QoS on Ingress MPLS Router

Unanswered Question
Aug 12th, 2008

Hi Gurus,

As per cisco MPLS documentation:

Configuring the Ingress MPLS Router

To classify IP packets, you configure the ingress label switching router. Packets are received at the ingress router as IP packets and sent as MPLS packets. To perform the configuration, use either of the following features:

•Modular QoS CLI, the newer and more flexible method-Use this method if you do not want to consider the rate of the packets that PE1 receives.

•CAR-Use if you want to consider the rate of the incoming packets:

-If a packet conforms to the SLA between the service provider and the customer (that is, the packet is in-rate), the service provider gives the packet preferential treatment when the network of a service provider is congested.

-If a packet does not conform (that is, it is out-of-rate) and the network is congested, the service provider might discard the packet or give it less preferential treatment.

Ref: http://cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_cfg_mprotocol_ls_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1050176

I am confuse with the statement that "Use MQC method if you do not want to consider the rate of the packets that PE1 receives."

My Q is that can I use Policing in the parent policy, to limit the bandwidth allocated to the customer, and LLQ/CBWFQ in child policy, in order to fufill the customer requirement of QoS.

Regards,

Shahzad.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.3 (3 ratings)
Loading.
lee.reade Tue, 08/12/2008 - 06:29

Hi,

You cannot do this, as policing by its very nature does not queue packets that are deemed to exceed the limit, so there would be no queues to take the packets from. Whereas shaping does queue the excess packets so you can do LLQ/CBWFQ here.

However in your case, I think you have got confused on where to do policing and where to do LLQ/CBWF.

In the example network

CE1--PE1--P1--P2--PE2--CE2

from traffic from CE1 to CE2 you would implement policing on ingress from CE1 to PE1, you would do LLQ/CBWFQ on egress from PE1 to P1, you would then do LLQ/CBWFQ on egress from P2 to PE2, and again on egress at PE2 to CE2.

from traffic from CE2 to CE1 you would do it in the reverse direction.

You need to think of the traffic flow as being bi-directional.

HTH

LR

Ahmed Shahzad Tue, 08/12/2008 - 06:51

Hi LR,

Thank you for your detailed reply. I totally agree with your point of view. I have following additional questions:

1. Ingress on PE1 from CE1, policing would be implemented as well as marking of MPLS EXP would also required. May I use rate-limit for policing and MQC for marking. Or I have to use MQC for policing and marking both. This is what the original confusion is?

2. From PE1 - P1 - P2 - PE2 - CE2, LLQ/CBWFQ would be used based on EXP or IP Prec or it could be mix?

Regards,

Shahzad.

lee.reade Tue, 08/12/2008 - 07:07

HI,

To answer your question;

1. you can use either rate-limit or MQC, they both do the same job. Rate-limit is the older method of the two, it would make more sense to use the MQC as this is the way forward for QOS config.

When you configure the policing via MQC you specify the actions to take on the packet based on whether it conforms, exceeds or violates the traffic (again you can do this via CAR or MQC), you would set the MPLS EXP using the imposition, which would mean that the EXP you specify would be set on the top (IGP) label, and the bottom (VPN) label.

Check the police command out;

http://www.cisco.com/en/US/docs/ios/qos/command/reference/qos_n1.html#wp1025197

2. From PE1-P1-P2-PE2 you would do LLQ/CBWFQ based on the MPLS EXP, as this is the only field you can classify on, since the IP packet in not inspected whilst in transit, ie all forwarding of the packet is based on the MPLS label.

For PE2-CE2 there are 3 or 4 different ways that you could do this, ie you can do LLQ/CBWFQ based on the ingress (P2-PE2) MPLS EXP or you can do the LLQ/CBWFQ based on the original IP dscp/ip precedence marking on the IP packet.

Check out;

http://www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_diffserv_tun_mode_ps6350_TSD_Products_Configuration_Guide_Chapter.html

HTH

LR

Ahmed Shahzad Tue, 08/12/2008 - 07:26

Hi LR,

Thank you for your email. Query 2 is clear now. As far as query 1 is concerned, I am still confused that how policing and marking of EXP can be done simultaneously using ingress policy-map on PE1 from CE1.

Let suppose I want to police the incoming traffic on PE1 from CE1 to 1MB and at the same time mark the voice traffic with EXP value 5 and Network Management traffic with EXP value 4 and Oracle traffic with EXP value 3 while rest with EXP value 0.

Regards,

Shahzad.

lee.reade Tue, 08/12/2008 - 07:36

Hi,

Yes well you are correct, you cant really do that!

The customer CE router has to mark the IP DSCP/IP precedence before it goes out to the PE router.

However you will need to agree on what marking to use for what, so that you can then classify upon ingress to PE interface.

You could have them mark voice traffic ip precedence 5, mgt prec 4, oracle prec 3 and all else 0.

Is this CE router a managed router? Ie is it yours or customers? If yours then you could configure long pipe mode for qos.

Another way you could do this is classify on ingress to PE1 then set mpls EXP imposition then police outbound on PE1-P1, since policing can be down inbound and outbound.

HTH

LR

Ahmed Shahzad Tue, 08/12/2008 - 07:49

Hi LR,

Thank you for your reply.

Can I manage this situation with the below mention configuration;

class voice

match voice traffic

class mgmt

match network management traffic

class oracle

matach oracle traffic

policy child

class voice

set mpls experimental 5

class mgmt

set mpls experimental 4

class oracle

set mpls experimental 3

class class-default

set mpls experimental 0

policy parent

class class-default

police 128000

policy-map or servic-policy child

and apply parent policy in ingress on PE1.

Regards,

Shahzad.

lee.reade Wed, 08/13/2008 - 05:34

Hi,

I doubt that this config would work, but I do not have access to lab to test it,

However I think this may work;

class voice

match voice traffic

class mgmt

match network management traffic

class oracle

matach oracle traffic

policy parent

class class-default

police 128000

service-policy child

policy child

class voice

police 128000

conform set mpls-experimental imposition 5

exceed conform set mpls-experimental imposition 0

class mgmt

conform set mpls-experimental imposition 4

exceed conform set mpls-experimental imposition 0

class oracle

conform set mpls-experimental imposition 3

exceed conform set mpls-experimental imposition 0

class class-default

conform set mpls-experimental imposition 0

Check out hierarchical policer;

http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/three_level_policer_ps6350_TSD_Products_Configuration_Guide_Chapter.html

HTH

LR

Actions

This Discussion