Previous Topic

Next Topic

Book Contents

Book Index

Configuring Differentiated Services

The QoS feature contains Differentiated Services (DiffServ) support that allows traffic to be classified into streams and given certain QoS treatment in accordance with defined per-hop behaviors.

Standard IP-based networks are designed to provide “best effort” data delivery service. “Best effort” service implies that the network delivers the data in a timely fashion, although there is no guarantee that it will. During times of congestion, packets may be delayed, sent sporadically, or dropped. For typical Internet applications, such as e-mail and file transfer, a slight degradation in service is acceptable and in many cases unnoticeable. Conversely, any degradation of service has undesirable effects on applications with strict timing requirements, such as voice or multimedia.

Defining DiffServ

To use DiffServ for QoS, the web pages accessible from the Differentiated Services menu page must first be used to define the following categories and their criteria:

  1. Class: Create classes and define class criteria.
  2. Policy: Create policies, associate classes with policies, and define policy statements.
  3. Service: Add a policy to an inbound interface

Packets are classified and processed based on defined criteria. The classification criteria is defined by a class. The processing is defined by a policy's attributes. Policy attributes may be defined on a per-class instance basis, and it is these attributes that are applied when a match occurs. A policy can contain multiples classes. When the policy is active, the actions taken depend on which class matches the packet.

Packet processing begins by testing the class match criteria for a packet. A policy is applied to a packet when a class match within that policy is found. The Differentiated Services menu page contains links to the various Diffserv configuration and display features.

To access the DiffServ pages, click Quality of Service > Differentiated Services.

Diffserv Configuration

Packets are filtered and processed based on defined criteria. The filtering criteria is defined by a class. The processing is defined by a policy’s attributes. Policy attributes may be defined on a per-class instance basis, and it is these attributes that are applied when a match occurs. The configuration process begins with defining one or more match criteria for a class. Then one or more classes are added to a policy. Policies are then added to interfaces.

Packet processing begins by testing the match criteria for a packet. The ‘all’ class type option defines that each match criteria within a class must evaluate to true for a packet to match that class. The ‘any’ class type option defines that at least one match criteria must evaluate to true for a packet to match that class. Classes are tested in the order in which they were added to the policy. A policy is applied to a packet when a class match within that policy is found.

Use the Diffserv Configuration page to display DiffServ General Status Group information, which includes the current administrative mode setting as well as the current and maximum number of rows in each of the main DiffServ private MIB tables.

To display the page, click Quality of Service > Differentiated Services > Diffserv Configuration in the navigation menu.

Diffserv Configuration

Diffserv Configuration Fields

Field

Description

Diffserv Admin Mode

Turns admin mode on and off. The default value is Enable. While disabled, the DiffServ configuration is retained and can be changed, but it is not active. While enabled, Differentiated Services are active.

MIB Table

Class Table

Displays the current and maximum number of rows of the class table.

Class Rule Table

Displays the current and maximum number of rows of the class rule table.

Policy Table

Displays the current and maximum number of rows of the policy table.

Policy Instance Table

Displays the current and maximum number of rows of the policy instance table.

Policy Attributes Table

Displays the current and maximum number of rows of the policy attributes table.

Service Table

Displays the current and maximum number of rows of the service table.

If you change the DiffServ admin mode, click Submit to apply the change to the system.

Class Configuration

Use the Class Configuration page to add a new Diffserv class name, or to rename or delete an existing class. The page also allows you to define the criteria to associate with a DiffServ class. As packets are received, these DiffServ classes are used to prioritize packets. You can have multiple match criteria in a class. The logic is a Boolean logical AND for this criteria.

To display the page, click Quality of Service > Differentiated Services > Class Configuration in the navigation menu.

The fields available on the Class Configuration page depend on whether you create a new class or configure a class that has already been created. Figure below shows the Class Configuration page when the Class Selector option is Create.

Diffserv Class Configuration

Figure below shows the Class Configuration page when the Class Selector option shows a configured class. The class has two class match selectors configured.

Diffserv Class Configuration-1

Diffserv Class Configuration Fields

Field

Description

Class Selector

To configure a new DiffServ class, select Create. To modify or view an existing class, select the name of the class from the dropdown menu.

Class Name

Enter a class name. To create a new class, select the class type and click Submit. To rename an existing class, click Rename after you enter the class name.

Class Type

Lists all of the class types. Currently the hardware supports only the Class Type value All, which means all the various match criteria defined for the class should be satisfied for a packet match. All signifies the logical AND of all the match criteria.

Class Layer 3 Protocol

Indicates how to interpret layer 3. This lists types of packets supported by Diffserv. The Layer 3 Protocol option is available only when user selects All as Class Type. The options are:

  • IPv4
  • IPv6

Class Match Selector (IPv4)

The menu lists all match criteria you can add to a specified class. To configure the criteria, select a match criteria from the list, and then click Add Match Criteria. The screen changes to the criteria configuration page for that class. After you configure the criteria, click Submit to apply the criteria to the class and return to the Class Configuration Page. To return to the Class Configuration page without applying the criteria, click Cancel. The match criteria and configurable fields are as follows:

  • Class of Service: Requires a packet’s CoS for incoming packets to match the CoS entered here. The valid range is 0-7.
  • Secondary Class of Service: Requires a packet’s secondary CoS for incoming packets to match the CoS entered here. The valid range is 0-7.
  • Destination IP Address: Requires a packet’s destination port IP address to match the address listed here. In the IP Address field, enter a valid destination IP address in dotted decimal format. In the IP Mask field, enter a valid subnet mask to determine which bits in the IP address are significant. Note that this is not a wildcard mask.
  • Destination L4 Port: Requires a packet’s TCP/UDP destination port to match the port you select. Select the desired L4 keyword from the list on which the rule can be based. If you select Other, the screen refreshes and a Port ID field appears. Enter a user-defined Port ID by which packets are matched to the rule.
  • Destination MAC Address: Requires a packet’s Destination MAC Address for incoming packets to match the address entered here. In the MAC Address field, enter a valid destination MAC address in dotted decimal format. In the MAC Mask field, use F’s and zeros to configure the MAC mask. An F means that the bit is checked, and a zero in a bit position means that the data is not significant.
  • EtherType: Requires a frames’ Ethertype to match the Ethertype listed you select. If you select User Value, you can enter a custom EtherType value. The value you enter specifies a customized Ethertype to compare against an Ethernet frame. The valid range of values is (0x0600 to 0xFFFF).
  • Any: All packets are considered to match the specified class and no additional input information is needed.
  • IP DSCP: Matches the packet’s DSCP to the class criteria’s when selected. Select the DSCP type from the drop-down menu. or enter a DSCP value to match. If you select Other, enter a custom value in the DSCP Value field that appears.
  • IP Precedence: Matches the packet’s IP Precedence value to the class criteria’s when Enter a value in the range of 0-7.
  • IP TOS: Matches the packet’s Type of Service bits in the IP header to the class criteria’s when selected and a value is entered. In the TOS Bits field, enter a two-digit hexadecimal number to match the bits in a packet’s TOS field. In the TOS Mask field, specify the bit positions that are used for comparison against the IP TOS field in a packet.
  • Protocol: Requires a packet’s layer 4 protocol to match the protocol you select. If you select Other, enter a protocol number in the field that appears. The valid range is 0-255.
  • Reference Class: Selects a class to start referencing for criteria. If the specified class references another class, the Reference Class match criterion disappears from the match list to prevent you adding another class reference, since a specified class can reference at most one other class of the same type. Additionally, a Remove Class Reference button appears on the screen. Click the button to remove the current class reference.
  • Source IP Address: Requires a packet’s source port IP address to match the address listed here. In the IP Address field, enter a valid source IP address in dotted decimal format. In the IP Mask field, enter a valid subnet mask to determine which bits in the IP address are significant. Note that this is not a wildcard mask.
  • Source L4 Port: Requires a packet’s TCP/UDP source port to match the port you select. Select the desired L4 keyword from the list on which the rule can be based. If you select Other, the screen refreshes and a Port ID field appears. Enter a user-defined Port ID by which packets are matched to the rule.
  • Source MAC Address: Requires a packet’s source MAC Address for incoming packets to match the address entered here. In the MAC Address field, enter a valid source MAC address in dotted decimal format. In the MAC Mask field, use F’s and zeros to configure the MAC mask. An F means that the bit is checked, and a zero in a bit position means that the data is not significant.
  • VLAN: Requires a packet’s VLAN ID for incoming packets to match the VLAN ID you enter.
  • Secondary VLAN: Requires a packet’s VLAN ID for incoming packets to match the VLAN ID you enter.

