Cisco QoS FAQ: Classification and Marking

Cisco QoS FAQ: Classification and Marking

Q1. Describe the difference between classification and marking.

Answer: Classification processes packet headers, or possibly other information, to differentiate between multiple packets. Marking changes a field inside the frame or packet header.

Q2. Describe, in general, how a queuing feature could take advantage of the work performed by a classification and marking feature.

Answer: Queuing features can perform their own classification function to place different packets into different queues. After a classification and marking tool has marked a packet, the queuing feature can look for the marked value when classifying packets.

Q3 Characterize what must be true before the CoS field may be useful for marking packets.

Figure: Trunking Locations in a Typical Network, Layer 2 Switches Only

cisco-qos-faq-classification-marking

Answer: CoS only exists in 802.1P/Q headers and ISL headers. In turn, these headers are used only on Ethernet links that use trunking. Therefore, the CoS field can only be marked or reacted to for Ethernet frames that cross an 802.1Q or ISL trunk.

Q4. Most other QoS tools, besides classification and marking tools, also have a classification feature. Describe the advantage of classification, in terms of overall QoS design and policies, and explain why classification and marking is useful, in spite of the fact that other tools also classify the traffic.

Answer: Classification and marking, near the ingress edge of a network, can reduce the amount of work required for classification by other QoS tools. In particular, many QoS tools can classify based on marked fields without using an ACL, which reduces overhead for each QoS tool. By marking packets near the ingress edge, QoS policies can be more consistently applied. In addition, configurations for most other QoS tools become simpler, which can reduce configuration errors in the network.

Q5. Which of the following classification and marking tools can classify based on the contents of an HTTP URL: class-based marking (CB marking), policy-based routing (PBR), committed access rate (CAR), network-based application recognition (NBAR), or dial peers?

Answer: NBAR actually performs the classification based on HTTP header contents. CB marking is the only tool that marks based on NBAR’s match of the URL string.

Q6. Describe the differences between IP extended ACLs as compared with NBAR for matching TCP and UDP port numbers.

Answer: You can use both tools to match packet based on well-known port numbers. However, some higher-layer protocols allocate dynamic port numbers, making the use of extended ACLs difficult at best. NBAR can look further into the packet contents to identify what dynamic ports are currently in use by certain protocols, and match packets using those dynamic ports.

Q7. Which of the following classification and marking tools can classify based on the outgoing interface of the route used for a packet: class-based marking (CB marking), policy-based routing (PBR), committed access rate (CAR), network-based application recognition (NBAR), or dial peers?

Answer: PBR is the only tool that can classify and mark based on route information.

Q8. Which of the following classification and marking tools can classify based on the destination TCP port number of a packet, without using an IP ACL: class-based marking (CB marking), policy-based routing (PBR), committed access rate (CAR), network-based application recognition (NBAR), or dial peers?

Answer: None! To classify on a TCP port number, an IP ACL must be used.

Q9. Which of the following classification and marking tools can classify based on the DSCP, without using an IP ACL: class-based marking (CB marking), policy-based routing (PBR), committed access rate (CAR), network-based application recognition (NBAR), or dial peers?

Answer: CAR, CB marking, and dial peers. Dial peers can set the DSCP value for VoIP traffic created as a result of the dial peer (as of IOS 12.2T), but that is not really classification. (Note that the DQOS exam, at time of publication of this book, covers 12.2 mainline, but not 12.2T train features.)

Q10. Which of the following classification and marking tools can classify based on either the source or destination MAC address: class-based marking (CB marking), policy-based routing (PBR), committed access rate (CAR), network-based application recognition (NBAR), or dial peers?

Answer: CAR and CB marking. Only CB marking can examine the destination MAC.

Q11. Which of the following classification and marking tools can classify based on the even numbered UDP ports used for RTP traffic, with or without using an IP ACL: class-based marking (CB marking), policy-based routing (PBR), committed access rate (CAR), network-based application recognition (NBAR), or dial-peers?

Answer: CB marking. Tools that use IP ACLs can match port-number ranges, but because RTP uses only the even-numbered ports, IP ACLs cannot easily match just the evennumbered ports. Dial peers can set the DSCP value for VoIP payload (even numbered ports) created as a result of the dial peer as of IOS 12.2T, but that is not really a classification feature. It is, instead, a marking feature.

Q12. Which of the following QoS marking fields are carried inside an 802.1Q header: QoS, CoS, DE, ToS byte, User Priority, ToS bits, CLP, Precedence, QoS Group, DSCP, MPLS Experimental, or DS?

Answer: CoS and User Priority. CoS is the more general name, with User Priority specifically referring to the 3-bit field in the 802.1P header. 13 Which of the following QoS marking fields are carried inside an IP header: QoS, CoS, DE, ToS byte, User Priority, ToS bits, CLP, Precedence, QoS Group, DSCP, MPLS Experimental, or DS? ToS byte, ToS bits, Precedence, DSCP, DS.

Q13. Which of the following QoS marking fields are carried inside an IP header: QoS, CoS, DE, ToS byte, User Priority, ToS bits, CLP, Precedence, QoS Group, DSCP, MPLS Experimental, or DS?

Answer: ToS byte, ToS bits, Precedence, DSCP, DS.

Q14. Which of the following QoS marking fields are never marked inside a frame that exits a router: QoS, CoS, DE, ToS byte, User Priority, ToS bits, CLP, Precedence, QoS Group, DSCP, MPLS Experimental, or DS?

Answer: QoS Group is only used for internal purposes in GSR and 7500 series routers.

Q15. Describe the goal of marking near the edge of a network in light of the meaning of the term “trust boundary.”

Answer: Good QoS design calls for classification and marking, based on well-defined QoS policies, as near to the ingress edge of the network as possible. However, packets marked in devices near the edge of the network may be able to be re-marked by devices whose administrators cannot be trusted. A packet can be marked by the enduser PC, for instance, but the end user can configure the value to be marked. An IP Phone, however, can mark packets, and the marked values cannot be overridden by the user of the phone. Therefore, the goal of marking near the edge must be tempered against the fact that some devices can be reconfigured for QoS by those outside the group responsible for QoS.

Q16. Define the meaning of MQC, and spell out what the acronym stands for.

Answer: Modular QoS command-line interface (MQC) is a relatively new syntax structure for IOS configuration commands used in configuring several QoS features. MQC features the separation of classification logic from the actual QoS behavior (for instance, marking or queuing), and with yet another command for enabling the QoS feature on an interface. MQC is often described as a new QoS CLI, although it is really just a new set of commands.

Q17. What configuration command lists the classification details when configuring CB marking? What configuration mode must you use to configure the command? What commands must you issue to place the configuration mode user into that mode?

Answer: The match command defines the details of what must be matched to classify a packet. The command is a subcommand under the class-map command, which is a global configuration command.

Q18. What configuration command lists the marking details when configuring CB marking? What configuration mode must you use to configure the command? What commands must you issue to place the configuration mode user into that mode?

Answer: The set command defines what value to mark in the frame or packet header once a packet is classified. The command is a subcommand under the class command, which is a subcommand under the policy-map command, which in turn is a global configuration command.

Q19. What configuration command enables CB marking? What configuration mode must you use to configure the command? What commands must you issue to place the configuration mode user into that mode?

Answer: The service-policy command enables CB marking for either input or output packets on an interface. The command refers to the policy map, which in turn refers to the class maps. The command is a subcommand under the interface command, which is a global configuration command.

Q20. What configuration command lists the classification details when configuring CAR? What configuration mode must you use to configure the command? What commands must you issue to place the configuration mode user into that mode?

Answer: The rate-limit command defines the details of what must be matched to classify a packet. The command is a subcommand under the interface command, which is a global configuration command.

Q21. What configuration command lists the marking details when configuring CAR? What configuration mode must you use to configure the command? What commands must you issue to place the configuration mode user into that mode?

Answer: The rate-limit command defines what value to mark in the frame or packet header when a packet is classified. The marking details are included in the same rate-limit command as the classification details. The command is a subcommand under the interface command, which is a global configuration command.

Q22. What configuration command enables CAR? What configuration mode must you use to configure the command? What commands must you issue to place the configuration mode user into that mode?

Answer: The rate-limit command enables CAR on an interface, either for input or output packets. The command is a subcommand under the interface command, which is a global configuration command.

Q23. What configuration command lists the classification details when configuring PBR? What configuration mode must you use to configure the command? What commands must you issue to place the configuration mode user into that mode?

Answer: The match command defines the details of what must be matched to classify a packet. The command, which his different from the CB marking match command, is a subcommand under the route-map command, which is a global configuration command.

Q24. What configuration command lists the marking details when configuring PBR? What configuration mode must you use to configure the command? What commands must you issue to place the configuration mode user into that mode?

Answer: The set command defines what value to mark in the frame or packet header when a packet is classified. The command, which differs from the CB marking set command, is a subcommand under the route-map command, which is a global configuration command.

Q25. What configuration command enables PBR? What configuration mode must you use to configure the command? What commands must you issue to place the configuration mode user into that mode?

Answer: The ip policy command enables PBR on an interface, always for input packets. This command refers to the route map under which the match and set commands are configured. The command is a subcommand under the interface command, which is a global configuration command.

Q26. Describe the process dial peers use to classify and mark traffic.

Answer: At the IOS levels being referenced as of the publication of this book (IOS 12.2 mainline), dial peers can mark all VoIP packets created by the dial peer with a configured IP precedence value. As of 12.2T, dial peers can classify voice payload and voice signaling traffic using the media option and the signaling option, respectively, on the ip qos dscp command.

Q27. What configuration command(s) lists the marking details when configuring dial peers? What configuration mode must you use to configure the command? What commands must you issue to place the configuration mode user into that mode?

Answer: The ip precedence command (or the ip qos dscp command at IDS 12.2T) is used to\ define the precedence value (or DSCP value) of VoIP packets to the specified dial peer. The command is a subcommand of the dial-peer global configuration command.

28 What QoS values can a dial peer mark?

Answer: At 12.2 mainline IOS, only the IP precedence. As of 12.2T, DSCP can also be marked.

About the author

Prasanna

Leave a Comment