Any examples of Scavenger Class for QOS?

Unanswered Question
Apr 20th, 2007

Other than what is in the QOS SRND, does anyone have any working Scavenger Class examples?

The SRND states to include in this class peer-to-peer media sharing apps like KaZaa, Morpheaus, etc, gaming apps, and entertainment video, but it gives no working examples.

The SRND chapter "How can I use QoS tools to mitigate DoS/Worm attacks" again explains the theory of marking out-of-profile apps to CS1, which would put them into the scavanger class, but gives no examples of how to do this.

Any examples would be appreciated - thanks.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
jkeeffe Thu, 04/26/2007 - 08:55

Hi irisrios -

I checked these links out the other day and they are quite interesting. However the QBSS treats the scavenger class a little bit differently then my idea of scavenger. They refer to being able to grab bandwidth out of the 'best effort' class when available, but I want to strictly limit what is in scavenger - to never go over that limit.

Somewhere I read the if you don't put a bandwidth limitation in the best effort class, then scavenger will consume bandwidth from that class, but if you DO put a bandwidth command in the best effort class, that will keep scavenger from ever using that bandwidth.

Does that sound right to you? Do you know where

andrew.burns Thu, 05/03/2007 - 08:44


It's impossible to give a generic answer to this question because so much of QoS is dependent on hardware capabilities of different switches and routers and also on your exact network topology and traffic distribution.

However, there are two parts to the question, one is identifying P2P traffic and the second is dealing with it.

Identifying P2P on a Cisco is usually done using NBAR, something like "match protocol kazaa" in a class-map. One advantage of NBAR is that you can also write your own modules but one disadvantage is that it's all done in software (unless you're an early adopter of PISA..) so performance can be an issue.

Once identified you have two main options to deal with it depending on your topology, etc. The first is simply to police it directly under the same input service policy, the second is to mark it with a particular dscp value (e.g. CS1) and deal with it as it passes through the network. It's this second option that is usually referred to as putting it into the scavenger class.

Now the tricky bit - if you have, for example, a 4Q1T queuing structure on the uplink ports (e.g. on a 2950) then you need to configure the lowest queue to catch the scavenger traffic (something like wrr-queue cos-map 1 1) and then assign a low percentage of traffic to it (using wrr-queue bandwidth 1 33 33 33). The problem here is that there are a lot of different queuing structures (some with priority queues, some without) and also different drop methods (the above is for tail-drop but you can also have wred). You also need to partition the transmit buffers correctly and assign bandwidth to each queue correctly as the defaults are unlikely to match your own traffic distribution.

There are a lot of caveats and gotchas that hamper understanding, such as the default dscp-to-cos mappings are never how you want them, you never seem to have enough queues (let alone a common queuing structure), should you police or not, should you mark down or drop, how much bandwidth to assign to queues, what ratio to split the buffers, and on and on. It seems to be more art than science.

The reason why there are no good examples is simply because there are too many variables - the best place to look is in the "Configuring QoS" section of the particular piece of hardware you have. If you have a lot of 6500's for example then your bible should be (assuming IOS):




This Discussion