© 2006 Cisco Systems, Inc. All rights reserved. QOS Lecture 6- Classification and Marking.
-
Upload
wilfrid-harrison -
Category
Documents
-
view
215 -
download
0
Transcript of © 2006 Cisco Systems, Inc. All rights reserved. QOS Lecture 6- Classification and Marking.
© 2006 Cisco Systems, Inc. All rights reserved.
QOS
Lecture 6- Classification and Marking
© 2006 Cisco Systems, Inc. All rights reserved.
Classification Classification is the process of identifying and
categorizing traffic into classes, typically based upon:Incoming interface
IP precedence
DSCP
Source or destination address
Application
Without classification, all packets are treated the same.
Classification should take place as close to the source as possible.
© 2006 Cisco Systems, Inc. All rights reserved.
Marking Marking is the QoS feature component that “colors” a
packet (frame) so it can be identified and distinguished from other packets (frames) in QoS treatment.
Commonly used markers:Link layer:
CoS (ISL, 802.1p)
MPLS EXP bits
Frame Relay
Network layer:
DSCP
IP precedence
© 2006 Cisco Systems, Inc. All rights reserved.
Classification and Marking in the LAN with IEEE 802.1Q
IEEE 802.1p user priority field is also called CoS.
IEEE 802.1p supports up to eight CoSs.
IEEE 802.1p focuses on support for QoS over LANs and 802.1Q ports.
IEEE 802.1p is preserved through the LAN, not end to end.
© 2006 Cisco Systems, Inc. All rights reserved.
Classification and Marking in the Enterprise
© 2006 Cisco Systems, Inc. All rights reserved.
DiffServ Model Describes services associated with traffic classes,
rather than traffic flows.
Complex traffic classification and conditioning is performed at the network edge.
No per-flow state in the core.
The goal of the DiffServ model is scalability.
Interoperability with non-DiffServ-compliant nodes.
Incremental deployment.
© 2006 Cisco Systems, Inc. All rights reserved.
Classification ToolsIP Precedence and DiffServ Code Points
IPv4: three most significant bits of ToS byte are called IP Precedence (IPP)—other bits unused
DiffServ: six most significant bits of ToS byte are called DiffServ Code Point (DSCP)—remaining two bits used for flow control
DSCP is backward-compatible with IP precedence
7 6 5 4 3 2 1 0
ID Offset TTL Proto FCS IP SA IP DA DataLenVersion Length
ToSByte
DiffServ Code Point (DSCP) IP ECN
IPv4 Packet
IP Precedence UnusedStandard IPv4
DiffServ Extensions
© 2006 Cisco Systems, Inc. All rights reserved.
IP ToS Byte and DS Field Inside the IP Header
© 2006 Cisco Systems, Inc. All rights reserved.
IP Precedence and DSCP Compatibility
Compatibility with current IP precedence usage (RFC 1812)
Differentiates probability of timely forwarding:
(xyz000) >= (abc000) if xyz > abc
That is, if a packet has DSCP value of 011000, it has a greater probability of timely forwarding than a packet with DSCP value of 001000.
© 2006 Cisco Systems, Inc. All rights reserved.
Per-Hop Behaviors
DSCP selects PHB throughout the network:Default PHB (FIFO, tail drop)
Class-selector PHB (IP precedence)
EF PHB
AF PHB
© 2006 Cisco Systems, Inc. All rights reserved.
Standard PHB Groups
© 2006 Cisco Systems, Inc. All rights reserved.
Expedited Forwarding (EF) PHB
EF PHB:Ensures a minimum departure rate
Guarantees bandwidth—class guaranteed an amount of bandwidth with prioritized forwarding
Polices bandwidth—class not allowed to exceed the guaranteed amount (excess traffic is dropped)
DSCP value of 101110: Looks like IP precedence 5 to non-DiffServ-compliant devices:
Bits 5 to 7: 101 = 5 (same 3 bits are used for IP precedence)
Bits 3 and 4: 11 = No drop probability
Bit 2: Just 0
© 2006 Cisco Systems, Inc. All rights reserved.
Assured Forwarding (AF) PHB
AF PHB:Guarantees bandwidth
Allows access to extra bandwidth, if available
Four standard classes: AF1, AF2, AF3, and AF4
DSCP value range of aaadd0:aaa is a binary value of the class
dd is drop probability
© 2006 Cisco Systems, Inc. All rights reserved.
AF PHB Values
Each AF class uses three DSCP values.
Each AF class is independently forwarded with its guaranteed bandwidth.
Congestion avoidance is used within each class to prevent congestion within the class.
© 2006 Cisco Systems, Inc. All rights reserved.
Mapping CoS to Network Layer QoS
© 2006 Cisco Systems, Inc. All rights reserved.
QoS Service Class A QoS service class is a logical grouping of packets
that are to receive a similar level of applied quality.
A QoS service class can be:A single user (such as MAC address or IP address)
A department, customer (such as subnet or interface)
An application (such as port numbers or URL)
A network destination (such as tunnel interface or VPN)
© 2006 Cisco Systems, Inc. All rights reserved.
