QOS - Classification and Marking Flashcards
What is Packet Classification?
A QoS mechanism responsible for distinguishing between different traffic streams.
What are 7 Traffic Descriptors used for Classification?
- Internal: QoS groups (locally significant to a router) * Layer 1: Physical interface, subinterface, or port * Layer 2: MAC address and 802.1Q/ p Class of Service (CoS) bits * Layer 2.5: MPLS Experimental (EXP) bits * Layer 3: DSCP, IP Precedence (IPP), and source/ destination IP address * Layer 4: TCP or UDP ports * Layer 7: NBAR2
What is NBAR2?
A deep packet inspection engine that can classify and identify a wide variety of protocols and applications using Layer 3 to Layer 7 data, including difficult-to-classify applications that dynamically assign TCP or UDP port numbers.
What are NBAR2 two modes of operation?
- Protocol Discovery mode * Modular QOS CLI (MQC)
What are 2 things about NBAR2 Protocol Discovery Mode?
- It enables NBAR2 to discover and get real-time statistics on applications currently running in the network * These statistics can be used to define QoS classes and policies using MQC configuration.
NBAR2 Modular QOS CLI (MQC)
Network traffic such as Cisco Webex placed into one traffic class, while YouTube traffic placed into another traffic class.
What happens after traffic has been classified by NBAR2 in MQC mode?
Different QoS policies can be applied to the different classes of traffic.
What is Packet Marking?
A QoS mechanism that changes a field within a packet or a frame header with a traffic descriptor so it is distinguished from other packets during the application of other QoS mechanisms (such as re-marking, policing, queuing, or congestion avoidance).
What are 4 descriptors used for Marking traffic?
- Internal: QoS groups * Layer 2: 802.1Q/ p Class of Service (CoS) bits * Layer 2.5: MPLS Experimental (EXP) bits * Layer 3: Differentiated Services Code Points (DSCP) and IP Precedence (IPP)
What is the descriptor Internal: QOS groups?
Used by the router to mark packets as they are received and processed internally within the router and are automatically removed when packets egress the router.
When would a router use QOS groups descriptor?
Used only in special cases in which traffic descriptors marked or received on an ingress interface would not be visible for packet classification on egress interfaces due to encapsulation or de-encapsulation.
What are the 2 fields inserted into an 802.1q header?
- Tag Protocol ID (TPID) * Tag Control Information (TCI)
How big are the 2 fields inserted into an 802.1q header?
Each of the 2 fields are 2 bytes.
In an ethernet frame where is the 802.1q header located?
Behind the Source MAC address field
What is the TPID value?
0x8100 which identifies it as an 802.1q tagged frame
What 3 fields make up the TCI ?
- Priority Code Point (PCP) * Drop Eligible Indicator (DEI) * VLAN ID
What are the sizes of each of the 3 fields that make up the TCI?
- PCP 3 bits * DEI 1 bit * VLAN ID 12 bits
Which of the 3 fields are used for layer 2 QOS?
PCP
How many levels of COS are in the PCP?
8 levels - 0 thru 7
What are the 8 COS levels?
- Level 0 - BK - Background * Level 1 - BE - Best Effort * Level 2 - EE - Excellent Effort * Level 3 - CA - Critical apps * Level 4 - Video * Level 5 - VO - Voice * Level 6 - IC - Internetwork Control * Level 7 - NC - Network Control
In COS levels 4 and 5 what is the specified latency?
- Level 4 - VI - less than 100 ms latency and jitter * Level 5 - VO - less than 10 ms latency and jitter
What is the one drawback to using COS markings?
Frames lose their CoS markings when traversing a non-802.1Q link or a Layer 3 network.
How is the COS drawback overcome?
- Use higher layer markings whenever possible * the CoS priority levels correspond directly to IPv4’ s IP Precedence Type of Service (ToS) values so they can be mapped directly to each other
What is the default value of the DEI field and what does it mean?
- Default value is 0 * It means the frame cannot be dropped
Which field in an IP packet has been used in the past for QOS marking?
ToS byte
How big is the ToS field and how are the bits used?
- 8 bits * Only the first 3 are used for marking * The rest of the bits were unused
What is another name for the first 3 bits of the ToS byte?
IP Precedence
How many usable classes does IPP allow for?
- 8 values - 0 thru 7 * 6 and 7 are reserved
How have newer standards redefined the ToS byte?
Now defined as DiffServ field
What is the name of the ToS field in IPv6?
Traffic Class
What makes up the DiffServ field?
- 6 bit DSCP field * 2 bit Explicit Congestion Notification (ECN)
What makes DiffServ backward compatible with PCP?
3 bits of PCP line up with 3 bits of the DSCP field
How many values does the 6 bit DSCP field allow for?
64 values - 0 thru 63
What is the DSCP field used for?
It is used to mark packets according to their classification into DiffServ Behavior Aggregates (BAs).
What is a DiffServe Behavior Aggregate (BA)?
It is a collection of packets with the same DiffServ value crossing a link in a particular direction.
What is Per Hop Behavior (PHB)?
The externally observable forwarding behavior (forwarding treatment) applied at a DiffServ-compliant node to a collection of packets with the same DiffServ value crossing a link in a particular direction
What is the advantage of identifying a DiffServ Behavior Aggregate?
The core of the network applies a single PHB for an identified BA while classifying, marking, policing and shaping are done at the network edge.
What are 4 PHBs?
- Class Selector (CS) PHB * Default Forwarding (DF) PHB * Assured Forwarding (AF) PHB * Expedited Forwarding (EF) PHB
What identifies a packet as using PCP for QOS?
- First 3 bits are used * Last 3 bits are set to 0
How many CS classes are there?
8 classes CS0 thru CS7
What is CS PHB?
Per Hop Behavior that uses a Class Selector value from the first 3 bits in the DSCP field (formerly IPP).
What is DF PHB?
Per Hop Behavior when all bits in DS field are set to 0 causing the PHB to use best effort.
Name 3 times when DF PHB is used?
- When packets that cannot be classified by a QoS mechanism such as queueing, shaping, or policing * QoS policy on the node is incomplete * when DSCP values are outside those defined for CS, AF, and EF PHBs
What is AF PHB?
Per Hop Behavior based on an AF class (AF1 thru AF4) and a Drop Probability (1 thru 3)
What bits within the DSCP field are used to mark the AF class and Drop Probability?
- First 3 bits used to identify the AF class (AF1 thru AF4) * The next 2 bits are used to identify Drop Probability (1 thru 3) * The 6th bit is unused
What is the significance of the different AF classes?
- The AF class does not represent precedence * Each should be in its own queue
What is the formula to convert an AF Name into a DSCP value in decimal?
- 8(x) + 2(y) * If AF41 then 8(4) + 2(1) = 34
In AF Names what is the significance of the Drop Probability?
- Drop probabilities range from 1 thru 3 * 1 has a low probability of being dropped * 3 has a high probility of being dropped
What 2 things describe how AF responds to long term congestion?
- Drops packets using congestion-avoidance algorithm like WRED * WRED uses the AF Drop Probability to decide which packets should be dropped first during congestion
How does an AF implementation respond to short term congestion from bursts?
Each class is placed in a separate queue, AF uses a queueing algorithm such as class-based weighted fair queueing (CBWFQ).
What is EF PHB?
PHB that guarantees bandwidth by ensuring a minimum departure rate * Provides the lowest possible delay to delay-sensitive applications by using low-latency queueing * Prevents quque starvation of other applications or classes that are not using the EF PHB by policing EF traffic when congestion occurs.
How are EF packets marked in the 6-bit DSCP field?
- 101110 (46 in decimal) * First 3 bits are 101 which maps directly to IPP’s highest value (5) *
What is Scavenger Class?
- intended to provide less than best-effort services * Marked as CS1
What markings does an IP Phone place on voice packets?
- CoS value of 5 * DSCP value of 46
What does an IP phone do to packets coming from an attached PC?
- Sets CoS to 0 * Sets DSCP to 0
What are the 4 traffic categories for Wireless traffic?
- Platinum - Voice * Gold - Video * Silver - Best effort * Bronze - Background
