Professional Documents
Culture Documents
TECRST-2500
Session_ID Presentation_ID
Cisco Public
Network Management
Sid Nag
Session_ID Presentation_ID
Cisco Public
Cisco Public
Policing:
Determine whether packets are conforming to administratively-defined traffic rates and take action accordingly. Such action could include marking, remarking or dropping a packet.
Session_ID Presentation_ID
Cisco Public
Assign as few applications as possible to be treated as mission-critical Seek executive endorsement of the QoS objectives prior to design and deployment Determine how many classes of traffic are required to meet the organizational objectives
More classes = More granular service-guarantees
Session_ID Presentation_ID
Cisco Public
11 Class Model Voice Interactive-Video Streaming Video Call Signaling IP Routing Network Management Mission-Critical Data Transactional Data Bulk Data Best Effort Scavenger
10
Realtime Video Call Signaling Call Signaling Network Control Critical Data Critical Data Bulk Data Best Effort Scavenger Time Best Effort Scavenger
Cisco Public
Session_ID Presentation_ID
11
PRI
CFI
VLAN ID CoS
802.1p user priority field also called Class of Service (CoS) Different types of traffic are assigned different CoS values CoS 6 and 7 are reserved for network use
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
7 6 5 4 3 2 1 0
IPv4 Packet
7 6 5 4 3 2 Unused IP ECN 1 0
IP Precedence
IPv4: Three most significant bits of ToS byte are called IP Precedence (IPP)other bits unused DiffServ: Six most significant bits of ToS byte are called DiffServ Code Point (DSCP)remaining two bits used for flow control DSCP is backward-compatible with IP precedence
Session_ID Presentation_ID
Cisco Public
13
Label Stack
Label
EXP S EXP
TTL
MPLS EXP
Packet Class and drop precedence inferred from EXP (threebit) field RFC3270 does not recommend specific EXP values for DiffServ PHB (EF/AF/DF) Used for frame-based MPLS
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
14
15
TCP/UDP Packet
Src Port Dst Port
Data Area
Sub-Port/Deep Inspection
Identifies over 90 applications and protocols TCP and UDP port numbers
Statically assigned Dynamically assigned during connection establishment
Non-TCP and non-UDP IP protocols Data packet inspection for matching values
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
16
Policing Tools
Session_ID Presentation_ID
Cisco Public
17
EBS
B<Tc
Packet of Size B Yes
No
B<Te
Yes
No
Conform
Exceed
Violate
Action
EBS=Excess BW Scheduler; CBS Committed Burst size
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
Action
Action
18
CBS
B>Tp
Packet of Size B Yes
No
B>Tc
Yes
No
Violate
Exceed
Conform
Action
PIR=Peak Information Rate; PBS Priority based Schedulling
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
Action
Action
19
Congestion can occur at any point in the network where there are speed mismatches Routers use Cisco IOS-based software queuing
Low-Latency Queuing (LLQ) used for highest-priority traffic (voice/video) Class-Based Weighted-Fair Queuing (CBWFQ) used for guaranteeing bandwidth to data applications
20
Scheduling Tools
Session_ID Presentation_ID
Cisco Public
21
100%
22
Queue
2 0 2 0 3 2 1 3
23
0
Begin Dropping AF13 Begin Dropping AF12 Begin Dropping AF11
24
Congestion Avoidance
IP Header Type of Service (ToS) Byte Explicit Congestion Notification (ECN) Bits
Version Length ToS Byte Len ID Offset TTL Proto FCS IP SA IP DA Data
IPv4 Packet
7 6 5 4 3 2 1 0
ECT CE
Session_ID Presentation_ID
Cisco Public
25
Traffic Shaping
Line Rate Shaped Rate
Without Traffic Shaping With Traffic Shaping
Traffic Shaping Limits the Transmit Rate to a Value Lower than Line Rate
Policers typically drop traffic Shapers typically delay excess traffic, smoothing bursts and preventing unnecessary drops Very common on Non-Broadcast Multiple-Access (NBMA) network topologies such as Frame-Relay and ATM
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
26
Session_ID Presentation_ID
Cisco Public
27
Data
Data
Data
Voice
Data
Serialization delay is the finite amount of time required to put frames on a wire For links 768 kbps serialization delay is a major factor affecting latency and jitter For such slow links, large data packets need to be fragmented and interleaved with smaller, more urgent voice packets
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
28
UDP Header
8 Bytes
RTP Header
12 Bytes
Voice Payload
cRTP Reduces L3 VoIP BW by: ~ 20% for G.711 ~ 60% for G.729
Session_ID Presentation_ID
25 Bytes
Cisco Public
29
Signaling Tools
RSVP QoS services
Guaranteed service Mathematically provable bounds on end-to-end datagram queuing delay/bandwidth Controlled service Approximate QoS from an unloaded network for delay/bandwidth
Handset
Multimedia Station
I Need 16K BW and 100 msec Delay
Handset
Multimedia Server
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
30
Cisco AutoQoS Phase 1 Automatic QoS for VoIP Traffic (AutoQoS - VoIP)
Configures each switch or router
interface Serial0
LAN and WAN - Routers & switches One single command enables Cisco QoS for VoIP on a port/interface/PVC!
Session_ID Presentation_ID
Cisco Public
31
Example: auto-generation of initial and ongoing QoS policies Example: providing high level business knobs, and multi-device / domain automation for QoS
5. Consistency
Example: enabling automatic, seamless interoperability among all QoS features and parameters across a network topology LAN, MAN, and WAN
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
32
Session_ID Presentation_ID
Cisco Public
33
CB Zone Satellite Quality High Quality 0 100 200 300 400 500 Fax Relay, Broadcast 600 700 800
Time (msec)
Delay Target
34
PSTN IP WAN
Campus Branch Office
CODEC
Queuing
Serialization
Jitter Buffer
G.729A: 25 ms
Variable
Variable
2050 ms
35
Cisco DSP codecs can use predictor algorithms to compensate for a single lost packet in a row Two lost packets in a row will cause an audible clip in the conversation
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
36
Voice
Session_ID Presentation_ID
Cisco Public
37
15pps
I (infra) frame is a full sample of the video P (predictive) & B (Bi-dir)frames use quantization via motion vectors and prediction algorithms Key point is that dealing with large bursty I frames
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
38
65128 Bytes 1%
257512 Bytes 8%
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
39
One-Way Requirements
Video
40
SAP R/3
10241518 Bytes 5121023 Bytes
064 Bytes
10241518 Bytes
253511 Bytes
128252 Bytes
65127 Bytes
Session_ID Presentation_ID
Cisco Public
41
Session_ID Presentation_ID
Cisco Public
Additional optional data classes include internetwork-control (routing) and network-management Most apps fall under best-effort, make sure that adequate bandwidth is provisioned for this default class
Session_ID Presentation_ID
Cisco Public
43
Data
Cisco Public
44
Scavenger class markings can be used to distinguish out-of-profile/abnormal traffic flows from in-profile/ normal flows
The Scavenger class marking is CS1, DSCP 8
Scavenger traffic is assigned a less-than-best effort queuing treatment whenever congestion occurs
Session_ID Presentation_ID
Cisco Public
45
Session_ID Presentation_ID
Cisco Public
46
Scope of Damage
2nd Gen
Boot Viruses
1st Gen
Multi-Server DoS, DDoS, Blended Threat (Worm+ Virus+ Trojan), Turbo Worms, Widespread System Hacking
1980s
1990s
Today
Future
Sophistication of Threats
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
47
2Propagation Mechanism
3Payload
Session_ID Presentation_ID
Cisco Public
48
Si
Si
Si
Si
Si
Si
L3VPN Internet
Si
Si
Si
Si
L2VPN BBDSL
Si
Si
MetroE
Teleworker
Session_ID Presentation_ID
Cisco Public
49
Session_ID Presentation_ID
Cisco Public
50
..
