Defining QoS for Multiple Policy Levels

Similar documents
Prioritizing Services

Configuring QoS Policy Actions and Rules

Sharing Bandwidth Fairly During Congestion

Distributing Bandwidth Between Queues

QoS: Child Service Policy for Priority Class

Marking Traffic CHAPTER

Quality of Service Commands

QoS: Child Service Policy for Priority Class

Configuring Modular QoS Congestion Management on Cisco IOS XR Software

Configuring Modular Quality of Service Congestion Management on Cisco IOS XR Software

Quality of Service. Understanding Quality of Service

Configuring Quality of Service for MPLS Traffic

MQC Hierarchical Queuing with 3 Level Scheduler

QoS: Match on ATM CLP

QoS: Per-Session Shaping and Queuing on LNS

QoS: Time-Based Thresholds for WRED and Queue Limit

EVC Quality of Service

Applying QoS Features Using the MQC

Byte-Based Weighted Random Early Detection

Configuring Quality of Service

Configuring Quality of Service

To send a text message to all Quality Device Manager (QDM) clients, use the send qdm message command in EXEC mode.

EVC Quality of Service

Multi-Level Priority Queues

Comparing the bandwidth and priority Commands of a QoS Service Policy

Modular QoS CLI Three-Level Hierarchical Policer

Quality of Service Commands match ip precedence. match ip precedence ip-precedence-value [ip-precedence-value ip-precedence-value

QoS: Hierarchical Queueing Framework Configuration Guide, Cisco IOS Release 15M&T

EVC Quality of Service

QoS Child Service Policy for Priority Class

QoS: Color-Aware Policer

Classifying Network Traffic

Marking Network Traffic

Hierarchical Queuing Framework

qos police order parent-first

Packet Classification Using the Frame Relay DLCI Number

Quality of Service Commands policy-map. This command has no default behavior or values.

ip rsvp reservation-host

Marking Network Traffic

Classifying and Marking MPLS EXP

Configurable Queue Depth

Configuring Modular QoS Congestion Avoidance

Per-Session QoS. Finding Feature Information

QoS Policy Parameters

Configuring Quality of Service

ATM Hierarchical Shaping ATM VC into VP Shaping, page 1

Configuring Quality of Service

Ethernet Overhead Accounting

Classifying Network Traffic

QoS: Regulating Packet Flow Configuration Guide, Cisco IOS Release 15S

Configuring 4-Port Gigabit Ethernet WAN Optical Services Modules

Fragmenting and Interleaving Real-Time and Nonreal-Time Packets

Finding Support Information for Platforms and Cisco IOS and Catalyst OS Software Images

QoS Tunnel Marking for GRE Tunnels

Configuring Quality of Service

QoS Configuration. Overview. Introduction to QoS. QoS Policy. Class. Traffic behavior

Software Configuration of ATM ISE Line Cards for Cisco Series Routers

Before configuring standard QoS, you must have a thorough understanding of these items: Standard QoS concepts.

Cisco ASR 1000 Series Aggregation Services Routers: QoS Architecture and Solutions

Contents. QoS overview 1

Configuring Quality of Service

Configuring QoS CHAPTER

Configuring Weighted Fair Queueing

Configuring Modular QoS Service Packet Classification

Configuring Modular QoS on Link Bundles

Set Inner CoS Bits for QinQ

Quality of Service Configuration Guidelines for RSP3 Module

default ip nbar protocol-pack

Quality of Service Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9300 Switches)

Configuring PFC QoS CHAPTER

Configuring QoS. Finding Feature Information. Prerequisites for QoS

Configuring global CAR 73 Overview 73 Configuring aggregate CAR 73 Configuration procedure 73 Configuration example 73

Quality of Service Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9300 Switches)

Configuring Ingress Policing

fair-queue aggregate-limit

Frame Relay Switching Enhancements

QoS: Policing and Shaping Configuration Guide, Cisco IOS XE Release 3S (Cisco ASR 920 Series)

Cisco. Implementing Cisco Service Provider Next-Generation Core Network Services Version: Demo. Web:

Configuring priority marking 63 Priority marking overview 63 Configuring priority marking 63 Priority marking configuration example 64

Configuring Modular QoS Service Packet Classification

QoS Packet Marking. About. Marking Definition

Modular Quality of Service Overview on Cisco IOS XR Software

Table of Contents 1 QoS Overview QoS Policy Configuration Priority Mapping Configuration 3-1

Low Latency Queueing with Priority Percentage Support

CBQ configuration example 7

Configuring QoS CHAPTER

Congestion Management Overview

Implementing QoS for IPv6

Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA wrr-queue cos-map

Where Do I Apply a QoS Service Policy on an ATM Interface?

Before configuring standard QoS, you must have a thorough understanding of these items:

Implementing QoS for IPv6

Quality of Service Configuration Guide, Cisco IOS XE Fuji 16.8.x (Catalyst 9300 Switches)

QOS Section 6. Weighted Random Early Detection (WRED)

Using Multilink PPP over Frame Relay

Configuring QoS CHAPTER

IP QOS Theory and Practice. eng. Nikolay Milovanov CCIE SP# 20094

Configuring Class-Based RTP and TCP Header Compression

Configuring QoS. Understanding QoS CHAPTER

Configuring Weighted Random Early Detection

Transcription:

CHAPTER 13 In releases prior to Cisco IOS Release 12.0(22)S, you can specify QoS behavior at only one level. For example, to shape two outbound queues of an interface, you must configure each queue separately, defining only class-specific actions. You can define a minimum bandwidth for two traffic classes, but you cannot define a combined maximum bandwidth for the two classes. As a result, you cannot configure fair queues on virtual circuits where the total throughput of the fair queues must be within the virtual circuit s committed rate. To implement fair queues on virtual circuits and virtual LANs (VLANs), the Cisco 10000 series router supports QoS with hierarchical queuing. Within the hierarchical QoS framework, you can enable the router to prioritize and manage packets at three policy levels (physical, logical, and class levels), thereby providing a high degree of granularity in traffic management. Congestion control mechanisms such as weighted random early detection (WRED) and tail drop regulate network traffic and control congestion. This chapter describes the various types of hierarchical policies and includes the following topics: Hierarchical Policies, page 13-2 Components Common to All Types of Hierarchical Policies, page 13-3 Types of Hierarchical Policies, page 13-6 Hierarchical Policies and Oversubscription, page 13-11 Applying Child Policies Under Priority Classes, page 13-12 Interfaces Supporting Hierarchical Policies, page 13-12 Guidelines for Configuring QoS for Multiple Queues, page 13-13 Configuring QoS for Multiple Queues, page 13-13 Configuration Examples, page 13-22 Verifying the Configuration of Hierarchical Policies, page 13-27 Related Documentation, page 13-30 13-1

