Ask the Expert: QoS on Catalyst Switches.

Unanswered Question
May 18th, 2012

With Shashank Singh  and Read the bioRead the bio

Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn from Cisco experts Shashank Singh and Sweta Morga about implementation and working and troubleshooting QoS on Cisco Catalyst 2960, 3650, 3750, 4500 and 6500 switches.

Shashank Singh  graduated in 2009 with a bachelor's degree in Computer Science and Engineering from VIT University, Vellore India. Prior to joining Cisco he worked at General Electric as a software engineer. Later on he joined the Cisco Technical Assistance Center as an engineer in October of 2009. He has been working on LAN Switching technologies in TAC since then. Shashank also holds a CCNP certificate. QoS on Catalyst switches is one of the areas of his interest.

Sweta Mogra is a Computer Science & Engineering graduate from VIT University, India. She has worked as a consultant with Tata Consultancy Services before joining Cisco's Technical Assistance Center (TAC) in 2011. She is currently working on LAN Switching technologies and QoS as one of her areas of expertise.

Remember to use the rating system to let Shashank and Sweta know if you have received an adequate response. 

Shashank and Sweta might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Network Infastructure sub-communityLan Switching forum shortly after the event. This event lasts through June 1, 2012. Visit this forum often to view responses to your questions and the questions of other community members.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 4.9 (16 ratings)
thomas-jonathan Sat, 05/19/2012 - 06:23

Hello,

I have a question about threshold, I cant figure what is this and how it works, could you help ?

An example if you want to base your explanation on it :

Distribution1(config)#mls qos srr-queue input cos-map queue 2 threshold 3  3 5

Thank you so much.

Regards,

Jonathan.

shashasi Sun, 05/20/2012 - 21:35

Hi Jonathan,

Let me start with explaining threshold first. Threshold is a percentage of the total buffers available in a queue. On a 3750, each egress  queue has 3 thresholds and threshold 3 is always 100% (non configurable). This leaves us with threshold 1 and threshold 2 which can be configured to any percentage (say x% and y% respectively).

This would mean that packets with markings associated with threshold 1 will get dropped only when the queue is x% full.Packets with markings associated with threshold 2 will get dropped only when the queue is y% full.

Now coming to your question, the command "mls qos srr-queue input cos-map queue 2 threshold 3  3 5" associates input queue 2 threshold  3 to cos values 3 and 5. This would mean that cos 3 and 5 will NOT get dropped in ingress queues unless it is 100% full (as threshold 3 is always 100%).

'sh mls qos input-queue' will tell you the current threshold values for input queue threshold 1 and 2 values on 3750 platform.

Hope this helps.

Regards,

Shashank

thomas-jonathan Mon, 05/21/2012 - 10:23

Hi,

Yes, this is very helpful, I'm starting to understand it a lot better with your explanation.

I've got some other question for you. I warn you lol

1) About internal ring, It's like a very big buffer right ?

Who hold the packets for forwarding them to the egress queues after ? How can I know the size of it ?

2) Am I forced to do Ingress policing ? If not in what scenario do we use it ?

I've got some trouble to understand what are rate-bps and burst-byte values too

3) In general, what is the size of egress and ingress queue on a switch like a 2960 or 3750 ?

That's it for the moment, I think...

Thank you Shashank.

Regards,

Jonathan.

shashasi Mon, 05/21/2012 - 11:18

Hi Jonathan,

Please find answers inline.

1) About internal ring, It's like a very big buffer right ?

Who hold the packets for forwarding them to the egress queues after ? How can I know the size of it ?

When it comes to QoS buffers, they are actually present on the port asic. The size of buffer varies from one switch to another and is mostly a Cisco internal information. Ring on the other hand is an internal data path packet takes while travelling between ports or between switches stacked together and is not used for QoS.


2) Am I forced to do Ingress policing ? If not in what scenario do we use it ?

I've got some trouble to understand what are rate-bps and burst-byte values too

Policing is not a compulsion. We can do it when we want to rate limit incoming traffic to a certain value. One typical scenario could be rate limiting per user traffic going to internet to ensure that the total traffic going out to your ISP does not exceed the available bandwidth.

Rate-bps, is the average traffic rate in bits per second that we want the ingress flow to be policed to. Burst-byte is the maximum burst that is tolerated before policing starts.In other words, the upper limit to which you want your traffic to be restricted to is your rate-bps and the maximum size of the burst (in bits) that can be buffered is called burst.


3) In general, what is the size of egress and ingress queue on a switch like a 2960 or 3750 ?

Most common port asics have buffer of the order of about 2MB per port group but as pointed out, this number varies from one 3750/2960 model to another.

Regards,

Shashank


thomas-jonathan Mon, 05/21/2012 - 14:58

I warn you, you are going to think that I'm a pain in the ass lol

In a more general way, once I have done all my QoS configuration, how do I apply it ?

It's just some exemple to help me understand the whole picture, I don't ask you to do the all configuration lol

First case, I have one switch (just for the concept)

        --------------

        |  Switch  |

        --------------

          |       |

    fa 0/1     fa 0/3

          |       |

   Client1   Client2

I wan't to give priority to the FTP trafic in both direction between Client1 and Client2 in case of congestion

On fa0/1 :

I apply my policy map with all the hierarchy that can be contain on it (class map, ACL)

and also the configuration of the ingress queues to classify,mark and put into the queues the trafic

On fa0/3 :

I assume that I apply the same configuration that I put on fa0/1 right ? Since i wan't to prioritize the same trafic

But what I should do for the egress part ? Put the same egress configuration on both interface ?

Second case, I have two switch with a trunk between

switch 1 gi0/1 ----------------- gi0/2 Switch 2

      |                                             |

  fa 0/1                                       fa 0/3

     |                                              |

Client1                                     Client2

Same scenario like the first one for the priority thing.

On fa 0/1 and fa 0/3 : I see what I have to put for the ingress part, but not for the egress part on this interface ?

On gi0/1 and gi0/2 : I see what I have to put for the egress part, but not for the ingress part ?

I have a good picture on how the packet is processed and where is going to be sent but I don't see how the destination

process the incoming packet, you see my problem ? lol

That's a damn long post, but I'm so into the topic, it's hard not to ask questions about it, you know

smogra Mon, 05/21/2012 - 21:50

Hi Jonathan,

Please find answers inline:

On fa0/3 :

I assume that I apply the same configuration that I put on fa0/1 right ? Since i wan't to prioritize the same traffic

The configs on egress will not be same as ingress as we would be using output-queues on the egress. There are separate maps that govern as to which marking will take which queue in ingress and egress (dscp-input-q and dscp-output-q). Hence the commands to map marking to queues are different when it comes to ingress and egress. All four egress queues (on a 3750 switch) participate in the SRR unless the priority queue is enabled. Once we enable priority queue, it gets higest priority and remaining three queues continue using SRR. You can make sure that your FTP traffic gets mapped to the priority queue and is treated on priority.  This is supported only on egress using 'priority-queue out' interface level command.

Second case, I have two switch with a trunk between

switch 1 gi0/1 ----------------- gi0/2 Switch 2

    |                                             |

fa 0/1                                       fa 0/3

   |                                              |

Client1                                     Client2

Same scenario like the first one for the priority thing.

On fa 0/1 and fa 0/3 : I see what I have to put for the ingress part, but not for the egress part on this interface ?On gi0/1 and gi0/2 : I see what I have to put for the egress part, but not for the ingress part ?

If your traffic is coming premarked at the source, you can simply trust the marking (mls qos trust cos/dscp) on all four ports. If however you are planning to mark traffic on the switch, we will have to apply the service policy on fa0/1 and fa0/3 inbound and apply trust command on gi0/1 and gi0/2.

For prioritizing traffic, make sure that the traffic gets priority on both switches. This can be done by enabling 'priority queue-out' on all four interfaces as discussed above and ensuring that the marking for FTP traffic is mapped to go out of the priority queue.

Regards,

Sweta

thomas-jonathan Tue, 05/22/2012 - 09:39

Hi,

I'm starting to understand the whole thing now.

Just one last quick question, what is the best to use, dscp or cos label ?

Or it doesn't matter because of the cos-to-dscp map ?

And can we have trafic shaping and trafic sharing at the same time ?

About the rating thing, It's all right if I rate all the answers ?

They were very useful and I think it can answer to someone else question too.

I will continue to read stuff about this topic, it's very interesting.

A big thank you to both of you Shashank and Sweta.

