↪️
ccie.nyquist.eu
  • Table of Contents
  • Layer 2 Technologies
    • Ethernet Switching
      • L2 Switch Operations
      • Spanning Tree
        • 802.1d – STP
        • 802.1w – RSTP
        • 802.1s – MSTP
      • VTP 101
      • Private VLANs
      • VLANs
      • EtherChannel 101
    • Layer 2 WAN Protocols
      • HDLC
        • HDLC 101
      • PPP
        • PPP 101
        • PPP Authentication - PAP
        • PPP Authentication – CHAP
        • PPP Authentication – EAP
        • PPP Multilink
        • PPPoFR – PPP over Frame Relay
        • PPPoE – PPP over Ethernet
      • Frame Relay
        • Frame Relay 101
        • Frame Relay 102
        • Frame Relay Encapsulations – IETF vs Cisco
        • Multilink Frame Relay
        • Frame Relay Switching
        • Routing over Frame Relay
      • Bridging
        • Bridging on a router
        • MTU 101
    • Wireless
      • Wireless Principles
      • Wireless Implementations
      • Wireless Roaming
      • Wireless Authentication
        • WPA2 PSK
        • WPA2 802.1X
  • IPv4
    • IPv4 Addressing
      • Backup Interfaces
      • FHRP 101
      • DHCP 101
      • DNS 101
      • ARP 101
      • IPv4 101
      • Tunnel Interfaces
        • GRE Tunnels
      • BFD – Bidirectional Forwarding Detection
    • IPv4 Routing
      • How the routing table is built
        • How CEF works
        • Routing Order of Operations
        • NSF – Non Stop Forwarding
      • RIP
        • RIP 101
      • EIGRP
        • EIGRP 101
        • EIGRP Metric
        • More EIGRP Features
      • OSPF
        • OSPF 101
        • OSPF Areas
        • OSPF LSAs
        • OSPF Mechanics
      • IS-IS
        • IS-IS 101
        • IS-IS Mechanics – CLNP
      • BGP
        • BGP 101
        • BGP Attributes
        • More BGP
      • Route Redistribution
      • Policy based Routing
      • PfR 101 – Perfromance Routing
      • ODR
  • IPv6
    • IPv6-101
    • IPv6 Routing
    • Interconnecting IPv6 and IPv4
  • MPLS
    • MPLS 101
    • MPLS L3 VPN
  • Multicast
    • Multicast 101
    • PIM 101
    • IGMP 101
    • Inter Domain Multicast
    • IPv6 Multicast
    • Multicast features on switches
  • Security
    • NAT 101
    • NAT for Overlapping Networks
    • ACLs 101
    • ACLs 102
    • Cisco IOS Firewall
    • Zone Based Firewall
    • AAA 101
    • Controlling CLI Access
    • Control Plane
    • Switch Security
      • Switchport Traffic Control
      • Switchport Port Security
      • DHCP Snooping and DAI
      • 802.1x
      • Switch ACLs
    • IPSec VPN 101
      • IKE / ISAKMP 101
      • IPSEC Crypto Maps 101
      • IPSEC VTI 101
      • DMVPN 101
    • EAP 101
  • Network Services
    • NTP 101
    • HTTP 101
    • File Transfer 101 – TFTP & FTP
    • WCCP 101
  • QoS
    • QoS 101
    • Classification and Marking
    • Congestion Management
      • Legacy Congestion Management
      • SPD – Selective Packet Discard
      • CBWFQ
      • IP RTP Priority
    • Congestion Avoidance – WRED
    • Policing and Shaping
      • CAR 101
    • Compression and LFI
      • Header and Payload Compression
      • LFI for MultiLink PPP
    • Frame Relay QoS
      • Per VC Frame Relay QoS
    • RSVP 101
    • Switching QoS
  • Network Optimization
    • NetFlow 101 – TNF – Traditional NetFlow
    • NetFlow 102 – FNF – Flexible NetFlow
    • IP SLA 101
    • IP Accounting 101
    • Logging 101
    • SNMP and RMON 101
    • Cisco CLI Tips and Tricks
    • AutoInstall
    • Enhanced Object Tracking
    • Troubleshooting 101
    • SPAN, RSPAN, ERSPAN
  • Network Architecture
    • Hierarchical Network Architecture
    • SD Access
    • SD WAN
Powered by GitBook
On this page
  • Classification
  • Classification using MQC
  • Legacy methods of classification
  • NBAR
  • Marking
  • Layer 2 Marking
  • Layer 3 Marking
  • Marking with MQC
  • Other ways to mark

Was this helpful?

  1. QoS

Classification and Marking

Classification

Classification using MQC

Classification is the process of assigning a packet to a category. QoS parameters are assigned to each category, therefore a different QoS level is applied for each packet. Classification of the packets can be done using information at Layer 2, Layer 3, Layer 4 or even Layer 7 (via NBAR). Classification is the first step in applying QoS policies and it can be done in several ways. Probably the most used method is via the MQC module of CLI. Inside a class-map define the match criteria using:

R(config-cmap)# match ATTRIBUTE VALUE

The attributes that can be used for a match include ACLs, other class-maps, source or destination MAC Addresses, Layer 3 DSCP, IP Precedence, Layer 2 CoS, etc:

R(config-cmap)#match ?
  access-group         Access group - match using ACL
  any                  Any packets
  class-map            Class map
  cos                  IEEE 802.1Q/ISL class of service/user priority values
  destination-address  Destination MAC address
  discard-class        Discard behavior identifier
  dscp                 Match DSCP in IP(v4) and IPv6 packets
  fr-de                Match on Frame-relay DE bit
  fr-dlci              Match on fr-dlci
  input-interface      Select an input interface to match
  ip                   IP specific values (DSCP values, IP Precedence, RTP Ports)
  mpls                 Multi Protocol Label Switching specific values (EXP)
  not                  Negate this match result
  packet               Layer 3 Packet length
  precedence           Match Precedence in IP(v4) and IPv6 packets
  protocol             Protocol
  qos-group            Qos-group
  source-address       Source MAC address

Legacy methods of classification

NBAR

NBAR is an advanced classification feature that is able to identify Layer 7 – Application traffic. To use NBAR in a class-map you have to use:

R(config-cmap)# match protocol PROTOCOL [OPTIONS]

NBAR has built-in support for most applications, but additional modules can be added either from a file:

R(config)# ip nbar pdlm PDLM-FILE

or by manual definition:

R(config)# ip nbar custom CUSTOM-NAME ...

NBAR Protocol Discovery

NBAR Protocol Discovery is a simple method of finding out what protocols run in the network. When enabled, it will start to account for the total number of bytes and packets for each type of protocol that is incoming or outgoing on the interface. It will also compute average bit rates. To enable NBAR Protocol Discovery, use:

R(config-if)# ip nbar protocol-discovery

To view the statistics, use:

R# show ip nbar protocol-discovery ...

Marking

Usually, traffic classification is only performed at the network edge. Each packet will be considered as part of a class, and that class identifier will be inserted in the packet header. Marking a packet for QoS can be done at layer 2 or layer 3. Layer 2 markings can only be inserted if the encapsulation type permits, while Layer 3 markings use the IPv4 or IPv6 ToS Byte.

Layer 2 Marking

On Ethernet links, a 3 bit CoS field (Class of Service) is encoded inside the 3 bits PRIORITY field of 802.1q, or inside the 4 bits USER field of ISL. This QoS information can only be used on trunk links, and there is no mechanism to carry it on access ports.

On Frame Relay links, we have 1 bit, called the “Discard Eligible” bit that can be used to mark traffic that exceeds the configured level of service.

MPLS also offers support for QoS markings inside its EXP field.

Layer 3 Marking

For Layer 3 marking we use the Type of Service byte from the IPv4 header or the Traffic Class byte from the IPv6 header. Over the years, the interpretation of the IPv4 ToS byte has changed. First, only the 3 most significant bits were used for QoS. On 3 bits, only 8 classes could be encoded, and this was called IP Precedence. Later, the first 6 bits where used as the DSCP (Differentiated Services Code Point). The DSCP field was interpreted in such a way that was going to be backwards compatible with IP Precedence. A DSCP Class Selector has the same value for the 3 most significant bits as the IP Precedence.

IP Precedence

IP Precedence uses only the first 3 bits of the ToS field, so it offers support for only 8 markings. Actually, only 6 are available, since IP Precedence 6 (internet) and 7 (network) are reserved for network control protocols like routing updates.

IP Precendece Bits
IP Precedence
DSCP Bits
DSCP Class Selector

000

0 – Routine

000 000

CS0

001

1 – Priority

001 000

CS1

010

2 – Immediate

010 000

CS2

011

3 – Flash

011 000

CS3

100

4 – Flash Override

100 000

CS4

101

5 – Critical

101 000

CS5

110

6 – Internetwork Control

110 000

CS6

111

7 – Network Control

111 000

CS7

DSCP

DSCP was introduced to allow a higher granularity of network traffic but also to provide compatibility with IP Precedence. Therefor the class system was used, where the available values are grouped into classes according to the first 3bits of the DSCP field. The values with 0 in the last 3 bits are called CS (Class Selectors) and they map to the 8 values of IP Precedence. CS0 is the default DSCP value of a packet. It represents a DSCP field with all zeros (000000) and matches to IP Precedence 0. CS1 through CS4 constitute the AF (Assured Forwarding) Classes. AF classes are further subdivided according to the Drop probability. These PHBs are noted AFxy. A higher x means traffic of higher priority, while a higher y represents traffic with a higher drop probability. AFxy is equivalent to a DSCP value of 8*x + 2*y. Bitwise, the x value is encoded in the 3 most significant bits of DSCP, while y is encoded in the next 2 bits. The last bit is always 0. When using DSCP,the highest priority PHB is EF (Expedite Forwarding) and it has a DSCP value of 46 (101 110)

Drop probability
CS 0
CS 1
CS 2
CS 3
CS 4
CS 5
CS 6
CS 7

Low

AF11 DSCP 10 001 010

AF21 DSCP 18 010 010

AF31 DSCP 26 011 010

AF41 DSCP 34 100 010

Medium

AF12 DSCP 12 001 100

AF22 DSCP 20 010 100

AF32 DSCP 28 011 100

AF42 DSCP 36 100 100

High

AF13 DSCP 14 001 110

AF23 DSCP 22 010 110

AF33 DSCP 30 011 110

AF43 DSCP 38 100 110

EF DSCP 46 101 110

Marking with MQC

Now, how do we configure a Cisco router to mark the packets? When selecting a class, inside a policy, we can instruct the router to mark the traffic with the appropriate PHB before sending out the packet. This is done using the set command:

R(config)# policy POLICY
R(config-pmap)# class CLASS
(config-pmap-c)# set ATTRIBUTE VALUE
!The attributes that can be set:
R(config-pmap-c)#set  ?
  atm-clp        Set ATM CLP bit to 1
  cos            Set IEEE 802.1Q/ISL class of service/user priority
  discard-class  Discard behavior identifier
  dscp           Set DSCP in IP(v4) and IPv6 packets
  fr-de          Set FR DE bit to 1
  ip             Set IP specific values (IP Precedence, DSCP)
  mpls           Set MPLS specific values (EXP)
  precedence     Set precedence in IP(v4) and IPv6 packets
  qos-group      Set QoS Group

When this policy is used on an interface, it will mark the packets that are matched by each class according to the ATTRIBUTES and VALUES used in the set command.

When setting some attributes like CoS, DSCP or IP Precedence, you can use a table map to configure an automatic conversion from one marking to another:

R(config)#table-map TABLE
R(config-tablemap)# map from VAL-FROM to VAL-TO

You can use this table with some set commands.

Other ways to mark

PreviousQoS 101NextCongestion Management

Last updated 3 years ago

Was this helpful?

Legacy methods of performing traffic classification are used by , or .

There are other features that can be used to mark the packets, like or .

CAR
CQ
PQ
CAR
Policing and Shaping