BRKCRS 2501 PDF

Campus QoS Design—Simplified
BRKCRS-2501
Tim Szigeti
Campus QoS Design—Simplified
Session Abstract
• This session discusses strategic factors driving network QoS designs, including:
new applications and business requirements, new industry guidance and best
practices and new platforms and technologies
• Cisco QoS strategy for rich media networks will be presented and campus-
specific design considerations will be discussed.
• Then platform-specific designs for classification, policing and ingress & egress
queuing policies will be detailed for the:
– Cisco Catalyst 2960-X series switches
– Cisco Catalyst 3650/3850 series switches
– Cisco Catalyst 4500 (Supervisor 7-E / 8-E) and 4500-X series switches
– Cisco Catalyst 6500 (Supervisor 2T) and 6800 series switches
• All design examples support both IPv4 and IPv6
BRKCRS-2501 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 3 3
Agenda
• QoS Design Strategy Review
• Campus QoS Design Considerations &
Recommendations
• Cisco Catalyst 2960-X QoS Design
• Cisco Catalyst 3650/3850 QoS Design
• Cisco Catalyst 4500 QoS Design
• Summary and References
QoS Design Strategy Review
Macro Trends in Internet Usage
• By 2018…
– global IP traffic will triple
– business IP traffic will double
– there will be three devices per person on average
– 57% of all IP traffic will be non-PC traffic (smartphones, tablets etc.)
– 60% of all traffic will originate from wireless devices
– 80%-90% of internet traffic will be video
cisco.com/go/vni
BRKCRS-2501 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Levels of QoS Policy Abstraction
Strategic vs. Tactical
• Strategic QoS Policy (WHAT are you trying to do and WHY?)
– reflects business intent*
– not constrained by any technical or administrative limitation
– is end-to-end
• Tactical QoS Policy (HOW are you going to do it?)

– adapts the strategic business intent to the maximum of platform’s capabilities
– is constrained by platform and/or administrative limitations
– is Place-in-the-Network (PIN) specific and platform-specific
* “Business-intent” can be considered organizational-intent for non-profit organizations

Defining a QoS Strategy
Always, Always, Always Start with Defining Your Business Objectives of QoS
• Guaranteeing voice quality meets enterprise standards
• Ensuring a high Quality of Experience (QoE) for collaborative video applications
• Deploying TelePresence, IP Video Surveillance, Digital Signage, etc.
• Improving user productivity by improving network response times
• Managing business applications that are “bandwidth hogs”
• Identifying and de-prioritizing non-business/consumer applications
• Improving network availability by protecting the control planes
• Hardening the network infrastructure to deal with abnormal events
Recognize Levels of Business Relevance
Relevant Maybe / Irrelevant

Unknown • These applications are known
• These applications directly
and do not directly support any
supports business objectives • These applications may/may not business objectives; this class
• Applications should be support business objectives includes all personal/consumer
classified and marked • E.g. HTTP/HTTPS applications
according to RFC 4594-
based rules • Alternatively, administrator may • Applications in this class should
not know the application (or how be marked CS1 and provisioned
its being used in the org) with a “less-than-best-effort”
service (RFC 3662)
• Applications in this class should
be marked DF and provisioned
with a default best-effort service
(RFC 2474)
Classifying Applications—Step 1: Identify Consumer-Oriented Applications
Consumer Yes
-Oriented?
Scavenger
No
• Is the application is consumer-oriented? (as opposed to business-oriented)

– i.e. Does the application contribute to business/organizational objectives?
Or is it more for personal entertainment/information/education/etc.?
• If yes: then it is to be classified as a SCAVENGER application
– This is regardless of whether the app is voice, video or data
– E.g. YouTube, Netflix, Skype, FaceTime, Facebook, iTunes, P2P apps, etc.
Defining a QoS Strategy—Classifying Applications
Classifying Applications—Step 2: Is the Protocol a Control Plane Protocol?
Control Yes Network Yes
Plane? Control?
Network Control
No No Yes
Signaling? Signaling
Yes
No OAM? OAM
• Is the protocol a Network Control protocol?
– This includes all network routing and control-plane protocols
• E.g. BGP, OSPF, EIGRP, HSRP, IKE, etc.
• Is the protocol a Signaling protocol?

– This includes all call signaling / bandwidth reservation protocols
• E.g. SIP, Skinny, H.323, RSVP etc.
• Is the protocol an Operations / Administration / Management protocol?

– This includes all network management protocols
• E.g. SNMP, Telnet, SSH, Syslog, NetFlow, etc.
Classifying Applications—Step 3: Is the Application Voice?
Yes
Voice? Voice
No
• Is the application voice?

– Audio-only media
• E.g. G.711, G.729 etc.
• Note: This class may be used for the audio-component of multimedia applications, such as Cisco
Jabber and Microsoft Lync; however, this option should ONLY be considered if this causes no
conflict with your overall Call Admission Control strategy and voice-queue provisioning
• If yes, then it is to be classified as VOICE
Classifying Applications—Step 4: Is the Application Video?
Yes or Unknown
Yes
Yes
Video? Unidirectional? Elastic? Multimedia-Streaming
No No No
(Bidirectional) (Inelastic)
Broadcast Video
Yes or Unknown
Elastic? Multimedia-Conferencing
No
Realtime-Interactive
(Inelastic)
• If the application is video?
– If yes: determine if the application is unidirectional or bidirectional?
– Then determine if the application is elastic (i.e. adaptive to congestion/drops) or inelastic?
Note: User-expectations may also factor here: (i.e. are users willing to accept quality loss due to drops?  elastic)
• Classify accordingly
Classifying Applications—Step 5: Is the Application Video?
Yes Yes
Data? Foreground? Transactional Data
No No
(Background or Unknown)
Bulk Data
• Is the application Data?

– Then determine: Is the application foreground or background?
• Foreground applications will directly impact user-productivity with network delays
• Background applications will not (as these are typically machine-to-machine flows)
– However, these apps can be very bandwidth intensive (if unrestrained)
– If it is not known if a data app is foreground, then assume it is background
• Classify accordingly
RFC 4594-Based Strategic QoS Recommendations
Application Per-Hop Queuing & Application
Class Behavior Dropping Examples
VoIP Telephony EF Priority Queue (PQ) Cisco IP Phones (G.711, G.729)
Broadcast Video CS5 (Optional) PQ Cisco IP Video Surveillance / Cisco Enterprise TV
Realtime Interactive CS4 (Optional) PQ Cisco TelePresence
Multimedia Conferencing AF4 BW Queue + DSCP WRED Cisco Jabber, WebEx
Multimedia Streaming AF3 BW Queue + DSCP WRED Cisco Digital Media System (VoDs)
Network Control CS6 BW Queue EIGRP, OSPF, BGP, HSRP, IKE
Signaling CS3 BW Queue SCCP, SIP, H.323
Ops / Admin / Mgmt (OAM) CS2 BW Queue SNMP, SSH, Syslog
Transactional Data AF2 BW Queue + DSCP WRED ERP Apps, CRM Apps, Front-End Database Apps
Bulk Data AF1 BW Queue + DSCP WRED E-mail, FTP, Backup Apps, Content Distribution
Best Effort DF Default Queue + RED Default Class
Scavenger CS1 Min BW Queue (Deferential) Netflix, YouTube, iTunes, Hulu, BitTorent, Xbox Live
Business Requirements Will Continue to Evolve and Expand over Time
4-Class Model 8-Class Model 12-Class Model
Voice Voice
Realtime Interactive
Interactive Video
Realtime Multimedia Conferencing
Broadcast Video
Streaming Video
Multimedia Streaming
Signaling / Control Signaling Signaling
Network Control Network Control
Network Management
Critical Data
Critical Data Transactional Data
Bulk Data
Best Effort Best Effort
Best Effort
Scavenger Scavenger
QoS Design Strategy—At-A-Glance
http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/qosmrn.pdf
Agenda
Recommendations
Campus QoS Design
Considerations & Recommendations
Campus QoS Design Considerations
The Case for Campus QoS
• The primary role of QoS in medianet campus networks is not to control latency
or jitter (as it is in the WAN/VPN), but to manage packet loss
• In GE/10GE campus networks, it takes only a few milliseconds of congestion to
cause instantaneous buffer overruns resulting in packet drops
• Rich media applications—particularly HD video applications—are extremely
sensitive to packet drops, to the point where even 1 packet dropped in 10,000 is
discernable by the end-user
Implications of Video Compression on Packet Loss Tolerance
1920 lines of Vertical Resolution (Widescreen Aspect Ratio is 16:9) 1080 x 1920 lines =
1080 lines of Horizontal Resolution
2,073,600 pixels per frame
x 3 colors per pixel
x 1 Byte (8 bits) per color
x 30 frames per second
= 1,492,992,000 bps
or 1.5 Gbps Uncompressed
Cisco H.264-based HD Codecs transmit 3-5 Mbps per 1080p image

