cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
35573
Views
78
Helpful
120
Replies

Ask the Expert: QoS on Catalyst Switches.

ciscomoderator
Community Manager
Community Manager

With Shashank Singh  and Read the bioRead the bio

Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn from Cisco experts Shashank Singh and Sweta Morga about implementation and working and troubleshooting QoS on Cisco Catalyst 2960, 3650, 3750, 4500 and 6500 switches.

Shashank Singh  graduated in 2009 with a bachelor's degree in Computer Science and Engineering from VIT University, Vellore India. Prior to joining Cisco he worked at General Electric as a software engineer. Later on he joined the Cisco Technical Assistance Center as an engineer in October of 2009. He has been working on LAN Switching technologies in TAC since then. Shashank also holds a CCNP certificate. QoS on Catalyst switches is one of the areas of his interest.

Sweta Mogra is a Computer Science & Engineering graduate from VIT University, India. She has worked as a consultant with Tata Consultancy Services before joining Cisco's Technical Assistance Center (TAC) in 2011. She is currently working on LAN Switching technologies and QoS as one of her areas of expertise.

Remember to use the rating system to let Shashank and Sweta know if you have received an adequate response. 

Shashank and Sweta might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Network Infastructure sub-communityLan Switching forum shortly after the event. This event lasts through June 1, 2012. Visit this forum often to view responses to your questions and the questions of other community members.

120 Replies 120

Hi Shashank,

Thanks for the response.

You see here, as per the configuration, it will be something like 3 Mbps for Voice and 4 Mbps for Video. Does the switch rate-limit the voice and video traffic to these values ? ie. Whether the switch will drop the voice packets if it crosses 3 Mbps?

Thanks,

Manu

Hi Manu,

The WRR weights are used to partition the bandwidth between the queues if all queues are nonempty. If one or more queues are empty, that bandwidth will be shared between queues experiencing congestion.

Voice traffic will be dropped beyond 3 mbps only if no other queue is empty, else bandwidth will be borrowed as and when required.

Regards,

Shashank

Hi Shashank,

Thanks for the swift response. Got it.

Thanks,

Manu

manumohan200
Level 1
Level 1

Hi  Shashank/Sweta,

Catalyst Switches uses hardware queues not software queues.

Question 1: That means the QoS packet need not go to  the CPU at all, right?

Question 2: Does that mean that, whatever the egress queueing we do, that will be hardcoded into all the individual ports automatically as soon as I configure those commands? Or it is like fast Switching, where first few packets go to CPU and remaining will be switched in the interface itself?

Question 3: What does PFC exactly does in 6500 Engines. If the individual line cards has hardware queues, what additional capability does PFC offer in these switches?

Question 4:  In 3750 Switches, if I give the following commands in a Fast Ethernet port:

srr-queue bandwidth share 1 70 25 5

srr-queue bandwidth shape  30  0  0  0

priority-queue out

Consider I have mapped Voice traffic to the priority queue no.1.

Does this means the Voice traffic gets dropped if it's more than 30 Mbps. Or the drop will happen only in case of congestion?

Thanks,

Manu

Hi Manu,

Please find the answers inline:

Question 1: That means the QoS packet need not go to  the CPU at all, right?

All Cisco Catalyst switches perform QoS in dedicated hardware ASICs and do not use their main CPUs to process any of the QoS configurations.

Question 2: Does that mean that, whatever the egress queueing we do, that will be hardcoded into all the individual ports automatically as soon as I configure those commands? Or it is like fast Switching, where first few packets go to CPU and remaining will be switched in the interface itself?

They will be hardcoded as soon as you apply them.

Question 3: What does PFC exactly does in 6500 Engines. If the individual line cards has hardware queues, what additional capability does PFC offer in these switches?

In 6500 switches, the heart of QoS functionality resides on the PFC. The buffering is done on the port asics but all the actual decisions are taken by PFC, that's why we call it PFC qos. Please find list of QoS processes performed on 6500:

Input Scheduling—Done by port ASICs. Layer 2 only, with or without a Policy Feature Card (PFC).

