Problem
You want the router to automatically generate the Quality of Service policy map for either VoIP or general IP traffic.
Solution
There are two versions of AutoQoS. The first is specific to VoIP traffic:
Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#ip cef Router1(config)#interface Serial0/0 Router1(config-if)#no ip address Router1(config-if)#encapsulation frame-relay Router1(config-if)#exit Router1(config)#interface Serial0/0.1 point-to-point Router1(config-subif)#ip address 192.168.55.9 255.255.255.252 Router1(config-subif)#frame-relay interface-dlci 904 Router1(config-fr-dlci)#auto qos voip %Creating new map-class. Router1(config-fr-dlci)#exit Router1(config-subif)#exit Router1(config)#end Router1# *Mar 1 01:32:55.031: %RMON-5-FALLINGTRAP: Falling trap is generated because the value of cbQosCMDropBitRate.1169.1171 has fallen below the falling-threshold va lue 0 Router1#
The other AutoQoS option is called AutoQoS for the Enterprise. This feature is useful for automatically generating policy maps for more general IP traffic. For this feature, the router must first monitor the traffic by using the interface to decide how best to set up the policy maps. To enable this data collection phase, you use the auto discovery qos command:
Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#ip cef Router1(config)#interface Serial0/0 Router1(config-if)#no ip address Router1(config-if)#encapsulation frame-relay Router1(config-if)#exit Router1(config)#interface Serial0/0.1 point-to-point Router1(config-subif)#ip address 192.168.55.9 255.255.255.252 Router1(config-subif)#frame-relay interface-dlci 904 Router1(config-fr-dlci)#auto discovery qos Router1(config-fr-dlci)#exit Router1(config-subif)#exit Router1(config)#end Router1#
After the router has learned about the traffic patterns, you disable the discovery mode and enable auto qos instead:
Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#interface Serial0/0.1 point-to-point Router1(config-subif)#frame-relay interface-dlci 904 Router1(config-fr-dlci)#auto qos %Creating new map-class. Router1(config-fr-dlci)#no auto discovery qos Router1(config-fr-dlci)#exit Router1(config-subif)#exit Router1(config)#end Router1#
Discussion
AutoQoS is an extremely useful feature that can take a lot of the mystery out of building a QoS policy. Unfortunately, there are several restrictions on this feature that you need to be aware of.
First, it is only available on point-to-point links between routers. This includes point-to-point subinterfaces on ATM and Frame Relay PVCs, as shown in the example. The feature is also available on PPP and HDLC Serial connections. It cannot be used on any multiple access media, including Ethernets, or multipoint subinterfaces.
Second, it can't be used with any virtual templates or frame map statements. It cannot be used with either Frame Relay or ATM SVCs.
Third, it must be enabled on both ends of each link or PVC. This doesn't necessarily mean that both routers must run the same IOS version, however, as long as the AutoQoS feature is available on both routers.
Fourth, you should disable any other service policies or access-groups on the router, even if they are associated with different interfaces.
And finally, you must ensure that CEF is enabled for this feature to work.
AutoQoS for VoIP was introduced in IOS Version 12.2(15)T. This command is actually a macro that adds a series of commands to your router's configuration. You can use the show auto qos command to see exactly what it has added:
Router1#show auto qos ! policy-map AutoQoS-Policy-UnTrust class AutoQoS-VoIP-RTP-UnTrust priority percent 70 set dscp ef class AutoQoS-VoIP-Control-UnTrust bandwidth percent 5 set dscp af31 class AutoQoS-VoIP-Remark set dscp default class class-default fair-queue ! ip access-list extended AutoQoS-VoIP-RTCP permit udp any any range 16384 32767 ! ip access-list extended AutoQoS-VoIP-Control permit tcp any any eq 1720 permit tcp any any range 11000 11999 permit udp any any eq 2427 permit tcp any any eq 2428 permit tcp any any range 2000 2002 permit udp any any eq 1719 permit udp any any eq 5060 ! rmon event 33333 log trap AutoQoS description "AutoQoS SNMP traps for Voice Drops" owner AutoQoS rmon alarm 33333 cbQosCMDropBitRate.1169.1171 30 absolute rising-threshold 1 33333 falling-threshold 0 owner AutoQoS Serial0/0.1: DLCI 904 - ! interface Serial0/0 frame-relay traffic-shaping ! interface Serial0/0.1 point-to-point frame-relay interface-dlci 904 class AutoQoS-FR-Se0/0-904 ! map-class frame-relay AutoQoS-FR-Se0/0-904 frame-relay cir 1544000 frame-relay bc 15440 frame-relay be 0 frame-relay mincir 1544000 service-policy output AutoQoS-Policy-UnTrust Router1#
Clearly, this little macro has done a lot of work, and in fact this command output doesn't show the class-maps that were created at the same time! Let's examine what it did. First, it created a policy-map called AutoQoS-Policy-UnTrust, which allocates up to 70% of the bandwidth on this link to voice traffic and another 5% to VoIP control packets. It also sets the DSCP values for these traffic streams, overriding whatever values were previously in the packets. All other traffic is configured to use weighted fair-queuing (WFQ).
