Using classifiers to configure QoS for outbound traffic
NOTE: In addition to the information in this section on the various QoS classifiers, see QoS operating notes and restrictions. | |
Viewing the QoS configuration
NOTE: UDP port priority and TCP port priority are not supported for IPv6 traffic on switches J9779A, J9780A, J9782A, and J9783A. | |
Examples of the show qos
output
are included with the example for each priority type.
Syntax:
show qos
<priority-classifier>
device-priority
: Displays the device priority table/configuration (priority based on the IP address).
dscp-map
: Displays mappings between DSCP policy and 802.1p priority.
port-priority
: Displays the current source-port priority configuration.
protocol-priority
: Displays the protocol priority configuration.
queue-config
: Displays the outbound port queue configuration information.
resources
: Displays the resources used by the Policy Enforcement Engine.
NOTE: On switches J9779A, J9780A, J9782A, and J9783A, you may run out of QoS resources more quickly.
tcp-udp-port-priority
: Displays the TCP/UDP port priorities.
traffic-template
: Displays the configured traffic templates and their status.
type-of-service
: Displays the current type-of-service priority configuration. The display output differs according to the ToS option used:
IP Precedence
Diffserve
vlan-priority
: Displays the current VLAN priority configuration.
No override
By default, the show
command
outputs automatically list No-override
for priority
options that have not been configured. This means that if you do not
configure a priority for a specific option, QoS does not prioritize
packets to which that option applies, resulting in the No-override
state.
IP packets received through a VLAN-tagged port are managed using the 802.1p priority they carry in the 802.1Q field in their headers.
VLAN-tagged packets received through an untagged port are handled by the switch with “normal” priority.
the show qos vlan-priority
output
shows the global QoS configurations on the switch that are configured
with the VLAN ID classifier. Note that non-default 802.1p priorities
have been configured for VLAN IDs 22 and 33; packets received on VLAN
1 are managed with the default settings, as described in the two bulleted
items above.
Output for the show qos vlan-priority
command
(example)
Global TCP/UDP classifier
Global QoS classifier precedence: 1
When you use TCP or UDP and a layer 4 Application port number as a global QoS classifier, traffic carrying the specified TCP/UDP port numbers is marked with a specified priority level, without regard for any other QoS classifiers in the switch.
You can configure up to 50 TCP/UDP application port numbers as QoS classifiers.
Options for assigning priority
The packet-marking options for global TCP/UDP port-number classifiers include:
802.1p priority
DSCP policy (Assigning a new DSCP and an associated 802.1p priority)
For a given TCP or UDP port number, you can use only one of the above options at a time. However, for different port numbers, you can use different options.
TCP/UDP port number ranges
There are three ranges:
Well-Known Ports: 0 – 1023
Registered Ports: 1024 – 49151
Dynamic and Private Ports: 49152 – 65535
For more information, including a listing of UDP/TCP port numbers, go to the Internet Assigned Numbers Authority (IANA) website at:
Assigning an 802.1p priority for a global TCP/UDP classifier
To mark matching TCP or UDP packets with an 802.1p priority, enter the following command:
Syntax:
qos < udp-port | tcp-port > [ ipv4 |
ipv6 | ip-all ] <
port-number
| range start
end
> priority < 0-7>
Marks an 802.1p priority in outbound packets with the specified TCP or UDP application-port number, where:
ipv4
: Marks only IPv4 packets (default).
ipv6
: Marks only IPv6 packets.
ip-all
: Marks all IP traffic (both IPv4 and IPv6 packets).
port-number
: TCP/UDP port number from 1 to 65535.
range
: Marks a range of TCP/UDP ports. If you specify a range, the minimum port number must precede the maximum port number in the range.<start end>
NOTE: Port range is not supported on switches J9779A, J9780A, J9782A, and J9783A.
priority <0-7>
: Marks the specified 802.1p priority in matching TCP or UDP packets.
NOTE: UDP port priority and TCP port priority are not supported for IPv6 traffic on switches J9779A, J9780A, J9782A, and J9783A.
The 802.1p priority determines the packet's queue in the outbound port on the switch. If the packet leaves the switch on a tagged VLAN port, it carries the 802.1p priority with it to the next downstream device.
Default: Disabled — No 802.1p priority is assigned.
The
no
form of the command deletes the specified UDP or TCP port number or range of port numbers as a QoS classifier.
NOTE: If you have specified a range of port numbers, you must specify the entire range in the
no
command; you cannot remove part of a range.
Syntax:
show qos tcp-udp-port-priority
Displays a listing of all TCP and UDP QoS classifiers currently in the running-config file.
Operating notes on using TCP/UDP port ranges
Only six concurrent policies are possible when using unique ranges. The number of policies allowed is less if ACLs are also using port ranges.
No ranges allowed that include any port numbers configured as part of another QoS application port number policy.
An error message is generated if there are not enough hardware resources available when configuring a policy.
The entire range of configured port numbers must be specified when using the
no
form of the command, for example:switch(config)#: qos udp-port range 1300 1399 dscp 001110 switch(config)#: no qos range 1300 1399
The following example displays the following configuration for TCP and UDP port prioritization:
Assigning a DSCP policy for a global TCP/UDP classifier
This global QoS packet-marking option assigns a previously configured or default DSCP policy (codepoint and 802.1p priority) to TCP or UDP packets having the specified port number or range of port numbers. When assigning a DSCP policy, the switch performs the following actions:
Selects an incoming IP packet if the TCP or UDP port number it carries matches the port number specified in the TCP or UDP classifier (as shown in Configuring 802.1p priority assignments on TCP/UDP ports, above).
Overwrites (re-marks) the packet's DSCP with the new DSCP configured for matching packets.
Assigns the 802.1p priority associated with the new DSCP (see Differentiated Services Codepoint (DSCP) mapping).
Forwards the packet through the appropriate outbound port queue.
Creating a DSCP policy based on TCP/UDP port number classifiers
The following procedure creates a DSCP policy for IP packets carrying the selected TCP or UDP port-number classifier.
Identify the TCP or UDP port-number classifier you want to use for assigning a DSCP policy.
Determine the DSCP policy for packets carrying the selected TCP or UDP port number or range of port numbers.
Determine the DSCP you want to assign to the selected packets. (This codepoint will be used to overwrite (re-mark) the DSCP carried in packets received from upstream devices.)
Determine the 802.1p priority you want to assign to the DSCP.
If necessary, use the
qos dscp-map
command to configure the DSCP policy (codepoint and associated 802.1p priority) that you want to use to mark matching packets.<codepoint>
priority <0-7>NOTE: Prerequisite: A DSCP codepoint must have a preconfigured 802.1p priority (0 - 7) before you can use the codepoint to mark matching packets. If a codepoint you want to use shows
No-override
in the Priority column of the DSCP Policy table (using theshow qos dscp-map
command), you must first configure a priority for the codepoint before proceeding (using theqos dscp-map priority
command).qos dscp-map
<codepoint>
priority <0-7>>(Optional) This command is required only if an 802.1p priority is not already assigned to the specified
in the DSCP Policy table.<codepoint>
Valid values for a DSCP codepoint are as follows:
A binary value for the six-bit codepoint from
000000
to111111
.A decimal value from
0
(low priority) to63
(high priority) that corresponds to a binary DSCP bit setAn ASCII standard (hexadecimal) name for a binary DSCP bit set:
af11
(001010)af42
(100100)af12
(001100)af43
(100110)af13
(001110)ef
(101110)af21
(010010)cs1
(001000) = precedence 1af22
(010100)cs2
(010000) = precedence 2af23
(010110)cs3
(011000) = precedence 3af31
(011010)cs4
(100000) = precedence 4af32
(011100)cs5
(101000) = precedence 5af33
(011110)cs6
(110000) = precedence 6af41
(100010)cs7
(111000) = precedence 7default
(000000)Enter ? to display the list of valid codepoint entries.
When the switch applies the specified DSCP policy to a packet, the priority determines the packet's queue in the outbound port to which it is sent. If the packet leaves the switch on a tagged port, it carries the 802.1p priority with it to the next downstream device. For IP packets, the DSCP will be replaced by the codepoint specified in this command.
(Default:
No-override
for most codepoints.)
Configure the switch to assign the DSCP policy to packets with the specified TCP or UDP port number or range of port numbers.
Syntax: [no]
qos < udp-port | tcp-port > <
port-number
| range <start end
>> < dscp <codepoint
>Assigns a DSCP policy to outbound packets having the specified TCP or UDP application-port number or port range, and overwrites the DSCP in these packets with the assigned
value, where:<codepoint>
port-number
: specifies a TCP/UDP port-number from 1 to 65535.range
: specifies a range of TCP/UDP ports. If you specify a range, the minimum port number must precede the maximum port number in the range.<start end>
dscp
: overwrites the DSCP codepoint in the IPv4 ToS byte or IPv6 Traffic Class byte of matching packets with the specified value.<codepoint>
Valid values for the DSCP codepoint are as follows:
A binary value for the 6-bit codepoint from
000000
to111111
.A decimal value from
0
(low priority) to63
(high priority) that corresponds to a binary DSCP bit setAn ASCII standard name for a binary DSCP bit set
Enter ? to display the list of valid codepoint entries.
The DSCP value you enter must be currently associated with an 802.1p priority in the DSCP Policy table. The 802.1p priority and determines the packet's queue in the outbound port to which it is sent. If the packet leaves the switch on a tagged port, it carries the 802.1p priority with it to the next downstream device.
The default DSCP codepoint is
No-override
. The DSCP codepoint is not overwritten in matching packets.
The
no
form of the command deletes the specified UDP or TCP port number or range of port numbers as a QoS classifier. If you configured a range of port numbers as the QoS classifier, you must enter the entire range in theno
command; you cannot remove part of a range.
Syntax: show qos tcp-udp-port-priority
This example shows how to assign the following DSCP policies to packets that match the specified TCP and UDP port applications:
Port Applications | DSCP Policies | |
---|---|---|
DSCP | Priority | |
23-UDP | 000111 | 7 |
80-TCP | 000101 | 5 |
914-TCP | 000010 | 1 |
1001-UDP | 000010 | 1 |
Determine if the DSCP codepoints that you want to use to mark matching packets already have an 802.1p priority assigned, which could indicate use by existing applications (
show qos dscp-map
command).A DSCP codepoint must also have a priority configured before you can use it to mark matching packets.
switch(config)# show qos dscp-map DSCP -> 802.p priority mappings NOTE: ‘qos type-of-service diff-services’ must be configured before DSCP is honored on inbound traffic. DSCP CodePoint DSCP Value 802.1p tag DSCP Policy name -------------- ---------- ----------- ---------------------- 000000 0 0 cs0 000001 1 No-override 000010 2 No-override 000011 3 No-override 000100 4 No-override 000101 5 No-override 000110 6 No-override 000111 7 No-override 001000 8 1 cs1 001001 9 No-override
Configure the DSCP policies for the codepoints you want to use.
switch(config)# qos dscp-map af11 priority 3 switch(config)# qos dscp-map 13 priority 3 switch(config)# qos dscp-map af13 priority 3 switch(config)# write memory switch(config)# show config switch configuration: ; J9146 Configuration Editor; Created on release XX.15.XX hostname “Switch” time daylight-time-rule None qos dscp-map af11 priority 3 qos dscp-map 13 priority 3 qos dscp-map af13 priority 3 ...
Assign the DSCP policies to the selected TCP/UDP port applications and display the result.
switch(config)# qos udp-port 23 dscp 000111 switch(config)# qos tcp-port 80 dscp 000101 switch(config)# qos tcp-port 914 dscp 000010 switch(config)# qos udp-port range 1001 2000 dscp 000010 TCP/UDP port based priorities | IP Packet Application | Protocol | Type Port Apply rule | DSCP Priority -------- + --------- ----------- ---------- + ------ ----------- UDP | IPV4 23 DSCP | 8 7 TCP | IPV4 80 DSCP | 6 5 TCP | IPV4 914 DSCP | 3 1 UDP | IPV4 1001-2000 DSCP | 3 1
The switch applies the DSCP policies in the about output to IP packets with the specified TCP/UDP port applications that are received in the switch. The switch manages the packets as follows:
Overwrites the original DSCPs in the selected packets with the new DSCPs specified in the above policies.
Assigns the 802.1p priorities in the above policies to the selected packets.
Global IP-device classifier
Global QoS classifier precedence: 2
The global IP-device classifier enables you to configure up to 300 IP addresses to select IP packets according to source or destination address.
Where a particular device-IP address classifier has the highest precedence in the switch for traffic addressed to or from that device, then traffic received on the switch with that address is marked with the IP address classifier’s configured priority level. Different IP device classifiers can have differing priority levels.
NOTE: QoS IP-device restriction: The switch does not allow a QoS IP-device priority for the Management VLAN IP address (if configured). If no Management VLAN is configured, then the switch does not allow configuring a QoS IP-device priority for the default VLAN IP address. | |
Options for assigning priority
The packet-marking options for global IP-device classifiers include:
802.1p priority
DSCP policy: Assigning a new DSCP and 802.1p priority
For a given IP address or subnet mask, you can assign only one of the above options at a time. However, for different IP addresses, you can use different options.
Assigning a priority for a global IP-device classifier
This global QoS packet-marking option assigns an 802.1p priority to all IP packets that have the specified IP address as either a source or destination. If both the source and destination addresses match, the priority configured for the IP destination address has precedence.
Syntax (IPv4):
qos device-priority
<
ipv4-address|ipv4-address/mask-length
>
priority <0-7>
Syntax (IPv6):
NOTE: The global IP-device classifier priority feature for IPv6 is not supported on switches J9779A, J9780A, J9782A, and J9783A. | |
qos device-priority
<
ipv6-address|ipv6-address/mask-length
>
priority <0-7>
Marks an 802.1p priority in outbound packets with the specified IP address or subnet mask in the source or destination field in a packet header, where:
or
ipv4-address
is an IPv4 or IPv6 address used to match the source or destination address in packet headers.
ipv6-address
NOTE: An IPv6 local-link address (such as
fe80::110:252%vlan20
) that is automatically generated on a VLAN interface is not supported as anipv6-address
value.
ipv4
is the subnet identified by the IPv4 mask for the specified address that is used to match the IPv4 in the source or destination field of packet headers.<ipv4-address/mask-length>
ipv6
is the subnet identified by the IPv6 prefix-length for the specified address that is used to match the IPv6 address in the source or destination field of packet headers.<ipv6-address/prefix-length>
Enter the IPv4 mask or IPv6 prefix length with an address in CIDR format by using the number of significant bits (for example,
2001:db8::1:262:a03:e102:127/64
or10.28.31.1/24
).
priority <0-7>
marks the specified 802.1p priority in matching IP packets.The 802.1p priority determines the packet's queue in the outbound port on the switch. If the packet leaves the switch on a tagged VLAN port, it carries the 802.1p priority with it to the next downstream device.
The
no
form of the command deletes the specified IP address or subnet mask as a QoS classifier, and resets the priority for the VLAN toNo-override
.
show qos device-priority
Displays a listing of all IP device-priority QoS configurations currently in the
running-config
file.
Configuring and viewing 802.1p priority
Configuring and viewing the 802.1p priority used to mark packets that match each global IP-device classifier:
IP address / mask or prefix length | 802.1p priority |
---|---|
10.28.31.1 | 7 |
10.28.31.130 | 5 |
10.28.31.100/24 | 1 |
2001:db8:2:1:212:79ff:fe88:a100 | 3 |
2001:db8:3:3::/64 | 1 |
switch(config)#: qos device-priority 10.28.31.1 priority 7 switch(config)#: qos device-priority 10.28.31.130 priority 5 switch(config)#: qos device-priority ipv4 10.28.32.100/24 priority 1 switch(config)#: qos device-priority 2001:db8:2:1:212:79ff:fe88:a100 priority switch(config)#: qos device-priority ipv6 2001:db8:3:3::/64 priority 1 switch(config)#: show qos device-priority Device priorities Device Address Apply rule | DSCP Priority -------------------------------------------- ---------- + ------ ----------- 10.28.31.1 Priority | 7 10.28.31.130 Priority | 5 10.28.32.100/24 Priority | 1 2001:db8:2:1:212:79ff:fe88:a100 Priority | 3 2001:db8:3:3::/64 Priority | 1
QoS IP Type-of-Service (ToS) policy and priority
Global QoS classifier precedence: 3
You can assign a maximum of 64 ToS rules. This feature applies only to IPv4 traffic and performs either of the following:
ToS IP-precedence mode: All IP packets generated by upstream devices and applications include precedence bits in the ToS byte. Using this mode, the switch uses these bits to compute and assign the corresponding 802.1p priority.
ToS Differentiated Services (Diffserv) mode: This mode requires knowledge of the codepoints set in IP packets by the upstream devices and applications. It uses the ToS codepoint in IP packets coming from upstream devices and applications to assign 802.1p priorities to the packets. You can use this option to do both of the following:
Assign a new prioritization policy: A “policy” includes both a codepoint and a corresponding 802.1p priority. This option selects an incoming IPv4 packet on the basis of its codepoint and assigns a new codepoint and corresponding 802.1p priority. (Use the
qos dscp-map
command to specify a priority for any codepoint; see Differentiated Services Codepoint (DSCP) mapping.)Assign an 802.1p priority: This option reads the DSCP of an incoming IPv4 packet and, without changing this codepoint, assigns the 802.1p priority to the packet, as configured in the DSCP Policy Table (Partial display from the default DSCP Policy Table). This means that a priority value of 0 – 7 must be configured for a DSCP before the switch will attempt to perform a QoS match on the packet’s DSCP bits.
Before configuring the ToS Diffserv mode, you must use the
qos dscp-map
command to configure the desired 802.1p priorities for the codepoints you want to use for either option. See Differentiated Services Codepoint (DSCP) mapping for more information.
Unless IP-Precedence mode and Diffserv mode are both disabled (the default setting), enabling one automatically disables the other.
NOTE: “Mixing” ToS DSCP policies and 802.1p priorities is not recommended. See the ‘Note’ in Packet classifiers and evaluation order. | |
Assigning an 802.1p priority to IPv4 packets on the basis of the ToS precedence bits
If a device or application upstream of the switch sets the precedence bits in the ToS byte of IPv4 packets, you can use this feature to apply that setting for prioritizing packets for outbound port queues. If the outbound packets are in a tagged VLAN, this priority is carried as an 802.1p value to the adjacent downstream devices.
Syntax:
qos type-of-service
ip-precedence
Causes the switch to automatically assign an 802.1p priority to all IPv4 packets by computing each packet’s 802.1p priority from the precedence bits the packet carries. This priority determines the packet’s queue in the outbound port to which it is sent. If the packet leaves the switch on a tagged port, it carries the 802.1p priority with it to the next downstream device.
(ToS IP Precedence Default: Disabled)
no qos type-of-service
Disables all ToS classifier operation, including prioritization using the precedence bits.
show qos type-of-service
When the IP-precedence mode is enabled (or if neither ToS option is configured), this command displays the ToS configuration status. If the Diff-serv mode is enabled, codepoint data is displayed.
Using the IP-precedence classifier, prioritization of outbound packets relies on the IP-Precedence bit setting that IP packets carry with them from upstream devices and applications. To configure and verify this option:
Enabling ToS IP-precedence prioritization
To replace this option with the ToS diff-services
option, configure diff-services as described below, which automatically
disables IP-Precedence. To disable IP-Precedence without enabling
the diff-services option, use this command: no qos
type-of-service
Assigning an 802.1p priority to IPv4 packets on the basis of incoming DSCP
One of the best uses for this option is on an interior switch where you want to honor (continue) a policy set on an edge switch. That is, it enables you to select incoming packets having a specific DSCP and forward these packets with the desired 802.1p priority. For example, if an edge switch “A” marks all packets received on port 5 with a particular DSCP, you can configure a downstream (interior) switch “B” to handle such packets with the desired priority (regardless of whether 802.1Q tagged VLANs are in use).
Interior switch B honors the policy established in edge switch A
To do so, assign the desired 802.1p priority to the same codepoint that the upstream or edge switch assigns to the selected packets. When the downstream switch receives an IPv4 packet carrying one of these codepoints, it assigns the configured priority to the packet and sends it out the appropriate priority queue. (The packet retains the codepoint it received from the upstream or edge switch). You can use this option concurrently with the diffserv DSCP Policy option (described later in this section), as long as the DSCPs specified in the two options do not match.
NOTE: Regarding DSCP use: Different applications may use the same DSCP in their IP packets. Also, the same application may use multiple DSCPs if the application originates on different clients, servers, or other devices. Using an edge switch enables you to select the desired packets and mark them with predictable DSCPs that can be used by downstream switches to honor policies set in the edge switch. When enabled, the switch applies direct 802.1p prioritization to all packets having codepoints that meet these prerequisites:
Thus, the switch does not allow the same incoming codepoint (DSCP) to be used simultaneously for directly assigning an 802.1p priority and also assigning a DSCP policy. For a given incoming codepoint, if you configure one option and then the other, the second overwrites the first. | |
To use this option:
Identify a DSCP used to set a policy in packets received from an upstream or edge switch.
Determine the 802.1p priority (0–7) you want to apply to packets carrying the identified DSCP. (You can either maintain the priority assigned in the upstream or edge switch, or assign a new priority.)
Use
qos dscp-map
to assign the 802.1p priority you want to the specified DSCP.<codepoint>
priority <0-7>Enable
diff-services
if not already enabled.
Syntax:
qos type-of-service
diff-services
<codepoint>
Causes the switch to read the
(DSCP) of an incoming IPv4 packet and, when a match occurs, assign a corresponding 802.1p priority, as configured in the switch’s DSCP table (Partial display from the default DSCP Policy Table).
<codepoint>
no qos type-of-service
Disables all ToS classifier operation.
no qos dscp-map
<codepoint>
Disables direct 802.1p priority assignment to packets carrying the
by reconfiguring the codepoint priority assignment in the DSCP table to
<codepoint>
No-override
. If this codepoint is in use as a DSCP policy for another diffserv codepoint, you must disable or redirect the other diffserv codepoint’s DSCP policy before you can disable or change the codepoint. For example, in ToS configuration that enables both 802.1p priority and DSCP policy assignment you cannot change the priority for the 000000 codepoint until you redirect the DSCP policy for 000001 away from using 000000 as a policy. (See Note on changing a priority setting“ and Differentiated Services Codepoint (DSCP) mapping.)
show qos type-of-service
Displays current Type-of-Service configuration. In diffserv mode it also shows the current direct 802.1p assignments and the current DSCP assignments covered later in this section.
For example, an edge switch “A” in an untagged
VLAN assigns a DSCP of 000110 on IP packets it receives on port 6,
and handles the packets with high priority (7). When these packets
reach interior switch “B” you want the switch to handle them with
the same high priority. To enable this operation, you would configure
an 802.1p priority of 7 for packets received with a DSCP of 000110.
ToS diff-services
must be enabled:
Viewing the codepoints available for 802.1p priority assignments
ToS configuration that enables both 802.1p priority and DSCP policy assignment
Assigning a DSCP policy on the basis of the DSCP in IPv4 packets received from upstream devices
The preceding section describes how to forward a policy set by an edge (or upstream) switch. This option changes a DSCP policy in an IPv4 packet by changing its IP ToS codepoint and applying the priority associated with the new codepoint. (A DSCP policy consists of a differentiated services codepoint and an associated 802.1p priority.) You can use this option concurrently with the diffserv 802.1p priority option (above), as long as the DSCPs specified in the two options do not match.
To use this option to configure a change in policy:
Identify the DSCP used to set a policy in packets received from an upstream or edge switch.
Create a new policy by using the
qos dscp-map
command to configure an 802.1p priority for the codepoint you will use to overwrite the DSCP that the packet carries from upstream.<code-point>
priority <0-7>Use the
qos type-of-service diff-services
command to change the policy on packets coming from the edge or upstream switch with the specified incoming DSCP.< mapped to DSCP >
dscp< mapped from DSCP >
Interior switch B honors the policy established in edge switch A illustrates this scenario.
Syntax:
qos type-of-service
diff-services
Enables ToS Diff-serve QoS so that Diff-serve policy configurations can be applied to incoming packets that have matching codepoints.
Syntax:
qos type-of-service
diff-services
<current-codepoint>
dscp <new-codepoint>
Configures the switch to select an incoming IP packet carrying the
and then use the
<current-codepoint>
to assign a new, previously configured DSCP policy to the packet. The policy overwrites the
<new-codepoint>
with the
<current-codepoint>
and assigns the 802.1p priority specified by the policy.
<new-codepoint>
Syntax:
no qos type-of-service
Disables all ToS classifier operation. Current ToS DSCP policies and priorities remain in the configuration and will become available if you re-enable ToS Diff-services.
Syntax:
no qos type-of-service
[diff-services
<codepoint>
]
Deletes the DSCP policy assigned to the
and returns the
<codepoint>
to the 802.1p priority setting it had before the DSCP policy was assigned, which is either a value from 0 - 7 or
<codepoint>
No-override
.
Syntax:
show qos type-of-service
Displays a listing of codepoints with any corresponding DSCP policy reassignments for outbound packets. Also displays the 802.1p priority for each codepoint that does not have a DSCP remarking policy assigned to it.
For example, suppose that you want to configure the following two DSCP policies for packets received with the indicated DSCPs.
Received DSCP | Policy DSCP | 802.1p Priority | Policy Name (Optional) |
---|---|---|---|
001100 | 17 | 6 | Level 6 |
001101 | 16 | 4 | Level 4 |
Determine whether the DSCPs already have priority assignments, which could indicate use by existing applications. This is not a problem as long as the configured priorities are acceptable for all applications using the same DSCP. (See Note on changing a priority setting. Also, a DSCP must have a priority configured before you can assign any QoS classifiers to use it. See Differentiated Services Codepoint (DSCP) mapping.)
After configuring the DSCP policies for the codepoints you want to use, assign the policies to the codepoints in the selected packet type.
Policy assignment to outbound packets on the basis of the DSCP in the packets received from upstream devices
switch(config)# qos type-of-service diff-services 001100 dscp 17 switch(config)# qos type-of-service diff-services 001101 dscp 16 switch(config)# show qos type-of-service Type of Service : Differentiated Services Codepoint DSCP Policy | Priority --------- ----------- + ----------- 000000 | No-override 000001 | No-override 000010 | No-override 000011 | No-override 000100 | No-override 000101 | No-override 000110 | No-override 000111 | No-override 001000 001011 | 7 001001 | No-override 001010 | 1 001011 | 7 001100 010001 | 6 001101 010000 | 4
The specified DSCP policies overwrite the original DSCPs on the selected packets, and use the 802.1p priorities previously configured.
Details of QoS IP ToS
IP packets include a Type of Service (ToS) byte. The ToS byte includes:
A Differentiated Services Codepoint (DSCP): This element is composed of the upper 6 bits of the ToS byte). There are 64 possible codepoints.
In the switches covered in this guide, the default
qos
configuration includes some codepoints with 802.1p priority settings for Assured- Forwarding (af), Expedited Forwarding (ef, codepoint 101110), and Class Selector (cs). Others are unused (listed withNo-override
for a Priority).
See The ToS codepoint and precedence bits for an illustration of the default DSCP policy table.
Using the
qos dscp-map
command, you can configure the switch to assign different prioritization policies to IPv4 packets having different codepoints. As an alternative, you can configure the switch to assign a new codepoint to an IPv4 packet, along with a corresponding 802.1p priority (0-7). To use this option in the simplest case, you would:Configure a specific DSCP with a specific priority in an edge switch.
Configure the switch to mark a specific type of inbound traffic with that DSCP (and thus create a policy for that traffic type).
Configure the internal switches in your LAN to honor the policy.
(For example, you could configure an edge switch to assign a codepoint of 000001 to all packets received from a specific VLAN, and then handle all traffic with that codepoint at high priority.)
For a codepoint listing and the commands for displaying and changing the DSCP Policy table, see Differentiated Services Codepoint (DSCP) mapping.
Precedence Bits: This element is a subset of the DSCP and is composed of the upper 3 bits of the ToS byte. When configured to do so, the switch uses the precedence bits to determine a priority for handling the associated packet. (The switch does not change the setting of the precedence bits.) Using the ToS Precedence bits to prioritize IPv4 packets relies on priorities set in upstream devices and applications.
The ToS codepoint and precedence bits shows an example of the ToS byte in the header for an IPv4 packet, and illustrates the diffserv bits and precedence bits in the ToS byte. (Note that the Precedence bits are a subset of the Differentiated Services bits.)
The ToS codepoint and precedence bits
How the switch uses the ToS configuration
Outbound port | ToS option: | |
---|---|---|
802.1p (value = 0 - 7) | Differentiated services | |
IP packet sent out an untagged port in a VLAN | Depending on the value of the IP Precedence bits in the packet’s ToS field, the packet will go to one of eight outbound port queues in the switch. See 802.1p priority settings and outbound queue assignment | For a given packet carrying a ToS codepoint that the switch has been configured to detect:
Depending on the 802.1p priority used, the packet will leave the switch through one of the following queues:
If |
IP packet sent out an untagged port in a VLAN | Same as above, plus the IP Precedence value (0 - 7) will be used to set a corresponding 802.1p priority in the VLAN tag carried by the packet to the next downstream device. See ToS IP-precedence bit mappings to 802.1p priorities, below. | Same as above,
plus the Priority value (0 - 7) will be used to set a corresponding
802.1p priority in the VLAN tag carried by the packet to the next
downstream device. Where No-override is the assigned
priority, the VLAN tag carries a “0” (normal priority) 802.1p setting
if not prioritized by other QoS classifiers. |
ToS IP-precedence bit mappings to 802.1p priorities
ToS byte IP precedence bits | Corresponding 802.1p priority | Service priority level |
---|---|---|
000 | 1 | Lowest |
001 | 2 | Low |
002 | 0 | Normal |
003 | 3 | |
004 | 4 | |
005 | 5 | |
006 | 6 | |
007 | 7 | Highest |
Global Layer-3 protocol classifier
Global QoS classifier precedence: 4
When a global Layer-3 Protocol classifier is configured as the highest-precedence classifier and the switch receives traffic carrying the specified protocol, matching packets are assigned the priority configured for the classifier.
Assigning a priority for a global Layer-3 protocol classifier
This global QoS packet-marking option assigns an 802.1p priority to outbound packets having the specified Layer-3 protocol.
Syntax:
qos protocol < ip
| ipx | arp | appletalk | sna | netbeui> priority < 0 - 7 >
Configures an 802.1p priority for outbound packets having the specified protocol. This priority determines the packet's queue in the outbound port to which it is sent. If the packet leaves the switch on a tagged port, it carries the 802.1p priority with it to the next downstream device. You can configure one QoS classifier for each protocol type.
(Default:
No-override
)
Syntax:
[no] qos protocol < ip | ipx | arp | appletalk | sna
| netbeui >>
Disables use of the specified protocol as a QoS classifier and resets the protocol priority to
No-override
.
Syntax:
show qos protocol-priority
Lists the QoS protocol classifiers with their priority settings.
Configuring global Layer-3 protocol classifiers
To configure the following global Layer-3 protocol classifiers:
Configure QoS protocol classifiers with IP at 0 (normal), ARP at 5 (medium), and AppleTalk at 7 (high) and display the QoS protocol configuration.
Disable the QoS IP protocol classifier, downgrade the ARP priority to 4, and again display the QoS protocol configuration.
The following example shows the necessary configuration commands.
Adding, viewing, removing, and changing QoS protocol classifiers
QoS VLAN-ID (VID) priority
Global QoS classifier precedence: 5
Where a particular VLAN-ID classifier has the highest precedence in the switch for traffic in that VLAN, then traffic received in that VLAN is marked with the VID classifier’s configured priority level. Different VLAN-ID classifiers can have differing priority levels.
Options for assigning priority
Priority control options for packets carrying a specified VLAN-ID include:
802.1p priority
DSCP policy (Assigning a new DSCP and an associated 802.1p priority; inbound packets must be IPv4.)
(For operation when other QoS classifiers apply to the same traffic, see Classifiers for prioritizing outbound packets.)
NOTE: QoS with VID priority applies to static VLANs only, and applying QoS to dynamic VLANs created by GVRP operation is not supported. A VLAN must exist while a subject of a QoS configuration, and eliminating a VLAN from the switch causes the switch to clear any QoS features configured for that VID. | |
Assigning a priority based on VLAN-ID
This option assigns a priority to all outbound
packets having the specified VLAN-ID (VID). You can configure this
option by either specifying the VID ahead of the qos
command
or moving to the VLAN context for the VLAN you want to configure for
priority.
Syntax:
vlan
<vid>
qos
priority <0-7>
Configures an 802.1p priority for outbound packets belonging to the specified VLAN. This priority determines the packet’s queue in the outbound port to which it is sent. If the packet leaves the switch on a tagged port, it carries the 802.1p priority with it to the next downstream device. You can configure one QoS classifier for each VLAN-ID.
(Default:
No-override
)
Syntax:
no vlan
<vid>
qos
Removes the specified VLAN-ID as a QoS classifier and resets the priority for that VLAN to
No-override
.
Syntax:
show qos vlan-priority
Displays a listing of the QoS VLAN-ID classifiers currently in the running-config file, with their priority data.
For example, suppose that you have the following VLANs configured on the switch and want to prioritize them as shown:
A list of VLANs available for QoS prioritization
switch(config)# show vlan Status and Counters - VLAN Information Maximum VLANs to support : 8 Primary VLAN : DEFAULT_VLAN 802.1Q VLAN ID Name Status -------------- ---------- ------------ 1 DEFAULT_VLAN static 22 VLAN_22 static
You would then execute the following commands to prioritize the VLANs by VID:
Configuring and displaying QoS priorities on VLANs
switch(config)# vlan 1 qos dscp 9 switch(config)# vlan 22 qos dscp 8 switch(config)# show qos vlan-priority VLAN priorities VLAN ID Apply rule | DSCP Priority ------- ----------- + ------ ----------- 1 DSCP | 001001 7 22 DSCP | 001000 6
If you then decided to remove VLAN_22 from QoS prioritization:
Returning a QoS-prioritized VLAN to “No-override” status
In this instance,
No-override
indicates that VLAN 22 is not prioritized by QoS.switch(config)# no vlan 22 qos switch(config)# show qos vlan VLAN priorities VLAN ID Apply rule | DSCP Priority ------- ----------- + ------ ----------- 1 DSCP | 001001 7 22 No-override | No-override
Assigning a DSCP policy based on VLAN-ID
This option assigns a previously configured DSCP policy (codepoint and 802.1p priority) to outbound IP packets having the specified VLAN-ID (VID). The switch performs the following:
Selects an incoming IP packet on the basis of the VLAN-ID it carries.
Overwrites the packet’s DSCP with the DSCP configured in the switch for such packets.
Assigns 802.1p priority configured in the switch for the new DSCP (see Differentiated Services Codepoint (DSCP) mapping).
Forwards the packet through the appropriate outbound port queue.
Steps for creating a policy based on VLAN-ID classifier:
Determine the VLAN-ID classifier to which you want to assign a DSCP policy.
Determine the DSCP policy for packets carrying the selected VLAN-ID:
Determine the DSCP you want to assign to the selected packets. (This codepoint will be used to overwrite the DSCP carried in packets received through the source-port from upstream devices.)
Determine the 802.1p priority you want to assign to the DSCP.
Configure the DSCP policy by using
qos dscp-map
to configure the priority for each codepoint (see Differentiated Services Codepoint (DSCP) mapping for more information).Configure the switch to assign the DSCP policy to packets with the specified VLAN-ID.
Syntax:
vlan
<vid>
qos
dscp <codepoint>
Assigns a DSCP policy to packets carrying the specified VLAN-ID, and overwrites the DSCP in these packets with the assigned
value. This policy includes an 802.1p priority and determines the packet’s queue in the outbound port to which it is sent. If the packet leaves the switch on a tagged port, it carries the 802.1p priority with downstream device.
<codepoint>
(Default:
No-override
)
Syntax:
no vlan
<vid>
qos
Removes QoS classifier for the specified VLAN.
Syntax:
show qos vlan-priority
Displays a listing of the QoS VLAN-ID classifiers currently in the running-config file.
For example, suppose that you wanted to assign this set of priorities:
VLAN-ID | DSCP | Priority |
---|---|---|
40 | 15 | 7 |
30 | 16 | 5 |
20 | 17 | 1 |
1 | 17 | 1 |
Assign the DSCP policies to the selected VIDs and display the result.
The completed VID-DSCP priority configuration
switch(config)# vlan 1 qos dscp 17 switch(config)# vlan 20 qos dscp 17 switch(config)# vlan 30 qos dscp 16 switch(config)# vlan 40 qos dscp 15 switch(config)# show qos vlan-priority VLAN priorities VLAN ID Apply rule | DSCP Priority ------- ----------- + ------ ----------- 1 DSCP | 010001 1 20 DSCP | 010001 1 30 DSCP | 010000 5 40 DSCP | 001111 7
The switch will now apply the DSCP policies in The completed VID-DSCP priority configuration to packets received on the switch with the specified VLAN-IDs. This means the switch will:
Overwrite the original DSCPs in the selected packets with the new DSCPs specified in the above policies.
Assign the 802.1p priorities in the above policies to the appropriate packets.
QoS source-port priority
Global QoS classifier precedence: 6
The QoS source-port option enables you to use a packet’s source-port on the switch as a QoS classifier. Where a particular source-port classifier has the highest precedence in the switch for traffic entering through that port, then traffic received from the port is marked with the source-port classifier’s configured priority level. Different source-port classifiers can have different priority levels.
Options for assigning priority on the switch
Priority control options for packets from a specified source-port include:
802.1p priority
DSCP policy: Assigning a new DSCP and an associated 802.1p priority; inbound packets must be IPv4.)
(For operation when other QoS classifiers apply to the same traffic, see Classifiers for prioritizing outbound packets.)
Options for assigning priority from a RADIUS server
You can use a RADIUS server to impose a QoS source-port priority during an 802.1X port-access authentication session. See the RADIUS chapter in the Access Security Guide for your switch.
Assigning a priority based on source-port
This option assigns a priority to all outbound
packets having the specified source-port. You can configure this option
by either specifying the source-port ahead of the qos
command
or moving to the port context for the port you want to configure for
priority. (If you are configuring multiple source-ports with the same
priority, you may find it easier to use the interface
command
to go to the port context instead of individually configuring the
priority for each port.)<port-list>
Syntax:
interface
<port-list>
qos
priority <0-7>
Configures an 802.1p priority for packets entering the switch through the specified (source) ports. This priority determines the packet queue in the outbound ports to which traffic is sent. If a packet leaves the switch on a tagged port, it carries the 802.1p priority with it to the next downstream device. You can configure one QoS classifier for each source-port or group of source-ports.
(Default:
No-override
)
Syntax:
no interface
<port-list>
qos
Disables use of the specified source-ports for QoS classifiers and resets the priority for the specified sourceports to
No-override
.
Syntax:
show qos port-priority
Lists the QoS port-priority classifiers with their priority data.
For example, suppose that you want to prioritize inbound traffic on the following source-ports:
Source-port | Priority |
---|---|
1–3 | 2 |
4 | 3 |
You would then execute the following commands to prioritize traffic received on the above ports.
Configuring and displaying source-port QoS priorities
switch(config)# interface e 1-3 qos priority 2 switch(config)# interface e 4 qos priority 3 switch(config)# show qos port-priority Port priorities Port Apply rule | DSCP Priority Radius Override ---- ---------- ---- -------- --------------- 1 Priority | 2 No-override 2 Priority | 2 No-override 3 Priority | 2 No-override 4 Priority | 3 No-override 5 No-override | No-override No-override . . . . . . . .
If you then decided to remove port 1 from QoS prioritization:
Returning a QoS-prioritized VLAN to “No-override” status
In this instance, No-override
indicates
that port 1 is not prioritized by QoS.
switch(config)# no interface e 1 qos switch(config)# show qos port-priority Port priorities Port Apply rule | DSCP Priority Radius Override ---- ---------- ---- -------- --------------- 1 No-override | No-override No-override 2 Priority | 2 No-override 3 Priority | 2 No-override 4 Priority | 3 No-override 5 No-override | No-override No-override . . . . . . . .
Assigning a DSCP policy based on the source-port
This option assigns a previously configured DSCP policy (codepoint and 802.1p priority) to outbound IP packets (received from the specified sourceports). That is, the switch:
Selects an incoming IP packet on the basis of its source-port on the switch.
Overwrites the packet’s DSCP with the DSCP configured in the switch for such packets.
Assigns 802.1p priority configured in the switch for the new DSCP (see Differentiated Services Codepoint (DSCP) mapping).
Forwards the packet through the appropriate outbound port queue.
Steps for creating a policy based on source-port classifier:
NOTE: You can select one DSCP per source-port. Also, configuring a new DSCP for a source-port automatically overwrites (replaces) any previous DSCP or 802.1p priority configuration for that port.) | |
Identify the source-port classifier to which you want to assign a DSCP policy.
Determine the DSCP policy for packets having the selected source-port:
Determine the DSCP you want to assign to the selected packets. (This codepoint will be used to overwrite the DSCP carried in packets received through the source-port from upstream devices.)
Determine the 802.1p priority you want to assign to the DSCP.
Configure the DSCP policy by using
qos dscp-map
to configure the priority for each codepoint (see Differentiated Services Codepoint (DSCP) mapping for more information).Configure the switch to assign the DSCP policy to packets from the specified source-port.
Syntax:
interface
<port-list>
qos
dscp <codepoint>
Assigns a DSCP policy to packets from the specified sourceports, and overwrites the DSCP in these packets with the assigned
value. This policy includes an 802.1p priority and determines the packet’s queue in the outbound port to which it is sent. If the packet leaves the switch on a tagged port, it carries the 802.1p priority with it to the next downstream device.
<codepoint>
(Default:
No-override
)
Syntax:
no interface
<port-list>
qos
Removes QoS classifier for the specified source-ports.
Syntax:
show qos port
Displays a listing of all source-port QoS classifiers currently in the running-config file.
For example, suppose that you wanted to assign this set of priorities that have been configured on the switch:
Source-port | DSCP | Priority |
---|---|---|
2 | 15 | 7 |
1, 3 | 16 | 5 |
4, 5 | 17 | 1 |
Assign the DSCP policies to the selected source-ports and display the result.
The completed source-port DSCP-priority configuration
switch(config)# int 4,5 switch(eth-4,5)# qos dscp 17 switch(eth-4,5)# int 1,3 switch(eth-1,3)# qos dscp 16 switch(eth-1,3)# int 2 switch(eth-2)# qos dscp 15 switch(eth-2)# show qos port-priority Port priorities Port Apply rule | DSCP Priority Radius Override ---- ----------- + ------ ----------- --------------- 1 DSCP | 010000 5 No-override 2 DSCP | 001111 7 No-override 3 DSCP | 010000 5 No-override 4 DSCP | 010001 1 No-override 5 DSCP | 010001 1 No-override 6 No-override | No-override No-override 7 No-override | No-override No-override . . . . . . . . . .
RADIUS override field
During a client session authenticated by a RADIUS server, the server can impose a port priority that applies only to that client session. For more information, see the RADIUS chapter in the access security guide for your switch.