Classification—Done by Supervisor or by PFC via the access control list (ACL) engine. Layer 2 only, without a PFC; Layer 2 or Layer 3 with a PFC.

Policing—Done by PFC via the Layer 3 forwarding engine. Layer 2 or Layer 3 with a PFC (required).

Packet Re-write—Done by port ASICs. Layer 2 or Layer 3 based on classification done previously.

Output Scheduling—Done by port ASICs. Layer 2 or Layer 3 based on classification done previously.

Question 4:  In 3750 Switches, if I give the following commands in a Fast Ethernet port:

srr-queue bandwidth share 1 70 25 5

srr-queue bandwidth shape  30  0  0  0

priority-queue out

Consider I have mapped Voice traffic to the priority queue no.1.

Does this means the Voice traffic gets dropped if it's more than 30 Mbps. Or the drop will happen only in case of congestion?

When you enable “priority-queue out” on an interface, it turns queue 1 into priority queue, and scheduler does not take into account the queue’s weight for calculations. Priority Queue will ignore shaped mode settings as well. 100% of the bandwidth will be used by queue 1.

Regards,

Sweta

Hi Sweta,

Thanks for the replies. It really helped.

Regarding the final question regarding the shape and share command:

1) So queue1 being a priority queue, there is no difference if we give he value "30" or "1"  in the "bandwidth shape" command.  Both should have the same effect, right?

2) If there is no traffic in queue 1, hope the remaining traffic will share the bandwidth as per the "bandwidth share" command.

Thanks,

Manu

manumohan200
Level 1
Level 1

Hi Shashank/Sweta,

In one of the previuos post, I could see that you have mentioned that we can do either "trust cos" or "trust dscp" and the end result will be same, since the switch will automatically do a "cos-dscp" mapping.

But if I am using "trust dscp", will it add additional overhead to the Switch because each and every packet, I need to check in the IP header than the L2 header?

Thanks,

Manu

sg_network
Level 1
Level 1

Hi All,

1st question,

We have Avaya iptel in Campus with VSS...

None of links between VSS are fail yet since deployment..

My question are...

1) if packet cross VSL link during uplink fail.. what happen to voice payload packet (FE)  at dscp reach other side of VSS? Still can maintain FE?

2) when VSL link will support dscp instead of cos?

Let assume config as follows,

1) mls qos turn on only with default setting.

2) VSL are configure one at Sup720 and another one at 6708 port. ( two links as one VSL)

3) we have mls qos trust dscp at uplink/downlin with three tiers model.

4) phone at access side and another phone at other side of access side through VSS.

2nd question,

we have ipv6 test network in campus with ipsoft phone

but the call manager is still using ipv4 at Server Farm..

currently we are using ASR NAT64 function to reach ipv6 client to ipv4 call manager via NAT64 translation.

my question is,

1) what will happen Voip FE Qos for ipv6 after ASR64 translation?

2) Qos can be maintain End to End?

3rd queston,

If I am not wrong, At 3750 Model, There are two types of map for egress;

Dscp-outputq-threshold map and Cos-outputq-threshold map:

If we configure as mls qos trust dscp at port g0/1

which one will affect? Dscp-outputq-threshold map will activate?

Thanks,

John

lyiangou
Level 1
Level 1

I always thought it is harmless and transparent to configure QoS on a catalyst switch. Last week we configured QoS on every Catalyst switch in a network with 4510s sup-7, sup-6, sup V, 6509s, 3750s, and Nexus 7018s with the help of a Cisco AS expert and nothing went smooth as originally thought. At first it was very hard to apply policy maps on interfaces using the range commands. We had to try multiple times before it accepts the command. Secondly one switch reloaded when we applied the policy map on interface vlan. Also 2 days later one switch would not let us login, and also on nexus 7018 one module reloaded without any reason. I do not think is a coincidence that we had those issues right after the deplyment of QoS.

The moral of the story is that don't take QoS configuration lightly and make sure you do those after hours and be prepared for multiple issues. QoS configurations are not Harmless.

Thanks

wandersen
Level 1
Level 1

Hello,

I'm building an enterprise MPLS tag switching network using Cat 6500 with Sup-2Ts and 6908 line cards.  We're running 15.0SY IOS.

I'm basing my QoS policies on the MediaNet 4.0 documents.

On CE to PE connections between the 6500s, I understand that the EXP bits are automatically copied from the ToS bits (Per MPLS documentation in Config guide).  On the PE to PE connections, how do you set the trust value to queue off of the EXP field?

Here is a short config snippet I'm starting with.

!global commands

auto qos default

platform qos 10g-only

!interface commands

interface Te1/4

platform qos queue-mode mode-dscp

platform qos trust

wrr-queue queue-limit 10 25 10 10 10 10 10

wrr-queue bandwidth 1 25 4 10 10 10 10

priority-queue queue-limit 15

...

rcv-queue queue-limit 10 25 10 10 10 10 10 15

rcv-queue bandwidth 1 25 4 10 10 10 10 30

...

I have wrr-queue dscp-maps configured.  In addition have rcv-queue dscp-maps configured.

Thanks

Hi Wanderson,

On the PE to PE connections, how do you set the trust value to queue off of the EXP field?

If you meant QoS on P routers performing label swithcing, exp-dscp map is used to caluculate an equivalent internal dscp which is used for egress queueing of the packet.

6500#sh mls qos maps exp-dscp

   Exp-dscp map:

         exp:   0  1  2  3  4  5  6  7

        ----------------------------------------

        dscp:   0  8 16 24 32 40 48 56

Regards,

Shashank

Hello Shashank,

Thank you for the reply.  You answered my question on queuing on the output port queues.

I have a follow-up question on how to properly classify and enqueue on the input port queues.  On the PE to PE links, how would you need to configure the port trust so that the LSP frame could be enqueued in the receive queues (8q4t in my case)  properly?

I've divided my receive queues on the 6500 6908 card as follows:

rcv-queue queue-limit 10 25 10 10 10 10 10 15

rcv-queue bandwidth 1 25 4 10 10 10 10 30

The interface trust is configured as follows (not sure if this is correct on the PE to PE link)

platform qos trust

Thanks!

Ward Andersen

Hi Ward,

'platform qos trust' may be used to appy qos based on the dscp marking on the incoming packet. If you intend to use the mpls exp instead, 'platform qos mpls trust experimental' may be configured at the interface level.

mpls exp to queue-threshold mapping can be seen using the command 'sh queueing intreface gix/y'.

Regards,

Shashank

hi

can any one help how to build home network of ip phone with simple idea no need for advance network just to connect them to have call using switch ,ip phone etc...

Frank Osberg
Level 4
Level 4

Hi all,

 

OK I am facing a bit of a wired issue. :) We have started to use the new C9300 switches, but I am having a hard time getting my QoS for my Voice etc to work correctly.

 

I have this policy map, and class-map on my switch.


class-map match-all IN-VOICE-SIG
 match ip dscp cs3

class-map match-all IN-MULTIMEDIA-CONFERENCING
 match ip dscp cs4  af41

class-map match-all OUT-CITRIX-OUT-VOICE-SIG
 match ip dscp af31
class-map match-all OUT-VOICE
 match ip dscp ef
class-map match-all IN-CITRIX
 match access-group name IN-CITRIX
class-map match-all IN-VOICE
 match ip dscp ef
!

policy-map OUT-QUEUEING
 class OUT-VOICE
  priority level 1 percent 20
  queue-buffers ratio 5
 class OUT-MULTIMEDIA-CONFERENCING
  bandwidth remaining percent 40
  queue-buffers ratio 10
 class OUT-CITRIX-OUT-VOICE-SIG
  bandwidth remaining percent 40
  queue-buffers ratio 10
 class class-default
  bandwidth remaining percent 20
  queue-buffers ratio 40

!

policy-map IN-MARKING
 class IN-VOICE
  set dscp ef
 class IN-MULTIMEDIA-CONFERENCING
  set dscp af41
 class IN-CITRIX
  set dscp af31
 class IN-VOICE-SIG
  set dscp af31
 class class-default
  set dscp default

 

On my office port where my laptops and cisco phones are connected I got the following config:

interface GigabitEthernet1/0/16
 description OFFICE
 switchport mode access
 switchport voice vlan 10
 switchport port-security maximum 2
 switchport port-security violation restrict
 switchport port-security aging time 2
 switchport port-security aging type inactivity
 switchport port-security
 spanning-tree portfast
 spanning-tree bpduguard enable
 service-policy input IN-MARKING

 

and on my WAN port I got this config:

interface GigabitEthernet1/0/24
 description WAN PRIMARY
 switchport mode trunk
 logging event link-status
 logging event trunk-status
 logging event bundle-status
 spanning-tree portfast trunk
 spanning-tree bpdufilter enable
 service-policy output OUT-QUEUEING
 ip dhcp snooping trust

 

So I can when I do a show policy-map interface g1/0/16 that we are getting hits on the given rules here, but on my WAN port the traffic is not been marked correctly since I dont have any this on the given rules.

 

Interface g1/0/16 - show policy-map

 

 GigabitEthernet1/0/16

  Service-policy input: IN-MARKING

    Class-map: IN-VOICE (match-all)
      1022226 packets
      Match: ip dscp ef (46)
      QoS Set
        dscp ef

    Class-map: IN-MULTIMEDIA-CONFERENCING (match-all)
      0 packets
      Match: ip dscp cs4 (32) af41 (34)
      QoS Set
        dscp af41

    Class-map: IN-CITRIX (match-all)
      5977066 packets
      Match: access-group name IN-CITRIX
      QoS Set
        dscp af31

    Class-map: IN-VOICE-SIG (match-all)
      385210 packets
      Match: ip dscp cs3 (24)
      QoS Set
        dscp af31

    Class-map: class-default (match-any)
      143604 packets
      Match: any
      QoS Set
        dscp default

 

So all is OK here, traffic are marked correctly.

 

But on my WAN Port where I have my given service-policy I don´t see any traffic for EF class

 

GigabitEthernet1/0/24

  Service-policy output: OUT-QUEUEING

    queue stats for all priority classes:
      Queueing
      priority level 1

      (total drops) 0
      (bytes output) 3407745377

    Class-map: OUT-VOICE (match-all)
      0 packets
      Match: ip dscp ef (46)
      Priority: 20% (20000 kbps), burst bytes 500000,

      Priority Level: 1
      queue-buffers ratio 5

    Class-map: OUT-MULTIMEDIA-CONFERENCING (match-all)
      0 packets
      Match: ip dscp af41 (34)
      Queueing

      (total drops) 0
      (bytes output) 0
      bandwidth remaining 40%
      queue-buffers ratio 10

    Class-map: OUT-CITRIX-OUT-VOICE-SIG (match-all)
      0 packets
      Match: ip dscp af31 (26)
      Queueing

      (total drops) 0
      (bytes output) 3115140171
      bandwidth remaining 40%
      queue-buffers ratio 10

    Class-map: class-default (match-any)
      0 packets
      Match: any
      Queueing

      (total drops) 0
      (bytes output) 5065289206
      bandwidth remaining 20%
      queue-buffers ratio 40

 

So what have I done wrong here??

 

I am running version 16.6.1 version on my switch.

 

Hope somebody can help me out here. :)

 

Frank

 

 

 

 

Review Cisco Networking for a $25 gift card