09-09-2020 07:55 AM
Hardware: C3560
About 8 months ago I started this position. Also I am very new to QoS configuration myself. I actually have not done any but I am trying to learn since we will be upgrading this switch next year. I have noticed on this switch some QoS configuration but I don't quite understand what it means. The current IT manager does not know either since he did not configure the networking. I see things like this in the switch:
mls qos map cos-dscp 0 8 16 26 32 46 48 56
mls qos srr-queue input bandwidth 90 10
mls qos srr-queue input threshold 1 8 16
mls qos srr-queue input threshold 2 34 66
mls qos srr-queue input buffers 67 33
mls qos srr-queue input priority-queue 2 bandwidth 30
mls qos srr-queue input cos-map queue 1 threshold 2 1
mls qos srr-queue input cos-map queue 1 threshold 3 0
mls qos srr-queue input cos-map queue 2 threshold 1 2
mls qos srr-queue input cos-map queue 2 threshold 2 4 6 7
mls qos srr-queue input cos-map queue 2 threshold 3 3 5
mls qos srr-queue input dscp-map queue 1 threshold 2 9 10 11 12 13 14 15
mls qos srr-queue input dscp-map queue 1 threshold 3 0 1 2 3 4 5 6 7
mls qos srr-queue input dscp-map queue 1 threshold 3 32
mls qos srr-queue input dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23
mls qos srr-queue input dscp-map queue 2 threshold 2 33 34 35 36 37 38 39 48
mls qos srr-queue input dscp-map queue 2 threshold 2 49 50 51 52 53 54 55 56
mls qos srr-queue input dscp-map queue 2 threshold 2 57 58 59 60 61 62 63
mls qos srr-queue input dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31
mls qos srr-queue input dscp-map queue 2 threshold 3 40 41 42 43 44 45 46 47
mls qos srr-queue output cos-map queue 1 threshold 3 5
mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 2 4
mls qos srr-queue output cos-map queue 4 threshold 2 1
mls qos srr-queue output cos-map queue 4 threshold 3 0
mls qos srr-queue output dscp-map queue 1 threshold 3 40 41 42 43 44 45 46 47
mls qos srr-queue output dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31
mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue output dscp-map queue 3 threshold 3 16 17 18 19 20 21 22 23
mls qos srr-queue output dscp-map queue 3 threshold 3 32 33 34 35 36 37 38 39
mls qos srr-queue output dscp-map queue 4 threshold 1 8
mls qos srr-queue output dscp-map queue 4 threshold 2 9 10 11 12 13 14 15
mls qos srr-queue output dscp-map queue 4 threshold 3 0 1 2 3 4 5 6 7
mls qos queue-set output 1 threshold 1 138 138 92 138
mls qos queue-set output 1 threshold 2 138 138 92 400
mls qos queue-set output 1 threshold 3 36 77 100 318
mls qos queue-set output 1 threshold 4 20 50 67 400
mls qos queue-set output 2 threshold 1 149 149 100 149
mls qos queue-set output 2 threshold 2 118 118 100 235
mls qos queue-set output 2 threshold 3 41 68 100 272
mls qos queue-set output 2 threshold 4 42 72 100 242
mls qos queue-set output 1 buffers 10 10 26 54
mls qos queue-set output 2 buffers 16 6 17 61
mls qos
Here is a interface that has some QoS config in it:
interface GigabitEthernet0/2
description Workstations and IP Phones
switchport access vlan 2
switchport mode access
switchport voice vlan 10
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
priority-queue out
mls qos trust cos
auto qos trust
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
I have entered show policy-map and show class-map and nothing comes up. I am still reading up and watching videos trying to understand with those configs above are actually doing. I see all these map queues, and threshhold values... what is actually being managed here? Voice? WEB? EMAIL? VLANS? I'm thinking it is at the interface level(?) since I do see some interfaces with QoS configs in it. If anyone can provide some insight it will be greatly appreciated.
09-09-2020 08:33 AM
The older Cisco switches' QoS is very much tied to the QoS hardware capabilities, often a small subset of what a Cisco router's QoS supports. However, the switch's QoS is wire-speed.
Difficult, briefly, to explain 3560/3750 QoS. You might start with Configuration Guide, for you IOS version, chapter on QoS. There's also some TechNote/WhitePaper that explain such QoS, better, that might be found on Cisco's web site.
