Traffic identification through access groups
Traffic management through class maps
Managing congestion through queues
Cisco IOS QoS overview
The Cisco IOS® includes installed QoS features that allow control over, and predictable service of, different networked applications and traffic types.
Entuity QoS module
The Entuity QoS module supports Cisco® QoS Modular CLI (QMC). It provides support for discovery of QMC configuration and its performance at a port level, from policy maps and class map definitions down to individual traffic matching rules. This information is appropriate for effective QoS management including typical rate limiting configuration, traffic profiling, traffic shaping and cascading diffServ.
Entuity QoS management helps set and evaluate QoS policies and goals. It helps improves the following aspects of your network:
- Control over resources, with visibility into which resources (bandwidth, equipment, wide-area facilities, and so on) are being used. For example, you can limit the bandwidth consumed over a backbone link by FTP transfers or give priority to an important database access.
- Increased efficient usage of network resources. You will know what your network is being used for and that you are servicing the most important traffic to your business.
- Monitoring of tailored services through knowledge of traffic classes.
- Delivery of services through close monitoring of the applications that are most important to your business, e.g. bandwidth and minimum delays required by time-sensitive multimedia and voice applications are available, and that other applications using the link get their fair service without interfering with mission-critical traffic.
A common methodology involves:
- Use Entuity to identify the performance and traffic characteristics of the network.
- Deploy Entuity QoS to the targeted devices.
- Use Entuity QoS to test and evaluate service delivery. As your network changes, so will your QoS requirements. Constant monitoring of both is essential.
QoS comprises of four components:
- Traffic identification, enabled through match statements (access-lists).
- Class maps, collections of access-lists.
- Policy maps, collections of paired class-maps and action.
- Service policy, application of policy maps to interfaces. One policy map for the ingress and egress of each interface.
Collecting QoS Data
All data is gathered from Cisco-Class-Based-QOS-MIB. Entuity QoS presents a highly granular view of QoS objects, including detailed performance statistics. SNMPv1 and v2c support (64 bit support in v1 via. split 32bit counters).
Simple QoS Example
This QoS example identifies three types of traffic through match statements - telnet, SNMP and ICMP. These named access lists are placed in class maps, in this simple example one access list to each class map. These class maps are built into the traffic profile policy map. This policy map can then be applied to the ethernet interface.
!match traffic flows
access-list TELNET permit tcp any eq telnet any
access-list SNMP permit udp any any eq snmp
access-list ICMP permit icmp any any
!Use access-lists to build class maps
class-map match-all icmp-only
match access-group ICMP
class-map match-all snmp-only
match access-group SNMP
class-map match-all telnet-only
match access-group TELNET
!use class maps to build policy map
!apply policy map to interface
ip address 192.168.3.34 255.255.255.0
service-policy input traffic-profile
Viewing QoS information
You can view QoS information at the device and port level via the QoS dashboard, and for each of the constituent elements of QoS analysis via the QoS Summary dashboards. Access to QoS data is based on View membership.
The QoS Utilization report displays QoS utilization charts across the policy map and its classes. This report provides you with pre-policy and post-policy utilization metrics.
To collect QoS data on ports
By default, Entuity QoS restricts collection of QoS data to infrastructure ports. For infrastructure ports, ENA sets the QoS Enabled attribute to Yes, and for all other ports sets it to No. Entuity identifies an infrastructure port as one with a VIP Status of Router, Trunk, Uplink or Server Link. This default restriction to infrastructure ports is to control the load that QoS data collection places on the Entuity server.
To override this default QoS data collection configuration on a specified port:
- Navigate to the desired port and go to its Attributes dashboard.
- Find and select the QoS Enabled attribute, and then click Edit Attribute via the button at the top of the dashlet or the Context Menu.
- Change the setting to Yes or No, depending on your preference. Click OK to save your change, otherwise click Cancel.
Entuity QoS data is gathered from Cisco-Class-Based-QOS-MIB.my, with ENA polling QoS Enabled ports every 15 minutes. All Entuity QoS metrics for which an historical record is kept have their polled values retained and available for reporting on for 8 days.
Traffic identification through access groups
Through access lists, devices can classify packets by physical port, source or destination IP address, application port, IP Protocol type, MAC address, and so on. Entuity displays access lists:
- ordering them in the same sequence as they are configured, and therefore the same order as they are applied.
- pre- and post- policy traffic performance statistics.
Entuity QoS identifies access lists through their access groups, so it is important these groups are given meaningful, descriptive names
Access group general details
Entuity displays access groups through their association to class maps. These attributes are associated with the defined access group.
|Name||name of the access group.|
|Information||description of the access group.|
Access group status
These attributes detail the pre-policy performance of the interface:
|Pre Policy Packets||number of packets that match the access list handled by the device before applying the traffic policy.|
|Pre Policy Bytes||number of bytes that match the access list handled by the device before applying the traffic policy.|
|Pre Policy Bit Rate||bit rate managed by the router before applying the traffic policy.|
Traffic management through class maps
Classification and admission control are always performed at the network edge, ensuring traffic conforms to the internal network policy. Packets can be marked with special flags (colors), which are used inside the network for QoS management.
For each class, Entuity displays traffic management configuration and pre- and post-policy performance statistics.
Class map general details
|Name||name of the class map.|
|Description||short description of the class map, e.g. related to the type of traffic it manages.|
|Information||information on the class map, e.g. the type of match evaluation statement employed.|
Access groups associated with class maps
A class map may have one or more associated access groups.
Class map status
These attributes identify the current performance of the class map.
|Pre Policy Packets||number of packets to be handled that match the class, before the policy is applied.|
|Pre Policy Bytes||number of bytes to be handled that match the class, before the policy is applied.|
|Pre Policy Bit Rate||bit rate of the class, before the policy is applied.|
|Post Policy Bit Rate||bit rate of the class after the policy is applied.|
|Dropped Packets||number of dropped packets in the class.|
|Dropped Bytes||number of dropped bytes in the class.|
|Packets Dropped (No Bursts)||number of packets dropped in the class.|
|Drop Bit Rate||per class drop bit rate.|
Policy maps are applied to the interface as service policies. Each interface has a maximum of two service policies - one for inbound traffic, one for outbound. Entuity details the classes associated with the policy map.
Policy map general details
|Name||name of the policy map.|
|Direction||direction of the traffic to which the policy is applied, i.e. inbound or outbound.|
Classes associated with policy maps
A policy map may have one or more associated classes. This attribute identifies the class associated with the policy map:
|Name||name of the class map.|
QoS Traffic Policing
Traffic policing allows you to control the maximum rate of traffic sent or received on an interface, and to partition a network into multiple priority levels or classes of service (CoS).
You can monitor the traffic policing configuration on interfaces at the edge of your network. Typically, conforming traffic is transmitted and traffic that exceeds is sent with a decreased priority or dropped.
Through Entuity providing detailed QoS configuration information and extensive statistics on port performance, you can amend the configuration to meet changing network requirements.
Traffic policing general details
|Exceed Set Value||this the IP precedence value that the router sets packets to, that exceed the conform threshold but are within the exceed parameters.|
|Conform Set Value||
sets the IP precedence value for conforming packets.
|Violate Action||action taken when traffic exceeds the conform and exceed token buckets.|
|Violate Set Value||this is the IP precedence value that the router sets packets to, that violate the exceed threshold. 0 is the default value.|
|Burst Size||amount of traffic, in bytes, in excess of the committed policing rate that is permitted by the policing configuration.|
|Extended Burst Size||must be a value greater than the normal burst value. Setting the extended burst value equal to the normal burst value excludes the extended burst capability. When extended burst is configured, the flow is allowed to borrow the needed tokens to allow the packet to be sent. This capability exists so as to avoid tail-drop behavior, and, instead, engage behavior like that of Random Early Detection (RED).|
|Conform Action||action the router performs on packets that conform to the policy, e.g. using Conform Set Value to set packet IP precedence.|
|Exceed Action||action the router performs on packets that exceed, but do not violate the traffic policy, e.g. using Exceed Set Value to set packet IP precedence.|
|Rate||committed policing rate. This is the sustained rate permitted by the policing configuration. All traffic below the rate is considered in profile.|
Traffic policer status
These attributes detail the policer performance:
|Conform Bit Rate||bit rate of traffic handled as conforming to the policy.|
|Conform Bytes||number of bytes handled as conforming to the policy.|
|Conform Packets||number of packets handled as conforming to the policy.|
|Exceed Bit Rate||bit rate of traffic handled as exceeding, but not violating, the policy.|
|Exceed Bytes||number of bytes handled as exceeding, but not violating, the policy.|
|Exceed Packets||number of packets handled as exceeding, but not violating, the policy.|
|Violated Bit Rate||bit rate of traffic handled as violating the policy.|
|Violated Bytes||number of bytes handled as violating the policy.|
|Violated Packets||number of packets handled as violating the policy.|
Managing congestion through queues
Queue management is an important congestion tool, for example for avoiding tail drops, where the possibility exists of high priority packets being dropped because they cannot be added to the router’s queue and therefore identified. Queues are associated with classes, one queue per class. A low priority class can be assigned smaller queue depth, high priority classes greater resources reducing the probability of losing high priority packets.
Entuity details both queue configuration and current performance, for example current queue depth and number of discarded packets. You can check queues associated with high priority classes are assigned greater resources, reducing the probability of losing high priority packets, than those associated with lower priority classes.
Queue general details
|Bandwidth||amount of bandwidth assigned to the traffic class. In the case of a bandwidth policy, this value represents a minimum bandwidth guarantee for the traffic class. In the case of a priority policy, this value represents the maximum the maximum rate at which priority service is guaranteed.|
|Queuing Units||unit of measurement used for Bandwidth.|
|Queue Limit Units||unit of measurement used for Priority Burst Size.|
|Individual Queue Size||number of packets in the queue.|
|Aggregate Queue Size||maximum number of packets that can be held in all the individual queues associated with this class before packets are dropped.|
|Aggregate Queue Limit||maximum allowed queue size for all the individual queues associated with this class. When the queue size exceeds this value, the packets are dropped.|
|Dynamic Queue Number||number of dynamic queues supported when flow-based fair-queue is enabled.|
when set to:
|Priority Enabled||signifies whether low latency queuing (LLQ) is enabled for this class (by default it is disable). Precedence 5 is used for the most critical or highest priority traffic, such as interactive audio and video.|
|Priority Burst Size||permitted maximum single burst size for priority queue. This is only used when Priority Enabled is true.|
These attributes detail the queuing action-related statistical information status.
|Current Depth||current depth of the class queue.|
|Discard Bytes||number of bytes dropped by the class when traffic exceeds Max Queue Depth.|
|Discard Packets||number of packets dropped by the router when traffic exceeds Max Queue Depth.|
|Max Queue Depth||maximum depth of the class queue, after which packets will be dropped.|
Congestion avoidance can be achieved through packet dropping. Cisco IOS QoS allows Class-Based Weighted Fair Queuing Configuration (CBWFQ) with Weighted Random Early Detection (WRED). Entuity allows you to appropriately modify congestion management through displaying class configuration and its performance. For example:
- whether explicit congestion notification is enabled for the class, precedence thresholds for the service profiles
- performance statistics such as number of transmitted packets, tail dropped packets, random packets.
Random Early Detection General Details
These attributes identify the congestion management configuration.
|Discard Exponential Weight||weight factor used in Weighted Random Early Detection (WRED) calculations. The decay factor is equal to raising 2 to the power of N, where N could be up to 16. The smaller the number, the faster it decays.|
|Mean Queue Size||
average queue size is based on the previous average and the current size of the queue. The formula is:
average = (old_average * (1-2 -n) + (current_queue_size * 2 -n)
where n is Discard Exponential Weight.
indicator of which random early detection mechanism is used:
indicates whether explicit congestion notification is enabled for the class:
|Precedence n Min Threshold||minimum size of the queue threshold for the n service profile (packets with a specific IP precedence), when it exceeds Mean Queue Size the router starts dropping packets, according to the WRED that is specified in DSCP Precedence.|
|Precedence n Max Threshold||maximum size of the queue threshold for the n service profile (packets with a specific IP precedence), when it exceeds Mean Queue Size the router starts dropping packets, according to the WRED that specified in DSCP Precedence.|
|Precedence n Drop Probability||fraction of packets dropped when the average queue size is at the maximum threshold for the n service profile. When Mean Queue Size is greater than Precedence n Max Threshold, all packets are dropped.|
Random Early Detection Status
These attributes identify the congestion management status.
|ECN Marked Bytes||count of Explicit Congestion Notification (ECN) marked bytes when the number of packets in the associated queue was greater than the minimum threshold and less than the maximum threshold.|
|ECN Marked Packets||count of packets ECN marked when the number of packets in the associated queue was greater than the minimum threshold and less than the maximum threshold.|
|Transmitted Packets||number of transmitted bytes.|
|Mean Queue Size||average queue size computed and used by the WRED algorithm.|
|Units||mean queue size units.|
|Transmitted Bytes||the 64 bits count of octets transmitted.|
|Random Dropped Bytes||count of bytes dropped when the number of packets in the associated queue was greater than the minimum threshold and less than the maximum threshold.|
|Random Dropped Packets||count of packets dropped when the number of packets in the associated queue was greater than the minimum threshold and less than the maximum threshold.|
|Tail Dropped Packets||number of packets dropped when the number of packets in the associated queue was greater than the maximum threshold, using the tail drop congestion method (the default method when WRED is not implemented).|
QoS packet marking
Packet marking allows you to partition your network into multiple priority levels or classes of service (CoS). QoS packet marking can be implemented through:
- Marking packets by setting the IP precedence bits or the IP differentiated services code point (DSCP) in the Type of Service (ToS) byte.
- Associate a QoS group value with a packet.
After setting the IP precedence bits or the IP DSCP, packets are classified by their IP precedence bit or IP DSCP value.
These classifications are then used to apply user-defined differentiated QoS services to the packet.
Associating a packet with a QoS group allows users to associate a group ID with a packet. The group ID can be used to classify packets into QoS groups based on prefix, autonomous system, and community string.
A user can assign up to eight IP precedence values, 64 IP DSCP markings, and 100 QoS groups.
Entuity QoS identifies the packet marking method applied on the parent class map and displays its configuration details.
Set General Details
Set tab displays the set values of the packet marking feature applied on the parent class map.
|Discard Class Value||
the match criteria chosen using the Select Discard Class. This allows you to use specified discard class values in a class map to match packets.
This feature is used to set the match criteria for examining discard classes marked on the packet. Up to eight discard class values can be matched in one match statement. For example, match discard class 0 1 2 3 4 5 6 7 returns matches for discard class variables 0, 1, 2, 3, 4, 5, 6, and 7. Only one of the discard class values must be a successful match criterion, not all of the specified discard class values.
The discard class value is used as a matching criterion only. The value has no mathematical significance.
For instance, the discard class value 2 is not greater than 1. The value simply indicates that a packet marked with the discard class of 2 should be treated differently than a packet marked with a discard class value of 1.
|QoS Group Value||an identifier that can be used to classify packets based on prefix, autonomous system, or community string. This QoS group marking can only be used to classify traffic within a router, and cannot be used to mark packets leaving the router. A user can set up to 100 different QoS group markings, from 0 to 99.|
bit-wise representation of a packet marking feature, identifying which appropriate fields are marked for applicable packets, syntax bits represent:
measure of the Quality of Service (QoS) level of the packet (within a class, value from 0 to 63). The policing function determines if the traffic level is within the specified profile (contract), and allows either dropping out-of-profile traffic or marking it down to a different Differential Services Code Point (DSCP) value to enforce a contracted service level.
DSCP is a measure of the Quality of Service (QoS) level of the packet. Along with DSCP, IP precedence and Class of Service (CoS) are also used to convey the QoS level of the packet.
By default, DSCP is set to 0.
|MPLS Experimental Value||value of the Multiprotocol Label Switching (MPLS) experimental field used as a match criterion against which packets are checked to determine if they belong to the class. It may be set instead of overwriting IP Precedence Value.|
|L2 CoS Value||associating a packet with a local CoS value allows users to associate a Layer 2 CoS value with a packet. The value can then be used to classify packets based on user-defined requirements. Layer 2 to Layer 3 mapping can also be configured by matching on the CoS value, because switches already have the capability to match and set CoS values. If a packet that needs to be marked to differentiate user-defined QoS services is leaving a router and entering a switch, the router should set the CoS value of the packet, because the switch can process the Layer 2 CoS header marking. A user can set up to 8 different CoS markings, from 0 to 7.|
QoS traffic shaping
Traffic shaping attempts to control the volume of traffic sent into a network and the rate at which the traffic is sent. Therefore, traffic shaping is implemented at the network edges, and may involve separating traffic into traffic flows and individually shaping each of these flows, smoothing the peaks and troughs of data transmission.
Entuity QoS can show the separated traffic flows and the individual shaping of each, indicating where the current configuration can be improved to better manage the current traffic.
Traffic Shaping General Details
Traffic Shaping tab displays the set values of the packet marking feature applied on the parent class map.
|Limit Type||indicates if traffic-shaping is limiting traffic based on peak rate or average rate.|
|Burst Size||specifies, in bits (or bytes) per burst,|
|Rate||also called the committed information rate (CIR), it specifies how much data can be sent or forwarded per unit time on average.|
|Extended Burst Size||
corresponds to the number of non-committed bits, those outside the CIR, that are accepted by the device but marked as discard eligible (DE). When Extended Burst Size is set to:
|Adaptive Rate||current bit rate to which traffic is shaped when backward explicit congestion notifications (BECNs) are received on the interface.|
|Adaptive Enabled||enables traffic shaping for outbound traffic on the interface.|
Traffic Shaping Status
Traffic Shaping Status tab displays the current performance of the traffic shaping scheme.
|Delayed Bytes||current depth of the class queue.|
|Delayed Packets||number of packets delayed to avoid traffic congestion, but eventually transmitted.|
|Dropped Bytes||number of bytes dropped to conform to the traffic shaping scheme.|
|Dropped Packets||number of packets dropped to conform to the traffic shaping scheme.|
|Active||indicates whether the traffic shaping scheme is active (true) or inactive (false).|
|Queue Size||current queue size.|
QoS incidents and events
QoS events and incidents are managed by the Entuity event management system (EMS). All events are generated by polling.
Entuity QoS incidents are configured through the event project and managed through the event system. You can add annotations, assign incidents to users, close incidents, and investigate incident details. You can also set class thresholeds in the same way that you would set other thresholds in Entuity.
Incidents and events:
- QoS Bandwidth Problem Incident
- QoS At Bandwidth Limit
- QoS Above Bandwidth Limit
- QoS Under Bandwidth Limit
- Qos Class Bit Rate High Incident
- QoS Class Bit Rate High
- QoS Class Bit Rate High Cleared
- Qos Class Drop Bit Rate High Incident
- QoS Class Drop Bit Rate High
- QoS Class Drop Bit Rate High Cleared
- QoS Class Drop Packet Rate (Buffer Shortage) High Incident
- QoS Class Drop Packet Rate (Buffer Shortage) High
- QoS Class Drop Packet Rate (Buffer Shortage) High Cleared
- QoS Queue Drop Bit Rate High Incident
- QoS Queue Drop Bit Rate High
- QoS Queue Drop Bit Rate High Cleared
Please sign in to leave a comment.