Sie sind auf Seite 1von 854

Cisco 10000 Series Router Quality of

Service Configuration Guide


February 25, 2013

Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883

Text Part Number: OL-7433-09

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCBs public
domain version of the UNIX operating system. All rights reserved. Copyright 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED AS IS WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF
DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this
URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership
relationship between Cisco and any other company. (1110R)
Cisco 10000 Series Router Quality of Service Configuration Guide
Copyright 2007-2009, Cisco Systems, Inc. All rights reserved.

CONTENTS
About This Guide

xxxv

Guide Revision History


Audience

xxxv

xl

Document Organization

xl

Document Conventions

xlii

Related Documentation

xliii

Obtaining Documentation and Submitting a Service Request

CHAPTER

Quality of Service Overview

xliii

1-1

Benefits of Quality of Service Features

1-2

Restrictions and Limitations for Quality of Service

1-2

Modular QoS Command-Line Interface 1-2


Feature History for MQC 1-3
QoS CLI Migration from PRE2 to PRE3 1-3
Feature History for QoS CLI Migration from PRE2 to PRE3
QoS Management Information Base Support
QoS Implementation Guidelines
QoS Execution on the Router

1-4

1-4

1-4

1-4

QoS Configuration on an Interface

1-5

QoS Models 1-6


Overview of QoS Models 1-6
Model D.2 Definition 1-7
Model F Definition 1-7
Configuration Tasks 1-8
Configuration Steps on Subinterfaces for QoS Model D.2 1-8
Configuration Steps on Sessions for QoS Model D.2 1-8
Configuration Steps for QoS Model F 1-9
Configuration Examples 1-9
QoS Features, Commands, and Changes 1-11
Applying QoS Parameters Dynamically to Sessions 1-12
Applying Traffic Shaping Parameters Using RADIUS Profiles
dbs enable Command 1-12
default dbs enable Command 1-12

1-12

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

iii

Contents

Dynamic Bandwidth Selection Feature 1-13


Attaching QoS Service Policies 1-13
service-policy Command 1-13
Attaching ATM QoS Service Policies 1-14
Attaching Frame Relay QoS Service Policies 1-14
Attaching LAC QoS Service Policies 1-15
Attaching Virtual LAN QoS Service Policies 1-15
Attaching Virtual Access Interface QoS Service Policies 1-15
Classifying Traffic 1-15
class-map Command 1-15
match Commands 1-16
Class Map Feature 1-18
Configuring QoS for MPLS Traffic 1-18
MPLS CoS Multi-VC Mode 1-18
MPLS QoS Feature 1-19
MPLS Traffic EngineeringDiffServ Aware Feature 1-19
Control Plane Policing 1-19
Divert Cause Policer 1-19
Control Plane PolicingPlatform Enhancement 1-20
Controlling Packet Queue Congestion 1-21
queue-limit Command 1-21
random-detect Command 1-22
random-detect basis Command 1-23
show pxf cpu queue interface summary 1-23
Tail Drop Feature 1-23
Random Early Detection Feature 1-24
Weighted Random Early Detection Feature 1-24
Distributing Bandwidth Between Queues 1-25
bandwidth Command 1-25
bandwidth remaining ratio Command 1-26
Distribution of Remaining Bandwidth Using Ratio 1-26
Dynamically Changing VC Weight and Watermark Values 1-26
Hierarchical Queuing Framework 1-27
Hierarchical Queuing Framework Feature 1-27
MQC Hierarchical Queuing with 3 Level Scheduler 1-27
Hierarchical Policies 1-27
Nested Hierarchical Policies 1-27
Three-Level Hierarchical Policies 1-28
Hierarchical Input Policing 1-28
IP Quality of Service for Subscribers 1-29
Cisco 10000 Series Router Quality of Service Configuration Guide

iv

OL-7433-09

Contents

MQC Support for IP Sessions 1-29


Per-Session Shaping for ATM Interfaces 1-29
Per Session Rate Limiting 1-29
Per User Multiservice Rate Limiting 1-29
Per Session Service Policy Using RADIUS 1-30
Per Session Shaping and Queuing on LNS 1-30
PPP Session Queuing on ATM VCs 1-30
Layer 2 Access Concentrator 1-30
Classification, Policing, and Marking on the LAC 1-30
LAC QoS 1-30
Link Fragmentation and Interleaving 1-31
interface multilink Command 1-31
multilink group Command 1-31
ppp multilink Command 1-32
ppp multilink fragment-delay Command 1-32
ppp multilink fragmentation Command 1-33
ppp multilink fragment disable Command 1-33
ppp multilink group Command 1-33
ppp multilink interleave Command 1-34
MLP Over ATM-Based LFI Feature 1-34
Multi-VC MLP Over ATM-Based LFI Feature 1-34
MLP Over Frame Relay-Based LFI Feature 1-35
MLP Over Serial-Based LFI Feature 1-35
FRF.12 Fragmentation Feature 1-35
Marking Traffic 1-36
set atm-clp Command 1-36
set cos Command 1-36
set discard-class Command 1-36
set fr-de Command 1-37
set ip dscp Command 1-37
set ip precedence Command 1-37
set mpls experimental Command 1-37
set mpls experimental imposition Command 1-38
set qos-group Command 1-38
Marking Feature 1-38
Modular QoS Command Line Interface 1-39
MQC Feature 1-39
QoS CLI Migration from PRE2 to PRE3 1-39
Overhead Accounting 1-39
ATM Overhead Accounting 1-40
Cisco 10000 Series Router Quality of Service Configuration Guide
OL-7433-09

Contents

Ethernet Overhead Accounting 1-40


Traffic Shaping Overhead Accounting for ATM 1-40
Oversubscribing Physical and Virtual Links 1-41
atm over-subscription-factor Command 1-41
Interface Oversubscription Feature 1-41
ATM Virtual Circuit Oversubscription Feature 1-42
map-class frame-relay Command 1-42
Frame Relay PVC Oversubscription Feature 1-42
Virtual LAN Oversubscription Feature 1-43
queue-depth Command 1-43
weight Command 1-43
Weighting Feature 1-44
Policing Traffic 1-44
police Command (Single-Rate) 1-44
police percent Command 1-45
police Command (Two-Rate) 1-45
show atm vp Command 1-46
Percent-Based Policing Feature 1-46
Policing Feature 1-46
Single-Rate Color Marker Feature 1-47
Two-Rate Three-Color Marker Feature 1-47
ATM VP Average Traffic Rate 1-48
Prioritizing Traffic 1-48
priority Command 1-48
priority level Command 1-49
Child Service Policy Allowed Under Priority Class 1-49
Multi-Level Priority Queues 1-49
Priority Queuing Feature 1-49
PVC Bundles 1-50
bump Command 1-50
bump Command (Frame Relay VC-bundle-member) 1-51
bundle Command 1-51
class-bundle Command 1-51
class-vc Command 1-51
dscp Command (Frame Relay VC-bundle-member) 1-51
exp Command 1-51
frame-relay vc-bundle Command 1-51
mpls experimental Command 1-52
oam-bundle Command 1-52
precedence Command 1-52
Cisco 10000 Series Router Quality of Service Configuration Guide

vi

OL-7433-09

Contents

precedence Command (Frame Relay VC-bundle-member) 1-52


protect Command 1-52
protect Command (Frame Relay VC-bundle-member) 1-52
pvc-bundle Command 1-53
pvc Command (Frame Relay VC-bundle) 1-53
PVC Bundles Over ATM and Frame Relay Feature 1-53
ATM PVC Bundle EnhancementMPLS EXP-Based PVC Selection Feature 1-53
Frame Relay PVC Bundles with QoS Support for IP and MPLS Feature 1-53
QoS Policy Maps 1-53
policy-map Command 1-54
qos match statistics Command 1-54
Policy Maps Feature 1-54
Policy Map Scaling Phase 2 1-54
Qos Policy Propagation through the Border Gateway Protocol 1-55
Shaping PPPoE Over VLAN Sessions Using RADIUS 1-55
Per Session Queuing and Shaping for PPPoE Over VLAN Support Using RADIUS Feature
Shaping Traffic 1-55
atm pvp Command 1-56
pvc Command 1-56
shape Command 1-56
shape percent Command 1-57
vbr-nrt Command 1-57
ATM VC/VP Shaping Feature 1-57
Class-Based Traffic Shaping Feature 1-58
Frame Relay Traffic Shaping Feature 1-58
Hierarchical Shaping Feature 1-58
Percentage-Based Traffic Shaping Feature 1-58
Traffic Shaping Overhead Accounting for ATM Feature 1-59
Sharing Bandwidth Fairly During Congestion 1-59
Bandwidth Fair Queuing Feature 1-59
Class-Based Weighted Fair Queuing Feature 1-59
Class-Based Weighted Fair Queuing for Virtual Access Interfaces Feature 1-60
Simultaneous Policy Maps 1-60
Simultaneous QoS Policy Map on Interface and PPP SessionA-DSLAM Case 1-60
VLAN Tag-Based Quality of Service 1-60
Related Documentation

CHAPTER

Classifying Traffic

1-55

1-61

2-1

Traffic Classification Using Class Maps

2-1

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

vii

Contents

Feature History for Class Maps 2-2


System Limits for Class Maps 2-2
PRE3 Class Maps and QoS Scalability 2-3
class-map Command 2-3
Syntax Description 2-4
class-map Command History 2-4
Usage Guidelines for the class-map Command 2-4
qos match statistics Command 2-4
Syntax Description 2-4
Command Default 2-5
qos match statistics Command History 2-5
Usage Guidelines for the qos match statistics Command
Defining Match Criteria Using the match Commands 2-5
match Commands History 2-9
Usage Guidelines for match Commands 2-10
Class-Default Class 2-11
Restrictions and Limitations for Traffic Classification

2-11

Classifying Traffic Using a Class Map 2-11


Creating a Class Map 2-12
Configuration Examples for Classifying Traffic
Verifying Traffic Classification 2-13
Verification Example 2-13
Defining QoS Policy Actions 2-13
Related Documentation

CHAPTER

2-5

2-12

2-14

Configuring QoS Policy Actions and Rules

3-1

QoS Policies 3-1


Feature History for QoS Policies 3-2
Defining QoS Actions Using a Policy Map 3-2
System Limits for Policy Maps 3-2
8K Policy Maps 3-3
policy-map Command 3-3
Syntax Description 3-4
Usage Guidelines for the policy-map Command

3-4

Types of QoS Actions 3-4


Input and Output Policy Actions 3-4
Policy Map ActionsReleases Prior to Cisco IOS Release 12.0(17)SL 3-7
Policy Map ActionsCisco IOS Release 12.0(17)SL and Later Releases 3-10
Policy Map ActionsCisco IOS Release 12.0(20)ST and Later Releases 3-10
Cisco 10000 Series Router Quality of Service Configuration Guide

viii

OL-7433-09

Contents

Policy Map ActionsCisco IOS Release 12.0(22)S and Later Releases 3-11
Policy Map ActionsCisco IOS Release 12.2(31)SB2 and Later Releases 3-11
Policing Actions

3-11

QoS Inheritance 3-12


ATM Service Categories 3-13
Constant Bit Rate 3-13
Unspecified Bit Rate 3-14
Variable Bit Rate 3-15
Traffic Subject to QoS Policies

3-17

ATM Virtual Circuits Without QoS Policies


QoS Performance

3-17

3-18

Configuring QoS Policies 3-18


Creating a Policy Map 3-19
Configuration Examples for Creating a Policy Map
Defining QoS Actions in a Policy Map 3-20
Attaching Service Policies 3-20
Verifying QoS Policy Configurations 3-20
Verification Example for Service Policies
Related Documentation