which represents over 99.67% compression (300:1)
Therefore packet loss is proportionally magnified in overall video quality
Users can notice a single packet lost in 10,000—
Making HD Video One Hundred Times More Sensitive to Packet Loss than VoIP!
Campus QoS Design Overview
VoIP vs. HD Video—At the Packet Level
1400
Voice Packets 1400
Video Packets
Video Video Video
Frame Frame Frame
1000 1000
Bytes
Audio
600 600
Samples
200 200
Time 20 msec 33 msec

How Long Can Queue-Buffers Accommodate Line-Rate Bursts?
GE Linecard Example
Begin dropping packets at this point (11 ms)
140
Gbps Line Rate GE Linecard Example (WS-X6148)
KBytes Per ms
120
100 Total Per-Port Buffer: 5.4 MB
80
60 Total Per-Queue Buffer*: 1.35 MB
40
20 Gbps Line Rate: 1 Gbps = 125 MB/s
0 or 125 KB/ms
770
130
170
210
250
290
330
370
410
450
490
530
570
610
650
690
730
810
850
890
930
970
10
50
90
Total Per-Queue Buffering Capacity: 10.8 ms

ms
*Assuming (4) equal-sized queues

1 second
How Long Can Queue-Buffers Accommodate Line-Rate Bursts?
10-GE Linecard Example
Begin dropping packets at this point (9 ms)
1400
10 Gbps Line Rate 10 GE Linecard Example (WS-X6908)
KBytes Per ms
1200
1000
Total Per-Port Buffer: 90 MB
800
600
Total Per-Queue Buffer*: 11.25 MB
400
200
Gbps Line Rate: 10 Gbps = 1.25 GB/s
0
or 1250 KB/ms
130
370
170
210
250
290
330
410
450
490
530
570
610
650
690
730
770
810
850
890
930
970
10
50
90
Total Per-Queue Buffering Capacity: 9.0 ms

ms
*Assuming (8) equal-sized queues

1 second
Tactical QoS Design Principles
• Always perform QoS in hardware rather than software when a choice exists
• Classify and mark applications as close to their sources as technically and
administratively feasible
• Police unwanted traffic flows as close to their sources as possible
• Enable queuing policies at every node where the potential for congestion exists
Campus QoS Tools and Deployment Options
• MLS QoS vs. MQC QoS vs. C3PL QoS
• Global Default QoS Setting
• Trust States and Conditional Trust
• Per-Port QoS, Per-VLAN QoS, Per-Port/Per-VLAN QoS
• Ingress QoS Models
• Egress QoS Models
• EtherChannel QoS
• QoS Roles in a Medianet Campus
MLS QoS vs. MQC QoS vs. C3PL QoS
• Catalyst 2960-X / 3560 / 3750 are the last platforms to use Multilayer Switch QoS
(MLS QoS) syntax
– QoS is disabled by default and must be globally enabled with mls qos command
– Once enabled, all ports are set to an untrusted port-state
• Catalyst 3650/3850 and 4500 are using IOS Modular QoS Command Line
Interface (MQC) syntax (the same as router platforms)
– QoS is enabled by default
– All ports trust at layer 2 and layer 3 by default
• Catalyst 6500 is using Cisco Common Classification Policy Language (C3PL) QoS
– QoS is enabled by default (Sup2T) – Disabled by default (Sup720)
– All ports trust at layer 2 and layer 3 by default
– C3PL presents queuing policies similar to MQC
Conditional Trust Operation
Cisco TelePresence System (CTS) Endpoint Example
Trust Boundary
Successful “Condition” Met (i.e. CDP negotiation successful)
Trust is Dynamically Extended to Cisco CTS Primary Codec

1
2 Cisco 7975G IP Phone: Voice  CoS 5 & DSCP EF
Signaling  CoS 3 & DSCP CS3
3
CTS Primary Codec: Voice + Video  CoS 4 & DSCP CS4
Call-Signaling  CoS 3 & DSCP CS3
Cisco Devices Supporting Conditional Trust: 4

• Cisco IP Phones CoS-to-DSCP Map:
• Cisco TelePresence Systems CoS 5  DSCP EF (46)
CoS 4  DSCP CS4 (32)
• Cisco IP Video Surveillance cameras CoS 3  DSCP CS3 (24)
• Cisco Digital Media Players

Per-Port QoS vs. Per-VLAN QoS
Per-Port QoS Per-VLAN QoS

Policy map is applied to the
logical VLAN interface
VLAN Interfaces VLAN Interfaces
VLAN 10 VLAN 20 VLAN 10 VLAN 20
Physical Ports Physical Ports

Policy map is applied to the
physical switch port
Per-Port/Per-VLAN QoS
VLAN Interfaces
DVLAN 10
VVLAN 110
DVLAN policy map is applied Trunked Physical Ports

to the Data VLAN (only)
on a given trunked switch port VVLAN policy map is applied
to the Voice VLAN (only)
on a given trunked switch port
Campus Ingress QoS Models
No Trust (Untrusted)
Trust DSCP
Trust CoS
Trust Device / Conditional Trust
(if required and supported)

Ingress Queuing Policies
Marking Policies (Optional) Policing Policies
VVLAN Yes
VoIP Classifier Mark EF VoIP Policer (<128 kbps) No
Drop
Yes
Signaling Classifier Mark CS3 Signaling Policer (<32 kbps) No
Drop
Yes
Multimedia Conferencing Classifier
Mark AF41 MM-Conf Policer (<5 Mbps) No
Drop
DVLAN Yes
Drop
Yes
Transactional Data Classifier Mark AF21 Trans-Data Policer (<10 Mbps) No
Remark to CS1
Yes
Bulk Data Classifier Mark AF11 Bulk Data Policer (<10 Mbps) No
Remark to CS1
Yes
Scavenger Classifier Mark CS1 Scavenger Policer (<10 Mbps) No
Drop
Yes
Best Effort (Class-Default) Mark DF Best Effort Policer (<10 Mbps) No
Remark to CS1
30
Campus QoS Design Recommendations
Queuing and Dropping Recommendations
• Catalyst hardware queuing varies by platform/linecard and can be expressed as: xPyQzT
• For Example: 1P3Q8T means:
– 1 strict-Priority queue Best Effort
– 3 non-priority Queues, each with ≥ 25% Realtime
≤ 33%
– 8 drop-Thresholds per queue

Scavenger/Bulk
≤ 5%
• Minimum recommended queuing capabilities is 1P3Q
Guaranteed BW
– RFC 3246 EF PHB: Realtime (PQ) should be no more than 33% of link
– RFC 2597 AF PHB: Guarantee bandwidth to non-priority queue(s)
– RFC 2474 DF PHB: Best-Effort Queue should be guaranteed at least 25% of link
– RFC 3662 Scavenger PDB (and/or Bulk): BW-constrained queue(s) should be minimally provisioned
• Enable congestion-avoidance on non-priority + non-control queues

