traffic shaping with congestion advoidance

paul amaral · ‎03-05-2024

Hi, I have a circuit with 5 megs for upload only. This circuit is continuously maxed out and therefor packets get dropped by the ISP.I wanted at the very least to do QOS for voip and control packets such as keep-alives etc.

I created HQOS with a parent shaper and then nested the QOS policy. To my surprised the congestion avoidance doesn’t seem to work, I only see packets being dropped on the default-class,

(queue depth/total drops/no-buffer drops/flowdrops) 0/127465/0/127465

I though shaping would Introduced backpressure in the form of the shaper that it would allow dscp random-detect to kick in. Is there something that am not doing correctly here? I do have the bandwidth command set to 5 meg on the interface level but I believe this is only used for bandwidth reference on the class-maps.

policy-map shaper_parent
 description circuit is only 5 meg upload
 class class-default
  shape average 5500000
   service-policy voice_policy

policy-map voice_policy
 class VOICE
  priority percent 5
  queue-limit 128 packets
 class voip-signal-CM
  bandwidth percent 2
 class routing_proto_CM
  bandwidth percent 2
 class class-default
  random-detect dscp-based
  fair-queue
  queue-limit 192 packets
  bandwidth percent 91

GigabitEthernet0/0/1

  Service-policy output: shaper_parent

    Class-map: class-default (match-any)
      8727569 packets, 6445465130 bytes
      30 second offered rate 626000 bps, drop rate 1000 bps
      Match: any
      Queueing
      queue limit 70 packets
      (queue depth/total drops/no-buffer drops) 0/127465/0
      (pkts output/bytes output) 8585120/6309059282
      shape (average) cir 5500000, bc 22000, be 22000
      target shape rate 5500000

      Service-policy : voice_policy

        queue stats for all priority classes:
          Queueing
          queue limit 128 packets
          (queue depth/total drops/no-buffer drops) 0/0/0
          (pkts output/bytes output) 169922/50003220

        Class-map: VOICE (match-any)
          169922 packets, 50003220 bytes
          30 second offered rate 0000 bps, drop rate 0000 bps
          Match:  dscp ef (46)
          Priority: 5% (275 kbps), burst bytes 6850, b/w exceed drops: 0



        Class-map: voip-signal-CM (match-any)
          30941 packets, 6975602 bytes
          30 second offered rate 0000 bps, drop rate 0000 bps
          Match: ip dscp cs3 (24)
          Queueing
          queue limit 64 packets
          (queue depth/total drops/no-buffer drops) 0/0/0
          (pkts output/bytes output) 30947/6976430
          bandwidth 2% (110 kbps)

        Class-map: routing_proto_CM (match-any)
          21520 packets, 4341439 bytes
          30 second offered rate 4000 bps, drop rate 0000 bps
          Match:  dscp cs6 (48)
          Match: ip dscp cs6 (48)
          Match:  dscp cs2 (16)
          Match:  dscp cs7 (56)
          Queueing
          queue limit 64 packets
          (queue depth/total drops/no-buffer drops) 0/0/0
          (pkts output/bytes output) 7435/1323129
          bandwidth 2% (110 kbps)

        Class-map: class-default (match-any)
          8503829 packets, 6383670603 bytes
          30 second offered rate 622000 bps, drop rate 0000 bps
          Match: any
          Queueing
          queue limit 192 packets
          (queue depth/total drops/no-buffer drops/flowdrops) 0/127465/0/127465
          (pkts output/bytes output) 8376816/6250756503
            Exp-weight-constant: 9 (1/512)
            Mean queue depth: 0 packets
            dscp       Transmitted      Random drop      Tail/Flow drop Minimum Maximum Mark
                        pkts/bytes       pkts/bytes      pkts/bytes   thresh  thresh  prob

            default  8376372/6250674959      0/0              0/0                 48            96  1/10
            1             122/32068           0/0              0/0                 48            96  1/10
            2               5/690             0/0              0/0                 48            96  1/10
            3               1/138             0/0              0/0                 48            96  1/10
            4             165/27890           0/0              0/0                 48            96  1/10
            5               2/276             0/0              0/0                 48            96  1/10
            6               2/276             0/0              0/0                 48            96  1/10
            7               3/414             0/0              0/0                 48            96  1/10
            cs1           37/5026            0/0              0/0                 54            96  1/10
            9               2/276             0/0              0/0                 48            96  1/10
            af11           3/414             0/0              0/0                 84            96  1/10
            11              2/276             0/0              0/0                 48            96  1/10
            af12           3/414             0/0              0/0                 72            96  1/10
            13              3/414             0/0              0/0                 48            96  1/10
            af13           1/138             0/0              0/0                 60            96  1/10
            15              1/138             0/0              0/0                 48            96  1/10
            17              2/276             0/0              0/0                 48            96  1/10
            af21           3/414             0/0              0/0                 84            96  1/10
            19              1/138             0/0              0/0                 48            96  1/10
            af22           2/276             0/0              0/0                 72            96  1/10
            21              2/276             0/0              0/0                 48            96  1/10
            af23           4/552             0/0              0/0                 60            96  1/10
            23              4/552             0/0              0/0                 48            96  1/10
            25              3/414             0/0              0/0                 48            96  1/10
            af31           2/276             0/0              0/0                 84            96  1/10
            27              2/276             0/0              0/0                 48            96  1/10
            29              2/276             0/0              0/0                 48            96  1/10
            31              3/414             0/0              0/0                 48            96  1/10
            cs4            3/414             0/0              0/0                 72            96  1/10
            33              3/414             0/0              0/0                 48            96  1/10
            af41           2/276             0/0              0/0                 84            96  1/10
            35              2/276             0/0              0/0                 48            96  1/10
            af42           1/138             0/0              0/0                 72            96  1/10
            37              2/276             0/0              0/0                 48            96  1/10
            af43           5/690             0/0              0/0                 60            96  1/10
            39              4/552             0/0              0/0                 48            96  1/10
            cs5            1/138             0/0              0/0                 78            96  1/10
            41              2/276             0/0              0/0                 48            96  1/10
            42              2/276             0/0              0/0                 48            96  1/10
            43              3/414             0/0              0/0                 48            96  1/10
            44              2/276             0/0              0/0                 48            96  1/10
            45              3/414             0/0              0/0                 48            96  1/10
            47              3/414             0/0              0/0                 48            96  1/10
            49              1/138             0/0              0/0                 48            96  1/10
            50              3/414             0/0              0/0                 48            96  1/10
            52              1/138             0/0              0/0                 48            96  1/10
            53              3/414             0/0              0/0                 48            96  1/10
            54              1/138             0/0              0/0                 48            96  1/10
            55              1/138             0/0              0/0                 48            96  1/10
            57              1/138             0/0              0/0                 48            96  1/10
            58              3/414             0/0              0/0                 48            96  1/10
            59              1/138             0/0              0/0                 48            96  1/10
            60              2/276             0/0              0/0                 48            96  1/10
            61              1/138             0/0              0/0                 48            96  1/10
            62              1/138             0/0              0/0                 48            96  1/10

Thanks, P

David Ruess · ‎03-05-2024

Hello,

Shaping only goes so far. QoS isnt the type of solution that solves BW utilization problems if you're overtaxed in the first place. It looks like your default policy is filling up fast and just dropping traffic. One thing you can do is increase the Queue limit on your default-class. That will give depth to the amount of packets allowed to be "shaped" if I am not mistaken.

You can kinda see the traffic in the line below:

 30 second offered rate 626000 bps, drop rate 1000 bps

Shows you how much BW is being allocated over those times. I believe this also fluxuates depending on the interval and traffic pushed through that policy.

Secondly your default class is catching everything else which might be a lot of traffic. Your queue may not be able to keep up.

Lastly, You configured DSCP based WRED - I seem to remember that this affects Assured Forwarding (AF) DSCP values. Do packets that are hitting the default queue have DSCP values associated with them?

I know @Joseph W. Doherty is a QoS whisperer in this forum if he sees this.

-David

paul amaral · ‎03-05-2024

David, thanks for your reply.

Yes packets hitting the default queue are indeed marked, I have also increased the queue limit a little more to 200. The original issue am trying to solve is OSPF neighbor drops because of the over utilized circuit. I was hoping that WRED would drop less important packets during congestion and shaping would maintain the 5 megs so the upstream ISP so the ISP doesn't drop packets indiscriminately and thus drop my OSPF neighbor relationships. I have removed fair-queue on the default class and now see WRED DSCP based working, I believe I was not seeing the congestion avoidance per DSCP class because flow based WRED was in place when fair-queuing in on with WRED.

 Class-map: class-default (match-any)
      129591 packets, 54582122 bytes
      30 second offered rate 348000 bps, drop rate 0000 bps
      Match: any
      Queueing
      queue limit 192 packets
      (queue depth/total drops/no-buffer drops) 0/195/0
      (pkts output/bytes output) 129377/54327340
        Exp-weight-constant: 9 (1/512)
        Mean queue depth: 0 packets
        dscp       Transmitted         Random drop      Tail drop          Minimum        Maximum     Mark
                pkts/bytes            pkts/bytes       pkts/bytes          thresh         thresh     prob

        default   129359/54324088       20/25160        175/221718            48            96  1/10
        1               5/1330            0/0              0/0                 48            96  1/10
        4               4/680             0/0              0/0                 48            96  1/10
        25              1/138             0/0              0/0                 48            96  1/10
        29              1/138             0/0              0/0                 48            96  1/10
        31              1/138             0/0              0/0                 48            96  1/10
        cs4            2/276             0/0              0/0                 72            96  1/10
        43              1/138             0/0              0/0                 48            96  1/10
        45              1/138             0/0              0/0                 48            96  1/10
        50              1/138             0/0              0/0                 48            96  1/10
        53              1/138             0/0              0/0                 48            96  1/10

Because the physical interface is 1G and i only have 5meg CIR for upload do I need to introduce back pressure on the interface using shaping? Am assuming that congestion will happen regardless if I have shaping setup or not. I believe shaping the traffic is only helping me to play nice and honor the 5 meg cir so the upstream ISP has less of a chance to just randomly drop packets on their side.

Joseph W. Doherty · ‎03-05-2024

I've much to suggest, but at the moment responding on my phone, during a work break, and won't have time until tomorrow to respond properly.

paul amaral · ‎03-05-2024

Please do when you can. Thanks @Joseph W. Doherty

David Ruess · ‎03-05-2024

Shaping does work but to a point. It will put packets into a Queue but once that starts filling up then its a free for all. If the link is sending more than the queue can handle, QoS might be a moot point. Joseph, I'm sure has better insight and can provide better suggestions along with others in the community. I understand QoS just enough to be dangerous.

Joseph W. Doherty · ‎03-05-2024

"I know @Joseph W. Doherty is a QoS whisperer in this forum if he sees this."

Topic would have likely attracted my attention, but David's reference certainly did. Thanks David.

Elliot Dierksen · ‎03-06-2024

As @David Ruess and @Joseph W. Doherty have both mentioned, there is only so much QoS can do. Slightly cleaning up a military expression: You can't put 10 pounds of poo in a 5 pound bag. You can tag traffic that is more important to the business as you have done, but it looks like you don't have enough bandwidth to support your traffic volume. You can tweak who loses out, but the poo reference still stands.

Joseph W. Doherty · ‎03-06-2024

Although I didn't mention limitations of QoS, especially in this case, if any, @Elliot Dierksen's analogy (laugh) can hold true, i.e. there indeed are (many) cases where additional bandwidth is needed.

Conversely there are also, possibly even more cases, where QoS negates the need for additional bandwidth or is a much, much better solution than additional bandwidth. Unfortunately, the latter is not well taught.

paul amaral · ‎03-06-2024

Joseph, when the shaper is in place with parent child relationship, does the traffic get shaped first, with any packets not being able to get queued being dropped? I guess am asking if the shaper takes into account the packet's priority, or does it just store and forward based on FIFO and only when the packet is about to leave he queue does QOS markings come to play?

Paul

Joseph W. Doherty · ‎03-06-2024

In theory, shaper should queue packets whenever it needs to.

In practice, on some platforms, I suspect a shaper can sometimes maintain its own FQ, but unclear if it does, whether that's before or after child policy queues. I also suspect, if the shaper has its own queues, it's between the interface tx-ring queue and the child policy queues.

liviu.gheorghe · ‎03-06-2024

QoS is not a solution for chronic congestion, it never was. In this cases an upgrade in link bandwidth, more aligned with the business needs, is the only solution.

Regards, LG
*** Please Rate All Helpful Responses ***

Joseph W. Doherty · ‎03-06-2024

Often that's untrue.

Joseph W. Doherty · ‎03-06-2024

What @liviu.gheorghe wrote is sometimes true, but sometime not.

Let's consider where QoS can, or cannot, "physical" bandwidth needs.

You have two hosts, that want to exchange a very large file, perhaps across a WAN link in the path.

So, if you say to me, we need to copy this X sized file, between these two hosts, my question would be, what's the acceptable time to do so. (Hopefully) obviously, to copy X bits in Y time will require a specific minimum transmission rate.

We determine we need 100 Mbps. Fine, so as long as hosts have FE interfaces, and at least FE end-to-end, in theory we can meet this requirement. During the data transfer, path will be at 100% utilization, but our needs are met.

Next, it's found we need to make that transfer in half the time. Easy add physical bandwidth, say gig end to end.

We do that, and we actual get a 10x time reduction. Usually, all good, but the hosts, by themselves, want to use the full gig.

Next, we decide to share this gig path with other traffic, say web traffic. Perhaps that traffic, on average only uses 100 Mbps.

Well, what often happens, web users will complain about poor web app performance because of the concurrent gig data transfer.

Can this be fixed by adding physical bandwidth? Sure can, as the data transfer hosts only have gig interfaces, if we upgrade the network path to 25 gig, all should be find. Unfortunately, what's the cost for that?

Or, if the data transfer truly only needs 200 Mbps, we can use QoS to manage our gig path's bandwidth, in different ways, to insure that data transfer doesn't cause erratic web app performance.

What happens when another and another large host to host data transfer happens? How much more bandwidth to you need to obtain to insure there's no oversubscription?

If there's oversubscription, QoS can often meet service requirements without the need for additional bandwidth. QoS can also often provide consistent performance rather than erratic performance.

Also unfortunately, many think QoS is only good for things like VoIP, where, yes, QoS is more or less required on many networks or it work well, but missed is how well other network applications can work with QoS being used.

I often tell, at one company I worked at, we had a remote site with two WANs E3 links, that during business hours were running at 100% flat out, all day long. You named it, we had that traffic on those links, but with QoS, all the traffic actual service need were met.

Or, same company, one of out core WAN routers rebooted itself and drop its QoS config. WAN engineer stated his phone was lit like a Christmas tree, with network complaints, until he restore the QoS config. (Yea, I guess if all our WAN links were 100G, perhaps no one would have complained, and we wouldn't have needed QoS, but start to compare costs - which most business also take a keen interest in.)

liviu.gheorghe · ‎03-06-2024

I agree with your assessment and also the scenarios presented, but they seem to me a little bit on the ideal side.

When I wrote the post, I was thinking of some cases when the business comes to you stating they have a congestion problem and they need to implement QoS. You try to design a QoS solution with them and you hit the first brick wall - the business not knowing what are the traffic flows and requirements in terms of bandwidth, delay, jitter and loss.

Then you hit your second wall - the business doesn't even make an effort to understand the concepts, I'm not talking about QoS specifics and configuration detail, and also doesn't want to wait to properly design and tweak the implemented QoS mechanisms.

So, you are faced with the analogy mentioned by @Elliot Dierksen forced to put 10 pounds of poo in a 5 pound bag :)) - you are told that all traffic is business critical and QoS should miraculously make it right which unfortunately is not possible in my opinion without the proper information.

Regards, LG
*** Please Rate All Helpful Responses ***