Hierarchical Policies Chapter 13 Hierarchical Policies A hierarchical policy is a QoS model that enables you to specify QoS behavior at multiple levels of hierarchy. The router supports three types of hierarchical policies: nested, three-level, and input policing policies. Depending on the type of hierarchical policy you configure, you can use hierarchical policies to: Specify multiple policy maps to shape multiple queues together Apply specific policy map actions on the aggregate traffic Apply class-specific policy map actions Restrict the maximum bandwidth of a virtual circuit (VC) while allowing policing and marking of traffic classes within the VC For more information about the types of hierarchical policies, see the Nested Hierarchical Policies section on page 13-6, Three-Level Hierarchical Policies section on page 13-8, and the Hierarchical Input Policing Policies section on page 13-10). All hierarchical policy types consist of a top-level parent policy and one or more child policies. The service-policy command is used to apply a policy to another policy, and a policy to an interface, subinterface, virtual circuit (VC), or virtual LAN (VLAN). For example, in a three-level hierarchical policy, you use the service-policy command to apply a: Bottom-level child policy to a middle-level child policy Middle-level child policy to a top-level parent policy Top-level parent policy to an interface, subinterface, VC, or VLAN For more information, see the Child Policy section on page 13-4, the Parent Policy section on page 13-4, and the service-policy Command section on page 13-5. When you use hierarchical policies, the router allocates the physical pipe into smaller pipes. Instead of creating a single versatile time management scheduler (VTMS) link for the physical interface, each parent policy map has a VTMS link. The router uses this QoS link to service the associated traffic independently of other traffic. For releases prior to Cisco IOS Release 12.0(25)SX, the router uses 128 discrete values between 64 kbps and 1 Gbps as multiqueue shape rates. Therefore, the sum of the nested policy shape rates you specify for an interface must be 64 kbps less than the total bandwidth of the interface. For example, on a DS1 Frame Relay interface with a total bandwidth of 1536 kbps, the combined shape rate of the hierarchical policy must be 1472 kbps or less: 1536 kbps 64 kbps = 1472 kbps If you specify a non-supported rate, the router uses the next lower supported rate instead. For Cisco IOS Release 12.0(25)SX and Release 12.3(7)XI, and later releases, the router allows interface oversubscription. For more information, see Chapter 15, Oversubscribing Physical and Virtual Links. 13-2

Chapter 13 Components Common to All Types of Hierarchical Policies Feature History for Hierarchical Policies Cisco IOS Release Description Required PRE Release 12.0(22)S The hierarchical policies feature was introduced on the PRE1 PRE1 and support two-level, nested hierarchical policies. Release 12.0(25)SX This feature was enhanced on the PRE1 to support PRE1 three-level hierarchical policies. Release 12.2(16)BX This feature was introduced on the PRE2 and supported PRE2 two-level, nested hierarchical policies. Release 12.3(7)XI This feature was enhanced on the PRE2 to support PRE2 three-level hierarchical policies. Release 12.2(28)SB This feature was integrated into Cisco IOS Release 12.2(28)SB for the PRE2 and enhanced to support hierarchical input policing feature on the PRE2. PRE2 Release 12.2(31)SB2 This feature was introduced on the PRE3 PRE3 Benefits of Hierarchical Policies Depending on the type of hierarchical QoS policy you configure, you can: Shape multiple queues to a single rate Divide a single class of traffic into one or more subclasses Specify the maximum transmission rate of a set of traffic classes that are queued separately, which is essential for virtual interfaces such as Frame Relay PVCs and IEEE 802.1Q virtual LANs (VLANs) Configure fair queues on virtual circuits Shape the aggregate traffic of queues on a physical interface (for example, provide a 10-megabits per second (Mbps) service on a 100-Mbps physical interface) Restrict the maximum bandwidth of a VC while allowing policing and marking of classes within the VC Components Common to All Types of Hierarchical Policies All types of hierarchical policies use the following components to provide multiple levels of QoS behavior: Child Policy, page 13-4 Parent Policy, page 13-4 service-policy Command, page 13-5 13-3

Components Common to All Types of Hierarchical Policies Chapter 13 Child Policy A child policy is a policy map in a hierarchical QoS policy that defines QoS behavior for individual streams of traffic. A child policy defines one or more classes of traffic and the actions you want the router to take on the traffic, just as non-hierarchical policy maps do. However, in a hierarchical policy, a child policy map is applied to a parent policy map and can be applied to another child policy, depending on the type of hierarchical policy it is (see the Types of Hierarchical Policies section on page 13-6). The following describes the ways in which you can apply child policies for the various types of hierarchical policies: Nested hierarchical policies Apply a bottom-level child policy to a top-level parent policy only. Three-level hierarchical policies Apply a bottom-level child policy to a middle-level child policy; and apply the middle-level child policy to the top-level parent policy. Hierarchical input policing policies Apply a bottom-level child policy to a top-level parent policy. When applying child policies to other child policies or to a parent policy, use the service-policy command and specify the name of the child policy you are applying as the policy-map-name. Do not specify the input or output keyword. If you specify the bandwidth percent command or the police percent command in a child policy, the percentage you indicate is the percentage of the total shape rate and not the percentage of the interface bandwidth. The router uses the bandwidth of the nearest parent policy (configured using the shape or police command) command to calculate the bandwidth percentage for the child policy. The router always looks to the nearest parent for the bandwidth reference point. The router executes the child policy and then the parent policy. However, if the child policy contains policing with a specified drop policy, the router polices and drops the appropriate traffic at the child level, but does not execute the parent policy on the dropped packets. The router executes the child policy and then the parent policy. As the packets pass through the router s forwarding engine, the router applies the QoS actions specified in the child policy. After child processing completes, the packets are fed back through the forwarding engine and the router applies the parent policy actions to the aggregate traffic. The router executes the parent policy only on the packets that are fed back. If the router dropped some packets during child processing (the child policy contained a drop policy), the router does not execute the parent policy on those dropped packets. Parent Policy A parent policy contains only the class-default class; it can contain no other classes. The parent policy defines the shape rate (nested and three-level hierarchical policies) or the policing rate (hierarchical input policing policies) for the aggregate traffic on an interface with a service policy applied. The parent policy class-default class can contain only the following commands. Do not configure any other commands in the class-default class. Configure the service-policy command last. shape command (Nested or three-level Hierarchical Policies) Specifies a single shape rate for all of the traffic classes defined in the child policies. The router does not allocate unused (or excess) bandwidth for other traffic. You must configure the shape command when creating nested hierarchical policies and three-level hierarchical policies; do not configure the police command. or police command (Hierarchical Input Policing Policies) Configures traffic policing for the aggregate traffic of all of the classes defined in the child policies. You must configure the police command when creating hierarchical input policing policies; do not configure the shape command. 13-4

