Chapter 40 - Quality of Service (QoS)

Question 1

What is QoS?

Answer 1

• Quality of Service
• A suite of tools that networking devices use to decide how to treat packets based on certain parameters
• Allows you to manage the bandwidth, delay, jitter, and loss of traffic

Question 2

Define Bandwidth

Answer 2

• The capacity/speed of a link in bits per second
• QoS can be used to prioritise bandwidth to certain traffic so that network congestion does not affect this traffic. For example dedicating a certain amount of bandwidth to VoIP traffic.

Question 3

Define Delay

Answer 3

• One-Way Delay - The time between a packet being sent and it arriving at its destination
• Round Trip Delay - The One-Way Delay plus the time that it takes the receiver of the first packet to respond

Question 4

Define Jitter

Answer 4

• The variation in one-way delay between consecutive packets sent by a particular application.
• For example if the one-way delay of the first packet is 100 ms but the second is 110ms that is considered jitter.
• VoIP phones generally have a Jitter Buffer to provide a fixed delay to audio packets

Question 5

Define Loss

Answer 5

• Defined as the number of lost packets as a percentage of packets sent

Question 6

What are the guidelines set out by Cisco for how much Delay, Jitter, and Loss a VoIP media connection should be able to experience before it is considered too much?

Answer 6

• One-way Delay - 150 ms or less
• Jitter - 30ms or less
• Loss - 1% or less

Question 7

What are the guidelines set out by Cisco for how much Delay, Jitter, and Loss a video media connection should be able to experience before it is considered too much? How much Bandwidth should be dedicated?

Answer 7

• Bandwidth - 384Kbps to 20+ Mbps
• Delay (one-way) - 200-400ms
• Jitter - 30-50ms
• Loss - 0.1%-1%

Question 8

What is Classification and Marking?

Answer 8

• Type of QoS tool
• Organising packets into certain classes which can then be used to move certain packets into certain queues to ensure that some are prioritised above others. These can be marked using DSCP and CoS (PCP field)
• Methods of doing this could be ACLs that only action certain traffic that pass through them or NBAR.

Question 9

What is NBAR?

Answer 9

• Network Based Application Recognition
• NBAR2 or Next Generation NBAR is the most widely used nowadays
• Matches packets to be classified in many ways useful to QoS
• For example it can specifically match traffic from applications such as Facetime or ESPN video using Application Signatures so that this traffic can specifically have QoS applied

Question 10

What is the Type of Service (ToS) byte?

Answer 10

• Field in IPv4 header
• Includes the DSCP (Differentiated Services Code Point) and ECN (Explicit Congestion Notification) values that are used for QoS marking. There are 64 unique values.
• DSCP’s predecessor was IPP (IP Precedence) which only allowed 7 different values.

Question 11

What field can be used to mark QoS in the 802.1Q header?

Answer 11

• PCP - Priority Code Point

These can only be used on frames where there is an 802.1Q header. For this reason, 802.1Q trunking has to be enabled on the interface(s) these are used on.

Question 12

What QoS marking fields can be utilised over what type of link/technology?

Answer 12

• DSCP - Any packet - 6 bits
• IPP - Any packet - 3 bits
• PCP/CoS - Frame with 802.1Q header (trunk links and access links with voice VLANs) - 3 bits
• TID - Wifi - 3 bits
• EXP - MPLS - 3 bits

Question 13

What is a Trust Boundary?

Answer 13

• The point in the path of a traffic flow after which networking devices can trust QoS markings.
• If the markings aren’t on the Trusted side of the boundary, they will be changed according to the QoS policy.
• For example, if a PC is daisy chained from a phone, you could set the trust boundary at the phone since the PCs DSCP/PCP markings and shouldn’t be trusted could be changed but the phone’s likely wouldn’t be able to so could be trusted.

Question 14

What is DiffServ?

Answer 14

• Defines a series of standardised DSCP markings that can be used by multiple different vendors without compatibility issues.

Question 15

Common DSCP values

Answer 15

• DF/CS0 (Default Forwarding)
  - Best effort
• EF (Expedited Forwarding)
  - Used for packets that need low Delay, low Jitter, and low Loss, (e.g. Voice traffic).
  - DSCP value 46
  - As an example, RTP packets from Cisco phones generally will be marked with EF, but SIP signalling
  packets may be marked with another value such as CS3.
• AF (Assured Forwarding)
  - Defines a set of 12 DSCP values. These are each defined by the letters AF followed by two numbers.
  These two numbers represent a point on a grid with 4 queue classes and 3 drop prescidence numbers.
  The first being the queue and the second being the drop prescedence.
  - The queue class axis goes 1 (worst) to 4 (best)
  - The drop prescedence axis goes 3 (worst) to 1 (best)
  - For example, AF41 is the best queue and drop prescedence
  - Drop prescedence refers to Congestion Avoidance. The higher the number (3) the more likely it is that
  the traffic will be dropped.
  - In binary, the first 3 bits of the DSCP value are the queue, the next 2 bits are the drop prescedence, and
  the last bit (1) is always 0.
• CS (Class Selector)
  - Defines a set of 8 DSCP values used for backwards compatibility with the original IPP values.
  - The DSCP values have an extra 3 bits more than IPP values in binary. (Instead of just 4,2,1 for IPP you
  have 32,16,8,4,2,1 for DSCP but like AF, the 1 bit is always 0)
  - The first 3 bits of the DSCP value are the same as its corresponding IPP value. For example, IPP 0 = CS0 =
  DSCP 0, IPP 1 = CS1 = DSCP 8, IPP 2 = CS2 = DSCP 16 etc.

Question 16

What plans does Cisco lay out in RFC4954 that advise what DSCP values should be used for what types of traffic?

Answer 16

• EF - Voice payload
• AF4x - Interactive video (e.g. Video conferencing)
• AF3x - Streaming video
• AF2x - High priority (low latency) data
• CS0 (DF) - Standard data

Question 17

What is Queueing?

Answer 17

• Tools used by network devices to hold packets while they wait for the outgoing interface to become available to be sent
• Traffic will generally be forwarded in a FIFO (First In First Out) manner

Question 18

What is Prioritisation?

Answer 18

• A method a scheduler uses to define what queues take priority over what other queues
• An example of this is Round-Robin Scheduling. This just means that the scheduler will go round each queue taking a message (or enough messages to make up the same amount of data) and allowing it to be sent out of the outgoing interface.
• There is also Weighted Round-Robin which the scheduler uses when it wants to take more traffic out of one queue than the others by prioritising this queue.

Question 19

What is CBWFQ?

Answer 19

• Class Based Weighted Fair Queueing
• Guarantees a user defined minimum amount of bandwidth to each queue even at congested times

Question 20

What is Low Latency Queueing?

Answer 20

• A method a scheduler uses to define what queues take priority over what other queues
• Gives certain queues higher priority over others by defining when the scheduler will take traffic from certain queues. For example, higher priority queues may always be next after each other queue.
• Also means that, when done correctly, the prioritised queue doesn’t have time to fill up so no traffic is dropped

Question 21

True or False. Round Robin Queueing is the preferred queueing method for voice and video traffic

Answer 21

False. Low Latency Queueing is.

Question 22

What is Queue Starvation?

Answer 22

When a queue is allowed to fill up because more data enters the queue than the transfer rate of the interface due to the scheduler not servicing this queue often enough.

Question 23

What is good practice for Data, Voice, and Video traffic prioritisation?

Answer 23

• Use a round robin queueing method for regular data
• Give queues that support business critical applications more guaranteed bandwidth than less important ones
• Use LLQ for interactive voice and video for lower loss, jitter, and delay
• Put voice in a separate queue to video so that policing applies separately to each
• Allocate enough bandwidth to each priority queue so that traffic is not discarded from priority queues
• Use CAC (Call Admission Control) to avoid adding too much voice or video to the network that could trigger policing functions that could discard this traffic

Question 24

What decisions does Shaping and Policing use to see if it is required?

Answer 24

• Checks if the next incoming packet would push the measured rate past the defined shaping or policing threshold
  - If not it continues as normal
  - If it breaches the shaping threshold then delay the message by queueing it
  - If it breaches the policing threshold then either discard the message or mark it differently

Question 25

What is Burst in Policing?

Answer 25

• When traffic is allowed to temporarily breach the Policing threshold before being capped again

Question 26

What could be a use case for remarking packets using Policing rather than just discarding them?

Answer 26

• If the Poilicing threshold is breached, the Policer could mark the packets stating that if the onward devices are congested then drop the packets. However if they aren’t, process them as normal.

Question 27

What is Policing?

Answer 27

• Discards or remarks packets if the traffic rate goes over the configured rate
• Often used at the WAN edge
• Measures traffic rate over time and compares it to a configured policing rate
• Allows a burst of data after a period of inactivity
• Enabled on an interface in either direction but normally ingress

Question 28

What is Shaping?

Answer 28

• Used to delay traffic if it goes over the configured rate by queueing it and release it at the shaping rate
• Often used at the WAN edge
• Measures traffic rate over time and compares it to a configured shaping rate
• Enabled on an interface typically for egress
• Use queueing tools to create and schedule shaping queues

Question 29

What is Congestion Avoidance?

Answer 29

• Attempts to reduce overall packet loss by preemptively discarding some packets used in TCP connections. It does this by measuring how full a queue is. The more full the queue, the more packets are dropped.
• A form of this is RED (Random Early Detection). There’s also WRED (Weighted Random Early Detection) which means that TCP packets aren’t dropped randomly and you can determine which ones are dropped based on their priority.

Question 30

What is Tail Drop?

Answer 30

• When traffic is dropped because there is no room to join at the end of the queue due to congestion
• Can cause TCP Global Synchronisation which is when the global TCP window size decreases causing network underutilisation and then increases causing further congestion and Tail Drop. This then repeats unless the congestion causing the Tail Drop is rectified.

Question 31

What is POE?

Answer 31

• Power Over Ethernet
• Allows PSE (Power Sourcing Equipment) to power PDs (Powered Devices) over an Ethernet cable.
• PSE receives AC power from an outlet and converts it to DC for the PDs

Question 32

How does a PSE determine how much power a PD needs?

Answer 32

• PSE sends lower power signals to PD and waits for a response and bases how much power will be transmitted off this response
• The PSE will then continue to listen for changes in the POE class (can also listen for CDP and LLDP messages detailing this). If the POE class changes it adjusts the voltage accordingly.

Question 33

What is Power Policing?

Answer 33

• A technology used to stop a PD from drawing too much power

Some commands for Power Policing are:
- ‘power inline police’ or ‘power inline police action err-disable’ - Configures Power Policing with default settings. If too much power is drawn this will err-disable the port and send a log message.
- ‘power inline police action log’ - Configures Power Policing so that it doesn’t err-disable the interface is the PD draws too much power but it will restart the interface and send a syslog message.
- ‘show power inline police’ - Shows information about Power Policing on the current device.

Question 34

List PoE standards and the wattage and pairs used

Answer 34

• Cisco ILP (InLine Power) - Cisco Proprietary - 7W - 2 pairs
• POE (Type 1) - 802.3af - IEEE - 15W - 2 pairs
• POE+ (Type 2) - 802.3at - IEEE - 30W - 2 pairs
• UPOE (Type 3) - 802.3bt - IEEE - 60W - 4 pairs
• UPOE+ (Type 4) - 802.3bt - IEEE - 100W - 4 pairs

Question 35

What are some of the important CoS values in the PCP 802.1q field?

Answer 35

0 - Best Effort (Does not meet a QoS standard and there is no guarantee that the data is delivered)
3 - Critical Applications
4 - Video
5 - Voice

Question 36

How do you work out the DSCP AF value from binary?

Answer 36

• DSCP as standard is 6 bits. In binary it’s 32, 16, 8, 4, 2, 1
• The first 3 bits are the queue, the next 2 bits are the drop prescedence, and the last bit (1) is always 0
• When looking at this in binary you need to break these sections up so it is 4, 2, 1 for the queue and 2, 1 for the drop prescedence. This will give you the AF value.
• To get the DSCP value just read the binary as if it wasn’t split into sections (32, 16, 8, 4, 2, 1)

Question 37

What does a scheduler do?

Answer 37

Used to decide what queue traffic should be allowed from next.

Question 38

What steps does the QoS process take?

Answer 38

1. Classification and Marking (ACLs, NBAR then DSCP, CoS)
   2a. Queueing (Weighted Round Scheduling with CBWFQ or LLQ and prioritisation)
   2b. Congestion Avoidance (RED or WRED)
2. Shaping and Policing

Question 39

What is the per-hop behaviour of QoS?

Answer 39

Each router along the route needs to have respective QoS rules configured that work together. If one router marks traffic with a certain DSCP mark, the other routers along the route need to be configured with how to treat those marks.

Question 40

Why could it be more beneficial to use DSCP over CoS for QoS?

Answer 40

• CoS is found in the Ethernet header so will be removed on each hop when the layer 2 header is decapsulated
• DSCP is found in the IP header so will remain throughout the packets whole journey