09-09-2020 08:56 AM - edited 09-09-2020 09:04 AM
Hello @_Chris_ ,
QoS on LAN switches was platform dependent and this is the case of C3560.
In a nutshell a C3560 does not use modular QoS like routers and more modern switches ( C3650 , C3850 do for example) so you cannot see anything with a show policy-map interface command because the device does not use Modular QoS.
QoS on C3560 is more near the hardware level with two input queues and 4 output queues.
From a hiearchical point of view the commands can be seen in the following way:
a)
mls qos
this global command enables the QoS on the switch that by default is disabled.
b) global commands for various mappings
The C3560 is a multilayer switch the key concept here is the internal DSCP value that is associated to a packet.
The device can at the port level be configured to trust the received value or to set a new one.
However, the input queues and the output queues refer to OSI layer 2 CoS the three bits of 802.1p in 802.1Q header.
From this fact it derives a long list of mapping commands.
Each queue has different thresholds in terms of number of packets stored in the queue. This is called WTD weighted Tail Drop when going over a threshold a specific frame will be dropped.
mls qos srr-queue input cos-map queue 1 threshold 2 1
this command associates to queue 1 threshold 2 frames with CoS 1
a more complex mapping happens for DSCP values that are 6 bits wide
>> mls qos srr-queue input dscp-map queue 1 threshold 2 9 10 11 12 13 14 15
in this case DSCP values 9 to 15 are associated to input queue 1 threshold 2.
Similarly mappings happen for the output queues
mls qos srr-queue output dscp-map queue 1 threshold 3 40 41 42 43 44 45 46 47
the output queues can use SRR Shared round robin or shaped round robin or a combination of both.
The Shaped round robin applies an upper limit to the queue, shared round robin is totally elastic and the amount of traffic serviced depends on the ratio of the weights rather then their absolute values.
Actually the device supports two sets of output queues and this is handy for uplinks versus access ports.
c) see interface config
interface GigabitEthernet0/2
description Workstations and IP Phones
switchport access vlan 2
switchport mode access
switchport voice vlan 10
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
priority-queue out
mls qos trust cos
auto qos trust
macro description cisco-phone
This port at QoS level does the following:
in input it trusts the CoS settings that are seen on the voice vlan tagged frames
mls qos trust cos
in the output direction we see that
there is a priority queue enabled likely used for VOIP frames
prioroty-queue out
The SRR is a combination of shared and shaped round robin
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
likely queue 1 is the priority queue and will be serviced first and it also shaped.
Of the remaining queues queue 3 has 6 more times probability to be serviced then queue 2 and 3 times then queue 4.
Cisco introduced auto QoS as a way to help engineers when dealing with QoS on LAN switches.
To be honest if you are going to replace the device with a new one you will get modular QoS so the suggestion is to try to understand your QoS configuration but do not waste too much time on it.
Hope to help
Giuseppe
09-09-2020 09:50 AM
Thank you for your insight.
in a config like this:
interface GigabitEthernet0/2
description Workstations and IP Phones
switchport access vlan 2
switchport mode access
switchport voice vlan 10
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
priority-queue out
mls qos trust cos
auto qos trust
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
How are you able to tell that voice (vlan 10) is being prioritized over other traffic (vlan2)?
So now I understand why I am seeing such different ways to do QoS. What I am learning is current compared to this outdated way.
If I wanted to do QoS for video instead of voice on this switch how could I do that? I'm still trying to understand how the switch is "marking" the traffic I choose to prioritize.
09-09-2020 10:37 AM
Hi,
The config guide for your 3560 might be a good place to start your learning.
I have picked the popular 12.2.55 IOS version.
There is a good section at the start of this chapter "Understanding QoS"
Regards
Alex
09-09-2020 10:39 AM - edited 09-09-2020 10:40 AM
From what you've posted, cannot answer how particular traffic is tagged, which determines how it will be treated. Often VoIP devices tag traffic with CoS 5 and/or ToS DSCP EF. both of which, often get the best treatment. (On your device's posted config info, the first egress queue is getting PQ treatment, although shape limited too.
BTW, your device should support class and policy maps, but only for ingress port treatment. Egress port treatment determined by the 3560/3750 QoS statements. (BTW, the ingress queues Giuseppe mentions are not for edge ports, but for the "port" to the fabric [usually very rarely congested].)
Also BTW, 3560/3750 QoS can be somewhat difficult to understand, especially their egress buffer management.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide