Table Of Contents
Configuring Classification
Information About Classification
Licensing Requirements for Classification
Prerequisites for Classification
Guidelines and Limitations
Configuring Traffic Classes
Configuring ACL Classification
Configuring DSCP Classification
Configuring IP Precedence Classification
Configuring Protocol Classification
Configuring QoS Group Classification
Configuring Discard Class Classification
Configuring Layer 3 Packet Length Classification
Configuring CoS Classification
Configuring IP RTP Classification
Configuring Class Map Classification
Verifying Classification Configuration
Example Configuration
Configuring Classification
This chapter describes how to configure classification on the device.
This chapter includes the following sections:
•Information About Classification
•Licensing Requirements for Classification
•Prerequisites for Classification
•Guidelines and Limitations
•Configuring Traffic Classes
•Verifying Classification Configuration
•Example Configuration
Information About Classification
Classification is the separation of packets into traffic classes. You configure the device to take specific action on the specified classified traffic, such as poling or marking down, or other actions.
You can create class maps to represent each traffic class by matching packet characteristics with the classification criteria in Table 3-1.
Table 3-1 Classification Criteria
Classification Criteria
|
Description
|
CoS
|
Class of Service (CoS) field in the IEEE 802.1Q header.
|
IP precedence
|
Precedence value within the Type of Service (TOS) byte of the IP header.
|
Differentiated Services Code Point (DSCP)
|
DSCP value within the DIffServ field of the IP header.
|
QoS group
|
Locally significant QoS values that can be manipulated and matched within the system. The range is from 0 to 126.
|
Discard class
|
Locally significant values that can be matched and manipulated within the system. The range is from 0 to 63.
|
Protocol
|
Standard Layer 2 protocol such as Address Resolution Protocol (ARP) or Connectionless Network Service (CLNS).
|
Packet length
|
Size range of Layer 3 packet lengths.
|
IP RTP
|
Identify applications using Real-time Transport Protocol (RTP) by UDP port number range.
|
Class map
|
Criteria specified in a named class-map object.
|
You can specify multiple match criteria, you can choose to not match on a particular criterion, or you can determine traffic class by matching any or all criteria.
Note However, if you match on an ACL, no other match criteria, except packet length, can be specified in a match-all class. In a match-any class, you can match on ACLs and any other match criteria.
Some match criteria relate only to ingress or egress traffic. For example, the internal label QoS group has no meaning on ingress traffic because it has not yet been assigned a value.
Traffic that fails to match any class in a QoS policy map is assigned to a default class of traffic called class-default. The class class-default can be referenced in a QoS policy map to select this unmatched traffic.
You can reuse class maps within the same VDC when defining the QoS policies for different interfaces that process the same types of traffic.
Note See Chapter 2, "Using Modular QoS CLI" for more information on class maps.
Licensing Requirements for Classification
The following table shows the licensing requirements for this feature:
Product
|
License Requirement
|
NX-OS
|
QoS requires no license. Any feature not included in a license package is bundled with the Cisco NX-OS system images and is provided at no extra charge to you. For a complete explanation of the NX-OS licensing scheme, see the Cisco Nexus 7000 Series NX-OS Licensing Guide, Release 4.0.
|
However, using VDCs requires an Advanced Services license.
Prerequisites for Classification
Classification has the following prerequisites:
•You must be familiar with Chapter 2, "Using Modular QoS CLI."
•You are logged on to the switch.
•You are in the correct virtual device context (VDC). A VDC is a logical representation of a set of system resources. You can use the switchto vdc command with a VDC number.
Guidelines and Limitations
Classification has the following guidelines and limitations:
•You can specify a maximum of 1024 match criteria in a class map.
•You can configure a maximum of 4096 classes for use in a single policy map.
•When you match on an ACL, the only other match you can specify is the Layer 3 packet length in a match-all class.
