percent 45
class Data
bandwidth percent 20
class VoiceC
bandwidth percent 10
class class-default
fair-queue 128
map-class frame-relay LLQ
service-policy output CBWFQ
frame-relay cir 120000
frame-relay mincir 60000

int s0/0
frame-relay traffic-shaping

int s0/0.1 p
frame-relay map-class LLQ
c. Apply at VC level (say point to point or PMP) using a map-class directly on the VC. Enable TS on main interface.

class-map match-all VoiceB
match dscp ef
class-map match-all VoiceC
match dscp af31
class-map match-all Data
match access-group 101
class-map match-all VoiceBearer
!
!
policy-map CBWFQ
class VoiceB
priority percent 45
class Data
bandwidth percent 20
class VoiceC
bandwidth percent 10
class class-default
fair-queue 128

map-class frame-relay LLQ
service-policy output CBWFQ
frame-relay cir 120000
frame-relay mincir 60000

int s0/0
frame-relay traffic-shaping

int s0/0.1 m
frame-relay interface-dlci 101
class LLQ
frame-relay interface-dlci 102
class LLQ

Configuring FRTS
——————–

CIR = Bc/Tc (set it to 95% of the actual link speed)

If the link speed is a full T1 (1,544,000), then set the CIR to 1466800

map-class frame-relay test
frame-relay cir 64000 — set to actual cir.
no frame-relay adaptive-shaping becn
frame-relay bc 1000 — keep this low so that Tc is low. (tc = 10ms)
frame-relay be 0

int s0/0
frame-relay traffic-shaping
int s0/0.1
frame-relay interface dlci
class test

Traffic shaping parameters for Voice

For data Bc = CIR / 8, tc – 125ms
For Voice Bc = CIR/100 tc – 10ms
map-class frame-relay FRTS_Site3
frame-relay cir 768000
frame-relay bc 7680
frame-relay be 0
frame-relay mincir 768000
frame-relay fragment 1000
frame-relay fair-queue
map-class frame-relay FRTS_Site2
frame-relay cir 256000
frame-relay bc 2560
frame-relay be 0
frame-relay mincir 256000
frame-relay fragment 320
frame-relay fair-queue

FRF 12 fragmentation:
====================

FRF12 fragments all packets above the specified size. Specify a size greater than voice packet).
Voice packets wont be fragmented. Long data packets get fragmented. Voice packets will be interleaved
between fragmented data packets…

Default fragment size – 53 bytes
g711 160 bytes (voice payload)
g729 20 bytes (voice payload)

Total size of IP header (IP/UDP/RTP) – (20/8/12)
Total g711 packet size = 160 + 40 = 200 bytes
Total g729 packet size = 20 + 40 = 60 bytes

Set frame-relay fragment > 200 bytes (say 220 bytes)

map-class frame-relay test
frame-relay fragment <bytes>

RTP header compression for frame interfaces:
——————————————-

int s0/0.1
frame-relay ip rtp header-compression
## all outgoing is compressed

frame-relay ip rtp header-compression passive
## all outgoing is compressed only if incoming is compressed. Dont give passive option on both ends.
frame-relay ip rtp header-compression iphc-format
## enables TCP headre and RTP header compression
ip rtp header-compression ietf-format

Calculating fragment size using serialization delay

56kbps 70
64 kbps 80 bytes
128 160
256 320
512 640
768 960

Qos template for NM-16ESW

Posted: May 25, 2006 by sankar in NM-16ESW, QOS

mls qos
### globally enables qos on NM-16ESW

mls qos map cos-map 0 8 16 26 32 46 48 56 —– this is default setting.
mls qos map cos-map 0 8 16 24 34 46 48 56 —– change voice signaling to 24 and video to 34

mls qos map dscp-cos
#### only 13 dscp values can be mapped to a cos value, this map is not needed for dscp values 26, 34 46 as they are mapped to cos values3, 4 and 5 respectively

int range fa 0 /1, 0/2
mls qos trust cos | dscp
switchport priority cos extend 0
### trusts the cos or dscp coming from phone
### zeros out the cos of PC port

mls qos cos <value>
### defines default cos value of port
mls qos cos override
### overrides last defined trust state of the port and applies default cos value of the port.
access-list 101 permit 172.16.1.0 0.0.0.255

