Classification and Marking

Classification refers to the process of matching fields in the headers to take some type of QoS action on the packet. These fields can include all the normal fields filtered by ACLs, as well as the Type of Service (ToS) field in an IPv4 packet or Traffic Class field in an IPv6 packet.

Marking refers to the process of changing bit values in the ToS or Traffic Class field. The contents of these two fields are identical, as Figure 6-3 shows.

Figure 6-3 highlights the Differentiated Services Code Point (DSCP) bits, which are the core of the Differentiated Services (DiffServ) model for QoS. QoS tools can use the 2 bits allotted for IP Explicit Congestion Notification (ECN) to inform downstream routers of congestion in the traffic flow.

DSCP and IPP

As standardized in RFC 2474, the 8 DSCP bits provide 64 different classifications that QoS can use. This is a vast improvement over the eight classifications allotted for the 3 bits in the previous IP Precedence (IPP) field (RFC 791). For backward compatibility, the DSCP bits include the Class Selector (CS) values that are designated to match the IPP bits, as in Figure 6-4.

For Layer 2 trunk links, the third byte of the 4-byte 802.1Q header is reserved for Class of Service (CoS), and QoS tools can use it to mark frames. However, this field exists only as long as the frame is traversing trunk links, as Figure 6-5 shows. To continue the same level of service as traffic is routed on Layer 3, the ToS field must be marked.

Additional fields that can be marked for QoS include the Traffic Identifier (TID) field in the 802.11 frame and the EXP field in MPLS. Table 6-1 lists all the QoS fields.

Field	Name Header(s)	Length (bits)	Where Used
DSCP	IPv4, IPv6	6	End-to-end packet
IPP	IPv4, IPv6	3	End-to-end packet
CoS	802.1Q	3	Over VLAN trunk
TID	802.11	3	Over Wi-Fi
EXP	MPLS Label	3	Over MPLS WAN

Note:

The MPLS EXP field was renamed the Traffic Class field in RFC 5462. However, EXP is still commonly used. The EXP name comes from the designation “experimental use.”

EF and AF

Expedited Forwarding (EF) is a single DSCP decimal value of 46 that is suggested for use with packets that require low latency, low jitter, and low loss. QoS implementations typically use EF to mark voice packets.

Assured Forwarding (AF), specified in RFC 2597, defines a set of 12 DSCP values that are arranged in a matrix, as in Figure 6-6.

The four rows in Figure 6-6 show the queue priorities. The three columns show the drop priority. The AF names follow the format AFXY, where X refers to the queue and Y refers to the drop priority.

Congestion Management

Congestion management refers to the QoS tools used to manage queues as packets wait to exit an interface. Most networking devices can have a queuing system that can classify packets into multiple queues. A scheduler then decides which message to take next when the interface becomes available.

A popular tool is Class-Based Weighted Fair Queueing (CBWFQ), which assigns classes of traffic to queues and guarantees a minimum bandwidth for a queue. The scheduler then uses a round-robin algorithm to cycle through the queues in order, as in Figure 6-7.

However, CBWFQ alone does not satisfy the needs of the most time-sensitive traffic type during periods of heavy bandwidth congestion. Each voice call needs between 30 and 320 kbps, maximum delay of 150 ms, maximum jitter of 30 ms, and less than 1% packet loss. The solution is to add Low Latency Queueing (LLQ) to CBWFQ. The scheduler always takes the next voice packet from the LLQ, as Figure 6-8 shows.

Policing, Shaping, and TCP Discards

Two tools that can help manage and avoid congestion on heavily utilized links are policing and shaping. Although these tools are not commonly used throughout the enterprise, they are particularly helpful at the WAN edge. Both tools attempt to keep the bit rate at or below a specified speed. Policers drop packets, and shapers delay packets by placing them in a queue.

Policing makes sense at the WAN edge. For example, consider a Metro Ethernet WAN link that is contracted to allow no more than 200 Mbps, as in Figure 6-9.

The service provider (SP) uses policing to match the Committed Information Rate (CIR). If the customer exceeds the 200-Mbps CIR, the SP can drop the excess packets or remark the excess packets but still allow them through. Later, the excess packets can be discarded if the SP’s network experiences congestion. Policing features include the following:

• Measure traffic over time and compare to a configured policing rate

• Allow for bursting traffic during slow times

• Discard excess messages or remark for discard later if congestion occurs downstream

On the customer side of the link in Figure 6-9, the network administrator can use a shaper to slow traffic to match the 200-Mbps CIR. The shaper slows traffic by queuing packets and then scheduling packets based on the shaping rate, as Figure 6-10. shows.

Shaping cannot slow the physical speed of an interface. Instead, it sends and waits. For example, with a 200-Mpbs CIR and a 1000-Mbps interface, the shaper sends traffic at 1000 Mbps 20% of the time. The other 80% of the time, the shaper is waiting.

This send–wait tactic can adversely impact time-sensitive voice and video traffic. Therefore, it is recommended that you set the time interval to 10 ms. Then the shaper will send 1000 Mbps for 2 ms and wait for 8 ms. This ensures that a voice packet will not have to wait more than 10 ms before being sent, which is well below the 150 ms maximum delay requirement.

The key features of shapers follow:

• Measure traffic over time and compare it to a configured shaping rate

• Allow for bursting traffic during slow times

• Slow packets by queuing them and, over time, releasing them from the queue at the shaping rate

QoS and TCP

Without congestion-avoidance tools, tail drop can occur (see Figure 6-11).

As the lower queues fill up, the packets received last are dropped.

TCP’s connection-oriented services help QoS tools minimize tail drop. Recall that TCP uses a windowing process between sender and receiver to dynamically change the amount of data that is sent before an acknowledgment must be received. QoS tools can exploit this windowing feature by discarding some TCP segments before the queues fill. This forces the TCP connections to slow, reduces congestion, and avoids tail drop.

QoS tools monitor the depth of the queues over time. Configured thresholds specify what percentage of TCP packets should be dropped as the queue fills, as in Figure 6-12.