Taller Redes Emergentes

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential

Session ID

Presentation_ID 1

Características y evolución de las redes LAN y WAN para ofrecer servicios de Comunicación Unificada


Session ID

Presentation_ID 2

Buenos Días a todos…!

Systems EngineerPublic Sector

[email protected]


Session ID

Presentation_ID 3

MediaResources

UC Processing

AgentsGateway/

SurvivableRemote

PSTN/IPGateway

UCEndpoints

CommsEndpoints

PSTN

UC Infrastructure

Network InfrastructureWAN

AggregationRouter

BranchRouter

Distribution/

Core SwitchCampus

Branch

IP WAN

AccessSwitch

AccessSwitch

The Elements of Unified Communications

SiSi

Conf

Xcode

SiSi

MTP

ApplicationsVoice Mail/

Unified Messaging

Web /Audio/Video

Conferencing

XML Phone

Services

LDAPDirectory

GK


Session ID

Presentation_ID 4

Network Infrastructure Agenda

Building a Campus Network

QoS in the Campus

QoS in the WAN

Qos in the Wireless LANs


Session ID

Presentation_ID 5

Systems Architecture

Bay Bridge:

Original cost in 1936: $1.1 billion (adjusted for today’s $)

Estimated cost to expand: $6.2 billion… and climbing

Golden Gate Bridge:

Original cost to in 1937: $446 million (adjusted for today’s $)

A Poorly Planned Architecture A Well Planned Architecture


Session ID

Presentation_ID 6

SiSi SiSi

SiSiSiSi

SiSi SiSi

Building a Campus Network Hierarchical Network Design

Building Block

Without a Rock Solid Foundation the Rest Doesn’t Matter

Access

Distribution

Core

Distribution

Access• Offers hierarchy – each layer has specific

role

• Modular topology - building blocks

• Easy to grow, understand, and troubleshoot

• Creates small fault domains – Clear demarcations and isolation

• Promotes load balancing and redundancy

• Promotes deterministic traffic patterns

• Incorporates balance of both Layer 2 and Layer 3 technology, leveraging the strength of both

• Utilizes Layer 3 Routing for load balancing, fast convergence, scalability, and control

• Sub second convergence possible


Session ID

Presentation_ID 7

Building a Campus Network—The Access Layer

Aggregates network end-points

Layer 2/Layer 3 feature rich environment; convergence, HA, security, QoS, IP multicast, etc

Intelligent network services: QoS, trust boundary, broadcast suppression, IGMP snooping

Intelligent network services: Rapid PVST+, EIGRP, OSPF, DTP, PAgP, UDLD, etc.

Catalyst® integrated security features 802.1x, Port security, DHCP snooping, Dynamic ARP Insp, IP Source Guard, etc.

Automatic phone discovery, conditional trust boundary, Power Over Ethernet, auxiliary VLAN, etc.

Spanning tree toolkit: Portfast, UplinkFast, BackboneFast, LoopGuard, BPDUGuard, BPDUFilter, RootGuard, etc.

To Core

SiSi SiSi

VLANS do not span access switches

Feature Rich Environment—Not Just About Connectivity

Access

Distribution


Session ID

Presentation_ID 8

Campus Network—Access Layer

During initial CDP exchange phone is configured with a Voice VLAN ID (VVID)

Phone also supplied with QoS configuration via CDP TLV fields

Quality—Separation of broadcast domains i.e. phones and PCs are on separate subnets

Security—Different network policies for different subnets; WORM attacks can be contained to the PC VLANs.