class-map test
match access-group 101

policy-map tstpolicy
class test
police 256000 8000 exceed-action dscp 10 <—- There is no policed dscp map in ESW
police 256000 8000 conform-action <transmit> exceed-action { drop | dscp <value>}
or
police 256000 8000 conform-action {<set-dscp-transmit> <value> |<drop> } exceed-action {set-dscp-transmit value | drop}

int fa0/1
service policy input tstpolicy

QoS templates for 3550

Posted: May 25, 2006 by sankar in 6500, Cisco General, QOS

1. mls qos
### enables qos globally#######

2. mls qos cos-map 0 8 16 26 34 46 48 56
### maps cos values to dscp values properly######

3. For IP phones ports, apply the following commands

int range fa 0/1 , fa 0/2
#### ip phone ports

flowcontrol receive off ***** important command********
flowcontrol send off *********important command*******

4. Mapping voice bearer traffic in priority queue

int fa0/1

wrr-queue cos-map 4 5
priority-queue out
### if asked to put Voice bearer in priority queue

5. Mapping voice signalling traffic in queue 3

wrr-queue cos-map 3 3

6. Port configuration

interface fa0/1

mls qos trust cos
#### trusts packet cos
mls qos trust device cisco-phone
#### trusts cos only if a phone is attached

switchport priority extend cos 0

### zeros out PC cos values.

7. If asked to modify bandwidth and buffer settings for each queue (only then do the following)

For fastE ports:

mls qos min-reserve 5 170
mls qos min-reserve 6 130
mls qos min-reserve 7 51
mls qos min-reserve 8 34
#### defines min-reserve levels (upto 8 levels may be defined, default buffer size is 100 for all levels)####

int range fa 0 /1, fa 0/2

wrr-queue bandwidth 20 20 60 1
### priority queue doesnt need wrr bandwidth allocation
wrr-queue min-reserve 1 5
wrr-queue min-reserve 2 6
wrr-queue min-reserve 3 7
wrr-queue min-reserve 4 8
### maps min-reserve levels to queues#####

For GigE ports:

int range gi 0/1 , gi 0/2
wrr-queue queue-limit 60 20 20 1
#### defines more buffer space for low priority queue ####
wrr-queue bandwidth 20 20 60 1

8. DSCP maps (optional)

For gig ports there is a dscp map that maps dscp values to thresholds.
Each queue has two thresholds, and by default all dscp values are mapped to threshold 1.
If asked to set voice traffic (may be video) to threshold 2, use command.

wrr-queue dscp-map 2 26 34 46 (this is higher threshold in the queue)

9. Tail Drop or WRED (optional)

For gig ports default drop mechanism is tail drop. Here is how you may modify these thresholds:

wrr-queue threshold 1 80 100
wrr-queue threshold 2 80 100
wrr-queue threshold 3 80 100

### no need to define drop thresholds for queue 4 if its priority queue

To enable WRED and specify thresholds, use following commands:

wrr-queue random-detect max-threshold 1 80 100
wrr-queue random-detect max-threshold 2 80 100
wrr-queue random-detect max-threshold 3 80 100

### WRED and tail drop are mutually exclusive

10. Classification using ACLs.

To classify based on subnet, define standard or extended acl's.

access-list 101 permit ip any any dscp 24

class-map test
match access-group 101

11 .Defining Policer and Remarking traffic
mls qos map policed-dscp-map 26 46 to 0
#### remarks voice control and bearer traffic to dscp 0. (Defined in policer)

mls qos aggregate-policer TestPolicer 256000 8000 exceed-action policed-dscp-transmit
#### defines an aggregate policer with a rate of 256kbps, burst of 8000 bits and remarks dscp for voice and bearer traffic based on above policed-dscp map
class-map match-all Voice
match ip dscp af31 ef

policy-map Voice
class Voice
trust dscp
police aggregate TestPolicer
#### applies aggregate policer to the class.
You cannot define same policer across multiple policy-maps.

int range fa 0/1 , fa0/2
service policy input Voice

Example configs:

1. To define a class-map that remarks traffic:
——————————————
class-map match-all VoiceControl
match ip dscp af31
class-map match-all VoiceBearer
match ip dscp ef

policy-map Voice
class VoiceControl
trust dscp
set ip dscp 40
class VoiceBearer
trust dscp
set ip dscp 24
int range fa 0/1 , fa0/2
service policy input Voice

