6.2.b Implement, optimize and troubleshoot QoS using MQC

6.2.b [v] Congestion management [queuing]

Congestion management features allow you to control congestion by determining the order in which packets are sent out an interface based on priorities assigned to those packets. Congestion management entails the creation of queues, assignment of packets to those queues based on the classification of the packet, and scheduling of the packets in a queue for transmission. The congestion management QoS feature offers four types of queuing protocols , each of which allows you to specify creation of a different number of queues, affording greater or lesser degrees of differentiation of traffic, and to specify the order in which that traffic is sent.

During periods with light traffic, that is, when no congestion exists, packets are sent out the interface as soon as they arrive. During periods of transmit congestion at the outgoing interface, packets arrive faster than the interface can send them. If you use congestion management features, packets accumulating at an interface are queued until the interface is free to send them; they are then scheduled for transmission according to their assigned priority and the queuing mechanism configured for the interface. The router determines the order of packet transmission by controlling which packets are placed in which queue and how queues are serviced with respect to each other.

There four types of queuing, which constitute the congestion management QoS features:

● FIFO (first-in, first-out). FIFO entails no concept of priority or classes of traffic. With FIFO , transmission of packets out the interface occurs in the order the packets arrive.

● Weighted fair queuing (WFQ). WFQ offers dynamic, fair queuing that divides bandwidth across queues of traffic based on weights. (WFQ ensures that all traffic is treated fairly, given its weight.) To understand how WFQ works, consider the queue for a series of File Transfer Protocol (FTP) packets as a queue for the collective and the queue for discrete interactive traffic packets as a queue for the individual. Given the weight of the queues, WFQ ensures that for all FTP packets sent as a collective an equal number of individual interactive traffic packets are sent.)

Given this handling, WFQ ensures satisfactory response time to critical applications, such as interactive, transaction-based applications, that are intolerant of performance degradation. For serial interfaces at E1 (2.048 Mbps) and below, flow-based WFQ is used by default. When no other queuing strategies are configured, all other interfaces use FIFO by default.

There are four types of WFQ:

● Flow-based WFQ (WFQ)

● Distributed WFQ (DWFQ)

● Class-based WFQ (CBWFQ)

● Distributed class-based WFQ (DCBWFQ)

● Custom queuing (CQ). With CQ, bandwidth is allocated proportionally for each different class of traffic. CQ allows you to specify the number of bytes or packets to be drawn from the queue, which is especially useful on slow interfaces.

● Priority queuing (PQ). With PQ, packets belonging to one priority class of traffic are sent before all lower priority traffic to ensure timely delivery of those packets.

Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 5719-5730).  . Kindle Edition.


6.2.b Implement, optimize and troubleshoot QoS using MQC

6.2.b [vi] HQoS, sub-rate ethernet link

The QoS Hierarchical Queuing Framework (HQF) feature enables you to manage quality of service (QoS) at three different levels–the physical interface level, the logical interface level, and the class level of scheduling for applying QoS queuing and shaping mechanisms by using the modular QoS command-line interface (MQC) to provide a granular and flexible overall QoS architecture.

You can apply class-based queuing to any traffic class in the parent or child level of a hierarchical policy and obtain service levels for different sessions or subscribers.

Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 5735-5736).  . Kindle Edition.



6.2.b Implement, optimize and troubleshoot QoS using MQC

6.2.b [vii] Congestion avoidance [WRED]

Congestion avoidance techniques monitor network traffic loads in an effort to anticipate and avoid congestion at common network bottlenecks. Congestion avoidance is achieved through packet dropping. Among the more commonly used congestion avoidance mechanisms is Random Early Detection (RED), which is optimum for high-speed transit networks. Cisco IOS QoS includes an implementation of RED that, when configured, controls when the router drops packets. If you do not configure Weighted Random Early Detection (WRED), the router uses the cruder default packet drop mechanism called tail drop. WRED avoids the globalization problems that occur when tail drop is used as the congestion avoidance mechanism on the router. Global synchronization occurs as waves of congestion crest only to be followed by troughs during which the transmission link is not fully utilized. Global synchronization of TCP hosts, for example, can occur because packets are dropped all at once. Global synchronization manifests when multiple TCP hosts reduce their transmission rates in response to packet dropping (thus reducing performance), then increase their transmission rates once again when the congestion is reduced.

● Tail drop . This is the default congestion avoidance behavior when WRED is not configured and can lead to global synchronization behavior.

● WRED and distributed WRED (DWRED)— both of which are the Cisco implementations of RED— combine the capabilities of the RED algorithm with the IP Precedence feature.

There are a few variations of WRED:

● Flow-based WRED . Flow-based WRED extends WRED to provide greater fairness to all flows on an interface in regard to how packets are dropped.

● DiffServ Compliant WRED . DiffServ Compliant WRED extends WRED to support Differentiated Services (DiffServ ) and Assured Forwarding (AF) Per Hop Behavior (PHB). This feature enables customers to implement AF PHB by coloring packets according to differentiated services code point (DSCP) values and then assigning preferential drop probabilities to those packets.

Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 5756-5765).  . Kindle Edition.



6.2.a Implement and troubleshoot end-to-end QoS

6.2.a [i] CoS and DSCP mapping

Differentiated Services (DiffServ) is a model in which traffic is treated by intermediate systems with relative priorities based on the type of services (ToS) field. DiffServ increases the number of definable priority levels by reallocating bits of an IP packet for priority marking.

The DiffServ architecture defines the DiffServ (DS) field, which supersedes the ToS field in IPv4 to make per-hop behavior (PHB) decisions about packet classification and traffic conditioning functions, such as metering, marking, shaping, and policing.

The RFCs do not dictate the way to implement PHBs; this is the responsibility of the vendor. Cisco implements queuing techniques that can base their PHB on the IP precedence or DSCP value in the IP header of a packet. Based on DSCP or IP precedence, traffic can be put into a particular service class.

Packets within a service class are treated the same way. AF43 (100110) and AF11 (001010) are the highest and lowest priority classes respectively that can be configured using DSCP encoding.

The six most significant bits of the DiffServ field is called as the DSCP. The last two Currently Unused (CU ) bits in the DiffServ field were not defined within the DiffServ field architecture; these are now used as Explicit Congestion Notification (ECN) bits. Routers at the edge of the network classify packets and mark them with either the IP Precedence or DSCP value in a DiffServ network. Other network devices in the core that support DiffServ use the DSCP value in the IP header to select a PHB behavior for the packet and provide the appropriate QoS treatment. COS 3 and 4 are mapped to DSCP 24 and 32 respectively.

The DSCP can be set to a desired value at the edge of the network in order to make it easy for core devices to classify the packet as shown in the Packet Classification section and provide a suitable level of service. Class-Based Packet Marking can be used to set the DSCP value.

Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 5610-5619).  . Kindle Edition.


6.1.c Implement and troubleshoot logging

6.1.c [i] Local logging, syslog, debug, conditional debug

Cisco router’s or switch’s log messages can be handled in five different ways:

Console logging: By default, the router sends all log messages to its console port. Users that are physically connected to the router console port can view these messages.

Terminal logging: It is similar to console logging, but it displays log messages to the router’s VTY lines instead. This is not enabled by default.

Buffered logging: This type of logging uses router’s RAM for storing log messages. buffer has a fixed size to ensure that the log will not deplete valuable system memory. The router accomplishes this by deleting old messages from the buffer as new messages are added.

Syslog Server logging : The router can use syslog to forward log messages to external syslog servers for storage. This type of logging is not enabled by default.

SNMP trap logging: The router is able to use SNMP traps to send log messages to an external SNMP server.

Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 5573-5576).  . Kindle Edition.



6.1.c Implement and troubleshoot logging

6.1.c [ii] Timestamp

System log messages can contain up to 80 characters and a percent sign (%), which follows the optional sequence number or time-stamp information, if configured. Messages appear in this format:

Seq no:timestamp: %facility-severity-MNEMONIC:description

The part of the message preceding the percent sign depends on the setting of the service sequence-numbers, service timestamps log datetime, service timestamps log datetime [localtime] [msec] [show-timezone], or service timestamps log uptime global configuration command.

Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Location 5585).  . Kindle Edition.




6.1.b Implement and troubleshoot SNMP

6.1.b [i] v2c, v3

SNMP is an application-layer protocol that provides a message format for communication between managers and agents. The SNMP system consists of an SNMP manager, an SNMP agent, and a MIB. The SNMP manager can be part of a network management system (NMS) such as CiscoWorks. The agent and MIB reside on the switch. To configure SNMP on the switch, you define the relationship between the manager and the agent.

The SNMP agent contains MIB variables whose values the SNMP manager can request or change. A manager can get a value from an agent or store a value into the agent. The agent gathers data from the MIB, the repository for information about device parameters and network data. The agent can also respond to a manager’s requests to get or set data.

An agent can send unsolicited traps to the manager. Traps are messages alerting the SNMP manager to a condition on the network. Traps can mean improper user authentication, restarts, link status (up or down), MAC address tracking, closing of a TCP connection, loss of connection to a neighbor, or other significant events.

● SNMP v1—The Simple Network Management Protocol, a Full Internet Standard, defined in RFC 1157.

● SNMP v2C replaces the Party-based Administrative and Security Framework of SNMP v2Classic with the community-string-based Administrative Framework of SNMP v2C while retaining the bulk retrieval and improved error handling of SNMP v2Classic. It has these features:

● SNMPv2—Version 2 of the Simple Network Management Protocol, a Draft Internet Standard, defined in RFCs 1902 through 1907.

● SNMPv2C—The community-string-based Administrative Framework for SNMPv2, an Experimental Internet Protocol defined in RFC 1901.

● SNMPv3—Version 3 of the SNMP is an interoperable standards-based protocol defined in RFCs 2273 to 2275.

SNMPv3 provides secure access to devices by authenticating and encrypting packets over the network and includes these security features:

● Message integrity— ensuring that a packet was not tampered with in transit

● Authentication— determining that the message is from a valid source

● Encryption— mixing the contents of a package to prevent it from being read by an unauthorized source.

Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 5561-5562).  . Kindle Edition.






6.1.a Implement and troubleshoot device management

6.1.a [i] Console and VTY

The console port on the router is an EIA/ TIA-232 asynchronous, serial connection with no flow control and an RJ-45 connector. The console port is used to access the router and is located on the front panel of the Route Processor (RP).

Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 5502-5503).  . Kindle Edition.




6.1.a Implement and troubleshoot device management

6.1.a [ii] telnet, HTTP, HTTPS, SSH, SCP

You can use the SSH server to enable an SSH client to make a secure, encrypted connection to a Cisco IOS device. SSH uses strong encryption for authentication. The SSH server in the Cisco IOS software can interoperate with publicly and commercially available SSH clients. There are three steps that need to be taken to enable SSH, i.e. generate a crypto key, configure a domain name, and configure VTY line( s) to use transport SSH (using transport input command).

The user authentication mechanisms supported for SSH are RADIUS, TACACS +, and the use of locally stored usernames and passwords. The behavior of SCP is similar to that of remote copy (rcp), which comes from the Berkeley r-tools suite, except that SCP relies on SSH for security. In addition, SCP requires that authentication, authorization, and accounting (AAA) authorization be configured so the router can determine whether the user has the correct privilege level.

The HTTP 1.1 Web Server and Client feature provides a consistent interface for users and applications by implementing support for HTTP 1.1 in Cisco IOS software-based devices. When combined with the HTTPS feature, the HTTP 1.1 Web Server and Client feature provides a complete, secure solution for HTTP services between Cisco devices.

Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 5509-5515).  . Kindle Edition.



6.1.a Implement and troubleshoot device management

6.1.a [iii] [T]FTP

You can configure a router to serve as a RARP or TFTP server to reduce costs and time delays in your network while allowing you to use your router for its regular functions.

Typically, a router that is configured as a TFTP server provides other routers with system image or router configuration files from its Flash memory. You can also configure the router to respond to other types of service requests, such as requests.

To enable TFTP server operation, use the following commands, beginning in privileged EXEC mode:

Router( config)# tftp-server flash [partition-number:] filename1[ alias filename2] [access-list-number]

You configure a router to transfer files between systems on the network using the File Transfer Protocol (FTP). With the Cisco IOS implementation of FTP, you can set the following FTP characteristics:

● Passive-mode FTP

● User name

● Password

● IP address

Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 5519-5531).  . Kindle Edition.