Implementing QoS Policy Using a QoS Service Class
© 2006 Cisco Systems, Inc. All rights reserved.
QoS Service Class Guidelines Profile applications to their basic network requirements.
Do not over engineer provisioning; use no more than four to five traffic classes for data traffic:
Voice applications: VoIP
Mission-critical applications: Oracle, SAP, SNA
Interactive applications: Telnet, TN3270
Bulk applications: FTP, TFTP
Best-effort applications: E-mail, web
Scavenger applications: Nonorganizational streaming and video applications (Kazaa, Yahoo)
Do not assign more than three applications to mission-critical or transactional classes.
Use proactive policies before reactive (policing) policies.
Seek executive endorsement of relative ranking of application priority prior to rolling out QoS policies for data.
© 2006 Cisco Systems, Inc. All rights reserved.
Classification and Marking DesignQoS Baseline Marking Recommendations
ApplicationL3 Classification
DSCPPHBIPP CoS
Transactional Data 18AF212 2
Call Signaling 24CS3*3 3
Streaming Video 32CS44 4
Video Conferencing 34AF414 4
Voice 46EF5 5
Network Management 16CS22 2
L2
Bulk Data 10AF111 1
Scavenger 8CS11 1
Routing 48CS66 6
Mission-Critical Data 26AF31*3 3
Best Effort 000 0
© 2006 Cisco Systems, Inc. All rights reserved.
How Many Classes of Service Do I Need?
4/5 Class Model
Scavenger
Critical Data
Call Signaling
Realtime
8 Class Model
Critical Data
Video
Call Signaling
Best Effort
Voice
Bulk Data
Network Control
Scavenger
11 Class Model
Network Management
Call Signaling
Streaming Video
Transactional Data
Interactive-Video
Voice
Best Effort
IP Routing
Mission-Critical Data
Scavenger
Bulk Data
Time
Best Effort
© 2006 Cisco Systems, Inc. All rights reserved.
Trust Boundaries: Classify Where?
For scalability, classification should be enabled as close to the edge as possible, depending on the capabilities of the device at:
Endpoint or end system
Access layer
Distribution layer
© 2006 Cisco Systems, Inc. All rights reserved.
Trust Boundaries: Mark Where?
For scalability, marking should be done as close to the source as possible.
© 2006 Cisco Systems, Inc. All rights reserved.
Network-Based Application Recognition
Used in conjunction with QoS class-based features, NBAR is an intelligent classification engine that:
Classifies modern client-server and web-based applicationsDiscovers what traffic is running on the networkAnalyzes application traffic patterns in real time
NBAR functions:Performs identification of applications and protocols (Layer 4–7)Performs protocol discoveryProvides traffic statistics
New applications are easily supported by loading a PDLM.
My application is too slow!
Sample Link Utilization
Citrix 25%Netshow 15%Fasttrack 10%FTP 30%HTTP 20%
© 2006 Cisco Systems, Inc. All rights reserved.
NBAR Functions & Features NBAR performs the following two functions:
Identification of applications and protocols (Layer 4 to Layer 7)
Protocol discovery
Some examples of class-based QoS features that can be used on traffic after the traffic is classified by NBAR include:
Class-Based Marking (the set command)
Class-Based Weighted Fair Queueing (the bandwidth and queue-limit commands)
Low Latency Queueing (the priority command)
Traffic Policing (the police command)
Traffic Shaping (the shape command)
© 2006 Cisco Systems, Inc. All rights reserved.
NBAR Application Support
NBAR can classify applications that use:Statically assigned TCP and UDP port numbers
Non-UDP and non-TCP IP protocols
Dynamically assigned TCP and UDP port numbers negotiated during connection establishment (requires stateful inspection)
Subport and deep packet inspection classification
© 2006 Cisco Systems, Inc. All rights reserved.
Packet Description Language Module
PDLMs allow NBAR to recognize new protocols matching text patterns in data packets without requiring a new Cisco IOS software image or a router reload.
An external PDLM can be loaded at run time to extend the NBAR list of recognized protocols.
PDLMs can also be used to enhance an existing protocol recognition capability.
PDLMs must be produced by Cisco engineers.
© 2006 Cisco Systems, Inc. All rights reserved.
PDLM Command Syntax
Used to enhance the list of protocols recognized by NBAR through a PDLM.
The filename is in the URL format (for example, flash://citrix.pdlm).
ip nbar pdlm pdlm-name
router(config)#
ip nbar port-map protocol-name [tcp | udp] port-number
router(config)#
Configures NBAR to search for a protocol or protocol name using a port number other than the well-known port.
Up to 16 additional port numbers can be specified.
© 2006 Cisco Systems, Inc. All rights reserved.
NBAR Protocol-to-Port Maps
Displays the current NBAR protocol-to-port mappings
router#show ip nbar port-map
port-map bgp udp 179port-map bgp tcp 179port-map cuseeme udp 7648 7649port-map cuseeme tcp 7648 7649port-map dhcp udp 67 68port-map dhcp tcp 67 68port-map dns udp 53port-map dns tcp 53
show ip nbar port-map [protocol-name]
router#
© 2006 Cisco Systems, Inc. All rights reserved.
NBAR Protocol Discovery Analyzes application traffic patterns in real time and
discovers which traffic is running on the network
Provides bidirectional, per-interface, and per-protocol statistics
Important monitoring tool supported by Cisco QoS management tools:
Generates real-time application statistics
Provides traffic distribution information at key network locations
© 2006 Cisco Systems, Inc. All rights reserved.
Configuring and Monitoring NBAR Protocol Discovery
Configures NBAR to discover traffic for all protocols known to NBAR on a particular interface
Requires that CEF be enabled before protocol discovery
Can be applied with or without a service policy enabled
ip nbar protocol-discovery
router(config-if)#
show ip nbar protocol-discovery
router#
Displays the statistics for all interfaces on which protocol discovery is enabled
© 2006 Cisco Systems, Inc. All rights reserved.
Configuring and Monitoring Protocol Discovery Output
router#show ip nbar protocol-discovery
Ethernet0/0 Input Output Protocol Packet Count Packet Count Byte Count Byte Count 5 minute bit rate (bps) 5 minute bit rate (bps) ---------- ------------------------ ------------------------ realaudio 2911 3040 1678304 198406 19000 1000 http 19624 13506 14050949 2017293 0 0<output omitted>
© 2006 Cisco Systems, Inc. All rights reserved.
Steps for Configuring NBAR for Static Protocols
Required steps:Enable NBAR Protocol Discovery.
Configure a traffic class.
Configure a traffic policy.
Attach the traffic policy to an interface.
Enable PDLM if needed.
© 2006 Cisco Systems, Inc. All rights reserved.
Configuring NBAR for Static Protocols Commands
Configures the match criteria for a class map on the basis of the specified protocol using the MQC configuration mode.
Static protocols are recognized based on the well-known destination port number.
A match not command can be used to specify a QoS policy value that is not used as a match criterion; in this case, all other values of that QoS policy become successful match criteria.
match protocol protocol
router(config-cmap)#
© 2006 Cisco Systems, Inc. All rights reserved.
Configuring NBAR Example
HTTP is a static protocol using a well-known port number 80. However, other port numbers may also be in use.
The ip nbar port-map command will inform the router that other ports are also used for HTTP.
© 2006 Cisco Systems, Inc. All rights reserved.
Steps for Configuring Stateful NBAR for Dynamic Protocols
Required steps:Configure a traffic class.
Configure a traffic policy.
Attach the traffic policy to an interface.
© 2006 Cisco Systems, Inc. All rights reserved.
Enhanced NBAR Classification for HTTP
Recognizes the HTTP GET packets containing the URL, and then matches all packets that are part of the HTTP GET request
Include only the portion of the URL following the address or host name in the match statement
match protocol http url url-string
router(config-cmap)#
match protocol http host hostname-string
router(config-cmap)#
Performs a regular expression match on the host field content inside an HTTP GET packet and classifies all packets from that host
© 2006 Cisco Systems, Inc. All rights reserved.
match protocol http mime MIME-type
router(config-cmap)#
match protocol fasttrack file-transferregular-expression
router(config-cmap)#
Special NBAR Configuration for HTTP and FastTrack
Matches a packet containing the MIME type and all subsequent packets until the next HTTP transaction for stateful protocol.
Stateful mechanism to identify a group of peer-to-peer file-sharing applications.
Applications that use FastTrack peer-to-peer protocol include Kazaa, Grokster, Gnutella, and Morpheus.
A Cisco IOS regular expression is used to identify specific FastTrack traffic.
To specify that all FastTrack traffic will be identified by the traffic class, use asterisk (*) as the regular expression.
© 2006 Cisco Systems, Inc. All rights reserved.
URL or HOST Specification String Options
Options Options DescriptionDescription * * Match any zero or more characters in this position.
? ? Match any one character in this position.
| | Match one of a choice of characters.
(|) (|) Match one of a choice of characters in a range. For example, xyz.(gif | jpg) matches either xyz.gif or xyz.jpg.
[ ] [ ] Match any character in the range specified, or one of the special characters. For example, [0-9] is all of the digits; [*] is the "*" character, and [[] is the "[" character.
© 2006 Cisco Systems, Inc. All rights reserved.
match protocol rtp [audio | video | payload-type payload-string]
router(config-cmap)#
Configuring Stateful NBAR for RTP
Identifies real-time audio and video traffic in the class-map mode of MQC
Differentiates on the basis of audio and video codecs
The match protocol rtp command has these options:
audio: Match by payload type values 0 to 23, reserved for audio traffic
video: Match by payload type values 24 to 33, reserved for video traffic
payload-type: Match by a specific payload type value; provides more granularity than the audio or video options
© 2006 Cisco Systems, Inc. All rights reserved.
Classification of RTP Session