Cisco press end to end qos network design quality of service in LANs WANs and VPNs nov 2004 ISBN 1587051761
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (10.53 MB, 1,201 trang )
End-to-EndQoSNetworkDesign
ByTimSzigeti-CCIENo.9794,ChristinaHattingh
Publisher :CiscoPress
PubDate :November09,2004
ISBN :1-58705-176-1
Pages :768
Best-practiceQoSdesignsforprotectingvoice,video,andcritical
datawhilemitigatingnetworkdenial-of-serviceattacks
Understandtheservice-levelrequirementsofvoice,video,
anddataapplications
ExaminestrategicQoSbestpractices,includingScavengerclassQoStacticsforDoS/wormmitigation
LearnaboutQoStoolsandthevariousinterdependencies
andcaveatsofthesetoolsthatcanimpactdesign
considerations
Learnhowtoprotectvoice,video,anddatatrafficusing
variousQoSmechanisms
Evaluatedesignrecommendationsforprotectingvoice,
video,andmultipleclassesofdatawhilemitigating
DoS/wormattacksforthefollowingnetworkinfrastructure
architectures:campusLAN,privateWAN,MPLSVPN,and
IPSecVPN
QualityofService(QoS)hasalreadyprovenitselfastheenabling
technologyfortheconvergenceofvoice,video,anddata
networks.Asbusinessneedsevolve,sodothedemandsforQoS.
TheneedtoprotectcriticalapplicationsviaQoSmechanismsin
businessnetworkshasescalatedoverthepastfewyears,
primarilyduetotheincreasedfrequencyandsophisticationof
denial-of-service(DoS)andwormattacks.
Tableof
•
Contents
• Index
End-to-EndQoSNetworkDesignisadetailedhandbookfor
planninganddeployingQoSsolutionstoaddresscurrentbusiness
needs.ThisbookgoesbeyonddiscussingavailableQoS
technologiesandconsidersdetaileddesignexamplesthat
illustratewhere,when,andhowtodeployvariousQoSfeaturesto
providevalidatedandtestedsolutionsforvoice,video,andcritical
dataovertheLAN,WAN,andVPN.
Thebookstartswithabriefbackgroundofnetworkinfrastructure
evolutionandthesubsequentneedforQoS.Itthengoesonto
coverthevariousQoSfeaturesandtoolscurrentlyavailableand
commentsontheirevolutionanddirection.TheQoSrequirements
ofvoice,interactiveandstreamingvideo,andmultipleclassesof
dataapplicationsarepresented,alongwithanoverviewofthe
natureandeffectsofvarioustypesofDoSandwormattacks.QoS
best-practicedesignprinciplesareintroducedtoshowhowQoS
mechanismscanbestrategicallydeployedend-to-endtoaddress
applicationrequirementswhilemitigatingnetworkattacks.The
nextsectionfocusesonhowthesestrategicdesignprinciplesare
appliedtocampusLANQoSdesign.Considerationsanddetailed
designrecommendationsspecifictotheaccess,distribution,and
corelayersofanenterprisecampusnetworkarepresented.
PrivateWANQoSdesignisdiscussedinthefollowingsection,
whereWAN-specificconsiderationsanddetailedQoSdesignsare
presentedforleased-lines,FrameRelay,ATM,ATM-to-FRService
Interworking,andISDNnetworks.Branch-specificdesignsinclude
Cisco(r)SAFErecommendationsforusingNetwork-Based
ApplicationRecognition(NBAR)forknown-wormidentificationand
policing.ThefinalsectioncoversLayer3VPNQoSdesign-forboth
MPLSandIPSecVPNs.AsbusinessesaremigratingtoVPNsto
meettheirwide-areanetworkingneedsatlowercosts,
considerationsspecifictothesetopologiesarerequiredtobe
reflectedintheircustomer-edgeQoSdesigns.MPLSVPNQoS
designisexaminedfromboththeenterpriseandservice
provider'sperspectives.Additionally,IPSecVPNQoSdesigns
coversite-to-siteandteleworkercontexts.
WhetheryouarelookingforanintroductiontoQoSprinciplesand
practicesoraQoSplanninganddeploymentguide,thisbook
providesyouwiththeexpertadviceyouneedtodesignand
implementcomprehensiveQoSsolutions.
ThisbookispartoftheNetworkingTechnologySeriesfromCisco
Press,whichoffersnetworkingprofessionalsvaluableinformation
forconstructingefficientnetworks,understandingnew
technologies,andbuildingsuccessfulcareers.