Chapter 13 Components Common to All Types of Hierarchical Policies service-policy command Applies a child policy to the parent policy to create a single hierarchical QoS policy. Specify the name of the child policy map as the policy-map-name. Do not specify the input or output keyword. For more information about hierarchical policies, see the Types of Hierarchical Policies section on page 13-6. Table 13-1 summarizes the commands configured in the parent class-default class for the different types of hierarchical policies. Table 13-1 Hierarchical Parent Class-Default Class Commands Type of Policy shape Command police Command service-policy Command Nested Hierarchical Yes No Yes Three-Level Hierarchical Yes No Yes Hierarchical Input Policing No Yes Yes The router reserves the bandwidth you specify in the parent policy shape or police command for the exclusive use of the PVC or VLANs to which the policy is applicable. The router does not share unused bandwidth with other PVCs or VLANs. However, the actual shape rate the router applies to the child traffic classes might differ from the rate you specify in the parent policy. For example, the router might map a specified shape rate of 10.5 Mbps to 11 Mbps. Use the show policy-map interface command to determine the actual shape rate applied. service-policy Command For hierarchical policies, the service-policy command is used to attach: Child policies to child policies Child policies to parent policies Parent policies to interfaces, subinterfaces, and virtual circuits When attaching child policies to child or parent policies, do not specify the output or input keyword when you enter the service-policy command. For example, enter the following command: Router(config-if)# service-policy policy-map-name When attaching parent policies to interfaces, subinterfaces, or virtual circuits, enter the service-policy command and specify the output or input keyword as described below: Nested hierarchical policies and three-level hierarchical policies Specify the output keyword to tell the router to apply the policy to outbound traffic. For more information, see the Nested Hierarchical Policies section on page 13-6 and the Three-Level Hierarchical Policies section on page 13-8. Hierarchical input policing policies Specify the input keyword to apply the policy to inbound traffic. For more information, see the Hierarchical Input Policing Policies section on page 13-10. The router does not support nested and three-level hierarchical policies on inbound interfaces, and it does not support hierarchical input policing on outbound interfaces. 13-5

Types of Hierarchical Policies Chapter 13 Types of Hierarchical Policies The Cisco 10000 series router supports the following types of hierarchical policies: Nested Hierarchical Policies, page 13-6 Defines up to two levels of hierarchy. A nested policy can define a minimum bandwidth for each type of traffic on a virtual circuit and a maximum bandwidth for the virtual circuit s total traffic. However, a nested policy cannot actively police a subclass of each guaranteed class while placing a maximum transmission limit on the aggregate traffic. Three-Level Hierarchical Policies, page 13-8 Defines up to three levels of hierarchy. A three-level policy can define a minimum bandwidth for each traffic type on a virtual circuit, define a maximum bandwidth for the virtual circuit s total traffic, police a subclass of each guaranteed class, and place a maximum transmission limit on the aggregate traffic. Hierarchical Input Policing Policies, page 13-10 Defines up to two levels of hierarchy for inbound traffic only. A hierarchical input policing policy can define two levels of policing, one in the parent policy and one in the child policy. The top-level parent policy is typically used to police an interface, subinterface, ATM VC, Frame Relay DLCI, or 802.1Q VLAN, and is applied to all traffic. Nested Hierarchical Policies A nested hierarchical policy is a queuing model that defines a minimum bandwidth for multiple classes and specifies a combined maximum bandwidth for the classes. Using a nested hierarchical policy, you can shape two or more queues together into one logical QoS policy. In this way, you can associate multiple logical links with a physical interface and enable the router to service any group of queues independently of other queues. The router provides distinct dequeuing rates to the subsets of the queues on a physical link. Figure 13-1 shows a sample queuing configuration on a T1 network interface that is running Frame Relay. The network interface has two PVCs (PVC1 and PVC2), each with a multiqueue shape rate of 768 kbps. Each PVC has two fair queues whose aggregate output is shaped at 768 kbps. Figure 13-1 Nested Hierarchical Policy on Frame Relay T1 PVC1 shaped at 768 Kbps PVC2 shaped at 768 Kbps Fair Queue at 512 Kbps Fair Queue at 512 Kbps Fair Queue at 512 Kbps Fair Queue at 512 Kbps 126793 13-6

