DLSW+ Traffic Classification

Similar Messages

• Traffic Classification in GSM MPLS Backbone

  Hi Experts,
  can anyone share how traffic classification is done in the backbone of a 3G GSM operator? I mean, how we should map voice, Gn, Gi, etc. traffic into DSCP? Or maybe can anyone point me to a document that can be reference for this?
  Thanks,
  Prima

  Typically your provider should provide you with the provisioning of the queues that they have, and what DSCP values they want to see for each of the queues.  Generally speaking, for MPLS, you use:
  EF - real time traffic (voice media)
  AF31 - voice control
  AF41 - video

• Catalyst 2950-EMI, QoS, traffic classification and shaping

  Dear All,
  Can 2950-EMI perform traffic classification and shaping?
  Let's say I have some workstations attached on my 2950 and I want to perform traffic classification and shaping on the uplink based on the IP address of workstations.
  Thanks a lot.
  mak

  Shaping is not supported. But you can classify and use policing instead.
  http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12120ea2/2950scg/swqos.htm

• How does QoS work with WAAS WCCP? What's the interaction between QoS Traffic Classification and WAE Traffic Application Policy?

  How does QoS work with WAAS WCCP? What's the interaction between Router QoS Traffic Classification and WAE Traffic Application Policy?

  By default, WAAS preserves the DSCP marking on intercepted packets.  There is a configuration option to set/override the DSCP value at the global (device), application, and classifier levels.  Currently WAAS provides marking only.  There is no action taken by WAAS based on the DSCP value.
  Regards,
  Zach

• CBWFQ for DLSw traffic

  I have configured CBWFQ for DLSW traffic on int s3/0.1, but the interface still shows "
  Queueing strategy: fifo", any ideas?
  interface Serial3/0
  no ip address
  encapsulation frame-relay
  no fair-queue
  frame-relay traffic-shaping
  interface Serial3/0.1 point-to-point
  bandwidth 512
  ip address 10.1.1.1 255.255.255.252
  ip nat inside
  frame-relay class DLSW-Class
  frame-relay interface-dlci 100
  class-map DLSW
  match access-group 100
  policy-map DLSW-Policy
  class DLSW
  bandwidth 20
  map-class frame-relay DLSW-Class
  frame-relay adaptive-shaping becn
  service-policy output DLSW-Policy
  access-list 100 per tcp any any eq 2065
  access-list 100 per tcp any eq 2065 any

  Remember you will not see a match until the router is experiencing congestion. Queuing is a technique used in internetwork devices such as routers or switches during periods of congestion. So unless you experience congestion, you do not queue.
  for your config..
  change class map to this:
  class-map DLSW
  match protocol dlsw
  DLSW can use 4 ports. 1981 to 1983 or 2065. The protocol DLSW command will automatically recognize the protocol. You can also issue a "show tcp brief" command to find out what port you are using for DLSW.
  Also, with DLSW+, the router automatically sets the IP precedence to 5 (DSCP 40) on DLSW+ packets on port 2065.
  The ip precedence is also change on the 1981 - 1983 ports as well.
  on port..
  1981 the ip precedence is set to 4
  1982 the ip precedence is set to 3
  1883 the ip precedence is set to 2

• Voice video traffic classification

  Hi All,
  A simple query.
  With Cisco ios NBAR, when we say 'match protocol rtp video' , do we also match the audio embedded in the video stream ? .. or does that audio get matched only with the 'match protocol rtp audio' statement ?
  Also, is the 'match protocol rtp audio' statement sufficient to match all voice traffic from IP phones on the LAN ?
  Regards,
  Amit