Regards,

Jonathan.

shashasi Tue, 05/22/2012 - 11:56

Hi Jonathan,

I am glad that you found this discussion useful To answer your first question, it actually does not matter because  cos-dscp  map is used by the switch to find out the equivalent dscp and then apply QoS.

Answering your second question, yes we can configure shaping and sharing at the same time for an interface but each queue will either work in shared more or shaped mode, not both. Infact the queues which are shaped do not participate in sharing. 

In shaped mode, the egress queues are guaranteed a percentage of the bandwidth, and they are rate-limited to that amount. Shaped traffic does not use more than the allocated bandwidth even if the link is idle. Shaping provides a more even flow of traffic over time and reduces the peaks and valleys of bursty traffic. With shaping, the absolute value of each weight is used to compute the bandwidth available for the queues.

srr-queue bandwidth shapeweight1 weight2 weight3 weight4

The inverse ratio (1/weight) controls the shaping bandwidth for this queue.In other words, queue1 is reserved 1/weight1 percent of total bandwidth and so on. If you configure a weight of 0, the corresponding queue operates in shared mode. The weight specified with the srr-queue bandwidth shape command is ignored, and the weights specified with the srr-queue bandwidth share interface configuration command for a queue come into effect.

In shared mode, the queues share the bandwidth among them according to the configured weights. The bandwidth is guaranteed at this level but not limited to it. For example, if a queue is empty and no longer requires a share of the link, the remaining queues can expand into the unused bandwidth and share it among them.

srr-queue bandwidth share weight1 weight2 weight3 weight4

queue1 is guranteed a minimum of weight1/(weight1 + weight2 + weight3 + weight4) percent of the bandwidth but can also eat up into the bandwidth of other non-shaped queues if required.

Yes, you are free to rate any answer on this discussion that you find useful. If there is a post that you feel has answered your question, please feel free to go ahead and mark it  "answered".

Regards,

Shashank

bedapjain Thu, 05/24/2012 - 21:31

This is the answer i read. I would like to know the answer for a specifc config.

I want  to know q1, q2, q3 and q4 bandwidth for the following config

assum the interface badwidth is 100M

Lets say shaped queue weight: 20 0 0 0

             shared queue weight: 30 40 50 60

I think q1 will be 1/20 times 100 = 5M

q1 should not participate in sharing, so q1 will be fixed 5M rate limit

but q2 will 40/(40+50+60) times 100  and that is not rate limit. please confirm it

what is the use of config 30 for q1 for sharing ?

what will be the queues bandwith if egress priority queue is enable ?

Answering your second question, yes we can configure shaping and sharing at the same time for an interface but each queue will either work in shared more or shaped mode, not both. Infact the queues which are shaped do not participate in sharing.

In shaped mode, the egress queues are guaranteed a percentage of the bandwidth, and they are rate-limited to that amount. Shaped traffic does not use more than the allocated bandwidth even if the link is idle. Shaping provides a more even flow of traffic over time and reduces the peaks and valleys of bursty traffic. With shaping, the absolute value of each weight is used to compute the bandwidth available for the queues.

srr-queue bandwidth shapeweight1 weight2 weight3 weight4

The inverse ratio (1/weight) controls the shaping bandwidth for this queue.In other words, queue1 is reserved 1/weight1 percent of total bandwidth and so on. If you configure a weight of 0, the corresponding queue operates in shared mode. The weight specified with the srr-queue bandwidth shape command is ignored, and the weights specified with the srr-queue bandwidth share interface configuration command for a queue come into effect.

In shared mode, the queues share the bandwidth among them according to the configured weights. The bandwidth is guaranteed at this level but not limited to it. For example, if a queue is empty and no longer requires a share of the link, the remaining queues can expand into the unused bandwidth and share it among them.

srr-queue bandwidth share weight1 weight2 weight3 weight4

queue1 is guranteed a minimum of weight1/(weight1 + weight2 + weight3 + weight4) percent of the bandwidth but can also eat up into the bandwidth of other non-shaped queues if required.

sharma.amit23 Sun, 05/20/2012 - 05:38

Hello guys...

I need your help to learn about QOS...

i tried to study books and videos many times but still feel i am not well known about QOs...

can you tell me what is best and which way is good to get full knowledge in QOS and feel me better in QOS?

thanks

v.ganapathi Sun, 05/20/2012 - 20:21

Hi Amit,

I know this question was directed to Shashank / Sweta, but would like to answer it. I understand you have gone though multiple videos / books. I would still suggest you to go through "Kevin Wallace" QoS videos - they are great.

At least i know that you may be knowing why we require QoS. Now, the only thing to understand would be the different tools available to overcome the issues.

Congestion Management : FIFO, WFQ, CBWFQ, LLQ (Queuing)

Congestion Avoidance : WTD, RED, WRED

Traffic Shaping & Policing

Kevin Wallace has his own site (www.1examamonth.com). I am not advertising anyone's site here, but its one of the best videos which i must highlight.

Thanks

Vivek

shashasi Sun, 05/20/2012 - 21:47

Hi Amit,

Vivek has suggested some excellent QoS resources. I would just like to add a few points.

Though the underlying theory remains the same, understanding and configuring QoS on switches requires a certain degree of platform knowledge. This is mainly because Switches are designed to perform QoS in hardware (ASICs) unlike most of the Routers which depend on the IOS for the same.

For example, on Catalyst 6500 switches, QoS is performed by the PFC (Policy Feature Card) on the supervisor engine and  hence it is important to have a prior understanding of what PFC is and how it works.

Aother good resource for understanding QoS on switches are the platform QoS configuration and troubleshooting documents available on Cisco.com. As each switch platform implements QoS in a different way, there are separate documents available for each platform. These documents provide a comprehensive perspective of QoS configuration and troubleshooting on respective switch platforms.

Hope this helps.

Regards,

Shashank

lcd_shouldit Sun, 05/20/2012 - 07:59

Hi Shashank / Sweta,

I have few questions:

1. Is it necessary to implement Qos on Catalyst, for the interfaces are almost 1G or 10G speed.

    If it is necessary, why?

2.When config QOS on Catalyst, we should map COS or DSCP to different Queue.

    I have read some CISCO documents, look like there should some standard and recommended map,but the map config in     these documents are not same, so would you please show one standard and recommended config about 

    COS or DSCP mapping to different Queue.

    Or how do you config these mapping.

3.When config QOS on Catalyst 3750, there are two parameters,which are bandwidth and buffer.

    I want to know how they works, if there is congestion on a port,which parameter will 3750 consider first.

Thank you~

JosephDoherty Sun, 05/20/2012 - 12:57

Disclaimer

The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.

Liability Disclaimer

In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.

Posting

changdong liu wrote:

Hi Shashank / Sweta,

I have few questions:

1. Is it necessary to implement Qos on Catalyst, for the interfaces are almost 1G or 10G speed.

    If it is necessary, why?

Any interface that can be offered more bandwidth than it can transmit (e.g. >10 gig in to 10 gig out) can congest.  Congested interfaces cause queuing delay and/or frame/packet drops.

If congestion is enough is adverse to application(s), then QoS might be used to favor some traffic at the expense of other traffic.

Typically QoS is used to manage interface congestion; via traffic prioritization and/or traffic drop preference.    I.e. some traffic can be provided reduced queuing latency and/or drops while other traffic experiences increased queuing delay and/or drops.  For example, if there's both VoIP and FTP traffic passing across a congested interface, we could use QoS to "move" queuing delay and/or drops to just impact the FTP traffic.

BTW, with "fast" interfaces (usually FastEthernet and faster), transient congestion is more likely to cause buffer exhaustion (on some switches) rather than a latency delay issue.

smogra Sun, 05/20/2012 - 22:50

Hi Changdong,

Both bandwidth and buffer will be utilized simultenously when there is congestion on the port. Bandwidth actually will determine how many packets will be processed from the queue in each round robin cycle and buffer will determine the maximum number of packets that can be stored in the buffer .

Following commands can be used to check the existing mappings:

sh mls qos maps cos-output-q >>> map of cos values to output queue

sh mls qos maps dscp-output-q >>> map of dscp values to output queue

sh mls qos maps cos-input-q >>> map of cos values to input queue

sh mls qos maps dscp-input-q >>> map of dscp values to input queue

Unless changed via configuration, the values seen through the above commands are the default (standard) values and the recommened ones as well. But however, you can change them as per your requirements by commands below:

sw(config)# mls qos srr-queue input cos-map queue 1 thershold 3 0

! this will map cos 0 to input queue 1 threshold 3.

sw(config)# mls qos srr-queue input dscp-map queue 1 thershold 2 46

! this will map dscp 46 to input queue 1 threshold 2.

In similar way, you can change the mappings for output queues.

Regards,

Sweta

goatnetworking Mon, 05/21/2012 - 05:03

How can I view the packet counts in each egress queue exiting a 6500 switch port?

shashasi Mon, 05/21/2012 - 05:36

As far as I know, there is no command to show packet count transmitted per queue on 6500. However we can check the number of packets dropped in each queue using 'sh queueing interface gix/y' command. We can also check the packets transmitted after hitting a particular class-map (if applied via a policy map on an interface) using "sh mls qos ip" command.

Regards,

Shashank

adam-styles Mon, 05/21/2012 - 13:39

Hi all,

Do you see any future developments in bringing a more unified approach to deploying QoS on Catalyst Switches? I understand the hardware used between models in very different, which makes deploying QoS on a 6500 very different to deploying QoS on a 3750. Are there plans to perhaps have the priority queue numbered as queue number X on all Catalyst platforms?

Thanks,

Adam

smogra Mon, 05/21/2012 - 21:53

Hi Adam,

As far as I know, for existing platforms there are no plans to change the prevailing architecture. This again comes from the fact that the ASICs used in different platforms have been designed in different ways. This however may be a possibility for upcoming products.

-Sweta

smogra Mon, 05/21/2012 - 23:04

Hi Sanjeev,

Request you to share the model of switches and routers which you are using in your network.

-Sweta

sanjeevmahadani Tue, 05/22/2012 - 05:22

HI Sweta,

Below is two routers and two switches connected.

There are 4 devices in the network, located at call center, and accessing the CIC servers. I don't know how to enclose the configuration files.....pls. suggest if i can paste the configurations here for all the devices.

C3900-SPE100/K9 Router A

C3900-SPE100/K9 Router B

CIC Swich 4948 with flash bootflash:cat4500-entservices-mz.122-53.SG5.bin

ws-c3750x-24

Regards

Sanjeev

shashasi Tue, 05/22/2012 - 12:09

Hi Sanjeev,

Thanks for reaching out. Just wanted to let you know that we are focussing on Catalyst QoS in this dedicated discussion and end to end QoS configuration assistance is outside its scope. If you have any specific questions about a feature or a topic on Catalyst QoS we will be more than glad to answer them for you.

For QoS configuration assistance and best practices, I would suggest following the Campus QoS design guide located at

http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND/QoSDesign.html

Regards,

Shashank

Surya ARBY Mon, 05/28/2012 - 07:22

Hello.

I want to use QoS over QinQ tunnels in Cat3750 (not E or X).

(I posted details of my issue here :

https://supportforums.cisco.com/message/3646171#3646171 )

I want L2 QoS only, and by default the switch copies fields of incoming traffic to the outer 802.1q header of the tunnel; what I want is to preserve the marking of the tunneled traffic (I have to be the most transparent as possible) but apply my own QoS to the tunnel (which is associated to a specific customer); is it possible to keep QoS informations of the tunneled traffic and apply my own rules to a specific tunnel ?

I couldn't find the answer in the documentation.

If I use on my ingress interface something like

mls qos cos 1 override

will it destroy the incoming QoS infos and set the .1p field of the outer header to 1 ?

I will have 2 tunnels (one for each customer) and my final goal is to provide 2% of the badnwidth to the customer A and 10% to B.

shashasi Mon, 05/28/2012 - 08:58

Hi,

You can use the "set cos" or "set ip dscp" policy map commands which change the cos/dscp value of only the outer tag of the encapsulated packet.

Though I assume that 'mls qos cos 1 override' will also affect only the outer (service provider) tag, I am not 100% sure on this.

Regards,

Shashank

Surya ARBY Mon, 05/28/2012 - 09:06

Thank you.

I'll try to trust dscp and override cos; if I can at least keep dscp intact and enforce my qos at layer 2 it would be ok.

Is there any guide about QinQ related QoS somewhere ? I couldn't find anything except the documentation and the configuration examples page :

http://www.cisco.com/en/US/products/hw/switches/ps5023/products_tech_note09186a0080883f9e.shtml

Seems to be far from being simple !

soliehm.jeevan Mon, 05/21/2012 - 23:21

Hi,

I am looking for help in configuring marking packets on the SVIs on 3750s and 3750s. Only marking on the outbound direction.

