Quality of Service (QoS) Flashcards
What is the need for QoS
To improve the delivery of real time traffic such as voice and video as they are very sensitive to delays.
What are the leading causes of QoS issues
Lack of bandwidth
Latency/Jitter
Packet loss
What is latency and jitter
Latency - the one way time it takes for packet delivery from source to destination in ms.
Jitter - the difference between highest latency and lowest latency.
What is the recommended latency values under G.114 for real time traffic and non-real time traffic
Real time - 150ms max
all other traffic - 400ms MAX
What are the different types of latency in a network
Propagation delay (fixed) - delay with the refractive index of the medium taken into account.
Serialisation delay (fixed) - delay it takes to place the individual bits on to the link.
Processing delay (fixed) - delay it takes for network device to take incoming bits and place them on to the outgoing queue/ interface.
Delay (Variation) - Jitter.
What are the main ways to overcome packet loss
Increase link speed
Implement congestion avoidance and congestion management techniques
Implement traffic policing and shaping.
What are the 3 different ways QoS is implemented into a network (QoS implementation models)
Best effort
IntServ - uses a signalling protocol RSVP to reserve bandwidth end to end
DiffServ - uses traffic classification to prioritise higher priority traffic.
What is the drawback of IntServ
A RSVP state is required to build, maintain and support the RSVP this causes issues with scalability of resources.
What is classification in QoS
Classification is where different traffic flows can be identified as different descriptors.
Where in the network should traffic classification take place
On the edge
What is NBAR2
It is a layer 7 deep packet inspection engine that is capable of identifying and classifying different applications and protocols from 1000s of different ports including dynamically assigned ports.
What layers can be classified on the OSI scale
All layers including 2.5 MPLS
What is packet marking in QoS
It is when a packet or frame is coloured by changing a field with a traffic descriptor so that it is differentiated from other packets
What traffic descriptors are used for marking
Layer 2
Layer 2.5 MPLS
Layer 3 DSCP, IP precedence
What is the 802.1Q header made up of in a layer 2 frame
TPID - 2B field that indicates it is a 802.1Q header
TCI - 2B field made up of PCP code, DEI and VID
What is a PCP code used for
A PCP code is the 802.1P CoS layer 2 traffic marking that indicates the priority of the frame in the network. 1-7 (7 is the highest). 5 is for voice and is the highest user definable value.
What is the drawback to Class of service (CoS) PCP
It looses its marking once it traverses a non 802.1Q link or layer 3 link. However CoS bits are directly mapped to IPv4 (ToS) bits performing layer 3 marking.
What is the DSCP field used for
Marking layer 3 traffic so it can be processed at layer 3 on a hop by hop basis. DSCP is used for DiffServ QoS Implementations.
On a DSCP hop by hop basis packets are classified and marked with a particular DSCP per hop forwarding behaviour (PHB), what are the different PHBs
DF - Default forwarding (best effort delivery) DSCP value 000000
CS - Class sector (Used for backwards compatibility with IP precedence ToS)
AF - Assured forwarding - Used for guaranteed bandwidth services.
EF - Expedited forwarding - used for low latency services like voice.
IN assured forwarding what does this mean AF41
This DSCP value in decimal will be 34, the AFxy x is the IP precedence value and y is the drop probability of the packet in WRED.
What is the scavenger class used for
Less than best effort traffic, typically for gaming applications and entertainment like YouTube. This type of traffic will be rate limited typically.
It is assigned DSCP value of CS1 as a negative value is not possible in DSCP.
What is a trust boundary
In a end-to-end QoS experience the edge of the network should mark the packets with the appropriate DSCP value.
A switchport can either:
Accept the marking already on the packet (Trust)
Refuse the marking and remark with new marking (Not Trust)
the boundary is where the packet is remarked.
What is a traffic Policer
Drop or remark traffic that goes beyond a desired traffic rate.
What is a traffic shaper
Buffer/queue and delay egress traffic rates that temporarily peak above desired rate and when/if rate drops traffic is sent.
Where is the optimal placing for a policer
At the edge of the network for both incoming and outgoing traffic towards the core.
Where is the optimal place for a shaper
Optimally placed on enterprise networks facing the ISP as the ISP side will have a policer and monetary penalties for exceeding agreed SLA.
What is the biggest drawback to traffic policers
when traffic is dropped for exceeding the desired rate, the TCP session will also be dropped and need to be retransmitted.
What 2 actions can traffic policers take with traffic that exceeds the desired rate.
Drop the traffic
or…
Mark down the traffic to a lower priority
What is a token bucket algorithm
It is the algorithms the Cisco IOS uses for the policer function.
What is the Committed information Rate (CIR)
the rate of traffic that the policer is set at. bps
What is the committed burst size (Bc)
The maximum size of the token bucket
The largest packet in the network should be equal or less than the Bc size
True or False
True
What is the committed time interval (Tc)
The time interval over which the token bucket is sent.
What is a token in bits/bytes
8 bits or 1 byte
What happens when the token bucket is filled up to the maximum amount (Bc)
Packet is sent.
What happens if the bucket is not filled up
Packets can either:
be buffered (shaping)
Dropped (Policing)
or marked down. (Policing)
What are the 3 different token bucket algorithm policers
Single rate two-colour policer
Single rate three-colour policer (srTCM)
Two rate three-colour policer (trTCM)
How does a Single rate two-colour policer/marker work
Traffic is either conforming to or exceeding the CIR, for the exceeding traffic it can either be marked down or dropped.
Uses one token bucket that once full traffic is marked down or dropped.
How does a Single rate three-colour policer/marker work
Operates using 2 token buckets traffic can either be conforming, exceeding or violating the CIR.
The first bucket operates similarly to 2 colour whereas once the bucket is full the excess tokens are placed into the second bucket.
What is the excess burst (Be)
The maximum number of bits that can exceed the burst size (Bc)
How does a two rate three-colour policer/marker work
It uses two buckets and relies on 2 rates the CIR and the PIR the CIR fills the 1st token bucket and the 2nd token bucket is filled by the PIR.
This allows for a sustained excess rate.
What is the peak information rate (PIR)
The maximum rate of traffic allowed
Should be greater or equal to CIR.
What is queuing/buffering
Temporary storage of excess packets. it is activated once a output interface is experiencing congestion and is deactivated once congestion clears.
How can congestion occur
Input interface is faster than the output interface
Multiple input interfaces serving one output interface
What is a scheduling
When packets are in a queue they can be re-ordered to egress the device.
There is multiple algorithms for scheduling.
What are the legacy scheduling algorithms
FIFO
Round robin
Weighted round robin
Custom queuing
Priority queuing
Weighted fair queuing
What is the current scheduling algorithms used in enterprise networks
CBWFQ & LLQ
What is CBWFQ
Class Based Weighted Fair Queuing
Allows multiple queues 256 for 256 traffic classes that are all serviced based on their assigned bandwidth (the weight).
Allows user defined classes.
Classes can have weight assigned bandwidth, maximum queue size and maximum packet size defined.
Once packets exceed queue limit packets are dropped.
ONLY SUITABLE for NON-real time traffic.
What is LLQ
Low Latency Queuing
Is used for real time traffic like voice and video traffic.
Used in combination with CBWFQ. the LLQ is the priority queue and is assigned bandwidth first before CBWFQ queues.
Multiple classes can be defined e.g. voice and video. however one single queue (Priority queue combines and schedules the different class queues).
What is congestion avoidance tools purpose
To monitor the network traffic loads to anticipate and avoid congestion by dropping packets.
Tools used are:
Tail drop - default
RED
WRED
What is Tail drop, RED and WRED
Tail drop - treats all traffic equally, when queue fills all traffic is dropped (causes mass TCP re-synch
RED - Random early detection - when congestion is detected before queue is full random packets are dropped throughout the traffic flow to decrease the congestion.
WRED - Cisco’s implementation of RED introduces weight variable so that lower priority packets are dropped more aggressively than higher priority packets.