Chapter 13 Types of Hierarchical Policies Nested policy maps specify QoS policies at the following two levels of hierarchy: Child policy (bottom-level) Identifies one or more classes of traffic and defines QoS behavior for the individual traffic streams. If you specify a class bandwidth in a child policy as a percentage, the router uses the top-level parent shape rate as the bandwidth reference (100 percent) rather than the bandwidth of the network interface. For example, in a nested policy shaped at 2 Mbps with a bottom-level child policy configured for 50 percent bandwidth, the router allocates 1 Mbps of bandwidth to the child policy (50 percent of the parent shape rate). Parent policy (top-level) Shapes the output of the traffic classes into a single shape rate. The parent policy can contain only the class-default class with only the shape command specified. For releases prior to Cisco IOS Release 12.0(25)SX, the sum of the nested policy shape rates you specify can be no more than 64 kbps less than the physical interface bandwidth. For example, the sum of the nested policy shape rates for a DS1 Frame Relay interface must be no more than 1472 kbps, calculated as follows: 1536 kbps 64 kbps = 1472 kbps If you specify a non-supported rate, the router uses the next lower supported rate instead. The above restriction does not apply to Cisco IOS Release 12.0(25)SX and later releases. For releases prior to Cisco IOS Release 12.0(25)SX and Release 12.3(7)XI, the router does not limit the number of nested policies you can configure on a physical network interface as long as the sum of the nested policy shape rates is 64 kbps less than the total bandwidth of the interface. In Cisco IOS Release 12.0(25)SX and Release 12.3(7)XI, and later releases, the router allows oversubscription. For more information, see Chapter 15, Oversubscribing Physical and Virtual Links. The router reserves the shape rate you specify in the parent policy for the child traffic classes. The router does not allocate unused (or excess) bandwidth to other traffic. For example, consider a nested policy with a shape rate of 64 kbps. If the nested policy traffic rate is 32 kbps, the router does not allocate the remaining 32 kbps to the other traffic on the network interface. In some cases, the nested policy shape rate that the system uses might be lower than the shape rate you specify. Use the show policy-map interface command to verify the actual shape rate. For Frame Relay PVCs, instead of using a nested policy map to specify the multiqueue shape rate, you can use the frame-relay traffic-shape command to specify a fair queue policy map. Restrictions and Limitations for Nested Hierarchical Policies This section lists restrictions for nested hierarchical policies. These restrictions might not apply to other types of hierarchical policies. Nested hierarchical policies can have no more than two levels of hierarchy. Only the top-level parent policy can have the class-default class defined. The parent class-default class can have only the shape command configured; you cannot specify any other policy action. The class-default class can also have the service-policy command configured to attach a child policy to the parent policy. You must specify the shape command before you specify the service-policy command. Queuing services must exist at a single hierarchy level, except for the shape command, which is defined in the parent policy s class-default class. 13-7

Types of Hierarchical Policies Chapter 13 You cannot apply a child policy to a traffic class that contains the set or police command. For the PRE1, the router does not support DotP marking and 802.1P for nested hierarchical policies, including matching and marking of the 802.1P header. Three-Level Hierarchical Policies A three-level hierarchical policy extends the functionality of a nested hierarchical policy from two to three levels of hierarchy. Using three-level hierarchical policies, you can: Define QoS policies at three levels of hierarchy Define a single shaping rate for multiple classes and subclasses of IP traffic Apply specific actions on the aggregate traffic of multiple classes and execute class-specific actions Selectively police a subclass of each guaranteed class and place a maximum transmission limit on the aggregate traffic For example, you can use a three-level hierarchical policy to define a minimum bandwidth and a combined maximum bandwidth for two classes. Similarly, you can also define a minimum bandwidth for each type of traffic on a virtual circuit and a maximum bandwidth for the virtual circuit s total traffic. A three-level policy specifies the following three levels of hierarchy: Child policy (bottom-level) Specifies marking and metering actions for one or more classes of traffic using the set and police commands. You cannot apply a child policy to a traffic class that contains the set or police command. Child policy (middle-level) Defines class-based queuing actions for one or more classes of traffic. You must configure all queuing actions (such as the bandwidth and priority commands) at a single hierarchical level. The exception to this rule is the shape command, which is also configured in the class-default class of a parent policy. Parent policy (top-level) Defines the transmission capacity of a physical or virtual link to shape the output of the traffic classes into a single shape rate. The shape rate you specify in the parent policy is reserved for the traffic classes you specify in the child policies. The router does not allocate unused (excess) bandwidth for other traffic. The actual shape rate the router applies to the child traffic classes might differ from the rate you specify in the hierarchical policy. Use the show policy-map interface command to determine the actual shape rate applied. 13-8

Chapter 13 Types of Hierarchical Policies Restrictions and Limitations for Three-Level Hierarchical Policies This section lists restrictions for three-level hierarchical policies. These restrictions might not apply to other types of hierarchical policies. A top-level parent policy can have only the class-default class. Do not configure any other traffic class. The parent class-default class can have only the shape and service-policy commands configured. Specify the shape command first and then the service-policy command to apply a child policy to the parent policy. A middle-level child policy cannot have the police and set commands configured. If you use these commands in a middle-level policy, you cannot apply a bottom-level child policy to it using the service-policy command. A bottom-level child policy can have only the police and set commands configured for a class. Each bottom-level class map must match only those packets that also match its parent class map. For example, the union of the set of packets of a bottom-level class and that of its parent class must be equal to the set of packets that match the parent class. If a policy does not adhere to the above restriction, the router might incorrectly classify the traffic affected by the policy. Example 13-1 shows a configuration that violates the requirement that the bottom-level class map match only those packets that also match its parent class map. In the example, the class map named Child matches any packet that is not IP precedence 1 (for example, IP precedence 5). The class map named Parent matches only IP precedence 1, 2, and 3. As a result, no packets from the Child and Parent classes intersect. Example 13-1 Improperly Defining Bottom-Level Child and Top-Level Parent Class Maps Router(config)# class-map Parent Router(config-cmap)# math ip precedence 1 2 3! Router(config)# class-map Child Router(config-cmap)# match not ip precedence 1 Example 13-2 modifies the configuration in Example 13-1 to ensure the union of Child and Parent packets, which in Example 13-2 is IP precedence 2 and 3. Example 13-2 Properly Defining Bottom-Level Child and Top-Level Parent Class Maps Router(config)# class-map Parent Router(config-cmap)# math ip precedence 1 2 3! Router(config)# class-map Child Router(config-cmap)# match ip precedence 2 3 13-9