2 . To perform per-vlan, per-port classification, marking, policing. (may be required on gateway ports which may be a trunk port)
—————————————————————
class-map match-all Voice
match ip dscp af31 ef

class-map match-all VoiceVLAN
match vlan 100 ————– defines which vlan you want to match
match class-map Voice ——- defines all traffic on voice vlan with dscp af31 or ef.
policy-map Voice
class VoiceVLAN
trust dscp
police aggregate TestPolicer

#### applies aggregate policer to vlan 100
You cannot define same policer across multiple policy-maps.

int range fa 0/3
Decription Gateway port
service policy input Voice

3. To perform individual policing on each class:
———————————————-

mls qos map policed-dscp-map 26 46 to 0

class-map match-all Voice
match ip dscp af31 ef

policy-map Voice
class Voice
trust dscp
police 256000 8000 exceed-action policed-dscp-transmit
####This is a individual policer

int range fa 0/1 , fa0/2
service policy input Voice

3550 switch port basics

Posted: May 25, 2006 by sankar in 3550, QOS
  1. Has 4 egress queues
  2. qos acl;s in 3550 uses standard or extended acls
  3. An ace with permit action is processed
  4. An ace with deny action is skipped and goes to next entry.
  5. After no match is found parsing through entire acl, best effort algorithm is used.

Sample QOS template for 6500

Posted: May 24, 2006 by sankar in 6500, QOS

set qos enable

set qos map 2q2t tx 2 1 cos 3 ### maps cos 3 packets to queue 2 threshold 1

set port qos 3/1-2 trust trust-cos

set port qos 3/1-2 trust-ext untrusted

### maps signalling to dscp24, rtp to dscp 46, video to dscp 34.
set qos cos-dscp-map 0 8 16 24 34 46 48 56


#Phones — acl defined at the phone port level to trust cos value coming from phones.
set qos acl ip Phones trust-cos ip any any

commit qos acl all

set qos acl map Phones 3/1-2

#CCM — ACL defined for applying qos to CCM port.
#Marks all control signals to dscp 24, rtp payload to dscp 46.


set qos acl ip CCM dscp 24 tcp any range 2000 2002 any
set qos acl ip CCM dscp 24 tcp any any eq 1718
set qos acl ip CCM dscp 24 tcp any any eq 1720
set qos acl ip CCM dscp 24 udp any eq 1719 any
set qos acl ip CCM dscp 46 udp any any range 16384 32767
set qos acl ip CCM dscp 24 tcp any any range 11000 11999
set qos acl ip CCM dscp 24 tcp any any range 1024 4999
set qos acl ip CCM dscp 24 tcp any any eq 1433
set qos acl ip CCM dscp 24 tcp any any eq 3372
set qos acl ip CCM dscp 24 udp any eq 69 any
set qos acl ip CCM dscp 24 tcp any any range 8002 8003
set qos acl ip CCM dscp 24 tcp any eq 2443 any
set qos acl ip CCM dscp 24 tcp any any eq 5060
set qos acl ip CCM dscp 24 udp any any eq 5060
set qos acl ip CCM dscp 24 tcp any any eq 4224
#To apply a policer to the Voice vlan and mark traffic down (both bearer and control)

#Pol

set qos policer aggregate Police rate 32000 burst 13000 policed-dscp
set qos acl ip Pol trust-dscp aggregate Police tcp any range 2000 2002 any
set qos acl ip Pol trust-dscp aggregate Police tcp any any eq 1718
set qos acl ip Pol trust-dscp aggregate Police tcp any any eq 1720
set qos acl ip Pol trust-dscp aggregate Police udp any eq 1719 any
set qos acl ip Pol trust-dscp aggregate Police udp any any range 16384 32767
set qos acl ip Pol trust-dscp aggregate Police tcp any any range 11000 11999
set qos acl ip Pol trust-dscp aggregate Police tcp any any range 1024 4999
set qos acl ip Pol trust-dscp aggregate Police tcp any any eq 1433
set qos acl ip Pol trust-dscp aggregate Police tcp any any eq 3372
set qos acl ip Pol trust-dscp aggregate Police udp any eq 69 any
set qos acl ip Pol trust-dscp aggregate Police tcp any any range 8002 8003
set qos acl ip Pol trust-dscp aggregate Police tcp any eq 2443 any
set qos acl ip Pol trust-dscp aggregate Police tcp any any eq 5060
set qos acl ip Pol trust-dscp aggregate Police udp any any eq 5060

set qos policed-dscp-map 24,46:0

#To mark Unity packets appropriately

#Unity
set qos acl ip Unity dscp 24 tcp any eq 2000 any
set qos acl ip Unity dscp 46 udp any any range 16384 32767

#To mark Gateway ports appropriately (H323)

#Gtway
set qos acl ip Gtway dscp 46 udp any any range 16384 32767
set qos acl ip Gtway dscp 24 tcp any any eq 1720
set qos acl ip Gtway dscp 24 tcp any any range 11000 11999
set qos acl ip Gtway dscp 24 tcp any any range 1024 4999

#To mark Gateway ports appropriately (MGCP)

set qos acl ip Gtway dscp 24 tcp any any eq 2428
set qos acl ip Gtway dscp 24 udp any any eq 2427
set qos acl ip Gtway dscp 46 udp any any range 16384 32767

#To mark Gatekeeper ports appropriately

set qos acl ip GK dscp 24 tcp any eq 1718 any
set qos acl ip GK dscp 24 udp any any eq 1719
set qos acl ip GK dscp 24 udp any eq 1719 any

Applying ACL at port or vlan level

commit qos acl all
set port qos 3/1-10 port-based

set qos acl map Phones 3/1-2 ### applying acl at port on phones

set qos acl map CCM 3/3-4 ### applying acl at port level on Callmanager Pub and Sub

set qos acl map Pol 21,421 ### applying Policer on Voice vlan

set qos acl map Unity 3/5 #### applying acl at port level on Unity

set qos acl map Gtway 3/6 ### applying acl at port level on Gateway

set qos acl map GK 3/7 #### applying acl at port level on gatekeeper.

QOS maps in 6500

Posted: May 24, 2006 by sankar in 6500, QOS

COS-to-DSCP maps:
set qos cos-dscp-map d1 d2 d3 d4 d5 d6 d7 d8
                  

dscp

0 8 16 24 34 46 48 56
cos 0 1 2 3 4 5 6 7

IPPrec-to-DSCP maps:

set qos ipprec-dscp-map d1 d2 d3 d4 d5 d6 d7 d8

DSCP

0 8 16 24 34 46 48 56
TOS 0 1 2 3 4 5 6 7

policed-dscp-map

set qos policed-dscp-map normal-rate 0-5:3
set qos policed-dscp-map excess-rate 0,1:3
set qos policed-dscp-amp 0,1:3

QOS template for 6500 – Egress

Posted: May 24, 2006 by sankar in 6500, Cisco General, QOS

Mapping packets to a particular queue / threshold

set qos map 2q2t tx 2 1 cos 3 (mandatory)

Optional commands:

set qos wrr 2q2t 5 255 (optional)

The values are absolute based on a scale of 255. To get the values in percent, you need to multiply it by 2.5.10% means 25 and 20% means 50 and so forth.

set qos drop-threshold 2q2t tx queue 1 80 100

OR

set qos wred 1p2q2t tx queue 1 80 100 (both optional)

set qos drop-threshold 2q2t tx queue 2 80 100

OR

set qos wred 1p2q2t tx queue 2 80 100 (both optional)

set qos txq-ratio 2q2t 80 20 (optional)

QOS template for 6500 – Ingress

Posted: May 24, 2006 by sankar in 6500, QOS

Globally enable QOS

set qos enable

Port commands (Mandatory)

set port qos <mod/port> vlan-based | port-based (mandatory)
set port qos <mod/port> trust {trust-dscp|trust-cos|trust-ipprec|untrusted} (mandatory)
SET port qos <mod/port> trust-ext untrusted | trust-cos (mandatory)
### instructs phones to not trust cos coming from PC or to trust the cos.

Port commands (optional)

set port qos <mod/port> cos-ext <value> (0 through 7) —- resets cos to specified value. (optional)
set port qos <mod/port> cos <value> (optional)
set port qos <mod/port> trust-device cisco-ipphone (optional)
set qos rxq-ratio 1q4t 80 20 (optional)
### works only for 1p1q type receive queues (6548, 6748)

Policing

set qos policer aggregate <nameofpolicer> rate <rate> burst <burst> {drop|policed-dscp}
############ used in PFC or PFC2

set qos policer agggreate <nameofpolicer> rate <rate> {policed-dscp-map} erate <erate> {drop|policed-dscp-map} burst <burst> eburst <eburst>
########### used in PFC2 or PFC3.


set qos policed-dscp-map {in-profile-dscp : dscp-mark-down}

##This is used with aggregate policer defined in section 1 (specify one rate and one burst)

set qos policed-dscp-map normal-rate {in-profile-dscp|dscp-mark-down}

##Used with aggregate policer defined in section 2 (specify, rate and erate, burst and eburst)

set qos policed-dscp-map excess-rate {in-profile-dscp|dscp-mark-down}

##Used with aggregate policer defined in section 2 (specify, rate and erate, burst and eburst)


burst = rate /4000 + 12kbps.
Commands needed for Microflow policing
—————————————
set qos bridged-microflow-policing enable <vlan no>
### Only for MSFC2

set qos policer microflow <nameofpolicer> rate <rate> burst <burst> {drop|policed-dscp}

QOS ACLs

set qos acl ip <acl_name> {dscp|trust-dscp|trust-ipprec|trust-cos} {microflow <mflowpolicer>|aggregate <agg policer>} {ip|tcp|udp} <src address> <mask> <port> <dst address> <mask> <port> {precedecne <prec> | dscp-field <dscp>} {before <editbuffer>|modify <editbuffer>}
commit qos acl <acl_name>
set qos acl map <acl_name> <mod/port>

rollback qos acl map <acl_name>

clear qos acl map <acl_name>

Intracluster ports:

SQL TCP 1433, 3372
SMB TCP 445
ICCS – TCP 8002, 8003

Windows common ports:

DHCP (if running) – UDP 67,68
TFTP – UDP 69

Signalling ports:

skinny TCP 2000, (from phone to CCM)
secure skinny TCP 2443 (from phone to ccm)
tftp -udp 69 and ephemeral ports
capf – tcp 3804 (phone to capf/ccm)
RTP – udp 16384 – 32768 (CM uses only 24576 – 32767)
VTAdvantage (TCP 4224) – PC to the phone

Callmanager to gateway

tcp port 11000 – 11999
tcp port 1024 – 4999
tcp port 1720 bothways (h225)

tcp port 2000 (skinny gateway to ccm)
udp 2427/ tcp 2428 (mgcp gateway control/backhaul)
tcp and udp port 5060 (SIP gtway and ICT)
udp port 16384-32767 – RTP between the gtwy and cm

Callmanager to gatekeeper

tcp port 1718 (ccm to gk)
udp port 1719 (gk to ccm)
Callmanager to gateway (for encryption)

ESP – 50 (ESP protocol itself)
IKE – 500 UDP

Callmanager to Secure SRST router  

SRST Certificate Provider Port: 2445 

QoS – 6500 – Egrees port setup

Posted: May 10, 2006 by cciestudy in QOS

1. Enable QoS globally

> set qos enable

2. Mapping CoS to Queue/Threshold

> set qos map <queue type> tx <queue#> <threshold#> cos <values>

> set qos map 2q2t tx 1 1 cos 0 1
> set qos map 2q2t tx 1 2 cos 2 3

3. Setting Tail drop or WRED

> set qos drop-threshold <queue-type> tx queue <queue#> <threshold1> <threshold2>

> set qos drop-threshold 2q2t tx queue 1 80 100

> set qos wred 1p2q2t tx queue 1 50 90

4. Setting WRR scheduling

> set qos wrr <queue type> <queue1> <queue2>

> set qos wrr 2q2t 10 255

This defines the number of bytes emptied from queue 1 before moving to queue 2

If you want to empty equal amount of bytes from both queues, configure 255, 255.

5. Setting the TX-Queue ratio

This defines the number of bytes allocated to each queue

> set qos txq-ratio <queue-type> <queue1> <queue2>

> set qos txq-ratio 2q2t 80 20

Queues are always numbered to start with the lowest possible priority queue and end with the strict priority queue that is available. Here is an example:

  • Queue 1 is the low-priority WRR queue
  • Queue 2 is the high-priority WRR queue
  • Queue 3 is the strict priority queue

http://www.cisco.com/en/US/partner/products/hw/switches/ps700/products_tech_note09186a00801091a5.shtml

6500 Linecards, queues and thresholds

Posted: May 9, 2006 by sankar in QOS

Egress Scheduling

Posted: May 9, 2006 by sankar in QOS

Depending on the switch model or linecard (in case of 6500), different types of queueing may be supported.

a. WRR (Weighted Round Robin) – WRR uses round robin scheduling for sending packets out of a queue. Some linecards do support strict priority queueing. If there is a strict priority queue, all WRR queueing stops and the priority queue is serviced first. When priority queue is empty, it will go back to WRR for the rest of the queues.

b. DWRR – DWRR is much like WRR, but it keeps track of how much bandwidth each queue is using. If queue 2 was allowed to transfer only 3000 bytes and a packet with 1500 bytes, 500 byte and another 1500 byte is already stored in the queue. If the port was configured for WRR, it would have sent 3500 bytes while servicing the queue. An extra 500 bytes would have been sent. DWRR tracks how many extra bytes were sent during each time it services the queue and in the next run, it subtracts that 500 bytes from queue 2. Next time, queue2 will only be able to send 2500 bytes.

c. SRR – SRR stands for Shaped Round Robin. It enables shaping per queue to reduce the rate at which packets are sent out. It has the same effect as Policing, but doesnt do packet drops unlike Policing does. It buffers packets and send them out at a reduced rate.

WRED uses random dropping of packets. When threshold 1 is reached (say 25% of queue) packets with Cos 0 and 1 are randomly dropped. When threshold 2 is reached (say 50% of queue), packets with CoS 0,1,2,3 are randomly dropped. At this point packets with Cos 0,1 are more aggresively dropped than packets with Cos 2,3.

With Tail drop, assume a queue has 4 thresholds. (10% 25% 50% and 80%). Referring to the picture, if the queue is 10% full, packets with Cos 0 and 1 are dropped. When it is 25% full, packets with Cos 0,1,2,3 are dropped. and so on.

The map above indicates a Cos-to-DSCP or Precedence-to-DSCP map. Why do we need a map? Because Catalyst switches uses an internal DSCP to tag all packets when they are inside the switch. This internal DSCP is generated based on

a. trust setting on the ingress port

b. the appropriate map defined by the administrator in the switch (Cos to DSCP or Cos to precedence).

When to use which map? 

a. If you trust Cos at the ingress port, use Cos-to-DSCP map to generate internal DSCP

b. If you trust Precedence at the ingress port, use Precedence-to-DSCP map to generate internal DSCP

c. If you trust DSCP at the ingress port, the DSCP is used as such to generate internal DSCP.

d. A user defined (or default) DSCP-to-COS map is used to generate the COS value which is set on the Egress port. 

( The DSCP-to-COS map helps only in setting the COS value of frame on the outbound port.)

DSCP-to-DSCP Mutation maps

 

DSCP-to-DSCP mutation map may be used in situations where DSCP is widely used for QOS in all your network devices. If a phone sets DSCP to 46 (Cos 5 or precedence 5)and if you trust COS or IP precedence at the ingress port, the internal DSCP changes to 40. (as per the first picture). To map this value back to 46 before the packet goes out, use the DSCP mutation map.

Or the easy way to set DSCP back to 46 from ingress to egress is,

a. Set ingress trust to Cos or Precedence

b. Use Cos-to-DSCP or Prec-to-DSCP maps to set the internal DSCP as 46 (instead of 40).

c. Do nothing at egress port, the egress DSCP will be set to 46 automatically

Mapping a packet to queue or threshold

Posted: May 9, 2006 by sankar in QOS

Switch Port trust settings.

Posted: May 9, 2006 by sankar in QOS

You may configure the switchport to Untrust. This will set all COS/TOS values to 0.

If you set the port to Trust DSCP/Trust COS/Trust Prec, the COS/TOS values are maintained.

 

QOS processing model

Posted: May 9, 2006 by sankar in QOS

QOS includes Ingress and Egress QOS

Ingress QOS – Queueing, Classification, Congestion Avoidance, Policing, Rewriting

Egress QOS – Rewriting, Queueing, Congestion Avoidance, Scheduling

COS /TOS/DSCP

Posted: May 9, 2006 by sankar in QOS