CHAPTER

Attaching Service Policies

3-19

3-22

3-23

4-1

Interfaces Supporting QoS Service Policies

4-1

Attaching ATM QoS Service Policies 4-2


Feature History for ATM QoS 4-2
ATM QoS Inheritance 4-2
service-policy Command 4-3
Syntax Description 4-3
service-policy Command History 4-3
service-policy Command Modes 4-4
Usage Guidelines for the service-policy Command 4-4
Restrictions and Limitations for Attaching ATM Service Policies 4-5
Attaching ATM QoS Service Policies to ATM Interfaces, Subinterfaces, and PVCs 4-5
Attaching QoS Service Policies to an ATM Interface 4-6
Attaching QoS Service Policies to an ATM Point-to-Point Subinterface 4-7
Attaching QoS Service Policies to an ATM PVC 4-8
Attaching QoS Service Policies to an ATM PVC Range and an ATM PVC in a Range

4-9

Attaching Frame Relay QoS Service Policies 4-11


Feature History for Frame Relay QoS 4-12

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

ix

Contents

Frame Relay QoS Inheritance 4-12


map-class frame-relay Command 4-12
Syntax Description 4-12
map-class frame-relay Command History 4-13
Usage Guidelines for the map-class frame-relay Command 4-13
Restrictions and Limitations for Frame Relay QoS Service Policies 4-13
Creating and Attaching QoS Policies to Frame Relay Interfaces, Subinterfaces, and Data-Link
Connection Identifiers 4-14
Attaching a QoS Service Policy to a Frame Relay Interface or Point-to-Point Subinterface
Attaching a QoS Service Policy to a Frame Relay DLCI 4-17

4-14

Attaching Virtual LAN QoS Service Policies 4-20


Feature History for VLAN QoS 4-20
VLAN QoS Inheritance 4-21
Restrictions and Limitations for Attaching QoS Services to VLAN Subinterfaces 4-21
Attaching QoS Policies to VLAN Interfaces and Subinterfaces 4-21
Attaching QoS Service Policies to Physical Interfaces with VLAN Subinterfaces 4-22
Attaching QoS Service Policies to VLAN Subinterfaces 4-23
Attaching Virtual Access Interface QoS Service Policies 4-23
Feature History for VAI QoS 4-24
VAI QoS Inheritance 4-24
Restrictions and Limitations for Attaching QoS Services to a VAI 4-25
Attaching QoS Policies to VAIs Using Virtual Template Interfaces 4-25
Applying a QoS Service Policy to a Virtual Template Interface 4-26
Applying a Virtual Template Interface to a BBA Group 4-27
Attaching a BBA Group to an Interface or Subinterface for PPPoE Sessions

4-28

Attaching Layer 2 Access Concentrator QoS Service Policies 4-30


Feature History for LAC QoS 4-30
LAC QoS Inheritance 4-30
Restrictions and Limitations for Attaching LAC QoS 4-31
Attaching QoS Policies to LAC ATM Virtual Circuits 4-31
Applying QoS on Layer 2 Tunnel Packets

4-32

Verifying and Monitoring QoS Service Policies 4-32


Verification Example for QoS Service Policies 4-34
Related Documentation

CHAPTER

4-36

Distributing Bandwidth Between Queues

5-1

Bandwidth Distribution Between Queues 5-1


Feature History for Bandwidth Distribution Between Queues
Interfaces Supporting Bandwidth Distribution 5-2

5-2

Cisco 10000 Series Router Quality of Service Configuration Guide

OL-7433-09

Contents

Unused Bandwidth Allocation 5-3


Traffic Classes That Can Use Excess Bandwidth 5-3
Bandwidth Calculations 5-4
Bandwidth Allocation to PVCs 5-5
Class-Default Bandwidth Guarantee 5-6
Committed Rate Data 5-6
Bandwidth and Priority Service 5-7
Queuing Modes 5-8
Restrictions and Limitations for Bandwidth Distribution 5-9
Configuring Bandwidth Distribution Between Queues 5-10
Configuration Examples for Configuring Bandwidth Distribution 5-10
Configuration Example for Kilobits per Second-Based Bandwidth 5-11
Configuration Example for Percentage-Based Bandwidth 5-11
Configuration Example for Bandwidth-Remaining-Based Bandwidth 5-11
Verifying and Monitoring Bandwidth Distribution 5-12
Verification Example for Bandwidth Distribution 5-13
Distribution of Remaining Bandwidth Using Ratio 5-14
Feature History for Bandwidth-Remaining Ratios 5-14
Bandwidth-Remaining Ratio 5-14
Prerequisites for Distribution of Remaining Bandwidth Using Ratio 5-15
Restrictions for Distribution of Remaining Bandwidth Using Ratio 5-15
Configuring Bandwidth-Remaining Ratios 5-15
Configuring and Applying Bandwidth-Remaining Ratios to Subinterfaces 5-16
Configuring and Applying Bandwidth-Remaining Ratios to Class Queues 5-18
Configuration Examples for Distribution of Remaining Bandwidth Using Ratio 5-20
Configuring Bandwidth-Remaining Ratios on Ethernet Subinterfaces: Example 5-21
Configuring Bandwidth-Remaining Ratios on ATM Subinterfaces: Example 5-21
Configuring Bandwidth-Remaining Ratios on Class Queues: Example 5-22
Verifying Bandwidth Remaining Ratios: Example 5-22
Related Documentation

CHAPTER

Policing Traffic

5-26

6-1

Traffic Policing 6-2


Feature History for Traffic Policing
Policing Actions 6-3

6-2

Single-Rate Color Marker for Traffic Policing 6-4


Feature History for the Single-Rate Color Marker 6-5
Configuration Commands for the Single-Rate Color Marker
police Command (Single-Rate) 6-6

6-5

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

xi

Contents

Two-Rate Three-Color Marker for Traffic Policing 6-8


Feature History for the Two-Rate Color Marker 6-9
Configuration Commands for the Two-Rate Color Marker
police Command (Two-Rate) 6-9
Percent-Based Policing 6-11
Feature History for Percent-Based Policing
police percent Command 6-11
Control Plane Policing

6-9

6-11

6-13

AToM Set ATM CLP Bit Using a Policer 6-13


Feature History for Set ATM CLP Bit Marking As a Police Action
AToM Set FR DE as Police Action 6-14
Feature History for AToM Set FR DE as Police Action

6-14

Set Layer 2 CoS as a Policer Action 6-15


Feature History for Set Layer 2 CoS as Policer Action

6-15

Set Inner CoS as a Policer Action 6-15


Feature History for Set Inner CoS as a Policer Action

6-15

Set Inner and Outer CoS as a Policer Action 6-16


Feature History for Set Inner and Outer CoS as a Policer Action
Dual Police Actions 6-16
Feature History for Dual Police Actions
Policing Support for GRE Tunnels
Interfaces Supporting Policing

6-14

6-16

6-17

6-17
6-17

Metering Traffic and Token Buckets 6-18


Metering Traffic Using Token Buckets (Single-Rate Policer) 6-18
Metering Traffic Using Token Buckets (Two-Rate Policer) 6-19
Committed Bursts and Excess Bursts 6-21
Committed Bursts 6-21
Committed Burst Calculation 6-22
Excess Bursts 6-22
Excess Burst Calculation 6-22
Deciding if Packets Conform or Exceed the Committed Rate
Data Included in the Policing Rate
Policing Rate Granularity

6-23

6-23

6-25

Avoiding Bandwidth Starvation Due to Priority Services


Bandwidth and Policing 6-26
Restrictions and Limitations for Traffic Policing

6-25

6-26

Configuring Traffic Policing 6-27


Configuring Single-Rate Traffic Policing Based on Bits per Second

6-28

Cisco 10000 Series Router Quality of Service Configuration Guide

xii

OL-7433-09

Contents

Configuration Examples for Configuring Single-Rate Traffic Policing Based on Bits per
Second 6-28
Configuring Percent-Based Policing 6-32
Configuration Examples for Configuring Percent-Based Policing 6-32
Configuring Two-Rate Policing 6-35
Configuration Example for Configuring Two-Rate Three-Color Policing 6-35
Marking Traffic Using Police Actions 6-36
Configuration Example for Marking Traffic Using Police Actions 6-36
Configuring Dual Police Actions 6-37
Configuration Example for Configuring Dual Police Actions 6-37
Configuration Examples 6-38
Configuration Example for Dual Actionsset-clp-transmit and set-mpls-exp-transmit
Configuration Example for Dual Actionsset-frde-transmit and
set-mpls-exp-imposition-transmit 6-39
Configuration Example of the set-cos-transmit Police Action 6-40
Verifying and Monitoring Traffic Policing 6-41
Verification Examples for Traffic Policing 6-41
Verifying Policing for a Specific Traffic Class 6-42
Verifying Policing on a Specific Interface 6-42
Verifying Dual Police Actionsset-clp-transmit and set-mpls-exp-transmit
Related Documentation

CHAPTER

Marking Traffic

6-38

6-43

6-43

7-1

QoS Packet Marking 7-2


Feature History for QoS Packet Marking
Benefits of QoS Packet Marking 7-3

7-3

IP Precedence Marking 7-4


IP Precedence-Based Weighted Random Early Detection 7-4
set ip precedence Command 7-5
Syntax Description 7-5
set ip precedence Command History 7-5
Usage Guidelines for the set ip precedence Command 7-5
IP Differentiated Services Code Point Marking 7-6
DSCP Per-Hop Behavior 7-6
Assured Forwarding 7-7
Expedited Forwarding 7-7
Class Selector Code Points 7-7
DSCP Values 7-8
DSCP-Based Weighted Random Early Detection

7-9

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

xiii

Contents

set ip dscp Command 7-9


Syntax Description 7-9
set ip dscp Command History 7-10
Usage Guidelines for the set ip dscp Command
Class of Service Marking 7-10
QinQ Class of Service Marking 7-12
set cos Command 7-12
Syntax Description 7-12
set cos Command History 7-12
Usage Guidelines for the set cos Command

7-10

7-12

QoS Group Marking 7-13


set qos-group Command 7-13
Syntax Description 7-13
set qos-group Command History 7-13
Usage Guidelines for the set qos-group Command
ATM Cell Loss Priority Marking 7-14
set atm-clp Command 7-14
set atm-clp Command History 7-14
Usage Guidelines for the set atm-clp Command

7-13

7-14

MPLS Experimental Marking 7-14


QinQ MPLS Experimental Marking 7-15
set mpls experimental imposition Command 7-15
Syntax Description 7-15
set mpls experimental imposition Command History 7-15
Usage Guidelines for the set mpls experimental imposition Command
Discard-Class Marking 7-16
set discard-class Command 7-16
Syntax Description 7-16
set discard-class Command History 7-16
Usage Guidelines for the set discard-class Command

7-17

Class-Based Frame Relay DE Bit Marking 7-17


History for the Class-Based Frame Relay DE Bit Marking Feature
Marking and Policing Traffic

7-17

7-18

Tunnel Header Marking 7-18


Feature History for Tunnel Header Marking
Restrictions and Limitations for Marking
Interfaces Supporting Marking

7-16

7-19

7-19

7-20

Classification and Marking Design Guidelines

7-21

Cisco 10000 Series Router Quality of Service Configuration Guide

xiv

OL-7433-09

Contents

Recommended Values for Traffic Marking

7-21

Configuring Traffic Marking 7-22


Configuring IP Precedence Marking 7-22
Configuration Examples for IP Precedence Marking and Classification 7-23
Configuring IP DSCP Marking 7-24
Configuration Examples for IP DSCP Marking and Classification 7-25
Configuring Class of Service Marking 7-26
Configuration Examples for CoS Marking and Classification 7-27
Configuring QoS Group Marking 7-28
Configuration Examples for Configuring QoS Group Marking and Classification 7-28
Setting the ATM Cell Loss Priority Bit 7-29
Configuration Example for Setting the ATM CLP Bit 7-30
Configuring MPLS Experimental Marking 7-31
Configuration Examples for Configuring MPLS Experimental Marking and Classification 7-32
Configuring Discard-Class Marking 7-33
Configuration Examples for Configuring Discard-Class Marking and Classification 7-34
Configuring Tunnel Header Marking Using the set Command 7-35
Configuration Example for Tunnel Header Marking Using the set Command 7-35
Configuring Tunnel Header Marking Using the police Command 7-36
Example Configuration for Tunnel Header Marking Using the police Command 7-36
Verifying Traffic Marking 7-37
Verification Examples for Traffic Marking
Related Documentation

CHAPTER

Prioritizing Services

7-38

7-39

8-1

Low-Latency Priority Queuing 8-1


Feature History for Low-Latency Priority Queuing
Bandwidth Starvation 8-3
Multi-Level Priority Queues 8-3
Feature History for Multi-Level Priority Queues
Child Service Policy Allowed Under Priority Class
Interfaces Supporting Priority Queuing
Queues per Policy Map

8-2

8-4
8-4

8-4

8-5

Restrictions and Limitations for Priority Queuing


Restrictions for Multi-Level Priority Queues
Configuring a Priority Queue

8-5

8-5

8-6

Configuring Multi-Level Priority Queues

8-7

Configuration Examples for Configuring Priority Queues

8-9

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

xv

Contents

Configuring a Priority Queue with a Guaranteed Bandwidth Based on Kilobits per Second:
Example 8-9
Configuring a Priority Queue with a Percent-Based Bandwidth Guarantee: Example 8-9
Configuring Multi-Level Priority Queues: Example 8-10
Unacceptable MPQ Configurations: Examples 8-10
Verifying and Monitoring Priority Queues

8-11

Verification Examples for Priority Queues 8-11


Verifying a Priority Queue: Example 8-11
Verifying Multi-Level Priority Queues: Example
Related Documentation

CHAPTER

Shaping Traffic

8-12

8-13

9-1

Traffic Shaping 9-2


Feature History for Traffic Shaping 9-3
Class-Based Traffic Shaping 9-3
Feature History for Class-Based Traffic Shaping 9-4
System Limits for Class-Based Shaping 9-4
Restrictions and Limitations for Class-Based Shaping 9-4
Hierarchical Shaping 9-4
Feature History for Hierarchical Shaping 9-5
VP-Level Shaping 9-5
VC-Level Shaping 9-5
Shaped UBR PVCs 9-5
How Hierarchical Shaping Works 9-6
Hierarchical Shaping and Oversubscription 9-7
Active ATM VCs 9-7
Restrictions and Limitations for Hierarchical Shaping 9-8
Percentage-Based Traffic Shaping 9-8
History for the Percentage-Based Shaping Feature 9-8
Frame Relay Traffic Shaping 9-8
Feature History for Frame Relay Traffic Shaping 9-9
Restrictions and Limitations for Frame Relay Traffic Shaping
Configuration Commands for Traffic Shaping 9-9
Differences Between Traffic Shaping Mechanisms
Bandwidth and Traffic Shaping

9-9

9-10

9-10

Differences Between Shaping and Policing

9-11

Advantages and Disadvantages of Shaping and Policing for Bandwidth Limiting


Modifying the VC Weight and the VP Shaping Parameters
Example Scenarios of Traffic Shaping Usage

9-11

9-12

9-12

Cisco 10000 Series Router Quality of Service Configuration Guide

xvi

OL-7433-09

Contents

Interfaces Supporting Traffic Shaping

9-13

Configuring Traffic Shaping 9-13


Shaping a Traffic Class 9-14
Shaping Traffic at the VC-Level and Virtual Path-Level 9-15
Configuration Example for Traffic Shaping at the VC-Level and the VP-Level
Verifying Traffic Shaping 9-17
Verification Examples for Traffic Shaping

9-17

9-19

Configuration Examples for Traffic Shaping 9-21


Configuration Example for Class-Based Shaping 9-21
Configuration Examples for Hierarchical Shaping 9-21
Related Documentation

CHAPTER

10

Overhead Accounting

9-22

10-1

Overhead Accounting Features 10-1


Feature History for Overhead Accounting 10-2
ATM Overhead Accounting 10-2
MLP on LNS with HQoS and ATM Overhead Accounting
HQoS 10-3
Overhead Accounting 10-3
Traffic Shaping Overhead Accounting for ATM 10-4
Ethernet Overhead Accounting 10-4
Configuration Commands for Overhead Accounting
Subscriber Line Encapsulation Types
Overhead Calculation on the Router

10-3

10-5

10-5
10-5

Overhead Accounting and Hierarchical Policies

10-6

Restrictions and Limitations for Overhead Accounting

10-7

Configuring Overhead Accounting in a Hierarchical Policy

10-7

Configuration Examples for Overhead Accounting 10-10


Enabling ATM Overhead Accounting 10-10
Enabling ATM Overhead Accounting on the PRE3 and PRE4 for MLPoLNS
Enabling Ethernet Overhead Accounting on the PRE2 10-11
Enabling Ethernet Overhead Accounting on the PRE3 and PRE4 10-12
Verifying Overhead Accounting

10-11

10-12

Verification Examples for Overhead Accounting 10-13


Verifying ATM Overhead Accounting Using show policy-map 10-13
Verifying Overhead Accounting Using show running-config 10-14
Verifying Ethernet Overhead Accounting with User-Defined Option 10-14
Related Documentation

10-15
Cisco 10000 Series Router Quality of Service Configuration Guide

OL-7433-09

xvii

Contents

CHAPTER

11

Managing Packet Queue Congestion


Queue Scaling Limits

11-1

11-1

Queue Limit 11-2


Queue Limit Packet Buffers 11-4
Default Queue Limit and Packet Buffers 11-4
queue-limit Command 11-4
Syntax Description 11-5
queue-limit Command History 11-5
Default Behavior for the queue-limit Command 11-5
Usage Guidelines for the queue-limit Command 11-6
Queue IDs and Interface Queues
Reserved QIDs 11-6

11-6

Queuing Outbound Traffic 11-7


Queuing Outbound Traffic on ATM Interfaces 11-7
Queuing Outbound Traffic on Frame Relay Interfaces 11-7
Queuing Outbound Traffic on Virtual LAN Interfaces 11-7
Controlling Congestion Using Tail Drop 11-8
Feature History for Tail Drop 11-8
Tail Drop and Random Early Detection 11-8
Controlling Congestion Using Random Early Detection 11-9
Feature History for Random Early Detection 11-9
Random Early Detection and Queue Limit 11-10
Determining Packet Drop Probability 11-10
Recommended Settings for RED Drop Probability 11-11
Controlling Congestion Using Weighted Random Early Detection 11-11
Feature History for Weighted Random Early Detection 11-12
Benefits of Using Weighted Random Early Detection 11-13
How WRED Works 11-13
WRED Drop Mode 11-13
WRED Drop Profiles 11-14
WRED Aggregate Drop Profiles 11-17
Usage Guidelines for the random-detect Command 11-18
Minimum and Maximum Thresholds 11-19
WRED and Queue Limit 11-20
Average Queue Size and the Exponential Weight Constant 11-21
Interfaces Supporting Layer 3 Packet Drop Policies

11-21

Restrictions and Limitations for Controlling Layer 3 Congestion


Configuring Layer 3 Queue Limit and Drop Policies

11-22

11-24

Cisco 10000 Series Router Quality of Service Configuration Guide

xviii

OL-7433-09

Contents

Controlling Packet Dropping by Setting the Size of a Class Queue 11-24


Configuration Example for Controlling Packet Dropping by Setting a Queue Size 11-25
Dropping Packets Based on a Differentiated Services Code Point 11-26
Configuration Example for Configuring DSCP-Based WRED 11-27
Dropping Packets Based on IP Precedence 11-28
Configuration Example for Dropping Packets Based on IP Precedence 11-29
Dropping Packets Based on the Discard Class 11-29
Configuration Example for Dropping Packets Based on Discard Class 11-30
Dropping Packets Based on the ATM Cell Loss Priority 11-31
Configuration Example for Dropping Packets Based on the Cell Loss Priority 11-31
Verifying and Monitoring Layer 3 Packet Dropping 11-32
Verification Example for Queue Size and Packet Dropping 11-34
Verification Examples for DSCP-Based WRED 11-35
Verification Example for IP Precedence-Based WRED 11-36
Verification Example for Discard-Class-Based WRED 11-37
Verification Examples for ATM CLP-Based WRED 11-38
Controlling Packet Flow on Layer 2 Queues 11-39
Configuring the Depth of Layer 2 Queues 11-40
Related Documentation

CHAPTER

12

11-40

Sharing Bandwidth Fairly During Congestion

12-1

Class-Based Weighted Fair Queuing 12-1


Feature History for Class-Based Weighted Fair Queuing
Class-Default Class 12-3
CBWFQ and Bandwidth Allocation 12-3
CBWFQ and RSVP 12-4
Restrictions and Limitations for CBWFQ 12-4

12-3

Class-Based Weighted Fair Queuing for Virtual Access Interfaces


Feature History for CBWFQ for VAIs 12-5
Service Policy Inheritance 12-5
Restrictions and Limitations for CBWFQ for VAIs 12-6
System Limits for CBWFQ

12-4

12-6

Interfaces Supporting Class-Based Weighted Fair Queuing

12-7

Configuring Fair Bandwidth Sharing During Congestion 12-7


Defining Traffic Classes Using Class Maps 12-8
Configuration Example for Defining Traffic Classes Using Class Maps 12-8
Configuring Policy Actions for Traffic Classes Using Policy Maps 12-9
Configuring a Default Traffic Class Policy 12-9
Configuring a Class Policy and Dropping Packets Using Tail Drop 12-11
Cisco 10000 Series Router Quality of Service Configuration Guide
OL-7433-09

xix

Contents

Configuring a Class Policy and Dropping Packets Using WRED 12-12


Attaching Service Policies 12-15
Attaching a Service Policy to an Interface, Subinterface, or PVC 12-15
Attaching a Service Policy to a Virtual Access Interface 12-16
Modifying the Bandwidth for an Existing Policy Map Class 12-16
Modifying the Queue Limit for an Existing Policy Map Class 12-17
Deleting Classes 12-17
Deleting Policy Maps 12-18
Configuration Examples for Sharing Bandwidth Fairly 12-18
Configuration Example for Configuring CBWFQ and Attaching a Policy to an Ethernet Interface
Configuration Example for Configuring CBWFQ and Attaching a Policy to an ATM
Subinterface 12-19
Configuration Example for Configuring CBWFQ and Attaching a Policy to an RBE Subinterface
Verifying and Monitoring Class-Based Weighted Fair Queuing
Related Documentation

CHAPTER

13

12-18

12-19

12-20

12-20

Defining QoS for Multiple Policy Levels

13-1

Hierarchical Policies 13-2


Feature History for Hierarchical Policies
Benefits of Hierarchical Policies 13-3

13-3

Components Common to All Types of Hierarchical Policies


Child Policy 13-4
Parent Policy 13-4
service-policy Command 13-5

13-3

Types of Hierarchical Policies 13-6


Nested Hierarchical Policies 13-6
Restrictions and Limitations for Nested Hierarchical Policies 13-7
Three-Level Hierarchical Policies 13-8
Restrictions and Limitations for Three-Level Hierarchical Policies 13-9
Hierarchical Input Policing Policies 13-10
Restrictions and Limitations for Hierarchical Input Policing Policies 13-11
Hierarchical Policies and Oversubscription

13-11

Applying Child Policies Under Priority Classes


Interfaces Supporting Hierarchical Policies

13-12
13-12

Guidelines for Configuring QoS for Multiple Queues

13-13

Configuring QoS for Multiple Queues 13-13


Creating Fair Queues at Two Levels of Hierarchy 13-13
Creating Fair Queues at Three Levels of Hierarchy 13-15

Cisco 10000 Series Router Quality of Service Configuration Guide

xx

OL-7433-09

Contents

Configuring a Bottom-Level Child Policy of a Three-Level Hierarchy


Configuring a Middle-Level Child Policy of a Three-Level Hierarchy
Configuring the Top-Level Parent Policy of a Three-Level Hierarchy
Policing Inbound Traffic at Two Levels of Hierarchy 13-19
Attaching Hierarchical Policies to Physical and Virtual Links 13-21

13-15
13-16
13-18

Configuration Examples 13-22


Configuration Examples for Nested Hierarchical Policies 13-22
Configuration Examples for Three-Level Hierarchical Policies 13-23
Configuration Example for Hierarchical Input Policing 13-25
Configuring Bandwidth-Remaining Ratios on ATM Subinterfaces: Example 13-26
Configuring Bandwidth-Remaining Ratios on Class Queues: Example 13-26
Verifying the Configuration of Hierarchical Policies
Verification Examples for Hierarchical Policies
Related Documentation

CHAPTER

14

Simultaneous Policy Maps

13-27
13-29

13-30

14-1

Simultaneous QoS Policy Map on an Interface and PPP Session 14-1


Feature History for Simultaneous Policy Maps 14-2
QoS Actions 14-2
Simultaneous Policies and Displaying Statistical Information 14-2
Restrictions for Simultaneous Policy Maps

14-4

Configuring Simultaneous Policy Maps 14-5


Configuring the Two Policy Maps 14-5
Attaching Simultaneous Policies to PPPoE Sessions Traversing an Ethernet Interface
Attaching a Policy to a PPPoE Session 14-6
Attaching a Policy to an Ethernet Interface 14-7
Attaching Simultaneous Policies to PPPoA Sessions Traversing an ATM VC 14-8
Attaching a Policy to a PPPoA Session 14-8
Attaching a Policy to an ATM VC with PPPoA Sessions 14-9
Attaching Simultaneous Policies to PPPoE Sessions Traversing an ATM VC 14-11
Attaching a Policy to PPPoE Sessions 14-11
Attaching a Policy to an ATM VC with PPPoE Sessions 14-12

14-6

Configuration Examples for Simultaneous Policy Maps 14-14


Configuration Example for Applying Simultaneous Policy Maps on Ethernet Interfaces and PPPoE
Sessions 14-14
Configuration Example for Applying Simultaneous Policies on 802.1Q Interfaces and PPPoE
Sessions 14-16
Configuration Example for Applying Simultaneous Policies on 802.1Q QinQ Interfaces and PPPoE
Sessions 14-17

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

xxi

Contents

Configuration Example for Applying Simultaneous Policies on ATM VCs and PPPoA Sessions
Configuration Example for Applying Simultaneous Policies on ATM VCs and PPPoE Sessions
Verifying Simultaneous Policy Maps

14-17
14-18

14-18

Verification Examples for Traffic Policing 14-19


Displaying Simultaneous Policy Map Information for Interfaces 14-20
Displaying Simultaneous Policy Map Information for PTA Virtual Interfaces 14-21
Displaying Simultaneous Policy Map Information for Virtual Access Interfaces 14-21
Displaying Simultaneous Policy Map Information for a LAC Session 14-22

CHAPTER

15

Oversubscribing Physical and Virtual Links

15-1

Interface Oversubscription 15-2


Feature History for Interface Oversubscription 15-2
Restrictions and Limitations for Interface Oversubscription

15-3

ATM Virtual Circuit Oversubscription 15-3


Feature History for ATM VC Oversubscription 15-4
Oversubscription Factor and Unspecified Bit Rate Virtual Circuits 15-4
ATM VC Oversubscription and ATM Line Cards 15-5
atm over-subscription-factor Command 15-5
Syntax Description 15-6
atm over-subscription-factor Command History 15-6
Usage Guidelines for the atm over-subscription-factor Command 15-6
Restrictions and Limitations for ATM VC Oversubscription 15-7
Frame Relay PVC Oversubscription 15-7
Feature History for Frame Relay PVC Oversubscription 15-8
Restrictions and Limitations for Frame Relay PVC Oversubscription
Virtual LAN Oversubscription 15-9
Feature History for VLAN Oversubscription 15-9
Restrictions and Limitations for VLAN Oversubscription
Oversubscription and Hierarchical Policies

15-9

15-9

15-10

Configuring Oversubscription 15-10


Oversubscribing ATM VBR-nrt VCs 15-11
Oversubscribing Frame Relay PVCs 15-11
Oversubscribing Frame Relay PVCs Using Hierarchical Policies 15-12
Oversubscribing Frame Relay PVCs Using a Map Class 15-15
Oversubscribing 802.1Q VLANs 15-17
Configuration Example for Oversubscribing 802.1Q VLANs 15-20
How the Router Determines VC Weights 15-20
Feature History for VC Weighting 15-21
Determining VC WeightingCisco IOS Release 12.0(17)SL to Release 12.3(7)XI1

15-21

Cisco 10000 Series Router Quality of Service Configuration Guide

xxii

OL-7433-09

Contents

Determining VC WeightingCisco IOS Release 12.3(7)XI1 and Later Releases 15-22


Determining VC WeightingCisco IOS Release 12.2(31)SB2 and Later Releases 15-22
Calculating the Default Weight of a VCPRE2 15-23
Calculating the Default Weight of a VCPRE3 15-23
queue-depth Command 15-24
Syntax Description 15-24
queue-depth Command History 15-24
Usage Guidelines for the queue-depth Command 15-24
weight Command 15-24
Syntax Description 15-24
weight Command History 15-25
Usage Guidelines for the weight Command 15-25
High Watermark and Low Watermark Default Values 15-25
Guidelines for Changing Watermark Values 15-26
Modifying the VC Weight and the VP Shaping Parameters 15-27
Restrictions and Limitations for VC Weighting 15-27
Configuring VC Weighting 15-28
Configuring ATM VC Weighting 15-28
Configuration Example for Configuring ATM VC Weighting 15-28
Configuring VC Weighting Using a VC Class Map 15-29
Configuration Example for Configuring VC Weighting Using a VC Class Map 15-29
Configuring VC Weighting on a Range of PVCs 15-30
Configuration Example for Configuring VC Weighting on a Range of PVCs 15-30
Configuring VC Weighting On Subinterfaces Using a Bandwidth Remaining Ratio 15-31
Configuration Example for Configuring VC Weighting on a Subinterface Using Bandwidth
Remaining Ratio 15-33
Configuring VC Weighting on Class Queues Using Bandwidth Remaining Ratio 15-34
Configuration Example for VC Weighting on a Class Queue Using Bandwidth Remaining
Ratio 15-37
Configuring VC Queue Depth 15-38
Configuration Example for Configuring VC Queue Depth 15-38
Configuration Examples 15-38
Configuration Example for Oversubscribing a Shaped ATM VC and VP 15-39
Configuration Example for Configuring the Weight of a VC 15-39
Configuration Example for Configuring the Weight of Multiple VCs 15-40
Configuration Example for Configuring VC Weight Using a Bandwidth Remaining Ratio
Configuration Example for Setting High and Low Watermark Thresholds 15-41

15-40

Verifying Oversubscription and VC Weighting 15-41


Verification Examples for Oversubscription and VC Weighting 15-42
Verifying Default High and Low Watermarks on an Interface 15-42
Cisco 10000 Series Router Quality of Service Configuration Guide
OL-7433-09

xxiii

Contents

Verifying High and Low Watermarks on an Individual VC 15-43


Verifying VC Parameter Configurations and Parameter Inheritance
Related Documentation

CHAPTER

16

15-43

15-44

Fragmenting and Interleaving Real-Time and Nonreal-Time Packets

16-1

Link Fragmentation and Interleaving 16-1


Feature History for Link Fragmentation and Interleaving 16-3
System Limits for Link Fragmentation and Interleaving 16-4
Configuration Commands for MLP-Based Fragmentation and Interleaving
interface multilink Command 16-5
interface multilink Command History 16-5
ppp multilink Command 16-6
ppp multilink fragment-delay Command 16-7
ppp multilink interleave Command 16-8
ppp multilink fragmentation Command 16-8
ppp multilink fragment disable Command 16-9
ppp multilink group Command 16-10

16-5

Multilink PPP-Based Link Fragmentation and Interleaving 16-11


How MLP-Based LFI Works 16-12
MLP Over Serial-Based LFI 16-13
Feature History for MLP Over Serial-Based LFI 16-13
Performance and Scalability for MLP Over Serial-Based LFI 16-13
Restrictions and Limitations for MLP Over Serial-Based LFI 16-14
Line Card Support for MLP Over Serial-Based LFI 16-14
Single-VC MLP Over ATM-Based LFI 16-14
Feature History for Single-VC MLP Over ATM-Based LFI 16-15
Fragment Size Calculation for MLP Over ATM-Based LFI 16-15
MLP Bundle Interface and Service Policies 16-16
Transmit Processing 16-17
Receive Processing 16-17
Performance and Scalability for Single-VC MLP Over ATM-Based LFI 16-18
Restrictions and Limitations for Single-VC MLP Over ATM-Based LFI 16-18
Line Card Support for MLP Over ATM-Based LFI 16-18
Multi-VC MLP Over ATM-Based LFI 16-19
Feature History for Multi-VC MLP Over ATM-Based LFI 16-19
Fragment Size Calculation for Multi-VC MLP Over ATM-Based LFI 16-19
MLP Bundle Interface and Service Policies 16-20
Performance and Scalability for Multi-VC MLP Over ATM-Based LFI 16-20
Restrictions and Limitations for Multi-VC MLP Over ATM-Based LFI 16-20

Cisco 10000 Series Router Quality of Service Configuration Guide

xxiv

OL-7433-09

Contents

Line Card Support for MLP Over ATM-Based LFI 16-21


MLP Over Frame Relay-Based LFI 16-21
Feature History for MLP Over Frame Relay-Based LFI 16-21
Multilink Group Interfaces and Virtual Template Interfaces 16-21
MLP Bundle Interface and Service Policies 16-22
Transmit Processing 16-22
Receive Processing 16-22
Fragment Size Calculation for MLP Over Frame Relay-Based LFI 16-23
Performance and Scalability for MLP Over Frame Relay-Based LFI 16-23
Restrictions and Limitations for MLP Over Frame Relay-Based LFI 16-24
Configuring MLP-Based LFI 16-24
Creating a MLP Bundle Interface 16-25
Enabling MLP on a Virtual Template Interface 16-27
Configuring a Shaping Policy for MLP Over Frame Relay-Based LFI 16-29
Adding a Serial Member Link to a MLP Bundle 16-29
Adding an ATM Member Link to a MLP Bundle 16-30
Adding a Frame Relay Member Link to a MLP Bundle 16-33
Moving a Member Link to a Different MLP Bundle 16-35
Removing a Member Link from a MLP Bundle 16-36
FRF.12 Fragmentation 16-37
Feature History for FRF.12 Fragmentation 16-38
FRF.12 over Multilink Frame Relay 16-38
FRF.12 Fragmentation Inheritance 16-39
FRF.12 Fragmentation and Hierarchical Policies 16-39
PVC-Based FRF.12 Fragmentation 16-40
Interface-Based FRF.12 Fragmentation 16-40
Minimum Fragment Size for FRF.12 Fragmentation 16-40
Configuration Commands for FRF.12 Fragmentation 16-40
frame-relay fragment Command (Map-Class) 16-41
frame-relay fragment end-to-end Command (Interface) 16-41
Performance and Scalability for FRF.12 Fragmentation 16-42
Prerequisites for FRF.12 Fragmentation 16-42
Restrictions and Limitations for FRF.12 Fragmentation 16-43
Configuring PVC-Based FRF.12 Fragmentation 16-44
Enabling FRF.12 Fragmentation on a Map Class 16-44
Attaching the Map Class 16-45
Configuring a Hierarchical Policy and PVC-Based FRF.12 Fragmentation 16-52
Configuring Interface-Based FRF.12 Fragmentation 16-57
Configuration Example for Enabling Interface-Based FRF.12 Fragmentation 16-58
Configuration Examples for Link Fragmentation and Interleaving