Types of Hierarchical Policies Chapter 13 Hierarchical Input Policing Policies A hierarchical input policing policy extends the functionality of traffic policing to two levels of hierarchy for inbound interfaces. The hierarchical input policer limits the rate of the traffic that the router accepts on the interface with the service policy applied. In this way, the service provider network is protected on the aggregate traffic level to ensure that the service provider can honor service level agreements. A two-rate three-color policer limits the rate of individual traffic streams (see the Two-Rate Three-Color Marker for Traffic Policing section on page 6-8). Using hierarchical input policing, you can: Specify policing actions at two levels of hierarchy Define a policing rate for the traffic that the router accepts on an inbound interface (with a service policy applied) Define a policing rate for individual traffic streams A hierarchical input policing policy specifies the following two levels of hierarchy: Child policy (bottom-level) Specifies policing actions for individual IP traffic streams by using a two-rate three-color policer (see the Two-Rate Three-Color Marker for Traffic Policing section on page 6-8). Parent policy (top-level) Defines a policing rate for all inbound traffic on the interface, subinterface, VC, or VLAN on which the service policy is applied. During hierarchical input policing, the bottom-level policer acts on all of the traffic arriving at the interface, subinterface, VC, or VLAN on which the hierarchical policer is applied. As the traffic passes through the forwarding engine of the router for the first time, the bottom-level policer limits the rate of the individual streams of IP traffic before passing the traffic back through the forwarding engine again. During this feedback operation, the top-level traffic policer limits the rate of all of the traffic passed to it. The top-level policer acts only on the packets sent by the bottom-level policer. If the outbound interface has policing configured, a second feedback occurs during which the outbound policer limits the rate of the traffic. Packets dropped during bottom-level child processing are not passed to the top-level parent policer. Figure 13-2 shows how packets flow between policy maps in a hierarchical input policing policy. In the figure, 500 packets arrive at the interface with the policy_map_level1 policy attached. Because of the way in which the policer is configured in policy_map_level1, the policer drops 100 packets and passes 400 packets. The traffic policer in the policy_map_level2 policy then evaluates the 400 packets it receives, drops 200, and transmits the remaining 200 packets. 13-10

Chapter 13 Hierarchical Policies and Oversubscription Figure 13-2 Packet Flow Between Hierarchical Input Policing Policies 500 packets received at the interface Top-level parent policy map: policy_map_level1 400 packets transmitted 100 packets dropped Bottom-level child policy map: policy_map_level2 126794 200 packets dropped 200 packets exit the interface Restrictions and Limitations for Hierarchical Input Policing Policies Packet classification for the bottom-level child policy map occurs before the top-level policer acts on the traffic classes. Traffic policing at the top-level parent does not guarantee fairness in sharing bandwidth among the child classes. If packets from two different traffic classes arrive at the same rate and then go through a traffic policer, the output rates of the two classes might be different because the hierarchical input policer acts as an aggregate policer. The parent policer might drop packets in one class in favor of the other class. This situation can happen when the top-level policer has enough tokens when the packets for one class arrive, but does not have enough tokens left for the other class. Based on the arrival pattern of the packets, this pattern could continue indefinitely. Hierarchical Policies and Oversubscription For releases prior to Cisco IOS Release 12.0(25)SX and Release 12.3(7)XI, the router does not allow oversubscription of interfaces. If you oversubscribe hierarchical policies, instead of reducing the shape rate of all policies, the router preserves as many policies as possible and reduces the policy shape rates of a minimum number of policies to bring the sum of the hierarchical policy shape rates to less than the physical interface bandwidth. For Cisco IOS Release 12.0(25)SX and Release 12.3(7)XI and later releases, the router allows you to oversubscribe interfaces. Oversubscription is always enabled. For more information about oversubscription, see Chapter 15, Oversubscribing Physical and Virtual Links. 13-11

Applying Child Policies Under Priority Classes Chapter 13 Applying Child Policies Under Priority Classes The Cisco 10000 series router allows you to apply a child policy with non-queuing features under a priority class in Cisco IOS Release 12.2(31)SB2 and later releases. In a three-level hierarchical policy, the priority class to which you attach the child policy must be in the middle-level policy. In a two-level hierarchical policy (nested policy), the priority class to which you attach the child policy is in the parent policy. For more information, see the Child Service Policy Allowed Under Priority Class feature module for Cisco IOS Release 12.2(31)SB2. Interfaces Supporting Hierarchical Policies The following describes interface support for hierarchical policies using the service-policy command: Interfaces Supporting Hierarchical Policies (Outbound Only) Physical ATM constant bit rate (CBR) PVCs and point-to-point subinterfaces ATM variable bit rate (VBR) PVCs and point-to-point subinterfaces ATM shaped (peak cell rate is specified) unspecified bit rate (UBR) PVCs and point-to-point subinterfaces Label-controlled ATM (LC-ATM) subinterfaces Frame Relay PVCs, point-to-point subinterfaces, and map classes Ethernet VLANs The router only supports nested and three-level hierarchical policies on outbound interfaces. Interfaces Supporting Hierarchical Policies (Inbound only) Physical ATM constant bit rate (CBR) PVCs and point-to-point subinterfaces ATM variable bit rate (VBR) PVCs and point-to-point subinterfaces Label-controlled (LC)-ATM subinterfaces Frame Relay PVCs, point-to-point subinterfaces, and map classes Ethernet VLANs The router only supports hierarchical input policing policies on inbound interfaces. Interfaces Not Supporting Hierarchical Policies Multilink PPP and Multilink Frame Relay ATM unshaped (no peak cell rate specified) UBR PVCs and point-to-point subinterfaces IP tunnel Virtual-access (See the VAI QoS Inheritance section on page 4-24.) 13-12

Chapter 13 Guidelines for Configuring QoS for Multiple Queues Guidelines for Configuring QoS for Multiple Queues When configuring QoS for multiple queues, consider the following guidelines: Define child policies before you define the parent policy. For example, for a nested policy, define the bottom-level policy and then the top-level parent policy. For a three-level policy, define the bottom-level policy, the middle-level policy, and then the top-level parent policy. Do not specify the input or output keyword in the service-policy command when configuring a child policy within another child policy or within a parent policy. Do not configure a child policy in a traffic class of a bottom-level policy. Configure child policies only in middle-level and top-level parent policies. Configuring QoS for Multiple Queues To configure QoS for multiple queues using a hierarchical policy, perform the following configuration tasks: Creating Fair Queues at Two Levels of Hierarchy, page 13-13 Creating Fair Queues at Three Levels of Hierarchy, page 13-15 Policing Inbound Traffic at Two Levels of Hierarchy, page 13-19 Policing Inbound Traffic at Two Levels of Hierarchy, page 13-19 Creating Fair Queues at Two Levels of Hierarchy To create fair queues at two levels of hierarchy, enter the following commands beginning in global configuration mode: Use the following commands to configure both the child and parent policies. Configure the bottom-level child policy first and then the top-level parent policy. For information about additional actions you can specify in child policies, see the Types of QoS Actions section on page 3-4. Step 1 Command Router(config)# policy-map policy-map-name Purpose Creates or modifies the bottom-level child policy. policy-map-name is the name of the child policy map. The name can be a maximum of 40 alphanumeric characters. Step 2 Router(config-pmap)# class class-map-name Assigns the traffic class you specify to the policy map. Enters policy-map class configuration mode. class-map-name is the name of a previously configured class map and is the traffic class for which you want to define QoS actions. 13-13