•You can classify traffic on Layer 2 ports based on either the port policy or VLAN policy of the incoming packet, but not both. Either the port policy or the VLAN policy takes effect, but not both; if both are present, the device acts on the port policy and ignores the VLAN policy.
Configuring Traffic Classes
This section includes the following topics.
•Configuring ACL Classification
•Configuring DSCP Classification
•Configuring IP Precedence Classification
•Configuring Protocol Classification
•Configuring QoS Group Classification
•Configuring Discard Class Classification
•Configuring Layer 3 Packet Length Classification
•Configuring CoS Classification
•Configuring IP RTP Classification
•Configuring Class Map Classification
Configuring ACL Classification
Note The device does not support the not form of this command.
You can classify traffic by matching packets based on existing ACLs. The permit and deny ACL keywords are ignored in the matching. QoS does not use the permit-deny functions of ACLs.
Note Tunneled IP packets will not be matched unless the tunneling protocol is also IP, and then the match applies to the outer IP header and not the encapsulated IP header.
SUMMARY STEPS
1. config t
2. class-map [type qos] [match-any | match-all] class-map-name
3. match access-group name acl-name
DETAILED STEPS
|
Command
|
Purpose
|
Step 1
|
config t
Example:
switch# config t
switch(config)#
|
Enters configuration mode.
|
Step 2
|
class-map [type qos] [match-any |
match-all] class-map-name
Example:
switch(config)# class-map class_acl
|
Creates or accesses the class map named class-map-name, and then enters class-map mode. Class map name can contain alphabetic, hyphen, or underscore characters, is case sensitive, and can be up to 40 characters.
|
Step 3
|
match access-group name acl-name
Example:
switch(config-cmap-qos)# match
access-group name my_acl
|
Configures traffic class by matching packets based on acl-name. The permit and deny ACL keywords are ignored in the matching.
Note The device does not support the not form of this command.
|
Use the show class-map command to display the ACL class map configuration:
switch# show class-map class_acl
Configuring DSCP Classification
You can classify traffic based on the DSCP value in the DiffServ field of the IP header. The standard DSCP values are found in Table 3-2.
Table 3-2 Standard DSCP Values
Value
|
List of DSCP Values
|
af11
|
AF11 dscp (001010)—decimal value 10
|
af12
|
AF12 dscp (001100)—decimal value 12
|
af13
|
AF13 dscp (001110)—decimal value 14
|
af21
|
AF21 dscp (010010)—decimal value 18
|
af22
|
AF22 dscp (010100)—decimal value 20
|
af23
|
AF23 dscp (010110)—decimal value 22
|
af31
|
AF31 dscp (011010)—decimal value 26
|
af32
|
AF40 dscp (011100)—decimal value 28
|
af33
|
AF33 dscp (011110)—decimal value 30
|
af41
|
AF41 dscp (100010)—decimal value 34
|
af42
|
AF42 dscp (100100)—decimal value 36
|
af43
|
AF43 dscp (100110)—decimal value 38
|
cs1
|
CS1 (precedence 1) dscp (001000)—decimal value 8
|
cs2
|
CS2 (precedence 2) dscp (010000)—decimal value 16
|
cs3
|
CS3 (precedence 3) dscp (011000)—decimal value 24
|
cs4
|
CS4 (precedence 4) dscp (100000)—decimal value 32
|
cs5
|
CS5 (precedence 5) dscp (101000)—decimal value 40
|
cs6
|
CS6 (precedence 6) dscp (110000)—decimal value 48
|
cs7
|
CS7 (precedence 7) dscp (111000)—decimal value 56
|
default
|
Default dscp (000000)—decimal value 0
|
ef
|
EF dscp (101110)—decimal value 46
|
Note Tunneled IP packets will not be matched unless the tunneling protocol is also IP, and then the match applies to the outer IP header and not the encapsulated IP header.