URPF
PACKET BUFFER
ACL
NAT
51
Normal/Abnormal Threshold
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
52
WAN/VPN links will likely congest first Campus uplinks may also congest
Queuing Will Engage When Links Become Congested and Traffic Previously Marked as Scavenger Is Dropped Aggressively
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
53
First released in May 2001 Exploited a vulnerability in Microsoft IIS and infected 360,000 class-map hosts in 14 hours Several strains (CodeRed, CodeRedv2, CodeRed II, Code,Redv3, CodeRed.C.) Newer strains replaced home page of Web servers and caused DoS flooding-attacks Attempts to access a file with .ida extension
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
match-any CODE-RED match protocol http url *.ida* match protocol http url *cmd.exe* match protocol http url *root.exe*
Branch Router
Branch Switch
54 54
Session_ID Presentation_ID
Cisco Public
55
SNMP MIB
Cisco-Class-Based-QoS-MIB
Primary accounting mechanism for QoS:
Policing, Classification, Shaping, Queuing, Congestion avoidance
56
NetFlow
NetFlow answers the who, what, when, where, and how network traffic is flowing
Provides flow information Per Class of Service (TOS) Provides pre and post policy QoS classification
7 Identifiers
Other Data
57
Traffic
Inspect Packet
NetFlow Cache
Flow Information Address, ports
Packets 11000
Bytes/packet 1528
Source port Destination port Layer 3 protocol TOS byte (DSCP) Input Interface
1. Inspect a packets seven key fields and identify the values 2. If the set of key field values is unique create a flow record or cache entry 3. When the flow terminates export the flow to the collector
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
3
Reporting
58
TCP/UDP Packet
Src Port Dst Port
Data Area
Sub-Port/Deep Inspection
Identifies over 90 applications and protocols TCP and UDP port numbers
Statically assigned Dynamically assigned during connection establishment
Non-TCP and non-UDP IP protocols Data packet inspection for matching values
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
59
Measurement Metrics
Round Trip Time Packet Loss Network Jitter Dist. of Stats Connectivity
Protocols
Jitter FTP DNS DHCP DLSW ICMP UDP TCP HTTP LDP H.323 SIP RTP Radius Video
IP Server IP Server
Source
MIB Data
Destination
Cisco IOS. IPSLA
Responder
2008 Cisco Systems, Inc. All rights reserved. Cisco Public
60
Session_ID Presentation_ID
Cisco Public
61
Q and A
Session_ID Presentation_ID
Cisco Public
62
AT-A-GLANCE SUMMARIES
Session_ID Presentation_ID
Cisco Public
63
Session_ID Presentation_ID
Cisco Public
64
Session_ID Presentation_ID
Cisco Public
65
Session_ID Presentation_ID
Cisco Public
66
Session_ID Presentation_ID
Cisco Public
67
Session_ID Presentation_ID
Cisco Public
68
Session_ID Presentation_ID
Cisco Public
69
Session_ID Presentation_ID
Cisco Public
70
Session_ID Presentation_ID
Cisco Public
71
Session_ID Presentation_ID
Cisco Public
72
Session_ID Presentation_ID
Cisco Public
73
References
Session_ID Presentation_ID
Cisco Public
74
Reference Materials
DiffServ Standards
RFC 2474 Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers http://www.apps.ietf.org/rfc/rfc2474.html RFC 2475 An Architecture for Differentiated Services
http://www.ietf.org/rfc/rfc2475.txt
RFC 2597 Assured Forwarding PHB Group RFC 2697 A Single Rate Three Color Marker RFC 2698 A Two Rate Three Color Marker RFC 3246 An Expedited Forwarding PHB (Per-Hop Behavior)
http://www.ietf.org/rfc/rfc3246.txt
Session_ID Presentation_ID
Cisco Public
75
Reference Materials
Session_ID Presentation_ID
Cisco Public
76
Recommended Reading
Session_ID Presentation_ID
Cisco Public
77
Session_ID Presentation_ID
Cisco Public
78
Reference Materials
Cisco Press Book: End-to-End QoS Design
http://www.ciscopress.com/title/1587051761
ISBN: 1587051761 Publish Date: Nov 2004 LAN
Catalyst 2950 Catalyst 3550 Catalyst 2970/3560/3750 Catalyst 4500 Catalyst 6500
WAN/Branch
Leased Lines Frame Relay ATM ATM-to-FR SIW ISDN NBAR for Worm Policing
VPN
MPLS (for Enterprise Subscribers) MPLS (for Service Providers) IPSec (Site-to-Site) IPSec (Teleworker)
Session_ID Presentation_ID 2008 Cisco Systems, Inc. All rights reserved. Cisco Public
79
Recommended Reading
Continue your Networkers at Cisco Live learning experience with further reading from Cisco Press Check the Recommended Reading flyer for suggested books
80
Recommended Reading
Continue your Cisco Live learning experience with further reading from Cisco Press Check the Recommended Reading flyer for suggested books
81
Cisco Public
82
Session_ID Presentation_ID
Cisco Public
83