When configuring QoS, go to these sections
for information you are interested in:
l
Overview
l
QoS Supported by the S5600
Series Ethernet Switches
l
QoS Configuration
l
Displaying and Maintaining
QoS
l
QoS Configuration Examples
The following
features were added:
l
VLAN mapping. For details, see section Configuring VLAN Mapping.
l
Configuration of burst traffic feature in port
rate limit and traffic policing. For details, see section Configuring Traffic Policing and section Configuring
Line Rate.
l
Configuration of the priority marking feature in
VLAN. For details, see section Marking Packet Priority.
l
Redirecting traffic to an aggregation group and
removing outer VLAN tags when redirecting traffic to the specified
port/aggregation group. For details, see section Traffic Redirecting.
l
The burst function. For details, see section Burst.
Quality of Service (QoS) is a concept
concerning service demand and supply. It reflects the ability to meet customer
needs. Generally, QoS does not focus on grading services precisely, but on
improving services under certain conditions.
In an internet, QoS refers to the ability
of the network to forward packets. The evaluation on QoS of a network can be
based on different aspects because the network may provide various services.
Generally, QoS refers to the ability to provide improved service by solving the
core issues such as delay, jitter, and packet loss ratio in the packet
forwarding process.
In traditional IP networks, packets are
treated equally. That is, the FIFO (first in first out) policy is adopted for
packet processing. Network resources required for packet forwarding is
determined by the order in which packets arrive. All the packets share the
resources of the network. Network resources available to the packets completely
depend on the time they arrive. This service policy is known as Best-effort,
which delivers the packets to their destination with the best effort, with no assurance
and guarantee for delivery delay, jitter, packet loss ratio, reliability, and
so on.
The traditional Best-Effort service policy
is only suitable for applications insensitive to bandwidth and delay, such as
WWW, E-mail and FTP.
With the expansion of computer network,
more and more networks become part of the Internet. The Internet gains rapid
development in terms of scale, coverage and user quantities. More and more
users use the Internet as a platform for their services and for data
transmission.
Besides the traditional applications such
as WWW, E-mail, and FTP, new services are developed on the Internet, such as
tele-education, telemedicine, video telephone, videoconference and
Video-on-Demand (VoD). Enterprise users expect to connect their regional branches
together using VPN techniques for coping with daily business, for instance,
accessing databases or manage remote equipments through Telnet.
All these new applications have one thing
in common, that is, they have special requirements for bandwidth, delay, and
jitter. For instance, bandwidth, delay, and jitter are critical for videoconference
and VoD. As for other applications, such as transaction processing and Telnet, although
bandwidth is not as critical, a too long delay may cause unexpected results.
That is, they need to get serviced in time even if congestion occurs.
Newly emerging applications demand higher
service performance from IP networks. In addition to simply delivering packets
to their destinations, better network services are demanded, such as allocating
dedicated bandwidth, reducing packet loss ratio, avoiding congestion,
regulating network traffic, and setting priority of the packets. To meet those
requirements, the network should be provided with better service capability.
Figure
1-1 End-to-end QoS model
As shown in the figure above, traffic
classification, traffic policing, traffic shaping, congestion management, and
congestion avoidance are the foundations for a network to provide
differentiated services. They are described as follow:
l
Traffic classification identifies traffic based
on certain matching rules. It is a prerequisite for differentiated services and
is usually applied in the inbound direction of a port.
l
Traffic policing confines traffic to a specific
specification and is usually applied in the inbound direction of a port. You
can configure restriction or penalty measures against the exceeding traffic to
protect carrier benefits and network resources.
l
Traffic shaping adapts output traffic rate usually
to the input capability of the receiving device to avoid packet drop and port
congestion. Traffic shaping is usually applied in the outbound direction of a
port.
l
Congestion management handles resource
competition during network congestion. Generally, it adds packets to queues
first, and then forwards the packets by using a scheduling algorithm. Congestion
management is usually applied in the outbound direction of a port.
l
Congestion avoidance monitors the use of network
resources and drops packets actively when congestion reaches certain degree. It
relieves network load by adjusting traffics. Congestion avoidance is usually
applied in the outbound direction of a port.
