Showing posts with label Classification and Marking. Show all posts
Showing posts with label Classification and Marking. Show all posts

Thursday, October 14, 2021

What is Marking in QoS ? How to mark packets?

 In this section, we are going to discuss and look at the configuration of marking packets. When we set the TOS (Type of Service) byte with an IP Precedence value or DSCP value this is marking.  In case if you don’t know what is Classification, IP precedence, or DSCPcolor code value click here. I'm assuming you understand Classification.

What is Quality of Service (QOS)?

What is Modular Quality of service CLI (MQC)?

What is Classification and marking? What are IP Precedence and DSCP Values? What is AF and EF?





Let see the configuration:-

Topology:-



Goal:-

  • configure the topology as per the diagram. 
  • configure IP addresses as per the topology. 
  • configure EIGRP AS 65100 and advertise all the directly connected interfaces.
  • configure marking on router 1 to mark the packets coming from FastEthernet 0/0 and fwd to router 3 with IP precedence 2 value.
  • configure  IP precedence of 3 to ICMP packets on router 2.


R1(config)#interface serial 4/0

R1(config-if)#ip address 12.1.1.1 255.255.255.0

R1(config-if)#no shutdown

R1(config-if)#exit


R1(config)#interface fastEthernet 0/0

R1(config-if)#ip address 192.168.10.1 255.255.255.0

R1(config-if)#no shutdown

R1(config-if)#no keepalive

R1(config-if)#exit


R1(config)#interface loopback 0

R1(config-if)#ip address 1.1.0.1 255.255.255.0

R1(config-if)#interface loopback 1

R1(config-if)#ip address 1.1.1.1 255.255.255.0

R1(config-if)#interface loopback 2

R1(config-if)#ip address 1.1.2.1 255.255.255.0

R1(config-if)#interface loopback 3

R1(config-if)#ip address 1.1.3.1 255.255.255.0

R1(config-if)#exit


R2(config)#interface serial 4/0

R2(config-if)#ip address 12.1.1.2 255.255.255.0

R2(config-if)#no shutdown

R2(config-if)#exit


R2(config)#interface serial 4/1

R2(config-if)#ip address 23.1.1.1 255.255.255.0

R2(config-if)#no shutdown

R2(config-if)#exit


R2(config)#interface fastEthernet 0/0

R2(config-if)#ip address 192.168.20.1 255.255.255.0

R2(config-if)#no shutdown

R2(config-if)#no keepalive

R2(config-if)#exit


R2(config)#interface loopback 0

R2(config-if)#ip address 2.2.0.2 255.255.255.0

R2(config-if)#interface loopback 1

R2(config-if)#ip address 2.2.1.2 255.255.255.0

R2(config-if)#interface loopback 2

R2(config-if)#ip address 2.2.2.2 255.255.255.0

R2(config-if)#interface loopback 3

R2(config-if)#ip address 2.2.3.2 255.255.255.0

R2(config-if)#exit


R3(config)#interface serial 4/1

R3(config-if)#ip address 23.1.1.2 255.255.255.0

R3(config-if)#no shutdown

R3(config-if)#exit


R3(config)#interface fastEthernet 0/0

R3(config-if)#ip address 192.168.30.1 255.255.255.0

R3(config-if)#no keepalive

R3(config-if)#exit


R3(config)#interface loopback 0

R3(config-if)#ip address 3.3.0.3 255.255.255.0

R3(config-if)#interface loopback 1

R3(config-if)#ip address 3.3.1.3 255.255.255.0

R3(config-if)#interface loopback 2

R3(config-if)#ip address 3.3.2.3 255.255.255.0

R3(config-if)#interface loopback 3

R3(config-if)#ip address 3.3.3.3 255.255.255.0

R3(config-if)#exit



R1(config)#router eigrp 65100

R1(config-router)#network 12.1.1.1 0.0.0.0

R1(config-router)#network 1.1.0.1 0.0.0.0

R1(config-router)#network 1.1.1.1 0.0.0.0

R1(config-router)#network 1.1.2.1 0.0.0.0

R1(config-router)#network 1.1.3.1 0.0.0.0

R1(config-router)#network 192.168.10.1 0.0.0.0

R1(config-router)#end


R2(config)#router eigrp 65100

R2(config-router)#network 12.1.1.2 0.0.0.0

R2(config-router)#network 2.2.0.2 0.0.0.0

R2(config-router)#network 2.2.1.2 0.0.0.0

R2(config-router)#network 2.2.2.2 0.0.0.0

R2(config-router)#network 2.2.3.2 0.0.0.0

R2(config-router)#network 192.168.20.1 0.0.0.0