I have multiple ACLs in the class-map. I am unable to apply the service-policy on the SVI. It throws an error "

%QOSMGR-4-CLASS_NOT_SUPPORTED: Classification is not supported in classmap XXXX "

Could you provide your suggestions as to how can I mark packets on SVIs.

ThX

shashasi Mon, 05/21/2012 - 23:32

Could you please share your ACL, class-map and policy-map config?

Regards,

Shashank

soliehm.jeevan Tue, 05/22/2012 - 00:22

ip access-list extended RFC1918

permit ip any 10.0.0.0 0.255.255.255

permit ip any 172.16.0.0 0.15.255.255

permit ip any 192.168.0.0 0.0.255.255

ip access-list extended IP_VOICE

permit udp any gt 1023 any eq 1719

permit udp any eq 1719 any gt 1023

permit tcp any gt 1023 any eq 1720

permit tcp any eq 1720 any gt 1023

class-map match-all IP_VOICE

  match access-group name RFC1918

  match access-group name IP_VOICE

policy-map MARK_VOICE

  class IP_VOICE

  set dscp ef

I am trying to apply this on the SVI in outbound direction.

Thanks

shashasi Tue, 05/22/2012 - 04:50

Hi Soilehm,

More than one match statements in a class-map is not supported. Please see the explanation below

taken from http://www.cisco.com/en/US/docs/switches/lan/catalyst2970/software/release/12.1_11_ax/system/message/msg_desc.html

Error Message   

QOSMGR-4-CLASS_NOT_SUPPORTED: Classification is not supported in classmap [chars]


Explanation   

This message means that an unsupported match class-map configuration command was configured in a policy map and attached to an egress interface or that more than one match command was configured. This is a hardware limitation. [chars] is the class-map name.


Recommended Action

Reconfigure the class map or the policy map. Use only the match ip dscp dscp-list class-map configuration command in a policy map that is attached to an egress interface. Only one match per class map is supported.

Hope this helps.

Regards,

Shashank

v.ganapathi Wed, 05/23/2012 - 03:24

Hi jeevan,

It's a hardware limitation on 3750. You can actually fix your ACL as i notice "match-all" in your policy-map. Probably club those two ACL's together & have one match statement. Just highlighed, you may already know the fix

Thanks

Vivek

soliehm.jeevan Wed, 05/23/2012 - 03:32

Thanks Vivek :-)

Do u happen to hear about support for object-groups in ACLs on these platforms ?

v.ganapathi Wed, 05/23/2012 - 03:48

3750 platforms doesn't have the support of object-groups yet. I believe on router starting IOS 12.4 we do have. Unfortunately, this is not the case on 3750.

I would still suggest to check the feature navigator. But i doubt.

shashasi Wed, 05/23/2012 - 08:04

Thanks Vivek for pitching in with your excellent replies!

Regards,

Shashank

jmoss1@preston.... Tue, 05/22/2012 - 02:37

Hi, I am wondering about best practices when trying to mark and classify webex video traffic from the users PC client.  I have looked around and nbar is possibly one option or i could match on the destination and ports of the traffic.

But i'm wondering on what other people had experienced?  as there does not seem to be a best practices guide on this currently (unless i'm missing it)? 

thanks in advance

Jonathan         

shashasi Tue, 05/22/2012 - 04:56

Hi Jonathan,

First time any traffic is marked, we normally depend either on nbar or an ACL (matching L4ports/IP address etc). Once traffic is marked with a dscp/ip prec, the marking can be used to classify traffic on every subsequent hop which will also be quicker as deep packet inspection will be avoided.

Hope that helps.

Regards,

Shashank

m.sir Tue, 05/22/2012 - 03:02

Hello

I need limit bandwidth on Cisco 3750 using command srr-queue bandwidth limit

However i need limit speed around 30 Mbit sec.. interface is 1 Gig.. My question is if I  force speed on interface to 100 Mbit and apply command srr-queue bandwidth limit 30  will i get desired 30 Mbit??.. in other words is limit calculated from HW speed of interface (1 Gig) or from actual speed (100Mbit) ??

thanks

msir

shashasi Tue, 05/22/2012 - 05:05

weight specified in "srr-queue bandiwdth limit weight" is percentage of the port speed to which the standard port should be limited and not the maximum speed of the interface.  So your comfiguration should work to limit the rate to 30 mbps. However please note that this command only affects egress rate. If you wish to rate limit ingress traffic, policing is the option.

Regards,

Shashank

jkeeffe Tue, 05/22/2012 - 12:54

Hello - This question has to do with QoS on a 6500 1P3Q8T line card, and the max/min thresholds to be more specific.

In the following example, what tells the scheduler (if that is the correct term) to drop packets in queue 1 before queue 2, and queue 2 before queue 3?  I'm still a little confused about the min/max values and how to determine what to use.  Since the values for queue 1 & 2 are the same, what then gives preference to queue 2 over queue 1?

int gx/x

mls qos trust dscp

wrr-queue queue-limit 5 40 25

priority-queue queue-limit 30

wrr-queue bandwidth 5 50 45

wrr-queue random-detect 1

wrr-queue random-detect 2

wrr-queue random-detect 3

wrr-queue random-detect max-threshold 1 100 100 100 100 100 100 100 100

wrr-queue random-detect min-threshold 1 80 100 100 100 100 100 100 100

wrr-queue random-detect max-threshold 2 100 100 100 100 100 100 100 100

wrr-queue random-detect min-threshold 2 80 100 100 100 100 100 100 100

wrr-queue random-detect max-threshold 3 70 80 90 100 100 100 100 100

wrr-queue random-detect min-threshold 3 60 70 80 90 100 100 100 100

wrr-queue cos-map 1 1 1

wrr-queue cos-map 2 1 0

wrr-queue cos-map 3 1 2

wrr-queue cos-map 3 2 3

wrr-queue cos-map 3 3 6

wrr-queue cos-map 3 4 7

priority-queue cos-map 1 4 5

smogra Tue, 05/22/2012 - 20:05

Hi,

Please find the answers below:

I'm still a little confused about the min/max values and how to determine what to use.

The min threshold identifies the queue size percentage at which the WRED dropping starts to be applied, while the max threshold identifies the queue size level at which tail drops occur.

Since the values for queue 1 & 2 are the same, what then gives preference to queue 2 over queue 1?

You need to consider bandwidth ratios for the queues. If bandwidth ratios were the same, then they would be treated the same.  If bandwidth ratios were different, scheduler will remove lesser number of packets from queue having lower bandwidth guarantee.

Regards,

Sweta

jkeeffe Wed, 05/23/2012 - 06:48

--

You need to consider bandwidth ratios for the queues. If bandwidth  ratios were the same, then they would be treated the same.  If bandwidth  ratios were different, scheduler will remove lesser number of packets  from queue having lower bandwidth guarantee.

So if I want to have more packets in queue 1 dropped than queue 2 I need to have the bandwidth for queue 1 higher than queue 2 - am I understanding you correctly?

smogra Wed, 05/23/2012 - 08:12

Packets in queue with lower bandwidth guarantee are more likely to be dropped. so, queue 1 needs to have lower bandwidth to drop more packets.

jdance@greenwich.com Tue, 05/22/2012 - 19:46

Shashank,

In my limited understanding of dscp and cos, isn't dscp used at layer 3 and cost at layer 2?

Regards,

Jason

shashasi Tue, 05/22/2012 - 19:54

You are right Jason. Dscp is derived from the TOS field in IP header (layer 3) and CoS is a field in the 802.1Q tag (layer 2) in ethernet frame.

Regards,

Shashank

slugggerzzz Wed, 05/23/2012 - 02:52

I am trying to convert the smartport profile on a CE 500 switch to a 2960 switch.

Can anyone help ?

smogra Wed, 05/23/2012 - 08:15

Hi Lewis,

The smartport roles on CE500 are based on the type of devices to be connected to the switch ports. If you had Cisco IP phones role for a port on CE500, in that case you can use auto-qos feature on 2960 which suffice most of the times. Or if you are connecting to other switch and your traffic is coming premarked at the source, you can simply trust the marking (mls qos trust cos/dscp). If however you are planning to mark traffic on the switch, we will have to apply the service policy.

-Sweta

Actions

Login or Register to take actions

This Discussion

Posted May 18, 2012 at 3:05 PM
Stats:
Replies:117 Avg. Rating:4.875
Views:13851 Votes:0
Shares:1

Related Content

Discussions Leaderboard

Rank Username Points
1 14,997
2 8,150
3 7,720
4 7,078
5 6,710
Rank Username Points
195
80
59
57
57