Data Center:Network:Cisco:Nexus:Quality of Service (QoS)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] but I did already go ahead and say that now catalyst IOUs uses MLS or multi-layer switching nomenclature along with some modular quality of service command line I love the acronyms of acronyms I'm just waiting for when we have acronyms of acronyms of acronyms which I venture can't be too far off nx-os everything uses the mqc nomenclature the idea was to simplify everything and it was also to unify the hardware and to abstract different levels of hardware capabilities from having different command lines as we were used to with the Kumada catalyst tos so it's still a three step model still a three set model like we're used to in any mqc so what we're gonna do is we're going to create class Maps which go into policy maps which are applied with service policies okay really no different than anything if you've ever done quality of service on even a router create the class map it classifies or matches the traffic that goes into a policy Mak map where we based on that class affect the traffic in different ways this might be effect it might be effect at any rate and then we apply that to the interface with a service policy now the difference is in nx-os we have three different types of class Maps policy Maps and actually four if you can account control plane policing so for Kuehl we've got one type which is of type QoS this is basically used for classification and some marking is really used for classification primarily we've also got the queuing this is what does the cost to queue mapping this is what does the what are we gonna turn on weighted red this is what does this is what really affects the hardware itself okay this is and I'm gonna bring up the catalyst 6500 comparison but this is really what directly affects that hardware are we gonna do policing or are we gonna do shaping what is it we're gonna turn on we can turn on multiple are we gonna create a strict priority queue we can turn on multiple things that are logically insane don't work based on the hardware so we could tell let's say a queue to be a priority queue but when we go apply it to the hardware it says uh can't turn on priority queuing because you're not talking about a priority queue and I only from a hardware standpoint have one priority queue for instance or you could tell it to try to turn on well we're gonna take a look at some examples of some things that won't actually apply the command line parser doesn't stop you from putting something that's logically insane into the command line but when you actually go apply it to the hardware ASIC when you actually go write it to the port and that actually writes down from the supervisor to the hardware ASIC it will perform a sanity check and say does the hardware support this if not it's gonna kick back an error and it won't let you do it then we also and again this is analogous the queuing type is analogous to cat iOS things like the MLS QoS srr queue or the MLS QoS queue set output buffers where we're actually defining the amount of memory for in this case egress queue or a queue set or template or MLS qsq set output threshold where we're defining what traffic is going into what threshold and then finally we really have something brand-new to Nexus and this is called the network QoS this is actually dealing with the quality of service inside the fabric this central fabric of the system so there is this new entity and again it's not necessarily new it is in other platforms but you may not be used to it and that is the QoS group this really allows an abstraction from simple or for the purposes of simple mapping I should say so the idea is that I classify traffic and then I give it this tag which is very quick to look up even faster to look up then the then the the class of service or cos value and it also is just something that I can refer to system-wide so this allows the abstraction for simple mapping for instance I could map one or more classes of traffic to a particular QoS group and then apply that QoS group to a particular queue and as we'll see in the Nexus 5k this is really how we do things so when I'm configuring queuing or even when I'm configuring a control plane policing just as a note I have to do those in the default VDC and they may momentarily disrupt traffic depending on what I'm doing with them the reason for this is that I can't really affect hardware except in the default VDC okay so that's the one thing that we can't do I actually already had that so I'm not sure why I have that chart twice the type of QoS oh just I see it got carried over to the next slide so my different class map and policy map that is of the type QoS I already mentioned this this is primarily for classification for the type queuing this is where we do anything that affects the system-wide har systemwide cards with the particular ASIC capabilities such as strict priority queue distributed weighted round robin as opposed to shaped round robin and we can always see what the individual capabilities of the card are and we're gonna do that in a moment by doing show and this is really not any different than catalyst iOS by saying show port number capabilities okay now notice that there is actually going to be a pause in the the actual nx-os interface when I apply a cost value to a queue this is really the switch writing that instruction live to that Hardware switch on ship I already mentioned this there's a sanity check performed I give an example so for instance if I say class type queuing and I say 8 Q 2 T and this is an 8 Q but there's no priority queue and I use the command priority level 1 the priority action is not allowed in an input direction for instance okay we're going to take a look at some of these predefined names so they have names and the names reflect the hardware capabilities okay so it actually makes a lot of sense the in versus the out here that reflects the direction am i applying this in an ingress or an egress direction of the eight queues and to tail drop thresholds which queue am i working on I'm working on queue one of those eight queues what's the hardware capabilities I shouldn't even begin trying to configure an eight q2t ingress q1 if I don't have hardware that supports eight q2t I need to do a show port capabilities or show Ethernet 1/1 or 2/1 or whatever port I have capabilities and see what is the receive queue capabilities what are the transmit queue capabilities and then I need to configure classes and policy maps for those types of hardware capabilities otherwise it's just a exercise in futility so queueing attributes in the policy map some of the different things that I can do I can do priority and I can actually specify a level level one or two although only level one is really available today I assume that level two of course I don't know that I don't have a m2 or an f2 card to see maybe level two is available in those newer generation cards but I define the queue as a strict priority queue again strict priority means if you get in my queue you are getting on the wire before anyone else you have VI status bandwidth bandwidth really is something I think is misunderstood bandwidth does not necessarily mean you get X amount of bandwidth you know if this is a 10 gig interface and I give you a bandwidth value of 10 does that mean that you get 10 megabit 10 gigabit 10 what it's really a ratio to the other weights the idea of weighted round robin so I'm going around in a circle if I have 8 Q's I'm going around 2 Q 1 Q 2 Q 3 Q 4 Q 5 6 7 8 and I'm servicing them at different intervals so if Q 8 is and and forget about priority Q if you're a priority Q basically if there are packets there or if there are frames there you get on to the wire first carte blanche if on all the rest of my queues or if I don't have a priority Q if I have queues weighted let's say Q 8 is weighted with value of 80 and and you can do things in it's all a ratio so I can do it in values that equal up to 10 that equal up to a hundred they don't have to equal anything it's all going to be a ratio it tends to be easier I think and my students tend to find if I make all the values equal 100 because then I'm basically saying what percentage of the overall bandwidth are you getting okay but it's basically a ratio if I say Q 8 is a 10 and Q 1 is a 1 then I'm servicing Q 8 1 2 3 4 5 6 7 8 9 10 and then I'm circling around and getting Q 1 once grabbed a frame go over see what Q 2 is it was a 3 1 2 3 go over Q 5 it was a 2 1 to go over to Q 8 it was a 10 1 2 3 4 5 6 7 8 9 10 circle back around the whole idea of a round-robin and servicing so that's really what the bandwidth is there ok shape this is also something that's commonly misunderstood but this defines the shaped round robin so I'm still go around to the different queues I'm still gonna service them in a round-robin state but I'm gonna define an inverse absolute weight so if I have a value of like five for a particular Q this is 1/5 okay it's an inverse to the Q as a whole bandwidth tends to be a shared or a distributed weighted round robin shape is a an inverse absolute okay so this if I have a two you get half the bandwidth if I have five you get 1/5 of the bandwidth if I have 10 you get 1/10 of the bandwidth 20 you get 120th of the bandwidth makes sense but it also disables priority queuing okay the queue limit command actually defines the queue size or depth it also defines essentially tail drop thresholds if I continue out with the syntax and arguments again what's the queue depth how deep is a queue what does that mean what does it mean when I say a queue has depth to it this is really the amount of memory right how deep how many packets how many frames how many whatever it is I'm trying to say does and if I'm speaking in terms of like you know something other than bytes you know how many of that is it going to take memory in order to store that that's my depth at the end of it is a threshold I may not let everything come up to the full Q potential 100% of the queue is a hundred percent full all my memory is being used so some things will get into the 100 percent category as I showed with that really badly drawn graphic illustration earlier but for Q 1 or I'm sorry not Q 1 but let's say tail drop threshold 1 maybe I give it 10 percent and then you only have 10 percent of that queue depth before packets begin or frames begin dropping off the tail in the tail drop random detect I'm going to define my weighted random thresholds / Q tail drop and weighted read are mutually exclusive on a per cube basis so they can't exist at the same time it doesn't make sense weighted read I'm intentionally dropping tail drop you've just reached the buffer limit now the new type of network QoS these are system class characteristics things like drop or no drop okay we talked about what's our no drop queue or no drop network QoS class going to be that's going to be for FCoE I also set em to you here now this is something that is not something you would traditionally necessarily have set before this is a little bit different in the sense that when we think of the command MTU we typically think of the command IP MTU right with IP MTU we're setting that on a layer 3 routed interface and we're defining the MTU for the packet size but what's the difference between layer 3 and layer 2 fragmentation is available so at a layer 3 I can fragment and assuming that my application doesn't hate me for doing it you know TCP I can put a fragmentation sequence number in there and I can reassemble at the other side you don't exactly fragment Ethernet okay it's not like it has reassembly numbers in there so you need to size when we're talking about network QoS we're talking about layer 2 MTU we're talking about the entire size needed for a given payload within that Ethernet frame we're not taking into account the Ethernet frame itself and actually different switch architectures may or may not so you want to read the the specifics of that particular hardware architecture documentation to see if it actually takes that 12 by Ethernet frame into account ok but at any rate actually 14 byte 14 by because I have a 2 byte ethertype so at any rate whether it takes that 14 bite into account or not you need to read but typically what's going to be set is going to be what you're going to use so 21 12:4 FCoE probably 1500 is going to be fairly standard for Ethernet for jumbo frames I can set it up to like what ninety button I think it's 92 16 is the limit for my I scuzzy jumbo frames it just depends on what you need to set it to your FCoE you can't change it okay you can put traffic into a class where FCoE should be and again signaling may fall into this class and that may not be a bad thing it may not hurt us we don't want to put anything else into that class but there are some things that we cannot do first of all we can turn on or off off by default the FCoE class or network QoS group for FCoE in a 50 500 series switch it was on by default and you couldn't touch it in the 5010 5020 the reason that cisco finally let you in the 5500 was because enough customers called in or wrote in and talked to their s see an Account Manager and development team and said listen we don't do FCoE and that's buffer memory that we can't store any frames in you're basically taking it away from us we paid for it but we can't use it because it's it's locked there only for FCoE so that's when cisco said you know what that's a good point not all environments have FCoE the switch was built with FCoE in mind but not everyone has it so we'll unlock that we'll leave it off and you can tune that you can turn not sorry not tune it but you you can tune it a little bit we're gonna talk about one thing for the ok for the in general so ok so taking a look at buffer size we can allocate the different buffer size we can change the marking so 3 attach points for the policy types think of how the frame forwards across the switch it comes in a port it hits the crossbar fabric it goes out the port so on the ingress interface we can do QoS type we can also do ingress queuing at the unified crossbar fabric we can do QLS type and we're going to talk about one of the reasons we might want to do this with the 5500 specifically with a layer 3 daughter card in a moment we can do queuing across the fabric and we can specifically mainly queuing here is we're gonna not actually be doing queuing per se but we're gonna be using the queuing nqc structure to turn on like I said change MTU 2112 for FCoE things of that nature network QoS type this is where we can affect those MTU and other things so queuing I'm sorry queuing is where we would have done things like weighted read or strict priority or things like that and then there's also the egress interface where we can do egress queuing now there's sort of a nine step configuration process that I've outlined we define the type of QoS or I should say we define for the type QoS in a class map ok then we define the type QoS policy map and call those type QoS class Maps into play and do things to them classify match mark etc and then we apply that type QoS policy map then as you might imagine with the attach point we define the type network QoS so that last one was the ingress port we do this at the ingress we type QoS tight QoS policy map and then apply that policy map then we create the type network class class map the network QoS policy map and attach it globally then we define the type queuing class map define the queuing policy map and attach it now this is assuming an egress queuing but again we can do it on the ingress and that's where we do do it if we are configuring a nexus 5500 or sorry f-series line card okay hardware specifics the nexus 5000 had a four system default QoS QoS group classes defined so there were two for cost six and seven really still are two for QoS cost six and seven there is class default or 0 and there is the FCoE class so out of eight that leaves us four that we can use okay kind of limited 5500 changes this no FCoE is defined by default so we can use that if we're not using FCoE if you're using FCoE you must allocate this properly no two ways about it you don't have to but you're gonna drop FCoE traffic okay so the next is 5500 layer 3 daughter card this is kind of a special situation where as the traffic passes up through the layer 3 downer card the cost value is actually lost and so we basically have to reclassify and remark this traffic otherwise things like voice video and signaling end up in the default queue okay so this is bad we would never have fcl we end up in the default queue because we don't wrote FCoE there is no layer 3 ok but any traffic that we route if it's if we're routing it in the 5500 we have to reclassify it the easy takeaway is that if you always set the cost value even when you're just calling a class map from a policy map where you had just previously classified based on costs then your bases are covered you don't have to worry about it because it's always done for you ok the other takeaway is don't use the 5500 as a layer 3 switch it was intended as a layer 2 switch but obviously cost is gonna dictate they're more Hardware specifics for the Nexus 5k and 7k treatment FCoE is cost 3 but Nexus f5k matches both and actually 7k does as well on cost 3 and the ether type 89 14 and 18 I know 6 for FIP and FCoE respectively I wrote those out there it is there is a hardware to ensure Hardware override to ensure that they make it to cost group 1 and ultimately to the proper no drop q okay you can't get FCoE out of cost group 1 you can miss configure and I've already said this and put other things like signaling actually a a signaling would be one of the ones that wouldn't necessarily be a miss configuration but it might it just depends on your particular set of business requirements if you want to remark signaling to for or to use it something somewhere else and then remark it later that's fine but certainly don't put anything else other than signaling in there you can tune FCoE but only for distance so this is physical distance of the fiber so 300 meters is the actual default tuned distance this is an MTU of 21:58 pause no drop is on and here's an example of tuning it for 3 kilometers ok MTU still 21:58 but the pause no drop at the end of that command has the argument the buffer size 152 triple 0 and again this is the buffer size this is basically saying hey we have longer distance to traverse so based on that we're going to pause or send a pause if we go above the threshold of 103 360 and we're gonna resume when we fall back below 83 thousand bytes but the overall buffer size the maximum is 152 or 152 K okay hardware specifics for the nexus 2000 this is a layer to line card this is not a switch let the effects is not a switch and it's also not a distributed line card so what we don't have is instructions written from the supervisor or the 5k whatever we're working on down to the line card where it can switch traffic locally it also is only able to classify on cost value now we talked about the others are only able to map to queue on cost value but they can still classify dscp we can classify traffic to dscp from effects but it has to first come up from the facts into what are called the UPC or the unified port controller these are basically the the port controller that handles the hardware architecture for the FEC's ports as they are leaving or coming from basically the 5k attach ports okay where we said switch port mode affects fabric those are the unified port controller or I should say the unified port controller controls any ports that we turn into switch port mode effects fabrics so once they come up through the UPC then we can classify based on layer three Nexus 7000 FCoE is only supported on f-series line cards there's an existing non changeable policy template for FCoE and now we're gonna actually take a look at I've already said all this but we're gonna take a look at some breakout configs let's login to a switch and let's go ahead and we'll just do a show interface a11 capabilities and we'll note that our QoS scheduling for receive queue we've got an 8 Q 2 T model now again this is an m1 line card so the majority of our queue buffer memory is allocated to the transmitted or egress direction where we have a 1 p 1 priority to a sorry 7 non priority queues and for overall tail drop thresholds we can do class of service and type of service rewrites and this gives us a lot of other information but that's pretty much them the important bits for us for quality of service if I do that same command but for the e 2/1 the F 132 XP I see that I have an 8 q 40 previously on the ingress I had an 8 q 2 T so this is where the majority of our ingress memory is here is on the end as I just said on the ingress but the 8 q 40 and then on the egress the transmitted direction I actually have three priority queues and five non priority queues for a total of eight and one overall tale drop threshold okay so the QoS capabilities are quite different so let me just go ahead and bring over see oops you bring up a text document here and I think what I'm gonna do is I'm just going to go over some of the stuff that I've written out and again all of this is in the configuration guides on cisco.com but here's what we might want to do classify on ingress and this is for a 50 500 series switch okay so I have created different class Maps here class map type QoS and by default if you don't type anything if you just say class map match any or match all again match all matching all the criteria in their boolean and match any boolean or' but if you don't type any type or if you don't you know configure any type it's going to be the type QoS so I've just labeled it QoS costs one and I'm just matching based on cost one okay I've got match all cost two matches cost two and so on and so forth fairly self-explanatory then I have maybe gone ahead and created some access lists so I created access list queue s-voice permit UDP from anywhere and from the range of 16 384 up to 32 768 really this should third be 32 767 well I guess actually if it's a range it would be 32 768 if it's a increment by it would be 16 383 87 anyway to the range of 16 384 32 768 and then deny any IP IP so all I'm doing is using this for classifying my interesting traffic maybe I created an access list for qsr real time video and I specify a particular subnet where I want that trap it to come from and go to a place where I know where I have voice sorry video based traffic and it's on the ephemeral ports above 10:23 and I have IP access list QoS signaling where I enumerate out TCP 2024 43 or skinny and secure skinny 5064 sip I didn't put 50 61 for secure sip I could have done that UDP 24 27 and 28 UDP and TCP I should say respectively for mgcp and backhaul q.931 backhaul and 17 19 and 20 for h.323 razz and h.323 fast start then I just create class map type QoS and I can match those access groups so I'm basically doing the same thing as I was up here but instead of matching costs I'm matching based on explicit classification then I create a policy map whoops of type QoS give it a name and I say call QoS class voice set the QoS group to 5 call class real-time video set the group to for signaling set the group to 3 then I call some of the other classes where I matched based on the existing cost value trust those essentially set the QoS group to five four three two and and then also for one I'm gonna set the QoS group to - the reason being QoS group one is hard coded for FCoE want to leave that for FCoE okay then I'm going to apply those to a system QoS and applying to the system QoS really applies to all ports and asics at once so it's quite effective and it minimizes my you know configuration bloat that might occur so I can say system QoS service policy for the tight QoS because I can put other service policies here for the type like Network QoS or queuing and I specify the direction so input QoS classify so what I'm basically saying is go right out effectively right out to every single port on the ingress Direction this QoS service policy it's the same as going to every interface and saying service policy type QoS input this policy for class vacation okay and then I might also choose to override the system QoS purport as needed for one-offs so if I put something on the port it's more specific than what's in the system again on the five thousand and F cards I'm gonna queue on the ingress so I'm gonna match the QoS group that I previously set in the Kaw QoS type service policy and for the type queuing I'm gonna match that group then I'm gonna create a policy map with that type queuing and then I'm gonna call up the class that I just used and I'm gonna set let's say bandwidth for instance so bandwidth percent twenty five bandwidth percent fifteen maybe I'll set priority along with bandwidth percent fifteen so again this is saying strict priority in iOS this would have said priority fifteen percent so something like that or priority percent fifteen okay it's just doing those two things but on in iOS was still doing two things it was just on one line in nx-os it's doing the two things on two separate lines and then I'd go back to maybe system QoS and say service policy type queuing input Y input because I'm on a ingress primarily ingress queuing architecture then I need to deal with the system crossbar fabric QoS so I'd say something like class map type network QoS okay so the type network QoS is the difference here and I just labeled it NQ for Network QoS cost five so I'm matching those QoS groups that I previously set that temporal tag that I applied and here's where the magic comes and here's where the bulk of my configuration comes in first of all I have two class type network QoS that I can't change per se well I can't I can't do away with them and that is something we're probably already familiar with class class default and then I also have the class of class - FCoE the MTU is 21 58 pause no drop which is auto-tuned not like the auto-tune in YouTube and I'm not gonna do a demonstration I thought about it but not a good idea but auto-tune for 300 meters probably don't need to change this pause no drop for the buffer size that we talked about earlier custom tune for 3 kilometers if you need something different than that see your system se from Cisco and they will get you in touch with the developers to come up with a custom number but don't change that yourself at all unless you really know what you're doing ok then I pull up my network QoS for NQ cost 5 maybe I set the cost to 5 again remembering that this could be as the traffic is coming into the crossbar front for the first time but it's also as its leaving I'm sorry not the crossbar fabric but the layer 3 daughter card of a 5k coming into it so we don't necessarily need to set the cost we do need to set the MTU at that point but if it's coming back out of a layer 3 daughter card we need to tag that cost value again ok the MTU now it didn't lose its QoS group tag it just lost its cost tag its layer 2 cost value so we set that cost value again we set the MTU which we actually don't have to do that the default is 1500 and we optionally set the Q limit how deep is the Q ok here's cost 1 maybe we're tuning this particular Network QoS for 9216 something like I scuzzy and then we apply that service policy now I also promised that I would give you a bit of actually one other thing I want to mention that you can do with the the layer 2 facts other than classifying things on the ingress portal other than doing standard 5500 or 5k information in terms of ingress queuing in terms of ingress classification based on costs or ingress class vacation based on dscp if I'm coming into the UPC ports one of the other things I can do is I can tune the overall Hardware limit this is actually done under the FEC's command sofex 102 or 101 or whatever you've specified I can say based on the hardware if it is this type Hardware for instance this is what we have one of them set the cue limit for each cue to this depth now the problem is I can potentially create cue depths that are larger than what the overall switch has or line card has available to it and I can starve other cues so you really want to be careful when you're tuning this but it is something that we have available to us and the last thing I want to show is a comparison and I'm only using the same document because I've got the the font face in large enough to where I want it for the screen but I'll post these in three separate downloadable class file documents so an example I should actually have two different examples from 6500 config to Nexus 7 K config comparisons so 6500 we turn on MLS QoS we do something like an interface range and we trust we do an MLS QoS trust dscp or an MLS QoS trust cost or MLS QoS trust device Cisco phone where we make it a conditional trust of the DHCP or of the cost if CDP or LDP med tells us that it is a phone then we have something like weighted roundcube bandwidth 100 150 200 again we're not giving it two hundred percent of the bandwidth we're simply saying service this q3 now this was defining the distributed weighted round robin scheduling for a one p3q 8 t so what is it we're defining the bandwidth for or the servicing for we're surfacing or we're defining the servicing for the three non priority queues these guys right here the priority queue doesn't get servicing its strict priority it always gets its bits on the wire first but q3 is gonna get its bit servitor it's its queue service twice as often as q1 and it's gonna get basically a 2 to 1.5 ratio - q2 I could have just as easily done this right 10 15 20 % ok next if I take a look at 7p or sorry one p7q 8t I should have 7 values here 1 2 3 1 2 3 4 so I'm essentially saying Q 1 2 & 3 are defined the others are not defined they don't really get a share they're not considered I probably am not putting anything in those queues if I am then they are you know if I am putting something in there then they're just getting serviced best effort so I then I actually have my weighted round robin queue cost map where I actually have q1 + threshold 1 I'm putting cost value 1 for weighted round robin queue cost map q1 threshold - I'm putting cost value 0 q2 threshold 8 because remember this is a 7 q 8 t or really 8qs if I count the priority queue at threshold 8 I'm putting cost for q2 threshold 2 and one of the things this always seemed to confuse a lot of people it's really simple if you do a question mark this is one place where I highly advocate a question mark if I get out here - weighted round robin cost map and I simply say question mark it's going to tell me what value is it expecting next is it a queue is it a threshold or is it a cost value or is it a dscp value actually it would be dscp if I did a weighted round robin queue dscp map okay but I did cost map to compare Nexxus can only do cost mappings to the queue so then I also have priority queue cost map q1 is my priority queue and I'm going to put five in there okay the next is equivalent I have my one p7q 40 in the egress direction and specifically I'm dealing with the priority queue matching costs five so I'm putting cost five into the priority queue on the type of hardware that has this particular egress or transmitted key queuing and by the way this is not an arbitrary name I came up with this is in the system so if I just did class map type queuing match any question mark in fact let's just do that here class map type queuing match any question I've got all of these predefined this is basically all of the types of hardware that it has available to it whoops so and it's really helpful e telling us hey this is specifically the egress queue out the egress q3 of any type of hardware system-wide that has the hardware type of one priority Q 7 Q and 40 so what do I do I do that show e21 or show e11 whatever card I'm wanting to configure and I say hey this has a 3p5 q1 t ok so I come back up here and I look for 3p5 q1 t and I don't see 3p5 q1 t ok that's interesting so let's do but do I see an 8 Q 40 I did I only see an Ncube 2 T did I let's do a show interphase a11 capabilities so I do have a one p7q 40 so here are all my one p7q 40 in the egress direction q types I'll have to take a look and see why I didn't see the one for the f-series card in there but I've got my default Q I've got my q1 which is my priority Q and I've got Q's 2 3 4 5 6 & 7 so what does that mean default Q is Q 8 it's the only thing it can mean so I go into that and I actually say what type of traffic do I want to put in which Q this is the equivalent of this bit here weighted round robin cost map q and then ignore the threshold because I'm not doing Q and threshold on the same line like I do in cat 6500 and I'm saying the actual cost value going into the Q number then I'm saying policy map type queuing give it a name call up the class type queuing that I just defined or really that I just called into play say is it priority what is the Q limit Q limit maybe I can actually say not just a hard limit depth but I can actually say percentage I can say bandwidth remaining percent to define those bandwidth so this is more for a 7k it is a little bit different than the 5k but it still uses the same mqc architecture with there being a lot more granularity and really a lot of different hardware line card types that's where I have to have a little bit of different command line structure it's still in the mq c but i have to define per line card type whereas the 5500 depending on which 5500 you have it's it's all the same thing for that box okay and then I'm going to apply that in the egress direction on my cueing so this was before this was for a1 p7q 40 out here's another example a new example of a cat 6k with rated weighted red and eight Q's so let's say I've got interface range 10 gig Ethernet 1/1 through 4 and I want to say that I'm creating queue limit I'm basically allocating buffer space to my non priority queues ok so this is 1 2 3 4 5 6 7 so my seven queues up here I'm basically saying that I'm allocating 5 percent 25 percent 10 percent 10 percent 10 percent so these are 30 45 55 60 and 70 so I'm actually only allocating 70 percent really leaving 30 percent left over for that priority queue I also can do the bandwidth or the distributed weighted round weights again ratios to the overall and then I can say weighted round robin queue random detect 1 2 3 4 5 6 and 7 so I am going to set my minimum and maximum thresholds for the non priority queues okay so the minimum threshold for and this is actually if I go back up this is 8 tail drop thresholds / q / non priority queue so for Q 1 I've got 1 2 3 4 5 6 7 is was that 8 let's say 4 yeah because I'm gonna have my my priority queue is gonna be at 100% so basically I'm saying that all of these except for the first tail drop threshold are at the full 100% of the Q value okay and this is kind of typical but I could certainly could certainly say that I want you know different tail drop thresholds okay and then I assign those that traffic we actually already saw that before okay so I'm assigning things like spanning-tree queue 71 best let's say video q3 t1 so q3 tail drop threshold one is cost value 4 so the example here we already showed the costs to queue mapping and now we're gonna basically take a look at the tail drop to threshold mapping so I've got optional if I take a look at the queue limit command I'm saying cost value 1 and cost value 0 those are both falling within this hardware type for egress but specifically in q2 at threshold 100% or threshold only 50% of however much memory was there and however often it was serviced but specifically of the queue limit however much memory was assigned to this q2 cost 0 can use up to a hundred percent cost one which is my scavenger traffic can only use 50% now I've got these commented out because these are drop threshold values and I can either use drop thresholds or I can turn on random detect cost based so this is weighted random early detection based on the cost value I can turn on weighted red otherwise I have dropped thresholds I cannot turn on both these are mutually exclusive from one another here I also have random detect cost 7 and I give it a minimum threshold and a maximum threshold okay and I'm just going ahead and doing these pretty much the same thing for the different queues q3 and if you actually put these this nexus information beside the catalyst 6500 information it begins to make a little more sense side-by-side okay but I'm doing the same thing so for instance let's see what did I have [Music] q let's do our video cost for was in q3 threshold one where's my cost for there's cost six there's my cost for first of all I'm saying it's random detect or weighted random early detection based on cost value cost based is what makes it weighted red if I just said random detect it would just be red I'm saying cost for a minimum threshold of 80% a maximum threshold of 100 so that's where I'm really doing the costs to threshold mapping and again I can do dscp I could say random detect dscp based and random detect dscp cs4 or AF 41 and then define the threshold mapping from there as well once I've defined all those then I can tie it to the queuing output on the individual interface or system-wide if I like there is actually default QoS in fact let's just let's just take a look at this here real quick there is some default QoS in the system some of the things that you'll see are all of the no drop and drop classes so specifically some of the things for FCoE and again we'll get into more with FCoE as we get into the storage class we'll probably use a lot of the system defaults for those FCoE classes and we probably won't need to define anything else because it will make sure that the FCE gets into the proper class doesn't get dropped we want to make sure that that drop classes have no pause that they have some sort of congestion control like tail drop or and we can only again have one or random detect we want to make sure that our FCoE end drop or no drop basically no drop has the pause frame turned on or the pause capability we have no congestion control random detect we always have tail drop at the end we can't physically store more frames than we have buffer or memory space to do so it's just not possible makes sense kind of MTU 2112 again hard-coded there so we've got a lot of different defaults actually one of the things I want to take a look at real quick we've also got some default table Maps so CI are markdown or peak information rate markdown Maps okay so the default is to copy but if I I want to say from DSC p-value 10 or 12 to dscp 14 basically these are things that we can call into play to do mutation so either based on let's say a color policer or just if I want to actually do dscp or cost based mutations I can do those okay one of the other things I want to take a look at very briefly and again I'm by no means gonna go into every line is the control plane policing I basically want to show you that they have thought of a lot so first of all we start out they've pretty much thought of everything in nx-os to protect the control plane they start out with all the IP access lists that they've defined so something like permit TCP from anywhere greater than 1024 to anywhere equalling bgp and the converse okay and obviously that's the system a CLP ACL for bgp bgp version 6 which really isn't any different that i can see at a quick glance CTS so cisco trust sec TCP port 64-49 and back from 64-49 DHCP equaling boot PC and not equaling bootp but equaling back from bootp s ok control plane for a CL DHCP relay response ew g RP e IG RP 4 v6 ftp strangely enough even I guess maybe just 2 FTP traffic to and from files to and from the supervisor global load balancing HSR P so are different FH RPS ICMP again I'm not gonna go over everything but there is a lot here including a lot of Mac based ACLs that they have defined very specific MAC addresses that are used by the system MPLS labels MPLS OAM RSVP all sorts of stuff I'm not going to go over at all you can see it you can read through it show run all if you want to see it show running config all then they go into the control plane and state the scale factors and they call they create a class map for type control plane which is that fourth type and they call all the access groups and they call them in a few different specific classes once they're done calling the classes and calling the access group from those classes they create the policy map and they actually begin setting the cost value so things like critical traffic they set at 7:00 and give it a police or so it doesn't overwhelm okay so a Cir B sub C value for burst and then conform should transmit violate should drop so really a one rate to color police ER okay and so on and so forth on down and then they apply that control plane policy to the control plane using a service policy input and calling the policy map and then saying control plane policing profile strict so that's the control plane policing that's a default part of Nexus 7 K again they've really thought of everything I haven't gone through it and found anything that I'm thought they missed and certainly a lot more than I knew in turn of MAC addresses and everything so it's really quite exhaustive and it's quite useful [Music]

Info

Channel: IT-TALK IT-TALK

Views: 2,315

Rating: undefined out of 5

Keywords:

Id: 8WyvUCC-SM4

Channel Id: undefined

Length: 56min 38sec (3398 seconds)

Published: Fri Nov 23 2018