PC VLAN = 10

(PVID)

Phone VLAN = 110

(VVID)

802.1Q encapsulation with 802.1p Layer 2

CoS

Voice and Data VLANs

Native VLAN (PVID) No Configuration Changes

Needed on PC


Session ID

Presentation_ID 9

Building a Campus Network—The Distribution Layer

Availability, load balancing, QoS and provisioning are the important considerations at this layer

Aggregates wiring closets (access layer) and uplinks to core

Use Layer 3 switching in the distribution layer

Protects core from high density peering and problems in access layer

EIGRP/ OSPF - Route summarization, passive interfaces to access layer, sub second convergence possible with timer adjustment, redundant path load sharing

HSRP or GLBP to provide first hop redundancy, sub second convergence possible with timer adjustment

Spanning tree features ( Only if needed ):

Setting STP Root, Root Guard, Rapid PVST+—Per VLAN 802.1w

SiSiSiSi SiSi SiSi

Access

Distribution

Policy, Convergence, QoS, and High Availability


Session ID

Presentation_ID 10

Building a Campus Network—The Core Layer

Backbone for the network—connects network building blocks

Performance and stability vs. complexity—less is more in the core

Aggregation point for distribution layer

Tune routing protocol timers for sub second convergence

Separate core layer helps in scalability during future growth

Use hardware accelerated services only to maintain performance

Access

Distribution

Core

Scalability, High Availability, and Fast Convergence


Session ID

Presentation_ID 11

Campus Design Best PracticesFirst Hop Redundancy

Used to provide a resilient default gateway/first hop address to end stations

HSRP, VRRP, and GLBP alternatives

VRRP, HSRP and GLBPprovide millisecond timersand excellent sub second convergence performance

VRRP if you need multi-vendor interoperability

GLBP facilitates uplink load balancing

Preempt timers need tobe tuned to avoid black-holed traffic

Data CenterWAN Internet

Layer 3 Equal

Cost Link’sLayer 3 Equal

Cost Link’s

SiSi SiSi SiSi SiSi SiSi SiSi

SiSiSiSi

SiSiSiSi

SiSi SiSiSiSiSiSi

1st Hop Redundancy


Session ID

Presentation_ID 12

Campus Design—Routed Access Layer

Tune CEF load balancing

Match CatOS/IOS Ether-channel settings and tune load balancing

Summarize routes towards core

Filter routes towards the access

Disable Ether-channel unless needed

―Set port host‖ on access layer ports:

Disable Trunking

Disable Etherchannel

Enable PortFast

RootGuard or BPDU-Guard

Use security features

VLAN 120 Voice10.1.120.0/24

P-t-P Link

Layer 3

VLAN 20 Data10.1.20.0/24

VLAN 140 Voice10.1.140.0/24

VLAN 40 Data10.1.40.0/24

SiSi SiSi

SiSi SiSi

Access

Distribution

Core


Session ID

Presentation_ID 13

Building a Campus NetworkSummary

Access layer

Rapid Per-VLAN spanning-tree ( PSVT +)

Rootguard

Portfast

UplinkFast

Layer 3 to the edge ?

Distribution Layer

HSRP/GLBP with load balancing

OSPF/EIGRP configured for fast convergence

Core Layer

OSPF/EIGRP configured for fast convergence WAN Internet PSTN

Server Farm

DistributionLayer 3

CoreLayer 3

AccessLayer 2

DistributionLayer 3

AccessLayer 2

http://www.cisco.com/en/US/netsol/ns656/networking_solutions_design_guidances_list.html#anchor2


Session ID

Presentation_ID 14



QoS in the Campus

QoS in the WAN

QoS in the Wireless LANs


Session ID

Presentation_ID 15

Enabling QoS in the CampusTraffic Profiles and Requirements

Latency ≤ 150 ms

Jitter ≤ 30 ms

Loss ≤ 1%

One-Way Requirements

Smooth

Benign

Drop sensitive

Delay sensitive

UDP priority

Voice

Bandwidth per CallDepends on Codec,Sampling-Rate, and Layer 2 Media

Bursty

Greedy

Drop sensitive

Delay sensitive

UDP priority

Video-Conf

Latency ≤ 150 ms

Jitter ≤ 30 ms

Loss ≤ 1%

One-Way Requirements

IP/VC has the SameRequirements as VoIP, but Has Radically Different Traffic Patterns (BW Varies Greatly)

