QoS is a continuation of network policy. Policy information is set at certain points, carried in protocol headers, and enforced throughout the network. The result should provide a predefined level of service for different types of traffic. Note You can also use QoS can to protect the network against certain types of security attacks, but that is beyond the scope of this discussion. Many of the protocols used to virtualize network transport have fields dedicated to QoS, as summarized in the following list:
On the device itself, the mechanisms used to effect policy should be familiar to readers of this book. In the interest of having standard definitions, the following list summarizes them:
QoS mechanisms detailed are deployed in support of a particular model or architecture. The initial Internet model was, of course, point-to-point (p2p) best effort. Other models include integrated services (IntServ), which uses the Resource Reservation Protocol (RSVP) to reserve bandwidth for flows of application traffic, and DiffServ. We review DiffServ in the next sections. Differentiated ServicesThe DiffServ model is an architecture that allows scalable differentiation between data flows. With DiffServ, the majority of the labor-intensive QoS processing, such as classification, marking, and policing, is done at the network edge. Traffic admitted to the network core is marked with a numeric value, a DSCP, which indicates to which class the packet belongs. The core devices process on a per-class (not per-flow) basis, and so they need to examine only the bits that carry the DSCP information (6 bits in the IP header) to know how to handle any particular packet. DiffServ does not require state information or signaling of resource requirements, either on a flow or aggregate basis. Instead, each device is configured with certain administratively determined limits on the amount of resource per class. DiffServ is defined in RFC 2474 (Definition of the Differentiated Services Field [DS Field] in the IPv4 and IPv6 Headers) and RFC 2475 (An Architecture for Differentiated Services). DiffServ introduces an important concept, namely per-hop behavior (PHB). PHB is the observable behavior of a device as it processes traffic. An end-to-end QoS service can be provided as long as the PHB is consistent across the network. RFC 2474 defines two PHBs:
The two most significant PHBs that use DiffServ are Assured Forwarding (AF) and Expedited Forwarding (EF), which are both defined in separate RFC documents. RFC 2597 defines AF, and RFC 2598 defines EF:
It is important to apply the correct DSCP value to a packet. In a switched environment, there are typically two QoS domains (Layer 2 and Layer 3), and policy classifications must be correctly copied between each. In a typical campus network, the access switch classifies traffic based on either the incoming interface or ToS settings (the latter is common when a PC is connected to a switch through an IP phone) and marks this information in the 802.1p bits on the VLAN trunks that connect to the distribution layer. On the distribution switch, these ToS settings are copied to IP DSCP bits. Cisco provides guidelines for which Layer 2 and 3 values to use in an enterprise network. Table 10-1 gives the complete 11 DSCP values and corresponding PHB names, if defined.
The first settings column of the table lists the settings (limited to 7 classes) for IP Precedence rather than DSCP. Similarly, the last settings column shows the Layer 2 equivalence for each class. The baseline QoS model is extremely granular, and it is often necessary to group different categories together (for example, in case you need to send data over a wide-area virtual private network (VPN) connection that supports only a limited number of classes, typically between three and five). This number is essentially determined by cost considerations in the wide-area provider's network. However, the VPN protocols themselves can impose technical limitations. Of these, Multiprotocol Label Switching (MPLS) is the most interesting, not only because it is possibly unfamiliar, but also because it offers some valuable services not yet found with other the VPN transport protocols. The next section provides an introduction to MPLS QoS, but the interested reader is encouraged to consult some of the more specialized texts listed in the references at the end of the book. |