Class Summary

Use the Class Summary page to view the DiffServ classes configured on the system. The table on the page also indicates whether a class references another class. To display the page, click Quality of Service > Differentiated Services > Class Summary in the navigation menu.

Class Summary

Class Summary Fields

Field

Description

Class Name

Shows the user-defined name of the DiffServ class.

Class Type

Currently the hardware supports only the class type value All, which means all the various match criteria defined for the class should be satisfied for a packet match. All signifies the logical AND of all the match criteria.

Reference Class

If the class is configured with a Reference Class as part of the match criteria, this column shows the name of the configured class that is referenced.

Click Refresh to update the information on the screen.

Policy Configuration

Use the Policy Configuration page to associate a collection of classes with one or more policy statements. To display the page, click Quality of Service > Differentiated Services > Policy Configuration in the navigation menu. The fields available on the Policy Configuration page depend on whether you create a new class or configure a class that has already been created.

Figure below shows the Policy Configuration page when the Policy Selector option is Create.

Policy Configuration-1

Figure below shows the Policy Configuration page when the Policy Selector option shows a configured policy that has a member class.

Policy Configuration-2

Policy Configuration Fields

Field

Description

Policy Selector

To create a new policy, select Create from the menu; another page appears to facilitate creation of a new policy. To change a policy name or to modify the class list members, select the policy name from the menu. To delete an existing policy select it from the menu, and then click Delete.

Policy Name

If you select Create from the Policy Selector menu, enter a name to associate with the class(es). The name is a case-sensitive alphanumeric string from 1 to 31 characters uniquely identifying a policy. To modify the name of an existing policy, select it from the Policy Selector menu and enter a new name in the Policy Name field, and then click Rename.

Policy Type

The available policy type is In, which indicates the type is specific to inbound traffic. Out indicates the type is specific to outbound traffic direction. This field is only configurable when you create a new policy. After policy creation, this becomes a non-configurable field displaying the configured policy type.

Available Class List

The menu lists all existing DiffServ class names. The list is automatically updated as a new class is added or removed from the policy. To associate a DiffServ class with a policy, select the name of the class from the list, and then click Add Selected Class.

Member Class List

The menu lists all DiffServ classes that have been added to the policy. names. To remove a DiffServ class from a policy, select the name of the class from the list, and then click Remove Selected Class. This list is automatically updated as a new class is added or removed from the policy.

Policy Summary

Use the Policy Summary page to view the DiffServ policies and their associated classes that are configured on the system.

To display the page, click Quality of Service > Differentiated Services > Policy Summary in the navigation menu.

Policy Summary

Policy Summary Fields

Field

Description

Policy Name

Shows the user-defined name of the DiffServ policy.

Policy Type

Displays the policy type value In, which means the type is specific to inbound traffic, or Out, which means the type is specific to Outbound traffic.

Member Class

Displays name of each class instance within the policy.

Click Refresh to update the information on the screen.

Policy Class Definition

Use the Policy Class Definition page to associate a class to a policy and to define attributes for that policy-class instance. To display the page, click Quality of Service > Differentiated Services > Policy Class Definition in the navigation menu.

NOTE: The Configure Selected Attribute button shown in Figure below is available when you select a value other than None from the Policy Attribute Selector menu.

Policy Class Definition

Policy Class Definition Fields

Field

Description

Policy Name

Select the policy to associate with a member class from the menu.

Policy Type

The read-only field shows the type of policy.

Member Class List

Select the member class to associate with this policy name from the menu.

Policy Attribute Selector

The menu lists all attributes supported for this type of policy, from which one can be selected. To configure the attributes, select an attribute from the list, and then click Configure Selected Attribute. The screen changes to the attribute configuration page for that attribute. After you configure the attribute, click Submit to apply the criteria to the class and return to the Policy Class Definition page. To return to the Policy Class Definition page without applying the attribute, click Cancel. The attributes and configurable fields are as follows:

  • Assign Queue: Assigns the packets of this policy-class to a queue. Enter an integer from 0-7 in the Queue Id Value field.
  • Mark CoS: Enter the specified Class of Service queue number to mark all packets for the associated traffic stream with the specified class of service value in the priority field of the 802.1p header (the only tag in a single tagged packet or the first or outer 802.1Q tag of a double VLAN tagged packet). If the packet does not already contain this header, one is inserted. The CoS value is an integer from 0 to 7.
  • Mark CoS As Secondary CoS: This option marks all packets for the associated traffic stream with the specified secondary class of service value (the inner 802.1Q tag of a double VLAN tagged packet) in the priority field of the 802.1p header. If the packet does not already contain this header, one is inserted. The CoS value is an integer from 0 to 7.
  • Mark IP DSCP: Use this attribute to mark all packets for the associated traffic stream with IP DSCP value you choose from the menu.
  • Mark IP Precedence: Use this attribute to mark all packets for the associated traffic stream with the IP Precedence value you enter in the IP Precedence Value field.
  • Police Simple: Use this attribute to establish the traffic policing style for the specified class. The simple form of the police command uses a single data rate and burst size, resulting in two outcomes (conform and violate). The conforming data rate is specified in kilobits-per-second (Kbps) and is an integer from 1 to 4294967295. The conforming burst size is specified in kilobytes (KB) and is an integer from 1 to 128.
  • Police Two Rate: Use this attribute to establish the traffic policing style for the specified class. The two rate form of the policy command uses two data rate and burst size parameters, resulting in three outcomes: conform, exceed and violate. The conforming and peak data rates are specified in kilobits-per-second (kbps) and are integers in the range from 1 to 4294967295. The conforming and peak burst size parameters are specified in kilobytes (KB) and are integers from 1 to 128.
  • Redirect Interface: Use this attribute to apply Redirect Interface to this policy-class and specify the interface or LAG to be used.

Upon selecting a Policy Attribute and clicking Configure Selected Attribute, a page displays allowing you to configure the selected attribute.

Attribute Configuration Fields

Field

Description

Policy Name

Displays name of the specified DiffServ policy.

Policy Type

Displays type of the specified policy (In or Out).

Class Name

Displays name of the DiffServ class to which this policy is attached.

Mark CoS

Used to mark a packet to notify the network of the precedence of the packet. The range is 0 to 7.

IP Precedence Value

Used to mark a packet to notify the network of the importance of (service level associated with) the packet. The range is 0 to 7.

Policing Style

Displays the type of policing based upon the Policy Attribute selected.

Unit/Slot/Port

Used to specify the redirect interface or LAG when the Redirect attribute is selected.

Color Mode

Displays the color mode. The default is Color Blind.

Color Conform Class

Color Aware mode requires the existence of one or more color classes that are valid for use with this policy instance. A valid color class contains a single, non-excluded match criterion for one of the following fields (provided the field does not conflict with the classifier of the policy instance itself):

  • CoS
  • IP DSCP
  • IP Precedence
  • Secondary CoS

Committed Rate (Kbps)

Used to monitor arrival rate of incoming packets for this class. The range is 1 to 4294967295 kilobits per second (Kbps).