– WTD (Weighted Tail Drop) on Catalyst 3650/3850
– DBL (Dynamic Buffer Limiting) on Catalyst 4500
– WRED (Weighted Random Early Detect) on Catalyst 6500
Campus QoS Design Recommendations
EtherChannel QoS
• EtherChannels are comprised of logical (Port-Channel) interfaces and physical

(port-member) interfaces
• Ingress QoS policies are usually applied to the logical interfaces (but not always)
• Egress QoS policies (such as queuing) are always applied to the physical port-
member interfaces
Platform QoS Policies Applied to the QoS Policies Applied to the
(Logical) Port-Channel (Physical) Port-Member
Interface Interfaces
Catalyst 2960-X  Ingress & Egress
Catalyst 3650/3850  Ingress  Egress
Catalyst 4500  Ingress  Egress
Campus QoS Design – Port QoS Roles
Untrusted Endpoint Port QoS:
Untrusted Endpoints • No Trust
• [Optional Ingress Marking and/or Policing]
• Egress Queuing
Access Distribution Core
Trusted Endpoint Trusted

Port QoS: Endpoints
• Trust-DSCP
• [Optional Ingress
Marking and/or
Policing]
• Egress Queuing
WAN/VPN
Block
Conditionally-
Trusted
Endpoints
Conditionally-Trusted Endpoint Port QoS Switch-to-Switch/Router Port QoS

• Conditional-Trust with Trust-CoS • Trust DSCP
• [Optional Ingress Marking and/or Policing] • Egress Queuing
• Egress Queuing
Campus QoS Design—At-A-Glance
http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/qoscampusaag.pdf
Agenda
Recommendations
Cisco Catalyst 2960-X (+3560 + 3750)
QoS Design
Catalyst 2960-X/3560/3750 Campus QoS Design
Catalyst 2960-X/3650/3750 QoS Roles in Campus Networks
No Trust +
Ingress Queuing +
Egress Queuing
Trust DSCP +
Ingress Queuing +
Egress Queuing
Conditional Trust +
Ingress Queuing +
C2960/ Egress Queuing
C3560/
C3750 Classification/Marking +
Access [Optional Policing] +
Switch Distribution Ingress Queuing +
Switches Egress Queuing
Catalyst 2960-X Campus QoS Design
QoS Design Steps
1. Enable QoS
2. Configure Ingress QoS Model(s): Note: The Catalyst 3560 & 3750 support ingress
queuing policies, but the 2960-X does not.
 Trust Models Similarly, the Catalyst 3560 & 3750 support VLAN-
 Conditional Trust Model based QoS policies, but the 2960-X does not.
 Service Policy Models
3. Configure Egress Queuing
Enabling QoS and Trust Model Examples
Enabling QoS:
mls qos Shaded commands are global
Trust-CoS Model Example:

mls qos map cos-dscp 0 8 16 24 32 46 48 56 Key commands/parameters in RED
mls qos trust cos Highlighted commands are interface specific
Trust-DSCP Model Example:

mls qos trust dscp
Conditional-Trust Model Example:

mls qos trust device cisco-phone [or]
mls qos trust device cts [or]
mls qos trust device ip-camera [or]
mls qos trust device media-player
Conditional Trust to a Cisco IP Phone Example
Conditional Trust Policy to a Cisco IP Phone:

mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos trust device cisco-phone
mls qos trust cos Note: All CoS-to-DSCP values are left at default
(DSCP = CoS * 8)
Except for CoS 5 which is explicitly mapped to DSCP 46

(Expedite Forwarding/EF, per RFC 3246).
Service Policy Model Example—Marking Policy
[class-maps omitted for brevity]

policy-map MARKING-POLICY
class VOIP
set dscp ef
class MULTIMEDIA-CONFERENCING
set dscp af41
class SIGNALING
set dscp cs3
class TRANSACTIONAL-DATA
set dscp af21
class BULK-DATA
set dscp af11
class SCAVENGER
set dscp cs1
class DEFAULT
set dscp default
service-policy input MARKING-POLICY
Note: Remarking is performed by configuring a
Catalyst 2960-X/3560/3750 Campus QoS Design policed-DSCP map with the global configuration
command mls qos map policed-dscp, which
specifies which DSCP values are subject to
Service Policy Model Example—Marking & Policing Policy remarking if out-of-profile and what value these
should be remarked as.
mls qos map policed-dscp 0 10 18 to 8 In this example exceeding data classes are
remarked to Scavenger (CS1/DSCP 8).
policy-map MARKING&POLICING
class VVLAN-VOIP … (continued)
set dscp ef class BULK-DATA
police 128k 8000 exceed-action drop set dscp af11
class VVLAN-SIGNALING police 10m 8000 exceed-action policed-dscp-transmit
set dscp cs3 class SCAVENGER
police 32k 8000 exceed-action drop set dscp cs1
class MULTIMEDIA-CONFERENCING police 10m 8000 exceed-action drop
set dscp af41 class DEFAULT
police 5m 8000 exceed-action drop set dscp default
class SIGNALING police 10m 8000 exceed-action policed-dscp-transmit
set dscp cs3 service-policy input MARKING&POLICING
police 32k 8000 exceed-action drop
set dscp af21
police 10m 8000 exceed-action policed-dscp-transmit
…
Egress Queuing Model (1P3Q3T)
Application DSCP 1P3Q3T
Network Control (CS7) AF1 Queue 4 Q4T2

CS1 (5%) Q4T1
Internetwork Control CS6
VoIP EF Default Queue

DF
Broadcast Video CS5 Queue 3 (35%)
Multimedia Conferencing AF4 CS7 Q2T3
Realtime Interactive CS4 CS6
Multimedia Streaming AF3 CS3 Q2T2

Queue 2
Signaling CS3 AF4 (30%) Q2T1
Transactional Data AF2 AF3
Network Management CS2 AF2

CS2
Bulk Data AF1
EF
Scavenger CS1 Q1
CS5
Best Effort DF Priority Queue
43 CS4
BRKCRS-2501 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public
Egress Queuing Model (1P3Q3T) Example–Part 1 of 2
! This section configures egress buffers and thresholds

mls qos queue-set output 1 buffers 15 30 35 20 Note: The Catalyst 2960-X can also be
mls qos queue-set output 1 threshold 1 100 100 100 100 configured to use an 8-queue model;
mls qos queue-set output 1 threshold 2 80 90 100 400 however this model is NOT supported
in a stack, nor is it supported if
mls qos queue-set output 1 threshold 3 100 100 100 400
AutoQoS is enabled.
! This section configures egress CoS-to-Queue mappings

mls qos srr-queue output cos-map queue 1 threshold 3 4 5
mls qos srr-queue output cos-map queue 2 threshold 1 2
2960/3560/3750 Campus
Catalyst 2960-X/3560/3750 QoS
Campus Design
QoS Design
! This section configures egress DSCP-to-Queue mappings

mls qos srr-queue output dscp-map queue 1 threshold 3 32 40 46
mls qos srr-queue output dscp-map queue 2 threshold 1 16 18 20 22
mls qos srr-queue output dscp-map queue 2 threshold 1 26 28 30 34 36 38
mls qos srr-queue output dscp-map queue 2 threshold 2 24
mls qos srr-queue output dscp-map queue 2 threshold 3 48 56
! This section configures interface egress queuing parameters

queue-set 1
srr-queue bandwidth share 1 30 35 5
priority-queue out
EtherChannel QoS Design
All QoS policies are configured on the physical port-member interfaces only

Catalyst 2960/3560/3750  Ingress & Egress
Catalyst 2960/3560/3750 QoS Design—At-A-Glance
http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/qoscampuscat3xxxaag.pdf
Agenda
Recommendations
Cisco Catalyst 3650/3850
QoS Design
Catalyst 3650/3850 Campus QoS Design
Catalyst 3650/3850 QoS Roles in Campus Networks
No Trust +
Egress Queuing
Trust DSCP +
C3650/3850 Egress Queuing
Access
Switch Conditional Trust +
Egress Queuing
Classification/Marking +
[Optional Policing] +
Egress Queuing
Wireless Per-Port / Per-SSID / Per-Client Policies:

[Optional: Classification/ Marking]
[Optional: Policing]
Distribution 2P2Q+AFD Egress Queuing
Switches
QoS Design Steps
1. Configure Ingress QoS Model(s):

 Trust DSCP Model*
 Conditional Trust Models (wired ports only)
 Service Policy Models (wired or wireless ports)
 Wired Queuing Models: 8Q3T or 1P7Q3T or 2P6Q3T
 Wireless Queuing Model: 2P2Q+AFD
*Note: Catalyst 3650/3850 IOS MQC will trust by default on wired ports
Prior to IOS XE 3.3, wireless ports were set to an untrusted state by default.
However, this default setting can be globally disabled with the following command:
no qos wireless-default-untrust
Beginning with IOS XE 3.3, wireless ports also trusted by default
Only match-any is supported
Conditional Trust Models (Wired Ports Only) (i.e. match-all is not supported)
Conditional-Trust
Cisco IP Phone (Cisco IP Phone)
Conditional TrustExample:
Example
class-map match-any VOICE CoS
CoSmust
mustbebe
match cos 5 matched
matchedasasCisco
Conditional-Trust Models: class-map match-any SIGNALING
Cisco
IP
IPPhones
Phonesonly
only
interface GigabitEthernet 1/0/1 match cos 3 remark
remarkat
atLayer
Layer22
trust device cisco-phone [or]
trust device cts [or] policy-map CISCO-IPPHONE
trust device ip-camera [or] class VOICE
trust device media-player set dscp ef
class SIGNALING
set dscp cs3
Only one type of device can be configured for class class-default
conditional trust on an interface at a given time set dscp default
interface GigabitEthernet 1/0/1
trust device cisco-phone
service-policy input CISCO-IPPHONE
Service Policy Model Example – Marking Policy
[class-maps omitted for brevity] ! This section attaches the service-policy

policy-map MARKING-POLICY ! to a wired interface(s)
class VOIP interface range GigabitEthernet 1/0/1-48
set dscp ef service-policy input MARKING
set dscp af41 ! This section attaches the service-policy
class SIGNALING ! to a wireless interface(s) at the SSID level
set dscp cs3 wlan BRILEY-1
class TRANSACTIONAL-DATA service-policy input MARKING
set dscp af21
class BULK-DATA ! This section attaches the service-policy
set dscp af11 ! to a wireless interface(s) at the client level
class SCAVENGER wlan BRILEY-1
set dscp cs1 service-policy client input MARKING
class default
set dscp default
Inclusion of the client keyword applies the
service-policy at the client level
All markdown and/or
Catalyst 3650/3850 Campus QoS Design mapping operations
are configured
Service Policy Model Example – Marking & Policing Policy – Part 1 through table-maps
policy-map MARKING&POLICING …[continued]
class VVLAN-VOIP class TRANSACTIONAL-DATA
set dscp ef set dscp af21
police 128k table-map TABLE-MAP
police 10m
conform-action transmit map from 0 to 8
conform-action transmit
exceed-action drop map from 10 to 8
exceed-action TABLE-MAP
class VVLAN-SIGNALING map from 18 to 8
class BULK-DATA
set dscp cs3 set dscp af11
police 32k police 10m
conform-action transmit conform-action transmit
exceed-action drop exceed-action TABLE-MAP
class MULTIMEDIA-CONFERENCING class SCAVENGER
set dscp af41 set dscp cs1
police 5m police 10m Policing to remark traffic
conform-action transmit conform-action transmit is done by referencing
exceed-action drop exceed-action drop the previously-configured
class SIGNALING class class-default table-map
set dscp cs3 set dscp default
police 32k police 10m
conform-action transmit conform-action transmit
exceed-action drop exceed-action TABLE-MAP
…
BRKCRS-2501 Policers
© 2015 Cisco and/or its affiliates. All can may
rights reserved. Cisco be
Publicset to 54
either remark or drop excess traffic
Service Policy Model Example – Marking & Policing Policy – Part 2
Service policies applied to the
SSID level are actually
applied to the BSSID
! This section attaches the service-policy to a wired interface(s)
(that is, per SSID/AP pair)
interface range GigabitEthernet 1/0/1-48
service-policy input POLICING
! This section attaches the service-policy to a wireless interface(s) at the SSID level
! The policy will be applied to all clients belonging to the SSID at an aggregate level
wlan BRILEY-1
service-policy input POLICING
! This section attaches the service-policy to a wireless interface(s) at the client level
! The policy will be applied to individual clients at an aggregate level
wlan BRILEY-1
service-policy client input POLICING
The inclusion of the client keyword
changes the application of the policer
from the SSID-aggregate level to the
BRKCRS-2501 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 55 client-aggregate level
Service Policy Model Example – Per-Port/Per-VLAN QoS (Wired Trunked Ports)
In this example the Voice VLAN is 110 and the Data VLAN is 10
class-map VLAN
match vlan 110 Individual
Individual (trunked)
(trunked) VLANs
VLANs are
are
class-map DVLAN matched
matched byby the
the match
match vlan
vlan command
command
match vlan 10
policy-map VLAN-POLICERS
class VVLAN
police 192k
conform-action transmit exceed-action drop Policers are applied on a per-VLAN
Policers are applied on a Per-VLAN basis
class DVLAN basis
police 50m
conform-action transmit exceed-action drop
interface GigabitEthernet 1/0/1

service-policy input VLAN-POLICERS Per-VLAN policers are then applied on a Per-Port basis
Wired Port Egress Queuing (2P6Q3T with WTD) Model
Application DSCP 2P6Q3T BWR =

Bandwidth
Network Control (CS7) EF PQ Level 1 (10%) Remaining
Internetwork Control CS6 CS5
PQ Level 2 (20%) WTD =
CS4
VoIP EF Weighted
CS7 & CS6 Tail
Broadcast Video CS5 Q6
Drop
CS3 & CS2 (BWR 10%)
Multimedia Conferencing AF4
Q5
AF4
Realtime Interactive CS4 (BWR 10% + WTD)
Multimedia Streaming AF3 AF3 Q4

(BWR 10% + DSCP-Based WTD)
Signaling CS3
Q3
(BWR 10% + DSCP-Based WTD)
Network Management CS2
AF1 Q2
Bulk Data AF1
CS1 (BWR 5% + DSCP-Based WTD)
Scavenger CS1
Best Effort DF DF Q1 (BWR 25%)
Wired Port Egress Queuing (2P6Q3T) Example – Part 1 (Class-Maps)
! This section configures the class-maps Note: On platforms with shared buffer and TCAM
class-map match-any VOICE-PQ1 architectures (2960/3560/3750/3650/3850/4500),
match dscp ef show policy-map interface commands do not report
class-map match-any VIDEO-PQ2 per-port packets or byte-counters.
match dscp cs4 This is a limitation of shared hardware architectures.
match dscp cs5
class-map match-any CONTROL-MGMT-QUEUE
match dscp cs7 cs6 cs3 cs2
class-map match-any MULTIMEDIA-CONFERENCING-QUEUE
match dscp af41 af42 af43
class-map match-any MULTIMEDIA-STREAMING-QUEUE
class-map match-any TRANSACTIONAL-DATA-QUEUE
class-map match-any SCAVENGER-BULK-DATA-QUEUE
match dscp cs1 af11 af12 af13
Catalyst 3650/3850 Campus QoS Design If a PQ is enabled then
Wired Port Egress Queuing (2P6Q3T) Example – Part 2 non-PQs must use
bandwidth remaining
! This section configures the policy-map …[continued]
policy-map 2P6Q3T class MULTIMEDIA-STREAMING-QUEUE
Two-levels of priority bandwidth remaining percent 10
class VOICE-PQ1 Allocates
queuing are supported queue-buffers ratio 10
priority level 1 buffers to
police rate percent 10 queue-limit dscp af33 percent 80 non-PQs
class VIDEO-PQ2 queue-limit dscp af32 percent 90
priority level 2 queue-limit dscp af31 percent 100
police rate percent 20 class TRANSACTIONAL-DATA-QUEUE
class CONTROL-MGMT-QUEUE bandwidth remaining percent 10
bandwidth remaining percent 10 queue-buffers ratio 10
queue-buffers ratio 10 queue-limit dscp af23 percent 80 Tunes
Tunes WTD
class MULTIMEDIA-CONFERENCING-QUEUE queue-limit dscp af22 percent 90 WTD to
to align to an
bandwidth remaining percent 10 queue-limit dscp af21 percent 100 align to an
AF PHB
queue-buffers ratio 10 class SCAVENGER-BULK-DATA-QUEUE AF PHB
queue-limit dscp af43 percent 80 bandwidth remaining percent 5
queue-limit dscp af42 percent 90 queue-buffers ratio 10
queue-limit dscp af41 percent 100 queue-limit dscp values af13 cs1 percent 80
… queue-limit dscp values af12 percent 90
queue-limit dscp values af11 percent 100
interface range GigabitEthernet 1/0/1-48 class class-default
service-policy output 2P6Q3T bandwidth remaining percent 25
queue-buffers ratio 25
Wired Port Hierarchical Policies: Queuing within Shaped Rate Example
policy-map 50MBPS-SHAPER
class class-default Defines the sub-line rate (CIR)
shape average 50000000
service-policy 2P6Q3T Provides back-pressure to the system to
interface GigabitEthernet 1/0/1 engage the (previously-defined) queuing
service-policy output 50MBPS-SHAPER policy, so that packets are properly
prioritized within the sub-line rate
Only the Hierarchical Shaping policy is

(directly) applied to the interface(s)
EtherChannel QoS Design (Wired Ports Only)
• Ingress QoS policies are configured on the logical Port-Channel interface

Typically these are simply to enable DSCP trust
(which requires no explicit configuration)
• Egress QoS policies are configured on the physical port-member interfaces

Wireless Ports 2P2Q+Approximate Fair Drop (AFD) Wireless Egress Queuing Model
Application Classes DSCP 2P2Q with AFD
EF Q0
Voice EF CS6 Priority Level 1
CS3 (Limited to 10% of BW)
Q1
Interactive Video AF4 AF4 Priority Level 2
(Limited to 20% of BW)
Network Control CS6
Signaling CS3 AF1
AF2 Q2
Bulk Data AF1
Unicast-
Non-Realtime Queue
CS1
(63% BWR)
Transactional Data AF2
DF
Scavenger CS1
Q3
Multicast Non-Realtime Queue
Best Effort DF (7% BWR)
2P2Q+AFD Wireless Egress Queuing Configuration
class-map match-any REALTIME-1
match dscp ef
match dscp cs6
Note: This policy is applied automatically to all wireless ports.
match dscp cs3
Therefore, no explicit service-policy command is required
class-map match-any REALTIME-2
to attach the policy to a wireless interface(s).
match dscp af41
match dscp af42
match dscp af43
! This section configures egress wireless queuing and a dual PQ

policy-map port_child_policy System-defined (but configurable) queuing policy
class non-client-nrt-class
bandwidth remaining ratio 7
class REALTIME-1 System defined queue for multicast wireless traffic
priority level 1
police rate percent 10 conform-action transmit exceed-action drop
class REALTIME-1
priority level 2 Two-levels
Two-levels of
of priority
priority queuing
queuing are
are supported
supported
police rate percent 20 conform-action transmit exceed-action drop
class class-default
Default unicast queue (non-priority queue)
bandwidth remaining ratio 63
Catalyst 3650/3850 QoS Design—At-A-Glance
http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/qoscampuscat3x50aag.html
Agenda
Recommendations
Cisco Catalyst 4500 (Supervisor 7-E / 8-E)
and 4500-X QoS Design
Catalyst 4500 Campus QoS Design
Catalyst 4500 QoS Role in Campus Networks
Trust DSCP +
Egress Queuing
Access
Switches Catalyst 4500
Core Switches
Distribution
Switches
QoS Design Steps
1. Configure Ingress QoS Model(s):

 DSCP-Trust Model* *Note: Catalyst 4500 IOS MQC will trust DSCP by default
 Conditional Trust Model (therefore no explicit policy is required for DSCP trust)
 Service Policy Models
Conditional Trust Model – Cisco IP Phone Example
class-map match-all VOICE

match cos 5 Catalyst 4500 supports both match-all (logical AND)
class-map match-all SIGNALING and match-any (logical OR) operators
match cos 3
policy-map CISCO-IPPHONE
class VOICE
set dscp ef
class SIGNALING
set dscp cs3
class class-default
set dscp default
interface GigabitEthernet 3/1

qos trust device cisco-phone
service-policy input CISCO-IPPHONE
Conditional trust command (trust device x) must be

prefaced by qos on the Catalyst 4500
Service Policy Model Example – Marking Policy
policy-map MARKING-POLICY
class VOIP
set dscp ef
set dscp af41
class SIGNALING
set dscp cs3
set dscp af21
class BULK-DATA
set dscp af11
class SCAVENGER
set dscp cs1
class class-default
set dscp default
interface GigabitEthernet 3/1

service-policy input MARKING-POLICY
Service Policy Model Example – Marking & Policing Policy
policy-map MARKING&POLICING class BULK-DATA
class VOIP police 10m bc 8000
police 128k bc 8000 conform-action set-dscp-transmit af11
conform-action set-dscp-transmit ef exceed-action set-dscp-transmit af12
exceed-action drop class SCAVENGER
class SIGNALING police 10m bc 8000
police 32k bc 8000 conform-action set-dscp-transmit cs1
conform-action set-dscp-transmit cs3 exceed-action drop
exceed-action drop class class-default
class MULTIMEDIA-CONFERENCING police 10m bc 8000
police 5m bc 8000 conform-action set-dscp-transmit default
conform-action set-dscp-transmit af41 exceed-action set-dscp-transmit cs1
exceed-action set-dscp-transmit af42
class TRANSACTIONAL-DATA interface GigabitEthernet 3/1
police 10m bc 8000 service-policy input MARKING&POLICING
conform-action set-dscp-transmit af21
exceed-action set-dscp-transmit af22
Marking/remarking is configured as part of the policing action
(i.e. no table-map or markdown-map is referenced)
Service Policy Model Example – Per-Port/Per-VLAN QoS (IP Phone Example)
In this example VLAN 10 is the Data VLAN and VLAN 110 is the VVLAN
interface range GigabitEthernet 2/1-48
qos trust device cisco-phone
vlan 10 Per-Port/Per-VLAN policies can be applied to
service-policy input DVLAN-POLICERS a specific VLAN on a trunked interface via an
vlan 110 interface-VLAN configuration mode
service-policy input VVLAN-POLICERS
Egress Queuing (1P7Q1T+DBL) Model
Application DSCP 1P7Q1T (+DBL)
Network Control (CS7) EF

Internetwork Control CS6 CS5 PQ
CS4
VoIP EF
CS7 & CS6 Q7
Broadcast Video CS5
CS3 & CS2 (BWR 10%)
Q6
AF4
Realtime Interactive CS4 (BWR 10%)
Multimedia Streaming AF3 AF3 Q5