Traffic classification is the basis of all
the above-mentioned traffic management technologies. It identifies packets using
certain rules and makes differentiated services possible. Traffic policing, traffic
shaping, congestion management, and congestion avoidance are methods for implementing
network traffic control and network resource management. They are occurrences
of differentiated services.
The S5600
series Ethernet switches support the QoS features listed in Table 1-1:
Table 1-1 QoS features supported by the S5600
series Ethernet switches
|
QoS Feature
|
Description
|
Refer to
…
|
|
Traffic classification
|
Classify incoming traffic based on ACLs. The
S5600 series support the following types of ACLs:
l Basic ACLs
l Advanced ACLs
l Layer-2 ACLs
l User-defined ACLs
|
l For information about ACLs, refer to the ACL Operation and ACL
Command manuals.
l For information about traffic classification, refer to Traffic Classification.
|
|
QoS action
|
The S5600 series support performing the following
QoS actions for packets matching the specified ACL:
l Priority marking
l Traffic policing
l Traffic redirecting
l VLAN Mapping
l Traffic accounting
l Traffic mirroring
|
l For information about priority marking, refer to Priority Marking.
l For information about traffic policing, refer to Traffic Policing.
l For information about traffic redirecting, refer to Traffic Redirecting.
l For information about VLAN Mapping, refer to VLAN Mapping.
l For information about traffic accounting, refer to Flow-Based Traffic Accounting.
l For information about traffic mirroring, refer to Traffic mirroring.
|
|
You can configure the following QoS
actions as required on the S5600 series:
l Priority trust mode
l Protocol packet priority
l Line rate
l Burst
|
l For information about priority trust mode, refer to Priority Trust Mode.
l
For information about specifying priority for
protocol packets, refer to Protocol
Priority.
l
For information about line rate, refer to Line Rate.
l For information about the burst function, refer to Burst.
|
|
Congestion management
|
The S5600 series support SP and WRR queue
scheduling algorithms and support the following three queue scheduling modes:
l SP
l WRR
l SP+WRR
|
For information about SP and WRR, refer
to Queue Scheduling.
|
|
|
|
|
Traffic here refers
to service traffic; that is, all the packets passing the switch.
Traffic classification means identifying
packets that conform to certain characteristics according to certain rules. It
is the foundation for providing differentiated services.
In traffic classification, the priority bit
in the type of service (ToS) field in IP packet header can be used to identify
packets of different priorities. The network administrator can also define traffic
classification policies to identify packets by the combination of source
address, destination address, MAC address, IP protocol or the port number of an
application. Normally, traffic classification is done by checking the
information carried in packet header. Packet payload is rarely adopted for traffic
classification. The identifying rule is unlimited in range. It can be a
quintuplet consisting of source address, source port number, protocol number,
destination address, and destination port number. It can also be simply a
network segment.
I. Introduction to precedence types
1)
IP precedence, ToS precedence, and DSCP
precedence
Figure 1-2 DS field and ToS byte
The ToS field in an IP header contains eight
bits numbered 0 through 7, among which,
l
The first three bits indicate IP precedence in
the range 0 to 7.
l
Bit 3 to bit 6 indicate ToS precedence in the
range of 0 to 15.
l
In RFC2474, the ToS field in IP packet header is
also known as DS field. The first six bits (bit 0 through bit 5) of the DS
field indicate differentiated service codepoint (DSCP) in the range of 0 to 63,
and the last two bits (bit 6 and bit 7) are reserved.
Table 1-2 Description on IP Precedence
|
IP Precedence (decimal)
|
IP Precedence (binary)
|
Description
|
|
0
|
000
|
Routine
|
|
1
|
001
|
priority
|
|
2
|
010
|
immediate
|
|
3
|
011
|
flash
|
|
4
|
100
|
flash-override
|
|
5
|
101
|
critical
|
|
6
|
110
|
internet
|
|
7
|
111
|
network
|
In a network providing differentiated
services, traffics are grouped into the following four classes, and packets are
processed according to their DSCP values.
l
Expedited Forwarding (EF) class: In this class,
packets can be forwarded regardless of link share of other traffic. The class
is suitable for preferential services with low delay, low packet loss ratio,
low jitter, and assured bandwidth (such as virtual leased line);
l
Assured forwarding (AF) class: This class is
further divided into four subclasses (AF1/2/3/4) and a subclass is further
divided into three drop priorities, so the AF service level can be segmented.