Configuring QoS for Multiple Queues Chapter 13 Step 3 Router(config-pmap-c)# bandwidth {bandwidth-kbps percent percentage remaining percent percentage} (Optional) Enables class-based fair queuing. bandwidth-kbps specifies or modifies the minimum bandwidth allocated for a class belonging to a policy map. Valid values are from 8 to 2,488,320, which represents from 1 to 99 percent of the link bandwidth. percent percentage specifies or modifies the minimum percentage of the link bandwidth allocated for a class belonging to a policy map. Valid values are from 1 to 99. remaining percent percentage specifies or modifies the minimum percentage of unused link bandwidth allocated for a class belonging to a policy map. Valid values are from 1 to 99. Step 4 Exits policy-map class configuration mode. Step 5 Router(config-pmap)# policy-map policy-map-name Creates or modifies the top-level parent policy. policy-map-name is the name of the parent policy map. The name can be a maximum of 40 alphanumeric characters. Step 6 Router(config-pmap)# class class-default Configures or modifies the parent class-default class. You can configure only the class-default class in a parent policy. Do not configure any other traffic class. Step 7 Router(config-pmap-c)# shape kbps-value Shapes traffic to the indicated bit rate. kbps-value is the bit-rate (in kilobits per second) used to shape the traffic. Step 8 Command Router(config-pmap-c)# service-policy policy-map-name Purpose Applies a bottom-level child policy to the top-level parent class-default class. policy-map-name is the name of the previously configured child policy map. Example 13-3 shows how to create a nested hierarchical policy that creates two fair queues: one queue for the Bronze traffic and one queue for all other traffic. The top-level policy named Top-Parent shapes the total output rate of both queues to 1 Mbps. The bottom-level policy named Bottom-Child shapes Bronze traffic to 50 percent of the total output rate, or 500 kbps. The router allocates the remaining 500 kbps to all other traffic. Example 13-3 Creating Fair Queues at Two Levels of Hierarchy Router(config)# policy-map Bottom-Child Router(config-pmap)# class Bronze Router(config-pmap-c)# bandwidth percent 50 Router(config-pmap)# policy-map Top-Parent Router(config-pmap)# class class-default Router(config-pmap-c)# shape 1000 Router(config-pmap-c)# service-policy Bottom-Child 13-14

Chapter 13 Configuring QoS for Multiple Queues Creating Fair Queues at Three Levels of Hierarchy To create fair queues at three levels of hierarchy, perform the following required configuration tasks: Configuring a Bottom-Level Child Policy of a Three-Level Hierarchy, page 13-15 Configuring a Middle-Level Child Policy of a Three-Level Hierarchy, page 13-16 Configuring the Top-Level Parent Policy of a Three-Level Hierarchy, page 13-18 Configuring a Bottom-Level Child Policy of a Three-Level Hierarchy To configure the bottom-level child policy, enter the following commands beginning in global configuration mode: The bottom-level child policy of a three-level hierarchical policy typically contains only metering or marking actions. Therefore, configure only the police and set commands in the bottom-level policy. Step 1 Command Router(config)# policy-map policy-map-name Purpose Creates or modifies the bottom-level child policy. policy-map-name is the name of the policy map. The name can be a maximum of 40 alphanumeric characters. Step 2 Router(config-pmap)# class class-map-name Assigns the traffic class you specify to the policy map. Enters policy-map class configuration mode. class-map-name is the name of a previously configured class map and is the traffic class for which you want to define QoS actions. Step 3 Step 4 Router(config-pmap-c)# police [cir] bps [burst-normal] [burst-excess] conform-action {action} exceed-action {action} [violate-action {action}] Router(config-pmap-c)# police [cir] percent percent bc normal-burst-in-msec [pir pir] be excess-burst-in-msec conform-action {action} exceed-action {action} [violate-action {action}] (Optional) Configures kilobits per second-based traffic policing. For more information, see Chapter 6, Policing Traffic. (Optional) Configures percent-based traffic policing. For more information, see Chapter 6, Policing Traffic. For information about traffic policing actions, see Table 6-1 on page 6-3. Step 5 Router(config-pmap-c)# set action (Optional) Configures traffic marking. For a description of the traffic marking actions you can configure, see Table 13-2 on page 13-15. Table 13-2 describes the traffic marking actions you can configure using the set command. Table 13-2 Traffic Marking Actions Action Description atm-clp Sets the ATM cell loss priority (CLP) bit to 1. cos Sets the IEEE 802.1P class of service bits in the user priority field. 13-15

Configuring QoS for Multiple Queues Chapter 13 Table 13-2 Traffic Marking Actions (continued) Action discard-class dscp mpls experimental imposition ip precedence qos-group Description Marks a packet with the discard-class value that you specify, indicating the drop eligibility of a packet. Marks a packet with the differentiated services code point (DSCP) you specify. Sets the value of the MPLS experimental (EXP) field on all imposed label entries. Marks a packet with the IP precedence level you specify. Marks a packet with the QoS group identifier you specify. Example 13-4 shows how to configure the bottom-level child policy of a three-level hierarchy. Remember, the bottom-level policy typically defines marking and metering actions. In this example, the policy map named Gold-Meter defines the policing rate and actions for Business class traffic; the policy map named Default-Meter defines the default policing rate and actions. Example 13-4 Configuring a Bottom-Level Child Policy of a Three-Level Hierarchy Router(config)# policy-map Gold-Meter Router(config-pmap)# class Business Router(config-pmap-c)# police 15000 10000 6000 conform-action transmit exceed-action set-prec-transmit 1 Router(config-pmap)# policy-map Default-Meter Router(config-pmap)# class Business Router(config-pmap-c)# police percent 10 1500 0 conform-action transmit exceed-action set-prec-transmit 4 Router(config-pmap)# Configuring a Middle-Level Child Policy of a Three-Level Hierarchy To configure a middle-level child policy, enter the following commands beginning in global configuration mode: For information about additional actions you can specify in child policies, see the Types of QoS Actions section on page 3-4. Step 1 Command Router(config-pmap)# policy-map policy-map-name Purpose Creates or modifies a middle-level child policy map. policy-map-name is the name of the policy map. The name can be a maximum of 40 alphanumeric characters. Step 2 Router(config-pmap)# class class-map-name Assigns the traffic class you specify to the policy map. Enters policy-map class configuration mode. class-map-name is the name of a previously configured class map and is the traffic class for which you want to define QoS actions. 13-16

Chapter 13 Configuring QoS for Multiple Queues Command Purpose Step 3 Router(config-pmap-c)# priority (Optional) Assigns strict priority to the traffic class. Step 4 Step 5 Step 6 Step 7 Router(config-pmap-c)# bandwidth {bandwidth-kbps percent percentage remaining percent percentage} Router(config-pmap-c)# random-detect dscp-based Router(config-pmap-c)# random-detect dscp dscpvalue min-threshold max-threshold [mark-probability-denominator] Router(config-pmap-c)# service-policy policy-map-name For Cisco IOS Release 12.0(25)S and Release 12.3(7)XI, and later releases, the priority command has no arguments. To specify a bandwidth rate, use the police command (see Chapter 6, Policing Traffic ). (Optional) Specifies the bandwidth allocated for a traffic class. Do not enter the bandwidth command if you configure the priority command. (Optional) Enables DSCP-based WRED. (Optional) Specifies a packet drop policy based on the DSCP value you specify. For more information, see Chapter 11, Managing Packet Queue Congestion. Applies the bottom-level child policy map to the traffic class. Do not specify an input or output keyword. policy-map-name is the name of a previously configured bottom-level child policy map. Example 13-5 shows how to configure a middle-level child policy using the bottom-level child policy configured in Example 13-4. In this middle-level policy, the policy map named Southwest defines three traffic classes: Premium, Gold, and class-default. The configuration of these classes provides the following QoS behavior: Premium Traffic Gives priority service to Premium traffic Limits Premium packets to 50 percent of the total transmission capacity Gold Traffic Uses the Gold-Meter policy to police all Gold traffic (see Example 13-4 on page 13-16) Guarantees Gold packets a minimum of 15,000 kbps of transmission capacity Marks any traffic that exceeds 15,000 kbps with IP precedence 1 and then transmits the packet During congestion, discards Gold packets with IP precedence level 2 or 3 before discarding other packets Default Traffic Uses the Default-Meter policy to police default traffic (see Example 13-4 on page 13-16) Guarantees default traffic a minimum of 10 percent of the total transmission capacity Marks any traffic that exceeds 10 percent with IP precedence 4 and then transmits the packet During congestion, discards default packets with IP precedence level 1 before discarding other packets 13-17

Configuring QoS for Multiple Queues Chapter 13 Example 13-5 Configuring a Middle-Level Child Policy of a Three-Level Hierarchy Router(config-pmap)# policy-map Southwest Router(config-pmap)# class Premium Router(config-pmap-c)# priority Router(config-pmap-c)# police percent 50 Router(config-pmap-c)# class Gold Router(config-pmap-c)# random-detect prec-based Router(config-pmap-c)# random-detect precedence 2 3 Router(config-pmap-c)# service-policy Gold-Meter Router(config-pmap-c)# class class-default Router(config-pmap-c)# random-detect prec-based Router(config-pmap-c)# random-detect precedence 1 Router(config-pmap-c)# service-policy Default-Meter Router(config-pmap)# Configuring the Top-Level Parent Policy of a Three-Level Hierarchy To configure a top-level parent policy, enter the following commands beginning in global configuration mode: In a top-level parent policy, define only the class-default class and specify the shape command and then the service-policy command in the class configuration. Do not specify any other commands. Command Purpose Step 1 Router(config-pmap)# policy-map policy-map-name Creates or modifies a top-level parent policy map. policy-map-name is the name of the policy map. The name can be a maximum of 40 alphanumeric characters. Step 2 Router(config-pmap)# class class-default Configures or modifies the class-default class. Step 3 Router(config-pmap-c)# shape kbps-value Shapes traffic to the indicated bit rate. kbps-value is the bit-rate (in kilobits per second) used to shape the traffic. Step 4 Router(config-pmap-c)# service-policy policy-map-name Applies the middle-level child policy map to the parent class-default class. Do not specify an input or output keyword. policy-map-name is the name of a previously configured middle-level child policy map. 13-18

Chapter 13 Configuring QoS for Multiple Queues Example 13-6 shows how to configure a top-level parent policy using the middle-level child policy configured in Example 13-5. In this top-level policy, the shape command indicates a total transmission capacity of 64,000 kbps for the combined queues. The service-policy command applies the middle-level policy named Southwest to the parent class-default class. Example 13-6 Configuring a Top-Level Parent Policy of a Three-Level Hierarchy Router(config-pmap)# policy-map Region1 Router(config-pmap)# class class-default Router(config-pmap-c)# shape 64000 Router(config-pmap-c)# service-policy Southwest Router(config-pmap)# exit Router(config)# Policing Inbound Traffic at Two Levels of Hierarchy To police the traffic the router accepts on an inbound interface with a service policy applied, enter the following commands beginning in global configuration mode: Use the following commands to configure both the child and parent policies. Configure the bottom-level child policy first and then the top-level parent policy. For information about additional actions you can specify, see the Types of QoS Actions section on page 3-4. Step 1 Command Router(config-pmap)# policy-map policy-map-name Purpose Creates or modifies a bottom-level child policy map. policy-map-name is the name of the policy map. The name can be a maximum of 40 alphanumeric characters. Step 2 Router(config-pmap)# class class-map-name Assigns the traffic class you specify to the policy map. Enters policy-map class configuration mode. class-map-name is the name of a previously configured class map and is the traffic class for which you want to define QoS actions. 13-19

Configuring QoS for Multiple Queues Chapter 13 Step 3 Router(config-pmap-c)# police {cir cir} [bc conform-burst] [pir pir] [be peak-burst] [conform-action action [exceed-action action [violate-action action]]] Configures traffic policing using two rates, the committed information rate (CIR) and the peak information rate (PIR). cir is the committed information rate (CIR) and indicates an average rate at which the policer meters traffic. cir specifies the CIR value in bits per second. Valid values are from 8000 to 2,488,320,000. (Optional) bc conform-burst is conform burst (bc) size used by the first token bucket for policing. The conform-burst specifies the bc value in bytes. Valid values are from 1 to 51200,000. pir pir is the peak information rate (PIR) at which the second token bucket is updated. The pir specifies the PIR value in bits per second. Valid values are from 8000 to 2,488,320,000. (Optional) be peak-burst is the peak burst (be) size used by the second token bucket for policing. The peak-burst specifies the peak burst (be) size in bytes. The size varies according to the interface in use. Valid values are from 0 to 1,024,000,000. conform-action {action} is the action to take on packets that conform to the CIR and PIR. The default action is transmit. exceed-action {action} is the action to take on packets that conform to the PIR but not the CIR. The default action is drop. (Optional) violate-action {action} is the action to take on packets that exceed the PIR. The default action is the same as the exceed-action. {action} is the action to take on packets. See Table 6-1 on page 6-3 for a description of each action. Step 4 Exits policy-map class configuration mode. Step 5 Router(config-pmap)# policy-map policy-map-name Creates or modifies a top-level parent policy map. policy-map-name is the name of the policy map. The name can be a maximum of 40 alphanumeric characters. Step 6 Router(config-pmap)# class class-default Configures or modifies the default traffic class. Step 7 Step 8 Command Router(config-pmap-c)# police {cir cir} [bc conform-burst] [pir pir] [be peak-burst] [conform-action action [exceed-action action [violate-action action]]] Router(config-pmap-c)# service-policy policy-map-name Purpose Configures traffic policing using two rates, the committed information rate (CIR) and the peak information rate (PIR). For more information, see Chapter 6, Policing Traffic. {action} is the action to take on packets. See Table 6-1 on page 6-3 for a description of each action. Applies the bottom-level child policy map to the parent class-default class. Do not specify an input or output keyword. policy-map-name is the name of a previously configured bottom-level child policy map. 13-20

Chapter 13 Configuring QoS for Multiple Queues Example 13-7 shows how to configure a hierarchical input policing policy to police the traffic that enters the router on a specific interface. In the example, the two class maps named class-default and Gold define the criteria the router uses to classify traffic. The bottom-level child policy map named Business defines the policing actions for traffic classified as Gold; the top-level parent policy map named All_Traffic defines the policing actions for default traffic. The Business policy map is applied to the All_Traffic policy, creating a two-level hierarchical input policing policy. Example 13-7 Policing Inbound Traffic at Two Levels of Hierarchy Router(config)# class-map class-default Router(config-cmap)# match any Router(config-cmap)# class-map Gold Router(config-cmap)# match ip precedence 3 Router(config-cmap)# exit Router(config)# policy-map Business Router(config-pmap)# class Gold Router(config-pmap-c)# police 20000 200 pir 40000 300 conform-action set-qos-transmit 80 exceed-action set-qos-transmit 35 violate-action drop Router(config-pmap)# policy-map All_Traffic Router(config-pmap)# class class-default Router(config-pmap-c)# police 6400 200 pir 12800 400 conform-action transmit exceed-action transmit violate-action drop Router(config-pmap-c)# service-policy Business Attaching Hierarchical Policies to Physical and Virtual Links To attach hierarchical policies to interfaces, subinterfaces, virtual circuits, and virtual LANs, enter the following command: Command service-policy {input output} policy-map-name Purpose Attaches the policy map you specify. input indicates to apply the QoS policy to inbound packets. You must specify the input keyword for hierarchical input policing policies. output indicates to apply the QoS policy to outbound packets. You must specify the output keyword for nested policies and three-level hierarchical policies. policy-map-name is the name of a previously configured top-level parent policy map. 13-21

Configuration Examples Chapter 13 Configuration Examples This section provides the following configuration examples: Configuration Examples for Nested Hierarchical Policies, page 13-22 Configuration Examples for Three-Level Hierarchical Policies, page 13-23 Configuration Example for Hierarchical Input Policing, page 13-25 Configuring Bandwidth-Remaining Ratios on ATM Subinterfaces: Example, page 13-26 Configuring Bandwidth-Remaining Ratios on Class Queues: Example, page 13-26 Configuration Examples for Nested Hierarchical Policies Example 13-8 shows how to configure a nested hierarchical policy. This example configuration includes the following: A bottom-level Child-Policy that defines two traffic classes: NewUsers and Bronze-Users. A top-level Parent-Policy that defines the class-default class, which is shaped to a rate of 512 kbps. The Child-Policy is applied to the class-default class. The Parent-Policy is attached to ATM interface 1/0/0 in the outbound direction. Example 13-8 Configuring a Two-Level Hierarchical Policy Router(config)# policy-map Child-Policy [Defines bottom-level child policy.] Router(config-pmap)# class NewUsers Router(config-pmap-c)# police percent 20 400 800 conform-action transmit exceed-action drop Router(config-pmap-c)# class Bronze-Users Router(config-pmap-c)# bandwidth 256 Router(config-pmap-c)# random-detect dscp-based Router(config-pmap-c)# random-detect dscp 8 24 40 Router(config-pmap-c)# queue-limit 128 Router(config-pmap)# policy-map Parent-Policy [Defines top-level parent policy.] Router(config-pmap)# class class-default Router(config-pmap-c)# shape 512 Router(config-pmap-c)# service-policy Child-Policy [Applies child to top-level parent.] Router(config-pmap)# exit Router(config)# interface atm 1/0/0 Router(config-if)# service-policy output Parent-Policy [Applies parent to the interface.] Example 13-9 shows how to configure another nested hierarchical policy. In the example, the bottom-level child policy named Bottom consists of two traffic classes named Group1 and Group2. The traffic matching Group1 has a minimum bandwidth guarantee of 5000 kbps; Group2 has a minimum bandwidth guarantee of 2000 kbps and also has a DSCP-based weighted random early detection (WRED) packet drop policy defined. The bottom-level child policy is applied to the class-default class in the top-level Parent policy map. The router shapes the aggregate of all of the Group1 and Group2 traffic to 8000 kbps as specified by the shape command in the Parent class-default class. The hierarchical policy is attached to outbound ATM interface 1/0/0 using the service-policy command. 13-22

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback