Before QoS mechanisms can treat voice with high priority, these QoS mechanisms must recognize voice packets. This chapter considers the very popular DiffServ model of QoS. DiffServ, as the name suggests, literally differentiates between packet types and marks those packets. Once a packet is marked, the next router or the next switch in the packet's path can examine the marking and immediately know how to treat the packet.
The first question might be, "How is a voice packet recognized as a voice packet?" This recognition process is called classification. For example, you might recognize Telnet, FTP, and HTTP traffic and categorize those applications together in a specific class of traffic. You might place voice packets in a separate class. Cisco routers and switches are very flexible in their ability to recognize different packet types. For example, to recognize voice traffic, you could use access control lists (ACLs), which can, for example, match traffic based on source and destination IP addresses, in addition to source and destination port numbers. Also, the Cisco Network Based Application Recognition (NBAR) feature can classify traffic by examining traffic characteristics up to and including the application layer (for example, the name of a graphics file being downloaded as part of a web page). NBAR's deep packet inspection can interrogate packet characteristics and recognize application signatures. While classification groups common types of traffic, classification doesn't alter the classified packets in any way.
While classification is great, you probably do not want to configure classification on every router. Therefore, once the traffic is classified, you can mark the traffic. After a router marks a packet, other routers and switches in the network can reference those markings and make decisions (that is, forwarding or dropping decisions) based on those markings.
As a metaphor, consider the frequent flyer programs offered by many major airlines. After traveling on enough flights and accumulating enough miles, you achieve the designation of a frequent flyer, which might come with such perks as priority boarding. However, as you approach the gate agent, does the gate agent require you to prove your frequent flyer status by showing your boarding passes from all your previous flights? Not at all. Instead, after you achieve frequent flyer status (that is, you are classified as a frequent flyer), the airline gives you a marking, such as a luggage tag indicating your frequent flyer status. Therefore, as you approach the gate agent, you only need to show your marking (e.g., luggage tag or an actual marking on your boarding pass). The same theory holds true in a network. Once packets are classified (achieving frequent flyer status in this metaphor), the packets simply show their marking (a luggage tag in our metaphor) to subsequent routers or switches without the need for reclassification at each router and each switch along the packets' path.
The next logical question might be, "How is a packet marked?" Inside an Internet Protocol version 4 (IPv4) header, there is a byte (that is, 8 bits) called the Type of Service (ToS) byte. You can mark packets, using bits within the ToS byte, using either IP Precedence or Differentiated Service Code Point (DSCP) markings, as shown in Figure 6-5.
Figure 6-5. ToS Byte
IP Precedence uses the three left-most bits in the ToS byte. With 3 bits at its disposal, IP Precedence markings range from 0 to 7. However, 6 and 7 should not be used because those values are reserved for network use.
For more granularity, you might choose DSCP, which uses the six left-most bits in the ToS byte. Six bits yield 64 possible values (063). The challenge with so many values at your disposal is that the value you choose to represent a certain level of priority might be treated very differently by a router or switch under someone else's administration.
For example, let's say that in my network, I mark high-priority traffic with a DSCP value of 26. However, you decide to mark high-priority traffic in your network with a DSCP value of 39. In fact, your network considers a DSCP value of 26 to have the priority of dirt. Do you see the problem? We're just arbitrarily selecting values, without any common frame of reference.
To maintain relative levels of priority among devices, the Internet Engineering Task Force (IETF), a standards body, selected a subset of DSCP's 64 possible values for use. These values are called Per Hop Behaviors (PHBs) because they indicate how each router hop along the path from the source to the destination treats packets.
All PHBs fall into one of four categories:
Traffic only needing best-effort treatment can be marked with the Default PHB, which simply means the six left-most bits in the packet's ToS byte (that is, the DSCP bits) are all 0s (that is, a DSCP value of 0).
The EF PHB has a DSCP value of 46. Latency-sensitive traffic, such as voice, typically receives a PHB marking of EF.
