Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to discuss with Cisco expert Santiago Alvarez the implementation of QoS in IP/MPLS networks using Cisco IOS and Cisco IOS XR Software.
Santiago, (CCIE # 3621), is the manager of the technical marketing engineering group for service providers in the Network Software and Systems technology group. Since 2000, his main areas of focus have been MPLS and QoS technologies.
Remember to use the rating system to let Santiago know if you have received an adequate response.
Santiago might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through August 25, 2006. Visit this forum often to view responses to your questions and the questions of other community members.
May I ask a "vtp password" question?
My question is,
There are 10 switches which has same VTP domain, but without configure "VTP password". If I need to configure "VTP password" to each switch. How can I SAFTY to perform it? It will not affect users which are connected.
ON our CE routers from HQ(T3) to multiple remotes(T1, Frame and ATM), AT&T has GSR as their PE with a fully-meshed MPLS VPN that is QoS provision to:
40% Voip Real Time (RT) for dscp 40 and 46
On the 60% for data, ATT is giving
Burst High B(H%)=48 for (dscp 24/cs3, 25, 26/af31 and 28/af32)
Burst Low (BL)%=6 for (dscp 18/af21 and 20/af22)
Best Effort (BE)%=6 for (dscp 0, cs1/cs2/AF1x, and AF4x)
Base on the SRND, I want to implement the following
class-map match-all ROUTING
match ip dscp cs6 <-----------ATT will give dscp 48 to the highest class
class-map match-all VOICE
match ip dscp ef
class-map match-any CALL-SIGNALING
match ip dscp af31
match ip dscp cs3
class-map match-all NETWORK-MANAGEMENT
match ip dscp cs2
class-map match-all SCAVENGER
match ip dscp cs1
bandwidth percent 3
priority percent 33
priority percent 2
set ip dscp cs5
bandwidth percent 2
set ip dscp cs3
bandwidth percent 1
bandwidth percent 24
random-detect <--------Can I do this on Ds3?
interface serial 1/0
service-policy output CE-THREE-CLASS-SP-MODEL
1. Please see random-detect above?
2. ATT is giving only 6% for Best Effort while Cisco recommends 25% - Do I need to tell ATT to change this or can I work with the 6%. Otherwise, I will use the BL/BE above to combine to 12% for best effort
besides your questions addressed at the moderator, there is one thing I (and Cisco afaik) would not recommend: a priority queue for call signaling traffic. The priority queue comes with a policer, i.e. in an overload situation excess traffic will be dropped and NOT queued. While this is OK for real time traffic, signaling essentially is data transfer, i.e. queueing and not dropping will be preferable.
I rather have a telephone ring a second later than not at all ;-)
So use instead of the above:
bandwidth percent 2
Regarding item #1, enabling WRED would help high-throughput TCP traffic. You need to identify how much of that type of traffic you have in that class (vs UDP, interactive TCP, others).
Regarding item #2, you'd only need to ask them to increase the allocation if you know that the amount of best effort traffic will typically exceed the current bandwidth allocation on their side.
I was replying to samuel0901 regarding his VTP question. Apologies if my reply got mixed with your question. I've answered your question in a separate posting.
Sorry, really off-topic. I'd suggest you search Cisco.com or use a more appropriate NetPro forum for the question.
Can you please outline the main QoS differences and similarities between an IP and an MPLS network?
Good question! If you're building your own MPLS network, there is a lot in common between both technologies. Both rely heavily on the DiffServ architecture to provide QoS. They have the same concept of aggregating traffic into a small number of classes that are identified by a packet marking. Based on the marking, the nodes in the network will offer a different service (behavior) to each packet. There are two areas where MPLS QoS and IP QoS are different. First, how packets are marked and second, the relationship between MPLS markings and IP markings when MPLS is transporting IP traffic. The first concept leads to E-LSPs and L-LSPs. The second one leads to pipe, short-pipe and uniform modes. If you have access to my book, it's all explained in the section "MPLS Support for DiffServ" in chapter 1.
Now, if you're just a subscriber for an IP VPN service, you're not really dealing with MPLS directly. It's just pure IP QoS. Some aspects of its deployment may be new to some that have migrated from a layer-2 P2P service (e.g. FR or ATM), but still is pure IP QoS.
I have a CAC and possible QOS question. Let me know if it fits this forum. Is there a best practice for QOS when meshing mgcp and H.323 devices on a MPLS network? Since QOS is independent of the gateway protocol the application of CAC is completely different for these gateways and it appear that the QoS is not working properly on VoIP calls tagged with EF46.
The network is MPLS with a point to point circuit. My goal is to apply QoS to allow a total of 14 calls. (example: if 10 calls originate from A to B, then calls originating from B to A will be 4) - maximum of 14 calls - want only 640Kbps of bandwidth to be consumed)
I have a problem where 6 calls one-way can be connected and established on a point to point circuit but is dependent on a MPLS circuit for tx and rx to the rest of the MPLS nodes. Calls originate from point A to location B (via point to point) and location B has a MPLS to location C MPLS .The RAS, H245, H225 messages or the MGCP packets communicate with either CCM or the gatekeeper physically located at location C.
From location A to B - 6 calls will complete, the 7th will fail, get a reorder tone. Calls from B to A will complete up to 14 calls, as defined by the gatekeeper or maybe less due to the bandwidth setting so if there are a couple of fax calls using g711. What messages should I look for to see if the QoS policy is causing this?
There's currently no mechanism to synch the CAC performed by your gateways with the MPLS network. From your description, it looks to me that you'd need to make sure the SLA provided by the MPLS network can support 14 calls and then, build your CAC solution on top of that using the gateways. I'd suggest troubleshooting the call setup failures at the gateways first. If the failures are being caused by the network, you'd need to verify that the classes of traffic that are transporting your signalling and your voice traffic aren't experiencing high latency/jitter/loss.
I'm building MPLS VPN QoS templates for my network. I understand that there is several modes operate under MPLS which is uniform mode, pipe mode, short-pipe mode.
For a managed and unmanaged CE router, should I implemenet uniform and short pipe mode together? or perhaps just the active the marking and classification from CE or PE routers? What is the best method to achived this?
Thanks in advance.
Yes. I'm working in Service Provider and operate MPLS network and of course, up to managed CE able to configure it.
I'm not sure I completely understand your question. Typically, all sites in a VPN will operate in the same mode. The choice of tunneling mode is independent of the type of CPE (managed vs unmanaged). Given that the subscriber is generally in a different DiffServ domain, either the pipe or short-pipe mode are used. When selecting between the two, you need to assess what the subscriber requirements are and the operational costs for you. Typically, a subscriber would prefer a short-pipe service. However, that implies a higher operational cost if subscribers are allowed any choice of packet markings.
Thanks for the explaination. Let me ask again. From the perspective of managed and unmanaged VPN services, of course the choice of tunneling mode recommended is the use uniform mode and unmanaged is either pipe or short-pipe mode is recommended for unmanaged.
Is it possible that we could combine this 2 different tunneling mode inside the same cloud of MPLS ?
From the presentation Cisco Networkers 2004 QoS in MPLS Network RST-1607, under IP SLA Enforcement:
explicit-null encapsulation may be used on CE to avoid remarking customer traffic.
Can you explain what is the meaning of this explicit-null? How the inter-action with building up QoS for MPLS VPN managed services...
thank you again.
I'm looking to implement mpls short-pipe dscp tunnels on 6500 10Gig (P) and gig (PE) modules (no flexwan or osm) running IOS SXF. The samples in the SX config guide seem to be for osm/flexwan modules and others I've found involve the use of the PFC unsupported qos-group command in the policy map statements. The dscp I'm trying to preserve through the MPLS core is "ef", but I suspect there will be more. What is the correct way to preserve the original dscp with the hardware/software I have? Thanks.