SUMMARY STEPS
1. config t
2. class-map [type qos] [match-any | match-all] class-map-name
3. match [not] dscp dscp-list
4. exit
5. copy running-config startup-config
`DETAILED STEPS
|
Command
|
Purpose
|
Step 1
|
config t
Example:
switch# config t
switch(config)#
|
Enters configuration mode.
|
Step 2
|
class-map [type qos] [match-any |
match-all] class-map-name
Example:
switch(config)# class-map class_dscp
|
Creates or accesses the class map named class-map-name, and then enters class-map mode. The class-map name can contain alphabetic, hyphen, or underscore characters, is case sensitive, and can be up to 40 characters.
|
Step 3
|
match [not] dscp dscp-list
Example:
switch(config-cmap-qos)# match dscp
af21, af32
|
Configures the traffic class by matching packets based on dscp-values. The standard DSCP values are shown in Table 3-2.
Use the not keyword to match on values that do not match the specified range.
|
Step 4
|
exit
Example:
switch(config-cmap-qos)# exit
switch(config)#
|
Exits class-map queuing mode, and enters configuration mode.
|
Step 5
|
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the running configuration to the startup configuration.
|
Use the show class-map command to display the DSCP class-map configuration:
switch# show class-map class_dscp
Configuring IP Precedence Classification
You can classify traffic based on the precedence value in the Type of Service (TOS) byte field of the IP header. Table 3-3 shows the precedence values.
Table 3-3 Precedence Values
Value
|
List of Precedence Values
|
<0-7>
|
IP precedence value
|
critical
|
Critical precedence (5)
|
flash
|
Flash precedence (3)
|
flash-override
|
Flash override precedence (4)
|
immediate
|
Immediate precedence (2)
|
internet
|
Internetwork control precedence (6)
|
network
|
Network control precedence (7)
|
priority
|
Priority precedence (1)
|
routine
|
Routine precedence (0)
|
Note Tunneled IP packets will not be matched unless the tunneling protocol is also IP, and then the match applies to the outer IP header and not the encapsulated IP header.
SUMMARY STEPS
1. config t
2. class-map [type qos] [match-any | match-all] class-map-name
3. match [not] precedence precedence-values
4. exit
5. copy running-config startup-config
`DETAILED STEPS
|
Command
|
Purpose
|
Step 1
|
config t
Example:
switch# config t
switch(config)#
|
Enters configuration mode.
|
Step 2
|
class-map [type qos] [match-any |
match-all] class-map-name
Example:
switch(config)# class-map
class_ip_precedence
|
Creates or accesses the class map named class-map-name, and then enters class-map mode. The class-map name can contain alphabetic, hyphen, or underscore characters, is case sensitive, and can be up to 40 characters.
|
Step 3
|
match [not] precedence precedence-values
Example:
switch(config-cmap-qos)# match
precedence 1-2, 5-7
|
Configures the traffic class by matching packets based on precedence-values. Values are shown in Table 3-3. Use the not keyword to match on values that do not match the specified range.
|
Step 4
|
exit
Example:
switch(config-cmap-qos)# exit
switch(config)#
|
Exits class-map queuing mode and enters configuration mode.
|
Step 5
|
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the running configuration to the startup configuration.
|
Use the show class-map command to display the IP precedence class-map configuration:
switch# show class-map class_ip_precedence
Configuring Protocol Classification
For Layer 3 protocol traffic, you can use the ACL classification match (see "Configuring ACL Classification" section).
You can classify traffic based on the protocol arguments described in Table 3-4.
Table 3-4 match Command Protocol Arguments
Argument
|
Description
|
arp
|
Address Resolution Protocol (ARP)
|
bridging
|
Bridging
|
cdp
|
Cisco Discovery Protocol (CDP)
|
clns
|
Connectionless Network Service (CLNS)
|
clns_es
|
CLNS End Systems
|
clns_is
|
CLNS Intermediate System
|
dhcp
|
Dynamic Host Configuration (DHCP)
|
isis
|
Intermediate system to intermediate system (IS-IS)
|
ldp
|
Label Distribution Protocol (LDP)
|
netbios
|
NetBIOS Extended User Interface (NetBEUI)
|
Note A maximum of eight different protocols (in Table 3-4) can be matched at one time.
SUMMARY STEPS
1. config t
2. class-map [type qos] [match-any | match-all] class-map-name
3. match [not] protocol {arp | bridging | clns | clns_is | dhcp | isis | netbios | cdp | clns_es | ldp}
4. exit
5. copy running-config startup-config
DETAILED STEPS
|
Command
|
Purpose
|
Step 1
|
config t
Example:
switch# config t
switch(config)#
|
Enters configuration mode.
|
Step 2
|
class-map [type qos] [match-any |
match-all] class-map-name
Example:
switch(config)# class-map class_protocol
|
Creates or accesses the class map named class-map-name, and then enters class-map mode. The class-map name can contain alphabetic, hyphen, or underscore characters, is case sensitive, and can be up to 40 characters.
|
Step 3
|
match [not] protocol {arp | bridging |
cdp | clns | clns_is | dhcp | isis |
netbios | clns_es | ldp}
switch(config-cmap-qos)# match protocol
isis
|
Configures the traffic class by matching packets based on the specified protocol. Use the not keyword to match on protocols that do not match the protocol specified.
|
Step 4
|
exit
Example:
switch(config-cmap-qos)# exit
switch(config)#
|
Exits class-map queuing mode and enters configuration mode.
|
Step 5
|
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the running configuration to the startup configuration.
|
Use the show class-map command to display the protocol class-map configuration:
switch# show class-map class_protocol
Configuring QoS Group Classification
You can classify traffic based on the value of the QoS group internal label, which is not part of the packet payload or any packet header. You can set the value of the QoS group within a policy map using the set qos-group command as described in the "Configuring QoS Group Marking" section on page 4-8.
Note You match on the QoS group only in egress policies because its value is undefined until you set it in an ingress policy.
SUMMARY STEPS
1. config t
2. class-map [type qos] [match-any | match-all] class-map-name
3. match [not] qos-group multi-range-qos-group-values
4. exit
5. copy running-config startup-config
DETAILED STEPS
|
Command
|
Purpose
|
Step 1
|
config t
Example:
switch# config t
switch(config)#
|
Enters configuration mode.
|
Step 2
|
class-map [type qos] [match-any |
match-all] class-map-name
Example:
switch(config)# class-map
class_qos_group
|
Creates or accesses the class map named class-map-name, and then enters class-map mode. The class-map name can contain alphabetic, hyphen, or underscore characters, is case sensitive, and can be up to 40 characters.
|
Step 3
|
match [not] qos-group
multi-range-qos-group-values
Example:
switch(config-cmap-qos)# match qos-group
4, 80-90
|
Configures the traffic class by matching packets based on a list of QoS group values. Values can range from 0 to 126. The default QoS group value is 0. Use the not keyword to match on values that do not match the specified range.
|
Step 4
|
exit
Example:
switch(config-cmap-qos)# exit
switch(config)#
|
Exits class-map queuing mode and enters configuration mode.
|
Step 5
|
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the running configuration to the startup configuration.
|
Use the show class-map command to display the QoS group class-map configuration:
switch# show class-map class_qos_group
Configuring Discard Class Classification
You can classify traffic based on the value of the discard class internal label, which is not part of the packet payload or any packet header. You can set the value of the discard class within a policy map using the set discard-class command as described in the "Configuring Discard Class Marking" section on page 4-9.
Note You match on the discard class only in egress policies because its value is undefined until you set it in an ingress policy.
SUMMARY STEPS
1. config t
2. class-map [type qos] [match-any | match-all] class-map-name
3. match [not] discard-class multi-range-discard-class-values
4. exit
5. copy running-config startup-config
DETAILED STEPS
|
Command
|
Purpose
|
Step 1
|
config t
Example:
switch# config t
switch(config)#
|
Enters configuration mode.
|
Step 2
|
class-map [type qos] [match-any |
match-all] class-map-name
Example:
switch(config)# class-map
class_discard_class
|
Creates or accesses the class map named class-map-name, and then enters class-map mode. The class-map name can contain alphabetic, hyphen, or underscore characters, is case sensitive, and can be up to 40 characters.
|
Step 3
|
match [not] discard-class
multi-range-discard-class-values
Example:
switch(config-cmap-qos)# match
discard-class 4, 60-62
|
Configures the traffic class by matching packets based on the list of discard-class values. Values can range from 0 to 63. The default discard class value is 0. Use the not keyword to match on values that do not match the specified range.
|
Step 4
|
exit
Example:
switch(config-cmap-qos)# exit
switch(config)#
|
Exits class-map queuing mode and enters configuration mode.
|
Step 5
|
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the running configuration to the startup configuration.
|
Use the show class-map command to display the discard class class-map configuration:
switch# show class-map class_discard_class
Configuring Layer 3 Packet Length Classification
You can classify Layer 3 traffic based on various packet lengths.
Note This feature is designed for IP packets only.
SUMMARY STEPS
1. config t
2. class-map [type qos] [match-any | match-all] class-map-name
3. match [not] packet length min packet-length-list
4. exit
5. copy running-config startup-config
DETAILED STEPS
|
Command
|
Purpose
|
Step 1
|
config t
Example:
switch# config t
switch(config)#
|
Enters configuration mode.
|
Step 2
|
class-map [type qos] [match-any |
match-all] class-map-name
Example:
switch(config)# class-map
class_packet_length
|
Creates or accesses the class map named class-map-name, and then enters class-map mode. The class-map name can contain alphabetic, hyphen, or underscore characters, is case sensitive, and can be up to 40 characters.
|
Step 3
|
match [not] packet length
packet-length-list
Example:
switch(config-cmap-qos)# match packet
length 2000
|
Configures the traffic class by matching packets based on various packet lengths. Values can range from 1 to 9198. Use the not keyword to match on values that do not match the specified range.
|
Step 4
|
exit
Example:
switch(config-cmap-qos)# exit
switch(config)#
|
Exits class-map queuing mode and enters configuration mode.
|
Step 5
|
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the running configuration to the startup configuration.
|
Use the show class-map command to display the packet length class-map configuration:
switch# show class-map class_packet_length
Configuring CoS Classification
You can classify traffic based on Class of Service (CoS) in the IEEE 802.1Q header. This 3-bit field is defined in IEEE 802.1p to support QoS traffic classes. CoS is encoded in the high order 3 bits of the VLAN ID Tag field and is referred to as user_priority.
SUMMARY STEPS
1. config t
2. class-map [type qos] [match-any | match-all] class-map-name
3. match [not] cos cos-list
4. exit
5. copy running-config startup-config
DETAILED STEPS
|
Command
|
Purpose
|
Step 1
|
config t
Example:
switch# config t
switch(config)#
|
Enters configuration mode.
|
Step 2
|
class-map [type qos] [match-any |
match-all] class-map-name
Example:
switch(config)# class-map class_cos
|
Creates or accesses the class map named class-map-name, and then enters class-map mode. The class-map name can contain alphabetic, hyphen, or underscore characters, is case sensitive, and can be up to 40 characters.
|
Step 3
|
match [not] cos cos-list
Example:
switch(config-cmap-qos)# match cos 4,
5-6
|
Configures the traffic class by matching packets based on list of CoS values. Values can range from 0 to 7. Use the not keyword to match on values that do not match the specified range.
|
Step 4
|
exit
Example:
switch(config-cmap-qos)# exit
switch(config)#
|
Exits class-map queuing mode and enters configuration mode.
|
Step 5
|
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the running configuration to the startup configuration.
|
Use the show class-map command to display the CoS class-map configuration:
switch# show class-map class_cos
Configuring IP RTP Classification
IP Real-time Transport Protocol (RTP) is a transport protocol for real-time applications that transmits data such as audio or video and is defined by RFC 3550. Although RTP does not use a common TCP or UDP port, you typically configure RTP to use ports 16384 to 32767. UDP communications uses an even port and the next higher odd port is used for RTP Control Protocol (RTCP) communications.
You can configure classification based on UDP port ranges, which are likely to target applications using RTP.
SUMMARY STEPS
1. config t
2. class-map [type qos] [match-any | match-all] class-map-name
3. match [not] ip rtp udp-port-values
4. exit
5. copy running-config startup-config
DETAILED STEPS
|
Command
|
Purpose
|
Step 1
|
config t
Example:
switch# config t
switch(config)#
|
Enters configuration mode.
|
Step 2
|
class-map [type qos] [match-any |
match-all] class-map-name
Example:
switch(config)# class-map class_rtp
|
Creates or accesses the class map named class-map-name, and then enters class-map mode. The class-map name can contain alphabetic, hyphen, or underscore characters, is case sensitive, and can be up to 40 characters.
|
Step 3
|
match [not] ip rtp udp-port-value
Example:
switch(config-cmap-qos)# match ip rtp
2000-2100, 4000-4100
|
Configures the traffic class by matching packets based on range of lower and upper UDP port numbers, which is likely to target applications using RTP. Values can range from 2000 to 65535. Use the not keyword to match on values that do not match the specified range.
|
Step 4
|
exit
Example:
switch(config-cmap-qos)# exit
switch(config)#
|
Exits class-map queuing mode and enters configuration mode.
|
Step 5
|
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the running configuration to the startup configuration.
|
Use the show class-map command to display the rtp class-map configuration:
switch# show class-map class_rtp
Configuring Class Map Classification
You can classify traffic based on the match criteria in another class map. You can reference the same class map in multiple policies.
Note•The referenced class map must be created prior to its reference.
•You can configure only one level of nesting of class maps. You cannot reference a class map that references another class map.
Use the following guidelines to configure class-map classification:
•To perform a logical OR with the class map specified in the match class-map command, use the match-any keyword. The match-any or match-all specification of the matched class map is ignored.
•To perform a logical AND with the class map specified in the match class-map command, use the match-all keyword. The match-any or match-all specification of the matched class map is ignored.
•Before you delete a referenced class map, you should delete all references to that class map.
SUMMARY STEPS
1. config t
2. class-map [type qos] [match-any | match-all] class-map-name
3. match [not] class-map class-map-name
4. exit
5. copy running-config startup-config
DETAILED STEPS
|
Command
|
Purpose
|
Step 1
|
config t
Example:
switch# config t
switch(config)#
|
Enters configuration mode.
|
Step 2
|
class-map [type qos] [match-any |
match-all] class-map-name
Example:
switch(config)# class-map
class_class_map
|
Creates or accesses the class map named class-map-name, and then enters class-map mode. The class-map name can contain alphabetic, hyphen, or underscore characters, is case sensitive, and can be up to 40 characters.
|
Step 3
|
match [not] class-map class-map-name
Example:
switch(config-cmap-qos)# match class-map
class_map3
|
Configures the traffic class by matching packets based on match criteria in another class map. Because match-all is the default for the class-map command, match criteria specified in class_map3 are ANDed with match criteria in class_class_map. Use the not keyword to match on values that do not match the specified range.
|
Step 4
|
exit
Example:
switch(config-cmap-qos)# exit
switch(config)#
|
Exits class-map queuing mode and enters configuration mode.
|
Step 5
|
copy running-config startup-config
Example:
switch(config)# copy running-config
startup-config
|
(Optional) Saves the running configuration to the startup configuration.
|
Use the show class-map command to display the class-map class-map configuration:
switch# show class-map class_class_map
Verifying Classification Configuration
Use the show class-map command to verify the class-map configuration. This command displays all class maps.
Example Configuration
The following example shows how to configure classification for two classes of traffic: