QoS - End to End design for LAN and MPLS WAN

Unanswered Question
Jan 7th, 2009
User Badges:

Hello,


I'm currently in the process of re-designing QoS for our entire network (LAN & MPLS WAN).


We already have VLAN & IP Address QoS enabled in the core of our network.


In 2008 we implemented MPLS between HQ and 2 Remote/Branch Offices. Each site has a 3 Mbps MPLS connection.


I'm looking for suggestions for Application/Traffic Mapping to QoS DSCP Classes. I've picked up some great real world exampls from these forums, thanks to everyone for that!


Here's a sample list of applications, what would you prioritize and which DSCP Class would you assign to the prioritized applications?


- Active Directory, Kerberos, LDAP, MS CIFS, NetBIOS Datagram, NetBIOS Name Service, NetBIOS Session

- DNS

- Symantec Antivirus Corporate Edition (Client Virus Definition Downloads)

- SQL TCP Port 1433 (Client/Server)

- Outlook to Exchange Server (Client/Server) - 6 TCP Ports

- Internal Web Applications - HTTP & HTTPS

- Microsoft Network Shares

- Office Communicator Voice & Video Calls - UDP 49152 to 49199 & UDP 492550 to 49399.


Thank you,


Mike Driest

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Wed, 01/07/2009 - 12:54
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Mike


Not trying to be unhelpful but it's really up to you which traffic you assign to which classes. What works for one company does not work for another eg.


SQL TCP Port 1433

Internal Web Applications - HTTP / HTTPS


what is SQL used for in your organisation. How important are the databases and what would happen if access to them were severely degraded.


Ditto the HTTP/HTTPS - this covers a vast range of possibilities ie. a corporate intranet that may be useful but not critical to access compared to a E-business front-end without which your company cannot process any orders.


The hardest thing about QOS is getting agreement within your company as to what is the most important traffic ie. everyone always thinks they are doing the most important work. The technical side is relatively easy compared to this.


If you haven't seen this already have a look at the Cisco QOS design guide which gives a starting point for defining classes -


http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND/QoS-SRND-Book.html


One other point. Are you provisioning different classes from your service provider on the MPLS WAN ?


Jon

mike.driest Wed, 01/07/2009 - 13:14
User Badges:

Hello Jon,


I've read bits and pieces of the Cisco QoS Enterprise Design Guide along with lots of additional information from Cisco Support, including config guides for our Catalyst 3560 Switches.


I wanted to post to the forum because I am running into the hardest part, that is defining which applications are important. Across the company the response varies as everyone's application is important to them. We're trying to focus on a few legacy client/server applications that access the SQL Database back-end, which is where SQL TCP Port 1433 comes into play. Of course we also want to prioritize internal HTTP/HTTPS for web applications such as the Intranet, Reporting, etc.


With our MPLS Service Provider they manage our Cisco 281 Routers and we're going to be providing them either DSCP Values or IP Precedence Values. With them we'll be using CBWFQ and setting bandwidth allocations in the different classes (about 5 total).


Thank you,


Mike Driest

Jon Marshall Wed, 01/07/2009 - 13:27
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Mike


"I wanted to post to the forum because I am running into the hardest part, that is defining which applications are important. Across the company the response varies as everyone's application is important to them"


I sympathise, i really do. I went through this process and in the end we had to go to the managing director of the company to get a definitive list. If you don't get management buy in (and i hate that term !) you are really fighting a losing battle.


Basic network services are important eg. DHCP/Active Directory/LDAP etc. but maybe not to all people within the company. What is it your business does and concentrate on what applications make the profit for the company. Intranet is fine but in a lot of companies losing the Intranet is an inconvenience rather than a direct loss making situation.


I am sorry to be so vague but if i came on this thread saying "prioritize your intranet, don't worry about SQL etc.." that would be a completely misinformed post.


As for the MPLS side i was just checking that you had actually defined with your provider different levels of service per class. It is very important to develop your end to end QOS policy with the provider.


Jon

mike.driest Thu, 01/08/2009 - 08:09
User Badges:

Jon,


I feel your sympathy. I have gathered company requirements and we do have to balance the requirements along with QoS for Network Management.


I was curious if people include required network services (DNS, DHCP, Active Directory, LDAP, Kerberos) in their QoS design.


In regards to the Intranet vs. other Internal Web Applications we need to prioritize internal HTTP & HTTPS so the Intranet will be included per those TCP Ports. Our Intranet is SharePoint based and is more than just an Intranet, rather its a multi-facted tool that provides Collaboration as well.


We will be very focused on SQL and one other legacy Client/Server application.


I agree with you about the end to end QoS policy being developed with our service provider. They are currently engaged and have advised us as to what options they provide which are IP Precedence and DSCP along with how many classes are available (7) and how we can configure them.


Here's a snippet of what they offer for QoS/CoS:


Queue 1 - Class A = VOIP or Low Latency. First In, First Out. Bandwidth Allocation = 5%, Strictly Policed. 6% bandwidth means the extra 1% would be dropped.

Queue 2 - Weighted Fair Queue (CBWFQ) - Allocated Bandwidth Flexes Q2-Q5

Queue 3 - Weighted Fair Queue (CBWFQ) - Allocated Bandwidth Flexes Q2-Q5

Queue 4 - Weighted Fair Queue (CBWFQ) - Allocated Bandwidth Flexes Q2-Q5

Queue 5 - Weighted Fair Queue (CBWFQ) - Allocated Bandwidth Flexes Q2-Q5

Queue 6 - Weighted Fair Queue (CBWFQ) - Allocated Bandwidth Flexes Q2-Q5

Queue 7 - Last Queue = Default or Best Effort


Thank you,


Mike Driest

Joseph W. Doherty Wed, 01/07/2009 - 13:23
User Badges:
  • Super Bronze, 10000 points or more

"I'm looking for suggestions for Application/Traffic Mapping to QoS DSCP Classes."


Without knowing what your (and your MPLS provider's) DSCP classes provide, practically impossible to provide such suggestions.


[edit]

Only saw your second post, after posting mine.


From your second post,"I wanted to post to the forum because I am running into the hardest part, that is defining which applications are important. Across the company the response varies as everyone's application is important to them. ", is very common. An effective approach is to look at what applications need to work well (more or less) and use QoS to provide it, i.e. try to avoid politics. This means real-time applications, e.g. VoIP, need bandwidth when they want it (LLQ). Background applications, e.g. Virus download updates (and perhaps Outlook if client sync'ing to server), get available bandwidth (bandwidth not being used by other applications). Most other applications share bandwidth (FQ works well for this).

mike.driest Thu, 01/08/2009 - 08:23
User Badges:

Hello Joseph,


Here's what our MPLS Provider provides:


Queue 1 - Class A = VOIP or Low Latency. First In, First Out. Bandwidth Allocation = 5%, Strictly Policed. 6% bandwidth means the extra 1% would be dropped.

Queue 2 - Weighted Fair Queue (CBWFQ) - Allocated Bandwidth Flexes Q2-Q5

Queue 3 - Weighted Fair Queue (CBWFQ) - Allocated Bandwidth Flexes Q2-Q5

Queue 4 - Weighted Fair Queue (CBWFQ) - Allocated Bandwidth Flexes Q2-Q5

Queue 5 - Weighted Fair Queue (CBWFQ) - Allocated Bandwidth Flexes Q2-Q5

Queue 6 - Weighted Fair Queue (CBWFQ) - Allocated Bandwidth Flexes Q2-Q5

Queue 7 - Last Queue = Default or Best Effort


After posting yesterday I spent more time classifying the applications that need to work well and placed them into a QoS mapping (Excel spreadsheet).


Here's where I'm at:


cs1 - WSUS TCP Port 8530 (Windows Automatic Updates)

cs1 - SAV Client TCP 2967 (Antivirus Defintions)


af11 - Outlook Client to Exchange Server - 4 TCP Ports

af11 - SMTP Traffic from Internet to Exchange

af11 - SMTP Traffic from Servers to Exchange Servers

af11 - SMTP Traffic from Exchange Servers to Internet


cs2 - Network Management, includes HTTP, HTTPS, tftp, RDP, SNMP from IT Network Management to any network device


af21 - SQL

af21 - 2nd legacy Client/Server app

af21 - HTTP to Servers

af21 - HTTPS to Servers

af23 - Web Proxy TCP Port 8080

af23 - ISA FW Client TCP Port 1745


af41 - OCS 2007/Communicator 2007 Audio/Video Calls - 2 sets of UDP Port Ranges


Based on this potential QoS design is there too much traffic being prioritized?


Thank you,


Mike Driest

Joseph W. Doherty Fri, 01/09/2009 - 04:56
User Badges:
  • Super Bronze, 10000 points or more

"Based on this potential QoS design is there too much traffic being prioritized?"


That's really a matter of opinion. Keep in mind, QoS isn't so much about prioritizing traffic, but more about insuring traffic meets certain performance criteria. Not knowing what your criterial is, unable to offer an opinion on your classification.


Personally, I like to keep QoS as simple as possible. Instead of trying to classify and treat all types of traffic differently, I start with the premise eveything is best effort and where does that fail? I then pull traffic out of the general BE mix that needs some type of performance guarantee, e.g. VoIP, and pull traffic out of the general mix that needlessly contends against other routine BE traffic performance, e.g. network backups. (NB: Critial to this approach is assumption that FQ is available, at least for most BE traffic.)


In other words, you need to consider what purpose is being served by all your tagging? If it has one, then it likely makes sense.

Actions

This Discussion