ADMINISTERING CISCO QoS IP NETWORKS - CHAPTER 3 pps

Introduction to Quality of Service Solutions in this chapter: ■ Defining Quality of Service ■ Understanding Congestion Management ■ Defining General Queuing Concepts ■ Understanding Con

Introduction to Quality of Service

Solutions in this chapter:

■ Defining Quality of Service

■ Understanding Congestion Management

■ Defining General Queuing Concepts

■ Understanding Congestion Avoidance

■ Introducing Policing and Traffic Shaping

Chapter 3

123

In this chapter, we will discuss the basic concepts behind Quality of Service(QoS), the need for it, and we will introduce you to several of the types of QoSmechanisms available Quality of Service itself is not something that you con-figure on a Cisco router, rather it is an overall term that refers to a wide variety

of mechanisms used to influence traffic patterns on a network

Congestion Management is a collection of QoS mechanisms that will dealwith network congestion as it occurs and will perform various actions on thetraffic that is congesting the network There are several congestion managementmechanisms and each behaves differently.This chapter will introduce you to theoverall concept of congestion management and some of the congestion manage-ment mechanisms that are available on Cisco routers

Congestion avoidance is another classification within the larger umbrella ofQoS mechanisms that focuses on preventing congestion, rather than dealing with

it as it happens.This does not mean that congestion avoidance is any better orworse than congestion management, it is simply different.This chapter will dis-cuss the theory behind congestion avoidance and present some possible scenarioswhere it may be preferable to use congestion avoidance, rather than congestionmanagement

Policing and Traffic Shaping are other groups of mechanisms that may helpwith network congestion and provide QoS to your network traffic.This chapterwill introduce concepts and theories surrounding policing and shaping and willdiscuss where these may be preferable to other QoS mechanisms

Defining Quality of Service

Quality of Service (QoS) is the term used to define the ability of a network toprovide different levels of service assurances to the various forms of traffic Itenables network administrators to assign certain traffic priority over others oractual levels of quality with respect to network bandwidth or end-to-en delay Atypical network may have one or many of the following data link layer technolo-gies for which can be QoS enabled:

■ Frame Relay

■ Ethernet

■ Token Ring

■ Point-to-Point Protocol (PPP)

■ HDLC

■ X.25

Each of these underlying technologies has different characteristics that need

to be considered when implementing QoS QoS can be implemented in tion management or congestion avoidance situations Congestion managementtechniques are used to manage and prioritize traffic in a network where applica-tions request more bandwidth than the network is able to provide By prioritizingcertain classes of traffic, congestion management techniques enable business crit-ical or delay sensitive applications to operate properly in a congested networkenvironment Conversely, collision avoidance techniques make use of the under-lying technologies’ mechanisms to try and avoid congestive situations

conges-Implementing QoS in a network can be a complicated undertaking for eventhe most seasoned network administrator.There are many different components

of QoS, which this book will address on an individual basis to provide you withbetter understanding of each component Enabling QoS on a network, when fin-ished, will allow you as the network administrator, a very high level of flexibility

to control the flow and actions of the traffic on the network

What Is Quality of Service?

Quality of Service is simply a set of tools available to network administrators toenforce certain assurances that a minimum level of services will be provided tocertain traffic Many protocols and applications are not critically sensitive to net-work congestion File Transfer Protocol (FTP), for example, has a rather large tol-erance for network delay or bandwidth limitation.To the user, FTP simply takeslonger to download a file to the target system Although annoying to the user,this slowness does not normally impede the operation of the application On theother hand, new applications such as Voice and Video are particularly sensitive tonetwork delay If voice packets take too long to reach their destination, theresulting speech sounds choppy or distorted QoS can be used to provide assuredservices to these applications Critical business applications can also make use ofQoS Companies whose main business focus relies on SNA-based network trafficcan feel the pressures of network congestion SNA is very sensitive to its hand-shake protocol and normally terminates a session when it does not receive anacknowledgement in time Unlike TCP/IP, which recovers well from a bad hand-

shake, SNA does not operate well in a congested environment In these cases, oritizing SNA traffic over all other protocols could be a proper approach to QoS.

pri-Applications for Quality of Service

When would a network engineer consider designing quality of service into anetwork? Here are a few reasons to deploy QoS in a network topology:

