Introduction to QoS (Quality of Service)

Hi Rene and staff,

i would suggest that TCP window (size) should be clarified in the lesson Intro to QoS
A comprehensive way for me is written below

First we have a basic mecanism, that is RWND, (also called slide windows, widows size ) in the TCP header: this mecanism prevent the sender to send no more packets that the receiver can hold. If the sender send more packets than the receiver can hold, you create congestion INSIDE the receiver.
But congestion can occur not only inside the receiver but mainly all along the path in routers that you dont know the way they are working, and RWND can do nothing for that !!

So there are another mecanisms/algorithms implemented by TCP: calculation of CWND.
The question is: how some mecanisms/algorithms in L4 can detect a congestion in L3, and make a flow TCP L4 taking the maximum L3 BW available, avoiding congestion all along the path, without any information from the routers along the path, simply just talking with the receiver: this is the magic !
So CWND is just a “window” that is calculated by the sender (not exchanged in the TCP header with the receiver on the contrary of RWND): the calculation is made by these algorithms to go as fast as possible to the best limit available to send packets, avoiding congestion: magic !!

So when WRED drop packets related to a TCP flow (randomly) inside a queue , recalculation of CWND is triggered at the sender (because it do not receive ACK for this packet from the receiver) and the flow TCP is lowered by the sender, and finaly congestion can be avoided in the queue. (Also these mecanisms allow to avoid TCP synchronisation)

To be exhaustive (?), a third mecanism is bits ECN in TOS used by L3 and L4

Hope this is right and helpful
Regards

Hello Dominique

Thanks for sharing this information, it is indeed useful for dealing with congestion and understanding various aspects of QoS.

The CWND is used in a feature of TCP called slow start, and you describe it in your post, and it is also further described in the following lesson:

I hope this has been helpful!

Laz

1 Like

Okay, so maybe a feedback on the content.

When there is no packet loss, the window size will increase, doubling every time. Below you can see that hat H2 receives a single TCP segment which is acknowledged. H2 will then inform H1 that the window size can be increased.

This behaviour, of doubling, that is being described in the congestion control section is not for advertised window size but for the congestion window. And this is part of the slow start algorithm. Might be nice to update the article.

On our core-(aggregation-)switch (Cisco 3560E) MLS QoS is enabled and
causes a lot of output drops on those ports with connected access switches.
See the following “sho int” message:

GigabitEthernet0/7 is up, line protocol is up (connected)
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 570205
5 minute output rate 48566000 bits/sec, 10676 packets/sec
…
GigabitEthernet0/9 is up, line protocol is up (connected)
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 24916656
…

For optimizing the network we do not need QoS and want to disable
this feature with the command “no mls qos”.
Will any disruption occur in our production network?

Regards
Rainer

Hello Rainer

By issuing the no mls qos command, you will not disrupt the functionality of the device. It will continue to forward traffic normally, but it will simply stop enforcing any QoS mechanisms that may be configured. Even so, it is still a good idea to implement this during a maintenance window.

Keep in mind that although the command itself will not stop the device from continuing to function, it will suddenly change the way that traffic flows on the network. This can have some unpredictable results like unexpected congestion and bottlenecks at various locations. When you do implement this change, make sure that you are on hand to monitor the behaviour of the network and to ensure that it indeed is functioning within normal parameters. You should monitor the network during the next few days as well, especially during peak hours to verify that you are getting the expected results from your change.

Let us know how it goes!

I hope this has been helpful!

Laz

1 Like

I trust everyone is keeping well during the current pandemic. I am working on a QoS assignment in Packet Tracer file and need a little guidance please.

I have been asked to include as many elements as needed to demonstrate an overall knowledge of the design of a secure, durable and scalable converged network for such new development.

The given design considerations are:

• Voice applications traffic, generated by voice-related applications (such as contact call centres)
• Mission-critical traffic, generated, for example, by database applications
• Transactional traffic, generated by e-commerce applications
• Routing update traffic from routing protocols such as Enhanced Interior Gateway Routing Protocol (EIGRP)
• Bulk transfer (such as file transfer or HTTP), considered best-effort traffic

The tasks are:

  1. Design Queuing strategies to cope with the traffic mix mainly at Sligo
  2. Using Access Control Lists (ACL’s) to segregate your different traffic classes
  3. Using the ACL’s then create class maps to cope with the different traffic flows
  4. Create policy maps to contain these class maps
  5. Insert the policy maps at the relevant points on the network
  6. Demonstrate where traffic policing will be implemented within the network
  7. Show also where traffic shaping will take place on the network
  8. Show how PPP multilink could be used and apply if necessary
  9. Show how header compression can be used on the WAN link
  10. Any other scenario which you may consider appropriate

I have created the ACLs based on TCP/UDP ports for the Voice, Video, Mission-Critical, Signalling, Transactional-Data and Bulk-Data. I have created the corresponding Class-Maps. I have created the Policy-Map.

policy-map WAN
!
class Voice
priority percent 18
set precedence 5
!
class Video 
Priority percent 15
set precedence 4	
!
class Signalling 
bandwidth percent 5
set precedence 3
!
class Mission-Critical-Data
bandwidth percent 10
set precedence 3
random-detect prec-based
!
class Transactional-Data
bandwidth percent 7
set precedence 2
random-detect prec-based
!
class Bulk-Data
bandwidth percent 4
set precedence 1
random-detect prec-based
!
class Class-Default
bandwidth percent 25
set precedence 0
fair-queue
!

Configuration questions I have and would appreciate some help in understanding are:

  1. Where to place the policy?
    I believe the configured policy-map should in the outbound direction of the Serial 0/0/0 interface

  2. What QoS information should be configured on the Dublin router?

  3. Do I need to include an ACL, CLass-Map and update the Policy for EIGRP updates a Precedence 6?

Thank you in advance for your help.

1 Like

Hello Martin

This depends on what you want to achieve. What part of your network do you want QoS mechanisms to take place? Usually, this should be wherever you expect to see congestion. On your network, the WAN link is probably where you would most likely see congestion, so I agree, that QoS should be applied on the outbound interface of the Sligo router. Remember that QoS mechanisms can only be applied on interfaces in an outbound direction. Incoming traffic cannot be shaped, as an interface cannot control egress traffic.

Now having said this, where else on your network do you think you may need to implement QoS? It can be implemented on trunk networks as well where CoS values are taking into account in the VLAN tag of the Ethernet frame. You can find out more about L2 QoS at the following lesson:

QoS mechanisms should be implemented in the Dublin router if you choose to also apply these mechanisms for traffic from Dublin to Sligo. It would only make sense to do so, since traffic for such applications is usually symmetric (approximately the same volume of traffic in both directions). These should be similar or the same as those implemented at Sligo.

IP Precedence of 6 is automatically assigned to EIGRP packets, so adding a policy for this will also include EIGRP updates in the QoS mechanisms.

I hope this has been helpful!

Laz

2 Likes

Thank you so much Laz. that’s greta help!

So traffic policing should be applied within the network where faster interfaces merge into slower interfaces or where multiple interfaces of the same speed converge and queues may form. In this case the switch interface to router (trunk link), and router to WAN (serial) interface - both in the outgoing direction.

Traffic shapping should take place on the WAN (serial) interface.

However, I don’t know how PPP multilink could be used and applied or how header compression can be used on the WAN link?

Are there any other scenario which could be considered appropriate please?

Hello Martin

The general rule of thumb is, if you have time sensitive traffic on your network (voice, video, mission critical traffic, etc) then you should employ QoS mechanisms everywhere you can within your network. This means trunks, and Layer 3 links.

Remember that QoS mechanisms will only “kick in” when there is congestion. You may never need them, they may actually never be used, but it’s always good to have them, because user traffic can be unpredictable, and will eventually create congestion at one time or another.

So to answer your question directly, anywhere where you have a trunk, or a layer 3 link, it’s good to employ them. You describe very well the reasons and the situations that this is necessary when you state:

Now you use the terms policing, and shaping, but these are two different features. Policing will drop any packets that are violating the required speed limitations, while shaping will attempt to queue any exceeding traffic, and buffer it so it will not be lost. Although these are considered QoS mechanisms, their purpose is to rate limit traffic on particular interfaces. As a result, they can both be detrimental to time sensitive data such as voice, because they will either drop packets, or delay packets, both of which are not good for voice.

What you need to apply is a policy map that creates priority queues. This is what you have already done, so I think the problem here is more with the terminology rather than the application. These prioritization techniques are further described in the lessons below.

PPP Multilink would not be used in your topology, because you only have a single serial link. Multilink is used when there is more than one serial link between two routers.
Header compression on the other hand may be useful, but it is designed to be used on slow serial links of 32 Kbps or less. Only at these speeds does header compression produce a significant performance improvement.

I hope this has been helpful!

Laz

2 Likes

Hi,

Can you explain the difference between bit rate and bandwith?
I think that bit rate is the actual trasmission speed in b/s and the term ‘bandwith’ indicate the maximum amount of data that a cable can carrie on.

Am I correct??
Thanks

Hello Giovanni

There are various terms used to specify the speed at which data moves on a network. Speed, bandwidth, bit rate, throughput, data rate… All of these terms, and others as well, are used differently by different people and in different contexts. However, generally accepted definitions for the terms you used in the context of networking are:

Bandwidth - The maximum rate of data transfer across a given path. So, for communication over a FastEthernet link, for example, the available bandwidth is 100Mbps.

Bit-rate - The number of bits that are transmitted over a unit of time. This may refer to the actual bit rate at a particular instance, or the maximum available transmission rate over a particular path. This depends upon the context in which it is being used.

The context, as mentioned above, is of utmost importance when determining the meaning in the use of these terms. Because these terms are often used incorrectly, the context is usually the most reliable information to be used to determine the real meaning of what is being said.

I hope this has been helpful!

Laz

1 Like

Hello everyone. I’m new here on the portal but I found it very useful for everyday life. I have a problem to limit the bandwidth of clients in the IOS XR of a 9006. I am proceeding with the blocking according to what was done in the other versions but the same is not working. Can someone help me with this configuration?

ipv4 access-list FILEMON
 10 permit ipv4 any any
!
class-map match-all FILEMON
 match access-group ipv4 FILEMON 
 end-class-map
!
policy-map FILEMON
 class FILEMON
  police rate 3000000000 bps 
   conform-action transmit
   exceed-action drop
  !
interface Bundle-Ether4.1620
service-policy output FILEMON

!

Bundle-Ether4.1620 output: FILEMON

Class FILEMON
Classification statistics (packets/bytes) (rate - kbps)
Matched : 17597918/23085533174 3965118
Transmitted : N/A
Total Dropped : 0/0 0
Policing statistics (packets/bytes) (rate - kbps)
Policed(conform) : 17597918/23085533174 3965118
Policed(exceed) : 0/0 0
Policed(violate) : 0/0 0
Policed and dropped : 0/0
Class class-default
Classification statistics (packets/bytes) (rate - kbps)
Matched : 0/0 0
Transmitted : N/A
Total Dropped : N/A

I would like to block this client’s link at 3Gbps but it is not working.

Hello Filemon

At first glance, your configuration looks good. From your output, it seems that all traffic conformed to the policer, and was simply transmitted. What troubles me, and what is probably central to your question, is that the rate in kbps it states is 3965118 or 3.9Gbps, which is beyond the 3Gbps of the policer. In addition, we see N/A in the Transmitted value. Note also that all the traffic is considered conforming.

I suggest you consider the following to continue troubleshooting:

  1. Ensure that traffic is being transmitted and is actually passing through and getting to its destination. Note that your access list is matching all IPv4 traffic. Is there any IPv6 traffic on the network?
  2. Reduce the police rate in the policy-map to a very low number like 1 Mbps and make the exceed action transmit, (if this is a production network, such a configuration will not affect user traffic) and see if all of that excess traffic is still considered conforming or exceeding. This will allow you to see if it is simply a volume of traffic issue, or some misconfiguration.
  3. I notice that you’ve applied the policer to an Ethernet Bundle. QoS on bundles is measured differently, and may actually exceed the maximum of the policer depending on how load balancing across the individual links takes place. Take a look at the following Cisco documentation to see this in detail:

I hope this has been helpful!

Laz

1 Like

Hi,
This is the first time I use this forum.
I’m study for exam Cisco encore exam.
I’m now reading about QoS.
I alleways learned that you can only add QoS when you have a 1:1 connection.
I do not read anyting about this. why?

Hello Ronald

Great to have you with us! I’m not sure what you mean when you say 1:1 connection, however, QoS involves many mechanisms used to ensure that specific types of traffic get priority whenever there is congestion on the network. QoS includes things like markings of the headers of IP packets, CoS values in the tags of frames on Layer 2, as well as policing and shaping.

QoS markings in IP packets and frames are simply the way that data is catagorized on the network. It is used to identify what traffic should have special treatment, or priority. Shaping and policing are policies that are applied on specific interfaces that, when they experience congestion, will begin to function based on the markings of the packets/frames being processed, as well as on other configured parameters.

More about these can be found in the lessons within the QoS course:

I hope this has been helpful!

Laz

1 Like

Hello,
Thanks for this course, it is very complete and easy to understand. I have some questions.

  1. Is the congestion avoidance only for TCP traffic?

  2. In 3.2, you said congestion management is named “queue”? is it Cisco naming or is it universal?

  3. What is the difference between “tail drop” and “queue starvation”?

  4. I have seen a question above about the behaviour of shaping when downloading a file for example. Does it make sense when we say “shaping in downlink”? Isn’t just the ISP policing which takes effect?

  5. I see that traffic policies are always configured in an interface. is there a possibility to get the link congested but the interface not? because in this case, the QoS management will not take effect.

Thanks in advance.

1 Like

Hello Bousso

Yes. Congestion avoidance relies on the TCP window size mechanisms kicking in when segments are purposefully dropped. This mechanism will not work for UDP traffic.

In this section, Rene mentions that congestion management is achieved by using queueing mechanisms. This is something that is performed by all networking equipment and is not exclusive to Cisco.

Tail drop occurs when you have a single queue that becomes full, and the next packet to arrive cannot enter the queue, and is thus dropped.

Queue starvation occurs when you have multiple queues on an interface, one of which is the priority queue. The priority queue is always served first, and the rest of the queues must wait. However, if you have enough priority traffic, it may happen that the scheduler is so busy serving the priority queue that the other queues are never served. When the non-priority queues get full, the next packets trying to enter them will be dropped, resulting in queue starvation. To resolve this, a limit is set on the priority queue to ensure that queue starvation is avoided.

Now both tail drop and queue starvation essentially look the same (packets trying to enter a full queue are dropped), but they occur due to different circumstances, and in different queueing scenarios, and this is what makes them different.

Both policing and shaping can be configured on the ISP, on an enterprise’s edge router, or on both! It really depends on what you want to achieve. For example, your ISP may apply policing on both upload and download data, which means they will drop packets that exceed the limits they place. In order to avoid losing those packets, you can set up an additional shaping policy on your edge device which will ensure that data will be sent to the ISP at speeds below their policing thresholds, while still attempting to avoid dropping packets by employing queueing. (See this section to refresh your memory on the difference between policing and shaping). So the words you use to describe it depend on what has been configured and on what device(s).

QoS mechanisms will “kick in” only when there is congestion. If there is no congestion, all arriving packets are immediately served. Congestion that occurs on the interface in an outbound direction can have QoS mechanisms applied. Congestion can occur in an inbound direction as well, but there is no way to employ QoS as an interface is obligated to simply receive whatever traffic it is sent, and has no way of queuing anything if more traffic arrives than it can handle. It is the responsibility of the interface on the other end to employ QoS so that incoming traffic on the local interface does not overwhelm it.

Now you are making a distinction between a link and an interface, but these are essentially the same. The actual wire (if that’s what you mean by link) will not be able to carry anything more than whatever the interface sends. The wire is not a limiting factor (unless you are trying to run GigabitEthernet over a category 3 UTP cable!), and even if it was, there are no mechanisms on the wire itself to employ QoS. All the intelligence and mechanisms occur at the interfaces.

I hope this has been helpful!

Laz

1 Like

Wonderful!
Thanks a lot Laz :slight_smile: .

Bousso

1 Like

Hi Guys,

I have a small office where we have a firewall and 2 switches (cisco 3750 and 2960). I have 4 Voip phones and the calls have been dropped for sometimes during busy day.

I have a lease circuit which has 60Mbps connection. we have VPN ipsec tunnel setup between the office and head quarter (attachment), all traffic is routed back to head quarter.

I’d like to reserve 30Mbps out of 60Mbps for Voip and video traffic and the rest for other traffics. how do setup this up with QoS on the switches?
Thanks.

Hello Tom

The first thing you should do is to determine how much bandwidth your voice and video will require. For a remote site with only four IP phones, 30Mbps is way too much. If you’re using the G711 codec, each conversation, along with headers, will consume close to 90 Kbps according to Cisco. For four conversations, that’s a maximum of 360Kbps. Now an HD video transmission shouldn’t take more than about 4 or 5Mbps, while lower quality video will take much less than that. That should give you an idea of what kind of bandwidth you should be reserved on the link.

As for the application of QoS on the IP phones, you must identify the traffic you want to prioritize, and then to apply the QoS mechanisms to do this.

For the first, you can take a look at these lessons which talk about the classification of traffic, ways in which you can mark this traffic for special treatment, and methods of doing this at both Layer 2 and Layer 3, depending upon your topology.



The classification and marking will be applied on the switch, so that voice traffic can be identified. The next thing you have to do is apply QoS mechanisms at the appropriate location on the network in order to provide the desired special treatment of the voice packets. Specifically, you want to apply this to the VPN connection. You can do this by either applying shaping or policing. You can find out more about these, including their differences at the following lessons:



Because these lessons deal with QoS on IOS devices, you can find out more about how QoS can be applied to Cisco ASA devices as well, so that the QoS can be implemented on your VPN:

I hope this has been helpful!

Laz