Policy Manager Dialog Box Reference

Available Interfaces

The interfaces that you can add to the group. This does not include interfaces that already belong to the group or to a different group, or interfaces that do not satisfy the interface characteristics defined for the group.

You cannot place a single interface into more than one device group.

Only interfaces defined in the database appear in this list.

Group Members

The interfaces that are already part of the device group.

>> button

Click this button to add the interface selected in Available Interfaces to the Group Members list.

<< button

Click this button to remove the selected interface from the Group Members list. The interface is returned to the Available Interfaces list.

When you remove interfaces, the QoS property and associated policies (for example, for priority queuing and custom queuing interfaces) are copied to the interface. You are asked whether other policies defined on the group, such as coloring or shaping policies, should be copied to interfaces that you are removing. If you click Yes or Yes All, the policies are copied, meaning there is no change to the services provided by the interface. If you click No, the policies are not copied to the interface, changing the services provided by the interface.

Name

The name of the application service alias.

Protocol

The protocol used by the packets. If the protocol you want to use is not listed in the drop-down list, enter the protocol's number. For a list of protocol numbers, see RFC1700, "Assigned Numbers," at http://www.ietf.org/rfc/rfc1700.txt.

Host

The host name or IP address of the server or subnet from which the packets originate.

Mask

Optionally, the subnet mask that, combined with the IP address, signify the subnet from which the packets originate.

Port

Optionally, the port from which the packets originate.

You can indicate a range of ports by entering the start and end ports separated by a hyphen. For example, to specify ports 100 to 110, enter 100 - 110.

Table of application services

Each row in this table represents a separate application service, with these properties:

• Name—The name of the alias.
  
  
• Protocol—The protocol used by the packets.
  
  
• Host—The host name or IP address of the server whence the data flows.
  
  
• Mask—The subnet mask which, combined with the IP address, signifies a subnet.
  
  
• Port—The port used by the packets.
  
  

Add button

Click this button to add an alias to the list.

Edit button

Click this button to change the properties of the selected alias.

Delete button

Click this button to delete the selected alias.

Available Interfaces

The device's interfaces that are available but not selected to be added to the QoS database

Use Ctrl+click to select more than one interface at a time, Shift+click to select a range of interfaces.

Selected Interfaces

The device's interfaces that are selected to be added to the QoS database.

Use Ctrl+click to select more than one interface at a time, Shift+click to select a range of interfaces.

When you click OK, these interfaces are added to the database.

>> button

Click this button to add the interfaces selected in Available Interfaces list to the selected interfaces list.

<< button

Click this button to remove the interfaces from the Selected Interfaces list. The interfaces are returned to the available interfaces list.

If the interface already exists in the QoS database, any policies defined for the interface are removed. If the interface belongs to a device group, it is removed from the device group. These database changes are not made until you click OK.

Name

The name of the device group.

Device Model

The device model on which the interfaces reside.

Besides specific device models, you can select these groups of devices:

• IOS Family—Any device running IOS software except for Layer-3 switches and Catalyst 3500XL and 2900XL devices.
  
  
• L3 Switching Family—Layer-3 switching devices.
  
  
• Cat3500 Family—Catalyst 3500XL and Catalyst 2900XL devices.
  
  

Software Version

The minimum software version used on the interfaces in the group.

You must select a device model before you can select a software version.

You can group only interfaces that are running this version of software or a compatible version so that you cannot choose an impossible QoS configuration for an interface. (See Understanding Which Interfaces Can Be Combined in a Group.)

Interface Type

The type of interfaces that the group contains.

When selecting interfaces to add to the device group, only the specified type of interfaces will be available.

Select Any if you do not want to restrict the group to a specific type of interface.

To use Frame Relay traffic shaping on Frame Relay interfaces, the group can only contain Frame Relay interfaces.

Card Type

Whether the interfaces are on a VIP or non-VIP card.

The QoS capabilities for interfaces on VIP cards are different from those available on non-VIP cards.

Group Contains

Whether the group contains regular interfaces or subinterfaces.

If you are limiting the device group to Frame Relay subinterfaces, you must further distinguish the type of subinterface:

• Select Subinterface to only include subinterfaces whose interface does not have FRTS enabled.
  
  
• Select Subinterface with FRTS to only include subinterfaces whose interface does have FRTS enabled.
  
  

In either case, you cannot change the interface's use of FRTS while one of its subinterfaces belongs to a group.

You cannot combine regular interfaces and subinterfaces in a single group.

Also, if you do not enable FRTS for Frame Relay groups, then you can add only interfaces that do not have FRTS enabled on them to the group.

QoS Property

The QoS queuing property that should be assigned to the interfaces in the group.

Select Defined By Interface if you do not want the device group to define the interface's QoS property, and you instead want to define the property on each interface. This is appropriate if you are using the device group mainly to apply common policy statements rather than common queuing properties.

See What Types of Quality of Service Does QPM Handle? for more information on queuing techniques.

Selecting certain QoS properties adds additional fields to the dialog box. These fields are settings specific to the selected queuing property, or they are other QoS techniques that can be configured when using the selected queuing property.

Configure on PVC

Select this check box to configure Class Based QoS on the ATM PVCs, rather than on the subinterfaces.

Appears only for a group of ATM subinterfaces, when Class Based QoS is selected for QoS Property.

Queue Limits

The limit for the number of packets allowed in each priority queue. You can enter limits in any combination of the four queues. Once the limit is reached, packets are dropped.

Queues can be from 0 to 32767 packets.

Available only if you select Priority Queuing for QoS Property.

Packet Size (bytes)

The typical packet size that traverses the interface. QPM uses this value to calculate the byte size of the custom queues, the queues being a multiple of this packet size. You do not have to carefully calculate this value. Instead, pick a number that you feel would be an appropriate size for the smallest queue on the interfaces.

Available only if you select Custom Queuing for QoS property.

WRED Weight

A factor used to determine the rate at which packets are dropped when traffic congestion occurs. The weight must be between 1 and 16. Use the default unless you determine a different factor is desirable.

• Advanced button—Click this button to configure advanced WRED properties (described in the "WRED Advanced Properties Dialog Box" section.) Available only on groups that require an IOS software version that supports advanced WRED configuration.
  
  

Available only if you select WRED for QoS property. See the IOS software documentation for a detailed discussion of the random-detect weighting factor.

Frame Relay Traffic Shaping

Click the plus sign (+) to display parameters for Frame Relay Traffic Shaping.

Enable Frame Relay Traffic Shaping—Select this check box if you want to use the rate control features of Frame Relay traffic shaping (FRTS) on the interfaces or subinterfaces in the group.

Configure on DLCI—Select this check box if you want to configure FRTS on the DLCI rather than on the subinterface (for a group of Frame Relay subinterfaces). QPM will configure FRTS on the DLCI, if available. If not, FRTS will be configured on the subinterface.

The rate control parameters available are:

• Rate (Kbit/sec)—The average kilobits per second rate for the virtual circuit, typically the minimum rate you are committed to provide on the circuit. The default is 56. The rate should be less than or equal to the rate of the interface.
  
  
• Burst Size—Optionally, the sustained number of kilobits that can be transmitted per interval over the virtual circuit. The burst size can be from 1 to 16000. The default is 7.
  
  

The interval is determined by dividing the burst size by the rate. For example, if the rate is 128, and the burst size is 16, the interval is 0.125 seconds.

Available only if you select Frame Relay for Interface Type and something other than Defined by Interface for QoS Property.

If you enable FRTS on a group, you cannot create shaping policies (GTS) for that group, and any shaping policies currently defined for the group and its members are removed. Also, if the group members are interfaces, enabling FRTS enables FRTS on all of the interface's subinterfaces, if any.

If the group is for subinterfaces, and FRTS is enabled for the group, you cannot change the FRTS setting for any of the interfaces whose subinterfaces are members of the group.

Frame Relay Traffic Shaping

• Exceed Burst Size—Optionally, the maximum number of kilobits in excess of the burst size that can be transmitted during the first interval when congestion occurs. The exceed burst size can be from 0 to 16000. The default is 7.
  
  
• Minimum Rate—The minimum CIR (minCIR) value to be used when congestion occurs. The default minimum rate is half of the CIR. You can override this default in this field.
  
  
• Adaptive Shaping—Select this field to have the interface reduce the traffic rate when it is notified that congestion is occurring at other interfaces along the path.
  
  

Voice Configuration

Click the plus sign (+) to display parameters for Voice Configuration.

Enable Voice Configuration—Select this check box if you want to configure the bandwidth and fragmentation for Voice over Frame Relay. These settings help you ensure that real-time, delay-sensitive voice traffic can be carried over Frame Relay links.

• Bandwidth—The percentage of the bandwidth on the interfaces in the group to reserve for voice traffic.
  
  

The bandwidth percentage should not be higher than the FRTS rate (as a percentage of the overall rate on the interfaces). For example, if you set the FRTS rate on a group of 1544 Kbps interfaces to 772 Kbps (50%), voice bandwidth should be no more than 50.

• Fragment (bytes)—The frame size (in bytes) used when fragmenting data frames, not including Frame Relay headers and fragmentation headers. Long data frames are fragmented and interleaved with real-time voice frames, so that data and voice can share the link while maintaining the required voice quality.
  
  

The fragment size is in bytes, and can be from 16 to 1600. The default is 53 bytes.

Voice over Frame Relay frames are never fragmented.

Fragment is only available when you select WFQ or Class-based for QoS property.

Available only:

• If you select Enable Frame Relay Traffic Shaping on certain devices running a version of IOS software that supports Frame Relay voice configuration (FRF.11 and FRF.12) with modular CLI.
  
  
• On VIP interfaces on certain devices running a version of IOS software that supports Distributed FRF (dFRF) with modular CLI.
  
  

WFQ Properties

Properties related to Voice over Frame Relay.

• Discard Threshold—The number of messages allowed in a weighted fair queue. For high-bandwidth conversations, once this threshold is met, additional high-bandwidth messages are discarded.
  
  

The threshold can be from 1 to 4096. The default is 64.

• Dynamic Conversation—The number of dynamic queues to use for conversations that do not require special network services ("best-effort conversations").
  
  

The dynamic conversation can be 16, 32, 64, 128, 256, 512, 1024, 2048, or 4096. The default is 256.

• Reservable Conversation—The number of reservable queues used for RSVP reserved conversations.
  
  

The reservable conversation can be from 0 to 100, unless you configure a fragment size for FRTS voice configuration, in which case the value can be from 2 to 100. The default is 2.

• Max Buffer Size—The maximum buffer size for the weighted fair queues, in number of messages. The buffer size can be from 0 to 600.
  
  

Available only if you select WFQ for QoS Property, Frame Relay for Interface Type, and a version of IOS software that supports Frame Relay fair queue.

Aggregate Limit

The total number of packets that can be buffered in all of the queues on the group's interfaces before packets can be dropped.

When the number of packets reaches the aggregate limit, the interfaces enforce the individual limit on each queue, and if a queue has more packets in its buffer than the individual limit, new packets for that queue are dropped. However, no packets are dropped that are already in the queue.

The aggregate limit can be from 1 to 32768. The interfaces calculate the default limit based on the transmission rate of the interface and the total buffering space available on the VIP card.

Available only when you select CBWFQ or Fair Queue for QoS Property and VIP for Card Type, when using an IOS software version that supports this configuration.

Cisco recommends that you use the default unless you determine that your particular situation would benefit from a different value.

Individual Limit

The number of packets that can be buffered in each individual queue when congestion occurs on the group's interfaces.

When the interface is not congested, each queue can exceed this limit until the aggregate limit for the interface is reached. Once the aggregate limit is reached, each queue is limited by the individual limit, and packets cannot be added to the queue until it is below the individual limit.

The individual limit can be from 1 to 32768. The default is half the aggregate limit.

Available only when you select CBWFQ or Fair Queue for QoS Property and VIP for Card Type, when using an IOS software version that supports this configuration.

Cisco recommends that you use the default unless you determine that your particular situation would benefit from a different value.

Enable WRED Drop

Select this if you want the group to use weighted random early detection (WRED) for the drop mechanism. WRED proactively drops packets before maximum threshold limits are reached in an attempt to throttle traffic at the source when an interface becomes congested.

• Weight—A factor used to determine the rate at which packets are dropped when traffic congestion occurs. The weight must be between 1 and 16. 10 is usually an effective factor.
  
  
• Advanced button—Click this button to configure advanced WRED properties (described in the "WRED Advanced Properties Dialog Box" section.) Only available on groups that require an IOS software version that supports advanced WRED configuration.
  
  

Available only when you select CBWFQ or Fair Queue for QoS Property and VIP for Card Type, when using an IOS software version that supports this configuration.

RSVP

Click the plus sign (+) to display parameters for RSVP.

Enable RSVP—Select this if you want to allow applications to make RSVP reservations on the interfaces in the group. Some applications, such as voice over IP, video, or audio broadcasts, use RSVP reservations to ensure that sufficient bandwidth is available at network devices along a traffic flow. This ensures that real-time traffic can flow through the network reliably, without delay and packet loss that can make the traffic flow useless.

• UDP Encapsulation—Select this to have the interfaces produce a UDP-encapsulated multicast packet whenever they receive an IP-encapsulated multicast packet. If you do not select this field, the interfaces only use UDP-encapsulated packets if they receive a UDP-encapsulated RSVP message (some hosts depend on the router to initiate UDP-encapsulation). The interfaces use the 224.0.0.14 multicast address and UDP port 1699.
  
  
• Single Flow—The percentage of the interface's bandwidth that one traffic flow can reserve. The single flow limit can be from 1 to the aggregate limit. The default is 75.
  
  
• Aggregate—The percentage of the interface's bandwidth that all traffic flows combined can reserve. The aggregate limit can be from 1 to 75. The default is 75.
  
  

Available only if you select WFQ, WRED, or Class-based for QoS Property, non-VIP for Card Type, and a version of IOS software that supports RSVP.

Not available if you select Enable Frame Relay Traffic Shaping.

When configured on CBWFQ groups, RSVP and CBWFQ work independently, as if the other technique were not configured on the interface.

When configured on WFQ groups, RSVP provides guaranteed rate service, which is good for delay-sensitive applications like voice over IP.

When configured on WRED groups, RSVP provides controlled load service, which is good for adaptive real-time applications like the playback of a recorded conference call.

You must understand the bandwidth requirements of the RSVP-enabled applications on your network to make reasonable bandwidth settings.

IP RTP Priority

Click the plus sign (+) to display parameters for IP RTP Priority.

Enable IP RTP Priority—Select this if you want to create a strict-priority queue for real-time transport protocol (RTP) traffic. This is typically used to provide absolute priority to voice traffic, which uses RTP ports.

• Port Range—The starting and ending RTP port numbers. RTP traffic for these ports is placed in the absolute-priority queue. Other traffic is handled by the interface's standard queuing mechanism.
  
  

The start port can be 2000 or higher, and the end point can be 65536 or lower. The maximum range is 16383. There is no default port range, but the voice ports range is from 16384 to 32767.

• Bandwidth—The percentage of the interfaces's bandwidth for the absolute-priority queue. All packets in the queue are transmitted before any other queues are handled.
  
  

Traffic in the queue cannot exceed this bandwidth. Any packets that exceed the bandwidth are dropped, so ensure you allocate adequate bandwidth. Any unused bandwidth is available to the other queues on the interface.

The bandwidth can be between 0 and 75, and you can use decimal places (for example, 10.5). There is no default. On CBWFQ interfaces, this bandwidth is added to the combined CBWFQ queue bandwidths, and the total must be 75% or less.

Available only if you select WFQ or Class-based for QoS Property, non-VIP for Card Type, and a version of IOS software that supports IP RTP Priority.

Not available if you select Enable Frame Relay Traffic Shaping.

IP RTP Priority is mainly useful on interfaces whose speed is less than 1.544 Mbps. Voice typically uses 24 Kbps. However, IP RTP Priority ignores voice compression, so a 12 Kbps stream is treated like a 24 Kbps stream. Because of overhead, ensure the bandwidth percentage you select accommodates at least 25 Kbps per call.

To determine the bandwidth required, estimate the number of concurrent calls that must be supported on the interface, and multiply by 25 Kbps. Then divide by the interface's bandwidth to get the bandwidth percentage.

You can use the max-reserved-bandwidth IOS software command to change the maximum allocatable bandwidth.

IP RTP Header Compression

Click the plus sign (+) to display parameters for IP RTP Header Compression.

• Enable IP RTP Header Compression—Select this if you want to compress the IP/UDP/RTP header in an RTP data packet from 40 bytes to approximately 2 to 5. This is typically used to help reduce delay for voice traffic.
  
  
• Passive—Select this if you want to compress outgoing RTP packets only if incoming RTP packets on the same interface are compressed. Leaving this check box clear when Enable IP RTP Header Compression will compress all RTP headers.
  
  

Available for later IOS versions when you select WFQ or Class-based for QoS Property, and Non-VIP for interface card.

LFI

Click the plus sign (+) to display parameters for LFI.

• Enable LFI—Select this if you want to reduce delay on slower-speed links for delay-sensitive traffic. Large datagrams are fragmented into smaller packets and the delay-sensitive packets are interleaved between the fragments of the large datagram.
  
  
• Maximum Delay—Enter the maximum fragmentation delay in milliseconds.
  
  

Available on PPP interfaces when PPP-Multilink is configured on the interface. QPM cannot detect or implement this configuration.

Trust State

The trust state for the Catalyst switch ports. The trust state affects how frames are marked when they enter the port.

• Untrusted—Change the frame's class of service (CoS) and type of service (ToS) values to the ones defined for the port.
  
  

This is the switch's default trust state.

• Trust CoS—Trust the CoS value on the packet and use it to change the packet's ToS value.
  
  
• Trust DSCP—Trust the packet's DSCP values without change.
  
  
• Trust IP Prec—Trust the IP precedence value in the ToS byte.
  
  

Available only if you select Cat6000 for device model, or if you select Cat6000(IOS) and 2Q2T or 1P2Q2T for QoS Property.

You must define the port's CoS value using the device's command line interface (CLI). QPM does not configure the port's CoS value.

Trust-ext

The trust extension settings for the Catalyst switch ports. These settings effectively extend the trust boundary of the switch to the IP phone and determine how packets at the trust extension boundary are marked.

• None—No change to existing settings.
  
  
• Trust CoS—Trust the packet's existing CoS value.
  
  
• Untrusted—Change CoS value of VoIP traffic 5 and of (CoS) and of data traffic to 0 at the extended trust boundary (usually the IP phone). This ensures highest priority for voice traffic.
  
  

Available only if you select Cat6000 for device model.

QoS Style

Choose whether to define and deploy VLAN-based policies or port-based policies on the ports in the device group. This is used in cases where the port belongs to a VLAN and policies have been defined both on the VLAN and on the individual port.

Available only if you select Cat6000 for device model, or if you select Cat6000(IOS) and 2Q2T or 1P2Q2T for QoS Property.

QoS Property button

Click this button to display the Properties of IOS Queuing dialog box, in which you can define the queuing values.

Available only on Catalyst 6000 devices with Supervisor IOS.

This button is disabled if Do Not Change is selected for QoS Property.

See Properties of CatOS/IOS Queuing Dialog Box for further information.

Group Members

The interfaces that belong to the device group.

These interfaces must be defined in the database before you can add them to a group.

Show

Enables you to choose whether to show all interfaces, only VLANs or only ports in the list of available interfaces in the Add/Remove Group Members Dialog Box.

Available only on Catalyst 6000 devices and Catalyst 6000 devices with Supervisor IOS.

Add/Remove button

Click this button to add members to the group or remove them from the group.

This button opens the Add/Remove Group Members Dialog Box.

When creating a device group of Catalyst 6000 with Supervisor IOS interfaces, clicking this button displays a message indicating that adding/removing interfaces is done per ASIC group. When you add an interface, all interfaces belonging to the same ASIC group are added to the device group.

Location

The location within the QoS database that contains the host name, one of:

• Interface \ policy name
  
  
• Interface \ policy name \ host group name
  
  
• Host group name
  
  
• Aliases \ application alias name
  
  
• Name
  
  

Type

The type of location within the QoS database, one of,

• Group—The name is used in a host group.
  
  
• Filter—The name appears in a policy filter, possibly in a host group.
  
  
• Device Name—The name is used for a device.
  
  

Host Name

The host name that needs to be resolved to an IP address.

Resolution Status

The status of the host-name-to-IP-address resolution, one of:

• Pending—The host name has not yet been resolved.
  
  
• Resolving—The host name is currently being resolved.
  
  
• Resolved to IP Address—The host name has been resolved to the indicated IP address.
  
  
• Skipped—You clicked Skip Resolution while QPM was trying to resolve the name.
  
  
• FAILED!!!—The host name could not be resolved to an IP address.
  
  

An arrow indicates the host name that is currently being resolved.

Skip Resolution button

Click this button to skip the resolution of the name currently being resolved. You might want to do this if the name is taking a long time to resolve, or if you know it is an incorrect name.

Show Unresolved button

Click this button to filter the list so that correctly-resolved host names are not displayed. This helps you locate any resolution failures.

This button toggles with the Show All Hosts button.

Show All Hosts button

Click this button to switch the list back to showing all hosts, including those whose IP addresses were successfully found.

This button toggles with the Show Unresolved button.

Abort button

Click this button to stop the DNS resolution process.

DSCP to CoS

The From field lists the 64 DSCP values, each of which can be mapped to one of 8 CoS values. Enter the required CoS value in the To field.

CoS to DSCP

The From field lists the 8 CoS values (0-7), each of which can be mapped to one of 64 DSCP values (0-63). Enter the required DSCP value in the To field.

IP-Precedence to DSCP

The From field lists the 8 IP precedence values (0-7), each of which can be mapped to one of 64 DSCP values (0-63). Enter the required DSCP value in the To field.

Description of Database

Enter the description of the database.

Enter device name or IP address

The name or IP address of the device you want to find.

If you are in default view, enter the IP address or DNS. If you are in Device Name view, enter the device name.

Write Memory

Configuration options for writing device configuration changes to the device's memory.

• Global Settings—Select this if you want to use the global settings.
  
  
• Enable Write Memory—Select this to have QPM write your configuration changes to the device's memory.
  
  
• Disable Write Memory—Select this if you do not want QPM to write your configuration changes to the device's memory.
  
  

If you do not select Write Memory, when you reboot the device, your configuration changes are lost, and the device uses its last saved configuration.

Access Control

Configuration options for access control policies:

• Global Settings—Select this if you want to use the global settings.
  
  
• Enable Access Control—Select this if you want to enable creation of access control policies for this device.
  
  
• Disable Access Control—Select this if you want to disable creation of access control policies for this device.
  
  

NBAR Port Mapping

Options for handling NBAR Port Mapping policies:

• Global Settings—Select this if you want to use the global settings.
  
  
• Enable NBAR Port Mapping—Select this if you want to enable NBAR Port Mapping for this device.
  
  
• Disable NBAR Port Mapping—Select this if you want to disable NBAR Port Mapping for this device.
  
  

When NBAR port mapping is enabled, you can configure the mapping of NBAR ports by clicking the NBAR Port Mapping button in the Device Properties dialog box. See NBAR Port Mapping Dialog Box.

Host Groups list

A list of available host groups.

New button

Click this button to create a new host group.

Duplicate button

Click this button to duplicate the selected host group.

Edit button

Click this button to edit the membership or change the name of the selected group.

You can also edit a group by double-clicking it.

Delete button

Click this button to delete the selected host group.

You cannot delete a host group if it is used in a policy. Remove all occurrences of the host group from your policies before deleting the group.

Known Devices

The list of devices from the selected inventory, including IP address, device model, and IOS software version.

QPM queries the devices as it adds them to this list. This query can take a long time if there are a lot of devices. If a device cannot be queried, either because it is unavailable, or the SNMP query failed, this is indicated, and you cannot import the device. Devices that are supported and available are listed first.

Devices to Import to QoS Database

The devices you select to import into the QoS database.

These devices are not added to the Devices folder until you click OK. If you click Cancel, the import is aborted and the database is left unchanged.

Detected Devices

This progress bar operates while QPM is querying the devices in the selected RME file.

While QPM is querying the devices, you can click Stop to make QPM stop the query. If you stop the query, QPM only lets you select from the devices already queried.

>> button

Click this button to add the selected devices to the devices to import list.

<< button

Click this button to remove the selected devices from the devices to import list.

Stop button

Click this button to stop the querying of devices in the external database.

The query stops with the last completed device. You can add all the valid known devices to the QoS database.

User name

Your QPM user name. This name must be defined in one of the QPM Windows NT groups: the user group if you want read-write access, the guest group if you want read-only access.

The QPM groups are defined on the machine that is running the QoS Manager service. Unless you selected different groups, QPM_Users is the read-write group, QPM_Guests is the read-only group.

If QPM created the QPM_Users group during installation, it created a user named QPM_User with no password.

Password

The password for this user account.

Domain

The domain in which your user account is defined.

If you are using the QPM_User account, the domain is the name of the QoS Manager machine.

Name

The NBAR application name.

Protocol

The protocol name: TCP or UDP.

Ports

The ports to which the application is mapped.

Add button

Click to open the NBAR Port Mapping Properties dialog box.

See NBAR Port Mapping Properties Dialog Box.

Edit button

Click to edit the properties of the selected NBAR mapping.

See NBAR Port Mapping Properties Dialog Box.

Delete button

Click to delete the selected NBAR mapping.

NBAR Protocol

The application protocol.

TCP/UDP

The protocol name: TCP or UDP.

Ports

The ports to which the application is mapped. Enter port numbers separated by a space or comma.

Protocol

The application protocol that produces the traffic flow.

See Properties of PolicyFilter Properties for more details about defining NBAR properties and policy filters.

Parameter

Protocol parameters if you select HTTP, Citrix, or Napster as the protocol. The list of parameters changes according to the protocol chosen.

This field is disabled if the selected protocol does not have any associated parameters.

Value

Enter a value for the selected parameter.

The MIME-type can contain any text string.

When matching by HOST, NBAR performs a regular expression match on the HOST field contents inside an HTTP GET packet and classifies all packets from that host.

When matching by URL, NBAR recognizes the HTTP GET packets containing the URL, and then matches all packets that are part of the HTTP GET request. When specifying a URL for classification, include only the portion of the URL following www.hostname.domain in the match statement. For example, in the URL www.anydomain.com/latest/whatsnew.html, include only /latest/whatsnew.html.

To match the www.anydomain.com portion, use the HOST name matching feature. The URL or HOST specification strings can take the form of a regular expression with the following options:

*—Match any zero or more characters in this position.

?—Match any one character in this position.

|—Match one of a choice of characters.

(|)—Match one of a choice of characters in a range. For example foo.(gif | jpg) matches either foo.gif or foo.jpg.

[ ]—Match any character in the range specified, or one of the special characters. For example, [0-9] is all of the digits. [*] is the "*" or [[] is the "[" character.

This field is disabled if the selected protocol does not have any associated parameters.

• Select Devices>Device>New.
  
  
• Right-click in the tree view and select New Device.
  
  

• Select a device and select Devices>Device>Properties.
  
  
• Right-click a device and select Device Properties.
  
  

IP Address/DNS

The host name or IP address of one of the device's interfaces.

This is a required field.

Device Name

The resolved device name.

This field is read-only.

Community

The SNMP read community string for the device.

This is a required field.

User Name

The user name for accessing the device through Telnet, if a user name is required.

Password

The password required for accessing the device through Telnet.

This is a required field.

Enable Password

The password required for entering Enable mode on the device.

This is a required field.

Vendor

The vendor who made the device.

Device Model

The model number for the device.

QPM can get this information from the device if you select Verify Device Information and click OK, or if you click the Verify Device Info button.

If you do not let QPM get the information from the device, this is a required field.

Software Version

The version level of the software running on the device.

QPM can get this information from the device if you select Verify Device Information and click OK, or if you click the Verify Device Info button.

If you do not let QPM get the information from the device, this is a required field.

Mapped Software Version

The IOS version that is used to determine the device capabilities.

All subversions of a specific version are translated to the major version, unless QPM explicitly supports the minor version. A new minor version is mapped to the last minor version of that train, and not to the major version.

There are versions for which explicit mapping will be done, according to the specific version that QPM supports or for obsolete versions. For example, 12.1(2)T and 12.1(5)T will be mapped to 12.2.

Prompt

The prompt configured on the device if you changed it from the default prompt.

Only specify the prompt if you changed the device's default prompt.

Verify Device Information

Select this field to have QPM obtain the device model and software version from the device when you click OK.

The device must be online, and the password correct, in order for QPM to verify this information.

Detect Interfaces

Select this field to have QPM obtain a list of interfaces from the device when you click OK. After discovering the interfaces, QPM opens the Detect Interfaces dialog box, where you can select which interfaces to add to the QoS database.

You can also click the Detect Interfaces button to get a list of interfaces from which to choose. If you do not want QPM to obtain interface information, you must click the Define Interface button and manually define the device's interfaces (unless the device does not have manageable interfaces).

Upload Device Configuration

Select this field to upload the device's existing QoS configuration into the QoS database.

QPM generates an HTML report listing all the QoS configurations that were not successfully uploaded to the database. Unsuccessful upload might arise from incomplete configurations that exist on the router, unsupported options, and so on.

After the upload is completed, you will be prompted to view this report in your system browser.

You can only upload once, and before making a QoS configuration change. After you make a change to the device's QoS configuration, this check box is disabled.

View Configuration button

Click this button to view the device's configuration.

The device must be online, and the password correct, in order for QPM to display the configuration.

View Commands button

Click this button to see how QPM will translate the policies and QoS configuration for the device into CLI commands. These commands implement the policies you created on the interfaces on the device.

See the device's software documentation for information on how to read these commands.

Verify Device Info button

Click this button to have QPM determine the software version and device model information from the device, so that you do not have to enter the information manually.

Clicking this button is equivalent to selecting Verify Device Information and clicking OK.

The device must be online, and the password correct, in order for QPM to obtain this information.

If you upgrade the device's software, or you replace the device with a new model, click this button so that QPM can change the device's properties in the QoS database.

Detect Interfaces button

Click this button to have QPM obtain a list of interfaces and their characteristics from the device. After discovering the interfaces, QPM opens the Detect Interfaces dialog box, where you can select which interfaces to add to the QoS database.

Clicking this button is equivalent to selecting Detect Interfaces and clicking OK.

The device must be online, and the password correct, in order for QPM to obtain this information.

Define Interface button

Click this button to manually define the interfaces on the device.

If the device is online, it is easier to define the interfaces by selecting Detect Interfaces and clicking OK, or by clicking Detect Interfaces.

This button opens the New Interface and Properties of Interface Dialog Boxes.

Global Settings Overwrite button

Click this button to change the configuration settings for this device to enable or disable write memory after deployment, access control policies, and NBAR port mapping. See Global Settings Overwrite Dialog Box.

These settings overwrite the global configuration settings defined in the Distribution Manager. See Options Dialog Box.

NBAR Port Mapping button

Click this button to open the NBAR Port Mapping dialog box to configure mapping of NBAR ports. See NBAR Port Mapping Dialog Box.

This button is disabled when NBAR port mapping is disabled. You can change the global settings in the Distribution Manager. See Options Dialog Box. You can overwrite the global settings for a device in the Global Settings Overwrite dialog box. See Global Settings Overwrite Dialog Box.

QoS Property button

Click this button to change the properties of the 2q2t and 1p2q2t queuing mechanisms for Catalyst 6000 family switches. See Properties of CatOS/IOS Queuing Dialog Box.

Available only on Catalyst 6000 series switches.

Markdown Table button

Click this button to access a table in which you can customize the DSCP markdown values to be used when bandwidth limits are exceeded. See DSCP Markdown Dialog Box.

Available only on Catalyst 6000 devices and Catalyst 6000 devices with Supervisor IOS.

DSCP Mapping button

Click this button to access a table in which you can customize CoS/IP precedence to DSCP and DSCP to CoS mapping values to be used by QPM on deployment of policies. See DSCP Mapping Dialog Box.

Available only on Catalyst 6000 devices and Catalyst 6000 devices with Supervisor IOS.

• Click Define Interface in the New Device or Device Properties dialog boxes.
  
  
• Select the device and select Devices>Interface>New.
  
  
• Right-click the device and select New Interface.
  
  

• Select an interface and select Devices>Interface>Properties.
  
  
• Right-click an interface and select Interface Properties.
  
  

Name

The name of the interface, for example, Ethernet0. For Catalyst switches, this is the name of the port.

Name is the only field you must fill in when defining an interface.

IP Address

The IP address for the interface.

Leave this field blank for Catalyst switches.

Mask

The subnet mask for the interface.

Leave this field blank for Catalyst switches.

Rate (Kbit/sec)

The transmission rate for the interface or switch port, in kilobits per second. For example, the rate of a standard 10 Mb/sec ethernet interface is 10000.

Type

The type of interface, for example, ethernet. Select the interface type from the list of available types.

Card Type

Whether the interface or switch port is on a VIP or non-VIP card.

The QoS capabilities for interfaces on VIP cards are different from those available on non-VIP cards.

PVC

The ATM PVC ID.

Only appears for ATM subinterfaces, when Class Based QoS is selected for QoS Property.

DLCI

The ID of the Frame Relay DLCI. If the subinterface has more than one DLCI, this field shows the ID of the first one.

Only appears for Frame Relay point-to-point subinterfaces (only one DLCI pre subinterface).

Interface Description

The description of the interface.

Configure on PVC

Select this check box to configure Class Based QoS on the ATM PVC, rather than on the subinterface.

Appears only for ATM subinterfaces, when Class Based QoS is selected for QoS Property.

QoS Property

The QoS queuing technique that should be assigned to the interface or switch port.

Select Do Not Change if you do not want QPM to configure the queuing property.

See What Types of Quality of Service Does QPM Handle? for more information on queuing techniques.

On Catalyst 6000 devices with Supervisor IOS, if you change the QoS Property on an interface, it is changed on all the interfaces in the same ASIC group as well.

Queue Limits

The limit for the number of packets allowed in each priority queue. You can enter limits in any combination of the four queues. Once the limit is reached, packets are dropped.

Queues can be from 0 to 32767 packets.

Available only if you select Priority Queuing for QoS Property.

Packet Size (bytes)

The typical packet size that traverses the interface. QPM uses this value to calculate the byte size of the custom queues, the queues being a multiple of this packet size. You do not have to carefully calculate this value. Instead, pick a number that you feel would be an appropriate size for the smallest queue on the interface.

Available only if you select Custom Queuing for QoS property.

WRED Weight

A factor used to determine the rate at which packets are dropped when traffic congestion occurs. The weight must be between 1 and 16. Use the default unless you determine a different factor is desirable.

• Advanced button—Click this button to configure advanced WRED properties (described in the "WRED Advanced Properties Dialog Box" section.) Available only on interfaces that support advanced WRED capabilities.
  
  

Available only if you select WRED for QoS property. See the IOS software documentation for a detailed discussion of the random-detect weighting factor.

Frame Relay Traffic Shaping

Click the plus sign (+) to display parameters for Frame Relay Traffic Shaping.

Enable Frame Relay Traffic Shaping—Select this if you want to use the rate control features of Frame Relay traffic shaping (FRTS) on the interface or subinterface.

Configure on DLCI—Select this check box if you want to configure FRTS on the DLCI rather than on the subinterface. You can configure FRTS on one DLCI per point-to-point Frame Relay subinterface.

The rate control parameters available are:

• Rate (Kbit/sec)—The average kilobits per second rate for the virtual circuit, typically the minimum rate you are committed to provide on the circuit. The default is 56. The rate should be less than or equal to the rate of the interface.
  
  
• Burst Size—Optionally, the sustained number of kilobits that can be transmitted per interval over the virtual circuit. The burst size can be from 0.3 to 16000. The default is 7.
  
  

The interval is determined by dividing the burst size by the rate. For example, if the rate is 128, and the burst size is 16, the interval is 0.125 seconds.

Available only if you select Frame Relay for Type and something other than Do Not Change for QoS Property.

If you enable FRTS on an interface, you cannot create shaping policies (GTS) on that interface. Also, enabling FRTS on an interface enables FRTS on all of the interface's subinterfaces, if any.

If you do not enable FRTS on an interface that has subinterfaces, you cannot set the QoS property for the subinterfaces. Subinterfaces use the QoS property defined for the interface.

You can use FRTS on a subinterface only if its interface is defined in the database and you enable FRTS on the interface.

Frame Relay Traffic Shaping (cont.)

• Exceed Burst Size—Optionally, the maximum number of kilobits in excess of the burst size that can be transmitted during the first interval when congestion occurs. The exceed burst size can be from 0 to 16000. The default is 7.
  
  
• Minimum Rate—The minimum CIR (minCIR) value to be used when congestion occurs. The default minimum rate is half of the CIR. The actual bandwidth allocation during times of congestion is a percentage of the minimum rate, rather than a percentage of the CIR. This percentage is specified in a class based QoS policy. Thus, if the bandwidth allocation is 10% and the minimum rate is 75 kbit/sec, the actual bandwidth allocated during times of congestion would be 10% of 75, which is 7.5 kbit/sec.
  
  
• Adaptive Shaping—Select this field to have the interface reduce the traffic rate when it is notified that congestion is occurring at other interfaces along the path.
  
  

Voice Configuration

Click the plus sign (+) to display parameters for Voice Configuration.

Enable Voice Configuration—Select this if you want to configure the bandwidth and fragmentation for Voice over Frame Relay. These settings help you ensure that real-time, delay-sensitive voice traffic can be carried over Frame Relay links.

• Bandwidth—The percentage of the bandwidth on the interface to reserve for voice traffic.
  
  

The bandwidth percentage should not be higher than the FRTS rate (as a percentage of the overall rate on the interface). For example, if you set the FRTS rate on a 1544 Kbps interface to 772 Kbps (50%), voice bandwidth should be no more than 50.

• Fragment (Bytes)—The frame size (in bytes) used when fragmenting data frames, not including Frame Relay headers and fragmentation headers. Long data frames are fragmented and interleaved with real-time voice frames, so that data and voice can share the link while maintaining the required voice quality.
  
  

The fragment size is in bytes, and can be from 16 to 1600. The default is 53 bytes.

Voice over Frame Relay frames are never fragmented.

Fragment is only available when you select WFQ or Class Based QoS for QoS property.

Available only:

• If you select Enable Frame Relay Traffic Shaping on certain devices running a version of IOS software that supports Frame Relay voice configuration (FRF.11 and FRF.12) with modular CLI.
  
  
• On VIP interfaces on certain devices running a version of IOS software that supports Distributed FRF (dFRF) with modular CLI.
  
  

WFQ Properties

Properties related to Voice over Frame Relay.

• Discard Threshold—The number of messages allowed in a weighted fair queue. For high-bandwidth conversations, once this threshold is met, additional high-bandwidth messages are discarded.
  
  

The threshold can be from 1 to 4096. The default is 64.

• Dynamic Conversation—The number of dynamic queues to use for conversations that do not require special network services ("best-effort conversations").
  
  

The dynamic conversation can be 16, 32, 64, 128, 256, 512, 1024, 2048, or 4096. The default is 256.

• Reservable Conversation—The number of reservable queues used for RSVP reserved conversations.
  
  

The reservable conversation can be from 0 to 100, unless you configure a fragment size for FRTS voice configuration, in which case the value can be from 2 to 100. The default is 0.

• Max Buffer Size—The maximum buffer size for the weighted fair queues, in number of messages. The buffer size can be from 0 to 4096.
  
  

Available only if you select WFQ for QoS Property on Frame Relay interfaces on devices running a version of IOS software that supports Frame Relay fair queue.

Aggregate Limit

The total number of packets that can be buffered in all of the queues on the interface before packets can be dropped.

When the number of packets reaches the aggregate limit, the interface enforces the individual limit on each queue, and if a queue has more packets in its buffer than the individual limit, new packets for that queue are dropped. However, no packets are dropped that are already in the queue.

The aggregate limit can be from 1 to 32768. The interface calculates the default limit based on the transmission rate of the interface and the total buffering space available on the VIP card.

Available only when you select CBWFQ or Fair Queue for QoS Property for an interface on a VIP card.

Cisco recommends that you use the default unless you determine that your particular situation would benefit from a different value.

Individual Limit

The number of packets that can be buffered in each individual queue when congestion occurs on the interface.

When the interface is not congested, each queue can exceed this limit until the aggregate limit for the interface is reached. Once the aggregate limit is reached, each queue is limited by the individual limit, and packets cannot be added to the queue until it is below the individual limit.

The individual limit can be from 1 to 32768. The default is half the aggregate limit.

Available only when you select CBWFQ or Fair Queue for QoS Property for an interface on a VIP card.

Cisco recommends that you use the default unless you determine that your particular situation would benefit from a different value.

Enable WRED Drop

Select this if you want the interface to use weighted random early detection (WRED) for the drop mechanism. WRED proactively drops packets before maximum threshold limits are reached in an attempt to throttle traffic at the source when an interface becomes congested.

• Weight—A factor used to determine the rate at which packets are dropped when traffic congestion occurs. The weight must be between 1 and 16. 10 is usually an effective factor.
  
  
• Advanced button—Click this button to configure advanced WRED properties (described in the "WRED Advanced Properties Dialog Box" section.) Available only on interfaces that support advanced WRED configuration.
  
  

Available only when you select CBWFQ or Fair Queue for QoS Property for an interface on a VIP card.

RSVP

Click the plus sign (+) to display parameters for RSVP.

• Enable RSVP—Select this if you want to allow applications to make RSVP reservations on the interface. Some applications, such as VoIP, video, or audio broadcasts, use RSVP reservations to ensure that sufficient bandwidth is available at network devices along a traffic flow. This ensures that real-time traffic can flow through the network reliably, without delay and packet loss that can make the traffic flow useless.
  
  
• UDP Encapsulation—Select this to have the interface produce a UDP-encapsulated multicast packet whenever it receives an IP-encapsulated multicast packet. If you do not select this field, the interface only uses UDP-encapsulated packets if it receives a UDP-encapsulated RSVP message (some hosts depend on the router to initiate UDP-encapsulation). The interface uses the 224.0.0.14 multicast address and UDP port 1699.
  
  
• Single Flow—The percentage of the interface's bandwidth that one traffic flow can reserve. The single flow limit can be from 1 to the aggregate limit. The default is 75.
  
  
• Aggregate—The percentage of the interface's bandwidth that all traffic flows combined can reserve. The aggregate limit can be from 1 to 75. The default is 75.
  
  

Available only if you select WFQ, WRED, or CBWFQ for QoS Property for an interface on a non-VIP card that supports RSVP.

Not available if you select Enable Frame Relay Traffic Shaping.

When configured on CBWFQ interfaces, RSVP and CBWFQ work independently, as if the other technique were not configured on the interface.

When configured on WFQ interfaces, RSVP provides guaranteed rate service, which is good for delay-sensitive applications like voice over IP.

When configured on WRED interfaces, RSVP provides controlled load service, which is good for adaptive real-time applications like the playback of a recorded conference call.

You must understand the bandwidth requirements of the RSVP-enabled applications on your network to make reasonable bandwidth settings.

IP RTP Priority

Click the plus sign (+) to display parameters for IP RTP Priority.

• Enable IP RTP Priority—Select this if you want to create a strict-priority queue for real-time transport protocol (RTP) traffic. This provides absolute priority to voice traffic, which uses RTP ports.
  
  
• Port Range—The starting and ending RTP port numbers. RTP traffic for these ports is placed in the absolute-priority queue. Other traffic is handled by the interface's standard queuing mechanism.
  
  

The start port can be 2000 or higher, and the end port can be 65536 or lower. The maximum range is 16383. There is no default port range, but the voice ports range is from 16384 to 32767.

• Bandwidth—The percentage of the interface's bandwidth for the absolute-priority queue. All packets in the queue are transmitted before any other queues are handled.
  
  

Traffic in the queue cannot exceed this bandwidth. Any packets that exceed the bandwidth are dropped, so ensure you allocate adequate bandwidth. Any unused bandwidth is available to the other queues on the interface.

The bandwidth can be between 0 and 75, and you can use decimal places (for example, 10.5). There is no default. On CBWFQ interfaces, this bandwidth is added to the combined CBWFQ queue bandwidths, and the total must be 75% or less.

Available only if you select WFQ or CBWFQ for QoS Property for an interface that supports IP RTP Priority. Not available on VIP cards.

Not available if you select Enable Frame Relay Traffic Shaping.

IP RTP Priority is mainly useful on interfaces whose speed is less than 1.544 Mbps.

Voice typically uses 24 Kbps. However, IP RTP Priority ignores voice compression, so a 12 Kbps stream is treated like a 24 Kbps stream. Because of overhead, ensure that the bandwidth percentage you select accommodates at least 25 Kbps per call.

To determine the bandwidth required, estimate the number of concurrent calls that must be supported on the interface, and multiply by 25 Kbps. Then divide by the interface's bandwidth to get the bandwidth percentage.

You can use the max-reserved-bandwidth IOS software command to change the maximum allocatable bandwidth.

IP RTP Header Compression

Click the plus sign (+) to display parameters for IP RTP Header Compression.

• Enable IP RTP Header Compression—Select this if you want to compress the IP/UDP/RTP header in an RTP data packet from 40 bytes to approximately 2 to 5. This is typically used to help reduce delay for voice traffic.
  
  
• Passive—Select this if you want to compress outgoing RTP packets only if incoming RTP packets on the same interface are compressed. Leaving this check box clear when Enable IP RTP Header Compression is selected will compress all RTP headers.
  
  

Available for later IOS versions when you select WFQ or Class-based for QoS Property. Not available on VIP cards.

LFI

Click the plus sign (+) to display parameters for LFI.

• Enable LFI—Select this if you want to reduce delay on slower-speed links for delay-sensitive traffic. Large datagrams are fragmented into smaller packets and the delay-sensitive packets are interleaved between the fragments of the large datagram.
  
  
• Fragment Delay—Enter the fragmentation delay in milliseconds.
  
  

Available on PPP interfaces when PPP-Multilink is configured on the interface. QPM cannot detect or implement this configuration.

Trust State

The trust state for the Catalyst switch port. The trust state affects how frames are marked when they enter the port.

• Untrusted—Change the frame's class of service (CoS) and type of service (ToS) values to the ones defined for the port.
  
  

This is the switch's default trust state.

• Trust CoS—Trust the CoS value on the packet and use it to change the packet's ToS value.
  
  
• Trust DSCP—Trust the packet's DSCP values without change.
  
  
• Trust IP Prec—Trust the IP precedence value in the ToS byte.
  
  

Available only if you select Cat6000 for device model.

You must define the port's CoS value using the device's command line interface (CLI). QPM does not configure the port's CoS value.

Trust-ext

The trust extension settings for the Catalyst switch ports. These settings effectively extend the trust boundary of the switch to the IP phone and determine how packets at the trust extension boundary are marked.

• None—No change to existing CoS settings.
  
  
• Trust CoS—Trust the packet's existing CoS value.
  
  
• Untrusted—Negate the existing CoS settings. This is useful for a VoIP network where you have a PC-IP phone-Cat6K setup. To ensure that data from the PC gets no priority, you can set the trust extension to untrusted and then change CoS value of VoIP traffic to 5 and data traffic to 0. This ensures highest priority for voice traffic.
  
  

Available only if you select Cat6000 for device model.

QoS Style

If the port belongs to a VLAN and policies have been defined on both the VLAN and on the individual port, you can choose whether to deploy the VLAN-based policies or the port-based policies on this port.

Available only for Catalyst 6000 devices.

QoS Property button

Click this button to display the Properties of IOS Queuing dialog box, in which you can define the queuing values.

Available only on Catalyst 6000 devices with Supervisor IOS.

This button is disabled if Do Not Change is selected for QoS Property.

See Properties of CatOS/IOS Queuing Dialog Box for further information.

ASIC Group Interfaces button

Click this button to see a list of all interfaces belonging to the same ASIC group as the interface currently displayed.

Available only on Catalyst 6000 devices with Supervisor IOS.

Queuing properties apply to all members of an ASIC group—you cannot change queuing properties for an individual interface.

Name

The names of existing QoS databases.

The databases reside on the machine running the QoS Manager service.

Modified

The last day and time the database was saved.

Size

The size of the database.

Description

The description of the database.

Database Name

The database to be opened. Either select a database from the list or type in the name of an existing database.

Delete button

Click this button to delete the selected database.

Queue Length

The percentage of the port's bandwidth allocated to each queue. The minimum queue percentage is 1.

For 2Q2T, the default settings are 90% for Queue 1 (the low-priority queue) and 10% for Queue 2 (the high-priority queue).

For 1P2Q2T, the default settings are 90% for Queue 1 (the low-priority queue), 5% for Queue 2 (the high-priority queue), and 5% for Queue 3 (the strict-priority queue).

The values for the queues must add up to 100%. When you enter the value for one queue, QPM determines the correct value for the other queue.

Although all characteristics of these queues have default values, you must configure all values if you want to change any value.

Weight

The relative weight for the queue. This weight is used to determine how much traffic is transmitted from the queue using the weighted round-robin (WRR) technique before servicing the next queue.

The weight is from 1 to 255. The higher the weight, the more traffic is transmitted from the queue before servicing the next queue.

For both 2Q2T and 1P2Q2T, the default weights are 100 for Queue 1 and 255 for Queue 2.

For 1P2Q2T, Queue 3 does not have an associated weight because it is a strict priority queue that transmits traffic whenever it is detected.

Threshold 1

The percentage of the queue's bandwidth to use as the first threshold limit. In the precedence assignment table, you assign traffic to this limit. Any assigned traffic that exceeds the limit is dropped.

For both 2Q2T and 1P2Q2T, the threshold 1 default is 40% for queues 1 and 2. The minimum threshold is 1%.

Queue 3 does not have a threshold because it is a strict priority queue. Traffic is only dropped when this queue's buffer is 100% full.

Threshold 1 and 2 are not exclusive: they do not have to add up to 100.

Threshold 2

The percentage of the queue's bandwidth to use as the second threshold limit. In the precedence assignment table, you assign traffic to this limit. Any assigned traffic that exceeds the limit is dropped.

For both 2Q2T and 1P2Q2T, the threshold 2 default is 100% for queues 1 and 2. The minimum threshold is 1%.

Queue 3 does not have a threshold because it is a strict priority queue. Traffic is only dropped when this queue's buffer is 100% full.

Threshold 2 is typically larger than threshold 1. The difference between threshold 2 and 1 is the amount of the queue's bandwidth that is exclusively reserved for threshold 2 traffic.

For example, if threshold 2 is 100% and threshold 1 is 40%, 60% of the queue's bandwidth can only be used by traffic assigned to threshold 2.

Precedence assignment table

The queue to which packets are assigned based on the IP precedence value of the packet. All packets of a particular precedence must be assigned to the same queue and threshold limit.

For 2Q2T, the default assignments are:

• Queue 1, Threshold 1—Precedence 0, 1
  
  
• Queue 1, Threshold 2—Precedence 2, 3
  
  
• Queue 2, Threshold 1—Precedence 4, 5
  
  
• Queue 2, Threshold 2—Precedence 6, 7
  
  

For 1P2Q2T, the default assignments are:

• Queue 1, Threshold 1—Precedence 0, 1
  
  
• Queue 1, Threshold 2—Precedence 2, 3
  
  
• Queue 2, Threshold 1—Precedence 4
  
  
• Queue 2, Threshold 2—Precedence 6, 7
  
  
• Queue 3—Precedence 5
  
  

You can configure the queues without changing the default precedence assignments.

Do Not Change button

Resets the precedence assignment table to the default queue-threshold assignments.

Group Name

The name of the host group.

Host

The name or IP address of a network host.

To add a host to this list, click an empty box in the Host column. If there are no empty boxes, click in the last row and press Enter to create a new row.

Mask

The subnet mask for the IP address in the associated host field. You can use the IP address and mask combinations to identify a subnet.

Delete button

Click this button to remove the selected host and its associated mask, if any.

Policy Name

The name of the policy. The policy's name is anything you find meaningful. You might consider developing a convention that will help you identify policies more easily once you have an extensive set of policies.

Policy Status

Whether the policy is enabled or disabled. Enabled policies are written to the associated devices when they are deployed on the network, whereas disabled policies are not.

To disable a policy that has been distributed to the devices, select disable for Policy Status, and then save and distribute the QoS database. The policy is removed from the device.

Policy Comment

Information about the policy. The policy's comments are anything you find meaningful, such as a description of the purpose of the policy.

Back button

Click this button to return to the previous page in the policy definition, if there is one.

Next button

Click this button to go to the next page in the policy definition, if there is one.

Finish button

Click this button to save the policy and close the policy definition wizard. You can only click Finish if all properties of the policy are valid.

Direction

The direction of the traffic to which the policy applies:

• In—The policy only applies to traffic entering the interface.
  
  
• Out—The policy only applies to traffic leaving the interface.
  
  

When a device has no QoS capabilities in a specific direction, the direction is grayed out.

Back button

Click this button to return to the previous page in the policy definition, if there is one.

Next button

Click this button to go to the next page in the policy definition, if there is one.

Finish button

Click this button to save the policy and close the policy definition wizard. You can only click Finish if all properties of the policy are valid.

Traffic Type

The type of traffic filter for the policy.

• Class Default—Applies the policy actions to all traffic that does not match any other policy filter definition. When you choose this option the Filter tab fields are disabled.
  
  
• Filters—Defines a specific type of traffic for the policy.
  
  

This field appears only for routers when the QoS Property defined on the interface is Class-Based QoS or Priority Queuing.

Match Type

The match criteria for the filter properties and NBAR properties:

• Match ANY filter row AND ALL other conditions—Packets must match one of the filter rows (in the Filter Properties tab) and all other conditions (for example, NBAR or IP RTP conditions).
  
  
• Match ANY filter row OR ANY other condition—Packets must match one of the filter rows or one of the other conditions defined (for example, NBAR or IP RTP conditions).
  
  

This field appears only for routers when the QoS Property defined on the interface is Class-based QoS and the software version supports NBAR or IP RTP.

Filter Properties tab

Contains fields for defining the filter elements described in the following rows. The match criteria between rows in this tab is always OR.

Deny

The access criteria for the traffic defined in the filter row.

Select this check box to deny access to the matching packets. Leave the check box blank to permit the traffic.

Protocol

The protocol of the traffic you are identifying. When you click in the Protocol field, a drop-down button appears. Click the button and select the desired protocol. You can also type the protocol number in the field. Valid protocol numbers are 0 through 255, or you can enter the predefined values TCP, IP, or UDP.

This is a required field.

For a list of protocol numbers, see RFC1700, "Assigned Numbers," at http://www.ietf.org/rfc/
rfc1700.txt.

Precedence

The IP precedence value of the packets you are identifying, if you are trying to filter on IP precedence.

This field is not available for policies on switches.

When you click in the Precedence field, a drop-down button appears. Click the button and select the desired precedence value. Leave blank if you want the filter to match any IP precedence value.

If you define a Precedence value, you cannot define a DSCP value.

DSCP

The DSCP value of the packets you are identifying, if you are trying to filter on DSCP value.

Enter the DSCP value.

This field is not available for policies on switches.

Leave blank if you want the filter to match any DSCP value.

If you define a DSCP value, you cannot define a Precedence value.

Sender

The source of the packet, if you are trying to identify traffic based on source. When you click in the Sender field, a drop-down button appears. When you click the button, additional fields appear that allow you to delimit the type of sender.

The fields available depend on the selection in the Type field:

• Host Name—Select Host Name if you are specifying a specific machine or subnet. Enter the IP address or host name in the IP field. If you are specifying a subnet as the sender, enter the subnet mask in the Mask field.
  
  
• In Group—Select In Group if you are specifying the name of a host group you created in QPM. Select the name of a host group in the Group field. If the packet comes from any of the hosts defined in the group, it matches this filter condition. Click the ... button to create or edit host groups. See Working with Host Groups for more information.
  
  
• Is App. Service—Select Is App. Service if you are specifying the name of an application service you created in QPM. Select the name of an application service in the App. Service field. If the packet comes from any of the applications defined in the group, it matches this filter condition. Click the ... button to create or edit application services. See Working with Application Services Aliases for more information.
  
  

Leave Sender blank if you want the filter condition to apply to all sources.

If you enter a name without opening the expansion box, QPM assumes that you are entering a single host name.

Sender Port

The port that is the source of the packet, if you are trying to identify traffic based on port. For example, 80 is the typical port used by web traffic. When you click in the Sender Port field, a drop-down button appears. When you click the button, additional fields appear that allow you to either select a port or a range of ports:

• Port Number—Select this if you want to match a single port. Either type in a port number or select it from the list.
  
  
• Port Range—Select this if you want to match any port within the range. Either type in port numbers for the start and end ports, or select them from the lists. The From port must be smaller than the To port.
  
  

Leave Sender Port blank if you want the filter to match any sender port.

You cannot specify a sender port if you select IP for Protocol.

If the port you want is not in the drop-down list, type it into the field. For a list of port numbers, see RFC1700, "Assigned Numbers," at http://www.ietf.org/rfc/
rfc1700.txt.

Destination

The destination of the packet, if you are trying to identify traffic based on destination. When you click in the Destination field, a drop-down button appears. When you click the button, additional fields appear that allow you to delimit the type of destination.

The fields available depend on the selection in the Type field:

• Host Name—Select Host Name if you are specifying a specific machine or subnet. Enter the IP address or host name in the IP field. If you are specifying a subnet as the destination, enter the subnet mask in the Mask field.
  
  
• In Group—Select In Group if you are specifying the name of a host group you created in QPM. Select the name of a host group in the Group field. If the packet is going to any of the hosts defined in the group, it matches this filter condition. Click the ... button to create or edit host groups. See Working with Host Groups for more information.
  
  

Leave Destination blank if you want the filter condition to apply to all destinations.

If you enter a name without opening the expansion box, QPM assumes you are entering a single host name.

Dest. Port

The port that is the destination of the packet, if you are trying to identify traffic based on port. For example, 80 is the typical port used by web traffic. When you click in the Dest. Port field, a drop-down button appears. When you click the button, additional fields appear that allow you to either select a port or a range of ports:

• Port Number—Select this if you want to match a single port. Either type in a port number or select it from the list.
  
  
• Port Range—Select this if you want to match any port within the range. Either type in port numbers for the start and end ports, or select them from the lists. The From port must be smaller than the To port.
  
  

Leave Dest. Port blank if you want the filter to match any destination port.

You cannot specify a destination port if you select IP for Protocol.

If the port you want is not in the drop-down list, type it into the field. For a list of port numbers, see RFC1700, "Assigned Numbers," at http://www.ietf.org/rfc/
rfc1700.txt.

NBAR Properties tab

Contains fields to define filters based on network-based application recognition (NBAR) properties.

The fields in the NBAR Properties tab are described below.

This tab appears only for routers when the QoS Property defined on the interface is Class Based QoS and the software version supports NBAR.

You can leave this tab blank.

Protocol

The application protocol that produces the traffic flow. If the match criteria is Match ALL, then every packet must not only satisfy all the NBAR conditions, it must also satisfy one of the filter conditions. If your filter conditions are inconsistent with your NBAR properties, no traffic will satisfy the policy, and the policy will not be applied to any packets.

You cannot define more than one type of protocol when the match criteria is Match ALL.

When the match criteria is Match ALL, ensure that the filter conditions in the Filter Properties tab are generic enough to include the NBAR properties you define. For example, if your goal is to identify all RealAudio traffic and apply the policy to it, define RealAudio, then ensure that your only filter condition is TCP for protocol. Only RealAudio traffic will satisfy this combined filter-application condition.

Parameter

Protocol parameters for the selected protocol.

Value

Enter a value for the selected parameter.

Add button

Click to open the NBAR Properties dialog box, in which you can define a protocol to add to the NBAR properties filter.

Edit button

Click to open the NBAR Properties dialog box for the selected protocol in the NBAR properties filter.

Delete button

Click to delete the selected protocol from the NBAR properties filter.

IP RTP tab

Contains fields to define filtering by IP RTP ports.

This tab appears only for routers when the QoS Property defined on the interface is Class-based QoS, and the software version supports IP RTP priority with CBWFQ.

In these cases, IP RTP priority is not defined as an interface property. You can create a priority queue for the filtered voice traffic in the Queuing properties page. See Table B-26, Part 4.

Port Range

The range of UDP voice session destination ports:

• From—The lower value of UDP voice session destination port.
  
  
• To—The higher value of UDP voice session destination port.
  
  

Back button

Click this button to return to the previous page in the policy definition, if there is one.

Next button

Click this button to go to the next page in the policy definition, if there is one.

Finish button

Click this button to save the policy and close the policy definition wizard. You can only click Finish if all properties of the policy are valid.

Priority Properties

Select this check box to create a policy that directs traffic to a priority queue.

The QoS property for the interface must be Priority Queuing in order to create priority queuing policies.

Priority Level

The priority queue to which filtered traffic should be directed. These queues are serviced from the highest to lowest queue, with higher queues being emptied before lower queues are serviced, in this order:

1. High

2. Medium

3. Normal

4. Low

If there is no class default policy, unfiltered traffic is placed in the Normal queue.

Back button

Click this button to return to the previous page in the policy definition, if there is one.

Next button

Click this button to go to the next page in the policy definition, if there is one.

Finish button

Click this button to save the policy and close the policy definition wizard. You can only click Finish if all properties of the policy are valid.

Custom Queue

Select this check box to create a policy that creates a custom queue for the filtered traffic.

The QoS property for the interface must be Custom Queuing in order to create custom queuing policies.

Ratio

The percentage of the bandwidth to allocate to the traffic.

The value must be in increments of 5, and the total allocation for all custom queue policies on the interface or device group must not exceed 95%. The remaining 5% is used for unfiltered traffic.

Limit

The maximum number of packets that can be held in the queue, from 0 to 32767.

Back button

Click this button to return to the previous page in the policy definition, if there is one.

Next button

Click this button to go to the next page in the policy definition, if there is one.

Finish button

Click this button to save the policy and close the policy definition wizard. You can only click Finish if all properties of the policy are valid.

WRR Properties

Select this check box to create a policy that configures the weighted round-robin (WRR) queues used for the ports selected in the filter properties.

You can use WRR policies only on layer 3 switches (switch routers).

Queue Number and Weight

The weight for the four weighted round-robin (WRR) queues used on the layer 3 switch's egress ports. These weights are used when the port is congested. The layer 3 switch places packets in these queues based on the IP precedence value of the packet.

For Catalyst 8500 switches, the weight can be from 0 to 15. The sum of the weights for all queues on the interface should be 15. For other layer 3 switches, the weight can be from 1 to 4. The default weights, and the packets assigned to the queues, are:

• Queue 0—Weight 1; IP precedence 0, 1.
  
  
• Queue 1—Weight 2; IP precedence 2, 3.
  
  
• Queue 2—Weight 4 (8500), 3 (other); IP precedence 4, 5. Voice traffic typically falls into this queue.
  
  
• Queue 3—Weight 8 (8500), 4 (other); IP precedence 6, 7.
  
  

The weight implies a bandwidth for the queue, although the queue is not given an explicit bandwidth. The higher the weight, the higher the implied bandwidth. You can calculate the implied bandwidth using this equation:

where:

• W is the weight
  
  
• S is the sum of the weight on all active queues on the port
  
  
• B is the bandwidth for the port in Mbps
  
  
• n is the bandwidth for the queue in Mbps
  
  

For example, if the queue weight is 4, the sum of the queue weights is 15, and the bandwidth on the interface is 100 Mbps, the bandwidth for the queue is 26 Mbps.

Back button

Click this button to return to the previous page in the policy definition, if there is one.

Next button

Click this button to go to the next page in the policy definition, if there is one.

Finish button

Click this button to save the policy and close the policy definition wizard. You can only click Finish if all properties of the policy are valid.

CBWFQ Properties

Select this check box to create a policy that creates a queue for a class of traffic on a CBWFQ interface.

IOS supports up to 64 classes on a device.

The QoS property for the interface must be CBWFQ in order to create CBWFQ policies.

Drop Mechanism

The mechanism used to determine how packets are dropped when congestion occurs. Selections are:

• Tail—With tail drop, all packets are queued together, and when the queue is full all packets are dropped until there is room in the queue.
  
  
• WRED—With WRED drop, packets are queued according to IP precedence, and packets are dropped in a weighted manner based on precedence. WRED attempts to throttle traffic before the queue threshold is reached by dropping packets early on the assumption that the sender will reduce its transmission rate.
  
  

This field is disabled if you select the Priority check box.

Queue Limit

The maximum number of packets that can be held in the queue.

If you specify a limit, it can be from 1 to 64. The default is 64.

Available only if you select Tail for the drop mechanism.

WRED Weight

A factor used to determine the rate at which packets are dropped when traffic congestion occurs. The weight must be between 1 and 16. Use the default unless you determine a different factor is desirable.

• Advanced button—Click this button to configure advanced WRED properties as described in the "WRED Advanced Properties Dialog Box" section.
  
  

Available only if you select WRED for the drop mechanism. See the IOS software documentation for more information on the WRED weighting factor.

Bandwidth

The percentage of the bandwidth to allocate to the traffic. This is the minimum bandwidth the class receives during times of congestion. It also implies a weight for the queue, which is used in WFQ processing to fairly weight the packets in the queue for transmission.

For interfaces on non-VIP cards, IOS supports bandwidth from 1 to 75.

For interfaces on VIP cards, IOS supports bandwidth from 1 to 99.

The bandwidth must be a whole number. The total bandwidth allocated for all class policies on an interface must be equal to or less than 75 (for non-VIP interfaces) or 99 (for VIP interfaces).

However, you can use the max-reserve-bandwidth command to change the maximum allocatable bandwidth.

Priority

Select this check box to place the traffic in a strict priority queue (LLQ). Use this option to give priority to voice and other real-time traffic.

WFQ

Select this to use WFQ processing for traffic that does not belong to another class. One of the following fields is displayed:

• Number of Queues—The number of hashed queues to be reserved for the default class policy. Traffic that ends up in the default class is placed in one of these queues and serviced using WFQ. The number can be from 16 to 4096. There is no default. This field is displayed for unclassified traffic on VIP or non-VIP interfaces.
  
  
• Individual Queue Limit—The limit on the number of packets that can be held in each queue after the queue limit (for Tail drop) is reached. If a queue has exceeded the individual limit during a congestion event, packets are not dropped from the queue, but additional packets are not added until the queue is beneath the individual limit. The limit can be from 1 to 32768. This field is displayed for filtered traffic on VIP cards.
  
  

The WFQ setting is available when you select Class based for QoS property, and Unclassified (class-default) in the filter page, or on VIP cards.

Back button

Click this button to return to the previous page in the policy definition, if there is one.

Next button

Click this button to go to the next page in the policy definition, if there is one.

Finish button

Click this button to save the policy and close the policy definition wizard. You can only click Finish if all properties of the policy are valid.

Coloring Properties

Select this check box to create a policy that sets the IP precedence value for packets that match the policy filter.

Coloring Mechanism

The classification method: IP Precedence or DSCP or trust (on Catalyst 6000 switches only).

This field only appears on router interfaces with certain IOS versions and on Catalyst 6000 switches. On Catalyst 6000 switches, you can color by trust. This means that you can trust the existing IP precedence or DSCP values on the incoming traffic that matches the policy filter.

Precedence

The IP precedence value to be assigned to packets that match the policy filter.

If you click Advanced, the value in this field is ignored, and the Conform Priority and Exceed Priority values are used instead.

DSCP

The DSCP value to be assigned to packets that match the policy filter.

This field appears when you select DSCP as the coloring mechanism.

If you click Advanced, the value in this field is ignored, and the Conform Priority and Exceed Priority values are used instead.

Port

For Catalyst 2900 and Catalyst 3500 devices. The IP precedence value to be assigned to packets coming through the port, that match the policy filter.

You can select IP precedence values from 0 to 7.

Trust Extension

For Catalyst 2900 and Catalyst 3500 devices. The IP precedence value to be assigned to packets that match the policy filter, at the extended trust boundary. In a VoIP network, the trust boundary of these devices is extended to the IP phone. In this way, you can ensure that voice traffic gets highest priority and that data from the PC gets lowest priority.

You can select IP precedence values from 0 to 7.

In addition, you can select the trust option to trust the existing IP precedence values on the incoming traffic.

Advanced button

Click this button to define a complex coloring action that takes advantage of committed access rate (CAR) classification.

The Advanced button only appears if the device and IOS software version supports CAR classification. These features are not available on Catalyst switches.

Rate

The target rate for the traffic that the policy covers in Kbps. If a traffic flow is lower than or equal to this rate, the policy applies your conforming action (that is, the traffic flow is conforming to your defined rate). If a traffic flow is greater than this rate, the policy applies your exceeding action. Thus, you can create different actions based on a specific level of service.

Available only if the device and IOS software version supports CAR classification.

The rate must be a multiple of 8.

Burst Size

Optionally, the amount of KB allowed to the traffic flow to accommodate bursty traffic. This defines how large the burst can be before some traffic is marked as exceeding the rate limit.

Available only if the device and IOS software version supports CAR classification.

The minimum burst size is the rate divided by 2000. The recommended burst size is greater than the normal rate, for example, if the rate is 10Mbps, a recommended burst size would be 10 to 20 Mbps.

Exceed Burst Size

Optionally, the amount of KB allowed to the traffic flow to accommodate bursty traffic in excess of the normal burst size. This defines how large the burst can be before all traffic is marked as exceeding the rate limit.

Available only if the device and IOS software version supports CAR classification.

The recommended exceed burst size is greater than the burst size, for example, if the burst size is 10 to 20 Mbps, the recommended exceed burst size would be 20 to 40 Mbps. If the exceed burst size is not larger than the burst size, the traffic gets no added benefit.

Conform Priority/DSCP Value

The IP precedence or DSCP value to be applied to traffic that conforms to the rate for the policy. Select None if you do not want to assign a priority to conforming flows.

• Continue—Select Continue to indicate that the device should examine subsequent policies for conforming flows after applying the conforming priority (if any). If a subsequent policy matches the flow, that policy is also applied to the flow.
  
  

Available only if the device and IOS software version supports CAR classification.

A common use of the Continue attribute is to classify several traffic flows with the same precedence, and then create a limiting statement that applies to traffic of that precedence.

Exceed Priority/DSCP Value

The IP precedence or DSCP value to be applied to traffic that exceeds the rate for the policy. Select None if you do not want to assign a priority to exceeding flows.

• Continue—Select Continue to indicate that the device should examine subsequent policies for exceeding flows after applying the exceeding priority (if any). If a subsequent policy matches the flow, that policy is also applied to the flow.
  
  

Available only if the device and IOS software version supports CAR classification.

A common use of the Continue attribute is to classify several traffic flows with the same precedence, and then create a limiting statement that applies to traffic of that precedence.

Back button

Click this button to return to the previous page in the policy definition, if there is one.

Next button

Click this button to go to the next page in the policy definition, if there is one.

Finish button

Click this button to save the policy and close the policy definition wizard. You can only click Finish if all properties of the policy are valid.

Trust Properties

Select this check box to create a policy that colors specific traffic by trust. This, in effect, overrides the port's trust setting for the traffic that matches the policy's filter. See Coloring on Catalyst 6000 Family Switches for further information.

Available only for Catalyst 6000 devices with Supervisor IOS.

Trust State

You have the option of trusting the IP precedence, CoS or DSCP settings on the selected traffic.

Back button

Click this button to return to the previous page in the policy definition, if there is one.

Next button

Click this button to go to the next page in the policy definition, if there is one.

Finish button

Click this button to save the policy and close the policy definition wizard. You can only click Finish if all properties of the policy are valid.

Shaping Properties

Select this check box to create a policy that bounds the bandwidth available for packets that match the policy filter.

Shaping policies do not form an absolute rate limit. If traffic flow exceeds the shaping limit, the device begins dropping packets to get the sender to lower its transmission rate. This only works with protocols like TCP, which respond to dropped packets by lowering the transmission rate.

Use a limiting policy if you want to create rigid rate limits.

Shaping Type

The shaping method: Average or Peak. When shape average is configured, the interface sends no more than the committed burst (Bc) for each interval. When shape peak is configured, the interface sends the committed burst (Bc) plus the excess burst (Be) bits in each interval

Only for dTS and GTS with CBWFQ on interfaces with modular CLI.

Rate

The target average rate for the traffic that the policy covers, in kilobits per second.

Burst Size

Optionally, the sustained number of kilobits that can be transmitted per interval over the interface.

The interval is determined by dividing the burst size by the rate. For example, if the rate is 128, and the burst size is 16, the interval is 0.125 seconds.

Exceed Burst Size

Optionally, the maximum number of kilobits in excess of the burst size that can be transmitted during the first interval when congestion occurs.

Adaptive Shaping

Select this to use traffic shaping adaptive mode. Adaptive shaping takes advantage of the forward explicit congestion notification (FECN) or backwards explicit congestion notification (BECN) to adjust the traffic descriptors, in order to approximate the rate to the available bandwidth along the path.

Appears only for Distributed Traffic Shaping (dTS) on VIP interfaces.

Rate

The rate for the traffic that the policy covers, in kilobits per second.

FECN

Used by adaptive shaping to adjust the traffic descriptors, in order to approximate the rate to the available bandwidth along the path.

Appears only for Distributed Traffic Shaping (dTS) on VIP interfaces.

Back button

Click this button to return to the previous page in the policy definition, if there is one.

Next button

Click this button to go to the next page in the policy definition, if there is one.

Finish button

Click this button to save the policy and close the policy definition wizard. You can only click Finish if all properties of the policy are valid.

Limiting Properties

Select this check box to create a policy that limits the bandwidth available for packets that match the policy filter.

Limiting rates are more rigid than shaping rates: when a rate limit is met, all packets over the rate are dropped, and there is no attempt to smooth the transmission rate. Shaping attempts to smooth the transmission rate by buffering traffic.

Rate

The target average rate, in Kbits per second, for the traffic that the policy covers. If a traffic flow is lower than or equal to this rate, the policy applies your conforming priority, if any, and transmits the traffic. If a traffic flow is greater than this rate, the traffic is dropped unless you specify burst sizes.

The rate must be a multiple of 8.

Burst Size

Optionally, the amount of KBytes allowed to the traffic flow to accommodate bursty traffic. This defines how large the burst can be before some traffic is marked as exceeding the rate limit.

The minimum burst size is the rate divided by 2000. The recommended burst size is greater than the normal rate, for example, if the rate is 1000 Kbps, a recommended burst size would be 1000 to 2000 KBytes.

Exceed Burst Size

Optionally, the amount of KBytes allowed to the traffic flow to accommodate bursty traffic in excess of the normal burst size. This defines how large the burst can be before all traffic is marked as exceeding the rate limit.

You must specify an exceed burst size if you specify a burst size.

The recommended exceed burst size is greater than the burst size, for example, if the burst size is 1000 to 2000 Kbps, the recommended exceed burst size would be 2000 to 4000 KBytes. If the exceed burst size is not larger than the burst size, the traffic gets no added benefit.

Coloring Mechanism

The classification method: IP precedence or DSCP.

This field only appears on router interfaces with Class-based defined as the QoS property.

Conform Priority/DSCP Value

The IP precedence or DSCP value to be applied to traffic that conforms to the rate for the policy. Select None if you do not want to assign a priority to conforming flows.

• Continue—Select Continue to indicate that the device should examine subsequent policies for conforming flows after applying the conforming priority.
  
  

Exceed Priority/DSCP Value

The IP precedence or DSCP value to be applied to traffic that exceeds the rate for the policy. Select None if you do not want to assign a priority to exceeding flows.

This field only appears on router interfaces with Class-based defined as the QoS property.

Back button

Click this button to return to the previous page in the policy definition, if there is one.

Next button

Click this button to go to the next page in the policy definition, if there is one.

Finish button

Click this button to save the policy and close the policy definition wizard. You can only click Finish if all properties of the policy are valid.

Limiting Properties

Select this check box to create a traffic policing policy that limits the bandwidth available for packets that match the policy filter.

Limiting Type

The type of flow for the limiting policy:

• Aggregate—The total flow on the interface.
  
  
• Microflow—An individual flow.
  
  
• Cross-int Aggregate—For device groups only. This is the total flow across the different interfaces in the device group.
  
  

Available only on Catalyst 6000 devices.

The maximum number of aggregate limiting policies you can create for a device is 1023.

The maximum number of microflow limiting policies you can create for a device is 63.

Rate

The target average rate for the traffic that the policy covers, in kilobits/second. Traffic that exceeds this rate, combined with the allowable burst size, is dropped.

The rate must be a multiple of 32, from 32 to 8000000 (8Gbps), or 0. Enter 0 to drop all selected traffic.

Burst Size

The maximum burst size for the traffic that the policy covers, in kilobytes. The burst size is used in combination with the rate to determine the drop threshold for the traffic.

The burst size must be from 1 to 32000.

Exceed Burst Size

For Catalyst 6000 devices with Supervisor IOS. Optionally, the amount of KBytes allowed to the traffic flow to accommodate bursty traffic in excess of the normal burst size. This defines how large the burst can be before all traffic is marked as exceeding the rate limit.

You must specify an exceed burst size if you specify a burst size.

The recommended exceed burst size is greater than the burst size, for example, if the burst size is 1000 to 2000 Kbps, the recommended exceed burst size would be 2000 to 4000 KBytes. If the exceed burst size is not larger than the burst size, the traffic gets no added benefit.

Limiting Mechanism

The classification method: IP precedence or DSCP.

Precedence/ DSCP

The IP precedence or DSCP value to be applied to traffic that does not conform to the rate for the policy.

Select None if you do not want to assign a priority to non-conforming flows.

Exceed Action

The action to be performed when the traffic exceeds the specified rate for the policy.

Markdown—Reduce the priority value of packets that exceed the specified rate. If you customized the markdown values in the DSCP Markdown Dialog Box, QPM uses these values.

Drop—Drop packets that exceed the specified rate.

Back button

Click this button to return to the previous page in the policy definition, if there is one.

Next button

Click this button to go to the next page in the policy definition, if there is one.

Finish button

Click this button to save the policy and close the policy definition wizard. You can only click Finish if all properties of the policy are valid.

Aggregate Limiting Properties

Select this check box to create a policy that limits the bandwidth available for packets that match the policy filter, for the total flow on the interface.

Limiting Mechanism

The classification method: IP precedence or DSCP.

Limiting Type

The type of flow for the limiting policy:

• Aggregate—The total flow on the interface
  
  
• Cross-int Aggregate—For device groups only. This is the total flow across the different interfaces in the device group.
  
  

The maximum number of aggregate limiting policies you can create for a device is 1023.

Rate

The target average rate, in Kbits per second, for the traffic that the policy covers. If the traffic flow is lower than or equal to this rate, the policy applies your conforming priority, if any, and transmits the traffic. If the traffic flow is greater than this rate, the traffic is dropped unless you specify burst sizes.

Burst Size

Optionally, the amount of KBytes allowed to the traffic flow to accommodate bursty traffic. This defines how large the burst can be before some traffic is marked as exceeding the rate limit.

The minimum burst size is the rate divided by 2000. The recommended burst size is greater than the normal rate, for example, if the rate is 1000 Kbps, a recommended burst size would be 1000 to 2000 KBytes.

Exceed Burst Size

Optionally, the amount of KBytes allowed to the traffic flow to accommodate bursty traffic in excess of the normal burst size. This defines how large the burst can be before all traffic is marked as exceeding the rate limit.

You must specify an exceed burst size if you specify a burst size.

The recommended exceed burst size is greater than the burst size, for example, if the burst size is 1000 to 2000 Kbps, the recommended exceed burst size would be 2000 to 4000 KBytes. If the exceed burst size is not larger than the burst size, the traffic gets no added benefit.

Note: This field does not appear if you are defining aggregate limiting on a device group of Catalyst 6000 devices with Supervisor IOS.

Conform Action

The action to be performed when the traffic conforms to the specified rate for the policy.

• IP precedence or DSCP priority—Select an IP precedence or DSCP value to determine the priority of conforming traffic.
  
  
• None—Select this if you do not want to apply an IP or DSCP priority value to conforming traffic.
  
  
• Drop—Select this if you want conforming packets to be dropped.
  
  

Exceed Action

The action to be performed when the traffic exceeds the specified rate for the policy.

None—No action.

Markdown—Reduce the priority value of packets that exceed the specified rate. If you customized the markdown values in the DSCP Markdown Dialog Box, QPM uses these values.

Drop—Drop packets that exceed the specified rate.

Back button

Click this button to return to the previous page in the policy definition, if there is one.

Next button

Click this button to go to the next page in the policy definition, if there is one.

Finish button

Click this button to save the policy and close the policy definition wizard. You can only click Finish if all properties of the policy are valid.

Microflow Limiting Properties

Select this check box to create a policy that limits the bandwidth available for packets that match the policy filter for the current single flow.

The maximum number of microflow limiting policies you can create for a device is 63.

Limiting Mechanism

The classification method: IP precedence or DSCP.

Rate

The target average rate, in Kbits per second, for the traffic that the policy covers. If a traffic flow is lower than or equal to this rate, the policy applies your conforming priority, if any, and transmits the traffic. If a traffic flow is greater than this rate, the traffic is dropped unless you specify burst sizes.

Burst Size

Optionally, the amount of KBytes allowed to the traffic flow to accommodate bursty traffic. This defines how large the burst can be before some traffic is marked as exceeding the rate limit.

The minimum burst size is the rate divided by 2000. The recommended burst size is greater than the normal rate, for example, if the rate is 1000 Kbps, a recommended burst size would be 1000 to 2000 KBytes.

Conform Action

The action to be performed when the traffic conforms to the specified rate for the policy.

• IP precedence or DSCP priority—Select an IP precedence or DSCP value to determine the priority of conforming traffic.
  
  
• None—Select this if you do not want to apply an IP or DSCP priority value to conforming traffic.
  
  
• Drop—Select this if you want conforming packets to be dropped.
  
  

Exceed Action

The action to be performed when the traffic exceeds the specified rate for the policy.

None—No action.

Markdown—Reduce the priority value of packets that exceed the specified rate. If you customized the markdown values in the DSCP Markdown Dialog Box, QPM uses these values.

Drop—Drop packets that exceed the specified rate.

Back button

Click this button to return to the previous page in the policy definition, if there is one.

Next button

Click this button to go to the next page in the policy definition, if there is one.

Finish button

Click this button to save the policy and close the policy definition wizard. You can only click Finish if all properties of the policy are valid.

Name

The names of existing QoS databases.

The databases reside on the machine running the QoS Manager service.

Modified

The last day and time the database was saved.

Size

The size of the database.

Description

The description for the database.

Database Name

The new name of the database currently open in Policy Manager.

Enter a new name for the database.

If you want to replace an existing database, select the database you want to replace from the list of existing databases.

Database Description

The description of the database.

You can enter a description for the database.

Delete button

Click this button to delete the selected database.

Precedence

The IP precedence value in the packet, or RSVP if it is part of an RSVP flow. You can define threshold values for any of these precedence values. If you enter settings for a precedence, you must fill in all cells in the row for that precedence.

You can leave any combination of rows blank. Precedence values that do not have settings are handled using default values.

If the interface resides on a VIP card, the RSVP row is not shown.

The default WRED settings should be adequate for your needs. Only change them if you determine the change would benefit your network.

Min Threshold

The minimum number of packets held in the queue. When the average queue length falls between the minimum and maximum thresholds, packets are dropped based on the probability denominator. If the average queue size is lower than the minimum threshold, all packets are queued.

The minimum threshold in QPM can be from 1 to 4096. The default minimum threshold for precedence 0 is half the maximum threshold. The default minimums for the remaining values fall at even intervals between this value and the max threshold.

The average queue size is based on the current size of the queue, the last calculated average queue size, and the WRED weighting factor for the interface. See the IOS software documentation for the exact formula.

Max Threshold

The maximum threshold for the queue. When the average queue length exceeds the maximum threshold, all new packets for the queue are dropped until the queue drops below the max threshold.

The maximum threshold must be larger than the minimum threshold up to 4096. The default is based on the output buffer capacity of the device and the speed of the interface.

Probability Denominator

The denominator for the number of packets that are dropped if the queue length reaches the minimum threshold. The higher the denominator, the fewer packets are dropped from the queue.

The probability denominator can be from 1 to 65556. The default is 10, that is, one packet in every 10 is dropped from a queue once the maximum threshold is reached.

The higher you set the probability denominator, the higher the chance that the maximum threshold will be reached.