QOS - Classification and Marking

Question 1

What is Packet Classification?

Answer 1

A QoS mechanism responsible for distinguishing between different traffic streams.

Question 2

What are 7 Traffic Descriptors used for Classification?

Answer 2

• Internal: QoS groups (locally significant to a router) * Layer 1: Physical interface, subinterface, or port * Layer 2: MAC address and 802.1Q/ p Class of Service (CoS) bits * Layer 2.5: MPLS Experimental (EXP) bits * Layer 3: DSCP, IP Precedence (IPP), and source/ destination IP address * Layer 4: TCP or UDP ports * Layer 7: NBAR2

Question 3

What is NBAR2?

Answer 3

A deep packet inspection engine that can classify and identify a wide variety of protocols and applications using Layer 3 to Layer 7 data, including difficult-to-classify applications that dynamically assign TCP or UDP port numbers.

Question 4

What are NBAR2 two modes of operation?

Answer 4

• Protocol Discovery mode * Modular QOS CLI (MQC)

Question 5

What are 2 things about NBAR2 Protocol Discovery Mode?

Answer 5

• It enables NBAR2 to discover and get real-time statistics on applications currently running in the network * These statistics can be used to define QoS classes and policies using MQC configuration.

Question 6

NBAR2 Modular QOS CLI (MQC)

Answer 6

Network traffic such as Cisco Webex placed into one traffic class, while YouTube traffic placed into another traffic class.

Question 7

What happens after traffic has been classified by NBAR2 in MQC mode?

Answer 7

Different QoS policies can be applied to the different classes of traffic.

Question 8

What is Packet Marking?

Answer 8

A QoS mechanism that changes a field within a packet or a frame header with a traffic descriptor so it is distinguished from other packets during the application of other QoS mechanisms (such as re-marking, policing, queuing, or congestion avoidance).

Question 9

What are 4 descriptors used for Marking traffic?

Answer 9

• Internal: QoS groups * Layer 2: 802.1Q/ p Class of Service (CoS) bits * Layer 2.5: MPLS Experimental (EXP) bits * Layer 3: Differentiated Services Code Points (DSCP) and IP Precedence (IPP)

Question 10

What is the descriptor Internal: QOS groups?

Answer 10

Used by the router to mark packets as they are received and processed internally within the router and are automatically removed when packets egress the router.

Question 11

When would a router use QOS groups descriptor?

Answer 11

Used only in special cases in which traffic descriptors marked or received on an ingress interface would not be visible for packet classification on egress interfaces due to encapsulation or de-encapsulation.

Question 12

What are the 2 fields inserted into an 802.1q header?

Answer 12

• Tag Protocol ID (TPID) * Tag Control Information (TCI)

Question 13

How big are the 2 fields inserted into an 802.1q header?

Answer 13

Each of the 2 fields are 2 bytes.

Question 14

In an ethernet frame where is the 802.1q header located?

Answer 14

Behind the Source MAC address field

Question 15

What is the TPID value?

Answer 15

0x8100 which identifies it as an 802.1q tagged frame

Question 16

What 3 fields make up the TCI ?

Answer 16

• Priority Code Point (PCP) * Drop Eligible Indicator (DEI) * VLAN ID

Question 17

What are the sizes of each of the 3 fields that make up the TCI?

Answer 17

• PCP 3 bits * DEI 1 bit * VLAN ID 12 bits

Question 18

Which of the 3 fields are used for layer 2 QOS?

Answer 18

PCP

Question 19

How many levels of COS are in the PCP?

Answer 19

8 levels - 0 thru 7

Question 20

What are the 8 COS levels?

Answer 20

• Level 0 - BK - Background * Level 1 - BE - Best Effort * Level 2 - EE - Excellent Effort * Level 3 - CA - Critical apps * Level 4 - Video * Level 5 - VO - Voice * Level 6 - IC - Internetwork Control * Level 7 - NC - Network Control

Question 21

In COS levels 4 and 5 what is the specified latency?

Answer 21

• Level 4 - VI - less than 100 ms latency and jitter * Level 5 - VO - less than 10 ms latency and jitter

Question 22

What is the one drawback to using COS markings?

Answer 22

Frames lose their CoS markings when traversing a non-802.1Q link or a Layer 3 network.

Question 23

How is the COS drawback overcome?

Answer 23

• Use higher layer markings whenever possible * the CoS priority levels correspond directly to IPv4’ s IP Precedence Type of Service (ToS) values so they can be mapped directly to each other

Question 24

What is the default value of the DEI field and what does it mean?

Answer 24

• Default value is 0 * It means the frame cannot be dropped

Question 25

Which field in an IP packet has been used in the past for QOS marking?

Answer 25

ToS byte

Question 26

How big is the ToS field and how are the bits used?

Answer 26

* 8 bits * Only the first 3 are used for marking * The rest of the bits were unused

Question 27

What is another name for the first 3 bits of the ToS byte?

Answer 27

IP Precedence

Question 28

How many usable classes does IPP allow for?

Answer 28

* 8 values - 0 thru 7 * 6 and 7 are reserved

Question 29

How have newer standards redefined the ToS byte?

Answer 29

Now defined as DiffServ field

Question 30

What is the name of the ToS field in IPv6?

Answer 30

Traffic Class

Question 31

What makes up the DiffServ field?

Answer 31

* 6 bit DSCP field * 2 bit Explicit Congestion Notification (ECN)

Question 32

What makes DiffServ backward compatible with PCP?

Answer 32

3 bits of PCP line up with 3 bits of the DSCP field

Question 33

How many values does the 6 bit DSCP field allow for?

Answer 33

64 values - 0 thru 63

Question 34

What is the DSCP field used for?

Answer 34

It is used to mark packets according to their classification into DiffServ Behavior Aggregates (BAs).

Question 35

What is a DiffServe Behavior Aggregate (BA)?

Answer 35

It is a collection of packets with the same DiffServ value crossing a link in a particular direction.

Question 36

What is Per Hop Behavior (PHB)?

Answer 36

The externally observable forwarding behavior (forwarding treatment) applied at a DiffServ-compliant node to a collection of packets with the same DiffServ value crossing a link in a particular direction

Question 37

What is the advantage of identifying a DiffServ Behavior Aggregate?

Answer 37

The core of the network applies a single PHB for an identified BA while classifying, marking, policing and shaping are done at the network edge.

Question 38

What are 4 PHBs?

Answer 38

* Class Selector (CS) PHB * Default Forwarding (DF) PHB * Assured Forwarding (AF) PHB * Expedited Forwarding (EF) PHB

Question 39

What identifies a packet as using PCP for QOS?

Answer 39

* First 3 bits are used * Last 3 bits are set to 0

Question 40

How many CS classes are there?

Answer 40

8 classes CS0 thru CS7

Question 41

What is CS PHB?

Answer 41

Per Hop Behavior that uses a Class Selector value from the first 3 bits in the DSCP field (formerly IPP).

Question 42

What is DF PHB?

Answer 42

Per Hop Behavior when all bits in DS field are set to 0 causing the PHB to use best effort.

Question 43

Name 3 times when DF PHB is used?

Answer 43

* When packets that cannot be classified by a QoS mechanism such as queueing, shaping, or policing * QoS policy on the node is incomplete * when DSCP values are outside those defined for CS, AF, and EF PHBs

Question 44

What is AF PHB?

Answer 44

Per Hop Behavior based on an AF class (AF1 thru AF4) and a Drop Probability (1 thru 3)

Question 45

What bits within the DSCP field are used to mark the AF class and Drop Probability?

Answer 45

* First 3 bits used to identify the AF class (AF1 thru AF4) * The next 2 bits are used to identify Drop Probability (1 thru 3) * The 6th bit is unused

Question 46

What is the significance of the different AF classes?

Answer 46

* The AF class does not represent precedence * Each should be in its own queue

Question 47

What is the formula to convert an AF Name into a DSCP value in decimal?

Answer 47

* 8(x) + 2(y) * If AF41 then 8(4) + 2(1) = 34

Question 48

In AF Names what is the significance of the Drop Probability?

Answer 48

* Drop probabilities range from 1 thru 3 * 1 has a low probability of being dropped * 3 has a high probility of being dropped

Question 49

What 2 things describe how AF responds to long term congestion?

Answer 49

* Drops packets using congestion-avoidance algorithm like WRED * WRED uses the AF Drop Probability to decide which packets should be dropped first during congestion

Question 50

How does an AF implementation respond to short term congestion from bursts?

Answer 50

Each class is placed in a separate queue, AF uses a queueing algorithm such as class-based weighted fair queueing (CBWFQ).

Question 51

What is EF PHB?

Answer 51

PHB that guarantees bandwidth by ensuring a minimum departure rate * Provides the lowest possible delay to delay-sensitive applications by using low-latency queueing * Prevents quque starvation of other applications or classes that are not using the EF PHB by policing EF traffic when congestion occurs.

Question 52

How are EF packets marked in the 6-bit DSCP field?

Answer 52

* 101110 (46 in decimal) * First 3 bits are 101 which maps directly to IPP's highest value (5) *

Question 53

What is Scavenger Class?

Answer 53

* intended to provide less than best-effort services * Marked as CS1

Question 54

What markings does an IP Phone place on voice packets?

Answer 54

* CoS value of 5 * DSCP value of 46

Question 55

What does an IP phone do to packets coming from an attached PC?

Answer 55

* Sets CoS to 0 * Sets DSCP to 0

Question 56

What are the 4 traffic categories for Wireless traffic?

Answer 56

* Platinum - Voice * Gold - Video * Silver - Best effort * Bronze - Background