R2(config-router)#network 23.1.1.1 0.0.0.0

R2(config-router)#exit



R3(config)#router eigrp 65100
R3(config-router)#network 23.1.1.2 0.0.0.0
R3(config-router)#network 23.1.1.2 0.0.0.0
R3(config-router)#network 192.168.30.1 0.0.0.0
R3(config-router)#network 3.3.0.3 0.0.0.0
R3(config-router)#network 3.3.1.3 0.0.0.0
R3(config-router)#network 3.3.2.3 0.0.0.0
R3(config-router)#network 3.3.3.3 0.0.0.0
R3(config-router)#exit

*Oct 14 17:14:20.351: %DUAL-5-NBRCHANGE: EIGRP-IPv4 65100: Neighbor 23.1.1.1 (Serial4/1) is up: new adjacency


R1(config)#access-list 111 permit IP host 192.168.10.1 host 192.168.30.1
R1(config)#class-map TEST
R1(config-cmap)#match access-group 111
R1(config-cmap)#exit

R1(config)#policy-map TEST-POLICY
R1(config-pmap)#class TEST
R1(config-pmap-c)#set ip precedence 3
R1(config-pmap-c)#end

R1(config)#interface serial 4/0
R1(config-if)#service-policy output TEST-POLICY
R1(config-if)#END

*Oct 14 17:19:48.795: %SYS-5-CONFIG_I: Configured from console by console
R1#ping 192.168.30.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.30.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/52/72 ms




R1#show policy-map interface serial 4/0
 Serial4/0

  Service-policy output: TEST-POLICY

    Class-map: TEST (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0000 bps, drop rate 0000 bps
      Match: access-group 111
      QoS Set
        precedence 3
          Packets marked 0

    Class-map: class-default (match-any)
      262 packets, 17710 bytes
      5 minute offered rate 0000 bps, drop rate 0000 bps
      Match: any

R1#show run class-map
Building configuration...

Current configuration: 57 bytes
!
class-map match-all TEST
 match access-group 111
end

Read more »
by at No comments:
Tags:

Monday, October 11, 2021

What is of NBAR (network- based application recognition),classification QOS How to configure NBAR?

 When we implement Quality of Service (QoS) the first step is classification, by default our router does not care about what kind of IP packets it is. Our router just looks at the routing table to find the correct destination IP address and forwards.

When we configure QoS technologies like queuing, policing, or shaping before doing first we have to identify what kind of traffic is running on our routers so we can figure out what kind of application it belongs to. This is classification.


What is Quality of Service (QOS)?

What is Modular Quality of service CLI (MQC)?

What is Classification and marking? What are IP Precedence and DSCP Values? What is AF and EF?

 

 

Once we identify our traffic (classify). Now we can mark and apply QoS policy to it.

There are a few methods on IOS routers for classification:

Header inspection It is a simple classification method and it works really good but has some disadvantages. Let’s say we configure our router all the applications run TCP and its destination is HTTP port 80. Anyhow some other applications are also using TCP port 80. The router is going to perform the same action on both.

Payload inspection This is reliable and it will do deep packet inspection. This method will look at the content of the payload and recognize the application. On our Cisco IOS, this is done with the help of NBAR (network-based application recognition)



NBAR router inspects incoming IP packets and matches them with attributes and signatures in the (packet description language module) PDLM. NBAR is commonly used to block websites and it’s very popular for classification 

NBAR classification modern client-server and web-based applications. Perform identification of applications and protocols (layers 4-7) NBAR Performs protocol discovery and provides traffic statistics. NBAR enables downstream action based on QoS policies via (RED), class-based queuing, and policing. New applications are easily supported by loading a PDLM.

NBAR can classify applications that use Statically assigned TCP and UDP port numbers. Non-UDP and non-TCP IP protocols. Dynamically assigned TCP and UDP port numbers negotiated during connection establishing (requires stateful inspection)   

NBAR2 is the next generation of NBAR, enhancing the application recognition engine to support more than 1000 applications.  NBAR2 functionality requires an advanced license

 

Packet description language module

PDLMs allow NBAR to recognize new protocol-matching text patterns in data packets without requiring a new Cisco IOS software image or a router reload. An external PDLM can be loaded at run time to extend the NBAR list of recognized protocols. PDLMs can also be used to enhance an existing protocol recognition capability. PDLMs must be produced by Cisco engineers.

 

NBAR Protocol Discovery

Analyze application traffic patterns in real-time and discover which traffic is running on the network. Provides bidirectional, per-interface, and per-protocol statistics. Important monitoring tool supported by Cisco QoS management tools Generates real-time application statistics Provides traffic distribution information at key network locations.

let's see the configuration: -

Topology:


  • configure the topology as per our diagram
  • assign the IP address to their respective interfaces 
  • configure EIGRP AS65100
  • configure outbound MQC
  • configure IP precedence of 1 to ICMP packets, IP precedence of 2 HTTP packets and configure DSCP EF TO VoIP.

R1(config)#interface serial 4/0
R1(config-if)#ip address 192.168.10.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit


R1(config)#interface fastEthernet 0/0
R1(config-if)#ip address 10.1.1.1 255.0.0.0
R1(config-if)#no keepalive
R1(config-if)#no shutdown
R1(config-if)#exit

R1#show ip interface brief
Interface              IP-Address      OK? Method Status                Protocol
FastEthernet0/0        10.1.1.1        YES manual up                    up
Serial4/0              192.168.10.1    YES manual up                    up


R2(config)#interface serial 4/0
R2(config-if)#ip address 192.168.10.2 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#exit



R2(config)#interface fastEthernet 0/0
R2(config-if)#ip address 20.1.1.1 255.0.0.0
R2(config-if)#no shutdown
R2(config-if)#no keepalive
R2(config-if)#exit


R2#show ip interface brief
Interface              IP-Address      OK? Method Status                Protocol
FastEthernet0/0        20.1.1.1        YES manual up                    up
Serial4/0               192.168.10.2    YES manual up                    up


R1(config)#router eigrp 65100
R1(config-router)#network 192.168.10.0
R1(config-router)#network 10.0.0.0
R1(config-router)#no auto-summary
R1(config-router)#exit


R2(config)#router eigrp 65100
R2(config-router)#network 192.168.10.0
R2(config-router)#network 192.168.10.0
R2(config-router)#network 20.1.1.1
R2(config-router)#no auto-summary
R2(config-router)#exit

*Oct 11 18:22:53.123: %DUAL-5-NBRCHANGE: EIGRP-IPv4 65100: Neighbor 192.168.10.1 (Serial4/0) is up: new adjacency


R1#show ip route eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

D     20.0.0.0/8 [90/2172416] via 192.168.10.2, 00:00:21, Serial4/0


R1#show ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(65100)
H   Address                 Interface              Hold Uptime   SRTT   RTO  Q  Seq
                                                   (sec)         (ms)       Cnt Num
0   192.168.10.2            Se4/0                    13 00:00:31   54   324  0  4

R2#show ip route eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

D     10.0.0.0/8 [90/2172416] via 192.168.10.1, 00:00:42, Serial4/0


R2#show ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(65100)
H   Address                 Interface              Hold Uptime   SRTT   RTO  Q  Seq
                                                   (sec)         (ms)       Cnt Num
0   192.168.10.1            Se4/0                    11 00:00:46   44   264  0  3