Then, skipping over the access-lists, whose purpose is fairly clear, the macro has created an RMON rule that will automatically send an SNMP trap every time the router is forced to drop a voice packet. You can then use these trap logs to determine if the queuing parameters are appropriate. If you find that you are dropping a lot of packets, then you may need to increase your bandwidth to reduce congestion.
And finally, it has implemented Frame Relay Traffic Shaping to ensure that the router doesn't attempt to overrun the CIR for the PVC. This is a critical consideration because, by default, the router will assume that it can transmit at wire speed on each PVC individually. So if you have several PVCs on a single physical circuit, it will allow any of them to burst to the full bandwidth capacity of the interface, possibly over-running the CIR of the PVC. As a result, even with the best queuing strategy on the router, you could find yourself dropping packets in the frame cloud. For more information on Frame Relay Traffic Shaping, please refer to Recipe 11.14 and Chapter 10.
The AutoQoS for the Enterprise feature was introduced in IOS Version 12.3(7)T. It classifies traffic into 10 categories, which are listed in Table 11-2. Note that if the discovery feature doesn't see any traffic of a particular type, then AutoQoS will not create a corresponding class on the router.
Class Name | DSCP | Description |
---|---|---|
IP Routing | CS6 | Routing protocol and ICMP traffic |
Interactive Voice | EF | RTP Voice traffic |
Interactive Video | AF41 | RTP Video traffic |
Streaming Video | CS4 | Various streaming audio and video protocols, such as CU-SeeMe, RealAudio, and Netshow |
Telephony Signaling | CS3 | RTP and H.323 |
Transactional/Interactive | AF21 | Database protocols, such as SAP, SQLNet, and SQLServer, as well as interactive protocols, including Citrix, Telnet, Notes, SSH, and X11 |
Network Management | CS2 | Primarily SNMP |
Bulk Data | AF11 | Batch file transfer protocols such as FTP, Exchange, POP3, SMTP, NNTP, and network printing |
Scavenger | CS1 | Various peer-to-peer and entertainment protocols, including Napster, Fasttrack, and Gnutella; this group is given a worse than best-efforts priority |
Best Effort | 0 | Various miscellaneous protocols, including HTTP, NFS, SunRPC, NTP, and gopher, as well as any unidentified traffic |
We enabled auto discovery QoS on both ends of a Frame-Relay PVC, ran some traffic through the link and then looked at the output of the show auto discovery qos command to see what the router suggested for a QoS policy:
Router1#show auto discovery qos Serial0/0.1 AutoQoS Discovery enabled for applications Discovery up time: 3 minutes, 41 seconds AutoQoS Class information: Class Voice: No data found. Class Interactive Video: No data found. Class Signaling: No data found. Class Streaming Video: No data found. Class Transactional: Recommended Minimum Bandwidth: 1 Kbps/<1% (AverageRate) Detected applications and data: Application/ AverageRate PeakRate Total Protocol (kbps/%) (kbps/%) (bytes) ----------- ----------- -------- ------------ telnet 1/<1 32/2 53404 Class Bulk: No data found. Class Scavenger: No data found. Class Management: Recommended Minimum Bandwidth: 1 Kbps/<1% (AverageRate) Detected applications and data: Application/ AverageRate PeakRate Total Protocol (kbps/%) (kbps/%) (bytes) ----------- ----------- -------- ------------ snmp 1/<1 11/<1 50245 Class Routing: Recommended Minimum Bandwidth: 0 Kbps/0% (AverageRate) Detected applications and data: Application/ AverageRate PeakRate Total Protocol (kbps/%) (kbps/%) (bytes) ----------- ----------- -------- ------------ icmp 0/0 8/<1 11432 eigrp 0/0 0/0 6016 Class Best Effort: Current Bandwidth Estimation: 3 Kbps/<1% (AverageRate) Detected applications and data: Application/ AverageRate PeakRate Total Protocol (kbps/%) (kbps/%) (bytes) ----------- ----------- -------- ------------ http 3/<1 33/2 84777 unknowns 0/0 0/0 184 Suggested AutoQoS Policy for the current uptime: ! class-map match-any AutoQoS-Transactional-Se0/0.1 match protocol telnet ! class-map match-any AutoQoS-Management-Se0/0.1 match protocol snmp ! policy-map AutoQoS-Policy-Se0/0.1 class AutoQoS-Transactional-Se0/0.1 bandwidth remaining percent 1 random-detect dscp-based set dscp af21 class AutoQoS-Management-Se0/0.1 bandwidth remaining percent 1 set dscp cs2 class class-default fair-queue Router1#
As you can see, we didn't let the discovery phase run for very long, and consequently did not discovery very many types of traffic. The router saw no traffic in the Voice, Interactive Video, Telephony Signaling, Streaming Video, Bulk, or Scavenger classes. But it did see some TELNET traffic in the Transactional class, some SNMP traffic in the Network Management class, as well as some Routing Protocol and Best Efforts traffic. Note that the command output includes average and peak rate traffic statistics, which the router will use to help determine queuing parameters:
Class Best Effort: Current Bandwidth Estimation: 3 Kbps/<1% (AverageRate) Detected applications and data: Application/ AverageRate PeakRate Total Protocol (kbps/%) (kbps/%) (bytes) ----------- ----------- -------- ------------ http 3/<1 33/2 84777 unknowns 0/0 0/0 184
The output then ends with a suggestion for a QoS policy-map to be applied to this interface. This output shows that the AutoQoS feature uses the NBAR match command to identify protocols. NBAR is the basis of AutoQoS. Please refer to Recipe 11.8 for more information about NBAR.
