QoS Issues - Issue 2 QoS Implementation - MQC Highlighted

Created Apr 10, 2017 09:52:31Latest reply Apr 10, 2017 17:50:55 1819 1 0 0

QoS Implementation - MQC

QoS technology can classify packets on a network and provide differentiated services based on priorities. How are differentiated services implemented? The Modular QoS Command-Line Interface (MQC) can be used.

1 Introduction to MQC

MQC allows you to classify packets based on packet characteristics and specify the same service for packets of the same type. In this way, different types of packets can be provided differentiated services. You can define traffic classification rules to match required traffic and configure a traffic policy to process the matching traffic.

MQC can be used to implement QoS services including traffic policing, priority re-marking, traffic statistics, and PBR. It can be configured flexibly.

2 MQC Implementation

2.1 MQC Configuration Process

MQC involves three entities: traffic classifier, traffic behavior, and traffic policy. The configuration process is as follows:

1.         Configure a traffic classifier and define matching rules.

2.         Configure a traffic behavior and specify an action to be taken for packets.

3.         Configure a traffic policy and bind the configured traffic classifier and traffic behavior to the traffic policy.

4.         Apply the traffic policy to the specified view.

Figure 2-1 MQC configuration process

20170410095212321001.png

 

2.2 Configuring a Traffic Classifier

To identify traffic of a specified type, you need to determine a group of traffic matching rules. This process is called traffic classification. There are various traffic classification methods. Common packet classification rules are as follows:

l   MAC address

l   VLAN ID

l   802.1p priority

l   EXP priority

l   ACL

l   DSCP priority

l   IP priority

l   All packets

l   Inbound or outbound interface

Use the traffic classifier classifier-name [ operator { and | or } ] [ precedence precedence-value ] command to configure a traffic classifier and use the if-match commands to configure rules. On a modular switch, you can specify the priority for each traffic classifier using precedence precedence-value. If precedence precedence-value is not configured, the default priority is used. That is, traffic classifiers take effect based on the sequence in which they were configured. Fixed switches do not support precedence precedence-value. On a fixed switch, packets first match the traffic classifier that was configured first.

You can configure one or more rules in a traffic classifier. The relationship between multiple rules can be AND or OR.

Relationship Between Matching Rules

ACL Rules in a Traffic Classifier

No ACL Rules in a Traffic Classifier

and

Packets must match one ACL rule and all the non-ACL rules.

Packets must match all the non-ACL rules.

or

Packets only need to match one or more rules in a traffic classifier.

 

The following two traffic classifiers are used as an example. For tc1, packets match this traffic classifier only when the packets match ACL2001 or ACL3001, carry 802.1p priority 5, and are IP packets.

[switch] traffic classifier tc1 operator and

[switch-classifier-tc1] if-match acl 2001

[switch-classifier-tc1] if-match 8021p 5  

[switch-classifier-tc1] if-match acl 3001

[switch-classifier-tc1] if-match protocol ip

For tc2, packets match this traffic classifier only when the packets match ACL 3001 or carry 802.1p priority 6.

[switch] traffic classifier tc2 operator or

[switch-classifier-tc2] if-match acl 3001

[switch-classifier-tc2] if-match 8021p 6

2.3 Configuring a Traffic Behavior

Packets are classified so that differentiated services are provided for different types of packets. This is implemented by configuring a traffic behavior. You need to run the traffic behavior behavior-name command to configure a traffic behavior and specify an action in the traffic behavior.

Table 2-1 Common traffic actions

Action

Command

Packet filtering

deny | permit

Re-marking

remark

Redirection and PBR

redirect

Traffic statistics

statistic enable

Traffic policing

car

Flow mirroring

mirroring to observe-port

 

When re-marking is configured, packets are classified again. The 802.1p priority, DSCP priority, local priority, destination MAC address, and flow ID can be re-marked. Re-marking the 802.1p priority or DSCP priority affects QoS processing of packets on the downstream device, but does not affect QoS processing of packets on the local device. Re-marking the local priority affects only QoS processing of packets on the local device.

You can define one or more actions in a traffic behavior. The traffic behavior tb1 defines traffic policing (rate limit of 4096 kbit/s) and traffic statistics.

[switch]traffic behavior tb1

[switch-behavior-tb1] car cir 4096

[switch-behavior-tb1] statistic enable

The traffic behavior tb2 defines redirection to next-hop address 10.10.10.1.

[switch] traffic behavior tb2

[switch-behavior-tb2] redirect ip-nexthop 10.10.10.1

In a traffic behavior, some actions cannot be configured simultaneously. For example, the deny action cannot be configured with other actions except flow mirroring in a traffic behavior.

An ACL is often used with MQC. The combinations of the permit/deny action in an ACL and a traffic behavior are as follows.

ACL

Traffic Behavior of a Traffic Policy

Result

permit

permit

permit

permit

deny

deny

deny

permit

deny

deny

deny

deny

 

2.4 Configuring a Traffic Policy

The configured traffic classifier and traffic behavior must be bound to a traffic policy so that they can take effect. After a traffic classifier and a traffic behavior are configured, you can run the traffic policy policy-name [ match-order { auto | config } ] command to configure a traffic policy and run the classifier classifier-name behavior behavior-name command to bind the traffic classifier and traffic behavior to the traffic policy.

The traffic policy tp1 indicates that the action in the traffic behavior tb1 is taken for packets matching the traffic classifier tc1 and the action in the traffic behavior tb2 is taken for packets matching the traffic classifier tc2.

[switch] traffic policy tp1 match-order config

[switch-trafficpolicy-tp1] classifier tc1 behavior tb1

[switch-trafficpolicy-tp1] classifier tc2 behavior tb2

l   The matching order of the traffic policy tp1 is config, so packets match traffic classifiers depending on priorities of traffic classifiers:

       If no priority is configured or priorities of traffic classifiers cannot be configured, traffic classifiers are matched based on the sequence in which they were configured. tc1 was configured first, so the switch first matches packets with rules in tc1 and takes the action in tb1. If packets match tc1, the switch does not search for other rules.

       If priorities of traffic classifiers are configured on a modular switch, packets match traffic classifiers based on the priorities. A smaller value indicates a higher priority of a traffic classifier.

l   If the matching order of the traffic policy tp1 is auto, packets match traffic classifiers depending on priorities allocated by the system:

       Traffic classifiers based on user-defined ACL rules, Layer 2 and Layer 3 rules, Layer 2 rules, and Layer 3 rules are in descending order of priority.

       tc1 defines Layer 2 and Layer 3 rules and has a higher priority than tc2, so the switch first matches packets with rules in tc1 and takes the action in tb1. If packets match tc1, the switch does not take the action in tb2.

l   For the fixed switches that do not support match-order, packets are matched based on the sequence in which traffic classifiers were configured.

2.5 Applying the Traffic Policy

After a traffic policy is configured, you need to determine the scope where the traffic policy takes effect. A traffic policy can be applied to an interface, a VLAN, or the system in the inbound or outbound direction. The interfaces include physical interfaces, sub-interfaces, VLANIF interfaces, and Eth-Trunks. For example, a traffic policy applied to an interface in the inbound direction indicates that an action is taken for the packets that enter the interface and match a traffic classifier.

[switch] interface GigabitEthernet 1/0/1

[switch-GigabitEthernet1/0/1] traffic-policy tp1 inbound

Multiple traffic policies can be configured on the same device, and the same traffic policy can be also applied to multiple views. Packets may match multiple traffic policies simultaneously. The traffic policy that takes effect depends on types of traffic classification rules.

Figure 2-2 shows how a traffic policy takes effect when traffic classification rules are of the same type.

Figure 2-2 Flowchart for a traffic policy to take effect

20170410095213123002.png

 

Figure 2-3 shows how a traffic policy takes effect when traffic classification rules are of different types.

Figure 2-3 Flowchart for traffic policies to take effect

20170410095214179003.png

 

For example, the traffic policy tp2 is configured on the switch and is applied to VLAN 30.

[switch] traffic policy tp2 match-order config

[switch-trafficpolicy-tp2] classifier tc1 behavior tb1

[switch-trafficpolicy-tp2] quit

[switch] vlan 30

[switch-vlan30] traffic-policy tp2 inbound

Both tp1 and tp2 use tc1. Because the traffic policy applied to an interface takes precedence over the traffic policy applied to a VLAN, so only the traffic policy tp1 takes effect.

3 MQC Configuration Example

In Figure 3-1, department 1 and department 2 belong to VLAN 10 and VLAN 20, respectively. It is required that department 1 and department 2 use the bandwidth of 8 Mbit/s and 6 Mbit/s, respectively.

Basic configurations such as interfaces and VLANs are not mentioned here.

Figure 3-1 MQC networking

20170410095215156004.png

 

[LSW1] traffic classifier bumen1

[LSW1-classifier- bumen1] if-match vlan-id 10  //Configure a rule to match traffic from department 1.

[LSW1-classifier- bumen1] quit

[LSW1] traffic classifier bumen2

[LSW1-classifier- bumen2] if-match vlan-id 20  //Configure a rule to match traffic from department 2.

[LSW1-classifier- bumen2] quit

[LSW1] traffic behavior bumen1

[LSW1-behavior-bumen1] car cir 8000 pir 10000 green pass  //Set the CIR of traffic from department 1 to 8 Mbit/s.

[LSW1-behavior-bumen1] quit

[LSW1] traffic behavior bumen2

[LSW1-behavior-bumen2] car cir 6000 pir 10000 green pass  //Set the CIR of traffic from department 1 to 6 Mbit/s.

[LSW1-behavior-bumen2] quit

[LSW1] traffic policy xiansu

[LSW1-trafficpolicy-xiansu] classifier bumen1 behavior bumen1 //Bind the traffic classifier to the traffic behavior.

[LSW1-trafficpolicy-xiansu] classifier bumen2 behavior bumen2

[LSW1-trafficpolicy-xiansu] quit

[LSW1] interface gigabitethernet 0/0/3

[LSW1-GigabitEthernet0/0/3] traffic-policy xiansu outbound //Apply the traffic policy to the interface.

[LSW1-GigabitEthernet0/0/3] quit

4 Summary

MQC can implement traffic policing, rate limiting, classification, and re-marking. In addition to MQC, priority mapping provides another packet classification and marking. The 802.1p priority, DSCP priority, and local priority will be described in issue 3.

This article contains more resources

You need to log in to download or view. No account?Register

x
  • x
  • convention:

gululu  Admin   Created Apr 10, 2017 17:50:55 Helpful(0) Helpful(0)

good,thanks!
  • x
  • convention:

Come on!

Responses

Reply
You need to log in to reply to the post Login | Register

Notice:To ensure the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but not limited to politically sensitive content, content concerning pornography, gambling, drug abuse and trafficking, content that may disclose or infringe upon others' intellectual properties, including commercial secrets, trade marks, copyrights, and patents, and personal privacy. Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see“ Privacy Policy.”
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Fast reply Scroll to top