MPLS QoS

The Quality of Service (QoS) has become more popular than past few years, because of high-bandwidth and delay sensitive applications. QoS is prioritizing more important data over less important traffic. There are two ways to implement QoS in an IP network: IntServ and DiffServ. Internet is operating based on best-effort model.

As the DiffServ model does not require a signaling protocol such as RSVP, it’s more popular or better to say the only applicable model in today’s networks. (Although we use RSVP in MPLS TE for path signaling and reservation).

IETF in RFC 3270 has recommended three QoS models for DiffServ tunneled traffic in MPLS networks:

• Pipe model
• Short Pipe model
• Uniform model

The Pipe and Short Pipe models are almost the same: They do not change IP ToS of customers data at all. They might change the EXP field in the path (EXP of MPLS Label) but the IP header QoS field remains unchanged. The Pipe model performs forwarding/discarding/scheduling based on EXP at the egress LSR while the Short Pipe model does that based on IP ToS. Because in the Short pipe model there might be no label at all. (remember PHP operation – Penultimate-Hop Popping)

In the Uniform model, there’s no guarantee that ToS of customers packet remains intact, but the EXP and IP ToS fields of a data packet will always show the same thing. It means if the provider changes the EXP header, that will be copied later to the IP ToS field at the egress point.

IOS Default Behavior:

In short IOS does not change your QoS in the path if you don’t change it. 

        Imposition – Copy TOS bits to EXP (TOS Reflection) when adding labels by ingress LSR.
        Swap – Copy EXP from old label to new label.
        Disposition – Do NOT Copy EXP from label to IP.

Configuration

Label to Label (on PHP) sets EXP 5 (if top is 5) after disposing the top label:

     class-map match-all in1
      match mpls experimental topmost 5
     class-map match-all out1
      match qos-group 5
    !
     policy-map in1
      class in1
       set qos-group mpls experimental topmost
     policy-map out1
      class out1
       set mpls experimental topmost 5
    !
    interface Ethernet0/0
     service-policy input in1
    !
    interface Ethernet0/1
     service-policy output out1
    !

Label to IP (on PE) sets precedence 5 (if top is 5) after popping the label:

         class-map match-all in1
          match mpls experimental topmost 5
         class-map match-all out1
          match qos-group 5
        !
         policy-map in1
          class in1
           set qos-group mpls experimental topmost
         policy-map out1
          class out1
           set ip precedence 5
        !
        interface Ethernet0/0
         service-policy input in1
        !
        interface Ethernet0/1
         service-policy output out1

Scenario

In this sceniaro based on the service provider’s policy, the EXP value is changed in the path and is copied to inner label by P router. At the egress LSR, the EXP value is copied to the DSCP. (Uniform model)

Ingress PE:

!
policy-map out1
  class class-default
   set mpls experimental topmost 7
policy-map in1
  class class-default
   set mpls experimental imposition 3
!

P:


!
class-map match-any in1
  match mpls experimental topmost 0  1  2  3  4  5  6  7
class-map match-any out1
  match qos-group 0
  match qos-group 1
  match qos-group 2
  match qos-group 3
  match qos-group 4
  match qos-group 5
  match qos-group 6
  match qos-group 7
!
policy-map in1
  class in1
   set qos-group mpls experimental topmost
policy-map out1
  class out1
   set mpls experimental topmost qos-group
!

Egress PE:

!
class-map match-any in1
  match mpls experimental topmost 0  1  2  3  4  5  6  7
class-map match-any out1
  match qos-group 0
  match qos-group 1
  match qos-group 2
  match qos-group 3
  match qos-group 4
  match qos-group 5
  match qos-group 6
  match qos-group 7
!
policy-map in1
  class in1
   set qos-group mpls experimental topmost
policy-map out1
  class out1
   set precedence qos-group
!

To see the differences between the Uniform model and the Pipe model. As mentioned earlier in the Part one of MPLS Quality of Service, the Pipe model does not change customer marking (IP TOS – DSCP). So in the following example, we will see that the provider is able to change the EXP marking but will not change the packet marking in the end. Provider also performs QoS tasks (even at the egress LSR) based on EXP and MPLS QoS marking, not based on IP header properties (Short-pipe model is different in this case).

As depicted in the above picture, egress PE is configured to send an Explicit Null to the P router. In this case the egress PE will be able to see transport label EXP field as well as VPN label EXP field.

R1(config)#mpls ldp explicit-null


R0#show mpls forwarding-table Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop   
tag    tag or VC   or Tunnel Id      switched   interface             
16     Pop tag     3.3.3.3/32        0          Et0/0      192.168.30.3
17     0           1.1.1.1/32        137        Et0/1      192.168.10.1

In this case, on R0 (the P router) we don’t need to copy EXP from topmost label (received from R3) to the topmost transport label sent to R1, because the Explicit Null (label 0) maintains the EXP bit. This is only one example for practicing purpose and learning the MPLS QoS feature. In this example, we like to perform our marking on the topmost label and not rely on the second label, to demonstrate explicit-null feature. The Uniform and the Pipe models difference is not in the ingress part but in the egress: to save or not to save the customer marking on the IP packet.