R1(config)#class-map HTTP
R1(config-cmap)#match protocol http 
R1(config-cmap)#exit

R1(config)#class-map VoIP
R1(config-cmap)#match access-group name VOICE
R1(config-cmap)#exit

R1(config)#class-map ICMP
R1(config-cmap)#match protocol icmp
R1(config-cmap)#exit

R1(config)#ip access-list extended VOICE
R1(config-ext-nacl)#permit udp any any range 16380 32760
R1(config-ext-nacl)#exit

R1(config)#policy-map INTERNETWORKS

R1(config-pmap)#class ICMP
R1(config-pmap-c)#set ip precedence 1
R1(config-pmap-c)#exit

R1(config-pmap)#class HTTP
R1(config-pmap-c)#set ip precedence 2
R1(config-pmap-c)#exit

R1(config-pmap)#class VoIP
R1(config-pmap-c)#set ip dscp ef
R1(config-pmap-c)#exit
R1(config-pmap)#exit
R1(config)#exit


R1#show run policy-map
Building configuration...

Current configuration : 132 bytes
!
policy-map INTERNETWORKS
 class ICMP
  set ip precedence 1
 class HTTP
  set ip precedence 2
 class VoIP
  set ip dscp ef
!
end

R1#show run class-map
Building configuration...

Current configuration : 156 bytes
!
class-map match-all ICMP
 match protocol icmp
class-map match-all HTTP
 match protocol http
class-map match-all VoIP
 match access-group name VOICE
end


R1(config)#interface serial 4/0
R1(config-if)#service-policy output INTERNETWORKS
R1(config-if)#EXIT
R1(config)#END

R1#show policy-map interface serial 4/0
 Serial4/0

  Service-policy output: INTERNETWORKS

    Class-map: ICMP (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0000 bps, drop rate 0000 bps
      Match: protocol icmp
      QoS Set
        precedence 1
          Packets marked 0

    Class-map: HTTP (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0000 bps, drop rate 0000 bps
      Match: protocol http
      QoS Set
        precedence 2
          Packets marked 0

    Class-map: VoIP (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0000 bps, drop rate 0000 bps
      Match: access-group name VOICE
      QoS Set
        dscp ef
          Packets marked 0

    Class-map: class-default (match-any)
      7 packets, 368 bytes
      5 minute offered rate 0000 bps, drop rate 0000 bps
      Match: any

R1#ping 20.1.1.1 source 10.1.1.1 repeat 16
Type escape sequence to abort.
Sending 16, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
!!!!!!!!!!!!!!!!
Success rate is 100 percent (16/16), round-trip min/avg/max = 32/46/52 ms

R1#show policy-map interface serial 4/0
 Serial4/0

  Service-policy output: INTERNETWORKS

    Class-map: ICMP (match-all)
      16 packets, 1664 bytes
      5 minute offered rate 1000 bps, drop rate 0000 bps
      Match: protocol icmp
      QoS Set
        precedence 1
          Packets marked 16

    Class-map: HTTP (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0000 bps, drop rate 0000 bps
      Match: protocol http
      QoS Set
        precedence 2
          Packets marked 0

    Class-map: VoIP (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0000 bps, drop rate 0000 bps
      Match: access-group name VOICE
      QoS Set
        dscp ef
          Packets marked 0

    Class-map: class-default (match-any)
      20 packets, 1313 bytes
      5 minute offered rate 0000 bps, drop rate 0000 bps
      Match: any

R1#ping 20.1.1.1 source 10.1.1.1 repeat 4
Type escape sequence to abort.
Sending 4, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
!!!!
Success rate is 100 percent (4/4), round-trip min/avg/max = 44/49/52 ms
R1#show policy-map interface serial 4/0
 Serial4/0

  Service-policy output: INTERNETWORKS

    Class-map: ICMP (match-all)
      20 packets, 2080 bytes
      5 minute offered rate 0000 bps, drop rate 0000 bps
      Match: protocol icmp
      QoS Set
        precedence 1
          Packets marked 20

    Class-map: HTTP (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0000 bps, drop rate 0000 bps
      Match: protocol http
      QoS Set
        precedence 2
          Packets marked 0

    Class-map: VoIP (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0000 bps, drop rate 0000 bps
      Match: access-group name VOICE
      QoS Set
        dscp ef
          Packets marked 0

    Class-map: class-default (match-any)
      26 packets, 1617 bytes
      5 minute offered rate 0000 bps, drop rate 0000 bps
      Match: any


by at No comments:
Tags:

Monday, October 4, 2021

What is Classification and marking? What is IP Precedence and DSCP Values? What is AF and EF?

