Page 49

2-5

Cisco AVVID Network Infrastructure Enterprise Quality of Service Design

956467

Chapter 2 QoS Considerations When Connecting End-Points to an AVVID Network

Summary

Less-than-Best-Effort

Less-than-best-effort (<BE) traffic can be defined as traffic that can be bandwidth intensive but should
be given less preference than other traffic by the network when periods of congestion are encountered.
These applications are often batch updates or large file transfers that can be easily identified by the IP
addresses of the devices in the conversation or by well-known TCP or UDP port numbers.

Classification of this type of traffic is most effectively achieved at the edge of the network though the
utilization of MQC configuration where ACLs can be used to identify the traffic by IP address or
TCP/UDP port numbers.

Peer-to-peer file sharing applications, such as Napster, KaZaa, and Gnutella, also fall in to the category
of less-than-best-effort traffic. These types of applications can have considerable impact on network
utilization and they are relatively difficult to identify by IP address and/or TCP/UDP port numbers.

Chapter 4, "QoS in an AVVID-Enabled Wide-Area Network"

contains detailed examples of the

application of NBAR to identify and classify these types of less-than-best-effort applications with MQC
configuration.

Less-than-best-effort traffic should be marked with a DSCP decimal value of 2, 4, or 6 so that MQC can
be used to limit the amount of bandwidth that less-than-best-effort traffic can consume and affect the
drop preference of this type of traffic during periods of congestion.

Summary

In order for the network to be able to recognize and provide preferential treatment for applications that
are loss, delay, and delay variation sensitive, classification and marking at Layer 2 (802.1Q/P CoS) or
Layer 3 (IP TOS DSCP or IP Precedence) must be established. To insure that only the intended traffic
is classified and treated preferentially, a trusted edge must be established. The trusted edge is where
classified traffic from trusted sources is allowed to enter the network and where classification of traffic
from untrusted sources is applied. The ability to allow classification to enter the network from a trusted
source is enabled via the use of the interface/port level commands trust cos, trust dscp, or trust ip
precedence

. Additionally, when an IP phone is present, the trust state of the phones PC port must be

established. This is accomplished via the trust-ext interface/port-level command.

Classification of traffic from untrusted devices or from devices that are unable to correctly mark their
traffic with a Layer 2 CoS or Layer 3 ToS (DSCP or IP Precedence) value can be accomplished in one
of two ways.

If all the traffic entering the network from a given device should receive the same classification, the
set cos

or set dscp port- level commands can be used.

If the traffic entering the network from a specific device requires multiple classifications types (as
with a VoIP gateway where VoIP bearer and control traffic must be classified with different DSCP
values), MQC configuration is required. Using MQC, interesting traffic is identified through ACLs
and MAP CLASS statements and specific treatment/classification is applied via a service-policy.

In short there are many ways to accomplish classification of traffic at the edge of the network the
selection of which is dependent on the requirements that the application has of the network.