Configuration

Ingress PE: !
access-list 110 permit icmp host 5.5.5.5 host 6.6.6.6
!
class-map match-any in1
  match access-group 110
class-map match-any out1
  match qos-group 7
!
policy-map in1
  class in1
   set mpls experimental imposition 3
   set qos-group 7
policy-map out1
  class out1
   set mpls experimental topmost 7
!
R3#sh policy-map interface e0/0
Ethernet0/0
  Service-policy output: out1
    Class-map: out1 (match-any)
      10 packets, 1220 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: qos-group 7
        10 packets, 1220 bytes
        5 minute rate 0 bps
      QoS Set
        mpls experimental topmost 7
          Packets marked 10
    Class-map: class-default (match-any)
      28 packets, 11442 bytes
      5 minute offered rate 3000 bps, drop rate 0 bps
      Match: any
P:
no configuration!

Egress PE:
!
class-map match-all in1
  match mpls experimental topmost 7
class-map match-all out1
  match qos-group 7
!
!
policy-map in1
  class in1
   set qos-group 7
policy-map out1
  class out1
   priority 256
  class class-default
   shape average 500000
!
R1#sh policy-map interface e0/1
Ethernet0/1
  Service-policy output: out1
    Class-map: out1 (match-all)
      10 packets, 1140 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: qos-group 7
      Queueing
        Strict Priority
        Output Queue: Conversation 264
        Bandwidth 256 (kbps) Burst 6400 (Bytes)
        (pkts matched/bytes matched) 0/0
        (total drops/bytes drops) 0/0
    Class-map: class-default (match-any)
      20 packets, 2080 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any
      Traffic Shaping

Why there is no configuration on P LSR? Because IOS by default maintains your EXP and as long as PE LSR requesting Explicit Null, the topmost label is kept and contains EXP value of incoming labeled packet. (there’s no label disposition on the P LSR – R0)

WRR (Weighted Round Robin) vs SRR (Shared / Shaped Round Robin)

WRR (Weighted Round Robin), but in practice, SRR has been gradually more and more of the Switch platforms in use, including WRR and SRR is the biggest difference is that they both use the weights but Scheduling in different ways.
The following map was concerned (aside consideration of Strict Priority Queue), if it is to use WRR, then, Queue 3 the weight of 4, so every one can also send four packets; Queue 2 the weight of 2, so every one can simultaneously send two packets; Queue 1 weight 1, so each time can send a packet.
So Q3, Q2, Q1 out of a packet each, followed by Q3, Q2 out of a packet each, followed by Q3 the two packets, like this be considered as one.

Therefore, the benefits of SRR is very mean to each Queue interlude before sending the packet into the FIFO Queue (Hardware Queue), rather than as a clearing WRR weight for each share of Queue number of packets, so the results will let down the different sub- Queue packet scheduling in a more smooth, not crowding each other.

SRR is a scheduling service for specifying the rate at which packets are dequeued. With SRR there are two modes, Shaped and Shared (default).

Shaped mode is only available on the egress queues. Shaped egress queues reserve a set of port bandwidth and then send evenly spaced packets as per the reservation.

 Shared egress queues are also guaranteed a configured share of bandwidth, but do not reserve the bandwidth. That is, in Shared mode, if a higher priority queue is empty, instead of the servicer waiting for that reserved bandwidth to expire, the lower priority queue can take the unused bandwidth.

Neither Shaped SRR nor Shared SRR is better than the other. Shared SRR is used when one wants to get the maximum efficiency out of a queuing system, because unused queue slots can be used by queues with excess traffic. This is not possible in a standard Weighted Round Robin (WRR). Shaped SRR is used when one wants to shape a queue or set a hard limit on how much bandwidth a queue can use. When one uses Shaped SRR one can shape queues within a ports overall shaped rate.

As stated earlier, SRR differs from WRR. With WRR, queues are serviced based on the weight. Q1 is serviced for Weight 1 period of time, Q2 is served for Weight 2 period of time, and so forth. The servicing mechanism works by moving from queue to queue and services them for the weighted amount of time.

With SRR weights are still followed; however, SRR services the Q1, moves to Q2, then Q3 and Q4 in a different way. It doesn't wait at and service each queue for a weighted amount of time before moving on to the next queue . Instead, SRR makes several rapid passes at the queues, in each pass, each queue may or may not be serviced. For each given pass, the more highly weighted queues are more likely to be serviced than the lower priority queues. Over a given time, the number of packets serviced from each queue is the same for SRR and WRR. However, the ordering is different.

With SRR, traffic has a more evenly distributed ordering. With WRR one sees a bunch of packets from Q1 and then a bunch of packets from Q2, etc. With SRR one sees a weighted interleaving of packets.