Platforms that support MPLS label imposition should copy the incoming packet marking to the imposed label(s) automatically. The egress PE should be able to perform packet classification after all required label dispositions have taken place. The use of qos-group should not be required. Having said that, the 6500 may exhibit some differences from what it's expected to be default behavior on MPLS-capable platforms. I'll attempt to find further info with the platform team and post it here. Hope this helps.
I would like to know, in providing QoS for IP/MPLS Networks like VPN services, is there any automated tools like provisioning say for example, managing thousand of CE routers, hundreds of PE routers that is available and comply with all cisco routers series.
Since, I'm managing quite number of large and complex QoS requirements, manually intervention at each particular CE and PE routers would be tedious. Would like to see in proper manage for national wide deployment :)
thanks in advance.
I'd suggest that you take a look at Cisco IP solution Center.
That Cisco product is a provisioning (and monitoring to some extent) tool that supports L2VPN, L3VPN, MPLS TE and Metro Ethernet. It provides full support for QoS within the context of those services for mananged or unmanaged CPE designs.
There are also 3rd party tools that provide provisioning capabilities, but I'm less familiar with those. Hope it helps.
i would like to know if a book on the new CCNP exam topics is out and how do one lay hands on it.thanks
I would like to recommend the NEW CCNP Prep Center off the main Cisco Website. I have been using the CCNA Prep Center, and I look forward to the Advanced topics that will become available. The first Webcast "CCNP Program Info & Wireless Fundamentals" is scheduled for August 30, 2006 at 8am Pacific, 10am Central. I am hoping that MPLS & QOS Topics will be discussed on future presentations, despite being related to CCIP Certification. The Link is as follows:
I hope you can help me with a funny problem. I have an policy-map IN an interface, when I issue the 'show policy-map interface F0/0' the following output appears:
Class-map: interactive (match-any)
259473 packets, 21948615 bytes
5 minute offered rate 55000 bps, drop rate 0 bps
Match: protocol citrix
259473 packets, 21948615 bytes
5 minute rate 55000 bps
Packets marked 260383
Is there any explanation why the 'Packets marked' is HIGHER than the 'Packets' counter, especially considering the policy is applied inbound!
On platforms with a distributed architecture (e.g. 7500, 12000, crs-1), you may experience some lag between counter values as measured on the linecards and as shown on the router processor (where the console of the router resides). This is related to the interprocess communication that takes placed between the line card and the RP.
Now, if you're experiencing this problem in a centrilized platform, it should be the result of a software defect. Unfortunately, your question doesn't provide details about hardware/software. Hope this helps.
Thank you for the fast answer, unfortunatelly it's not a distributed platform, here is the
output from sh ver if that helps!
Luckily it's only the counters marking seems to work fine!
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-IS-M), Version 12.2(15)T5, RELEASE SOFTWARE (fc1)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Thu 12-Jun-03 16:33 by eaarmas
Image text-base: 0x80008098, data-base: 0x819C28A0
ROM: System Bootstrap, Version 12.2(8r) [cmong 8r], RELEASE SOFTWARE (fc1)
WG4R1 uptime is 1 day, 11 hours, 52 minutes
System returned to ROM by power-on
System image file is "flash:c2600xm-is-mz.122-15.t5.bin"
cisco 2621XM (MPC860P) processor (revision 0x100) with 125952K/5120K bytes of memory.
Processor board ID FHK0846U00J (78507704)
M860 processor: part number 5, mask 2
X.25 software, Version 3.0.0.
2 FastEthernet/IEEE 802.3 interface(s)
2 Serial(sync/async) network interface(s)
32K bytes of non-volatile configuration memory.
32768K bytes of processor board System flash (Read/Write)
Configuration register is 0x2102
I hope you can help me a bit:
Im simulating a big MPLS Network(using Cisco Routers) with different Class of Services using OPNET, Analyzing QoS in this MPLS Network (Best Effort,IntServ,DiffServ)is the main Goal for my study project.
With your experience in this field (Qos MPLS) could you please suggest any Subjects that would be worth doing a Master-thesis on it(using OPNET as a simulating tool). Any advice would help me so much.