SlideShare a Scribd company logo

QoS Pre-Classify on Cisco IOS

NetProtocol Xpert
NetProtocol Xpert

QoS Pre-Classify on Cisco IOS

Engineering
1 of 26
QoS Pre-Classify on Cisco IOS Quality of Service (QoS) | www.netprotocolxpert.in
• When we use tunnelling, your Cisco IOS router will do classification based on the outer (post) header, not the inner (pre) header. This can cause issues with QoS policies that are applied to the physical interfaces. I will explain the issue and we will take a look how we can Fix it. Here’s the topology that we will use:
• Using a static route so that R1 and R3 can reach each other’s loopback interfaces through the tunnel: • R1(config)#interface Tunnel 0 • R1(config‐if)#tunnel source 192.168.12.1 • R1(config‐if)#tunnel destination 192.168.23.3 • R1(config‐if)#ip address 172.16.13.1 255.255.255.0 • R1(config)#ip route 3.3.3.3 255.255.255.255 172.16.13.3 • The configuration on R3 is similar: • R3(config)#interface Tunnel 0 • R3(config‐if)#tunnel source 192.168.23.3 • R3(config‐if)#tunnel destination 192.168.12.1 • R3(config‐if)#ip address 172.16.13.3 255.255.255.0 • R3(config)#ip route 1.1.1.1 255.255.255.255 172.16.13.1
Default Classification Behaviour • The tunnel is up and running, before we play with classification and service policies, let’s take a look at the default classification behaviour of Cisco IOS • IOS will copy the information in theTOS (Type of Service) byte from the inner IP header to the outer IP header by default.We can demonstrate this with a simple ping.
• Loose, Strict, Record,Timestamp, Verbose[none]: • Sweep range of sizes [n]: • Type escape sequence to abort. • Sending 5, 100‐byte ICMP Echos to 3.3.3.3, timeout is 2 seconds: • Packet sent with a source address of 1.1.1.1 • !!!!! • Success rate is 100 percent (5/5), round‐trip min/avg/max = 1/2/4 ms • R1#ping • Protocol [ip]: • Target IP address: 3.3.3.3 • Repeat count [5]: • Datagram size [100]: • Timeout in seconds [2]: • Extended commands [n]: y • Source address or interface: 1.1.1.1 • Type of service [0]: 160 • Set DF bit in IP header? [no]: • Validate reply data? [no]: • Data pattern [0xABCD]:
• This ping between 1.1.1.1 and 3.3.3.3 will go through the tunnel and I marked the TOS byte of this IP packet with 160 (decimal). 160 in binary is 10100000, remove the last two bits and you have our 6 DSCP bits. 101000 in binary is 40 in decimal which is the same as the CS5. wireshark capture of this ping: Cont.…
• As we can see, Cisco IOS automatically copied the TOS byte from the inner IP header to the outer IP header. This is a good thing, We are using GRE in our example so we can see both headers but if this was an encrypted IPSEC tunnel then we (and any device in between) could only see the outer header. • When you have QoS policies based on the TOS byte then you will have no problems at all because the TOS byte is copied from the inner to the outer header. We will run into issues when you have policies based on access-lists that match on source / destination addresses and/or port numbers.
Post Header Classification • We are going to create two class-maps, one for telnet traffic and another one for GRE traffic. Both class-maps will use an access-list to classify traffic: • R1(config)#ip access‐list extendedTELNET • R1(config‐ext‐nacl)#permit tcp any any eq telnet • R1(config)#class‐mapTELNET • R1(config‐cmap)#match access‐group nameTELNET • R1(config)#ip access‐list extended GRE • R1(config‐ext‐nacl)#permit gre any any • R1(config)#class‐map GRE • R1(config‐cmap)#match access‐group name GRE
The two class-maps will be used in a policy-map: • R1(config)#policy‐map POLICE • R1(config‐pmap)#classTELNET • R1(config‐pmap‐c)#police 128000 • R1(config‐pmap‐c‐police)#exit • R1(config‐pmap‐c)#exit • R1(config‐pmap)#class GRE • R1(config‐pmap‐c)#exit • R1(config‐pmap)#exit
• We’ve added policing for telnet traffic and nothing for GRE. It doesn’t matter what “actions” we configure here, even without an action the traffic will still be classified and it will show up in the policy-map. Let’s activate it on the physical interface: • R1(config)#interface FastEthernet 0/0 • R1(config‐if)#service‐policy output POLICE • Something to keep in mind is that when you enable a policy on the physical interface, it will be applied to all tunnel interfaces. • Generate some telnet traffic between R1 and R3 so it goes through the tunnel: • R1#telnet 3.3.3.3 /source‐interface loopback 0 • Trying 3.3.3.3 ... Open
• R1#show policy‐map interface FastEthernet 0/0 • FastEthernet0/0 • Service‐policy output: POLICE • Class‐map:TELNET (match‐all) •0 packets, 0 bytes •5 minute offered rate 0 bps, drop rate 0 bps •Match: access‐group nameTELNET •police: •cir 128000 bps, bc 4000 bytes •conformed 0 packets, 0 bytes; actions: •transmit •exceeded 0 packets, 0 bytes; actions:
•drop • conformed 0 bps, exceed 0 bps • Class‐map: GRE (match‐all) • 11 packets, 735 bytes • 5 minute offered rate 0 bps • Match: access‐group name GRE • Class‐map: class‐default (match‐any) • 2 packets, 120 bytes • 5 minute offered rate 0 bps, drop rate 0 bps • Match: any
• We don’t have any matches for the telnet traffic. • If this was a real network, it means that telnet traffic will never get policed (or any other action you configured). The reason that we don’t see any matches is because Cisco IOS first encapsulates the IP packet and then applies the policy to the GRE traffic.
Encapsulates the IP packet The blue IP header on top is our original IP packet with telnet traffic, this is encapsulated and the router adds a GRE header and a new IP header (the red one).The policy-map is then applied to this outer IP header.
Pre Header Classification (Physical Interface) • The first method to solve this issue is to enable pre-classification on the tunnel interface. This tells the router to create a copy of the original IP header and to use that for the policy. Here's how to do this: • R1(config)#interfaceTunnel 0 • R1(config‐if)#qos pre‐classify
• R1#clear counters • Clear "show interface" counters on all interfaces [confirm] • R1#telnet 3.3.3.3 /source‐interface loopback 0 • Trying 3.3.3.3 ... Open
Now take a look at the policy-map: • R1#show policy‐map interface FastEthernet 0/0 • FastEthernet0/0 • Service‐policy output: POLICE • Class‐map: TELNET (match‐all) •11 packets, 735 bytes •5 minute offered rate 0 bps, drop rate 0 bps •Match: access‐group nameTELNET •police: •cir 128000 bps, bc 4000 bytes •conformed 11 packets, 889 bytes; actions: •transmit Cont.…
• exceeded 0 packets, 0 bytes; actions: •drop • conformed 0 bps, exceed 0 bps • Class‐map: GRE (match‐all) • 0 packets, 0 bytes • 5 minute offered rate 0 bps • Match: access‐group name GRE • Class‐map: class‐default (match‐any) • 1 packets, 60 bytes • 5 minute offered rate 0 bps, drop rate 0 bps • Match: any Now we see matches on our telnet traffic so it can be policed if needed. We don't see any matches on our GRE traffic anymore.
When the router encapsulates a packet, it will make a temporary copy of the header. This temporary copy is then used for the policy instead of the outer header. When this is done, the temporary copy is destroyed. We accomplished this with the qos pre-classify command but there is another method to get the same result.
Pre Header Classification (Tunnel Interface) • Instead of activating the policy on the physical interface we can also enable it on the tunnel interface: • R1(config)#interface FastEthernet 0/0 • R1(config‐if)#no service‐policy output POLICE • R1(config)#interfaceTunnel 0 • R1(config‐if)#no qos pre‐classify • R1(config‐if)#service‐policy output POLICE
• Note that I also removed the qos pre-classify command on the tunnel interface. Let's give it another try: • R1#clear counters • Clear "show interface" counters on all interfaces [confirm] • R1#telnet 3.3.3.3 /source‐interface loopback 0 • Trying 3.3.3.3 ... Open
• R1#show policy‐map interfaceTunnel 0 • Tunnel0 • Service‐policy output: POLICE • Class‐map: TELNET (match‐all) •11 packets, 737 bytes •5 minute offered rate 0 bps, drop rate 0 bps •Match: access‐group nameTELNET •police: •cir 128000 bps, bc 4000 bytes •conformed 11 packets, 737 bytes; actions: •transmit •exceeded 0 packets
•drop • conformed 0 bps, exceed 0 bps • Class‐map: GRE (match‐all) • 0 packets, 0 bytes • 5 minute offered rate 0 bps • Match: access‐group name GRE • Class‐map: class‐default (match‐any) • 0 packets, 0 bytes • 5 minute offered rate 0 bps, drop rate 0 bps • Match: any
• If you enable the policy on the tunnel interface then the router will use the inner header for classification, just like we saw when we used the qos pre-classify command on the tunnel interface. • That's all there is to explain. We hope this lesson has been useful to understand the difference between "outer" and "inner" header classification and how to deal with this issue.
Follow us @https://www.facebook.com/Ne tProtocolXpert/ https://www.linkedin.com/com pany/netprotocol-xpert https://plus.google.com/u/0/+ NetProtocolXpert_NPX/posts https://www.instagram.com/ netprotocol_xpert/ https://twitter.com/NPX_ci sco https://branded.me/netp rotocolxpert

Recommended

Policy Based Routing
Policy Based RoutingPolicy Based Routing
Policy Based RoutingNetProtocol Xpert
 
QoS Classification on Cisco IOS Router
QoS Classification on Cisco IOS RouterQoS Classification on Cisco IOS Router
QoS Classification on Cisco IOS RouterNetProtocol Xpert
 
Policy Based Routing (PBR)
Policy Based Routing (PBR)Policy Based Routing (PBR)
Policy Based Routing (PBR)KHNOG
 
Type of DDoS attacks with hping3 example
Type of DDoS attacks with hping3 exampleType of DDoS attacks with hping3 example
Type of DDoS attacks with hping3 exampleHimani Singh
 
IOS Cisco - Cheat sheets
IOS Cisco - Cheat sheetsIOS Cisco - Cheat sheets
IOS Cisco - Cheat sheetsAlejandro Marin
 
Cisco switch commands cheat sheet
Cisco switch commands cheat sheetCisco switch commands cheat sheet
Cisco switch commands cheat sheet3Anetwork com
 
OSPF External Route Summarization
OSPF External Route Summarization OSPF External Route Summarization
OSPF External Route Summarization NetProtocol Xpert
 
QoS marking on cisco IOS Router
QoS marking on cisco IOS RouterQoS marking on cisco IOS Router
QoS marking on cisco IOS RouterNetProtocol Xpert
 

Recommended

Policy Based Routing
Policy Based RoutingPolicy Based Routing
Policy Based RoutingNetProtocol Xpert
 
QoS Classification on Cisco IOS Router
QoS Classification on Cisco IOS RouterQoS Classification on Cisco IOS Router
QoS Classification on Cisco IOS RouterNetProtocol Xpert
 
Policy Based Routing (PBR)
Policy Based Routing (PBR)Policy Based Routing (PBR)
Policy Based Routing (PBR)KHNOG
 
Type of DDoS attacks with hping3 example
Type of DDoS attacks with hping3 exampleType of DDoS attacks with hping3 example
Type of DDoS attacks with hping3 exampleHimani Singh
 
IOS Cisco - Cheat sheets
IOS Cisco - Cheat sheetsIOS Cisco - Cheat sheets
IOS Cisco - Cheat sheetsAlejandro Marin
 
Cisco switch commands cheat sheet
Cisco switch commands cheat sheetCisco switch commands cheat sheet
Cisco switch commands cheat sheet3Anetwork com
 
OSPF External Route Summarization
OSPF External Route Summarization OSPF External Route Summarization
OSPF External Route Summarization NetProtocol Xpert
 
QoS marking on cisco IOS Router
QoS marking on cisco IOS RouterQoS marking on cisco IOS Router
QoS marking on cisco IOS RouterNetProtocol Xpert
 
Cisco-Protocolos de Enrutamiento
Cisco-Protocolos de Enrutamiento Cisco-Protocolos de Enrutamiento
Cisco-Protocolos de Enrutamiento Gerardo Galindo
 
CCNAS :Multi Area OSPF
CCNAS :Multi Area OSPFCCNAS :Multi Area OSPF
CCNAS :Multi Area OSPFrooree29
 
Ether channel fundamentals
Ether channel fundamentalsEther channel fundamentals
Ether channel fundamentalsEdgardo Scrimaglia
 
Enrutamiento estático de 3 Equipos y dos Routers CISCO CCNA1 capitulo 11
Enrutamiento estático de 3 Equipos y dos Routers CISCO CCNA1 capitulo 11Enrutamiento estático de 3 Equipos y dos Routers CISCO CCNA1 capitulo 11
Enrutamiento estático de 3 Equipos y dos Routers CISCO CCNA1 capitulo 11Ivan Sanchez
 
Enrutamiento estatico
Enrutamiento estaticoEnrutamiento estatico
Enrutamiento estaticoAnthony
 
Open shortest path first (ospf)
Open shortest path first (ospf)Open shortest path first (ospf)
Open shortest path first (ospf)Respa Peter
 
COMANDOS CISCO HUAWEI JUNIPER
COMANDOS CISCO HUAWEI JUNIPERCOMANDOS CISCO HUAWEI JUNIPER
COMANDOS CISCO HUAWEI JUNIPEROscarFF
 
Ccna command
Ccna commandCcna command
Ccna commandSiddhartha Rajbhatt
 
Cisco router-commands
Cisco router-commandsCisco router-commands
Cisco router-commandsRobin Rohit
 
DMVPN Lab WorkBook
DMVPN Lab WorkBookDMVPN Lab WorkBook
DMVPN Lab WorkBookRHC Technologies
 
GRE Tunnel Configuration
GRE Tunnel ConfigurationGRE Tunnel Configuration
GRE Tunnel ConfigurationNetProtocol Xpert
 
Investigación Enrutamiento
Investigación EnrutamientoInvestigación Enrutamiento
Investigación EnrutamientoJosé Alexis Cruz Solar
 
VXLAN Practice Guide
VXLAN Practice GuideVXLAN Practice Guide
VXLAN Practice GuidePrasenjit Sarkar
 
Travaux pratiques configuration du routage entre réseaux locaux virtuels
Travaux pratiques configuration du routage entre réseaux locaux virtuelsTravaux pratiques configuration du routage entre réseaux locaux virtuels
Travaux pratiques configuration du routage entre réseaux locaux virtuelsMohamed Keita
 
Sobanski odl summit_2015
Sobanski odl summit_2015Sobanski odl summit_2015
Sobanski odl summit_2015John Sobanski
 
Cisco Live Brksec 3032 - NGFW Clustering
Cisco Live Brksec 3032 - NGFW ClusteringCisco Live Brksec 3032 - NGFW Clustering
Cisco Live Brksec 3032 - NGFW Clusteringib_cims
 
Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)newbie2019
 
cisco csr1000v
cisco csr1000vcisco csr1000v
cisco csr1000vMing914298
 
BGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN ControllerBGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN ControllerAPNIC
 
Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015
Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015
Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015Bruno Teixeira
 
Quality of service
Quality of serviceQuality of service
Quality of serviceCesar Aguirre
 
Cisco: QoS
Cisco: QoSCisco: QoS
Cisco: QoSFundación Proydesa
 

More Related Content

What's hot

Cisco-Protocolos de Enrutamiento
Cisco-Protocolos de Enrutamiento Cisco-Protocolos de Enrutamiento
Cisco-Protocolos de Enrutamiento Gerardo Galindo
 
CCNAS :Multi Area OSPF
CCNAS :Multi Area OSPFCCNAS :Multi Area OSPF
CCNAS :Multi Area OSPFrooree29
 
Enrutamiento estático de 3 Equipos y dos Routers CISCO CCNA1 capitulo 11
Enrutamiento estático de 3 Equipos y dos Routers CISCO CCNA1 capitulo 11Enrutamiento estático de 3 Equipos y dos Routers CISCO CCNA1 capitulo 11
Enrutamiento estático de 3 Equipos y dos Routers CISCO CCNA1 capitulo 11Ivan Sanchez
 
Enrutamiento estatico
Enrutamiento estaticoEnrutamiento estatico
Enrutamiento estaticoAnthony
 
Open shortest path first (ospf)
Open shortest path first (ospf)Open shortest path first (ospf)
Open shortest path first (ospf)Respa Peter
 
COMANDOS CISCO HUAWEI JUNIPER
COMANDOS CISCO HUAWEI JUNIPERCOMANDOS CISCO HUAWEI JUNIPER
COMANDOS CISCO HUAWEI JUNIPEROscarFF
 
Cisco router-commands
Cisco router-commandsCisco router-commands
Cisco router-commandsRobin Rohit
 
Travaux pratiques configuration du routage entre réseaux locaux virtuels
Travaux pratiques configuration du routage entre réseaux locaux virtuelsTravaux pratiques configuration du routage entre réseaux locaux virtuels
Travaux pratiques configuration du routage entre réseaux locaux virtuelsMohamed Keita
 
Sobanski odl summit_2015
Sobanski odl summit_2015Sobanski odl summit_2015
Sobanski odl summit_2015John Sobanski
 
Cisco Live Brksec 3032 - NGFW Clustering
Cisco Live Brksec 3032 - NGFW ClusteringCisco Live Brksec 3032 - NGFW Clustering
Cisco Live Brksec 3032 - NGFW Clusteringib_cims
 
Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)newbie2019
 
cisco csr1000v
cisco csr1000vcisco csr1000v
cisco csr1000vMing914298
 
BGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN ControllerBGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN ControllerAPNIC
 
Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015
Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015
Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015Bruno Teixeira
 

What's hot (20)

Cisco-Protocolos de Enrutamiento
Cisco-Protocolos de Enrutamiento Cisco-Protocolos de Enrutamiento
Cisco-Protocolos de Enrutamiento
 
CCNAS :Multi Area OSPF
CCNAS :Multi Area OSPFCCNAS :Multi Area OSPF
CCNAS :Multi Area OSPF
 
Ether channel fundamentals
Ether channel fundamentalsEther channel fundamentals
Ether channel fundamentals
 
Enrutamiento estático de 3 Equipos y dos Routers CISCO CCNA1 capitulo 11
Enrutamiento estático de 3 Equipos y dos Routers CISCO CCNA1 capitulo 11Enrutamiento estático de 3 Equipos y dos Routers CISCO CCNA1 capitulo 11
Enrutamiento estático de 3 Equipos y dos Routers CISCO CCNA1 capitulo 11
 
Enrutamiento estatico
Enrutamiento estaticoEnrutamiento estatico
Enrutamiento estatico
 
Open shortest path first (ospf)
Open shortest path first (ospf)Open shortest path first (ospf)
Open shortest path first (ospf)
 
COMANDOS CISCO HUAWEI JUNIPER
COMANDOS CISCO HUAWEI JUNIPERCOMANDOS CISCO HUAWEI JUNIPER
COMANDOS CISCO HUAWEI JUNIPER
 
Ccna command
Ccna commandCcna command
Ccna command
 
Cisco router-commands
Cisco router-commandsCisco router-commands
Cisco router-commands
 
DMVPN Lab WorkBook
DMVPN Lab WorkBookDMVPN Lab WorkBook
DMVPN Lab WorkBook
 
GRE Tunnel Configuration
GRE Tunnel ConfigurationGRE Tunnel Configuration
GRE Tunnel Configuration
 
Investigación Enrutamiento
Investigación EnrutamientoInvestigación Enrutamiento
Investigación Enrutamiento
 
VXLAN Practice Guide
VXLAN Practice GuideVXLAN Practice Guide
VXLAN Practice Guide
 
Travaux pratiques configuration du routage entre réseaux locaux virtuels
Travaux pratiques configuration du routage entre réseaux locaux virtuelsTravaux pratiques configuration du routage entre réseaux locaux virtuels
Travaux pratiques configuration du routage entre réseaux locaux virtuels
 
Sobanski odl summit_2015
Sobanski odl summit_2015Sobanski odl summit_2015
Sobanski odl summit_2015
 
Cisco Live Brksec 3032 - NGFW Clustering
Cisco Live Brksec 3032 - NGFW ClusteringCisco Live Brksec 3032 - NGFW Clustering
Cisco Live Brksec 3032 - NGFW Clustering
 
Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)
 
cisco csr1000v
cisco csr1000vcisco csr1000v
cisco csr1000v
 
BGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN ControllerBGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN Controller
 
Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015
Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015
Software Defined Network (SDN) using ASR9000 :: BRKSPG-2722 | San Diego 2015
 

Viewers also liked

2 2-diff serv-intserv
2 2-diff serv-intserv2 2-diff serv-intserv
2 2-diff serv-intservc09271
 
Mini-Workshop: Responsive Web Design with Visualforce and Bootstrap
Mini-Workshop: Responsive Web Design with Visualforce and BootstrapMini-Workshop: Responsive Web Design with Visualforce and Bootstrap
Mini-Workshop: Responsive Web Design with Visualforce and BootstrapKeir Bowden
 
Ο σχολικός μας κήπος
Ο σχολικός μας κήποςΟ σχολικός μας κήπος
Ο σχολικός μας κήποςΑννα Παππα
 
οδηγίες συμπλήρωσης αίτησης για το πρόγραμμα Teachers 4 europe 2014 2015
οδηγίες συμπλήρωσης αίτησης για το πρόγραμμα Teachers 4 europe 2014 2015οδηγίες συμπλήρωσης αίτησης για το πρόγραμμα Teachers 4 europe 2014 2015
οδηγίες συμπλήρωσης αίτησης για το πρόγραμμα Teachers 4 europe 2014 2015Dr. Paraskevas Apostolos
 
Project ECHO (Extension for Community Health Outcomes)
Project ECHO (Extension for Community Health Outcomes)Project ECHO (Extension for Community Health Outcomes)
Project ECHO (Extension for Community Health Outcomes)icornpresentations
 
Social Media Report - Snack Brands - Chips (India) September - October 2016
Social Media Report - Snack Brands - Chips (India) September - October 2016Social Media Report - Snack Brands - Chips (India) September - October 2016
Social Media Report - Snack Brands - Chips (India) September - October 2016Unmetric
 
洞穴人的陰影
洞穴人的陰影洞穴人的陰影
洞穴人的陰影t067
 
Welwyn Hatfield Dragons Apprentice: 5 reasons to be involved
Welwyn Hatfield Dragons Apprentice: 5 reasons to be involvedWelwyn Hatfield Dragons Apprentice: 5 reasons to be involved
Welwyn Hatfield Dragons Apprentice: 5 reasons to be involvedRed Potato
 
World Economic Forum Annual Meeting 2006
World Economic Forum Annual Meeting 2006World Economic Forum Annual Meeting 2006
World Economic Forum Annual Meeting 2006WorldEconomicForumDavos
 
Validación del Desempeño de los Dispositivos Médicos, Una Mirada desde la Ing...
Validación del Desempeño de los Dispositivos Médicos, Una Mirada desde la Ing...Validación del Desempeño de los Dispositivos Médicos, Una Mirada desde la Ing...
Validación del Desempeño de los Dispositivos Médicos, Una Mirada desde la Ing...Rigoberto José Meléndez Cuauro
 

Viewers also liked (16)

Quality of service
Quality of serviceQuality of service
Quality of service
 
Cisco: QoS
Cisco: QoSCisco: QoS
Cisco: QoS
 
2 2-diff serv-intserv
2 2-diff serv-intserv2 2-diff serv-intserv
2 2-diff serv-intserv
 
Mini-Workshop: Responsive Web Design with Visualforce and Bootstrap
Mini-Workshop: Responsive Web Design with Visualforce and BootstrapMini-Workshop: Responsive Web Design with Visualforce and Bootstrap
Mini-Workshop: Responsive Web Design with Visualforce and Bootstrap
 
Recycle Game
Recycle GameRecycle Game
Recycle Game
 
Ο σχολικός μας κήπος
Ο σχολικός μας κήποςΟ σχολικός μας κήπος
Ο σχολικός μας κήπος
 
οδηγίες συμπλήρωσης αίτησης για το πρόγραμμα Teachers 4 europe 2014 2015
οδηγίες συμπλήρωσης αίτησης για το πρόγραμμα Teachers 4 europe 2014 2015οδηγίες συμπλήρωσης αίτησης για το πρόγραμμα Teachers 4 europe 2014 2015
οδηγίες συμπλήρωσης αίτησης για το πρόγραμμα Teachers 4 europe 2014 2015
 
Project ECHO (Extension for Community Health Outcomes)
Project ECHO (Extension for Community Health Outcomes)Project ECHO (Extension for Community Health Outcomes)
Project ECHO (Extension for Community Health Outcomes)
 
Manejo y seguridad del internet
Manejo y seguridad del internetManejo y seguridad del internet
Manejo y seguridad del internet
 
Social Media Report - Snack Brands - Chips (India) September - October 2016
Social Media Report - Snack Brands - Chips (India) September - October 2016Social Media Report - Snack Brands - Chips (India) September - October 2016
Social Media Report - Snack Brands - Chips (India) September - October 2016
 
洞穴人的陰影
洞穴人的陰影洞穴人的陰影
洞穴人的陰影
 
Welwyn Hatfield Dragons Apprentice: 5 reasons to be involved
Welwyn Hatfield Dragons Apprentice: 5 reasons to be involvedWelwyn Hatfield Dragons Apprentice: 5 reasons to be involved
Welwyn Hatfield Dragons Apprentice: 5 reasons to be involved
 
World Economic Forum Annual Meeting 2006
World Economic Forum Annual Meeting 2006World Economic Forum Annual Meeting 2006
World Economic Forum Annual Meeting 2006
 
ECRI-INSTITUTE - Camas de Parto
ECRI-INSTITUTE - Camas de PartoECRI-INSTITUTE - Camas de Parto
ECRI-INSTITUTE - Camas de Parto
 
Validación del Desempeño de los Dispositivos Médicos, Una Mirada desde la Ing...
Validación del Desempeño de los Dispositivos Médicos, Una Mirada desde la Ing...Validación del Desempeño de los Dispositivos Médicos, Una Mirada desde la Ing...
Validación del Desempeño de los Dispositivos Médicos, Una Mirada desde la Ing...
 
The drowned love
The drowned loveThe drowned love
The drowned love
 

Similar to QoS Pre-Classify on Cisco IOS

Ccna2 mod3-configuring a-router
Ccna2 mod3-configuring a-routerCcna2 mod3-configuring a-router
Ccna2 mod3-configuring a-router97148881557
 
CCNA ppt Day 4
CCNA ppt Day 4CCNA ppt Day 4
CCNA ppt Day 4VISHNU N
 
Ccn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_studentCcn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_studentAngel Clavel
 
Pass4sure 300-101 CCNP Routing And Switching Protocol
Pass4sure 300-101 CCNP Routing And Switching ProtocolPass4sure 300-101 CCNP Routing And Switching Protocol
Pass4sure 300-101 CCNP Routing And Switching Protocolpheaboup
 
Configuring Ip Sec Between A Router And A Pix
Configuring Ip Sec Between A Router And A PixConfiguring Ip Sec Between A Router And A Pix
Configuring Ip Sec Between A Router And A Pixangelitoh11
 
Lab8 Controlling traffic using Extended ACL Objectives Per.pdf
Lab8 Controlling traffic using Extended ACL Objectives Per.pdfLab8 Controlling traffic using Extended ACL Objectives Per.pdf
Lab8 Controlling traffic using Extended ACL Objectives Per.pdfadityacommunication1
 
Intro to router_config
Intro to router_configIntro to router_config
Intro to router_configarjuntrk
 
How to convert your Linux box into Security Gateway - Part 1
How to convert your Linux box into Security Gateway - Part 1How to convert your Linux box into Security Gateway - Part 1
How to convert your Linux box into Security Gateway - Part 1n|u - The Open Security Community
 
Cisco Internetworking Operating System (ios)
Cisco Internetworking Operating System (ios)Cisco Internetworking Operating System (ios)
Cisco Internetworking Operating System (ios)Netwax Lab
 
ccnp routing.pptx
ccnp routing.pptxccnp routing.pptx
ccnp routing.pptxGiyaShefin
 
Enterprise Network Manager: the Router-On-A-stick
Enterprise Network Manager: the Router-On-A-stickEnterprise Network Manager: the Router-On-A-stick
Enterprise Network Manager: the Router-On-A-stick3Anetwork com
 
Uccn1003 -may10_-_lect04a_-_intro_to_routing_rules
Uccn1003 -may10_-_lect04a_-_intro_to_routing_rulesUccn1003 -may10_-_lect04a_-_intro_to_routing_rules
Uccn1003 -may10_-_lect04a_-_intro_to_routing_rulesShu Shin
 
Intro to router_config
Intro to router_configIntro to router_config
Intro to router_config97148881557
 
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docxAll contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docxgalerussel59292
 
Cisco CCNA-CCNP IP SLA Configuration
Cisco CCNA-CCNP IP SLA ConfigurationCisco CCNA-CCNP IP SLA Configuration
Cisco CCNA-CCNP IP SLA ConfigurationHamed Moghaddam
 
How to configure frame realy
How to configure frame realyHow to configure frame realy
How to configure frame realyNetProtocol Xpert
 

Similar to QoS Pre-Classify on Cisco IOS (20)

Labmannual
LabmannualLabmannual
Labmannual
 
Ccna2 mod3-configuring a-router
Ccna2 mod3-configuring a-routerCcna2 mod3-configuring a-router
Ccna2 mod3-configuring a-router
 
CCNA ppt Day 4
CCNA ppt Day 4CCNA ppt Day 4
CCNA ppt Day 4
 
Ccn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_studentCcn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_student
 
Pass4sure 300-101 CCNP Routing And Switching Protocol
Pass4sure 300-101 CCNP Routing And Switching ProtocolPass4sure 300-101 CCNP Routing And Switching Protocol
Pass4sure 300-101 CCNP Routing And Switching Protocol
 
Configuring Ip Sec Between A Router And A Pix
Configuring Ip Sec Between A Router And A PixConfiguring Ip Sec Between A Router And A Pix
Configuring Ip Sec Between A Router And A Pix
 
Lab8 Controlling traffic using Extended ACL Objectives Per.pdf
Lab8 Controlling traffic using Extended ACL Objectives Per.pdfLab8 Controlling traffic using Extended ACL Objectives Per.pdf
Lab8 Controlling traffic using Extended ACL Objectives Per.pdf
 
Intro to router_config
Intro to router_configIntro to router_config
Intro to router_config
 
How to convert your Linux box into Security Gateway - Part 1
How to convert your Linux box into Security Gateway - Part 1How to convert your Linux box into Security Gateway - Part 1
How to convert your Linux box into Security Gateway - Part 1
 
Cisco Internetworking Operating System (ios)
Cisco Internetworking Operating System (ios)Cisco Internetworking Operating System (ios)
Cisco Internetworking Operating System (ios)
 
Ccna command
Ccna commandCcna command
Ccna command
 
ccnp routing.pptx
ccnp routing.pptxccnp routing.pptx
ccnp routing.pptx
 
Enterprise Network Manager: the Router-On-A-stick
Enterprise Network Manager: the Router-On-A-stickEnterprise Network Manager: the Router-On-A-stick
Enterprise Network Manager: the Router-On-A-stick
 
Uccn1003 -may10_-_lect04a_-_intro_to_routing_rules
Uccn1003 -may10_-_lect04a_-_intro_to_routing_rulesUccn1003 -may10_-_lect04a_-_intro_to_routing_rules
Uccn1003 -may10_-_lect04a_-_intro_to_routing_rules
 
Frame Relay (Multipoint)
Frame Relay (Multipoint)Frame Relay (Multipoint)
Frame Relay (Multipoint)
 
Intro to router_config
Intro to router_configIntro to router_config
Intro to router_config
 
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docxAll contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
 
3
33
3
 
Cisco CCNA-CCNP IP SLA Configuration
Cisco CCNA-CCNP IP SLA ConfigurationCisco CCNA-CCNP IP SLA Configuration
Cisco CCNA-CCNP IP SLA Configuration
 
How to configure frame realy
How to configure frame realyHow to configure frame realy
How to configure frame realy
 

More from NetProtocol Xpert

Basic Cisco ASA 5506-x Configuration (Firepower)
Basic Cisco ASA 5506-x Configuration (Firepower)Basic Cisco ASA 5506-x Configuration (Firepower)
Basic Cisco ASA 5506-x Configuration (Firepower)NetProtocol Xpert
 
Common Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationCommon Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationNetProtocol Xpert
 
Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)NetProtocol Xpert
 
Securing management, control & data plane
Securing management, control & data planeSecuring management, control & data plane
Securing management, control & data planeNetProtocol Xpert
 
Point to-point protocol (ppp), PAP & CHAP
Point to-point protocol (ppp), PAP & CHAPPoint to-point protocol (ppp), PAP & CHAP
Point to-point protocol (ppp), PAP & CHAPNetProtocol Xpert
 
Avoid DNS lookup when mistyping a command
Avoid DNS lookup when mistyping a commandAvoid DNS lookup when mistyping a command
Avoid DNS lookup when mistyping a commandNetProtocol Xpert
 
TCLSH and Macro Ping Test on Cisco Routers and Switches
TCLSH and Macro Ping Test on Cisco Routers and SwitchesTCLSH and Macro Ping Test on Cisco Routers and Switches
TCLSH and Macro Ping Test on Cisco Routers and SwitchesNetProtocol Xpert
 
MTU (maximum transmission unit) & MRU (maximum receive unit)
MTU (maximum transmission unit) & MRU (maximum receive unit)MTU (maximum transmission unit) & MRU (maximum receive unit)
MTU (maximum transmission unit) & MRU (maximum receive unit)NetProtocol Xpert
 
OTV(Overlay Transport Virtualization)
OTV(Overlay Transport Virtualization)OTV(Overlay Transport Virtualization)
OTV(Overlay Transport Virtualization)NetProtocol Xpert
 

More from NetProtocol Xpert (20)

Basic Cisco ASA 5506-x Configuration (Firepower)
Basic Cisco ASA 5506-x Configuration (Firepower)Basic Cisco ASA 5506-x Configuration (Firepower)
Basic Cisco ASA 5506-x Configuration (Firepower)
 
MPLS Layer 3 VPN
MPLS Layer 3 VPN MPLS Layer 3 VPN
MPLS Layer 3 VPN
 
Common Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationCommon Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & Mitigation
 
Storm-Control
Storm-ControlStorm-Control
Storm-Control
 
Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)
 
IP Source Guard
IP Source Guard IP Source Guard
IP Source Guard
 
DHCP Snooping
DHCP SnoopingDHCP Snooping
DHCP Snooping
 
Password Recovery
Password RecoveryPassword Recovery
Password Recovery
 
Application & Data Center
Application & Data CenterApplication & Data Center
Application & Data Center
 
Cisco ISR 4351 Router
Cisco ISR 4351 RouterCisco ISR 4351 Router
Cisco ISR 4351 Router
 
Cisco ASR 1001-X Router
Cisco ASR 1001-X RouterCisco ASR 1001-X Router
Cisco ASR 1001-X Router
 
Securing management, control & data plane
Securing management, control & data planeSecuring management, control & data plane
Securing management, control & data plane
 
Point to-point protocol (ppp), PAP & CHAP
Point to-point protocol (ppp), PAP & CHAPPoint to-point protocol (ppp), PAP & CHAP
Point to-point protocol (ppp), PAP & CHAP
 
Avoid DNS lookup when mistyping a command
Avoid DNS lookup when mistyping a commandAvoid DNS lookup when mistyping a command
Avoid DNS lookup when mistyping a command
 
TCLSH and Macro Ping Test on Cisco Routers and Switches
TCLSH and Macro Ping Test on Cisco Routers and SwitchesTCLSH and Macro Ping Test on Cisco Routers and Switches
TCLSH and Macro Ping Test on Cisco Routers and Switches
 
Private VLANs
Private VLANsPrivate VLANs
Private VLANs
 
MTU (maximum transmission unit) & MRU (maximum receive unit)
MTU (maximum transmission unit) & MRU (maximum receive unit)MTU (maximum transmission unit) & MRU (maximum receive unit)
MTU (maximum transmission unit) & MRU (maximum receive unit)
 
OTV Configuration
OTV ConfigurationOTV Configuration
OTV Configuration
 
Cisco OTV 
Cisco OTV Cisco OTV 
Cisco OTV 
 
OTV(Overlay Transport Virtualization)
OTV(Overlay Transport Virtualization)OTV(Overlay Transport Virtualization)
OTV(Overlay Transport Virtualization)
 

Recently uploaded

Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Suman Mia
 
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...RajaP95
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...Call Girls in Nagpur High Profile
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130Suhani Kapoor
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 

Recently uploaded (20)

Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
 

QoS Pre-Classify on Cisco IOS

  • 1. QoS Pre-Classify on Cisco IOS Quality of Service (QoS) | www.netprotocolxpert.in
  • 2. • When we use tunnelling, your Cisco IOS router will do classification based on the outer (post) header, not the inner (pre) header. This can cause issues with QoS policies that are applied to the physical interfaces. I will explain the issue and we will take a look how we can Fix it. Here’s the topology that we will use:
  • 3. • Using a static route so that R1 and R3 can reach each other’s loopback interfaces through the tunnel: • R1(config)#interface Tunnel 0 • R1(config‐if)#tunnel source 192.168.12.1 • R1(config‐if)#tunnel destination 192.168.23.3 • R1(config‐if)#ip address 172.16.13.1 255.255.255.0 • R1(config)#ip route 3.3.3.3 255.255.255.255 172.16.13.3 • The configuration on R3 is similar: • R3(config)#interface Tunnel 0 • R3(config‐if)#tunnel source 192.168.23.3 • R3(config‐if)#tunnel destination 192.168.12.1 • R3(config‐if)#ip address 172.16.13.3 255.255.255.0 • R3(config)#ip route 1.1.1.1 255.255.255.255 172.16.13.1
  • 4. Default Classification Behaviour • The tunnel is up and running, before we play with classification and service policies, let’s take a look at the default classification behaviour of Cisco IOS • IOS will copy the information in theTOS (Type of Service) byte from the inner IP header to the outer IP header by default.We can demonstrate this with a simple ping.
  • 5. • Loose, Strict, Record,Timestamp, Verbose[none]: • Sweep range of sizes [n]: • Type escape sequence to abort. • Sending 5, 100‐byte ICMP Echos to 3.3.3.3, timeout is 2 seconds: • Packet sent with a source address of 1.1.1.1 • !!!!! • Success rate is 100 percent (5/5), round‐trip min/avg/max = 1/2/4 ms • R1#ping • Protocol [ip]: • Target IP address: 3.3.3.3 • Repeat count [5]: • Datagram size [100]: • Timeout in seconds [2]: • Extended commands [n]: y • Source address or interface: 1.1.1.1 • Type of service [0]: 160 • Set DF bit in IP header? [no]: • Validate reply data? [no]: • Data pattern [0xABCD]:
  • 6. • This ping between 1.1.1.1 and 3.3.3.3 will go through the tunnel and I marked the TOS byte of this IP packet with 160 (decimal). 160 in binary is 10100000, remove the last two bits and you have our 6 DSCP bits. 101000 in binary is 40 in decimal which is the same as the CS5. wireshark capture of this ping: Cont.…
  • 7.
  • 8. • As we can see, Cisco IOS automatically copied the TOS byte from the inner IP header to the outer IP header. This is a good thing, We are using GRE in our example so we can see both headers but if this was an encrypted IPSEC tunnel then we (and any device in between) could only see the outer header. • When you have QoS policies based on the TOS byte then you will have no problems at all because the TOS byte is copied from the inner to the outer header. We will run into issues when you have policies based on access-lists that match on source / destination addresses and/or port numbers.
  • 9. Post Header Classification • We are going to create two class-maps, one for telnet traffic and another one for GRE traffic. Both class-maps will use an access-list to classify traffic: • R1(config)#ip access‐list extendedTELNET • R1(config‐ext‐nacl)#permit tcp any any eq telnet • R1(config)#class‐mapTELNET • R1(config‐cmap)#match access‐group nameTELNET • R1(config)#ip access‐list extended GRE • R1(config‐ext‐nacl)#permit gre any any • R1(config)#class‐map GRE • R1(config‐cmap)#match access‐group name GRE
  • 10. The two class-maps will be used in a policy-map: • R1(config)#policy‐map POLICE • R1(config‐pmap)#classTELNET • R1(config‐pmap‐c)#police 128000 • R1(config‐pmap‐c‐police)#exit • R1(config‐pmap‐c)#exit • R1(config‐pmap)#class GRE • R1(config‐pmap‐c)#exit • R1(config‐pmap)#exit
  • 11. • We’ve added policing for telnet traffic and nothing for GRE. It doesn’t matter what “actions” we configure here, even without an action the traffic will still be classified and it will show up in the policy-map. Let’s activate it on the physical interface: • R1(config)#interface FastEthernet 0/0 • R1(config‐if)#service‐policy output POLICE • Something to keep in mind is that when you enable a policy on the physical interface, it will be applied to all tunnel interfaces. • Generate some telnet traffic between R1 and R3 so it goes through the tunnel: • R1#telnet 3.3.3.3 /source‐interface loopback 0 • Trying 3.3.3.3 ... Open
  • 12. • R1#show policy‐map interface FastEthernet 0/0 • FastEthernet0/0 • Service‐policy output: POLICE • Class‐map:TELNET (match‐all) •0 packets, 0 bytes •5 minute offered rate 0 bps, drop rate 0 bps •Match: access‐group nameTELNET •police: •cir 128000 bps, bc 4000 bytes •conformed 0 packets, 0 bytes; actions: •transmit •exceeded 0 packets, 0 bytes; actions:
  • 13. •drop • conformed 0 bps, exceed 0 bps • Class‐map: GRE (match‐all) • 11 packets, 735 bytes • 5 minute offered rate 0 bps • Match: access‐group name GRE • Class‐map: class‐default (match‐any) • 2 packets, 120 bytes • 5 minute offered rate 0 bps, drop rate 0 bps • Match: any
  • 14. • We don’t have any matches for the telnet traffic. • If this was a real network, it means that telnet traffic will never get policed (or any other action you configured). The reason that we don’t see any matches is because Cisco IOS first encapsulates the IP packet and then applies the policy to the GRE traffic.
  • 15. Encapsulates the IP packet The blue IP header on top is our original IP packet with telnet traffic, this is encapsulated and the router adds a GRE header and a new IP header (the red one).The policy-map is then applied to this outer IP header.
  • 16. Pre Header Classification (Physical Interface) • The first method to solve this issue is to enable pre-classification on the tunnel interface. This tells the router to create a copy of the original IP header and to use that for the policy. Here's how to do this: • R1(config)#interfaceTunnel 0 • R1(config‐if)#qos pre‐classify
  • 17. • R1#clear counters • Clear "show interface" counters on all interfaces [confirm] • R1#telnet 3.3.3.3 /source‐interface loopback 0 • Trying 3.3.3.3 ... Open
  • 18. Now take a look at the policy-map: • R1#show policy‐map interface FastEthernet 0/0 • FastEthernet0/0 • Service‐policy output: POLICE • Class‐map: TELNET (match‐all) •11 packets, 735 bytes •5 minute offered rate 0 bps, drop rate 0 bps •Match: access‐group nameTELNET •police: •cir 128000 bps, bc 4000 bytes •conformed 11 packets, 889 bytes; actions: •transmit Cont.…
  • 19. • exceeded 0 packets, 0 bytes; actions: •drop • conformed 0 bps, exceed 0 bps • Class‐map: GRE (match‐all) • 0 packets, 0 bytes • 5 minute offered rate 0 bps • Match: access‐group name GRE • Class‐map: class‐default (match‐any) • 1 packets, 60 bytes • 5 minute offered rate 0 bps, drop rate 0 bps • Match: any Now we see matches on our telnet traffic so it can be policed if needed. We don't see any matches on our GRE traffic anymore.
  • 20. When the router encapsulates a packet, it will make a temporary copy of the header. This temporary copy is then used for the policy instead of the outer header. When this is done, the temporary copy is destroyed. We accomplished this with the qos pre-classify command but there is another method to get the same result.
  • 21. Pre Header Classification (Tunnel Interface) • Instead of activating the policy on the physical interface we can also enable it on the tunnel interface: • R1(config)#interface FastEthernet 0/0 • R1(config‐if)#no service‐policy output POLICE • R1(config)#interfaceTunnel 0 • R1(config‐if)#no qos pre‐classify • R1(config‐if)#service‐policy output POLICE
  • 22. • Note that I also removed the qos pre-classify command on the tunnel interface. Let's give it another try: • R1#clear counters • Clear "show interface" counters on all interfaces [confirm] • R1#telnet 3.3.3.3 /source‐interface loopback 0 • Trying 3.3.3.3 ... Open
  • 23. • R1#show policy‐map interfaceTunnel 0 • Tunnel0 • Service‐policy output: POLICE • Class‐map: TELNET (match‐all) •11 packets, 737 bytes •5 minute offered rate 0 bps, drop rate 0 bps •Match: access‐group nameTELNET •police: •cir 128000 bps, bc 4000 bytes •conformed 11 packets, 737 bytes; actions: •transmit •exceeded 0 packets
  • 24. •drop • conformed 0 bps, exceed 0 bps • Class‐map: GRE (match‐all) • 0 packets, 0 bytes • 5 minute offered rate 0 bps • Match: access‐group name GRE • Class‐map: class‐default (match‐any) • 0 packets, 0 bytes • 5 minute offered rate 0 bps, drop rate 0 bps • Match: any
  • 25. • If you enable the policy on the tunnel interface then the router will use the inner header for classification, just like we saw when we used the qos pre-classify command on the tunnel interface. • That's all there is to explain. We hope this lesson has been useful to understand the difference between "outer" and "inner" header classification and how to deal with this issue.