■ To give priority to certain mission critical applications in the network

■ To maximize the use of the current network investment in infrastructure

■ Better performance for delay sensitive applications such as Voice andVideo

■ To respond to changes in network traffic flowsThe last bullet may seem like a trivial one After all, traffic flow cannot dra-matically change overnight can it? Naptser© PointCast©.World-Wide-Web.Theseare all examples of “self-deployed” applications that cause network administratorsnightmares No one ever planned for Web browsing to take off the way it did, yettoday, most of the traffic flowing through the Internet carries the prefix “http.” Inorder to adapt to these changes in bandwidth requests, QoS can be used to

ensure that users listening to radio stations over the Internet do not smother thenetwork traffic vital to the company

Often we find that the simplest method for achieving better performance on

a network is to throw more bandwidth at the problem In this day and age ofGigabit Ethernet and Optical Networking, higher capacities are readily available.More bandwidth does not, however, always guarantee a certain level of perfor-mance It may well be that the very protocols that cause the congestion in thefirst place will simply eat up the additional bandwidth, leading to the same con-gestion issues experienced before the bandwidth upgrade A more judicious

approach is to analyze the traffic flowing through the bottleneck, determining theimportance of each protocol and application, and determine a strategy to priori-tize the access to the bandwidth QoS allows the network administrator to havecontrol over bandwidth, latency, and jitter, and minimize packet loss within thenetwork by prioritizing various protocols Bandwidth is the measure of capacity

on the network or a specific link Latency is the delay of a packet traversing thenetwork and jitter is the change of latency over a given period of time

Deploying certain types of quality of service techniques can control these threeparameters

Currently within many corporate networks, QoS is not widely deployed Butwith the push for applications such as multicast, streaming multimedia, and Voiceover IP (VoIP) the need for certain quality levels is more inherent Especiallybecause these types of applications are susceptible to jitter and delay and poorperformance is immediately noticed by the end-user End-users experiencingpoor performance typically generate trouble tickets and the network adminis-trator is left troubleshooting the performance problem A network administratorcan proactively manage new sensitive applications by applying QoS techniques tothe network It is important to realize that QoS is not the magic solution toevery congestion problem It may very well be that upgrading the bandwidth of acongested link is the proper solution to the problem However, by knowing theoptions available, you will be in a better position to make the proper decision tosolve congestion issues.

Three Levels of QoSQoS can be broken down into three different levels, also referred to as servicemodels.These service models describe a set of end-to-end QoS capabilities End-to-end QoS is the ability of the network to provide a specific level of service tonetwork traffic from one end of the network to the other.The three servicelevels are best-effort service, integrated service, and differentiated service.We’llexamine each service model in greater detail

Best-Effort Service

Best-effort service, as its name implies, is when the network will make every sible attempt to deliver a packet to its destination.With best-effort service thereare no guarantees that the packet will ever reach its intended destination Anapplication can send data in any amount, whenever it needs to, withoutrequesting permission or notifying the network Certain applications can thriveunder this model FTP and HTTP, for example, can support best-effort servicewithout much hardship.This is, however, not an optimal service model for appli-cations which are sensitive to network delays, bandwidth fluctuations, and otherchanging network conditions Network telephony applications, for example, mayrequire a more consistent amount of bandwidth in order to function properly

pos-The results of best-effort service for these applications could result in failed phone calls or interrupted speech during the call

tele-Integrated Service

The integrated service model provides applications with a guaranteed level of vice by negotiating network parameters end-to-end Applications request the

ser-level of service necessary for them to operate properly and rely on the QoSmechanism to reserve the necessary network resources prior to the applicationbeginning its transmission It is important to note that the application will notsend the traffic until it receives a signal from the network stating that the net-work can handle the load and provide the requested QoS end-to-end.

To accomplish this, the network uses a process called admission control.Admission control is the mechanism that prevents the network from being over-loaded.The network will not send a signal to the application to start transmittingthe data if the requested QoS cannot be delivered Once the application beginsthe transmission of data, the network resources reserved for the application aremaintained end-to-end until the application is done or until the bandwidthreservation exceeds what is allowable for this application.The network will per-form its tasks of maintaining the per-flow state, classification, policing, and intelli-gent queuing per packet to meet the required QoS

Cisco IOS has two features to provide integrated service in the form of trolled load services.They are Resource Reservation Protocol (RSVP) and intel-ligent queuing RSVP is currently in the process of being standardized by theInternet Engineering Task Force (IETF) in one of their working groups

con-Intelligent queuing includes technologies such as Weighted Fair Queuing (WFQ)and Weighted Random Early Detection (WRED)

RSVP is a Cisco proprietary protocol used to signal the network of the QoSrequirements of an application It is important to note that RSVP is not a routingprotocol RSVP works in conjunction with the routing protocols to determinethe best path through the network that will provide the QoS required RSVPenabled routers actually create dynamic access lists to provide the QoS requestedand ensure that packets are delivered at the prescribed minimum quality parame-ters RSVP will be covered in greater details later in this book

Differentiated Service

The last model for QoS is the differentiated service model Differentiated serviceincludes a set of classification tools and queuing mechanisms to provide certainprotocols or applications with a certain priority over other network traffic.Differentiated services rely on the edge routers to perform the classification ofthe different types of packets traversing a network Network traffic can be classi-fied by network address, protocols and ports, ingress interfaces or whatever classi-fication that can be accomplished through the use of a standard or extendedaccess list

Understanding Congestion Management

Congestion management is a general term that encompasses different types ofqueuing strategies used to manage situations where the bandwidth demands ofnetwork applications exceed the total bandwidth that can be provided by thenetwork Congestion management does not control congestion before it occurs

It controls the injection of traffic into the network so that certain network flowshave priority over others In this section, the most basic of the congestion man-agement queuing techniques will be discussed at a high level A more detailedexplanation will follow in later chapters in the book.We will examine the fol-lowing congestion management techniques:

■ First in First Out Queuing

■ Priority Queuing

■ Custom Queuing

■ Weighted Fair Queuing (WFQ)Many of these queuing strategies are applied in a situation where the trafficexiting an interface on the router exceeds the bandwidth on the egress port andneeds to be prioritized Priority and Custom Queuing require some basic plan-ning and forethought by the network administration to implement and configurecorrectly on the router.The network administrator must have a good under-standing of the traffic flows and how the traffic should be prioritized in order toengineer an efficient queuing strategy Poorly planned prioritization can lead tosituations worse that the congestive state itself FIFO and WFQ, on the otherhand, require very little configuration in order to work properly In the CiscoIOS,WFQ is enabled by default on links of E1 speed (2.048 Mbps) or slower

Conversely, FIFO is enabled by default on links faster than E1 speeds.We willcover these default behaviors in greater details later in this chapter

Defining General Queuing Concepts

Before we begin discussing different forms of queuing and QoS strategies, it isimportant to understand the basics of the queuing process itself In this section,

we will discuss the concepts of packet queues and the key concepts of leakybucket and tail drops

Queues exist within a router in order to hold packets until there are enoughresources to forward the packets out the egress port If there is no congestion inthe router, the packets will be forwarded immediately A network queue can becompared to a waiting line at a carnival attraction If no one is waiting for theride, people just walk through the line without waiting.This represents the state

of a queue when the network is not experiencing congestion.When a busload ofpeople arrives to try the new roller coaster, there may not me enough seats tohandle everyone on the first ride People then wait in line in the order they

Router interfaces can only be configured with one type of queuing If a second queuing technique is applied to the interface, the router will either replace the old queuing process with the newly configured one,

or report an error message informing the network administrator that a certain queuing process is in operation and needs to be removed before

a new one can be applied The following shows an error reported when custom queuing is applied over priority queuing:

Christy#

Christy#conf t Enter configuration commands, one per line End with CNTL/Z.

Christy(config)#interface serial 0/0 Christy(config-if)#priority-group 1 Christy(config-if)#

Christy(config-if)#custom-queue-list 1 Must remove priority-group configuration first.

Christy(config-if)#end Christy#

Queuing on Interfaces

arrived in until it is their turn to ride the coaster Network queues are used tohandle traffic bursts arriving faster than the egress interface can handle Forexample, a router connecting an FastEthernet LAN interface to a T1 WAN cir-cuit will often see chunks of traffic arriving on the LAN interface faster than itcan send it out to the WAN In this case, the queue places the traffic in a waitingline so that the T1 circuit can process the packets at its own pace Speed mis-matches and queues filling up do not necessarily indicate an unacceptable con-gestion situation It is a normal network operation necessary to handle trafficgoing in and out of an interface.

Leaky Bucket

The leaky bucket is a key concept in understanding queuing theory A networkqueue can be compared to a bucket into which network packets are poured.Thebucket has a hole at the bottom that lets packets drip out at a constant rate In anetwork environment, the drip rate would be the speed of the interface serviced

by that queue or bucket If packets drop in the bucket faster than the hole can letthem drip out, the bucket slowly fills up If too many packets drop in the bucket,the bucket may eventually overflow.Those packets are lost since they do not dripout of the bucket Figure 3.1 depicts the leaky bucket analogy

Figure 3.1The Leaky Bucket Analogy

Bursty packets drop in the buckets.

Ordered packets leak out of the bucket at a constant and steady rate.

This mechanism is well suited to handle network traffic that is too large innature If packets drop in the bucket in bunches, the bucket simply fills up andslowly leaks out at its constant rate.This way, it doesn’t really matter how fast thepackets drop in the bucket, as long as the bucket itself can still contain them.Thisanalogy is used when describing network queues Packets enter a queue at anygiven rate, but exit the queue at a constant rate, which cannot exceed the speed

of the egress interface

Tail Drop

What happens when the bucket fills up? It spills over, of course.When dealingwith network queues, these buckets are allocated a certain amount of the router’smemory.This means that these queues are not infinite.They can only hold a pre-determined amount of information Network administrators can normally con-figure the queue sizes if necessary, but the Cisco Internetwork Operating System(IOS) normally allows for pretty balanced default queue size values.When aqueue fills up, packets are placed in the queue in the order that they were

received.When the amount of packets that enter the queue exceed the queue’scapacity to hold them, the bucket spills over In queuing terminology, the queueexperiences a tail drop.These tail drops represent packets that never entered thequeue.They are instead simply discarded by the router Upper layer protocols usetheir acknowledgement and retransmission process to detect these dropped

packets and retransmits them.Tail drops are not a direct indication that there issomething wrong with the network For example, it is normal for a 100 MbpsFastEthernet interface to send too much information too fast to a 1.544 Mbps T1interface.These dropped packets often are used by upper layer protocols to

throttle down the rate at which they send information to the router Some QoSmechanisms such as Random Early Detection (RED) and Weighted RandomEarly Detection (WRED) make use of these principles to control the level ofcongestion on the network

Tail drops can obviously impact user response Dropped packets meanrequests for retransmissions.With more and more applications riding on theTCP/IP protocol, tail drops can also introduce another phenomenon known as

global synchronization Global synchronization comes from the interaction of an

upper layer mechanism of TCP/IP called the sliding window Simply put, the

transmission window of a single TPC/IP communication represents the number

of packets that the sender can transmit in each transmission block If the block issuccessfully sent without errors, the window size “slides” upwards, allowing thesender to transmit more packets per interval If an error occurs in the transmission,

the window size slides down to a lower value and starts creeping up again.Whenmany TCP/IP conversations occur simultaneously, each conversation increases itswindow size as packets are successfully transmitted Eventually, these conversationsuse up all the available bandwidth, which causes the interface’s queue to droppackets.These dropped packets are interpreted as transmission errors for all of theconversations, which simultaneously reduces their window sizes to send fewerpackets per interval.This global synchronization causes the fluctuating networkusage that can be seen in Figure 3.2.

We can clearly see that the average utilization of the link over time is muchless than the total available bandwidth Later in this book, we will cover conges-tion avoidance methods which use the sliding window characteristics of TCP/IP

to maximize the average throughput of a link by attempting to keep the link out

of a congestive state

Token Bucket

The token bucket is another mechanism used in QoS It represents a pool ofresources that can be used by a service whenever it needs it Unlike the leakybucket, the token bucket does not let anything drip from the bottom.What goes

in the bucket must come out from the top As time passes, tokens are added to

Figure 3.2Global Synchronization

Throughput

Congestion Point

Average Utilization Link Utilization

the bucket by the network.When an application needs to send something out tothe network, it must remove the amount of tokens equal to the amount of data itneeds to transmit If there are not enough tokens in the bucket, the applicationmust wait until the network adds more tokens to the bucket If the applicationdoes not make use of its tokens, the token bucket may eventually spill over.Thespilled tokens are then lost and the application cannot make use of them.Thismeans that each token bucket has a clearly defined maximum token capacity.Token buckets are used in traffic shaping and other applications where trafficoccurs in bursts.The token bucket permits bursts by letting the applicationremove a large number of token from its bucket to send information, but limitsthe size of these bursts by only allowing a certain number of tokens in the

bucket

First In First Out Queuing

First in first out (FIFO) queuing is the simplest type FIFO queuing simply statesthat the first packet entering the interface will be the first packet to exit theinterface No special packet classification is made.The mechanism is comprised

on one single leaky bucket which handles all the traffic for the egress interface.Figure 3.3 shows FIFO queuing in action

The main purpose of a FIFO queue is to handle inbound packets to an face, place them in the queue in the order that they were received, and feed themout to the egress interface at a constant rate that the interface can handle If therate at which the packets enter the queue is slower than the rate at which thequeue services them, FIFO queuing becomes a mechanism that is transparent tothe packets flowing through the interface.The packets simply flow through thequeue as if it wasn’t there, similarly to an empty waiting line at a carnival ride

inter-Figure 3.3FIFO Queuing

FIFO Queue Input Packets Output Packets