gurfin / ENCOR #10 - QoS

Created Mon, 17 Mar 2025 14:45:00 +0100 Modified Sat, 22 Mar 2025 22:32:53 +0000
1371 Words
ENCOR

Quality of Service (QoS) is a technology that you hope you never need to use, but when you do, it’s really handy!

The core principal of QoS is to allow us to affect the network resource allocation based on the given service and it’s requirements. QoS is a technology that only becomes relevant when you have a network that is strained in one or more of the following ways:

  • Insufficient bandwidth
  • Jitter or latency
  • Packet loss

In situations where you are not experiencing the aforementioned issues, QoS will not bring any benefit to your network. That being said, it is important to acknowledge that QoS is only the reasonable solution for short intervals of congestion for example. If you always have congestion in your network, then the correct solution is not QoS, but rather increasing your networks bandwidth.

The goal of QoS is to allow you to decide which traffic is more important to you and thus allowing the network devices to take necessary actions to maintain the highest level of integrity possible for your most critical traffic. Is does this in three steps:

1. Classification

This step is all about identifying the different groupings of network flows. Let’s say for example that you want to prioritize VoIP traffic above all other flows. In that case you would need to first classify the traffic you want to treat. This is ideally done as close to the source of the traffic as possible.
In Cisco IOS this is done through the use of class-map.

2. Marking

Once you have classified a particular flow, using whatever parameters you choose, then you should ideally mark it. This is to allow for easier identification of the type of treatment that should be applied, resulting in less processing needed for the actual classification. This step should, of course, be done in conjunction with the initial classification of traffic.
In Cisco IOS this is done through the use of policy-map.

3. Treatment

This is the final step of the QoS procedure, actually applying the treatment that we have defined. This is also done using the policy-map however, you must also tie this policy-map to a specific interface for it to be used. When doing this you must also specify a direction for the traffic flow: input or output.
This is done using the service-policy command under the relevant interface.

Methods for QoS

There are three methods in which you can perform QoS:

  • Best effort - Default, uses FIFO
  • Integrated Services (INTSERV)
  • Differentiated Services (DIFFSERV)

We will be ignoring Best effort, since that is the default behavior of our network devices and instead focus on the remaining two.

INTSERV

Integrated Services or INTSERV is an older way of doing QoS, where each host will request the desired bandwidth towards a particular destination. All INTSERV devices in the path will then maintain state, ie. store data about the session, in order to guarantee a given amount of bandwidth. If this bandwidth requirement is to be bidirectional, then the path reservation packet must be sent in the opposite direction as well.
The protocol that is used to handle this notification from the hosts into the network devices and the process used to maintain the state on the network devices is known as Resource Reservation Protocol (RSVP) and the packets sent to reserve a resources along the forwarding path is known as a RSVP reservation request (RSVP RESV).

The issue with INTSERV becomes apparent when you try to scale a network based on INTSERV. The burden of keeping state on all network devices along the forwarding path is too great when the network becomes to large. Therefore, INTSERV is rarely used today, with people opting for DIFFSERV in stead.

DIFFSERV

Differentiated Services or DIFFSERV solves some of the problems with INTSERV by allowing you to tweak and customize how your network resources are to be used. It also does not require the routers in the path to keep state of the assigned bandwidth, but rather marks each packet or frame with the appropriate class and that marking then allows each network device along the path to read this marking and apply the correct traffic treatment to that packet.

This method is more commonly used since it scales a lot better. Now, there are, of course, different ways to configure a DIFFSERV QoS network. Classification can be done on different levels of the OSI-model.

Layer 1

Classification can be done based on the ingress interface of the device.

This is how you can create a class-map to match on input-interface for a Cisco IOS XE device:

class-map match-all testing
 match input-interface Vlan10

Layer 2

Here we can use the MAC-address or on previously marked frames by looking at the COS bits of the frame.

class-map match-all testing
 match source-address mac 0011.2233.4455

Layer 3

Here we have a few more options. Of course we can always use an access-list and match on source and destination IP-address, but we are also able to look at previously marked packets.
When matching on L3 marked packets there are two types of markings that could be used: 1) IP Precedence (IPP) and 2) Differentiated Services Code Point (DSCP), where the first is older and the second is the newer more capable version. Both methods use the so called TOS-bits of the packet which is a total of 8 bits, where IPP uses only 3, while DSCP uses 6 bits.

Layer 4

You can also do classification through TCP/UDP ports.

Layer 7

If you need more granular filtering of your network traffic you can use the Network Based Application Recognition 2 (NBAR2) protocol. This allows the network device to look at the signature of the L7 data and recognize what type of application it is.

Taking action

When you have classified you traffic you must take action based on that classification. There are two types of methods for treating traffic. These allow the router to intelligently discard the lower priority packets before the interface output buffers are filled.

If the buffers are filled on an interface, then packets will be dropped without the router being able to properly analyze them. This in known as tail-drop and it is specifically what QoS is designed to combat.

In order to allow the router to queue or drop the appropriate packages you must use either a shaping policy or a policing policy the former meaning that overflowing packets are put into the buffer, while the latter means that overflowing packets will be dropped.

Ok great, now that you’ve selected a method, the next step is to select how your traffic should be prioritized. Again, there are different methods for different purposes:

Weighted fair

Using the weighted fair method will simply throttle the traffic flows that are consuming the most bandwidth.
For example, a large file download is ok to throttle while a smaller VoIP flow should not be throttled at all.

Class based

This method allows you to allot bandwidth using the classification and marking that we have discussed earlier.

Priority

This is much like the class based method. However, it establishes a separate queue for priority packets which are to be processed. This is great for latency sensitive traffic!

The mother of all queuing

To get the best of all worlds there is a fourth method known as PQ-CBWFQ or by its more hipster name Low Latency Queuing (LLQ).

Preventing issues

There are some things you can do, besides increasing the bandwidth and stability, of your network that can aid you in ensuring good quality to the services that use the network.

One of those things is something known as Weighted Random Early Detection (WRED). This is a process that aims to make TCP based traffic utilize your available bandwidth more efficiently. TCP uses window size to “speed up” your data transfers to an appropriate amount, based on the quality of the network. WRED interferes with this window sizing in order to try and prevent something known as Global Syncronization, in which all TCP sessions will oscillate their bandwidth usage in sync with one another. This is not desirable, but rather we want the sessions to spread out across time, so that they can utilize the most amount of bandwidth.