End-to-End QoS Network Design: Quality of Service in LANs, WANs, and VPNs
- By Tim Szigeti, Christina Hattingh
- Published Nov 9, 2004 by Cisco Press. Part of the Networking Technology series.
Book
- Sorry, this book is no longer in print.
- Copyright 2005
- Edition: 1st
- Book
- ISBN-10: 1-58705-176-1
- ISBN-13: 978-1-58705-176-0
Best-practice QoS designs for protecting voice, video, and critical data while mitigating network denial-of-service attacks
- Understand the service-level requirements of voice, video, and data applications
- Examine strategic QoS best practices, including Scavenger-class QoS tactics for DoS/worm mitigation
- Learn about QoS tools and the various interdependencies and caveats of these tools that can impact design considerations
- Learn how to protect voice, video, and data traffic using various QoS mechanisms
- Evaluate design recommendations for protecting voice, video, and multiple classes of data while mitigating DoS/worm attacks for the following network infrastructure architectures: campus LAN, private WAN, MPLS VPN, and IPSec VPN
Quality of Service (QoS) has already proven itself as the enabling technology for the convergence of voice, video, and data networks. As business needs evolve, so do the demands for QoS. The need to protect critical applications via QoS mechanisms in business networks has escalated over the past few years, primarily due to the increased frequency and sophistication of denial-of-service (DoS) and worm attacks.
End-to-End QoS Network Design is a detailed handbook for planning and deploying QoS solutions to address current business needs. This book goes beyond discussing available QoS technologies and considers detailed design examples that illustrate where, when, and how to deploy various QoS features to provide validated and tested solutions for voice, video, and critical data over the LAN, WAN, and VPN.
The book starts with a brief background of network infrastructure evolution and the subsequent need for QoS. It then goes on to cover the various QoS features and tools currently available and comments on their evolution and direction. The QoS requirements of voice, interactive and streaming video, and multiple classes of data applications are presented, along with an overview of the nature and effects of various types of DoS and worm attacks. QoS best-practice design principles are introduced to show how QoS mechanisms can be strategically deployed end-to-end to address application requirements while mitigating network attacks. The next section focuses on how these strategic design principles are applied to campus LAN QoS design. Considerations and detailed design recommendations specific to the access, distribution, and core layers of an enterprise campus network are presented. Private WAN QoS design is discussed in the following section, where WAN-specific considerations and detailed QoS designs are presented for leased-lines, Frame Relay, ATM, ATM-to-FR Service Interworking, and ISDN networks. Branch-specific designs include Cisco® SAFE recommendations for using Network-Based Application Recognition (NBAR) for known-worm identification and policing. The final section covers Layer 3 VPN QoS design-for both MPLS and IPSec VPNs. As businesses are migrating to VPNs to meet their wide-area networking needs at lower costs, considerations specific to these topologies are required to be reflected in their customer-edge QoS designs. MPLS VPN QoS design is examined from both the enterprise and service provider's perspectives. Additionally, IPSec VPN QoS designs cover site-to-site and teleworker contexts.
Whether you are looking for an introduction to QoS principles and practices or a QoS planning and deployment guide, this book provides you with the expert advice you need to design and implement comprehensive QoS solutions.
Online Sample Chapter
Quality of Service Design Overview
Downloadable Sample Chapter
Download - 460 KB -- Chapter 2: QoS Design Overview
Sample Pages
Download the sample pages (includes Chapter 3 and Index)
Table of Contents
Introduction.
I. INTRODUCTION TO QoS.
1. Introduction to QoS.
A Brief Historical Perspective.
QoS Evolution.
User Network Expectations.
End User.
Information Technologies Management.
Understanding QoS.
End-to-End QoS.
All Packets Are (Not) Equal.
The Challenges of Converged Networks.
QoS Models.
IntServ Overview.
DiffServ Overview.
Introduction to the QoS Toolset.
Simplifying QoS.
Modular QoS Command-Line Interface.
QoS Baseline.
Default Behavior.
Cross-Platform Feature Consistency.
Automatic QoS.
If I Have AutoQoS, Why Should I Be Reading This Book?
The Continuing Evolution of QoS.
Summary.
Further Reading.
General.
IntServ.
DiffServ.
AutoQoS.
2. QoS Design Overview.
QoS Requirements of VoIP.
Voice (Bearer Traffic).
Call-Signaling Traffic.
QoS Requirements of Video.
Interactive-Video.
Streaming-Video.
QoS Requirements of Data.
Best-Effort Data.
Bulk Data.
Transactional Data/Interactive Data.
Locally Defined Mission-Critical Data.
DLSw+ Considerations.
QoS Requirements of the Control Plane.
IP Routing.
Network-Management.
Scavenger Class.
DoS and Worm Mitigation Strategy Through Scavenger Class QoS.
Principles of QoS Design.
General QoS Design Principles.
Classification and Marking Principles.
Policing and Markdown Principles.
Queuing and Dropping Principles.
DoS and Worm Mitigation Principles.
Deployment Principles.
Summary.
Further Reading.
II. QoS TOOLSET.
3. Classification and Marking Tools.
Classification Tools.
Modular QoS Command-Line Interface Class Maps.
Network-Based Application Recognition.
Marking Tools.
Class-Based Marking.
Class-Based Policing.
Committed Access Rate.
Policy-Based Routing.
Voice Gateway Packet Marking.
Layer 2 Marking Fields.
Layer 3 Marking Fields.
Translating Layer 2 and Layer 3 Packet Markings.
Summary.
Further Reading.
General.
DiffServ.
L2 Protocol Tunneling.
VPN.
NBAR.
MPLS.
IP–ATM/Frame Relay Bundles.
Level 2 to Level 3 Packet-Marking Translation.
4. Policing and Shaping Tools.
Token Bucket Algorithms.
Policers.
Policers as Markers.
Committed Access Rate.
Class-Based Policing.
Shapers.
Shaping Algorithms.
Shaping on ATM and Frame Relay Networks.
Generic Traffic Shaping.
Class-Based Shaping.
Further Reading.
DiffServ Policing Standards.
Policing.
ATM PVC Traffic Parameters.
Frame Relay Traffic Shaping.
Traffic Shaping.
5. Congestion-Management Tools.
Understanding Scheduling and Queuing.
Legacy Layer 3 Queuing Mechanisms.
Priority Queuing.
Custom Queuing.
Weighted Fair Queuing.
IP RTP Priority Queuing.
Currently Recommended Layer 3 Queuing Mechanisms.
Class-Based Weighted Fair Queuing.
Low-Latency Queuing.
Layer 2 Queuing Tools.
Frame Relay Dual-FIFO.
PVC Interface Priority Queuing.
Tx-ring.
PAK_priority.
Summary.
Further Reading.
Layer 3 Queuing.
Layer 2 Queuing.
Tx-ring.
PAK_priority.
6. Congestion-Avoidance Tools.
Random Early Detection.
Weighted Random Early Detection.
DSCP-Based Weighted Random Early Detection.
Explicit Congestion Notification.
Summary.
Further Reading.
DiffServ Standards Relating to WRED.
Cisco IOS WRED Documentation.
7. Link-Specific Tools.
Header-Compression Techniques.
Related Standards.
TCP Header Compression.
RTP Header Compression.
Compression Formats.
Layer 2 Encapsulation Protocol Support.
Summary of cRTP Formats and Protocol Encapsulations.
Class-Based Header Compression.
Advanced Topics on cRTP.
Link Fragmentation and Interleaving.
Fragment Sizes.
Multilink PPP LFI.
Frame-Relay Fragmentation.
LFI for Frame Relay/ATM Service Interworking.
IPSec Prefragmentation.
Summary.
Further Reading.
General.
IETF Standards.
Frame Relay Forum Standards.
Header Compression.
Link Fragmentation and Interleaving.
8. Bandwidth Reservation.
RSVP Overview.
RSVP Service Types.
Admission Control.
RSVP and LLQ.
MPLS Traffic Engineering.
Scalability.
RSVP-DiffServ Integration.
Endpoints and Proxies.
Summary.
Further Reading.
Standards.
Cisco IOS Documentation.
9. Call Admission Control (CAC).
CAC Overview.
CAC Defined.
CAC Tool Categories.
Local CAC Tools.
Measurement-Based CAC Tools.
Resource-Based CAC Tools.
CallManager Locations CAC.
Gatekeeper CAC.
RSVP.
Example of VoIP CAC Through RSVP.
Summary.
Further Reading.
General.
Cisco IOS Documentation.
10. Catalyst QoS Tools.
Generic Catalyst QoS Models.
Classification, Marking, and Mapping.
Policing and Markdown.
Queuing and Dropping.
Catalyst 2950.
Catalyst 2950 Classification, Marking, and Mapping.
Catalyst 2950 Policing and Markdown.
Catalyst 2950 Queuing.
Catalyst 3550.
Catalyst 3550 Classification, Marking, and Mapping.
Catalyst 3550 Policing and Markdown.
Catalyst 3550 Queuing and Dropping.
Catalyst 2970, 3650, and 3750.
Catalyst 2970/3560/3750 Classification, Marking, and Mapping.
Catalyst 2970/3560/3750 Policing and Markdown.
Catalyst 2970/3560/3750 Queuing and Dropping.
Catalyst 4500.
Catalyst 4500 Classification, Marking, and Mapping.
Catalyst 4500 Policing and Markdown.
Catalyst 4500 Queuing and Dropping.
Catalyst 6500.
Catalyst 6500 Classification, Marking, and Mapping.
Catalyst 6500 Policing and Markdown.
Catalyst 6500 Queuing and Dropping.
Summary.
Further Reading.
11. WLAN QoS Tools.
QoS for Wireless LANs Versus QoS on Wired LANs.
Upstream Versus Downstream QoS.
IEEE 802.11 DCF.
Interframe Spaces.
Random Backoffs/Contention Windows.
IEEE 802.11e EDCF.
QoS Basic Service Set Information Element.
IEEE 802.1D Classes of Service.
QoS Operation on Cisco APs.
Configuring QoS on Cisco APs.
Summary.
Further Reading.
III. LAN QoS DESIGN.
12. Campus QoS Design.
DoS/Worm-Mitigation Strategies.
Scavenger-Class QoS Operation.
Call-Signaling TCP/UDP Ports in Use.
Access-Edge Trust Models.
Trusted Endpoint Models.
Untrusted Endpoint Models.
Conditionally Trusted Endpoint(s) Models.
Catalyst 2950 QoS Considerations and Design.
Catalyst 2950: Trusted Endpoint Model.
Catalyst 2950: Untrusted PC with SoftPhone Model.
Catalyst 2950: Untrusted Server Model.
Catalyst 2950: Conditionally Trusted IP Phone + PC: Basic Model.
Catalyst 2950: Conditionally Trusted IP Phone + PC: Advanced Model.
Catalyst 2950: Queuing.
Catalyst 3550 QoS Considerations and Design.
Catalyst 3550: Trusted Endpoint Model.
Catalyst 3550: Untrusted PC with SoftPhone Model.
Catalyst 3550: Untrusted Server Model.
Catalyst 3550: Conditionally Trusted IP Phone + PC: Basic Model.
Catalyst 3550: Conditionally Trusted IP Phone + PC: Advanced Model.
Catalyst 3550: Queuing and Dropping.
Catalyst 2970/3560/3750 QoS Considerations and Design.
Catalyst 2970/3560/3750: Trusted Endpoint Model.
Catalyst 2970/3560/3750: Untrusted PC with SoftPhone Model.
Catalyst 2970/3560/3750: Untrusted Server Model.
Catalyst 2970/3560/3750: Conditionally Trusted IP Phone + PC: Basic Model.
Catalyst 2970/3560/3750: Conditionally Trusted IP Phone + PC: Advanced Model.
Catalyst 2970/3560/3750: Queuing and Dropping.
Catalyst 4500-SupII+/III/IV/V QoS Considerations and Design.
Catalyst 4500: Trusted Endpoint Model.
Catalyst 4500: Untrusted PC with SoftPhone Model.
Catalyst 4500: Untrusted Server Model.
Catalyst 4500: Conditionally Trusted IP Phone + PC: Basic Model.
Catalyst 4500: Conditionally Trusted IP Phone + PC: Advanced Model.
Catalyst 4500: Queuing.
Catalyst 6500 QoS Considerations and Design.
Catalyst 6500: CatOS Defaults and Recommendations.
Catalyst 6500: Trusted Endpoint Model.
Catalyst 6500: Untrusted PC with SoftPhone Model.
Catalyst 6500: Untrusted Server Model.
Catalyst 6500: Conditionally Trusted IP Phone + PC: Basic Model.
Catalyst 6500: Conditionally Trusted IP Phone + PC: Advanced Model.
Catalyst 6500: Queuing and Dropping.
Catalyst 6500: PFC3 Distribution-Layer (Cisco IOS) Per-User Microflow Policing.
WAN Aggregator/Branch Router Handoff Considerations.
Case Study: Campus QoS Design.
Summary.
Further Reading.
IV. WAN QoS DESIGN.
13. WAN Aggregator QoS Design.
Where Is QoS Needed over the WAN?
WAN Edge QoS Design Considerations.
Software QoS.
Bandwidth Provisioning for Best-Effort Traffic.
Bandwidth Provisioning for Real-Time Traffic.
Serialization.
IP RTP Header Compression.
Tx-ring Tuning.
PAK_priority.
Link Speeds.
Distributed Platform QoS and Consistent QoS Behavior.
WAN Edge Classification and Provisioning Models.
Slow/Medium Link-Speed QoS Class Models.
High Link Speed QoS Class Models.
WAN Edge Link-Specific QoS Design.
Leased Lines.
Frame Relay.
ATM.
ATM-to-Frame Relay Service Interworking.
ISDN.
Case Study: WAN Aggregation Router QoS Design.
Summary.
Further Reading.
14. Branch Router QoS Design.
Branch WAN Edge QoS Design.
Unidirectional Applications.
Branch Router LAN Edge QoS Design.
DSCP-to-CoS Remapping.
Branch-to-Campus Classification and Marking.
NBAR Known-Worm Classification and Policing.
Case Study: Branch Router QoS Design.
Summary.
Further Reading.
V. VPN QoS DESIGN.
15. MPLS VPN QoS Design.
Where Is QoS Needed over an MPLS VPN?
Customer Edge QoS Design Considerations.
Layer 2 Access (Link-Specific) QoS Design.
Service-Provider Service-Level Agreements.
Enterprise-to-Service Provider Mapping Models.
Provider-Edge QoS Considerations.
Service Provider-to-Enterprise Models.
MPLS DiffServ Tunneling Modes.
Core QoS Considerations.
Aggregate Bandwidth Overprovisioning.
DiffServ in the Backbone.
MPLS Traffic Engineering.
Case Study: MPLS VPN QoS Design (CE/PE/P Routers).
Summary.
Further Reading.
16. IPSec VPN QoS Design.
Site-to-Site V3PN QoS Considerations.
IPSec VPN Modes of Operation.
Packet Overhead Increases.
cRTP and IPSec Incompatibility.
Prefragmentation.
Bandwidth Provisioning.
Logical Topologies.
Delay Budget Increases.
ToS Byte Preservation.
QoS Pre-Classify.
Pre-Encryption Queuing.
Anti-Replay Implications.
Control Plane Provisioning.
Site-to-Site V3PN QoS Designs.
Headend VPN Edge QoS Options for Site-to-Site V3PNs.
Teleworker V3PN QoS Considerations.
Teleworker Deployment Models.
Broadband-Access Technologies.
Bandwidth Provisioning.
Asymmetric Links and Unidirectional QoS.
Broadband Serialization Mitigation Through TCP Maximum Segment Size Tuning.
Split Tunneling.
Teleworker V3PN QoS Designs.
Case Study: IPSec VPN QoS Design.
Summary.
Further Reading.
Appendix. QoS “At-A-Glance” Summaries.
Index.
Index
Download - 257 KB -- Index
Other Things You Might Like
- Designing Real-World Multi-domain Networks
- eBook $46.39