Section 13-1. QoS Theory

13-1. QoS Theory

• QoS defines policies on how switches and routers deliver different types of traffic. A QoS domain is the entire collection of network devices that are administered so that they adhere to the QoS policies.

• To guarantee that QoS policies are met, QoS must be configured on all switches and routers end-to-end across the network.

• Traffic should be classified at the edges of the QoS domain. Where this isn't possible, classify traffic as close as possible to the source. Classification can occur at Layer 2 or Layer 3, depending on the network functions available at the edge.

• The top portion of Figure 13-1 shows QoS operations on a Catalyst switch, including the following:

  - Classification Selects specific traffic to which a QoS policy can be applied. The priority values of inbound frames can also be trusted or reclassified.
  
  

  - Policing Limits the bandwidth used by a traffic flow. Policers can control aggregate or individual flows, and can also mark or drop traffic.
  
  

  - Marking Assigns a value to either the Layer 3 Differentiated Services Code Point (DSCP), the Layer 2 class of service (CoS), or both for each frame.
  
  

  - Scheduling Assigns traffic to a specific switch port queue, for either ingress or egress traffic.
  
  

  - Congestion Avoidance Reserves bandwidth in the switch port queues. Traffic that exceeds a threshold can be dropped or reduced in priority, making space for other traffic in the queues.
  
  

  Figure 13-1. Catalyst Switch QoS Operations and Internal DSCP

  
  
  

• All Catalyst QoS operations are based around the concept of an internal DSCP value. This value is determined by an ingress port's trust state, and is carried throughout the QoS process with each frame. Upon egress, the internal DSCP can be used to mark other QoS values within the frame. The bottom portion of Figure 13-1 shows the internal DSCP operations.

As a summary, Table 13-1 lists QoS capabilities of the various Cisco Catalyst switch families.

Layer 2 QoS Classification and Marking

At Layer 2, individual frames have no mechanism for indicating the priority or importance of their contents. Therefore, the delivery of Layer 2 frames must be on a "best effort" basis.

When virtual LANs (VLANs) are trunked over a single link, however, the trunk provides a means to carry priority information along with each frame. Layer 2 CoS is transported as follows:

• IEEE 802.1Q trunk Frames are tagged with a 12-bit VLAN ID. The CoS is contained in the three 802.1p priority bits in the User field. Frames in the native VLAN are not tagged at all; they are given the default CoS or priority for the switch port. Figure 13-2 shows the format of the 802.1Q encapsulation tag.

  Figure 13-2. 802.1Q Trunk Encapsulation Format

  
  
  

• Inter-Switch Link (ISL) trunk Frames are tagged with a 15-bit VLAN ID. The CoS is contained in the lower three bits of the User field. Although this is not standardized, Catalyst switches copy the 802.1p CoS bits from a frame in an 802.1Q trunk into the User field of frames in an ISL trunk. Figure 13-3 shows the format of the ISL tag.

  Figure 13-3. ISL Trunk Encapsulation Format

  
  
  

Layer 3 QoS Classification and Marking

QoS is also built around the concept of Differentiated Service (DiffServ), where the QoS specification is carried within each Layer 3 packet. IP packets have a type of service (ToS) byte that is formatted according to the top row of Figure 13-4. Bits P2, P1, and P0 form the IP precedence value. Bits T3, T2, T1, and T0 form the ToS value.

For DiffServ, the same byte is called the Differentiated Services (DS) byte, and is also formatted according to the bottom row of Figure 13-4. Bits DS5 through DS0 form the Differentiated Services Code Point (DSCP). The DSCP is arranged to be backward-compatible with the IP precedence bits because the two quantities share the same byte in the IP header.

Bits DS5, DS4, and DS3 form the DSCP class selector. Classes 1 through 4 are termed the Assured Forwarding (AF) service levels. Higher class numbers indicate a higher-priority traffic. Each class or AF service level has three drop precedence categories:

• Low (1)

• Medium (2)

• High (3)

Traffic in the AF classes can be dropped, with the most likelihood of dropping in the Low category and the least in the High category. In other words, service level AF class 4 with drop precedence 3 is delivered before AF class 4 with drop precedence 1, which is delivered before AF class 3 with drop precedence 3, and so on.

Class 5 is also called the Expedited Forwarding (EF) class, offering premium service and the least likelihood of packet drops. The Default class selector (DSCP 000 000) offers only best-effort forwarding.

Class 6, Internetwork Control, and Class 7, Network Control, are both set aside for network control traffic. This includes the Spanning Tree Protocol and routing protocolstraffic that is not user-generated but usually considered high-priority.

Table 13-2 shows how the IP precedence names and bits have been mapped to DSCP values. DSCP is broken down by per-hop behavior (PHB), class selector, and drop precedence. Many times, DSCP values are referred to by the codepoint name (AF23, for example), which are also listed in the table. The DSCP bits are shown along with their decimal equivalent. In many DSCP-related commands, you need to enter a decimal DSCP value, even though it is difficult to relate the decimal numbers with the corresponding DSCP service levels and PHBs. Use this table as a convenient cross-reference.

^[1] IP precedence value 5 (DSCP EF) corresponds to the range of DSCP bits 101000 through 101111, or 4047. However, only the value 101110 or 46 is commonly used, and is given the EF designation.

^[2] IP precedence values 6 and 7 consume the DSCP ranges 4855 and 5663, respectively. However, these values are normally used by network control traffic and are not shown in the table for simplicity.

TIP

Layer 2 CoS and Layer 3 DSCP/ToS are completely independent concepts. As such, the two QoS values do not intermingle or automatically translate to each other. A switch must map between CoS and DSCP values at a Layer 2 and Layer 3 boundary.

The Layer 3 DSCP/ToS is carried within each IP packet, allowing the QoS information to be propagated automatically. The Layer 2 CoS is not contained in Layer 2 frames, however, and can only be carried across a trunk. To propagate the CoS values, you must use a trunk between switches.

Catalyst Switch Queuing

Catalyst switch ports have both ingress and egress queues. These buffer frames as they are received or before they are transmitted. Each port usually has multiple queues, each configured for a relative traffic priority. For example, the lowest-priority queue is serviced only after the higher-priority queues.

Most switch platforms have a strict-priority queue that is used for time-critical traffic. This queue is always serviced before any other queue on the port.

Each port queue usually has one or more thresholds that indicate when traffic can or cannot be dropped. When the queue is less full than a threshold, frames are not dropped. If the queue is filled over a threshold, the likelihood that frames can be dropped increases.

During QoS configuration, you must reference the queues by number. The lowest-priority standard queue is always queue 1. The next-higher priority standard queues follow, beginning with 2. The strict-priority queue always receives the highest queue index number.

Cisco Catalyst switch ports are described with the following queue type notation: xpyqzt, where the notations indicate the following:

• p The number of strict-priority queues, given by x

• q The number of standard queues, given by y

• t The number of configurable thresholds per queue, given by z

For example, a switch port of type 1p1q4t has one strict-priority queue, one standard queue, and four thresholds per queue. The low-priority standard queue is called queue 1, whereas the strict-priority queue is called queue 2.