The QoS rank of the AF class is lower than that of the EF class;
l
Class selector (CS) class: This class comes from
the IP ToS field and includes eight subclasses;
l
Best Effort (BE) class: This class is a special
class without any assurance in the CS class. The AF class can be degraded to
the BE class if it exceeds the limit. Current IP network traffic belongs to
this class by default.
Table 1-3 Description on DSCP precedence values
|
DSCP value (decimal)
|
DSCP value (binary)
|
Description
|
|
46
|
101110
|
ef
|
|
10
|
001010
|
af11
|
|
12
|
001100
|
af12
|
|
14
|
001110
|
af13
|
|
18
|
010010
|
af21
|
|
20
|
010100
|
af22
|
|
22
|
010110
|
af23
|
|
26
|
011010
|
af31
|
|
28
|
011100
|
af32
|
|
30
|
011110
|
af33
|
|
34
|
100010
|
af41
|
|
36
|
100100
|
af42
|
|
38
|
100110
|
af43
|
|
8
|
001000
|
cs1
|
|
16
|
010000
|
cs2
|
|
24
|
011000
|
cs3
|
|
32
|
100000
|
cs4
|
|
40
|
101000
|
cs5
|
|
48
|
110000
|
cs6
|
|
56
|
111000
|
cs7
|
|
0
|
000000
|
be (default)
|
2)
802.1p priority
802.1p priority lies in Layer 2 packet
headers and is applicable to occasions where the Layer 3 packet header does not
need analysis but QoS must be assured at Layer 2.
Figure 1-3 An Ethernet frame with an 802.1Q tag header
As shown in the figure above, the 4-byte
802.1Q tag header consists of the tag protocol identifier (TPID, two bytes in
length), whose value is 0x8100, and the tag control information (TCI, two bytes
in length). Figure 1-4
describes the detailed contents of an 802.1Q tag header.
Figure 1-4
802.1Q tag headers
In the figure above, the priority field (three
bits in length) in TCI is 802.1p priority (also known as CoS precedence), which
ranges from 0 to 7.
Table 1-4 Description on 802.1p priority
|
802.1p priority (decimal)
|
802.1p priority (binary)
|
Description
|
|
0
|
000
|
best-effort
|
|
1
|
001
|
background
|
|
2
|
010
|
spare
|
|
3
|
011
|
excellent-effort
|
|
4
|
100
|
controlled-load
|
|
5
|
101
|
video
|
|
6
|
110
|
voice
|
|
7
|
111
|
network-management
|
The precedence is called 802.1p priority because the related
applications of this precedence are defined in detail in the 802.1p specifications.
3)
Local precedence
Local precedence is a locally significant
precedence that the device assigns to a packet. A local precedence value
corresponds to one of the eight hardware output queues. Packets with the
highest local precedence are processed preferentially. As local precedence is
used only for internal queuing, a packet does not carry it after leaving the
queue.
After a packet enters a switch, the switch
sets the 802.1p priority and local precedence for the packet according to its
own capability and the corresponding rules.
1)
For a packet carrying no 802.1q tag
When a packet carrying no 802.1q tag
reaches the port of a switch, the switch replaces the 802.1p priority of the
received packet with the port priority, searches for the local precedence
corresponding to the port priority of the receiving port in the 802.1p-to-local
precedence mapping table, and assigns the local precedence to the packet.
2)
For an 802.1q tagged packet
When an 802.1q tagged packet reaches the
port of a switch, you can use the priority trust on the receiving port
to configure the port to trust packet priority or use the priority
command on the receiving port to configure the port to trust port priority. By
default, port priority is trusted and the priority of a port is 0.
l
Trusting port priority
In this mode, the switch replaces the
802.1p priority of the received packet with the port priority, searches for the
local precedence corresponding to the port priority of the receiving port in
the 802.1p-to-local precedence mapping table, and assigns the local precedence
to the packet.
l
Trusting packet priority
In this mode, the switch searches for the
local precedence corresponding to the 802.1p priority of the packet in the
802.1p-to-local precedence mapping table and assigns the local precedence to
the packet.
Table 1-5 shows the
default 802.1p priority-to-local precedence mapping table. You can modify the
default mapping tables at the CLI. For detailed configuration procedure, refer
to Configuring the Mapping
between 802.1p Priority and Local Precedence.
Table 1-5 802.1p priority-to-local
precedence mapping table
|
802.1p priority
|
Local precedence
|
|
0
|
2
|
|
1
|
0
|
|
2
|
1
|
|
3
|
3
|
|
4
|
4
|
|
5
|
5
|
|
6
|
6
|
|
7
|
7
|
Protocol packets generated by a switch carry
their own priority. You can set a new IP precedence or DSCP precedence for the
specific type of protocol packets to implement QoS.
The priority marking
function is to reassign priority for the traffic matching an ACL referenced for
traffic classification.
l
If 802.1p priority marking is configured, the
traffic will be mapped to the local precedence corresponding to the re-marked
802.1p priority and assigned to the output queue corresponding to the local
precedence.
l
If local precedence marking is configured, the
traffic will be assigned to the output queue corresponding to the re-marked
local precedence.
l
If IP precedence or DSCP marking is configured,
the traffic will be marked with new IP precedence or DSCP precedence.
The network will be made more congested by
plenty of continuous burst packets if the traffic of each user is not limited.
The traffic of each user must be limited in order to make better use of the limited
network resources and provide better service for more users. For example, traffic
can be limited to get only its committed resources during a time period to
avoid network congestion caused by excessive bursts.
Traffic
policing is a kind of traffic control policy used to limit the traffic and the resource
occupied by supervising the traffic. The regulation policy is implemented
according to the evaluation result on the premise of knowing whether the
traffic exceeds the specification when traffic policing is performed. Normally,
token bucket is used for traffic evaluation.
I. Token bucket
The token bucket can be considered as a
container with a certain capacity to hold tokens. The system puts tokens into
the bucket at the set rate. When the token bucket is full, the extra tokens
will overflow and the number of tokens in the bucket stops increasing.
Figure 1-5 Evaluate the traffic with the
token bucket
II. Evaluating the traffic with
the token bucket
When token bucket is used for traffic evaluation,
the number of the tokens in the token bucket determines the amount of the
packets that can be forwarded. If the number of tokens in the bucket is enough
to forward the packets, the traffic is conforming to the specification; otherwise,
the traffic is nonconforming or excess.
Parameters concerning token bucket include:
l
Average rate: The rate at which tokens are put
into the bucket, namely, the permitted average rate of the traffic. It is
generally set to committed information rate (CIR).
l
Burst size: The capacity of the token bucket,
namely, the maximum traffic size that is permitted in each burst. It is
generally set to committed burst size (CBS). The set burst size must be greater
than the maximum packet length.
One evaluation is performed on each
arriving packet. In each evaluation, if the number of tokens in the bucket is
enough, the traffic is conforming to the specification and you must take away
some tokens whose number is corresponding to the packet forwarding authority;
if the number of tokens in the bucket is not enough, it means that too many
tokens have been used and the traffic is excess.
III. Traffic policing
The typical application of traffic policing
is to supervise specific traffic into the network and limit it to a reasonable
range, or to "discipline" the extra traffic. In this way, the network
resources and the interests of the operators are protected. For example, you
can limit HTTP packets to be within 50% of the network bandwidth. If the
traffic of a certain connection is excess, traffic policing can choose to drop the
packets or to reset the priority of the packets.
Traffic policing is widely used in policing
the traffic into the network of internet service providers (ISPs). Traffic
policing can identify the policed traffic and perform pre-defined policing
actions based on different evaluation results. These actions include:
l
Drop. Drop the packet whose evaluation result is
“nonconforming”.
l
Modify the DSCP precedence and forward. Modify
the DSCP precedence of the packets whose evaluation result is “nonconforming”
and then forward them.
<