Committed Burst Size (KB)

Used to determine the amount of conforming traffic allowed. The range is 1 to 128 KBytes.

Peak Rate (Kbps)

Used to monitor arrival rate of incoming packets for this class. The range is 1 to 4294967295 kilobits per second (Kbps).

Peak Burst Size (KB)

Used in determining the amount of exceeding traffic allowed. This value must be equal to or greater than committed burst size. The range is 1 to 128 KBytes.

Conform Action

Used to determine the actions taken on packets that conform to the policing metric. The options include:

  • Drop - These packets are immediately dropped.
  • Mark CoS - These packets are marked by DiffServ with the specified CoS value before being presented to the system forwarding element. This selection requires that the Mark CoS value field be set.
  • Mark CoS as Secondary CoS - For double-tagged packets, the 802.1p tag is marked by DiffServ with the (original) 802.1p value of the inner tag before the packet is presented to the system forwarding element.
  • Mark IP DSCP - These packets are marked by DiffServ with the specified DSCP value before being presented to the system forwarding element. This selection requires the DSCP value field to be set.
  • Mark IP Precedence - These packets are marked by DiffServ with the specified IP Precedence value before being presented to the system forwarding element. This selection requires that the Mark IP Precedence value field be set.
  • Send - These packets are presented unmodified by DiffServ to the system forwarding element.

The default is Send.

Exceed Action

The action to be taken on excess packets per the policing metrics.

Violate Action

Determines the actions to be taken on packets that violate the policing metric. The options include:

  • Drop - These packets are immediately dropped.
  • CoS - These packets are marked by DiffServ with the specified CoS value before being presented to the system forwarding element. This selection requires that the Mark CoS value field be set.
  • CoS as Secondary CoS - For double-tagged packets, the 802.1p tag is marked by DiffServ with the (original) 802.1p value of the inner tag before the packet is presented to the system forwarding element. This allows some of the QoS characteristics of the original packet to be conveyed to switches downstream.
  • Mark IP DSCP - These packets are marked by DiffServ with the specified DSCP value before being presented to the system forwarding element. This selection requires the DSCP value field to be set.
  • Mark IP Precedence - These packets are marked by DiffServ with the specified IP Precedence value before being presented to the system forwarding element. This selection requires that the Mark IP Precedence value field be set.
  • Send - These packets are presented unmodified by DiffServ to the system forwarding element.

The default is Drop.

Policy Attribute Summary

Use the Policy Attribute Summary page to view the attributes associated with the DiffServ policies and their classes.

To display the page, click Quality of Service > Differentiated Services > Policy Attribute Summary in the navigation menu.

Policy Attribute Summary

Policy Attribute Summary Fields

Field

Description

Policy Name

Shows the user-defined name of the DiffServ policy.

Policy Type

Currently the hardware supports only the policy type value In, which means the type is specific to inbound traffic, or Out, which means the type is specific to Outbound traffic.

Class Name

Displays name of the DiffServ class to which this policy is attached.

Attribute

Displays the attributes attached to the policy class instances.

Attribute Details

Displays the configured values of the attached attributes.

Click Refresh to update the information on the screen.

Service Configuration

Use the Service Configuration page to activate a policy on a port.

To display the page, click Quality of Service > Differentiated Services > Service Configuration in the navigation menu.

Service Configuration

Service Configuration Fields

Field

Description

Interface

Selects the interface to be affected from dropdown menus. This is a list of all valid slot number and port number combinations in the system. For platforms that support stacking, the field is Unit/Slot/Port. For Read/Write users where ‘All’ appears in the list, select it to specify all interfaces.

Policy In

This lists all the policy names of type ‘In’ to be associated with the port which can be selected from a dropdown menu. If ‘None’ is selected, this will detach the policy from the interface in this direction. This field is not shown for Read/Write users where inbound service policy attachment is not supported by the platform.

Policy Out

This lists all the policy names of type ‘Out’ from which one can be selected. If ‘None’ is selected, this will detach the policy from the interface in this direction. This field is not shown for Read/Write users where outbound service policy attachment is not supported by the platform.

The following fields display when Unit/Slot/Port is specified as ‘All’.

Table Direction

This selection is only available to Read/Write users when Unit/Slot/Port is specified as ‘All’. Select the traffic direction of this service interface.

Table Operational Status

Shows the operational status of this service interface, which is either Up or Down.

Table Policy Name

Shows the policy associated with the interface.

To activate a policy on an interface, select the interface and the policy, and then click Submit.

Service Summary

Use the Service Summary page to display information about the policies activated on a particular interface.

To display the page, click Quality of Service > Differentiated Services > Service Summary in the navigation menu.

Service Summary

Service Summary Fields

Field

Description

Interface

Shows the interface that has an active policy.

Direction

Shows that the traffic direction of this service interface.

Operational Status

Shows the operational status of this service interface, which is either Up or Down.

Policy Name

Shows the policy associated with the interface.

Click Refresh to update the information on the screen.

Service Statistics

Use the Service Statistics page to display service-level statistical information about all interfaces that have DiffServ policies attached. To display the page, click Quality of Service > Differentiated Services > Service Statistics in the navigation menu.

Service Statistics

Service Statistics Fields

Field

Description

Counter Mode Selector

Use the menu to determine the format of the displayed counter values, which must be either Octets or Packets. The default is Octets.

Service Statistics

Interface

Shows the interface for which service statistics are to display.

Direction

Shows the direction of packets for which service statistics display.

Operational Status

Shows the operational status of this service interface, which is either Up or Down.

Offered Octets

Shows the total number of packets/octets offered to all class instances in this service policy before their defined DiffServ treatment is applied. This is the overall count per-interface, per-direction.

Discarded Octets

Shows the total number of packets/octets discarded for all class instances in this service policy for any reason due to DiffServ treatment. This is the overall count per-interface, per-direction.

Sent Octets

Shows the total number of packets/octets forwarded for all class instances in this service policy after their defined DiffServ treatments were applied. In this case, forwarding means the traffic stream was passed to the next functional element in the data path, such as the switching or routing function of an outbound link transmission element. This is the overall count per-interface, per-direction.

Click Refresh to update the information on the screen.

Service Detailed Statistics

Use the Service Detailed Statistics page to display class-oriented statistical information for the policy, which is specified by the interface and direction. The ‘Member Classes’ dropdown menu is populated on the basis of the specified interface and direction and hence the attached policy (if any). Highlighting a member class name displays the statistical information for the policy-class instance for the specified interface and direction.

To display the page, click Quality of Service > Differentiated Services > Service Detailed Statistics in the navigation menu.

Service Detailed Statistics

Service Detailed Statistics Fields

Field

Description

Counter Mode Selector

Selects the format of the displayed counter values, which must be either Octets or Packets. The default is Octets.

Interface

List of all valid slot number and port number combinations in the system that have a DiffServ policy currently attached in the In direction.

Direction

Selects the direction of packets for which service statistics are to display. Only shows the direction(s) for which a DiffServ policy is currently attached.

Policy Name

Displays the policy currently attached to the selected interface and direction.

Operational Status

Displays the operational status of the policy currently attached to the specified interface and direction. The value is either Up or Down.

Member Classes

List of all DiffServ classes currently defined as members of the selected Policy Name. Choose one member class name at a time to display its statistics. If no class is associated with the chosen policy, then nothing will be populated in the list.

Offered Packets/Octets

Displays the count of the packets/octets offered to this class instance before the defined DiffServ treatment is applied.

Discarded Packets/Octets

Displays the count of packets/octets discarded for this class instance for any reason due to DiffServ treatment of the traffic class.

Click Refresh to update the information on the screen.

See Also

Configuring Quality of Service

Configuring Access Control Lists

IPv6 Access Control Lists

MAC Access Control Lists

Configuring Class of Service

Configuring Auto VoIP