View
214
Download
0
Tags:
Embed Size (px)
Citation preview
1© 2006 Cisco Systems, Inc. All rights reserved.
NJEDge.NetDRG/VRG Video QoS
NEXT GENERATION NETWORK
Walter King [email protected] Account System Engineer
222© 2006 Cisco Systems, Inc. All rights reserved.
Agenda
• QoS Technologies Review
• NJEDGE Model
333© 2006 Cisco Systems, Inc. All rights reserved.
QoS Technologies Review
• QoS overview
• Classification Tools
• Scheduling Tools
• Policing and Shaping Tools
• CAC - Call Admission control
444© 2006 Cisco Systems, Inc. All rights reserved.
Different Types of Traffic Have Different Needs
Application Examples
Sensitivity
Delay JitterPacket Loss
Interactive Voice and
VideoY Y Y
Streaming Video
N Y Y
Transactional/ Interactive
Y N N
Bulk Data Email File Transfer
N N N
• Real-time applications especially sensitive
Interactive voice
Videoconferencing
• Causes of degraded performance
Congestion
Convergence
Peak traffic load
Link speed & capacity differences
Set application service level objectives
555© 2006 Cisco Systems, Inc. All rights reserved.
Video QoS RequirementsProvisioning for Interactive Video
• Latency ≤ 150 ms
• Jitter ≤ 30 ms
• Loss ≤ 1%
• Minimum priority bandwidth guarantee required is
Video-stream + 10–20%
e.g., a 384 kbps stream could require up to 460 kbps of priority bandwidth
• CAC must be enabled
VideoOne-Way
Requirements
• Bursty
• Drop sensitive
• Delay sensitive
• UDP priority
666© 2006 Cisco Systems, Inc. All rights reserved.
“P” and “B” Frames128–256 Bytes
“I” Frame1024–1518
Bytes
“I” Frame1024–1518
Bytes
15pps
30pps
450Kbps
32Kbps
Video QoS RequirementsVideo Conferencing Traffic Example (384 kbps)
• “I” frame is a full sample of the video
• “P” and “B” frames use quantization via motion vectors and prediction algorithms
777© 2006 Cisco Systems, Inc. All rights reserved.
Video QoS RequirementsVideo Conferencing Traffic Packet Size Breakdown
65–128 Bytes 1%
129–256 Bytes 34%513–1024 Bytes
20%
1025–1500 Bytes 37%
257–512 Bytes 8%
888© 2006 Cisco Systems, Inc. All rights reserved.
Remote Sites1000M
CentralSite
METRO-E Frame Relay, ATM
10M
20M
30M
50M
100M
Result:Buffering = Delay or Dropped Packets
Problems in non-CoS Network Scenario
Central to Remote Site Speed Mismatch
Remote to Central Site Over-subscription
Predictable (contractual) sharing of bandwidth
999© 2006 Cisco Systems, Inc. All rights reserved.
Quality of Service OperationsHow Do QoS Tools Work?
Classification and Marking
Queuing and (Selective) Dropping
Post-Queuing Operations
101010© 2006 Cisco Systems, Inc. All rights reserved.
QoS Technologies Review
• QoS overview
• Classification Tools
• Scheduling Tools
• Policing and Shaping Tools
• CAC - Call Admission control
111111© 2006 Cisco Systems, Inc. All rights reserved.
Classification ToolsEthernet 802.1Q Class of Service
• 802.1p user priority field also called Class of Service (CoS)
• Different types of traffic are assigned different CoS values
• CoS 6 and 7 are reserved for network use
TAG4 Bytes
Three Bits Used for CoS(802.1p User Priority)
Data FCSPTSADASFDPream. Type
802.1Q/pHeader
PRI VLAN IDCFI
Ethernet Frame
1
2
3
4
5
6
7
0 Best Effort Data
Bulk Data
Critical Data
Call Signaling
Video
Voice
Routing
Reserved
CoS Application
121212© 2006 Cisco Systems, Inc. All rights reserved.
Classification ToolsIP Precedence and DiffServ Code Points
• IPv4: three most significant bits of ToS byte are called IP Precedence (IPP)—other bits unused
• DiffServ: six most significant bits of ToS byte are called DiffServ Code Point (DSCP)—remaining two bits used for flow control
• DSCP is backward-compatible with IP precedence
7 6 5 4 3 2 1 0
ID Offset TTL Proto FCS IP SA IP DA DataLenVersion Length
ToSByte
DiffServ Code Point (DSCP) IP ECN
IPv4 Packet
IP Precedence UnusedStandard IPv4
DiffServ Extensions
131313© 2006 Cisco Systems, Inc. All rights reserved.
Payload
Label Header
Label Header
Label Stack Layer-2 Header
Classification ToolsMPLS EXP Bits
• Packet class and drop precedence inferred from EXP (three-bit) field
• RFC3270 does not recommend specific EXP values for DiffServ PHB (EF/AF/DF)
• Used for frame-based MPLS
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Label EXP S TTL
MPLS Shim Header
EXP
Frame Encapsulation
3 2 1 0
MPLS EXP S
141414© 2006 Cisco Systems, Inc. All rights reserved.
Classification ToolsDSCP Per-Hop Behaviors
• IETF RFCs have defined special keywords, called Per-Hop Behaviors, for specific DSCP markings
• EF: Expedited Forwarding (RFC3246)(DSCP 46)
• CSx: Class Selector (RFC2474)Where x corresponds to the IP Precedence value (1–7)
(DSCP 8, 16, 24, 32, 40, 48, 56)
• AFxy: Assured Forwarding (RFC2597)Where x corresponds to the IP Precedence value (only 1–4 are used for AF Classes)
And y corresponds to the Drop Preference value (either 1 or 2 or 3)
With the higher values denoting higher likelihood of dropping
(DSCP 10/12/14, 18/20/22, 26/28/30, 34/36/38)
• BE: Best Effort or Default Marking Value (RFC2474)(DSCP 0)
151515© 2006 Cisco Systems, Inc. All rights reserved.
Classification ToolsNetwork-Based Application Recognition
• Identifies over 90 applications and protocols TCP and UDP port numbers
Statically assigned
Dynamically assigned during connection establishment
• Non-TCP and non-UDP IP protocols
• Data packet inspection for matching values
ToS SourceIP Addr
DestIP Addr
SrcPort Sub-Port/Deep Inspection
DstPort
Protocol
TCP/UDP Packet Data AreaIP Packet
Stateful and Dynamic Inspection
161616© 2006 Cisco Systems, Inc. All rights reserved.
• 4-GB Ethernet interfaces• System bypass mechanism• Deep Packet Inspection for up to 2 million
concurrent unidirectional application flows• Up to 4Gbps throughput• Up to 80,000 concurrent subscribers• Support for redundant topologies• FRU AC or DC power supplies/fans• Redundant management interfaces
SCE 2000 Series
• 2-GB Ethernet interfaces• System bypass mechanism• Deep Packet Inspection for up to 2 million
concurrent unidirectional application flows• Up to 2Gbps throughput• Up to 40,000 concurrent subscribers• FRU AC or DC power supplies/fans• Redundant management interfaces
SCE 1000 Series
Cisco Service Control EngineTraffic Shaper (All QoS Tools)
State of the Art Performance and Carrier-grade Reliabilty
171717© 2006 Cisco Systems, Inc. All rights reserved.
Traffic Reports
Bi-Directional Bandwidth per Video Service
Global Concurrent Session per VoIP/Video Service
Global HourlyCall Minutes per VoIP/Video Service
Hourly SIP/H323Top Talkers
Top SIPDomains by Volume
UnderstandUsage Trends of VoIP
Service and Other Offerings
Voice Experience Reports(Part of 3.0.X)
181818© 2006 Cisco Systems, Inc. All rights reserved.
Top SIPDomains by Volume
Voice Experience Reports(Part of 3.0.X)
Voice Reports—Example
Bi-Directional Bandwidth per VoIP Service
Global Concurrent Session per VoIP Service
Global HourlyCall Minutes per VoIP Service
Hourly SIPTop Talkers
Example—Call Minutes Usage
My Broadband Customers Are Using Skype for 500min of Call Time per Hour…
191919© 2006 Cisco Systems, Inc. All rights reserved.
QoS Technologies Review
• QoS overview
• Classification Tools
• Scheduling Tools
• Policing and Shaping Tools
• CAC - Call Admission control
202020© 2006 Cisco Systems, Inc. All rights reserved.
Scheduling ToolsQueuing Algorithms
• Congestion can occur at any point in the network where there are speed mismatches
• Routers use Cisco IOS-based software queuing
Low-Latency Queuing (LLQ) used for highest-priority traffic (voice/video)
Class-Based Weighted-Fair Queuing (CBWFQ) used for guaranteeing bandwidth to data applications
• Cisco Catalyst switches use hardware queuing
Voice
Video
Data 33
2 2
1 1
212121© 2006 Cisco Systems, Inc. All rights reserved.
Time
Bandwidth Utilization100%
Tail Drop
Three Traffic Flows Start at Different Times
Another Traffic FlowStarts at This Point
TCP Global Synchronization: The Need for Congestion Avoidance
• All TCP flows synchronize in waves
• Synchronization wastes available bandwidth
222222© 2006 Cisco Systems, Inc. All rights reserved.
312302021201
TAIL DROP
3
3
3
WRED
01
0
1
0
3
Queue
Scheduling ToolsCongestion Avoidance Algorithms
• Queueing algorithms manage the front of the queue Which packets get transmitted first
• Congestion avoidance algorithms manage the tail ofthe queue
Which packets get dropped first when queuing buffers fill
• Weighted Random Early Detection (WRED)WRED can operate in a DiffServ-compliant mode
Drops packets according to their DSCP markings
WRED works best with TCP-based applications, like data
232323© 2006 Cisco Systems, Inc. All rights reserved.
Scheduling ToolsDSCP-Based WRED Operation
AverageQueueSize
100%
0
DropProbability
BeginDropping
AF13
Drop AllAF11
Max QueueLength
(Tail Drop)
Drop AllAF12
Drop AllAF13
BeginDropping
AF12
BeginDropping
AF11
50%
AF = (RFC 2597) Assured Forwarding
242424© 2006 Cisco Systems, Inc. All rights reserved.
Congestion Avoidance
• IP header Type of Service (ToS) byte
• Explicit Congestion Notification (ECN) bits
ECT Bit:ECN-Capable Transport
CE Bit:Congestion Experienced
7 6 5 4 3 2 1 0
ID Offset TTL Proto FCS IP SA IP DA DataLenVersionLength
ToSByte
DiffServ Code Point (DSCP) CE
IPv4 Packet
ECT
RFC3168: IP Explicit Congestion Notification
252525© 2006 Cisco Systems, Inc. All rights reserved.
QoS Technologies Review
• QoS overview
• Classification Tools
• Scheduling Tools
• Policing and Shaping Tools
• CAC - Call Admission control
262626© 2006 Cisco Systems, Inc. All rights reserved.
Policing ToolsRFC 2697 Single Rate Three Color Policer
Action Action
Overflow
B<Tc B<Te
Conform Exceed Violate
CBS EBS
CIR
Yes Yes
No No
Action
Packet ofSize B
272727© 2006 Cisco Systems, Inc. All rights reserved.
Policing ToolsRFC 2698 Two Rate Three Color Policer
ActionAction
B>Tp B>Tc
ExceedViolate
PBS CBS
PIR
Yes Yes
No No
Conform
Action
Packet ofSize B
CIR
282828© 2006 Cisco Systems, Inc. All rights reserved.
Traffic Shaping
• Policers typically drop traffic
• Shapers typically delay excess traffic, smoothing bursts and preventing unnecessary drops
• Very common on Non-Broadcast Multiple-Access (NBMA) network topologies such as Frame Relay and ATM
With Traffic Shaping
Without Traffic ShapingLineRate
ShapedRate
Traffic Shaping Limits the Transmit Rate to a Value Lower Than Line Rate
292929© 2006 Cisco Systems, Inc. All rights reserved.
QoS Technologies Review
• QoS overview
• Classification Tools
• Scheduling Tools
• Policing and Shaping Tools
• CAC - Call Admission Control
303030© 2006 Cisco Systems, Inc. All rights reserved.
Introduction Why Is Call Admission Control (CAC) Needed?
PSTN
Circuit-Switched Networks
Packet-Switched Networks
PBX
PhysicalTrunks
STOP
IP WANLink
IP WAN Link’s LLQ Is Provisioned for Two Calls (Equivalent to Two “Virtual” Trunks)
Third CallRejected
No Physical Limitation on IP Links; Third Call Can Go Through, but Voice Quality of All Calls Degrades Call Admission Control Blocks Third Call
IP WAN
Router/Gateway
CallManager
313131© 2006 Cisco Systems, Inc. All rights reserved.
Gatekeeper Zones Basics
• Cisco IOS feature, based on H.323 RAS protocol
• Can be used between Cisco CallManager clusters, H.323 gateways and H.323 endpoints
• Provides CAC using concept of zones and associated bandwidth counters
• Static configuration approach limits supported topologies (mainly hub-and-spoke)
gatekeeper zone local A abc.com 10.10.10.10 zone local B abc.com zone remote C abc.com 10.10.20.20 zone remote D abc.com bandwidth interzone zone A 384 bandwidth interzone zone B 256 bandwidth remote 512
GK
323232© 2006 Cisco Systems, Inc. All rights reserved.
GK 1’s Local Zones
GK 1
GK 2’s Local Zones
GK 2
Zone BZone A Zone DZone C
.
Gatekeeper ZonesZone Concept
Zones
A Logical Representation of a Physical Location
GatekeeperA Physical Device
GatekeeperA Physical Device
GKGK
333333© 2006 Cisco Systems, Inc. All rights reserved.
Zone BZone A
Zone DZone C
Gatekeeper ZonesBandwidth Configuration
GK 1’s Local Zones
GK 1
GK 2’s Local Zones
GK 2GK GK
Bandwidth Remote“bandwidth bandwidth remoteremote max-bwmax-bw”The Total Bandwidth Allowed in/out of the Physical GK
“bandwidth bandwidth interzoneinterzone zone zone xyz xyz max-bw max-bw” This Is the Total Bandwidth Allowed in/out of the Zone
“bandwidthbandwidth totaltotal zonezone xyz max-bwxyz max-bw”The Total Bandwidth Allowed Within a Zone as Well as in/out of the Zone
“bandwidth bandwidth sessionsession zone zone xyz max-bwxyz max-bw “This Is the Maximum Bandwidth Allowed per Session
343434© 2006 Cisco Systems, Inc. All rights reserved.
GK2Remote = 48K In Use = 0
Zone CInterZone = 32K In Use = 0Total = 32K In Use = 0
Zone DInterZone = 32K In Use = 0Total = 32K In Use = 0
Session = 16K
GK1Remote = 32K In Use = 0
Zone AInterZone = 32K In Use = 0Total = 48K In Use = 0
Zone BInterZone = 48K In Use = 0Total = 48K In Use = 0
Session = 16K
161632
1616
Gatekeeper ZonesBandwidth Calculations
Zone BZone A
Zone DZone C
GK 1’s Local Zones GK 2’s Local Zones
Blue Text Represents Configured Bandwidth
Assume Requested Bandwidth for Each Call Equals 16K
GK 1 GK 2GK GK
16
3248
16
00
1616
32
3248
3232
32
1616X
353535© 2006 Cisco Systems, Inc. All rights reserved.
Gatekeeper ZonesBandwidth Provisioning
Gatekeeper L3 Bandwidth L2 Bandwidth(Frame Relay)
G.711 Audio
128 Kbps(64K x 2)
80 Kbps(64K + Header)
81.6 Kbps(80K + L2 Hdr)
G.729 Audio
16 Kbps(8K x 2)
24 Kbps(8K + Header)
25.6 Kbps(24K + L2 Hdr)
384K Video
768 Kbps(384K x 2)
420 Kbps(384K + est. L2/L3 Headers)
Provision LLQ PQwith These Values
For More Details, Refer to the QoS SRND and IP Telephony SRND at: www.cisco.com/go/srnd
363636© 2006 Cisco Systems, Inc. All rights reserved.
Agenda
• QoS Technologies Review
• NJEDGE Model
FANSTATUS
1
2
3
4
5
6
7
8
9
Power Supply 1 Power Supply 2
Catalyst 6500 SERIES
FLEXWAN MODULE
WS-X6182-2PA
STATUSSPA-2XOC3-ATM SPA-2XOC3-ATM
WS-X6704-10GE
4 PORT 10 GIGABIT ETHERNET
PORT1
TX RX
PORT2
TX RX
PORT3
TX RX
PORT4
TX RX
FIREWALL SERVICES MODULE
DO NOT REMOVE CARD WHILESTATUS LED IS GREEN OR
DISK CORRUPTION MAY OCCUR
WS-SVC-FWM-1
SHUTDOWN
-48 V TO -60 V80 A
Cisco Systems, Inc.Switch must be in off "O" position to Install/Remove power supply.Fastener must be fully enaged prior to operating power supply.
INPUTOK
FANOK
OUTPUTFAIL
WS-SUP720-3BXL
SUPERVISOR 720 WITH INTEGRATED SWITCH FABRIC/PFC3BXL
EJECT
DISK 0
EJECT
DISK 1
CONSOLE PORT 2
PORT 1
WS-X6724-SFP24 PORT GIGABIT ETHERNET SFP
STATUS
1 2 3 4 21 22 23 2417 18 19 2013 14 15 169 10 11 125 6 7 8
FLEXWAN MODULE
WS-X6182-2PA
STATUS
SPA-2XOC3-ATM
-48 V TO -60 V80 A
Cisco Systems, Inc.Switch must be in off "O" position to Install/Remove power supply.Fastener must be fully enaged prior to operating power supply.
INPUTOK
FANOK
OUTPUTFAIL
SPA-2XOC3-ATM
FIREWALL SERVICES MODULE
DO NOT REMOVE CARD WHILESTATUS LED IS GREEN OR
DISK CORRUPTION MAY OCCUR
WS-SVC-FWM-1
SHUTDOWN
WS-SUP720-3BXL
SUPERVISOR 720 WITH INTEGRATED SWITCH FABRIC/PFC3BXL
EJECT
DISK 0
EJECT
DISK 1
CONSOLE PORT 2
PORT 1
FANSTATUS
1
2
3
4
5
6
7
8
9
Power Supply 1 Power Supply 2
Catalyst 6500 SERIES
FLEXWAN MODULE
WS-X6182-2PA
STATUSSPA-2XOC3-ATM SPA-2XOC3-ATM
WS-X6704-10GE
4 PORT 10 GIGABIT ETHERNET
PORT1
TX RX
PORT2
TX RX
PORT3
TX RX
PORT4
TX RX
FIREWALL SERVICES MODULE
DO NOT REMOVE CARD WHILESTATUS LED IS GREEN OR
DISK CORRUPTION MAY OCCUR
WS-SVC-FWM-1
SHUTDOWN
-48 V TO -60 V80 A
Cisco Systems, Inc.Switch must be in off "O" position to Install/Remove power supply.Fastener must be fully enaged prior to operating power supply.
INPUTOK
FANOK
OUTPUTFAIL
WS-SUP720-3BXL
SUPERVISOR 720 WITH INTEGRATED SWITCH FABRIC/PFC3BXL
EJECT
DISK 0
EJECT
DISK 1
CONSOLE PORT 2
PORT 1
WS-X6724-SFP24 PORT GIGABIT ETHERNET SFP
STATUS
1 2 3 4 21 22 23 2417 18 19 2013 14 15 169 10 11 125 6 7 8
WS-SUP720-3BXL
SUPERVISOR 720 WITH INTEGRATED SWITCH FABRIC/PFC3BXL
EJECT
DISK 0
EJECT
DISK 1
CONSOLE PORT 2
PORT 1
WS-X6724-SFP24 PORT GIGABIT ETHERNET SFP
STATUS
1 2 3 4 21 22 23 2417 18 19 2013 14 15 169 10 11 125 6 7 8
FLEXWAN MODULE
WS-X6182-2PA
STATUS
SPA-2XOC3-ATM
-48 V TO -60 V80 A
Cisco Systems, Inc.Switch must be in off "O" position to Install/Remove power supply.Fastener must be fully enaged prior to operating power supply.
INPUTOK
FANOK
OUTPUTFAIL
SPA-2XOC3-ATM
FIREWALL SERVICES MODULE
DO NOT REMOVE CARD WHILESTATUS LED IS GREEN OR
DISK CORRUPTION MAY OCCUR
WS-SVC-FWM-1
SHUTDOWN
I2 10,000 Routes NJEDGEI1 Routes NJEDGE-DC Routes
Block Internet Block DC to I1
Halsey 6500- Router Halsey 6500-2 RouterInternet2 (I2) MBGP
Magpi Router
Internet (I1) Verizon Router
SES link #1
EBGP/MBGPEBGP/MBGP
EBGP/MBGP
Institution Template1
IBG
P
Layer2 VLAN
NJEDGE AS21976
NJ EDGE QoS INTERCONNECTFull MPLS GRT DESIGN 2 Dual Rate Policer and
Traffic Shaping from Core to SES
MAGPI AS10466
MCI AS107
NJIT AS4246
NJEDGE AS21976
10G EtherchannelMPLS LDP Path
I2 10,000 Routes I1 240,000 NJEDGEI1 I1 Default NJEDGEI1 ** NJEDGE-CORE ** NJEDGE-DC NJEDGE-SEG Block I2 <-> I1
Policer CIR Policer PIR
Policer CIR
EVC Shaper CIR
EVC Shaper CIR
Egress MAP DSCP to COSEgress CBWFQ/Queueing and WRR
Ingress CLASSIFY and MARKIngress Map IPPrec to DSCP
SIP MODULE Gig Port….Egress MAP DSCP to COSEgress Queueing and WRRIngress Remap CHK DSCP
Ingress Classify IP DSTIngress MAP to DSCP Ingress No TrustIngress Dual Rate P Per InstitutionIngress Dual Rate Mark PIR Discard Elig.Egress Single Rate P Per InstitutionEgress Police per IP SRC
NO QOS ToolsExcept Trust
1G EtherchannelMPLS LDP Path
Policer CIR
Policer CIR
Ingress Classify IP L4Ingress MAP IP DST to DSCP Ingress No TrustIngress Single Rate P Agg SEGPEgress Single Rate P Agg SEGP
NO QOS ToolsExcept Trust
SES link #2
QoS Same as Link #1Institution Template2
QoS Same as Link #1
INST.. AS65XXX 1G Ethernet Trunk
383838© 2006 Cisco Systems, Inc. All rights reserved.
SES EVC VLAN
Internet
Purchased Rate Policed Rate
Inherited SubRates Based on Usage
Traffic Classes
Internet2
NJEDge Video
Extranet Other
SES EVC VLAN
InternetPurchased Class
Best EffortPoliced Rate
Purchased Rate Policed Rate
Inherited SubRates Based on Usage
Traffic Classes
Internet2
NJEDge Video
Purchased Class Priority DataPoliced Rate
Extranet Other
Class Marking 2
Class Marking 0
EVC FullPoliced Rate
EVC FullPoliced Rate
Purchased Class Best Effort
Policed Rate
Purchased Class Priority DataPoliced Rate
Class Marking 0
Class Marking 2
SES EVC RATES and CLASSES TODAY
RATE GROUPI NG:
1 Mbit2 Mbit3 Mbit
.
.10 Mbit20 Mbit30 Mbit
.
.
.100 Mbit200 Mbit300 Mbit
.1000 Mbit
CLASSES:· Real Time · Priority Data· Best Eff ort
393939© 2006 Cisco Systems, Inc. All rights reserved.
Classifying Traffic from Internal Network
ip access-list extended njedge-allother-traffic permit ip any anyip access-list extended mc-control-acl permit ip any 224.0.0.0 15.255.255.255ip access-list extended njedge-VoIP permit udp any any range 16384 32768ip access-list extended njedge-h323-VC permit tcp any any eq 1720 permit udp any any eq 1719 permit tcp any any eq 1719 permit udp any any eq 1718 permit ip host 155.246.1.10 any permit tcp any any eq 1718
class-map match-any in-EF match ip dscp ef match ip precedence 5 match access-group name njedge-VoIPclass-map match-all in-CS4 match access-group name mc-control-aclclass-map match-any in-af41 match ip precedence 4 match access-group name njedge-h323-VCclass-map match-all in-best-effort match access-group name njedge-allother-traffic
Applying Classification from Internal Network
policy-map in-SETDSCP class in-EF set ip dscp ef class in-af41 set ip dscp af41 class in-CS4 set ip dscp cs4 class in-best-effort set ip dscp default
!interface GigabitEthernet0/3 ip address 155.246.1.1 255.255.255.0 ip pim sparse-mode load-interval 30 duplex auto speed auto media-type rj45 no negotiation autoservice-policy input in-SETDSCP
IOS RouterEdge
•Interface GigabitEthernet0/3 •Interface GigabitEthernet0/0
1
2
Video1ToS = 4 802.1p=0
Video1ToS = 4 802.1p=0
HTTPToS = 0 802.1p=0
HTTPToS = 0 802.1p=0
Video2ToS = 0 802.1p=0
Video2ToS = 0 802.1p=0
•Packets
404040© 2006 Cisco Systems, Inc. All rights reserved.
Classifying Traffic out to SES
class-map match-all out-ROUTING match ip dscp cs6 class-map match-all out-VOICE match ip dscp ef class-map match-any out-INTERACTIVE-VIDEO match ip dscp af41 af42 af43 match precedence 4 class-map match-all out-STREAMING-VIDEO match ip dscp cs4 class-map match-any out-DEFAULT-BEST-EFFORT match ip dscp default
policy-map SCHOOL-EDGE-TWO-CLASS-SES class out-ROUTING bandwidth percent 1 set cos 2 class out-VOICE priority percent 4 set cos 2 class out-INTERACTIVE-VIDEO priority percent 12 set ip dscp cs4 set cos 2class out-STREAMING-VIDEO set cos 0 class out-DEFAULT-BEST-EFFORT bandwidth percent 83 random-detect set cos 0
Applying Classification on to SES Interface
policy-map SHAPE-PARENT class class-default shape average percent 4 service-policy SCHOOL-EDGE-TWO-CLASS-SES
Interface GigabitEthernet0/2 no ip address load-interval 30 duplex auto speed auto media-type rj45 no negotiation auto!interface GigabitEthernet0/2.93 description to CORE (I1) NJEDGEI1 VRF encapsulation dot1Q 93 ip address 130.156.250.94 255.255.255.252 ip pim sparse-mode no snmp trap link-status service-policy output SHAPE-PARENT
IOS RouterEdge
•Interface GigabitEthernet0/3 •Interface GigabitEthernet0/2.93
34
Video1DSCP=af41
802.1p=2
Video1DSCP=af41
802.1p=2
HTTPDSCP = 0 802.1p=0
HTTPDSCP = 0 802.1p=0
Video2DSCP = af41
802.1p=2
Video2DSCP = af41
802.1p=2•Packets
414141© 2006 Cisco Systems, Inc. All rights reserved.
DESIGNPhase I
NJEDge INSTITUTION EDGE
NJEDge II Applications and Network Services
Internet2
Internet
Video Conferencing
National Lambda Rail
National Research Foundation Apps
Weather Modelling
GRID Clustering
GRID HPC
Disaster Recovery
Storage
Video on Demand/Streaming Video
DVI HDTV /Very High Bandwidth Video
Multicast/Streaming Video
Community Medical Computing
VoIP
IP Telephony
VoIP Peering
1Mbps - 10Gbps and 40Gbps Access/Transport Ability
Evolutional Growth
Tiered Classified Site Models/Modularity
Full Manageability/A-Z Provisioning
Ability to bring on any service
Rapid Enablement
Shared Secure Access
Any-to-Any Access
Separation Segmentation Virtualization
MPLS
Security
Scaling
IPv6
QoS
Redundancy/Resiliency/Multi-paths
Non-Stop Forwarding
Applications Network Services
444444© 2006 Cisco Systems, Inc. All rights reserved.
NJEDge II Applications and Network Services Next Gen Impact
Segmentation Differentiation
How
•PVC
•VLAN
•MPLS
•QoS
ATM vs SES vs Fiber: 1.544Mbps -1GE - 10GE:
QoS:Implementation
How
•Classification
•Shaping
•Policing
•Sharing BGP or Not
Default Routing – General Routing
Full Routes - Specific routing
BGP:
T1 1.5Mbps
10Mbps,20Mbps,50Mbps
OC-3,100Mbps,200Mbps
1GE
10 GE
Dark Fiber, GE, WDM
454545© 2006 Cisco Systems, Inc. All rights reserved.
NJEDge II Applications and Network Services Next Gen Impact
Institutional Routing
Separation of I1 vs I2 vs DR vs Intra-campus bond traffic
MPLS at the Edge:
I2 Multicast Streams
VPN
IPv4 vs IPv6:
PIX 6.3 vs 7.0
FWSM 2.3 vs 3.1
Traffic Control with RPs and QoS
RPs Inside and Out
Multicast:
Regulatory :
CLEA
SOX
HIPPA
High Speed Synchronous Replication
Moderate Asynchronous Replication
Jumbo Frames
Encryption
Storage over IP :
464646© 2006 Cisco Systems, Inc. All rights reserved.
Receiver for10.3.245.238
NJEDge ConnectivitySchool Site CE Change
CE
Intranet/Internet 2 ATM PVC
Internet ATM PVC
SchoolX
Internet ATM PVC Intranet /Internet2 ATM
PVC
PEPE
PEPE
Verizon MPLS CORE
Commodity Internet
PEPE
Internet 2
Receiver for10.3.245.238
CE
Intranet/Internet 2 VRF under single PVC
Internet VRF under singlePVC
Internet VRF Intranet /Internet2
VRF
SchoolX
ATM Managed Service today
ATM Managed Service Tomorrow
Verizon ATM CORE
165 Halsey St. Carrier Hotel
Commodity Internet
10G 32Lambda
MAGPI Internet 2
GK GK
OR
474747© 2006 Cisco Systems, Inc. All rights reserved.
NJEDge II ConnectivitySchool Site CE Change
Receiver for10.3.245.238
Intranet/Internet 2 VRF under single PVC
Internet VRF under singlePVC
Internet VLAN VRF Intranet /Internet2
VLAN VRF
SchoolX
GE Managed Service or Dark Fiber Tomorrow
165 Halsey St. Carrier Hotel
Commodity Internet
10G 32Lambda
MAGPI Internet 2
GK GK
OR
CE
100Mbps/1000Mbps Rate 3845NS, 7200 NPE-G1/2 or
7301/4 Router
100Mbps/1000/10000Mbps Rate 3400 3750M 3750
6500/Sup32
1GE/10GE Access Method
CEDirect Fiber
CE CWDM and/or DWDM
100Mbps and Multiple 100Mbps Rates
CESES or
Direct Fiber-Ethernet
484848© 2006 Cisco Systems, Inc. All rights reserved.
NJEDge II Connectivity Example Internet and DMZ Design – De-aggregation
School DMZ Design
IPSGUARD XT DDOS
SSL /IPSEC VPN
Public Servers
Application Servers
Database Servers
Institution/Internet Edge Router
Firewall
IPS
GlobalLoadbalancer
ServerLoadBalancer
SSL Offload
Content EngineWAAF
Shown are de-aggregated functions of combination
appliance as well appliance functions– various switch and firewall functions are virtual
GK
CS-MARS
SCE Service Control Engine
NJEDgeNetCore
494949© 2006 Cisco Systems, Inc. All rights reserved.
505050© 2006 Cisco Systems, Inc. All rights reserved.
515151© 2006 Cisco Systems, Inc. All rights reserved.
525252© 2006 Cisco Systems, Inc. All rights reserved.
535353© 2006 Cisco Systems, Inc. All rights reserved.
545454© 2006 Cisco Systems, Inc. All rights reserved.
555555© 2006 Cisco Systems, Inc. All rights reserved.
565656© 2006 Cisco Systems, Inc. All rights reserved.