SRR is an evolution of WRR that protects against overwhelming buffers with huge bursts of traffic by using a smoother round-robin mechanism.

Reference URL:
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps5023/prod_white_paper09186a00801b096a.html

Junos - Class-of-Service Operational Mode Quick Commands

Following are the few commands related to JUNOS COS and these are quite useful for preparing for the JNCIE exam or even for troubleshooting the COS issues in the production network.
Below summarizes the command-line interface (CLI) commands you can use to monitor and troubleshoot class of service (CoS).

Task	Command
Display the entire CoS configuration, including system-chosen defaults.	show class-of-service
(J-series routing platform only) Display trigger points and associated rates for CoS adaptive shapers.	show class-of-service adaptive-shaper
For each CoS classifier, display the mapping of code point value to forwarding class and loss priority.	show class-of-service classifier
Display the mapping of CoS code point aliases to corresponding bit patterns.	show class-of-service code-point-aliases
Display data points for each CoS random early detection (RED) drop profile.	show class-of-service drop-profile
(M320 routers and T-series routing platforms only) Display the mapping of CoS schedulers to switch fabric traffic priorities and a summary of scheduler parameters for each priority.	show class-of-service fabric scheduler-map
(M320 routers and T-series routing platforms only) Display CoS switch fabric queue statistics.	show class-of-service fabric statistics
Display the mapping of forwarding class names to queue numbers.	show class-of-service forwarding-class
Display entire CoS configuration as it exists in the forwarding table.	show class-of-service forwarding-table
Display the mapping of code point value to queue number and loss priority for each classifier as it exists in the forwarding table.	show class-of-service forwarding-table classifier
For each logical interface, display either the table index of the classifier for a given code point type or the queue number (if it is a fixed classification) in the forwarding table.	show class-of-service forwarding-table classifier mapping
Display the data points of all random early detection (RED) drop profiles as they exist in the forwarding table.	show class-of-service forwarding-table drop-profile
(M320 routers and T-series routing platforms only) Display the scheduler map information as it exists in the forwarding table for switch fabric.	show class-of-service forwarding-table fabric scheduler-map
(J-series routing platform only) Display the mapping of code point value to loss priority as it exists in the forwarding table.	show class-of-service forwarding-table loss-priority-map
(J-series routing platform only) For each logical interface, display the loss priority table index.	show class-of-service forwarding-table loss-priority-map mapping
Display mapping of queue number and loss priority to code point value for each rewrite rule as it exists in the forwarding table.	show class-of-service forwarding-table rewrite-rule
For each logical interface, display the table identifier of the rewrite rule map for each code point type.	show class-of-service forwarding-table rewrite-rule mapping
For each physical interface, display the scheduler map information as it exists in the forwarding table.	show class-of-service forwarding-table scheduler-map
For Adaptive Services (AS) PIC link services IQ interfaces (lsq) only, display fragmentation properties for specific forwarding classes.	show class-of-service fragmentation-map
Display the logical and physical interface associations for the classifier, rewrite rules, and scheduler map objects.	show class-of-service interface
Display the configured shaping rate and the quality of service (QoS) adjusted shaping rate for each logical interface set configured for hierarchical class of service (CoS).	show class-of-service interface-set
(J-series routing platform only) Display mapping of code point value to loss priority.	show class-of-service loss-priority-map
Display the mapping of forwarding classes and loss priority to code point values.	show class-of-service rewrite-rule
(M-series and T-series routing platforms only) Display mapping of CoS objects to routing instances.	show class-of-service routing-instance
Display mapping of schedulers to forwarding classes and a summary of scheduler parameters for each entry.	show class-of-service scheduler-map
For Gigabit Ethernet IQ and Channelized IQ PICs only, display traffic shaping and scheduling profiles.	show class-of-service traffic-control-profile
(J-series routing platform only) Display virtual channel information.	show class-of-service virtual-channel
(J-series routing platform only) Display virtual channel group information.	show class-of-service virtual-channel-group

Rate limit OR traffic shaping

Rate limit or shaping is always confusing; as to which one to use.

• The goal of traffic shaping is hard-limiting of sending rate, while the purpose of rate-limiting is usually admission control based on burst sizes.
• Traffic shaping hard-forces “fixed” sending rate, absorbing and smoothing incoming packet bursts.
• Rate-limit never smoothes but propagates incoming bursts, up to the limit allowed.
• Rate-limiting drops (or marks) exceeding traffic, while traffic shaping queues and delays packets.

This dropping behavior has serious implications on TCP-based applications, like you would never see 256Kbps for TCP flows with your configuration.Traffic-shaping is much more resource-consuming procedure, than rate-limiting. Traffic-shaping is based on leaky-bucket algorithm (time-quantum based), while rate-limiting uses token-bucket (continuous flow). Therefore traffic-shaping changes timing behavior of the flow (jitter, delay) whilte rate-limiting does not.