From the blog.

Managing Digital Racket
The more I tune out, the less I miss it. But that has presented me with some complex choices for a nuanced approach to curb
Complexity – My Friend, My Enemy
Over my years of network engineering, I've learned that the fewer features you can implement while still achieving a business goal, the better. Why? Fewer

OECG – Chapter 14

389 Words. Plan about 2 minute(s) to read this.

Cisco created their “Modular QoS CLI” or MQC in an attempt to bring order to the plethora of different QoS tools that had been developed over time. In nutshell, MQC allows you to classify packets with class-maps, mark and queue packets with policy-maps, and put a defined policy into action by applying a service-policy to an interface. MQC tools begin with the term “Class-Based”, abbreviated CB.

  • CLASS-MAP = called by a policy-map; identified certain kinds (classes) of traffic.
  • POLICY-MAP = called by a service-policy; tell the router what it will do with the identified traffic (queue it, mark it) once the policy is turned on.
  • SERVICE-POLICY = applied to an interface; turns the policy map on.

Classifying Packets Using Class Maps

  • The names of class-maps are case sensitive.
  • Inside of a class map, you use “match” commands of various kinds to match QoS fields, ACLs and MAC addresses.
  • “match any” means just that – all packets will be matched.
  • “ip cef” must be enabled to do class-based marking.
  • You can match multiple items in a list with the “match-all” keyword in the class-map command (AND). Conversely, you can match one or more items in a list with the “match-any” keyword in the class-map command (OR).
  • The “match cos” command can match up to 4 CoS values.
  • The “match precedence” command can match up to 4 IPP values.
  • The “match dscp” command can match up to 8 DSCP codes.
  • The “match class” command allows you to match another classes, allowing you to thus nest match commands inside of other ones.
  • The “match protocol” command is special – it means that IOS is to use Network Based Application Recognition (NBAR) to do the match.
    • NBAR allows you to match packets beyond simple port numbers. The power of NBAR lies in its intelligent packet inspection engine that allows it to recognize complex protocols that may use several ports, or randomly designated ports.
      • RTP uses even-numberd UDP ports from 16,384 to 32,768 with odd-numbered ports used for call control. NBAR knows the difference between the 2, allowing you to classify voice traffic separately from control traffic.
      • NBAR knows various Citrix protocols.
      • NBAR can parse HTTP headers, host names and MIME types via regex.
      • NBAR can recognize P2P apps based on gnutella.
    • NBAR can also perform layer 7 “deep packet inspection”, examining packet payloads.
    • NBAR can statistically track traffic types and corresponding volumes.