Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.
jgolia Mon, 04/09/2007 - 03:21
User Badges:

Hi Ciscoforum,

This is explained in QOS SRND. I suggest you read that for a full explanation. http://www.cisco.com/go/srnd

The concept is that suppose for a normal workstation, which would normally have only a single phone call. For G.711 that would be 80kbps of UDP traffic uploaded from the phone to the network. That traffic would be tagged EF and given priority treatment by the network.

Now suppose this workstation caught a virus and is now uploading 80MBPS of UDP traffic, tagged EF. Under certain conditions that could have disastrous consequences.

This is where scavenger class comes in. Policing can be configured on Catalyst switches. Configure to allow a max of... say 200kbps UDP upload from the workstation. (Read QOS SRND for different bandwidth recommendations, 200k is an example only). Then anything above that will be remarked to CS1. It will no longer be tagged EF.

When that UDP hits your WAN it will be evaluated by your router's MQC config on the WAN interface. Most user traffic is tagged BE (best-effort), DSCP 0, and is allocated an amount of bandwidth. However out-of-profile traffic is marked CS1, DSCP8. This is scavenger class. The scavenger class is allocated a minimal amount of WAN bandwidth. Less than the Best Effort traffic.

In our above example, without the scavenger class config 80MBPS could be directed into Priority Queue. However with the scavenger class config, only 200kbps makes it into priority queue. The other 79800kbps goes into scavenger queue and allocated a minimal, less-than-best-effort, amount of bandwidth. The idea is that the network then continues to function normally even though the workstation(s) are infected by virus.

Please rate helpful posts.



This Discussion