Once we are satisfied that this is a good QoS policy, we enable it by using the auto qos command:
Router1(config)#interface Serial0/0.1 point-to-point Router1(config-subif)#frame-relay interface-dlci 904 Router1(config-fr-dlci)#auto qos %Creating new map-class. Router1(config-fr-dlci)#no auto discovery qos Router1(config-fr-dlci)#exit Router1(config-subif)#exit
|
If you want to see the new configuration commands that AutoQoS has added to your router, use the show auto qos command:
Router1#show auto qos ! policy-map AutoQoS-Policy-Se0/0.1 class AutoQoS-Transactional-Se0/0.1 bandwidth remaining percent 1 random-detect dscp-based set dscp af21 class AutoQoS-Routing-Se0/0.1 bandwidth remaining percent 1 set dscp cs6 class class-default fair-queue ! policy-map AutoQoS-Policy-Se0/0.1-Parent class class-default shape average 1544000 service-policy AutoQoS-Policy-Se0/0.1 ! class-map match-any AutoQoS-Transactional-Se0/0.1 match protocol telnet ! class-map match-any AutoQoS-Routing-Se0/0.1 match protocol icmp match protocol eigrp match protocol rip Serial0/0.1: DLCI 904 - ! interface Serial0/0.1 point-to-point frame-relay interface-dlci 904 class AutoQoS-FR-Se0/0-904 ! map-class frame-relay AutoQoS-FR-Se0/0-904 frame-relay cir 1544000 frame-relay bc 15440 frame-relay be 0 frame-relay mincir 1544000 service-policy output AutoQoS-Policy-Se0/0.1-Parent Router1#
Note that the actual policy map does not exactly match the version that we saw earlier during the data collection phase. The biggest difference is that the router saw some additional RIP traffic in the meantime and added this protocol to the class called AutoQoS-Routing-Se0/0.1. It has also created a Frame Relay map class that includes traffic shaping parameters for the PVC.
Because AutoQoS adds so many different commands to the router configuration, if you want to disable AutoQoS, it is not sufficient to just remove the auto qos command. You will need to remove all of the other commands separately. In fact, you should be careful about removing this command because if you do so, the show auto qos command will no longer function, making it much more difficult to figure out what commands are actually related to this feature. To make matters worse, once you have removed the auto qos command, you can't even put it back because the router needs to repeat the discovery phase first!
If you want to remove this feature after you have enabled it, we recommend capturing the output of the show auto qos command and using a text editor to create a configuration script that selectively eliminates all of the associated commands.
AutoQoS for the Enterprise can be a useful way of generating a detailed queuing strategy for your network. We do urge some caution in using this feature, however. In our experience, the discovery option can be unreliable. In particular, if you are using NBAR or have access-groups enabled on the router, this can interfere with the data collection. Furthermore, we have seen questionable results in the output that went away after disabling and re-enabling the discovery option.
We strongly recommend looking very closely at the recommendations made by this command before implementing them.
See Also
Chapter 10, Recipe 11.8, Recipe 11.14
Router Configuration and File Management
Router Management
User Access and Privilege Levels
TACACS+
IP Routing
RIP
EIGRP
OSPF
BGP
Frame Relay
Handling Queuing and Congestion
Tunnels and VPNs
Dial Backup
NTP and Time
DLSw
Router Interfaces and Media
Simple Network Management Protocol
Logging
Access-Lists
DHCP
NAT
First Hop Redundancy Protocols
IP Multicast
IP Mobility
IPv6
MPLS
Security
Appendix 1. External Software Packages
Appendix 2. IP Precedence, TOS, and DSCP Classifications
Index