44-10
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 44 Configuring Quality of Service
Overview of QoS
•
For non-IP packets, classification involves assigning an internal DSCP to the packet, but because
there is no DSCP in the non-IP packet, no overwrite occurs. Instead, the internal DSCP is used both
for queueing and scheduling decisions and for writing the CoS priority value in the tag if the packet
is being transmitted on either an ISL or 802.1Q trunk port.
•
During policing, IP and non-IP packets can have another DSCP assigned to them (if they are out of
profile and the policer specifies a markdown DSCP). Once again, the DSCP in the packet is not
modified, but an indication of the marked-down value is carried along. For IP packets, the packet
modification occurs at a later stage.
Per Port Per VLAN QoS
Per-port per-VLAN QoS (PVQoS) offers differentiated quality-of-services to individual VLANs on a
trunk port. It enables service providers to rate limit individual VLAN-based services on each trunk port
to a business or a residence. In an enterprise Voice-over-IP environment, it can be used to rate limit voice
VLAN even if an attacker impersonates an IP phone. A per-port per-VLAN service policy can be
separately applied to either ingress or egress traffic. For configuration details see
Per-VLAN QoS” section on page 44-70
Flow-based QoS
Note
Before reading this section, you should be familiar with implementing Flexible NetFlow (
“Configuring Flexible NetFlow”
) and QoS implementation in this chapter.
Flow based QoS enables microflow policing and marking capability to dynamically learn traffic flows.
It also rate limits each unique flow to an individual rate. Flow based QoS is available on a Catalyst 4500
series switch with the built-in NetFlow hardware support. It can be applied to ingress traffic on both
switched and routed interfaces with flow masks defined using Flexible NetFlow (FNF). It supports up to
100,000 individual flows in hardware and up to 512 unique policer configuration. Flow based QoS is
typically used in environments where per-user, granular rate-limiting required. For example, per-flow
outbound and inbound traffic rate might differ. Flow based QoS is also referred to as User Based Rate
Limiting (UBRL).
A
flow
is defined as a stream of packets having the same properties as those defined by the key fields in
the FNF flow record. A new flow is created when the value of data in packet’s key fields is unique with
respect to the flow that already exist.
A flow based QoS policy is possesses one or more classmaps matching on a FNF flow record. Such a
classmap must be configured as
match-all
to match all the match criteria specified in the classmap.
When a flow based QoS policy is attached to a QoS target, ingress traffic on the target is first classified
based on the classification rules specified in the class-map. If the classifier has FNF flow record, the
key fields specified in the FNF flow record are applied on the classified traffic to create flows provided
the flow does not already exist. The corresponding policy actions (policing and marking) are then
applied to these individual flows. Flow-based policers (termed
microflow policers
) rate limit each unique
flow. Flows are dynamically created and inactive flows are periodically aged out.
Flow based QoS policy can be attached to QoS targets such as port (P), vlan (V), per-port-per-vlan (PV),
and EtherChannel but only in the ingress direction.
For details on now to enable FNF, refer to the
“Applying Flow-based QoS Policy” section on page 44-75
.
Содержание Catalyst 4500 Series
Страница 2: ......
Страница 4: ......
Страница 2086: ...Index IN 46 Software Configuration Guide Release IOS XE 3 9 0E and IOS 15 2 5 E ...