QoS Layer 2

switched switch · ‎01-10-2014

Folks,

Our server admins replicated some VMs across between server 1 and server 2 (through a switch) and I believe saturated the 10Gb trunk link which caused connectivity issues for the end users to the servers. Our exchange dropped over to a backup server at another site as I guess it wasnt able to detect the online exchange because traffic was dropping.

Looking at the config on the switches, the servers are connected via etherchannels to the switches (2 x 10gb links) and I believe it saturated one of the links which caused issues temporarily.

There trunk ports between servers and switch are carrying multiple vlans and I suspect due to the lack of QoS setup on this switch that user traffic isnt given priority.

With no experience setting QoS up before, where do I begin?

Another question, if a etherchannel is two links with src-dst-ip setup as load balancing, I believe it wasnt using all bandwidth across both links because of this. This is normal behaviour, is it not?

Bhishma Khanna · ‎01-10-2014

Hi,

I think you have two main questions here:

1. The link is getting oversubscribed so you want to use QoS to use the bandwidth in a better way.

Answer: If you have not applied QoS yet and still the link is getting oversubscribed then even after applying QoS you would get output drops because QoS would only give priority to the prefered traffic.

But if you are facing oversubscription only after applying QoS then we have the option of tweaking the values of buffer and threshold.

2. The load balancing is set to src-dst-ip and sitll the whole bandwidth is not utilized.

Answer: It could be true because all the etherchannel load balancing algorithms do the load balancing on per interface basis. We cannot load balance on per packet basis.

This means that if you have 10 active interfaces sending traffic towards an etherchannel of two ports then the loadbalancing would be on the basis of number of interface and not (total number of packets/2)

I would suggest you to see the 5 minute input and output rate of the etherchannel interfaces and if they differ by a huge value then you may try different algorithms depending on your switch network.

Thanks.

Joseph W. Doherty · ‎01-10-2014

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

The issue you noted, very much might be mitigated by QoS. Something like replication traffic can often work fine deprioritized relative to most other traffic, including "normal" default traffic. Additionally, using relative prioritizations, rather than some artificial shaping or policing, generally allows some bandwidth heavy traffic, such as replication, to fully leverage all your available bandwidth; again without being adverse to other traffic.

Regarding Etherchannel load balancing, source/destination hash combos normally do well, using source/destination IP, when supported, often the best option.

Of course, traffic between two hosts will have the same IP, so all traffic will flow across the same path. Some switches, also allow port (UDP/TCP) numbers to be included in the hash, but this often doesn't help when there's just one very busy flow. If the switches do support port hashing, you might work with your server folk to determine if huge replication transfers might be split into multiple flows.

switched switch · ‎01-10-2014

Thank you Joseph and Bhishma.

The vMotion traffic is on vlan 12 and the user traffic is on vlan 8. Can I say setup prioritization for all traffic beside traffic using vlan 12 vMotion?

Or is there a better alternative. One can never trust server admins to do the right thing!

Joseph W. Doherty · ‎01-10-2014

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Sure you set prioritization for all traffic besides your vMotion, but sometimes it's easier to deprioritize some traffic rather than prioritizing most traffic. Also, if you do start to set up QoS, it's best to work from a multiclass model, and decide where different traffic types should map into it. (Basically, most QoS models have a default class, so you can leave most traffic there, and selectively prioritize or deprioritize relatively to default.)

switched switch · ‎01-11-2014

THanks Joesph,

I had a search around for depriortize as a keyword for some good reading material and not having a lot of luck. Could anyone at all assist in where to look or an example?

Thanks in advance..

Joseph W. Doherty · ‎01-11-2014

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Look for "scavenger" and DSCP usage of CS1.

Such traffic class is deprioritzed relative to default, although don't get hung up on recommend usage of "scavenger". The importance of the concept is traffic that's treat less than best effort.

switched switch · ‎01-17-2014

Hi All,

How does the below look?

class-map match-any vMotion

match vlan 12

policy-map SetvMotion

class class-default

set dscp cs1

policy-map parent-policy

class vMotion

service-policy SetvMotion

interface te2/1/1

switchport trunk allowed vlan 12,8

switchport mode trunk

service-policy input parent-policy

Joseph W. Doherty · ‎01-18-2014

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

I'm unsure, as much depends on the platform (especially switches) and/or IOS version.

From what you do have, don't see why you would need a two level policy.

I.e. perhaps:

class-map match-any vMotion

match vlan 12

policy-map parent-policy

class vMotion

set dscp cs1

interface te2/1/1

switchport trunk allowed vlan 12,8

switchport mode trunk

service-policy input parent-policy

If the above works, it still only marks your traffic.