Smooth/bursty

Benign/greedy

Drop insensitive

Delay insensitive

TCP retransmits

Data

Data Classes:

Mission-Critical Apps

Transactional/Interactive Apps

Bulk Data Apps

Best Effort Apps (Default)

Traffic patterns for Data Vary Among Applications


Session ID

Presentation_ID 16

Why QoS in the Campus Protect the Good and Punish the Bad

QoS does more than just protect Voice and Video

For "best-effort" traffic an implied "good faith" commitment that there are at least some network resources available is assumed

Need to identify and potentially punish out of profile traffic (potential worms, DDOS, etc.)

Scavenger class is an Internet-2 Draft Specification => CS1/CoS1

Access Distribution Core

Voice Voice

Data Data

Scavenger Scavenger


Session ID

Presentation_ID 17

Type Data FCSPTTAG

4 Bytes

802.1Q/pHeader

PRI VLAN IDCFI

Enabling QoS in the Campus Layer 2 Classification: 802.1p, CoS

802.1p user priority field also called Class of Service (CoS)

Different types of traffic are assigned different CoS values

CoS six and seven are reserved for network use

Three Bits Used for CoS(802.1p User Priority)

SADASFDPream.

Ethernet Frame

1

2

3

4

5

6

7

0 Best Effort Data

Medium Priority Data

High Priority Data

Call Signaling

Video Conferencing*

Voice Bearer

Reserved

Reserved

CoS Application

* Including Audio and Video


Session ID

Presentation_ID 18

Enabling QoS in the Campus Layer 3 Classification: IP Precedence, DSCP

IPv4: three most significant bits of ToS byte are called IP precedence—other bits unused by IP precedence

DiffServ: six most significant bits of ToS byte are called Diff Serv Code Point (DSCP)—remaining two bits used for flow control

DSCP is backward-compatible with IP precedence

DSCP values correspond to Per Hop Behavior (PHB) designations

RFC 2474 provides more information on DSCP; also, see appendix in this presentation

IPv4 Packet

Standard IPv4

DiffServ Extensions

7 6 5 4 3 2 1 0

ID Offset TTL Proto FCS IP SA IP DA DataLenVersionLength

ToSByte

DiffServ Code Point (DSCP) Flow Ctrl

UnusedIP Precedence


Session ID

Presentation_ID 19

IP Precedence and DSCP Compatibility

Compatibility with current IP precedence usage (RFC 1812)

Differentiates probability of timely forwarding:(xyz000) >= (abc000) if xyz > abc(that is, if a packet has DSCP value of 011000, it has a greater probability of timely forwarding than a packet with DSCP value of 001000)


Session ID

Presentation_ID 20

Per-Hop Behaviors

DSCP selects PHB throughout the network:

Default PHB (FIFO, tail drop)

EF PHB

AF PHB

Class-selector PHB (IP precedence)


Session ID

Presentation_ID 21

EF PHB

EF PHB:

Ensures a minimum departure rate

Guarantees bandwidth—class guaranteed an amount of bandwidth with prioritized forwarding

Polices bandwidth—class not allowed to exceed the guaranteed amount (excess traffic is dropped)

DSCP value of 101110: Looks like IP precedence 5 to non-DiffServ-compliant devices:

Bits 5 to 7: 101 = 5 (same 3 bits are used for IP precedence)

Bits 3 and 4: 11 = No drop probability

Bit 2: Just 0


Session ID

Presentation_ID 22

AF PHB

AF PHB:

Guarantees bandwidth

Allows access to extra bandwidth, if available

Four standard classes: AF1, AF2, AF3, and AF4

DSCP value range of aaadd0:

aaa is a binary value of the class

dd is drop probability


Session ID

Presentation_ID 23

AF PHB (Cont.)

Each AF class uses three DSCP values.

Each AF class is independently forwarded with its guaranteed bandwidth.

Congestion avoidance is used within each class to prevent congestion within the class.


Session ID

Presentation_ID 24

AF PHB (Cont.)

Each AF class uses three DSCP values.

Each AF class is independently forwarded with its guaranteed bandwidth.

Congestion avoidance is used within each class to prevent congestion within the class.


Session ID

Presentation_ID 25

DSCP Summary


Session ID

Presentation_ID 26

Enabling QoS in the Campus

ApplicationL3 Classification

DSCPPHBIPP CoS

Transactional Data 18AF212 2

Call Signaling 24CS3*3 3

Streaming Video 32CS44 4

Video Conferencing 34AF414 4

Voice 46EF5 5

Network Management 16CS22 2

L2

Bulk Data 10AF111 1

Scavenger 8CS11 1

Best Effort 000 0

Routing 48CS66 6

Mission-Critical Data 26AF31*3 3

Classification and Marking Cisco Marking Recommendations


Session ID

Presentation_ID 27

SiSi SiSi

SiSiSiSi

Access

Distribution

Core

Enabling QoS in the Campus Congestion Scenario: TCP Traffic Burst + VoIP

Typical 20:1

Data Over-

Subscription

Typical 4:1

Data Over-

Subscription

= Data

= Voice

Instantaneous

Interface

Congestion


Session ID

Presentation_ID 28

Enabling QoS in the Campus Congestion Scenario: Data + VoIP

P0

P1P2

Voice

Max. 80 Kbps

PC

AccessSwitch

IP PhoneEnclosure

Integrated

3-Port Switch

Phone

Data

Max. 100 Mbps

During Data Traffic Bursts, Buffers Can Become Congested, Causing Voice Packets to Be Dropped

P

Potential

Congestion Points


Session ID

Presentation_ID 29

Enabling QoS in the Campus Scheduling in IP Phones

Voice media traffic is marked with CoS 5/ DSCP EF (high priority)

Data traffic from the PC is remarked with CoS 0 (low priority) by the IP phone switch; this occurs if PC tags frames as 802.1p/Q; phone switch transparent if PC frames untagged

P0P1

Priority Q

Data Qs

P2

Voice

CoS = 5CoS = 5

DataCoS = 0

P1 Untrusted:

Phone Switch

Rewrites CoS = 0

PC

Access

Switch

IP Phone Enclosure

Phone

P

P Trusted:

Switch Accepts

incoming CoS


Session ID

Presentation_ID 30

Campus QoS ConsiderationsEstablishing Trust Boundaries

1 Optimal Trust Boundary: Trusted Endpoint

A device is trusted if it correctly classifies packets

3 Suboptimal Trust Boundary

Only use if access switch cannot perform classification

2 Optimal Trust Boundary: Untrusted Endpoint

SiSi

Endpoints Access Distribution Core WAN Aggregators

Trust Boundary

1

2

3

SiSiSiSiSiSi SiSiSiSiSiSi

SiSiSiSiSiSi

For scalability, classification should be done as close to the edge as possible

The outermost trusted devices represent the trust boundary


Session ID

Presentation_ID 31



QoS in the Campus

QoS in the WAN



Session ID

Presentation_ID 32

Enabling QoS in the WAN

Loss DelayDelay

Variation(Jitter)

Factors That Negatively Affect Packet-Based Voice/Video


Session ID

Presentation_ID 33

Types of Delay

Processing Delay: The time it takes for a router to take the packet from an input interface, examine it, and put it into the output queue of the output interface

Queuing Delay: The time a packet resides in the output queue of a router

Serialization Delay: The time it takes to place the ―bits on the wire‖

Propagation Delay: The time it takes to transmit a packet


Session ID

Presentation_ID 34

Processing and Queuing Delay

Processing Delay: The time it takes for a router to take the packet from an input interface, examine it, and put it into the output queue of the output interface

Queuing Delay: The time a packets resides in the output queue of a router

Serialization Delay: The time it takes to place the ―bits on the wire‖

Propagation Delay: The time it takes to transmit a packet


Session ID

Presentation_ID 35

Ways to Reduce Delay

Upgrade the link; the best solution but also the most expensive.

Forward the important packets first.

Compress the payload of Layer 2 frames (it takes time).

Compress IP packet headers.


Session ID

Presentation_ID 36

Packet Loss

Tail drops occur when the output queue is full. These are common drops, which happen when a link is congested.

Many other types of drops exist, usually the result of router congestion, that are uncommon and may require a hardware upgrade (input drop, ignore, overrun, frame errors).


Session ID

Presentation_ID 37

Ways to Prevent Packet Loss

Upgrade the link; the best solution but also the most expensive.

Guarantee enough bandwidth to sensitive packets.

Prevent congestion by randomly dropping less important packets before congestion occurs.


Session ID

Presentation_ID 38

Traffic Policing and Shaping Overview

These mechanisms must classify packets before policing or shaping the traffic rate.

Traffic policing typically drops or marks excess traffic to stay within a traffic rate limit.

Traffic shaping queues excess packets to stay within the desired traffic rate.


Session ID

Presentation_ID 39

Traffic Policing and Shaping Overview

These mechanisms must classify packets before policing or shaping the traffic rate.

Traffic policing typically drops or marks excess traffic to stay within a traffic rate limit.

Traffic shaping queues excess packets to stay within the desired traffic rate.


Session ID

Presentation_ID 40

Policing vs. Shaping

• Incoming and outgoing directions.

• Out-of-profile packets are dropped.

• Dropping causes TCP retransmits.

• Policing supports packet marking orre-marking.

• Outgoing direction only.

• Out-of-profile packets are queued until a buffer gets full.

• Buffering minimizes TCP retransmits.

• Marking or re-marking not supported.

• Shaping supports interaction with Frame Relay congestion indication.


Session ID

Presentation_ID 41

Enabling QoS in the WANLink Fragmentation and Interleaving (LFI)

64

Bytes

8 ms

4 ms

2 ms

1 ms

640Used

Serialization Delay Matrix

56 kbps 9 ms

64 kbps

128 kbps

256 kbps

512 kbps

768 kbps

128

Bytes

256

Bytes

512

Bytes

1024

Bytes

1500

Bytes

16 ms

8 ms

4 ms

2 ms

1.2 ms

18 ms

32 ms

16 ms

8 ms

4 ms

2.6 ms

36 ms

64 ms

32 ms

16 ms

8 ms

5 ms

72 ms

128 ms

64 ms

32 ms

16 ms

10 ms

144 ms

187 ms

93 ms

46 ms

23 ms

15 ms

214 ms

FragmentationSize Matrix

(Based on 10-msec Delay)

Frag

Size

80 Bytes

160 Bytes

320 Bytes

640 Bytes

1000 Bytes

56 kbps 70 Bytes

64 kbps

128 kbps

256 kbps

512 kbps

768 kbps

PVC

Speed

2000 Bytes1536 kbps X

Fragment-Size Recommendations


Session ID

Presentation_ID 42

Voice

Interleave

WFQ

Link Fragmentation

and Interleave

Low Latency Queuing

PacketsOut

PacketsIn

Police

Video

Enabling QoS in the WANScheduling in the WAN

Best Effort

Signaling

TXRing

Critical Data

Layer 3 Queuing Subsystem Layer 2 Queuing Subsystem

PQ

PQ Packets Do not Go Through Fragmentation:

on Low-Link Speeds, You Cannot put Large

(i.e., Video) Packets in the PQ with Voice Packets

Therefore video traffic not recommended for link

speeds <768kbps

CBWFQ Fragment


Session ID

Presentation_ID 43

4/5 Class Model

Scavenger

Critical Data

Call Signaling

Best Effort

Realtime

How Many Classes of Service Do I Need?Expanding the Number of Classes of Service over Time

8 Class Model

Critical Data

Video

Call Signaling

Best Effort

Voice

Bulk Data

Network Control

Scavenger

11 Class Model

Network Management

Call Signaling

Streaming Video

Transactional Data

Interactive-Video

Voice

Best Effort

IP Routing

Mission-Critical Data

Scavenger

Bulk Data

Time


Session ID

Presentation_ID 44

cRTP

Header

~2-4 Bytes

Enabling QoS in the WANProvisioning Bandwidth with Compressed RTP (cRTP)

Compresses RTP + UDP + IP headers (40 bytes) down to2–4 bytes

Enabled on a per-link basis

LinkHeader

IP HeaderUDP

HeaderRTP

Header

VoIP Packet

X Bytes20 Bytes8 Bytes12 Bytes

Voice Payload

X Bytes

CodecPPP

6 Bytes of Header

ATM

53 Bytes Cells with

a 48-Byte Payload

Frame-Relay

4 Bytes of Header

G.711 at 50 pps 68 kbps 85 kbps 67 kbps

66 kbps 84 kbps

12 kbps 21.2 kbps

G.711 at 33 pps

G.729A at 50 pps

G.729A at 33 pps 10.5 kbps 14 kbps

65.5 kbps

11.2 kbps

10 kbps


Session ID

Presentation_ID 45

Enabling QoS in the WANA Day in the Life of a VoIP Packet: Without cRTP

Packet

Size (Bytes)

Frame

Relay

Payload

(20)

Assumption:

G.729, 20-ms Sample

Payload = 20 Bytes

20

60

78

64

Payload

(20)

Payload

(20)

F/R (4)

RTP (12)

IP (20)

UDP (8)

802.1Q (4)

Enet (14)

Payload

(20)

RTP (12)

IP (20)

UDP (8)

Payload

(20)

RTP (12)

IP (20)

UDP (8)

802.1Q (4)

Enet (14)

Payload

(20)

RTP (12)

IP (20)

UDP (8)

Payload

(20)

RTP (12)

IP (20)

UDP (8)

Payload

(20)

78

60

20


Session ID

Presentation_ID 46

cRTP Is

Point to

Point

Enabling QoS in the WANA Day in the Life of a VoIP Packet: With cRTP

cRTP Is not Free!

Watch for CPU on

WAN Edge Routers!!!

Payload

(20)

Assumption:

G.729, 20-ms Sample

Payload = 20 Bytes

Frame

Relay

F/R (4)

Payload

(20)

cRTP (4)

Packet

Size (Bytes)

20

60

Payload

(20)

Payload

(20)

RTP (12)

IP (20)

UDP (8)

802.1Q (4)

Enet (14)

Payload

(20)

RTP (12)

IP (20)

UDP (8)

802.1Q (4)

Enet (14)

Payload

(20)

RTP (12)

IP (20)

UDP (8)

Payload

(20)

RTP (12)

IP (20)

UDP (8)

Payload

(20)

78

60

20

28

78


Session ID

Presentation_ID 47



QoS in the Campus

QoS in the WAN



Session ID

Presentation_ID 48

WLAN and LAN

Wireless LAN (WLAN) as an extension to wired LAN


Session ID

Presentation_ID 49

WLAN QoS Queuing Overview


Session ID

Presentation_ID 50

WLAN QoS RF Backoff Timing


Session ID

Presentation_ID 51

WLAN QoS Queuing Overview


Session ID

Presentation_ID 52

What We Have Built So Far

Network InfrastructureDistribution/

Core SwitchCampus

BranchWAN Aggregation

Router

BranchRouter

IP WAN

AccessSwitch

AccessSwitch

SiSi

SiSi


Session ID

Presentation_ID 53

Taller Redes Emergentes

Technology

Transcript of Taller Redes Emergentes