6.2.b [i] Classification
Packet classification involves using a traffic descriptor to categorize a packet within a specific group and making the packet accessible for QoS handling in the network. Using packet classification, you can partition network traffic into multiple priority levels or a class of service (CoS). You can use either access lists (ACLs) or the match command in the modular QoS CLI to match on DSCP values.
Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 5634-5637). . Kindle Edition.
6.2.b [ii] Network based application recognition [NBAR]
NBAR is a classification engine that recognizes and classifies a wide variety of protocols and applications, including web-based and other difficult-to-classify applications and protocols that use dynamic TCP/ UDP port assignments.
When NBAR recognizes and classifies a protocol or an application, the network can be configured to apply the appropriate QoS for that application or traffic with that protocol. The QoS is applied using the MQC.
NBAR introduces several classification features that identify applications and protocols from Layer 4 through Layer 7. These classification features are as follows:
● Statically assigned TCP and UDP port numbers.
● Non-TCP and non-UDP IP protocols.
● Dynamically assigned TCP and UDP port numbers. This kind of classification requires stateful inspection, that is, the ability to inspect a protocol across multiple packets during packet classification.
● Subport classification or classification based on deep packet inspection, that is, classification for inspecting packets.
NBAR includes the Protocol Pack feature that provides an easy way to load protocols and helps NBAR recognize additional protocols for network traffic classification. A protocol pack is set a of protocols developed and packed together. A new protocol pack can be loaded on the device to replace the default IOS protocol pack that is already present in the device.
Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 5670-5684). . Kindle Edition.
6.2.b [iii] Marking using IP precedence, DSCP, CoS, ECN
6.2.b [iv] Policing, shaping
Traffic policing propagates bursts. When the traffic rate reaches the configured maximum rate, excess traffic is dropped (or remarked). The result is an output rate that appears as a saw-tooth with crests and troughs. In contrast to policing, traffic shaping retains excess packets in a queue and then schedules the excess for later transmission over increments of time. The result of traffic shaping is a smoothed packet output rate.
Shaping implies the existence of a queue and of sufficient memory to buffer delayed packets, while policing does not. Queuing is an outbound concept; packets going out an interface get queued and can be shaped. Only policing can be applied to inbound traffic on an interface. Ensure that you have sufficient memory when enabling shaping. In addition , shaping requires a scheduling function for later transmission of any delayed packets. The scheduling function allows you to organize the shaping queue into different queues. Examples of scheduling functions are Class Based Weighted Fair Queuing (CBWFQ) and Low Latency Queuing (LLQ). Shaped round robin queues that carry higher weights get serviced first.
Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 5685-5693). . Kindle Edition.