 

 



What is Quality of Service (QOS)?

What is Modular Quality of service CLI (MQC)?

What is Classification and marking? What are IP Precedence and DSCP Values? What is AF and EF?

What is of NBAR (network- based application recognition), classification QOS How to configure NBAR?


Classification and Marking

Classification and marking is the process of identifying the priority of each packet. This is the first step of QoS control and should be done near the source hosts. classification is the process of identifying and categorizing traffic into classes, typically based upon incoming interface IP precedence DSCP Source or Destination address application classification is the most fundamental QoS building block. Without classification, all packets are treated the same.



The table lists the criteria of classification                               


Marking 

marking is the QoS feature component that colors a packet so it can be identified and distinguished from other packets in QoS treatment. commonly used markers:

link-layer: COS (ISL,802.1Q), MPLS EXP bits, frame relay 

network layer:DSCP, IP precedence 



Layer 2 and Layer 3 Header Marking 


let's take a look at Layer 3 IPv4 packet ToS Byte. 




In the starting, the ToS byte defines like this ☝.


  • The starting 3 bits are used to define IP precedence. The higher the value means the higher the priority of IP Packets.
  • Rests of the bits are called the Type of Service. ToS bits are used to assign delay, throughput, and reliability.

let's see the picture for better understanding.




 

But the “type of service” bits which are a specified delay, throughput, and reliability have never been really been used. Only the IP precedence bits are used to assign a priority to the IP packets. do not confuse by the name ToS. 0-7 is called ToS byte and 4-7 bits is called ToS bits (Type of Service). look at the picture below👇. however, ToS bits (Type of Service) have never been used only the IP Precedence is in use for prioritizing the IP packets. 


Let's talks about what we actually using nowadays?

DS field (Differentiated Services)  now we called ToS byte to DS field the name is changed.


DSCP (DiffServ Code Point) provides a 6-bit field for QoS marking in which color code (CS) is also called DSCP value. CS or DSCP  6 bits among which 3 bits are the same as IP precedence, and the other 3 bits are ToS fields. Thus, the DSCP value range is 0 to 63. The graph below shows the DSCP and IP precedence bits:


DSCP value is also known as Per-Hop Behavior PHB is that packets that are marked with a certain codepoint will receive a certain QoS treatment (for example queuing, policing, or shaping). The default Per-Hop Behavior PHB means that we have a packet that is marked with a DSCP value of 000000. This packet should be treated as “best-effort”.

 .

Now there are three types of defined PHBs:

Best-Effort (BE or DSCP 0) is the packet that is marked with a DSCP value of 000000. This packet should be treated as “best-effort”.

 Assured Forwarding (AF) Assured forwarding allows you to provide assurance of delivery as long as the traffic does not exceed some subscribed rate.

Expedited Forwarding (EF).is that any traffic class with EF's related DSCP is given highest priority


let's see CS, AF, EF, and Best effort.





 The first bits are called CS higher number means high priority (same as IP Precedence) and the rest of the 3 bits are called AF higher number means high drop probability assured forwarding bits.




What are CS  and AF?

CS 1    +     AF 1     =  001 0100

CS 2   +     AF 2     =   010 1000

CS 3   +     AF 3     =   011 0110


How this works?

let's take an example we have FastEthernet 0/0 and the queue is full and the router wants drop packets.





 

 



Instagram



Facebook


Twitter



LINKEDIN









by at No comments:
Tags:
Subscribe to: Posts (Atom)

INSTAGRAM FEED

@soratemplates