(BWR 10%)
Signaling CS3
Q4
(BWR 10%)
Q3 BWR =
AF1
Bulk Data AF1 (BWR 4%) Bandwidth
Remaining
Scavenger CS1 CS1 Q2 (BWR 1%)
Best Effort DF DF Q1 (25%)

Catalyst 4500 Campus QoS Design If PQ is enabled then
bandwidth remaining
Egress Queuing (1P7Q1T+DBL) Example must be used
class-map match-all PRIORITY-QUEUE Enables the PQ policy-map 1P7Q1T

match dscp cs4 cs5 ef class PRIORITY-QUEUE
class-map match-all CONTROL-MGMT-QUEUE priority
match dscp cs7 cs6 cs3 cs2 class CONTROL-MGMT-QUEUE
class-map match-all MULTIMEDIA-CONFERENCING-QUEUE bandwidth remaining percent 10
match dscp af41 af42 af43 class MULTIMEDIA-CONFERENCING-QUEUE
class-map match-all MULTIMEDIA-STREAMING-QUEUE bandwidth remaining percent 10
match dscp af31 af32 af33 class MULTIMEDIA-STREAMING-QUEUE
class-map match-all TRANSACTIONAL-DATA-QUEUE bandwidth remaining percent 10
match dscp af21 af22 af23 class TRANSACTIONAL-DATA-QUEUE
class-map match-all BULK-DATA-QUEUE bandwidth remaining percent 10
match dscp af11 af12 af13 dbl
class-map match-all SCAVENGER-QUEUE class BULK-DATA-QUEUE
match dscp cs1 bandwidth remaining percent 4
dbl
class SCAVENGER-QUEUE
DBL can be enabled on a per-class basis, but
DBL can be enabled on a per-class basis, bandwidth remaining percent 1
should not be enabled on the PQ or Control
but should not be enabled on the PQ or Control traffic queues class class-default
traffic queues.
bandwidth remaining percent 25
Enabling DBL on UDP-based queues and/or Scavenger queue dbl
Enabling DBL on UDP-based queues and/or
is optional
Scavenger queue is optional service-policy output 1P7Q1T

Typically these are simply to enable DSCP trust
(which requires no explicit configuration)

Catalyst 4500 Campus QoS Design—At-A-Glance
http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/qoscampuscat4500aag.html
Agenda
Recommendations
Cisco Catalyst 6500 (Supervisor-2T) & 6800
QoS Design
Cisco Catalyst 6500/6800 Campus Core QoS Design
Catalyst 6500/6800 Role in Campus Networks
Catalyst 6500
Core/Distribution
Switches
Trust DSCP
+ Ingress Queuing
+ Egress Queuing
Cisco Catalyst 6500 Campus Core QoS Design
QoS Design Steps—Cisco Catalyst 6500 (Supervisor 2T) or 6800
1. Configure Ingress Queuing Catalyst 6500 IOS C3PL will trust DSCP by default
(therefore no explicit policy is required for DSCP trust)
8Q4T (Ingress) & 1P7Q4T (Egress) Queuing Model Examples
Application-Class DSCP 8Q4T/1P7Q4T

CS5 Realtime-Queue
Internetwork Control CS6 (10% BW/Priority)
CS4
VoIP EF
CS7 & CS6 Control Queue
Broadcast Video CS5
CS3 & CS2 (10% BW/BWR)
Multimedia Conferencing AF4 Multimedia-Conferencing Queue
AF4 (10% BW/BWR
Realtime Interactive CS4
+ DSCP-WRED)
Multimedia-Streaming Queue BWR =
Multimedia Streaming AF3 Bandwidth
AF3 (10% BW/BWR
Signaling CS3 + DSCP-based WRED) Remaining
Transactional Data
Transactional Data AF2 AF2 (10% BW/BWR
+ DSCP-based WRED)
Network Management CS2 Bulk Data
AF1 (4% BW/BWR
Bulk Data AF1 +DSCP-based WRED)
Scavenger CS1 CS1 Scavenger (1% BW/BWR)
Default Queue
Best Effort DF DF (25% BW/BWR
+ WRED)
Queuing Policies: Part 1 of 3 (Common Ingress & Egress Queuing Class-Maps)
class-map type lan-queuing REALTIME-QUEUE
match dscp cs4 cs5 ef
class-map type lan-queuing CONTROL-QUEUE Note: A C3PL interface may support up to
match dscp cs2 cs3 cs6 cs7 4 QoS policies:
class-map type lan-queuing MULTIMEDIA-CONFERENCING-QUEUE • service-policy type qos input
match dscp af41 af42 af43 • service-policy type qos ouput
class-map type lan-queuing MULTIMEDIA-STREAMING-QUEUE • service-policy type lan-queuing input
match dscp af31 af32 af33 • service-policy type lan-queuing output
class-map type lan-queuing TRANSACTIONAL-DATA-QUEUE
class-map type lan-queuing BULK-DATA-QUEUE
class-map type lan-queuing SCAVENGER-QUEUE
match dscp cs1
Unless specified otherwise, the Class-maps and policy-maps

default C3PL class-map and used for ingress and/or egress
policy-map type is qos queuing policies must be explicitly
(classification, marking, policing) configured as type lan-queuing
Queuing Policies: Part 2 of 3 (8Q4T Ingress Queuing Policy-Map)
Policy-map must be defined as type lan-queuing Bandwidth remaining is not required
policy-map type lan-queuing INGRESS-8Q4T [continued] (as no PQ is enabled)
class REALTIME-QUEUE class TRANSACTIONAL-DATA-QUEUE
bandwidth percent 10 No PQ support on ingress bandwidth percent 10
class CONTROL-QUEUE random-detect dscp-based
bandwidth percent 10 random-detect dscp af21 percent 80 100
class MULTIMEDIA-CONFERENCING-QUEUE random-detect dscp af22 percent 70 100
random-detect dscp-based class BULK-DATA-QUEUE
random-detect dscp af41 percent 80 100 bandwidth percent 4
random-detect dscp af42 percent 70 100 random-detect dscp-based
random-detect dscp af43 percent 60 100 random-detect dscp af11 percent 80 100
class MULTIMEDIA-STREAMING-QUEUE random-detect dscp af12 percent 70 100
random-detect dscp-based class SCAVENGER-QUEUE
random-detect dscp af31 percent 80 100 bandwidth percent 1
random-detect dscp af32 percent 70 100 class class-default
random-detect dscp default percent 80 100
Tunes WRED to better
align to the AF PHB service-policy type lan-queuing input INGRESS-8Q4T
Queuing Policies: Part 3 of 3 (1P7Q4T Egress Queuing Policy-Map)
Policy-map must be defined as type lan-queuing bandwidth remaining is required
(as PQ is enabled)
policy-map type lan-queuing EGRESS-1P7Q4T [continued]
class REALTIME-QUEUE class TRANSACTIONAL-DATA-QUEUE
priority Enables egress PQ bandwidth remaining percent 10
class CONTROL-QUEUE random-detect dscp-based
bandwidth remaining percent 10 random-detect dscp af21 percent 80 100
class MULTIMEDIA-CONFERENCING-QUEUE random-detect dscp af22 percent 70 100
random-detect dscp-based class BULK-DATA-QUEUE
random-detect dscp af41 percent 80 100 bandwidth remaining percent 4
random-detect dscp af43 percent 60 100 random-detect dscp af11 percent 80 100
class MULTIMEDIA-STREAMING-QUEUE random-detect dscp af12 percent 70 100
random-detect dscp-based class SCAVENGER-QUEUE
random-detect dscp af31 percent 80 100 bandwidth remaining percent 1
random-detect dscp af32 percent 70 100 class class-default
random-detect dscp default percent 80 100
Tunes WRED to better align service-policy type lan-queuing output EGRESS-1P7Q4T
BRKCRS-2501 ©to the
2015 AF
Cisco PHB
and/or its affiliates. All rights reserved. Cisco Public 84
Cisco Catalyst 6500/6800 Campus QoS Design

– No ingress policies typically needed for C6500/6800 EtherChannels
(as all ports trust DSCP & CoS by default)
Catalyst 6500/6800  Ingress  Egress
Cisco Catalyst 6500 QoS Design—At-A-Glance
http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/qoscampuscat6500sup2taag.html
Agenda
Recommendations
Summary & References
Key Takeaways
• The explosion of rich media applications requires network architects to
reevaluate current QoS designs
• Always, always, always begin by defining the business objectives of QoS
• RFC 4594 provides an industry best-practice QoS strategic framework
• Campus QoS is needed primarily to control packet drops
– Some rich media applications require fewer than 1 drop per 10,000 packets
– QoS architects need to know the campus QoS toolset
– Hardware queuing (both ingress and egress) vary by platform & linecard
• Cisco provides many At-A-Glance guides to get up and running quickly
– As well as comprehensive in-depth design chapters for additional design reference
• AutoQoS for Medianet Feature is available on Catalyst 2960/3560/3750 and
Catalyst 3650/3850 and 4500
Campus QoS Design 4.0—At-A-Glance Docs
• QoS Design Strategy At-A-Glance
http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/qosmrn.html
• Campus QoS Design At-A-Glance
http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/qoscampusaag.html
• Cisco Catalyst 3560/3750 QoS Design At-A-Glance
http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/qoscampuscat3xxxaag.html
• Cisco Catalyst 3650/3850 QoS Design At-A-Glance
http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/qoscampuscat3x50aag.html
• Cisco Catalyst 4500 QoS Design At-A-Glance
http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/qoscampuscat4500aag.html
• Cisco Catalyst 6500 QoS Design At-A-Glance
http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/qoscampuscat6500sup2taag.html
• Cisco Campus AutoQoS SRND4 At-A-Glance
http://www.cisco.com/c/dam/en/us/td/docs/solutions/Enterprise/Video/autoqosmediacampus.pdf
Campus QoS Design 4.0—In-Depth
Comprehensive Design Chapters
• Enterprise Quality of Service Design 4.0
http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_S
RND_40/QoSIntro_40.html
• Campus QoS Design 4.0
http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_S
RND_40/QoSCampus_40.html
Recommended Reading
• Release Date: Jan 2014
• Comprehensive QoS design
guidance for PINs and platforms:
• Campus Catalyst 3750/4500/6500
• WLAN WLC 5508 / Catalyst 3850 NGWC
• Data Center Nexus 1000V/2000/5500/7000
• WAN & Branch Cisco ASR 1000 / ISR G2
• MPLS VPN Cisco ASR 9000 / CRS-3
• IPSec VPNs Cisco ISR G2
• ISBN: 1-58714-369-0
Ken Briley
http://www.ciscopress.com/store/end-to-end-qos-network-design-quality-of-service-for-9781587143694
Call to Action
• Visit the World of Solutions for
– Cisco Campus
– Walk in Labs
– Technical Solution Clinics
• Meet the Engineer
• Lunch time Table Topics
• DevNet zone related labs and sessions
• Recommended Reading: for reading material and further resources for this
session, please visit www.pearson-books.com/CLMilan2015
Interested in Learning about Next Gen Solutions?
• Have your account team setup a
meeting @ Enterprise Segment
Innovation Forum
• Requirements
– Cisco Account Team Presence
– Cisco NDA in Place
• Please use the address if you have
any queries…
ciscolive-ebc-eng-sw@external.cisco.com
• We are at
MiCo - Milano Congressi, Piazzale Carlo
Magno 1, 20149 Milano Italy, Meeting
Village, North Building, Level 1
Complete Your Online Session Evaluation
• Please complete your online session
evaluations after each session.
Complete 4 session evaluations
& the Overall Conference Evaluation
(available from Thursday)
to receive your Cisco Live T-shirt.
• All surveys can be completed via

the Cisco Live Mobile App or the
Communication Stations
Appendix: AutoQoS SRND 4.0
Cisco Catalyst 2960/3560/3750 AutoQoS
AutoQoS SRND4 Models
auto qos voip [ cisco-phone | cisco-softphone | trust ]
1P1Q3T Ingress Queuing Policies
1P3Q3T Egress Queuing Policies

auto qos trust { cos | dscp }
auto qos video [ cts | ip-camera ]
auto qos classify auto qos classify { police }

Yes
Multimedia Conferencing Mark AF41 MM-Conf Policer (<5 Mbps) No
Drop
Classifier
Yes
Drop
Yes
Remark to CS1
Yes
Remark to CS1
Yes
Drop
Yes
Remark to CS1
AutoQoS SRND4 – auto qos trust { cos | dscp }
Layer 2 Switch Port Example: Layer 3 Routed Interface Example:

C3750(config-if)# auto qos trust C3750(config-if)# auto qos trust
interface GigabitEthernet1/0/1 interface GigabitEthernet1/0/48
description L2-ACCESS-PORT description L3-ROUTED-INTERFACE
switchport access vlan 10 no switchport
switchport voice vlan 110 ip address 10.0.1.103 255.255.255.0
… …
mls qos trust cos mls qos trust dscp
! AutoQoS has configured static CoS-trust ! AutoQoS has configured static DSCP-trust
auto qos trust auto qos trust
AutoQoS SRND4 – auto qos video [ cts | ip-camera ]
C3750(config-if)# auto qos video cts C3750(config-if)# auto qos video ip-camera
interface GigabitEthernet1/0/1 interface GigabitEthernet1/0/1
description L2-ACCESS-PORT-TO-CTS description L2-ACCESS-PORT-TO-IPVS-CAMERA
switchport access vlan 10 switchport access vlan 10
switchport voice vlan 110 switchport voice vlan 110
… …
mls qos trust device cts mls qos trust device ip-camera
! AutoQoS has configured conditional-trust ! AutoQoS has configured a conditional-trust
! for Cisco TelePresence Systems ! for Cisco for IPVS cameras
mls qos trust cos mls qos trust dscp
! AutoQoS has configured CoS-trust ! AutoQoS has configured DSCP-trust
! to be dynamically extended ! to be dynamically extended
auto qos video cts auto qos video ip-camera
AutoQoS SRND4 – auto qos classify
C3750(config-if)# auto qos classify
Note: Class-maps and IP ACLs
policy-map AUTOQOS-SRND4-CLASSIFY-POLICY
omitted for brevity
class AUTOQOS_MULTIENHANCED_CONF_CLASS
set dscp af41
class AUTOQOS_BULK_DATA_CLASS
set dscp af11
class AUTOQOS_TRANSACTION_CLASS
set dscp af21
class AUTOQOS_SCAVANGER_CLASS
set dscp cs1
class AUTOQOS_SIGNALING_CLASS
set dscp cs3
class AUTOQOS_DEFAULT_CLASS
set dscp default
AutoQoS SRND4 – auto qos classify police
C3750(config-if)# auto qos classify police
policy-map AUTOQOS-SRND4-CLASSIFY-POLICE-POLICY omitted for brevity
set dscp af41
police 5000000 8000 exceed-action drop
set dscp af11
police 10000000 8000 exceed-action policed-dscp-transmit
set dscp af21
set dscp cs1
set dscp cs3
set dscp default
AutoQoS VoIP (SRND4) Models
auto qos voip trust
auto qos voip cisco-phone

Yes
Remark to CS1
Yes
1P1Q3T Ingress Queuing Policies

Remark to CS1
1P3Q3T Egress Queuing Policies

Yes
Remark to CS1
auto qos voip cisco-softphone

Yes
Remark to CS1
Yes
Remark to CS1
Yes
Multimedia Conferencing Mark AF41 MM-Conf Policer (<5 Mbps) No
Drop
Classifier
Yes
Drop
Yes
Remark to CS1
Yes
Remark to CS1
Yes
Drop
Yes
Remark to CS1
104
AutoQoS SRND4 – auto qos voip cisco-phone
C3750(config-if)# auto qos voip cisco-phone
Note: Class-maps omitted for
policy-map AUTOQOS-SRND4-CISCOPHONE-POLICY brevity
class AUTOQOS_VOIP_DATA_CLASS
set dscp ef
class AUTOQOS_VOIP_SIGNAL_CLASS
set dscp cs3
set dscp default
AutoQoS SRND4 – auto qos voip cisco-softphone
policy-map AUTOQOS-SRND4-SOFTPHONE-POLICY
class AUTOQOS_VOIP_DATA_CLASS
set dscp ef omitted for brevity
class AUTOQOS_VOIP_SIGNAL_CLASS
set dscp cs3
set dscp af41
set dscp af11
set dscp af21
set dscp cs1
set dscp cs3
set dscp default
Cisco Catalyst 3560/3750 AutoQoS
Ingress Queuing Model (1P1Q3T)
Application DSCP 1P1Q3T

Q2
CS5
Internetwork Control CS6 Priority Queue
CS4
VoIP EF
CS7 Q1T3
Broadcast Video CS5
CS6
Multimedia Conferencing AF4 Q1T2
CS3
AF4 Q1T1
Multimedia Streaming AF3 AF3
Signaling CS3 Queue 1
Non-Priority
Transactional Data AF2 AF2 Default Queue
Network Management CS2 CS2
Bulk Data AF1 AF1
Scavenger CS1 CS1
Best Effort DF DF
Cisco Catalyst 3560/3750 AutoQoS
Ingress Queuing Model (1P1Q3T)
! This section configures the ingress queues and thresholds
mls qos srr-queue input priority-queue 2 bandwidth 30
mls qos srr-queue input bandwidth 70 30
mls qos srr-queue input buffers 90 10
mls qos srr-queue input threshold 1 80 90
! This section configures the ingress CoS-to-Queue mappings

mls qos srr-queue input cos-map queue 1 threshold 1 0 1 2
mls qos srr-queue input cos-map queue 1 threshold 2 3
mls qos srr-queue input cos-map queue 1 threshold 3 6 7
mls qos srr-queue input cos-map queue 2 threshold 1 4 5
! This section configures ingress DSCP-to-Queue Mappings

mls qos srr-queue input dscp-map queue 1 threshold 1 0 8 10 12 14
mls qos srr-queue input dscp-map queue 1 threshold 1 16 18 20 22
mls qos srr-queue input dscp-map queue 1 threshold 1 26 28 30 34 36 38
mls qos srr-queue input dscp-map queue 1 threshold 2 24
mls qos srr-queue input dscp-map queue 1 threshold 3 48 56
mls qos srr-queue input dscp-map queue 2 threshold 3 32 40 46
Egress Queuing Model (1P3Q3T)
1P3Q3T
Application DSCP
CS1 Queue 4 Q4T2
Network Control (CS7)
AF1 (5%) Q4T1
Internetwork Control CS6
Default Queue
VoIP EF DF
Queue 3 (35%)
Broadcast Video CS5
CS7 Q2T3
CS6
CS3 Q2T2
Multimedia Streaming AF3 Queue 2
Signaling CS3 AF4 (30%) Q2T1
AF3
Transactional Data AF2
AF2
CS2
Bulk Data AF1
EF
Scavenger CS1 Q1
CS5
Priority Queue
CS4
BRKCRS-2501 Best© Effort DF reserved.
2015 Cisco and/or its affiliates. All rights Cisco Public 109
! This section configures egress buffers and thresholds

mls qos queue-set output 1 buffers 15 30 35 20
! This section configures egress CoS-to-Queue mappings

! This section configures egress DSCP-to-Queue mappings

mls qos srr-queue output dscp-map queue 2 threshold 1 16 18 20 22
mls qos srr-queue output dscp-map queue 2 threshold 1 26 28 30 34 36 38
mls qos srr-queue output dscp-map queue 2 threshold 3 48 56
! This section configures interface egress queuing parameters

queue-set 1
srr-queue bandwidth share 1 30 35 5
priority-queue out
AutoQoS for Medianet—At-A-Glance
http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/autoqosmediacampus.pdf

BRKCRS 2501 PDF

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

BRKCRS 2501 PDF

Загружено:

Авторское право:

Доступные форматы

Campus QoS Design—Simplified

• Tactical QoS Policy (HOW are you going to do it?)

* “Business-intent” can be considered organizational-intent for non-profit organizations

Relevant Maybe / Irrelevant

• Is the application is consumer-oriented? (as opposed to business-oriented)

Control Yes Network Yes

• Is the protocol a Signaling protocol?

• Is the protocol an Operations / Administration / Management protocol?

• Is the application voice?

• If yes, then it is to be classified as VOICE

• Is the application Data?

Broadcast Video CS5 (Optional) PQ Cisco IP Video Surveillance / Cisco Enterprise TV

Realtime Interactive CS4 (Optional) PQ Cisco TelePresence

Multimedia Conferencing AF4 BW Queue + DSCP WRED Cisco Jabber, WebEx

Network Control CS6 BW Queue EIGRP, OSPF, BGP, HSRP, IKE

Signaling CS3 BW Queue SCCP, SIP, H.323

Ops / Admin / Mgmt (OAM) CS2 BW Queue SNMP, SSH, Syslog

Best Effort DF Default Queue + RED Default Class

x 3 colors per pixel

x 1 Byte (8 bits) per color

x 30 frames per second

or 1.5 Gbps Uncompressed

Cisco H.264-based HD Codecs transmit 3-5 Mbps per 1080p image

Time 20 msec 33 msec

Total Per-Queue Buffering Capacity: 10.8 ms

*Assuming (4) equal-sized queues

Total Per-Queue Buffering Capacity: 9.0 ms

*Assuming (8) equal-sized queues

Successful “Condition” Met (i.e. CDP negotiation successful)

Trust is Dynamically Extended to Cisco CTS Primary Codec

Cisco Devices Supporting Conditional Trust: 4

• Cisco Digital Media Players

Per-Port QoS Per-VLAN QoS

Physical Ports Physical Ports

DVLAN policy map is applied Trunked Physical Ports

(if required and supported)

– 8 drop-Thresholds per queue

• Enable congestion-avoidance on non-priority + non-control queues

• EtherChannels are comprised of logical (Port-Channel) interfaces and physical

Trusted Endpoint Trusted

Conditionally-Trusted Endpoint Port QoS Switch-to-Switch/Router Port QoS

Trust-CoS Model Example:

Trust-DSCP Model Example:

Conditional-Trust Model Example:

Conditional Trust Policy to a Cisco IP Phone:

Except for CoS 5 which is explicitly mapped to DSCP 46

[class-maps omitted for brevity]

service-policy input MARKING-POLICY

Network Control (CS7) AF1 Queue 4 Q4T2

VoIP EF Default Queue

Multimedia Conferencing AF4 CS7 Q2T3

Realtime Interactive CS4 CS6

Multimedia Streaming AF3 CS3 Q2T2

Network Management CS2 AF2

! This section configures egress buffers and thresholds

! This section configures egress CoS-to-Queue mappings

! This section configures egress DSCP-to-Queue mappings

! This section configures interface egress queuing parameters

Platform QoS Policies Applied to the QoS Policies Applied to the

Catalyst 2960/3560/3750  Ingress & Egress

Wireless Per-Port / Per-SSID / Per-Client Policies:

1. Configure Ingress QoS Model(s):

[class-maps omitted for brevity] ! This section attaches the service-policy