The AF PHB represents the broadest category of PHBs. Specifically, AF PHBs represent 12 different PHB values, as shown in Table 6-1.
Notice the assured forwarding PHBs are grouped into four classes. Examining these DSCP values in binary reveals that the three left-most bits of all the Class 1 AF PHBs are 001 (that is, a decimal value of 1); the three left-most bits of all the Class 2 AF PHBs are 010 (that is, a decimal value of 2); the three left-most bits of all the Class 3 AF PHBs are 011 (that is, a decimal value of 3); and the three left-most bits of all the Class 4 AF PHBs are 100 (that is, a decimal value of 4). Because IP Precedence-aware devices examine these three left-most bits, an IP Precedence-aware router interprets all Class 1 DSCP values as an IP Precedence value of 1. The same applies to Class 2, 3, and 4 PHB values.
Each AF PHB class contains three distinct values, which indicate a packet's drop preference. Higher values in an AF PHB class are more likely to be discarded during periods of congestion. For example, an AF13 packet is more likely to be discarded than an AF11 packet.
Voice packets typically receive a PHB value of EF, while call setup traffic uses a PHB value of CS3. Also, interactive video often uses a value of AF41.
CS PHBs provide complete backward compatibility with IP Precedence values because, just like IP Precedence, CS PHBs have 0s in the fourth, fifth, and sixth bits of the ToS byte, as shown in Table 6-2. For example, imagine your router uses DSCP markings, but you are sending packets to a router that only understands IP Precedence markings. Such a scenario provides a great opportunity to use CS markings. You could send a packet marked with a DSCP value of 40, which is 101000 in binary. When that packet is received by an IP Precedence-aware router, the packet's IP Precedence value will be interpreted as 5, because only the three left-most bits are considered, and because 101 in binary equals 5 in decimal.
Thus far, you've examined packet markings using the ToS byte in an IPv4 header. These markings (that is, DSCP and IP Precedence markings) are considered Layer 3 markings (that is, markings occurring at the Network Layer of the OSI Model). However, you can also mark traffic at Layer 2 of the OSI Model (that is, the Data Link Layer). For example, you can mark frames traveling over an Ethernet trunk with a Layer 2 class of service (CoS) value, as illustrated in Figure 6-6.
Figure 6-6. Class of Service (CoS) Marking
CoS values range from 07, although Cisco recommends that you never use 6 or 7, because 6 and 7 are reserved for network use. The bits used to create the CoS marking depend on the type of trunk being used:
Layer 2 markings can also extend to the WAN. Consider a Frame Relay network. A Frame Relay header contains a bit called the Discard Eligible (DE) bit, which identifies frames that the service provider can drop during periods of congestion. You can leverage the DE bit to identify less important traffic you send to the Frame Relay service provider. Similarly, you can mark the Cell Loss Priority (CLP) bit in an Asynchronous Transfer Mode (ATM) cell to identify less important ATM traffic.
A major design issue to keep in mind is that a CoS marking (that is, a Layer 2 marking) sent over an Ethernet trunk does not pass through a router. So, if you only use CoS markings to identify traffic priorities, those CoS markings need remarking to Layer 3 markings before the traffic passes through a router. Otherwise, the traffic emerges from the router with a CoS value of 0, as shown in Figure 6-7.
Figure 6-7. Without CoS Remarking
While Cisco recommends marking traffic as close to the source as possible, you typically don't want end users setting their own priority markings. Therefore, you can use your Catalyst switches to create a trust boundary, which is a point in the network that does not trust incoming markings. An exception to having a wiring closet switch acting as a trust boundary would be a Cisco IP phone connected to the switch. Because Cisco IP phones mark packets, you can extend a trust boundary to the phone.
Classification and marking serve as the initial steps in ensuring voice quality. However, classification and marking alone do not alter traffic behavior. Once a router or a switch marks traffic, other QoS mechanisms can reference those markings and make forwarding or dropping decisions based on those markings.