End-to-EndQoSNetworkDesign
ByTimSzigeti-CCIENo.9794,ChristinaHattingh
Publisher :CiscoPress
PubDate :November09,2004
Tableof
ISBN :1-58705-176-1
•
Contents
Pages :768
• Index
Copyright
AbouttheAuthors
AbouttheTechnicalEditors
Acknowledgments
IconsUsedinThisBook
CommandSyntaxConventions
Introduction
WhoShouldReadThisBook?
GoalsandMethods
HowThisBookIsOrganized
PartI:IntroductiontoQoS
Chapter1.IntroductiontoQoS
ABriefHistoricalPerspective
QoSEvolution
UserNetworkExpectations
UnderstandingQoS
QoSModels
IntroductiontotheQoSToolset
SimplifyingQoS
IfIHaveAutoQoS,WhyShouldIBeReadingThisBook?
TheContinuingEvolutionofQoS
Summary
FurtherReading
Chapter2.QoSDesignOverview
QoSRequirementsofVoIP
QoSRequirementsofVideo
QoSRequirementsofData
QoSRequirementsoftheControlPlane
ScavengerClass
DoSandWormMitigationStrategyThroughScavengerClassQoS
PrinciplesofQoSDesign
Summary
FurtherReading
PartII:QoSToolset
Chapter3.ClassificationandMarkingTools
ClassificationTools
MarkingTools
Summary
FurtherReading
Chapter4.PolicingandShapingTools
TokenBucketAlgorithms
Policers
Shapers
FurtherReading
Chapter5.Congestion-ManagementTools
UnderstandingSchedulingandQueuing
LegacyLayer3QueuingMechanisms
CurrentlyRecommendedLayer3QueuingMechanisms
Layer2QueuingTools
Tx-ring
PAK_priority
Summary
FurtherReading
Chapter6.Congestion-AvoidanceTools
RandomEarlyDetection
WeightedRandomEarlyDetection
DSCP-BasedWeightedRandomEarlyDetection
ExplicitCongestionNotification
Summary
FurtherReading
Chapter7.Link-SpecificTools
Header-CompressionTechniques
LinkFragmentationandInterleaving
Summary
FurtherReading
Chapter8.BandwidthReservation
RSVPOverview
MPLSTrafficEngineering
Scalability
RSVP-DiffServIntegration
EndpointsandProxies
Summary
FurtherReading
Chapter9.CallAdmissionControl(CAC)
CACOverview
CACDefined
CACToolCategories
CallManagerLocationsCAC
GatekeeperCAC
RSVP
Summary
FurtherReading
Chapter10.CatalystQoSTools
GenericCatalystQoSModels
Catalyst2950
Catalyst3550
Catalyst2970,3650,and3750
Catalyst4500
Catalyst6500
Summary
FurtherReading
Chapter11.WLANQoSTools
QoSforWirelessLANsVersusQoSonWiredLANs
UpstreamVersusDownstreamQoS
IEEE802.11DCF
IEEE802.11eEDCF
IEEE802.1DClassesofService
QoSOperationonCiscoAPs
ConfiguringQoSonCiscoAPs
Summary
FurtherReading
PartIII:LANQoSDesign
Chapter12.CampusQoSDesign
DoS/Worm-MitigationStrategies
Call-SignalingTCP/UDPPortsinUse
Access-EdgeTrustModels
Catalyst2950QoSConsiderationsandDesign
Catalyst3550QoSConsiderationsandDesign
Catalyst2970/3560/3750QoSConsiderationsandDesign
Catalyst4500-SupII+/III/IV/VQoSConsiderationsandDesign
Catalyst6500QoSConsiderationsandDesign
WANAggregator/BranchRouterHandoffConsiderations
CaseStudy:CampusQoSDesign
Summary
FurtherReading
PartIV:WANQoSDesign
Chapter13.WANAggregatorQoSDesign
WhereIsQoSNeededovertheWAN?
WANEdgeQoSDesignConsiderations
WANEdgeClassificationandProvisioningModels
WANEdgeLink-SpecificQoSDesign
CaseStudy:WANAggregationRouterQoSDesign
Summary
FurtherReading
Chapter14.BranchRouterQoSDesign
BranchWANEdgeQoSDesign
BranchRouterLANEdgeQoSDesign
CaseStudy:BranchRouterQoSDesign
Summary
FurtherReading
PartV:VPNQoSDesign
Chapter15.MPLSVPNQoSDesign
WhereIsQoSNeededoveranMPLSVPN?
CustomerEdgeQoSDesignConsiderations
Provider-EdgeQoSConsiderations
CoreQoSConsiderations
CaseStudy:MPLSVPNQoSDesign(CE/PE/PRouters)
Summary
FurtherReading
Chapter16.IPSecVPNQoSDesign
Site-to-SiteV3PNQoSConsiderations
Site-to-SiteV3PNQoSDesigns
HeadendVPNEdgeQoSOptionsforSite-to-SiteV3PNs
TeleworkerV3PNQoSConsiderations
TeleworkerV3PNQoSDesigns
CaseStudy:IPSecVPNQoSDesign
Summary
FurtherReading
QoS"At-A-Glance"Summaries
Index
Copyright
End-to-EndQoSNetworkDesign
TimSzigeti,CCIENo.9794,ChristinaHattingh
Copyright©2005CiscoSystems,Inc.
Publishedby:
CiscoPress
800East96thStreet
Indianapolis,IN46240USA
Allrightsreserved.Nopartofthisbookmaybereproducedor
transmittedinanyformorbyanymeans,electronicor
mechanical,includingphotocopying,recording,orbyany
informationstorageandretrievalsystem,withoutwritten
permissionfromthepublisher,exceptfortheinclusionofbrief
quotationsinareview.
PrintedintheUnitedStatesofAmerica1234567890
FirstPrintingOctober2004
LibraryofCongressCataloging-inPublicationNumber:2003111984
TrademarkAcknowledgments
Alltermsmentionedinthisbookthatareknowntobe
trademarksorservicemarkshavebeenappropriately
capitalized.CiscoPressorCiscoSystems,Inc.,cannotattestto
theaccuracyofthisinformation.Useofaterminthisbook
shouldnotberegardedasaffectingthevalidityofany
trademarkorservicemark.
WarningandDisclaimer
ThisbookisdesignedtoprovideinformationaboutQuality-ofServicenetworkdesignbest-practicerecommendations.Every
efforthasbeenmadetomakethisbookascompleteandas
accurateaspossible,butnowarrantyorfitnessisimplied.
Theinformationisprovidedonan"asis"basis.Theauthors,
CiscoPress,andCiscoSystems,Inc.,shallhaveneitherliability
norresponsibilitytoanypersonorentitywithrespecttoany
lossordamagesarisingfromtheinformationcontainedinthis
bookorfromtheuseofthediscsorprogramsthatmay
accompanyit.
Theopinionsexpressedinthisbookbelongtotheauthorand
arenotnecessarilythoseofCiscoSystems,Inc.
CorporateandGovernmentSales
CiscoPressoffersexcellentdiscountsonthisbookwhen
orderedinquantityforbulkpurchasesorspecialsales.
Formoreinformationpleasecontact:U.S.Corporateand
GovernmentSales1-800-382-3419
ForsalesoutsidetheU.S.pleasecontact:InternationalSales
FeedbackInformation
AtCiscoPress,ourgoalistocreatein-depthtechnicalbooksof
thehighestqualityandvalue.Eachbookiscraftedwithcare
andprecision,undergoingrigorousdevelopmentthatinvolves
theuniqueexpertiseofmembersfromtheprofessional
technicalcommunity.
Readers'feedbackisanaturalcontinuationofthisprocess.If
youhaveanycommentsregardinghowwecouldimprovethe
qualityofthisbookorotherwisealterittobettersuityour
needs,youcancontactusthroughe-mailat
Pleasemakesuretoincludethe
booktitleandISBNinyourmessage.
Wegreatlyappreciateyourassistance.
Publisher
JohnWait
Editor-in-Chief
JohnKane
CiscoRepresentative
AnthonyWolfenden
CiscoPressProgramManager
NannetteM.Noble
ExecutiveEditor
ChristopherCleveland
AcquisitionsEditor
MichelleGrandin
ProductionManager
PatrickKanouse
DevelopmentEditor
HowardA.Jones
CopyEditor
KristaHansing
TechnicalEditors
FrankKnox
AnnaTo
ConnieVarner
TeamCoordinator
TammiBarnett
CoverDesigner
LouisaAdair
Composition
OctalPublishing,Inc.
Indexer
EricSchroeder
Proofreader
TonyaCupp
CorporateHeadquarters
CiscoSystems,Inc.
170WestTasmanDrive
SanJose,CA95134-1706
USA
www.cisco.com
Tel:408526-4000
800553-NETS(6387)
Fax:408526-4100
EuropeanHeadquarters
CiscoSystemsInternationalBV
Haarlerbergpark
Haarlerbergweg13-19
1101CHAmsterdam
TheNetherlands
www-europe.cisco.com
Tel:310203571000
Fax:310203571100
AmericasHeadquarters
CiscoSystems,Inc.
170WestTasmanDrive
SanJose,CA95134-1706
USA
www.cisco.com
Tel:408526-7660
Fax:408527-0883
AsiaPacificHeadquarters
CiscoSystems,Inc.
CapitalTower
168RobinsonRoad
#22-01to#29-01
Singapore068912
www.cisco.com
Tel:+6563177777
Fax:+6563177799
CiscoSystemshasmorethan200officesinthefollowing
countriesandregions.Addresses,phonenumbers,andfax
numbersarelistedontheCisco.comWebsiteat
www.cisco.com/go/offices.
Argentina•Australia•Austria•Belgium•Brazil•Bulgaria•
Canada•Chile•ChinaPRC•Colombia•CostaRica•Croatia•
CzechRepublic•Denmark•Dubai,UAE•Finland•France•
Germany•Greece•HongKongSAR•Hungary•India•
Indonesia•Ireland•Israel•Italy•Japan•Korea•
Luxembourg•Malaysia•Mexico•TheNetherlands•New
Zealand•Norway•Peru•Philippines•Poland•Portugal•
PuertoRico•Romania•Russia•SaudiArabia•Scotland•
Singapore•Slovakia•Slovenia•SouthAfrica•Spain•
Sweden•Switzerland•Taiwan•Thailand•Turkey•Ukraine•
UnitedKingdom•UnitedStates•Venezuela•Vietnam•
Zimbabwe
Copyright©2003CiscoSystems,Inc.Allrightsreserved.COP,
CCSP,theCiscoArrowlogo,theCiscoPoweredNetworkmark,
theCiscoSystemsVerifiedlogo,CiscoUnity,FollowMe
Browsing,FormShare,iQNetReadinessScorecard,Networking
Academy,andScriptSharearetrademarksofCiscoSystems,
Inc.;ChangingtheWayWeWork,Live,Play,andLearn,The
FastestWaytoIncreaseYourInternetQuotient,andiQuick
StudyareservicemarksofCiscoSystems,Inc.;andAironet,
ASIST,BPX,Catalyst,CCDA,CCDP,CCIE,CCNA,CCNP,Cisco,
theCiscoCertifiedInternetworkExpertlogo,CiscoIOS,the
CiscoIOSlogo,CiscoPress,CiscoSystems,CiscoSystems
Capital,theCiscoSystemslogo,EmpoweringtheInternet
Generation,Enterprise/Solver,EtherChannel,EtherSwitch,Fast
Step,GigaStack,InternetQuotient,IOS,IP/TV,iQExpertise,
theiQlogo,LightStream,MGX,MICA,theNetworkerslogo,
NetworkRegistrar,Packet,PK,Post-Routing,Pre-Routing,
RateMUX,RegistrarSlideCast,SMARTnet,StrataViewPlus,
Stratm,SwitchProbe,TeleRouter,TransPath,andVCOare
registeredtrademarksofCiscoSystems,Inc.and/orits
affiliatesintheU.S.andcertainothercountries.
AllothertrademarksmentionedinthisdocumentorWebsite
arethepropertyoftheirrespectiveowners.Theuseoftheword
partnerdoesnotimplyapartnershiprelationshipbetweenCisco
andanyothercompany.(0303R)
PrintedintheUSA
Dedications
Tim:Thisbookisobviouslydedicatedtomywife;otherwise,of
course,she'dkillme.Itamusesmetothinkthatifothersare
actuallyreadingthis,theyprobablythinkI'monlyjokingbut,
alas,theGreekcapacityforvengeanceisnolaughingmatter.I
cancelledfartoomanydates,stayedinmyofficeandlabsfar
toomanyweekends,andstaredblanklyintospace(thinking
aboutthesedesigns)fartoomanytimes(whileshewastalking
tome)toeverallowthethoughtofnotdedicatingthisworkto
hertoevencrossmytinyxeno-brain.
Iknow,Iknow,it'snotaworkofliteratureoracollectionof
poetry:It'sjustatechnicalbookboringtotearsforanynot
interestedinthesubject(andprobablyjustboringtoyawnsfor
therest).But,forwhateverit'sworth,I'mdedicatingittoyou,
Lella.Iloveyouwithallmyheart.
Christina:ToRobertVerkroostandRiaandWillieHattingh,
whounfailinglysupportmyvariousforaysintothepublishing
world.
AbouttheAuthors
TimSzigeti,CCIENo.9794,attendedtheUniversityofBritish
Columbia,wherehemajoredinmanagementinformation
systems.Aftergraduating,TimjoinedCiscoSystemsandsoon
afterbegantospecializeinQuality-of-Servicetechnologies,
supportingtechnicalmarketinginitiativesfortheCiscoClass
Dataacquisition,whichledtotheCiscoQoSPolicyManager
(QPM)product.AftersupportingQPMthroughseveral
generationsandservingasproductmanagerfortheCisco
QualityofServiceDeviceManager(QDM)product,Timjoined
theEnterpriseSolutionsEngineeringteamandledlarge-scale
testinginitiativesofcampus,WAN,andVPNQoSdesigns.Tim
nowbelongstothenewlyformedTechnologySolutions
EngineeringteamwithintheCiscoCentralTechnicalMarketing
organization.There,hecontinuestodefineanddrivestrategic
QoSsolutionsacrossCiscotechnologygroupsandbusiness
unitswhileworkingwithmanyFortune500companiesboth
enterpriseandserviceprovidersprovidingQoSdesignexpertise.
ChristinaHattinghisamemberofthetechnicalstaffinthe
MultiserviceCustomerEdgeBusinessUnitofCiscoSystems.
Theseproducts,includingtheCisco2600,3600,and3700
seriesaccessrouterplatforms,weresomeofthefirstCisco
platformstoconvergevoiceanddatatrafficontoanIPnetwork
byofferingTDMvoiceinterfaces,WANinterfaces,andcritical
QoSfeatures,whilelaterintegratingcallcontrolelementsinto
therouter-basedplatformitself.Inthisrole,shetrainsCisco
salesstaffandadvisescustomersonvoicenetworkdeployment
anddesign.
AbouttheTechnicalEditors
FrankKnoxhasmorethan37yearsoftelecommunications
experience.DuringhiscareeratIBM,Frankheldpositionsin
fieldservice,fieldsupport,serviceplanning,andeducation;his
finalpositionbeforeretirementwascurriculummanagerfor
IBM'sNetworkEducationinNorthAmerica.AfterleavingIBM,
FrankheldthepositionofnetworkengineeringmanagerforGTE
Directories,wherehewasresponsibleforthecompany'svoice
anddatanetworkdesignandsupport.Concurrentwithhiswork
atIBMandGTE,Franktaughtasanadjunctprofessorforthe
UniversityofDallasMBAprogram.Forthepastsixyears,Frank
hasworkedforSkylineComputerasaseniorinstructorand
consultant;heiscurrentlySkyline'schieftechnicalofficer
(CTO).FrankholdstwoCCIEcertifications(R&SandSNA/IP);
healsohasamaster'sdegreeintelecommunicationsfromPace
University.
AnnaTohasworkedwithCiscoformorethanthreeyearsasa
software/deploymentengineerontheITDQoSteam.Oneof
Anna'skeytasksistopromoteQoSdeploymentandincrease
theunderstandingofQoStechnologyinthefield.Annaworks
ontheModularQoSCLI(MQC)solutionteamtobring
consistencyinQoSconfigurationacrossvariousCiscoplatforms.
Inaddition,AnnaisinvolvedwiththeAutoQoSprojectto
simplifyQoSdeployment.
ConnieVarnerisatechnicalmarketingengineerintheCisco
EnterpriseSystemsEngineeringgroup.Shehasextensive
experiencedesigningandtestinglarge-scalenetworksbasedon
customerrequirements,inpartbasedonfouryearsof
experiencewiththeCiscoCustomerProofofConceptLabs.
ConniespecializesinQoSdesignsthatmeettheneedsof
convergeddata,voiceandvideonetworks,anddesignsthat
involveIPSecVPNs.
Acknowledgments
Offthetop,I'dliketothankmyfriendandco-workerDave
Barton,whoalthoughhewasextremelybusydowningbeersat
Chicago'sNavyPiergallantlymanagedtosicBrettBartowonto
me,whichgottheballrollingonthiswholeproject.(Dave,did
youmakeitbackokaytothehotelthatnight?)
ManythankstoToddTruitt,oneofthetoptalentsatCisco,for
invitingmycollaborationontheoriginalAVVIDQoSDesign
Guide,hiringmeontohisdesignteam,andrecommending
Christinaasaco-authorforthisproject.Doyouevergettired
ofbeingright,Todd?
ThanksalsotoNeilAnderson,JoelKing,TedHannock,and
SteveOchmanskiforguidanceandcollaborationonIPSecV3PN
designs.Thanksforlettingmeleverageyourexcellentand
thoroughworksothatIdidnottohavetoreinventthewheel
onthesedesigns.
Thankyou,MikeHerbert,foryourbrilliantflashofusingQoSfor
DoS/wormmitigationviatheScavengerclass.Thoughyou
derailedandpostponedmanywhitepapersandpublications
(includingthisone),youopenedupawholenewscopeof
applicationforQoStechnologiesandwe'reallbetteroffforit.
Thankyou,too,AlexDolan,forbuildingoutmultiplelarge-scale
MPLSVPNtestbedsformeandcontinuallytweakingthemto
suitmymood-of-the-day.Idon'tknowwhereyourpatienceor
yourgoodnaturecomesfrom,butthey'remostappreciated.
Thanks,too,fornudgingmebackintoplayingicehockey.Next
timeIbreakalegorchipatooth,I'llthinkofyouandgrimace.
Muchosgracias,ArlindoCallejas,forbeingmuchmorethanmy
awesomelabadministrator.Youalwayswentoutofyourwayfor
meandgotmeeverythingIeverneededinstantly.Sometimes
I'mafraidtoaskwhereyousourcedthegearyoudid.(I'mnot
surewhetherthose10GElinecards"felloffthebackofaCisco
truck"orwhat,buttheysurecameinhandyatjusttheright
time.)
Aroundofapplauseismeritedbythetechnicalreviewers.
Havingdonethisbeforemyself,Icangenuinelyappreciatethe
time,effort,andpainstakingattentiontodetailthatgoesinto
thisprocess.Frank,yourcommentswererightonandhelped
makethisabetterbook.Anna,isthereanythingyoudon't
knowaboutCiscoQoS?I'mverythankfulyoutooktimeoutof
yourextremelybusyschedule,developingcodewhilehelping
anyoneandeveryoneonplanetEarth(andsomenearby
systems)thatarehavingQoSproblems.AndConnie,ifyou
hadn'treviewedthiswork,Iwouldnothavesubmitteditfor
publication.You'resimplythebesttechnicalreviewerandoneof
thesharpestengineersI'veeverhadthepleasureofworking
with.
ThankyouHowardJonesforyourexcellenteditingand
coordinatingthecomplexcontentreviewandcopyreview
processes.Andthankyou,too,PatrickKanouseformanaging
theproductionofthispublicationandallowingmetomake
hundredsoflast-minuteeditsinthegalley-reviewphase(when
editsaretobekeptataminimum).HowyouputupwithmeI'll
neverknow,butItrulyappreciateyourpatienceanddesireto
helpmakethisbookascorrectandascurrentaspossible.Also
thankyouChrisClevelandforyourfinerecommendationsand
guidanceduringthecourseofproduction.
IneedtoextendthanksalsotoDebbieMorrison,whois,inmy
opinion,thebesttechnicalwriterperiod.Debbie,asI'vesaid
overandoveragain,youpolishmyuglylittlechunksofcoal
intobeautifuldiamonds.IlovehowIcanbarelyrecognizemy
ownworkonceyou'vedoneyourmagic.I'lltrulymissworking
withyounowthatyou'vegoneontobiggerandbetterthings.
(I'msoterrifiedofthefuturewho'sgoingtomakemelookgood
now?)
BrettBartow,whatcanIsay?Thiswouldneverhavehappened
withoutyou.Timeandtimeagain,itseemedtofallbythe
wayside,butyourpersistence,perseverance,andpatiencekept
itallgoing.Thankyou.Youdidn'tbackoff,andI'mgladforit.
Yourguidancehasbeenuncanny,andyourvisionhaspaidoff.
Thanksalsotoyourproductionteam.
Andlastly,thankyou,Christina.Youmadeitfun.RightwhenI
readyourfirstdraftofyourfirstchapter,Iknewyouwerethe
bestpersontoembarkonthisprojectwith(eventhoughyou
writelikeanengineer!).Thankyouforsacrificingsomany
weekendsonthis(thankRobertformetoo).Iknowthisisonly
oneofmanypublishingprojectsyou'repursuing;allIaskis
thatyousavemeanautographbeforeyoumovetoHawaiiand
startonyourbest-seller!
IconsUsedinThisBook
CommandSyntaxConventions
Theconventionsusedtopresentcommandsyntaxinthisbook
arethesameconventionsusedintheCiscoIOSCommand
Reference.TheCommandReferencedescribesthese
conventionsasfollows:
Boldfaceindicatescommandsandkeywordsthatare
enteredliterallyasshown.Inactualconfigurationexamples
andoutput(notgeneralcommandsyntax),boldface
indicatescommandsthatareinputmanuallybytheuser
(suchasashowcommand).
Italicsindicatesargumentsforwhichyousupplyactual
values.
Verticalbars(|)separatealternative,mutuallyexclusive
elements.
Squarebrackets[]indicateoptionalelements.
Braces{}indicatearequiredchoice.
Braceswithinbrackets[{}]indicatearequiredchoice
withinanoptionalelement.
Introduction
QoSisamaturingtechnology,onethatmanynetworking
professionals,toagreaterorlesserextent,arealreadyfamiliar
with.Thisisbothablessingandacurse.Itisablessing
becausemoreadministratorsareenablingQoSontheir
networks,whichallowsfortheconvergenceofvoice,video,and
dataontoasingleIPnetwork,amongotherbusiness
advantages.Itisacursebecausealmosteveryindividualwith
whomI'veeverdiscussedQoSdesignshasaslightlydifferent
opiniononhowQoSshouldbeenabled.
Theresultoftenhasledtoconfusingbabblefromthe
customer'sperspective,especiallyforcustomersseekingQoS
designguidancefornon-VoIPapplications.Forexample,a
customermightaskthelocalCiscoSystemsengineerhowbest
toenableQoSfornetworksandreceiveoneanswer.Later,the
customermightattendanExecutiveBriefingsessioninSan
Joseandreceiveadifferentanswer(evenreceivingmultiple
differentanswerswithinthesamedayfromdifferent
presenters).Later,whileattendingaNetworkersconference,
thecustomermightbetoldsomethingelseentirely.Finally,
whenthecustomergetshomeandpicksupaCiscoPressbook,
heorshemightgetstillanotherstory.Confusedandfrustrated,
manycustomersdecidetoenableminimalQoS,ifany,despite
thetoutedbenefitsthattheyweresoldon.Therefore,inmy
opinion,presentingsuchinconsistentrecommendationsisa
majordisservicetoourcustomersandaconsiderablebarrierto
thewidespreaddeploymentofQoS.
TheCiscoTechnologyBaselinecommitteeswerecreatedto
remedythesituationandhelpunifyvarioustechnologiesacross
Ciscoproductsandplatforms.Tothisend,aseriesof
TechnologyBaselinesweredevelopedinternallybyourleading
experts(manyofwhomlikewisedevelopedtherelatedIETF
RFCsandotherstandards)towhichallCiscoproductsand
featuresmustconform.Additionally,thesedocumentsprovide
uniform,strategicrecommendations(thatcanbesharedwith
customers)tohelpensurethatQoSrecommendationsare
unifiedandconsistent,forbothenterprisesandservice
providers.SpecifictoQoS,theQoSBaselinestrictlydefinesthe
CiscostrategicdirectioninQoStechnologiesfromnowintothe
foreseeablefuture.
Thus,auniquefeatureofthisbookisthatitisthefirstCisco
Presspublicationtopresentdesignrecommendationsthatare
compliantwiththeQoSBaseline.
Anotherhugeadvantageofthispublicationisthatitisoneof
thefirstdocumentstopresentadetailed,cohesivestrategythat
showshowQoScanextendbeyonditstraditionalrole(of
prioritizingimportantapplications)andbeusedtoprovide
deferentialservicestoDoS/worm-generatedtraffic,thus
mitigatingandcontainingthecollateraldamagecausedbysuch
attacks.Thisisafreshperspectiveandcontextforatechnology
thatmanyconsideredbakedanddone.Yetinsucharole,the
criticalinterdependencyofQualityofService,High-Availability,
andSecuritytechnologiesbecomesmanifestandholistically
promotesthe"Self-DefendingNetworks"businessobjective.
However,havingastrategicdirectionandtacticalapproaches
forQoSdesignsisonlyhalfthesolution.Animportantmotto
thatIliketoemphasizeis:"Intheory,theoryandpracticeare
thesame."It'sonethingtomakeadesignrecommendation
basedonanassumptionthatsomething"shouldwork."It's
somethingcompletelydifferenttomakeadesign
recommendationthathasbeenverifiedinlarge-scale,complex
labscenarios,suchasprovidedbyoneofthelargestCiscolabs:
theEnterpriseSolutionsEngineeringtestbedsinResearch
TrianglePark,NorthCarolina.
Notwithstanding,itshouldbenotedthatdesignspresentedin
thisbookarenotinfallible.Whileallduediligencehasbeen
donetopresentworking,testedconfigurationsincludinga
rigoroustechnicalreviewingprocessbysomeofthesharpest
CiscoQoSengineershardware/software/platform-specificissues
thatdidn'tsurfaceduringourtestsmaynonethelessexist,as
mayissuesintroducedinnewerreleasesofhardware/software
datingfromourtimeoftesting.
Furthermore,therecommendationspresentedinthisbookare
nottobetakenascommandmentsordictates("Thoushalt
configurethisorthat"),butaresimplybest-practicedesign
recommendationsthataretheresultofextensivelabtesting
andcustomerdeployments.Theyshouldbeviewedas
templatesthatcanbemodifiedandtweakedtocustomerspecificrequirements.Followingthe80/20ParetoRule,these
designrecommendationsshouldbeviewedas80percentofthe
solution,towhichtheremaining20percentisuptoeach
customertocompleteandtailortotheirindividualneedsand
constraints.
Here'sananalogyofhowtoviewthesedesign
recommendations:Givenabusinessobjective(forexample,to
hammeranailintoawall),youwillhavecertaintoolsatyour
disposaltoolsthatmayormaynotbeoptimallysuitedtothe
task(let'ssay,ahammerandabanana).Ourlabtesting
presentstheoptimaltooltouseforthegivenobjective
(normally,ahammertestsbetterthanabanana,butyounever
knowI'veseensomeprettyfunkyfrozenbananasthatmightdo
thetrick).It'sstilluptothecustomertopickthetoolthatbest
suitstheirobjectives,situations,andcomfortlevels.These
recommendationsarenotmandates;theyaresimply
suggestionsbasedonextensivelabtestingandcustomer
deployments.
WhoShouldReadThisBook?
Somemightask,"WhyshouldIreadthisbook?Especiallywhen
IhaveAutoQoS?"
Certainly,AutoQoS-VoIPisanexcellenttoolforcustomers
whoseobjectiveisenablingQoSforVoIP(only)ontheircampus
andWANinfrastructures,andAutoQoS-Enterpriseisafinetool
forenablingbasicWAN-edgeQoSforvoice,video,andmultiple
classesofdata.ForcustomerswhohavebasicQoSneedsand
don'thavethetimeordesiretolearnordomorewithQoS,
AutoQoSisdefinitelythewaytogo.
However,it'simportanttorememberwhereAutoQoScame
from.AutoQoStoolsaretheresultofQoSdesignguidesthat
CiscoTechnicalMarketingEngineers(includingmyself)put
togetherbasedonlarge-scalelabtesting.AutoQoS-VoIPisthe
productofourfirst"AVVIDQoSDesignGuide,"oneofthemost
popularandmostdownloadedtechnicalwhitepapersever
producedwithinCisco.AutoQoS-Enterpriseistheresultofthe
QoSBaselinecoupledwithoursecond-generationQoSDesign
Guide.Thisbookrepresentsourthird-generationQoSDesign
Guide.Anditisthegoaloftheauthorstodrivethesedesigns
(includingDoS/worm-mitigationstrategies)intofuturereleases
ofAutoQoS.So,basically,whatyouarereadingistheproposed
blueprintforthenextversionofAutoQoS.
Whenitcomestoanygiventechnology,therearereallyonly
twotypesofpeople:thosewhoareinterestedinthetechnology
andseekathoroughunderstandingoftherelationoftheparts
tothewhole,andthosewhojustwantto"turniton"andwalk
away.Theformeraretheoneswhowillconfidentlyunleashthe
truepowerofthetechnologyandpushittoitslimits;thelatter
aretheoneswhoareusuallyhesitant,timid,andconservative
intheiruseofthetechnology,typicallyaccompaniedwith
mediocreresults.