  Hi Amit,
  Match protocol rtp video will match only video.
  In regards to your second question:
  Match rtp audio is good but it should be just a part of full end-to-end QoS policy and you should not only just rely on that.
  While deploying QoS - there are some best practices, like marking closest to the source. Most VoIP end devices, servers will mark the traffic (audio as 46 and signalinging as 24 at either l3 or like in case of phones at l2 level)
  You should configure QoS on catalyst switches.  Traffic is already marked you need to enable trust on the switches and ensure traffic is priortised and markings are carried to routers. At routers you can catch this based on markings, protocol (like rtp audio), source/destination, and several other criteria. Then this is sent across WAN with appropriate markings and get preferential treatment in Service Provides network and markings are maintained through out.
  So just to summarise yes it should catch audio by matching rtp audio but for QoS to work effectvely you should deploy QoS based on a wider policy that makes sure voice traffic is priortised at all possible levels.
  Hope it helps.
  Terry
  Please rate if you find it helpful.

• Cisco Prime 2.1-Traffic Classification

  Hi Experts,
  In cisco Prime 2.1, under Performance->service assurance, Top N Application shows 'unknown traffic' as highly utilized. How to find out what is that type of traffic..?
  Thanks in advance

  You can thin provision. Trying to change the overall profile though will most likely result in issues sooner or later. When you run out of disk space it will fail in ungraceful ways.

• Botnet Traffic Filtering option in CSM 4.0 evaluation

  I have CSM evaluation 4.0. (about 50 days left) and deployed Botnet Traffic Filtering rules with traffic classification rule according to http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/4.0/configuration/example/sm400bot.html#wp51455.
  I don't see any botnet activity logs neither via ASDM nor via CSM.
  Does this logs include all activities according to access rules for Botnet Traffic Filtering or only detected botnet traffic?
  How can I be sure that Botnet Filtering checks all the packets to my test zone?
  Does this evaluation version support monitoring activities logs and access to blacklist server?
  Thanks in advance.

  Hi,
  mm, I could not find the proper documentation (i see it for LMS...) anyway, you can try the following:
  1- stop the server
  net stop crmdmgtd
  2- Erase the DBs
  set NMSROOT=c:\progra~2\cscopx
  %NMSROOT%\bin\perl %NMSROOT%\bin\dbRestoreOrig.pl dsn=cmf dmprefix=Cmf npwd=admin
  %NMSROOT%\bin\perl %NMSROOT%\bin\dbRestoreOrig.pl dsn=vms dmprefix=vms npwd=admin
  If using Performance Monitoring (MCP):
  %NMSROOT%\bin\perl %NMSROOT%\bin\dbRestoreOrig.pl dsn=mcp dmprefix=mcp npwd=admin
  NOTE:
  NMROOT is the root where CSM is installed. I am assuming you are using default settings for Win2008 but you need to change if you installed somewhere else
  3- restart the server.
  net start crmdmgtd
  Please note that all you data will be lost. Also, make sure to have the license handy as it might be required to install the license again.
  Also I would suggest you do a backup of your DB before you perform these steps
  Stefano

• AVC not dropping traffic

  Hello,
  I've got a cisco WLC 2504 with the latest firmware. And created an AVC profile to drop Whatsapp and Facebook traffic.
  I added this to the WLAN I configurerd, but the traffic doesn't get dropped with cell phones.
  If I've a cell phone which has the apps (whatsapp and Facebook) installed, AVC wont drop te traffic.
  It does drop the traffic if I use a browser to go to Facebook. Is this some kind of bugg?
  Regards,
  Tom

  Unfortunately you have to wait for the next release of software code (not sure when 8.0MR1 comes it will have the updated protocol pack),.
  Even if it is a bug, without updating these AVC signatures, I do not think you can fix it. Here is the release not confirming this
  http://www.cisco.com/c/en/us/td/docs/wireless/controller/nbar2_prot_pack/11-0-0/b-nbar2-prot-pack-1100/b-nbar2-prot-pack-1100_chapter_010101.html#wp2108825774
  Network-Based Application Recognition (NBAR2) Protocol Pack 11.0.0 support is provided for Cisco Wireless LAN Controller platforms, starting with the 8.0 release.
  NBAR2 Protocol Pack 11.0.0 is supported on the following Cisco Wireless LAN Controller platforms:
   Cisco 5508 Wireless Controller
   Cisco Flex 7500 Series Wireless Controllers
   Cisco 8510 Wireless Controller
   Cisco Wireless Services Module 2 (WiSM2)
  Note
   Cisco Wireless LAN Controller software release 8.0, uses NBAR engine 16, and contains NBAR2 Protocol Pack 9.0.0 built-in. For more information on software releases and compatible protocol packs, see Working with Protocol Packs.
   Though the NBAR2 protocol library and the protocol signatures support IPv6 traffic classification, Cisco Wireless LAN Controller platforms currently support only IPv4 traffic classification.
   The Cisco 2504 Wireless Controller supports Application Visibility and Control, but supports only built-in protocol packs present in Wireless LAN Controller software releases. It does not support downloading and installing protocol packs.
  **** Pls do not forget to rate our responses if it useful ****
  HTH
  Rasika

• =SNA/DLSw+ & Impact Question=

  Hi all,
  this is related to discussion:
  http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=LAN%2C%20Switching%20and%20Routing&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1dd82da4
  I opened this new one since my question was answered.
  Our Topology:
  Server---L2 switch---L3 Dist switch---Firewall---L3 switch(Core)--Firewall--CLOUD--IBM host
  The server would generate both IP and SNA traffic (port LU6.2). All media are ethernet. The L3 switches are DLSw+ capable. I don't know much about the firewalls and I don't have control in the cloud because its under a different administrator.
  Questions:
  1. if I would use DLSw+, I need to bridge the ethernet port of the L3 Dist switch connecting the Server side. But, the server's connection is part of a VLAN, so, in the config of L3 Dist Switch, I would need to bridge the VLAN to DLSw. Would this setup impact the original behaviour of my VLAN? The VLAN is a Switched VLAN interface routed to another VLANs also.
  2. Is it possible to control the port that would be used where the DLSW+ would pass through? I think I would have problems w/ our Firewall which requires source-destination ports and IPs to pass traffic.
  Any suggestions/opinions are very much welcome... thanks!!!
  rodney

  Hi,
  if you are using vlan interfaces already than your configuration would look similar to this:
  dlsw local-peer peer-id 10.10.10.1
  dlsw remote-peer tcp 0 20.20.20.1
  dlsw bridge-group 10
  interface loopback 0
  ip address 10.10.10.1 255.255.255.0
  interface vlan 234
  ip address ...
  bridge-group 10
  bridge 10 protocol vlan-bridge
  that would allow you to bridge sna traffic into dlsw.
  It assumes that 20.20.20.1 is the local peer configured on the partner router in front of the host.
  The local peer tied to the loopback interface is just an example.
  If you have i.e. more than one vlan you want to bridge than you can create multiple bridge-groups and you can configure multiple dlsw bridge-group statements. This way you bridge multiple vlans into dlsw but you dont bridge them together.
  If you know the sap's you are using for sna, default is 4 as far as i know. Most commonly known are 4,8,12 than you can create an access list like this:
  access-list 200 permit 0x0000 0x0d0d
  and apply it to the bridge-group command on the interface.
  interface vlan 234
  bridge-group 10
  bridge-group 10 input-sap-list 200
  that allows only sap's 0,4,8,12 with and without the response bit set into the bridge group and effectively blocks all other traffic.
  In respect to the tcp ports that dlsw is using over the WAN. Dlsw version 1, RFC1795, that is what cisco is using, opens always two tcp sessions at startup.
  This router starts the connection, it opens a tcp connection on the destination port 2065, source port is a random port above 11000.
  Now the receiving end is also opening a tcp session back to the first router. Destination port 2065, local, source port is a random port above 11000.
  Next the dlsw capabilities exchange happens and the two peers exchange their information. Once they detected that they both are cisco devices and that they both support the usage of only one tcp session in both directions the one with the "numerically higher ip address" will drop its connection on the local tcp port 2065.
  The remaining tcp connection is used for dlsw traffic in both directions.
  this is described in detail in RFC1795, section 7.6.7.
  thanks...
  Matthias

• SNA and QOS

  Subject: SNA/QOS
  I AM CURRENTLY RUNNING 12.1(11a) IOS ON A ROUTER BASED NETWORK WITH FOUR
  7500 ROUTERS. I AM CURRENTLY RUNNING CUSTOMER QUEUEING AS MY QOS. I AM
  NOW LOOKING TO USING LLQ W/ CBWFQ AND DISTRIBUTED MODES, AS WELL. I HAVE
  VIP-40 CARDS IN ALL ROUTER. HOWEVER, MY NETWORK IS COMPOSED OF --
  TP0 - BATCH TRAFFIC
  TP1- INTERACTIVE TRAFFIC
  TP2-CONTROLLED TRAFFIC - HIGH AMOUNTS
  I HAVE BEEN TOLD THAT CISCO'S QOS WILL SUPPORT TP1 TRAFFIC SO, I AM
  CONCERNED ABOUT MY TP2 (CONTROLLED TRAFFIC) AND IF I CAN IMPLEMENT LLQ/CBWFQ
  INTO MY NETWORK.
  I WOULD LIKE TO IMPLEMENT THIS FOR MY CRITICAL APPS SUCH AS SNA, AND HTTP
  WEB BASED APPS. THUS, LIMITING MY SQL, FTP AND TELNET TRAFFIC.
  THANKS IN ADVANCE.
  ANY PPT FILES WOULD BE APPRECIATED.

  Hi Connie,
  You open the door to an interesting discussion, by including both SNA and QoS in your question. As you know, a variety of QoS mechanisms have been available for SNA traffic for quite a while. I can't tell from your description what sort of traffic is contained in "TP2-CONTROLLED", so I will assume it is voice and video traffic, and not the "TP2" from OSI Transport Protocols.
  The quick answer is that you can definitely support TP1 traffic while protecting the quality of your TP2 traffic. Essentially you decide what percentage of the available bandwidth to allocate to each class of traffic, providing a minimum guaranteed value. In addition, there is a special class, Low Latency Queuing (LLQ), available for delay and jitter sensitive traffic such as voice. Within each traffic class, IOS will then provide Weighted Fair Queuing (WFQ) for each unique flow (session). This becomes a bit more interesting when combined with different WAN types such as frame relay and ATM, you can take advantage of the VIPs that you mention, and there are considerations for low speed circuits. So here are a couple of URLs that provide more information.
  http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/qos_c/qcprt2/qcdconmg.htm
  http://www.cisco.com/univercd/cc/td/doc/product/voice/ip_tele/avvidqos/qoswan.htm
  Coming back to the SNA traffic, I assume you're currently using custom queuing with DLSw+, using the priority parameter to create four TCP connections, and classifying traffic using one of the three available methods. In moving to a CBWFQ model, you will want to map the existing custom queues into the newly created classes. In other words, you can continue to use the same classification techniques, while changing to the easier to define, and more efficient WFQ for output queue processing.
  The absolute best traffic classification comes with using the Enterprise Extender (EE) feature of SNASw. When SNA traffic is sent across an EE link, the precedence bits in the IP packets are automatically marked with the same values that are used in the SNA Class of Service (CoS). Since SNASw is our APPN node implementation, propagating the precedence markings from SNASw to DLSw+ also provides an automatic means of classifying the SNA traffic.
  Rgds, Dan

• A problem with ACL in the class-map on the ACE module

                    Hi all,
  I configured the following on the ACE module:
  object-group network test
    host 192.168.1.21
    host 192.168.1.22
    host 192.168.1.23
  object-group service port
    tcp eq www
    tcp eq 8080
  access-list T line 8 extended permit object-group port object-group test any
  I tried to configure a class-map for matching this ACL:
  ACE-4710-2/Lab-OPT-11(config)# class-map match-any TEST_C
  ACE-4710-2/Lab-OPT-11(config-cmap)# match access-list T
  Error: Cannot associate acl having object-group ACEs in class-map.
  So couldn't I  configure the class-map by using ACL with object-groups involved? Is it the bug or the normal behaviour? Because the customer uses object-groups in ACLs and he has to configure ACL without object-groups for the traffic classification. It is horrible.
  Thank you
  Roman

  Hi Roman,
  I'm afraid it's the expected behavior. You cannot use an ACL with object-groups inside a class-map.
  Regards
  Daniel

• Load Balance & Fault Tolerance

  I need do design a solution for load balance the DLSw traffic between 4 central routers and, if this 4 routers fail (oe wan fail) all peers and circuits need to be restablished on other site with other 4 routers.
  To balance the traffic I will use the DLSw circuit count. To provide fault tolerance between sites I thinking to use backup peer.
  My question is, "circuit count" will work togheter with "backup peer" ?
  Thank´s in advance.

  Only one backup dlsw peer is allowed. I cut and paste the following when I try to define more than one backup peer:
  c3-2500(config)#dlsw remote-peer 0 tcp 2.2.2.2
  c3-2500(config)#dlsw remote-peer 0 tcp 3.3.3.3 backup-peer 2.2.2.2
  c3-2500(config)#dlsw remote-peer 0 tcp 4.4.4.4 backup-peer 2.2.2.2
  %Primary peer already has backup defined
  There are a number of approaches:
  1. Remote routers have 8 peer connections. The cost for A, B, C, and D are lower than that of E, F, G, and H. Normally, the circuits are distributed among A, B, C, and D. Even one or more than one of A, B, C, and D goes down, the rest will take the load. If all A, B, C, and D goes down, E, F, G, and H will take all the circuits.
  2. Slightly different than 1. Instead of making E, F, G, and H are permanent DLSw peer connection, make E is a backup peer for A, F is a backup peer for B, and so on.
  3. Just another idea. Have you considered SNASw using HPR/IP? It may take you a while to set up on the host. However, this is the way to go because IBM has stopped selling 3746/3745. All SNI link will eventually go to HPR/IP.

• Best practices for Voice over MetroRing

  Hi, We have installed a MetroRing Gigabit Ethernet using 3550 and 6500 Catalyst switches. Today, only data is running, but looking at tomorrow, when voice/video be requested, I am trying to find some best practices for QoS or traffic classification. If you can point me to some of them will be great.

  Hi,
  You might also find those useful: " LAN QoS"
  http://www.cisco.com/web/about/ac123/ac147/ac174/ac176/about_cisco_ipj_archive_article09186a00800c83cd.html
  and "Cisco AutoQoS White Paper"
  http://www.cisco.com/en/US/tech/tk543/tk759/technologies_white_paper09186a00801348bc.shtml
  as well as "Configuring QoS" for Catalyst 6500 switches
  http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a008007fb2b.html
  The most comprehensive starting point will be: "Quality of Service (QoS)"
  http://www.cisco.com/en/US/tech/tk543/tsd_technology_support_category_home.html
  Did this help?
  Martin

• Does Huawei router NE40 support Class-Based QoS?

  As I know Class-based QoS defines traffic classifiers based on certain rules and associates traffic classifiers with certain traffic behaviors, forming certain traffic policies. After
  these policies are applied to interfaces, class-based traffic policing, traffic shaping, congestion management, and precedence re-marking are implemented.
  Does Huawei router NE40 support Class-Based QoS？

   The NE80E/40E supports DiffServ and provides standard forwarding services such as EF and AF for users by using the following traffic management measures:
  1 Traffic classification
  2 Traffic policing
  3 Traffic shaping
  4 Congestion avoidance
  QoS of the NE80E/40E supports traffic policy with the above measures and mapping between the QoS fields in the IP header and the MPLS header.
  And more information about router NE40, please visit:
   http://www.huanetwork.com/huawei-router-ne40e-series-price_c89