16-59

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

xxv

Contents

Configuration Example for MLP Over Serial-Based LFI 16-59


Configuration Example for Single-VC MLP Over ATM-Based LFI 16-60
Configuration Example for Multi-VC MLP Over ATM-Based LFI 16-61
Configuration Example for MLP Over Frame Relay-Based LFI 16-62
Configuration Examples for PVC-Based FRF.12 Fragmentation 16-63
Configuration Example for Interface-Based FRF.12 Fragmentation 16-64
Verifying and Monitoring Link Fragmentation and Interleaving 16-65
Verification Example for MLP Over Serial-Based LFI 16-67
Verification Examples for FRF.12 Fragmentation 16-68
Related Documentation

CHAPTER

17

16-69

Configuring Dynamic Subscriber Services

17-1

Applying Traffic Shaping Parameters Using RADIUS Profiles 17-2


Feature History for Dynamic Bandwidth Selection 17-2
Configuration Commands for DBS 17-3
dbs enable Command 17-3
default dbs enable Command 17-4
PCR and SCR Parameters for Multiple Sessions on a VC 17-5
Dynamic Bandwidth Selection Configuration and PPP Sessions 17-6
Network Access Server QoS Management 17-6
Default QoS Parameters and QoS Configuration Precedence 17-6
Accounting Updates 17-7
Service Category Transitions 17-7
Dynamic Bandwidth Selection and Oversubscription 17-7
Prerequisites for Dynamic Bandwidth Selection 17-8
Restrictions and Limitations for Dynamic Bandwidth Selection 17-8
Configuring Dynamic Bandwidth Selection 17-9
Configuring the Router for Dynamic Bandwidth Selection 17-9
Configuring RADIUS Profiles for Dynamic Bandwidth Selection 17-13
Configuration Examples for Dynamic Bandwidth Selection 17-14
Configuration Example for Enabling Dynamic Bandwidth Selection on a VC Class and a
PVC 17-14
Configuration Example for Enabling a RADIUS Domain Service Profile for Dynamic Bandwidth
Selection 17-16
Configuration Example for Enabling a RADIUS User Profile for Dynamic Bandwidth
Selection 17-16
Verifying and Monitoring Dynamic Bandwidth Selection 17-17
Dynamically Changing VC Weight and Watermark Values 17-18
Feature History for Dynamic VC Weight and Watermarks 17-19
Configuration Commands for Dynamic VC Weight and Watermarks

17-19

Cisco 10000 Series Router Quality of Service Configuration Guide

xxvi

OL-7433-09

Contents

Default High and Low Watermark Values 17-20


High and Low Watermark Threshold Behavior 17-20
Restrictions and Limitations for VC Weight and Watermarks 17-20
Configuring Dynamic VC Weights and Watermarks 17-20
Configuring the Router for Dynamic VC Weights and Watermarks 17-21
Setting Up RADIUS for Dynamic VC Weights and Watermarks 17-22
Verifying Dynamic VC Weights and Watermarks 17-22
Verification Example for Dynamic VC Weights and Watermarks 17-23
Applying QoS Parameters Dynamically to Sessions 17-24
Feature History for Define Interface Policy-Map AV Pairs AAA 17-26
Pulled Policy Maps 17-26
Prerequisites for Define Interface Policy-Map AV Pairs AAA 17-27
Restrictions and Limitations for Define Interface Policy-Map AV Pairs AAA 17-27
Configuring Dynamic QoS Policies at the Session Level 17-27
Prerequisites 17-27
Configuring the Router for Dynamic QoS Policies at the Session Level 17-28
Setting Up RADIUS for Dynamic QoS Policies at the Session Level 17-29
Setting Up the AAA Server 17-29
Configuration Examples for Dynamic QoS Policies at the Session Level 17-30
Configuration Examples for Existing Service Policies and Pulled Policies 17-30
Configuration Examples for Pulled Policies and a Router Without Existing Policies
Verifying Dynamic QoS Policies at the Session Level 17-32
Verification Examples for Dynamic QoS Policies at the Session Level 17-33

17-32

Shaping PPPoE Over VLAN Sessions Using RADIUS 17-34


Feature History for Per Session Queuing and Shaping for PPPoE Over VLANs 17-35
Per Session Shaping Inheritance 17-36
Interfaces Supporting Per Session Queuing and Shaping for PPPoE Over VLANs 17-36
Restrictions and Limitations for Per Session Queuing and Shaping for PPPoE Over VLANs 17-36
Configuring Per Session Queuing and Shaping for PPPoE Over VLANs Using RADIUS 17-37
Configuring a Per Session Queuing and Shaping Policy on the Router 17-37
Setting Up RADIUS for Per Session Queuing and Shaping 17-40
Verifying Per Session Queuing and Shaping Policies 17-42
Shaping and Queuing Per-Session Traffic on LNS 17-44
Feature History for Per Session Shaping and Queuing on LNS 17-45
Prerequisites for Per Session Shaping and Queuing on LNS 17-45
Restrictions and Limitations for Per Session Shaping and Queuing on LNS 17-45
Configuring Per Session Shaping and Queuing on LNS 17-45
Configuring a Per Session Shaping and Queuing on LNS Policy 17-46
Queuing PPP Sessions on ATM VCs

17-50

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

xxvii

Contents

Feature History for PPP Session Queuing on ATM VCs 17-51


Dynamically Applying QoS Policies to PPP Sessions on ATM VCs 17-51
PPP Session Queuing Inheritance 17-52
Interfaces Supporting PPP Session Queuing 17-52
Mixed Configurations and Queuing 17-52
Bandwidth Sharing and ATM Port Oversubscription 17-53
Oversubscription at the Session Level 17-53
Prerequisites for PPP Session Queuing on ATM VCs 17-53
Restrictions and Limitations for PPP Session Queuing on ATM VCs 17-53
Configuring PPP Session Queuing on ATM VCs 17-54
Configuring PPP Session Queuing Using a Virtual Template 17-54
Configuring PPP Session Queuing Using RADIUS 17-60
Configuration Examples for PPP Session Queuing on ATM VCs 17-60
Example of Configuring PPP Session Queuing on ATM VCs 17-61
Example of Configuring and Applying an Hierarchical Policy Map 17-61
Example of Setting Up RADIUS for PPP Session Queuing on ATM VCs 17-62
Verifying PPP Session Queuing on ATM VCs 17-62
Examples of Verifying PPP Session Queuing on ATM VCs 17-63
Related Documentation

CHAPTER

18

17-66

Regulating and Shaping Subscriber Traffic

18-1

Subscriber-Based IP Quality of Service 18-2


Per Session Rate Limiting 18-3
Feature History for Per Session Rate Limiting 18-4
Restrictions and Limitations for Per Session Rate Limiting 18-4
Per User Multiservice Rate Limiting 18-4
Feature History for Per User Multiservice Rate Limiting 18-5
System Limits for Per User Multiservice Rate Limiting 18-5
Restrictions and Limitations for Per User Multiservice Rate Limiting 18-5
Per Session Service Policy Using RADIUS 18-5
Feature History for Per Session Service Policy Using RADIUS 18-6
Restrictions and Limitations for per Session Service Policy Using RADIUS 18-6
Input and Output Policy Actions 18-7
Configuring IP Quality of Service for Subscribers 18-9
Configuring per Session Rate Limiting 18-9
Configuring per User Multiservice Rate Limiting 18-10
Configuring per Session Service Policy Using RADIUS 18-11
Configuration Examples for Subscriber-Based IP QoS 18-12
Configuration Example for Per Session Rate Limiting 18-12

Cisco 10000 Series Router Quality of Service Configuration Guide

xxviii

OL-7433-09

Contents

Configuration Example for Per User Multiservice Rate Limiting 18-13


Configuration Example for Per Session Service Policy Using RADIUS 18-13
Verifying a Subscriber-Based IP QoS Configuration 18-16
Verification Examples for Subscriber-Based IP QoS Configurations 18-17
MQC Support for IP Sessions 18-18
Feature History for MQC Support for IP Sessions 18-19
QoS Actions Supported in IP Session Policy Maps 18-19
Interface Support for MQC on IP Sessions 18-19
Policies and Queues Inheritance Rules 18-19
Service Policy Maps and Service Profiles 18-20
Restrictions and Limitations for MQC Support for IP Sessions 18-20
Configuring MQC on IP Sessions 18-21
Configuring QoS on Service Policy Maps Without Traffic Classes 18-21
Configuring QoS on Service Policy Maps With Traffic Classes 18-22
Configuration Examples for MQC on IP Sessions 18-23
Verifying Service Policies on IP Sessions 18-24
Shaping and Queuing Per-Session Traffic on LNS 18-24
Feature History for Per Session Shaping and Queuing on LNS 18-25
Prerequisites for Per Session Shaping and Queuing on LNS 18-25
Restrictions and Limitations for Per Session Shaping and Queuing on LNS
Configuring Per Session Shaping and Queuing on LNS 18-25

18-25

Queuing PPP Sessions on ATM VCs 18-29


Feature History for PPP Session Queuing on ATM VCs 18-30
Dynamically Applying QoS Policies to PPP Sessions on ATM VCs 18-30
PPP Session Queuing Inheritance 18-31
Interfaces Supporting PPP Session Queuing 18-31
Mixed Configurations and Queuing 18-31
Bandwidth Sharing and ATM Port Oversubscription 18-32
Oversubscription at the Session Level 18-32
Prerequisites for PPP Session Queuing on ATM VCs 18-32
Restrictions and Limitations for PPP Session Queuing on ATM VCs 18-32
Configuring PPP Session Queuing on ATM VCs 18-33
Configuring PPP Session Queuing Using a Virtual Template 18-33
Configuring PPP Session Queuing Using RADIUS 18-38
Configuration Examples for PPP Session Queuing on ATM VCs 18-39
Example of Configuring PPP Session Queuing on ATM VCs 18-39
Example of Configuring and Applying an Hierarchical Policy Map 18-40
Example of Setting Up RADIUS for PPP Session Queuing on ATM VCs 18-41
Verifying PPP Session Queuing on ATM VCs 18-41

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

xxix

Contents

Verification Examples for PPP Session Queuing on ATM VCs

18-42

Per-Session Shaping for ATM Interfaces 18-45


Feature History for Per-Session Shaping for ATM Interfaces 18-46
Restrictions and Limitations for Per-Session Shaping for ATM Interfaces 18-46
Configuring Per-Session Shaping for ATM Interfaces 18-46
Configuration Example for Per-Session Shaping on ATM Interfaces 18-50
Verifying Per-Session Shaping on ATM Interfaces 18-50
Related Documentation

CHAPTER

19

18-51

Configuring Quality of Service for PVC Bundles

19-1

PVC Bundles 19-1


Feature History for PVC Bundles 19-2
System Limits for PVC Bundles 19-2
Traffic Bumping 19-3
PVC Bundle Protection Rules 19-3
ATM PVC Selection 19-4
Feature History for ATM PVC Selection 19-5
Configuration Commands for ATM PVC Selection 19-5
bump Command 19-5
bundle Command 19-6
class-bundle Command 19-7
class-vc Command 19-8
mpls experimental Command 19-9
oam-bundle Command 19-10
precedence Command 19-11
protect Command 19-12
pvc-bundle Command 19-13
ATM Bundle Management 19-14
Bumping and ATM PVC Bundles 19-16
Prerequisites for ATM PVC Selection 19-17
Restrictions and Limitations for ATM PVC Selection 19-17
Configuring ATM Bundles 19-18
Creating an ATM Bundle Directly 19-18
Creating an ATM Bundle Using a VC Class 19-20
Adding an ATM PVC to a PVC Bundle 19-23
Configuring ATM Bundle Members 19-23
Configuring an ATM Bundle Member 19-23
Configuring an ATM Bundle Member Using a VC Class 19-25
Configuring a PVC Not to Accept Bumped Traffic 19-27
Cisco 10000 Series Router Quality of Service Configuration Guide

xxx

OL-7433-09

Contents

Verifying and Monitoring ATM PVC Bundles 19-28


Configuration Examples for Configuring ATM Bundles and PVC Selection 19-29
Configuration Example for ATM Bundle Configuration Using VC Classes 19-29
Configuration Example for MPLS EXP-Based ATM PVC Selection 19-31
Frame Relay PVC Selection 19-31
Feature History for Frame Relay PVC Selection 19-32
Configuration Commands for Frame Relay PVC Selection 19-32
bump Command (Frame Relay VC-bundle-member) 19-33
dscp Command (Frame Relay VC-bundle-member) 19-34
exp Command 19-35
frame-relay vc-bundle Command 19-36
precedence Command (Frame Relay VC-bundle-member) 19-37
protect Command (Frame Relay VC-bundle-member) 19-38
pvc Command (Frame Relay VC-bundle) 19-39
Service Levels and PVC Selection Criteria 19-40
Prerequisites for Frame Relay PVC Selection 19-40
Restrictions and Limitations for Frame Relay PVC Selection 19-41
Configuring Frame Relay Bundles 19-41
Creating a Frame Relay PVC Bundle 19-42
Adding a PVC to a Frame Relay PVC Bundle 19-43
Configuring Frame Relay Bundle Members 19-44
Configuration Examples for Configuring Frame Relay Bundles and PVC Selection 19-49
Configuration Example for Precedence-Based and DSCP-Based Frame Relay PVC
Selection 19-49
Configuration Example for MPLS EXP-Based Frame Relay PVC Selection 19-50
Verifying and Monitoring Frame Relay PVC Selection 19-50
Verification Example for Monitoring PVC Bundles 19-52
Related Documentation

CHAPTER

20

19-53

Configuring Quality of Service for MPLS Traffic

20-1

MPLS QoS 20-1


Feature History for MPLS QoS 20-2
MPLS QoS Services 20-2
MPLS Tunneling Modes 20-3
How QoS Works for MPLS Traffic 20-4
MPLS QoS and Packet Priority During Congestion 20-4
Interfaces Supporting MPLS QoS 20-4
MPLS QoS Implementation 20-5
Restrictions and Limitations for MPLS QoS 20-5

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

xxxi

Contents

Configuring MPLS QoS on the Ingress Label Switching Router 20-5


Classifying IP Packets Using a Class Map 20-6
Setting the MPLS EXP Field Using a Policy Map 20-7
Attaching an MPLS QoS Service Policy to an Interface 20-8
Configuration Examples for MPLS QoS 20-8
Configuration Example for Short Pipe Mode 20-9
Configuration Example for Pipe Mode 20-10
MPLS CoS Multi-VC Mode 20-12
Feature History for MPLS CoS Multi-VC Mode 20-12
Label Switched Paths 20-13
Class of Service Map 20-13
QoS for Label-Controlled ATM VCs 20-14
Default Bandwidth for LVCs 20-14
Allocating LVC Bandwidth Using Policy Maps 20-14
MPLS QoS Support in an MPLS Network 20-14
Benefits of MPLS CoS Multi-VC Mode 20-15
Restrictions for MPLS CoS Multi-VC Mode 20-15
Prerequisites for MPLS CoS Multi-VC Mode 20-15
Configuring MPLS CoS Multi-VC Mode 20-16
Configuring Multi-VC Mode in the Core of an ATM Network 20-16
Configuring Queueing Functions on Router Output Interfaces 20-17
Monitoring and Maintaining MPLS CoS Multi-VC Mode Configuration 20-18
Configuration Examples for MPLS CoS Multi-VC Mode 20-18
MPLS Traffic EngineeringDiffServ Aware 20-18
Feature History for MPLS TEDS 20-19
Sub-pool Tunnels 20-19
Global Pool Tunnels 20-20
Prerequisites for DS-TE 20-20
Restrictions and Limitations for DS-TE 20-20
Configuring DS-TE 20-20
Activating Traffic Engineering on the Router 20-21
Activating Traffic Engineering on the Interface 20-23
Configuring the Tunnel Interface 20-24
Configuring Guaranteed Bandwidth Service 20-25
Verifying and Monitoring DS-TE Configurations 20-26
Configuration Examples for DS-TE 20-28
Configuration Examples for Configuring the Tunnel Head Router 20-28
Configuration Examples for Configuring DS-TE on the Midpoint Routers 20-30
Configuration Examples for Configuring the Tail-End Router 20-31
Configuration Examples for Configuring Guaranteed Bandwidth Service 20-31
Cisco 10000 Series Router Quality of Service Configuration Guide

xxxii

OL-7433-09

Contents

Per VRF AAA

20-32

Related Documentation

CHAPTER

21

20-32

VLAN Tag-Based Quality of Service

21-1

VLAN Tag-Based QoS 21-1


Feature History for VLAN Tag-Based QoS 21-2
VLAN-Groups 21-2
VLAN-Group Policy Map 21-2
Modification of a VLAN-Group Policy Map 21-3
VLAN ID 21-3
VLAN-Group Policies and Inheritance 21-3
Aggregate Session Traffic 21-3
System Limits for VLAN Tag-Based QoS 21-4
Statistical Information for VLAN-Group Policies and Classes
VLAN Tag-Based QoS on the PRE2 and PRE3 21-4
Restrictions for VLAN Tag-Based QoS

21-4

21-5

Configuring VLAN Tag-Based QoS 21-7


Configuration Guidelines for VLAN Tag-Based QoS 21-7
Configuring VLAN-Group Class Maps 21-8
Examples 21-8
Configuring a VLAN-Group Policy 21-9
Configuring QoS Policies for Traffic ClassesInbound VLAN Group and Class-Default
Classes 21-9
Configuring QoS Policies for Traffic ClassesOutbound VLAN Group and Class-Default
Classes 21-10
Attaching VLAN Tag-based Policies 21-12
Configuration Examples for VLAN Tag-Based QoS 21-13
Configuring a VLAN Tag-Based QoS Policy: Example 21-14
Configuring a VLAN Tag-Based QoS Policy: Invalid Configuration Example
Related Documents

CHAPTER

22

21-14

21-15

Hierarchical Scheduling and Queuing

22-1

Hierarchical Queuing Framework 22-1


Feature History for Hierarchical Queuing Framework 22-2
Hierarchical Queuing Framework Scaling 22-2
QoS Shaping Using HQF 22-3
ATM Virtual Path Shaping Using HQF 22-3
ATM VC Shaping Using HQF 22-3
Hierarchical ATM VP and VC Shaping Using HQF 22-4
Cisco 10000 Series Router Quality of Service Configuration Guide
OL-7433-09

xxxiii

Contents

Subinterface Shaping Using HQF 22-4


IP and PPP Session Shaping Using HQF 22-5
MQC Hierarchical Queuing with 3-Level Scheduler 22-5
Feature History for MQC Hierarchical Queuing with 3-Level Scheduler 22-6
Prerequisites for MQC Hierarchical Queuing with 3-Level Scheduler 22-6
Restrictions for MQC Hierarchical Queuing with 3-Level Scheduler 22-6
Scheduling Hierarchy 22-6
Priority Service and Latency 22-7
Latency Requirements 22-7
Priority Propagation with Imposed Burstiness 22-7
Configuring MQC Hierarchical Queuing with 3-Level Scheduler 22-8
Configuration Examples for MQC Hierarchical Queuing with 3-Level Scheduler
Bandwidth AllocationPolicy Attached to an Interface: Example 22-8
Tuning the Bandwidth-Remaining Ratio: Example 22-9
4-Level Scheduler 22-10
Feature History for 4-Level Scheduler
Related Documentation

APPENDIX

22-11

22-12

Configuring Frame Relay QoS Using Frame Relay Legacy Commands


Creating a Map Class

Specifying a DLCI Queue Weight


Enabling RED Drop

A-3
A-3

Configuring Frame Relay Traffic Shaping


B

A-2

A-2

Configuring Frame Relay IP RTP Priority

APPENDIX

A-1

A-1

Enabling Weighted Fair Queuing on the Interface


Specifying Tail Drop

22-8

A-4
A-5

QoS Policy Propagation Through the Border Gateway Protocol


QPPB Configuration Example
Related Documentation

B-1

B-1

B-4

GLOSSARY

INDEX

Cisco 10000 Series Router Quality of Service Configuration Guide

xxxiv

OL-7433-09

About This Guide


This guide provides information about the Quality of Service (QoS) features supported on the
Cisco 10000 series router and describes how to configure them.

Guide Revision History


Cisco IOS Release

Part Number

Publication Date

Release 12.2(33)SB2

OL-7433-08

September, 2008

Description
Added the following new and modified features:

MLP at LNS with H-QoS & ATM Overgead AccountingSee the MLP on LNS with HQoS and
ATM Overhead Accounting section on page 10-3

Cisco IOS Release

Part Number

Publication Date

Release 12.2(33)SB

OL-7433-06

March, 2008

Description
Added the following new and modified features:

ATM CLP-Based WREDSee the Controlling Congestion Using Weighted Random Early
Detection section on page 11-11.

ATM Overhead AccountingSee the ATM Overhead Accounting section on page 2.

ATM VP Average Traffic RateSee the ATM VP Average Traffic Rate, Release 12.2(33)SB feature
guide.

AToM Class-Based Match FR DEChapter 2, Classifying Traffic.

AToM Set ATM CLP Bit Using a PolicerSee the AToM Set ATM CLP Bit Using a Policer
section on page 6-13.

AToM Set Frame Relay DE as Police ActionSee the AToM Set FR DE as Police Action section
on page 6-14.

Class-Based Frame Relay DE Bit Matching and MarkingSee Chapter 2, Classifying Traffic and
the Class-Based Frame Relay DE Bit Marking section on page 7-17.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

xxxv

About This Guide

Control Plane PolicingPlatform EnhancementSee the Control Plane PolicingPlatform


Enhancement, Release 12.2(33)SB feature guide.

Ethernet Overhead AccountingSee the Ethernet Overhead Accounting section on page 10-4.

MQCTraffic Shaping Overhead Accounting for ATMSee the Traffic Shaping Overhead
Accounting for ATM section on page 10-4.

MQC Support for IP SessionsSee the MQC Support for IP Sessions section on page 18-18.

Per-Session Shaping for ATM InterfacesSee the Per-Session Shaping for ATM Interfaces
section on page 18-45.

Policy Map Scaling Phase 2See the System Limits for Policy Maps section on page 3-2.

QoS ModelsSee the QoS Models section on page 1-6.

Simultaneous QoS Policy Map on Interface and PPP Session A-DSLAM caseSee Chapter 14,
Simultaneous Policy Maps.

Traffic Shaping Overhead Accounting for ATMSee the Traffic Shaping Overhead Accounting
for ATM section on page 10-4.

Set Layer 2 CoS as a Policer ActionSee the Set Layer 2 CoS as a Policer Action section on
page 6-15.

Cisco IOS Release

Part Number

Publication Date

Release 12.2(31)SB6

OL-7433-05

July, 2007

Description
Added the following new features:

QoS: Per-Session Shaping and Queuing on LNSSee the Shaping and Queuing Per-Session
Traffic on LNS section on page 17-44.

PPP Session Queuing on ATM Virtual CircuitsSee the Queuing PPP Sessions on ATM VCs
section on page 17-50.

Added the following new section:

qos match statistics CommandSee the qos match statistics Command section on page 2-4.

Cisco IOS Release

Part Number

Publication Date

Release 12.2(31)SB5

OL-7433-04

April, 2007

Description
Added the following new feature:

Per Session Queuing and Shaping for PPPoE Over VLAN Using RADIUSSee the ATM
Overhead Accounting section on page 10-2.

Cisco 10000 Series Router Quality of Service Configuration Guide

xxxvi

OL-7433-09

About This Guide

Cisco IOS Release

Part Number

Publication Date

Release 12.2(31)SB3

OL-7433-03

February, 2007

Description
Added the following new feature:

The show pxf cpu queue atm command now displays dropped and dequeued packets for classes
associated with sessions that inherit queues from VCsSee the Verifying Traffic Shaping section
on page 9-17.

Cisco IOS Release

Part Number

Publication Date

Release 12.2(31)SB2

OL-7433-02

December, 2006

Description
Updated the valid multilink interface values. These values changed from 1 to 9999 (Release 12.2(28)SB
and later) to from 1 to 9999 and 65,536 to 2,147,483,647. See Multilink PPP-Based Link Fragmentation
and Interleaving section on page 16-11.
Added the following new features:

Child Service Policy Allowed Under Priority ClassSee the Applying Child Policies Under
Priority Classes section on page 13-12.

Class-Based Ethernet Class of Service Matching and MarkingSee the Defining Match Criteria
Using the match Commands section on page 2-5 and the Class of Service Marking section on
page 7-10.

Class-Based Weighted Fair Queuing (PRE3)See the Class-Based Weighted Fair Queuing
section on page 12-1.

Classification, Policing, and Marking on the L2TP Access Concentrator (LAC)See Classifying
Traffic Policing Traffic and Marking Traffic

Control Plane PolicingSee the Control Plane Policing section on page 6-13.

Differentiated Services-Compliant WREDControlling Congestion Using Weighted Random


Early Detection section on page 11-11.

Distribution of Remaining Bandwidth Using RatioSee the Distribution of Remaining Bandwidth


Using Ratio section on page 5-14

Hierarchical Scheduling and QueuingSee Chapter 22, Hierarchical Scheduling and Queuing

Multi-Level Priority QueuesSee the Multi-Level Priority Queues section on page 8-3.

Percentage-Based ShapingSee the Percentage-Based Traffic Shaping section on page 9-8.

Policing Support for GRE TunnelsSee the Policing Support for GRE Tunnels section on
page 6-17.

PXF-Based Frame Relay DE Bit MarkingSee Class-Based Frame Relay DE Bit Marking
section on page 7-17.

QoS CLI Migration from PRE2 to PRE3See the QoS CLI Migration from PRE2 to PRE3
section on page 1-3.

Three-Level Scheduler Using MQC Hierarchical Queuing FrameworkSee Chapter 22,


Hierarchical Scheduling and Queuing

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

xxxvii

About This Guide

Tunnel Header MarkingSee the Tunnel Header Marking section on page 7-18.

Traffic Shaping Overhead Accounting for ATMSee the Traffic Shaping Overhead Accounting
for ATM section on page 10-4.

VC Oversubscription (PRE3)See Chapter 15, Oversubscribing Physical and Virtual Links.

VLAN Tag-Based Quality of ServiceSee Chapter 21, VLAN Tag-Based Quality of Service.

Weighted RED support for the PRE3See Chapter 11, Managing Packet Queue Congestion.

Cisco IOS Release

Part Number

Publication Date

Release 12.2(28)SB2

OL-7433-01

July, 2006

Description
Changed the part number and added the following new QoS features:

Hierarchical Input PolicingSee the Hierarchical Input Policing Policies section on page 13-10.

Link fragmentation and interleaving (LFI) for Multilink PPP over ATM and Frame RelaySee
Chapter 16, Fragmenting and Interleaving Real-Time and Nonreal-Time Packets.

Two-Rate Three-Color Marker for traffic policingSee the Two-Rate Three-Color Marker for
Traffic Policing section on page 6-8.

For information about non-QoS features introduced in Cisco IOS Release 12.2(28)SB and existing
features integrated in the release, see the Cross-Platform Release Notes for Cisco IOS
Release 12.2(28)SB.
Cisco IOS Release

Part Number

Publication Date

Release 12.3(7)XI7

OL-4388-06

September, 2005

Description
Added the following new features:

DBS ExtensionsVC Weight and WatermarksSee the Dynamically Changing VC Weight and
Watermark Values section on page 17-18.

Per Session Queuing and Shaping for PPPoE Over VLAN Using RADIUSSee the ATM
Overhead Accounting section on page 10-2.

Added the following features from the Cisco 10000 Series Router Broadband Aggregation, Leased-Line,
and MPLS Configuration Guide:

PVC BundlesSee Chapter 19, Configuring Quality of Service for PVC Bundles.

MPLS QoSSee Chapter 20, Configuring Quality of Service for MPLS Traffic.

MPLS Traffic EngineeringDiffServ AwareSee Chapter 20, Configuring Quality of Service for
MPLS Traffic.

Cisco 10000 Series Router Quality of Service Configuration Guide

xxxviii

OL-7433-09

About This Guide

Cisco IOS Release

Part Number

Publication Date

Release 12.2

OL-4388-05

July, 2005

Added the following features from the Cisco 10000 Series Router Broadband Aggregation, Leased-Line,
and MPLS Configuration Guide:

Define Interface Policy-Map AV Pairs AAASee the Applying QoS Parameters Dynamically to
Sessions section on page 17-24.

Dynamic Bandwidth SelectionSee the Applying Traffic Shaping Parameters Using RADIUS
Profiles section on page 17-2.

Per Session Rate LimitingSee the Per Session Rate Limiting section on page 18-3.

Per User Multiservice Rate LimitingSee the Per User Multiservice Rate Limiting section on
page 18-4.

Per Session Service Policy Using RADIUSSee the Per Session Service Policy Using RADIUS
section on page 18-5.

Traffic Shaping and Hierarchical ShapingSee Chapter 9, Shaping Traffic.

Class-Based Weighted Fair QueuingSee Chapter 12, Sharing Bandwidth Fairly During
Congestion.

Cisco IOS Release

Part Number

Publication Date

Release 12.3(7)XI3

OL-4388-04

March, 2005

Description
Added the following new feature:

LAC QoS on VCsSee the Attaching Layer 2 Access Concentrator QoS Service Policies section
on page 4-30.

Added the following features from the Cisco 10000 Series Router Broadband Aggregation, Leased-Line,
and MPLS Configuration Guide:

Nested and 3-level hierarchical policiesSee Chapter 13, Defining QoS for Multiple Policy
Levels.

OversubscriptionSee Chapter 15, Oversubscribing Physical and Virtual Links.

Changed the title of Chapter 9 to Managing Packet Queue Congestion (formerly, Managing Packet
Queues).
Cisco IOS Release

Part Number

Publication Date

Release 12.0(25)SX
Release 12.3(7)XI

OL-4388-03

December, 2004

Description
Revised and reorganized the QoS Configuration Guide. Expanded both technical and configuration
information.
Added some of the QoS features currently in the Cisco 10000 Series Broadband and Leased-Line
Configuration Guide.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

xxxix

About This Guide

Cisco IOS Release

Part Number

Publication Date

Release 12.0(23)SX1
Release 12.0(25)S

OL-4388-02

April, 2004

Description
Added strict priority queuing. Removed the ability to specify a rate using the priority command.
Cisco IOS Release

Part Number

Publication Date

Release 12.0(25)SX

OL-4388-01

June, 2003

Description
Created the Cisco 10000 Series Router Quality of Service Configuration Guide.

Audience
This guide is designed for system and network managers who are responsible for integrating quality of
service features into their networks. These managers should be experienced using Cisco IOS software
and should be familiar with the operation of the Cisco 10000 series router.

Document Organization
This guide contains the following chapters:
Chapter

Title

Description

Chapter 1

Quality of Service Overview

Describes the process and components involved in configuring


QoS on the router. Lists the QoS features supported and feature
changes.

Chapter 2

Classifying Traffic

Describes how to classify traffic using class maps.

Chapter 3

Configuring QoS Policy Actions and


Rules

Describes how to create QoS policies using policy maps and the
types of policy actions supported.

Chapter 4

Attaching Service Policies

Describes how to attach QoS policies to various interfaces.

Chapter 5

Distributing Bandwidth Between Queues Describes bandwidth allocation and how to use the bandwidth
command to distribute bandwidth between traffic queues.

Chapter 6

Policing Traffic

Describes traffic policing and how to configure policing for


traffic classes based on kilobits per second or as a percentage of
available bandwidth.

Chapter 7

Marking Traffic

Describes traffic marking and how to configure it on inbound


and outbound interfaces.

Chapter 8

Prioritizing Services

Describes how to configure a traffic class as a priority class that


receives preferential treatment.

Chapter 9

Shaping Traffic

Describes the mechanisms used to shape traffic on the router.

Cisco 10000 Series Router Quality of Service Configuration Guide

xl

OL-7433-09

About This Guide

Chapter

Title

Description

Chapter 10

Overhead Accounting

Describes the overhead accounting features supported on the


router.

Chapter 11

Managing Packet Queue Congestion

Describes the mechanisms used to control packet queue


congestion.

Chapter 12

Sharing Bandwidth Fairly During


Congestion

Describes the Class-based Weighted Fair Queuing (CBWFQ)


feature and explains how to configure it.

Chapter 13

Defining QoS for Multiple Policy Levels Describes the types of hierarchical policies supported and how
to configure them.

Chapter 14

Simultaneous Policy Maps

Describes how to simultaneously configure policy maps on


sessions and interfaces.

Chapter 15

Oversubscribing Physical and Virtual


Links

Describes interface, virtual circuit, and virtual LAN (VLAN)


oversubscription and how to configure it. Also describes VC
weighting.

Chapter 16

Fragmenting and Interleaving Real-Time Describes fragmentation and interleaving on the router and how
and Nonreal-Time Packets
to configure it.

Chapter 17

Configuring Dynamic Subscriber


Services

Describes how to use the following features:

Dynamic Bandwidth Selection (DBS) featureApply


traffic shaping parameters using RADIUS profiles

Define Interface Policy-Map AV Pairs AAA


featureApply QoS parameters dynamically to sessions

DBS ExtensionVC Weight and WatermarksModify


existing VC weight and watermark values without tearing
down and recreating the VC

Per Session Queuing and Shaping for PPPoE Over VLANs


Using RADIUS featureDynamically apply queuing and
shaping policies to PPPoE over VLAN sessions

Per Session Shaping and Queuing on LNSShape or queue


the traffic from an Internet service provider (ISP) to an ISP
subscriber over a Layer 2 Tunneling Protocol (L2TP)
Network Server (LNS).

PPP Session Queuing on ATM Virtual CircuitsShape and


queue PPP over ATM (PPPoA) and PPP over Ethernet over
ATM (PPPoEoA) sessions to a user specified rate.

Chapter 18

Regulating Subscriber Traffic

Describes subscriber-based traffic regulating and shaping


features.

Chapter 19

Configuring Quality of Service for PVC


Bundles

Describes PVC bundles and QoS-based PVC selection over


ATM and Frame Relay PVCs.

Chapter 20

Configuring Quality of Service for MPLS Describes the MPLS QoS feature and the MPLS Traffic
Traffic
EngineeringDiffServ Aware feature and how to configure
them.

Chapter 21

VLAN Tag-Based Quality of Service

Describes the VLAN Tag-Based feature that enables you to


apply a single QoS policy to a group of IEEE 802.1Q VLAN
subinterfaces.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

xli

About This Guide

Chapter

Title

Description

Chapter 22

Hierarchical Scheduling and Queuing

Describes the hierarchical queuing framework (HQF)


architecture and the three-level scheduler that uses HQF.

Appendix A

Configuring Frame Relay QoS Using


Frame Relay Legacy Commands

Describes the Frame Relay commands used in early releases to


configure QoS on Frame Relay interfaces.

Appendix B

QoS Policy Propagation Through the


Border Gateway Protocol

Provides a configuration example for QoS policy propagation


through the Border Gateway Protocol (QPPB) and references
available documentation.

Document Conventions
This guide uses the following conventions:

Note

Caution

Warning

Bold is used for commands, keywords, and buttons.

Italics are used for command input for which you supply values.

Screen font is used for examples of information that are displayed on the screen.

Bold screen font is used for examples of information that you enter.

Vertical bars ( | ) indicate separate alternative, mutually exclusive elements.

Square brackets ( [ ] ) indicate optional elements.

Braces ( {} ) indicate a required choice.

Braces within square brackets ( [{}] ) indicate a required choice within an optional element.

Means reader take note. Notes contain helpful suggestions or references to material not covered in the
guide.

Means reader be careful. In this situation, you might do something that could result in equipment
damage or loss of data.

IMPORTANT SAFETY INSTRUCTIONS


This warning symbol means danger. You are in a situation that could cause bodily injury. Before you
work on any equipment, be aware of the hazards involved with electrical circuitry and be familiar
with standard practices for preventing accidents. Use the statement number provided at the end of
each warning to locate its translation in the translated safety warnings that accompanied this
device.
SAVE THESE INSTRUCTIONS

Cisco 10000 Series Router Quality of Service Configuration Guide

xlii

OL-7433-09

About This Guide

Related Documentation
Each chapter of this guide provides additional documentation you can reference for more information
about specific features.
The Cisco 10000 Series Router Quality of Service Configuration Guide is one of the documents available
for the Cisco series router. Each Cisco 10000 series router document provides specific hardware and
software information to help you integrate and use the router in your network configuration. For a list of
available Cisco 10000 series router documentation, see the following URL:
http://www.cisco.com/en/US/products/hw/routers/ps133/tsd_products_support_series_home.html

Obtaining Documentation and Submitting a Service Request


For information on obtaining documentation, submitting a service request, and gathering additional
information, see the monthly Whats New in Cisco Product Documentation, which also lists all new and
revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the Whats New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed
and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free
service and Cisco currently supports RSS Version 2.0.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

xliii

About This Guide

Cisco 10000 Series Router Quality of Service Configuration Guide

xliv

OL-7433-09

CH A P T E R

Quality of Service Overview


Quality of service (QoS) refers to the ability of a network to provide improved service to selected
network traffic over various underlying technologies including Frame Relay, ATM, Ethernet and
802.1 networks, SONET, and IP-routed networks. The QoS features available on the Cisco 10000 series
router provide the following services:

Congestion management

Congestion control

Traffic policing

Traffic shaping

Ability to handle differential services and queuing requirements

This chapter provides an overview of QoS on the Cisco 10000 series router and includes the following
topics:

Benefits of Quality of Service Features, page 1-2

Restrictions and Limitations for Quality of Service, page 1-2

Modular QoS Command-Line Interface, page 1-2

QoS Management Information Base Support, page 1-4

QoS Implementation Guidelines, page 1-4

QoS Execution on the Router, page 1-4

QoS Configuration on an Interface, page 1-5

QoS Models, page 1-6

QoS Features, Commands, and Changes, page 1-11

Related Documentation, page 1-61

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-1

Chapter 1

Quality of Service Overview

Benefits of Quality of Service Features

Benefits of Quality of Service Features


Quality of service (QoS) features enable you to create differentiated services on your network that you
can use to:

Give preferential treatment to different classes of network traffic

Ensure sufficient bandwidth to meet average network loads

Determine the network response during times of congestion

Classify traffic so that different applications or traffic classes receive treatment in accordance with
defined requirements

Ensure adequate resources are allocated so that the network delivers the performance the customer
requires

Restrictions and Limitations for Quality of Service

The ability to apply a QoS feature to an interface does not imply support for all QoS features on the
interface.

The router does not have a limit on the number of interfaces that can have a QoS policy.

Trunk interfaces require multiple flows to achieve line-rate performance at packet sizes smaller than
250 bytes.

A service-policy should not be attached to an interface that has an IP interface session.

Note

A flow consists of IP packets with the same source and destination addresses.

Modular QoS Command-Line Interface


To configure QoS features, use the modular quality of service command-line interface (MQC).
For Frame Relay, you can configure QoS features using the:

Note

MQC, applied on the physical interface

MQC, applied on point-to-point Frame Relay subinterfaces (Release 12.0(19)SL or later)

Frame Relay QoS command-line interface (CLI)

The router does not support interface-based, legacy QoS commands such as the rate-limit and
traffic-shape interface configuration commands. For information on these commands, see Appendix A,
Configuring Frame Relay QoS Using Frame Relay Legacy Commands
The following apply when you configure QoS on Frame Relay:

When you apply a service policy on the physical interface instead of on the individual subinterfaces,
the aggregate traffic from all PVCs is subject to the service policy. This allows you to apply QoS
policies independently of PVCs.

When you apply a service policy on a Frame Relay point-to-point subinterface, only the subinterface
traffic is subject to the service policy.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-2

OL-7433-09

Chapter 1

Quality of Service Overview


Modular QoS Command-Line Interface

Using the legacy Frame Relay QoS CLI, you can enable Weighted Random Early Detection
(WRED), traffic shaping, fair queuing, and low-latency queuing on a PVC basis.

Using the MQC, you can configure the following elements:

Class mapDefines the criteria by which packets are classified.

Policy mapDefines the actions to be taken on the traffic matching the class map criteria.

Service policyAttaches the service policy to an interface and specifies if the policy is to be applied
to inbound or outbound traffic.

For more information about class maps, policy maps, and service policies, see the following chapters in
this guide:

Chapter 2, Classifying Traffic

Chapter 3, Configuring QoS Policy Actions and Rules

Chapter 4, Attaching Service Policies

Feature History for MQC


Cisco IOS Release

Description

Required PRE

Release 12.0(17)SL

The MQC feature was introduced on the PRE1.

PRE1

Release 12.2(15)BX

This feature was introduced on the PRE2.

PRE2

Release 12.2(28)SB

This feature was integrated in Cisco IOS


Release 12.2(28)SB for the PRE2.

PRE2

Release 12.2(31)SB2

This feature was introduced on the PRE3 and included the PRE3
new qos match statistics command.
Enhancements to the MQC allow you to classify packets
on the L2TP access concentrator (LAC) based upon the IP
type of service (ToS) bits in an embedded IP packet. When
a policer is configured, the router uses the packet
classification to police ingress traffic according to the
DSCP value.

Release 12.2(33)SB

This feature was introduced on the PRE4.

PRE4

QoS CLI Migration from PRE2 to PRE3


The Quality of Service (QoS) Command Line Interface (CLI) Migration from PRE2 to PRE3 feature
provides QoS CLI backward-compatibility between the PRE2 and PRE3, thereby enabling the PRE3 to
accept PRE2-style commands.
The PRE2 uses a proprietary version of the modular QoS CLI, while the PRE3 uses a non-proprietary
CLI. The QoS CLI migration feature enables the PRE3 to parse PRE2-style commands and translate
them to PRE3 commands.
For more information, see the QoS CLI Migration from PRE2 to PRE3, Release 12.2(31)SB2 feature
module.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-3

Chapter 1

Quality of Service Overview

QoS Management Information Base Support

Feature History for QoS CLI Migration from PRE2 to PRE3


Cisco IOS Release

Description

Required PRE

Release 12.2(31)SB2

This feature was introduced.

PRE3

Release 12.2(33)SB

This feature was introduced on the PRE4.

PRE4

QoS Management Information Base Support


The Cisco 10000 series router supports the Cisco Class-Based Quality of Service Management
Information Base (Class-based QoS MIB). This MIB provides read access to QoS configurations and
also provides QoS statistical information based on the modular QoS CLI (MQC), including information
about class map and policy map parameters.
The Class-based QoS MIB is actually two MIBs: CISCO-CLASS-BASED-QOS-MIB and
CISCO-CLASS-BASED-QOS-CAPABILITY-MIB.
To locate MIBs online, use the Cisco Network Management Toolkit for MIBs tool available on
Cisco.com.

QoS Implementation Guidelines


Typically, the business model that you define and the applications you use determine the QoS features
needed to meet your network requirements. Before deciding which QoS features to implement, consider
the following guidelines:

Provide preferential service to customers or applications that cannot tolerate dropped packets during
periods of congestion.

Provide dedicated bandwidth and low-latency queuing to privileged data that cannot tolerate delay.

Share the bandwidth fairly among competing traffic. For example, allocate percentages of a link
bandwidth to the various applications.

Prevent congestion by using congestion control algorithms such as random early detection (RED)
and weighted random early detection (WRED), instead of using the default tail drop mode of
operation.

Police and shape transmission rates to limit and control traffic that exceeds predefined transmission
rate limits.

Identify, set, or modify traffic priorities to provide end-to-end service quality.

QoS Execution on the Router


The Cisco 10000 series router executes the QoS features in the following order:
1.

Fragment reassembly

2.

QoS Policy Propagation through Border Gateway Protocol (QPPB)

3.

Input classification

4.

Input marking

Cisco 10000 Series Router Quality of Service Configuration Guide

1-4

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Configuration on an Interface

5.

Input metering (policing)

6.

Output classification

7.

Output marking

8.

Output metering (policing)

9.

Bandwidth distribution, priority service, traffic shaping, random early detection (RED), and tail
drop

10. Fragmentation

QoS Configuration on an Interface


The QoS service policy attached to an interface tells the Cisco 10000 series router how to handle packets
received on the interface. Service policies consist of:

Classification criteriaDefined in class maps and tell the router how to classify packets received on
the interface.

ActionsDefined in policy maps and tell the router the actions and rules to apply to the packets.

To configure a QoS service policy on an interface, do the following:


Step 1

Create a class map. (See Chapter 2, Classifying Traffic.)

Step 2

Create a policy map. (See Chapter 3, Configuring QoS Policy Actions and Rules.)

Step 3

Attach the service policy to an interface. (See Chapter 4, Attaching Service Policies.)

Figure 1-1 shows the process of QoS configuration on an interface.


Quality of Service Process

Class-map commands
tell the router how to
recognize a packet
that is subject to QoS.

Interface

Packet

Line
Card

Service policy command


applies a class-map
and policy-map to a
specific interface.

Backplane
Packet

Performance
Routing
Engine
Packet

Backplane
Packet

Interface

Line
Card

Policy-map commands
tell the router what
to do with a packet.
For example , drop the
packet or let it through.

Packet

126558

Figure 1-1

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-5

Chapter 1

Quality of Service Overview

QoS Models

QoS Models
This section defines two QoS models with respect to Ether-DSL aggregation, supported on the Cisco
10000 series router. It includes the following topics:

Overview of QoS Models, page 1-6

Configuration Tasks, page 1-8

Configuration Examples, page 1-9

Overview of QoS Models


The E-DSL QoS models are defined based on whether its requirement is generic to all services or
specific to residential or business services.
Generic requirements are common to all subscriber lines regardless of whether they support residential
or business services. Generic requirements per subscriber line include the following:

Avoid indiscriminate loss of traffic downstream at the DSLAM

Minimum assured rate per service or class

Maximum enforced rate per service or class

Ability for one service or class of a particular subscriber to re-use unused bandwidth from another
service or class for the same subscriber.

Business services additionally include the following requirements:

Single point of traffic injection

Enforce a sub modem train rate max (shaped) aggregate rate per subscriber line

Child queuing policy

Analogous to current Layer 3 VPN access QOS services

Residential services additionally include the following requirements:

Support multiple points of traffic injection into the Layer 2 access network

Wholesale bandwidth concept analogous to a virtual path in ATM-DSL

Per session services

Support VLAN aggregation

The two DSLAM model configurations that are supported on Cisco 10000 series router for business and
residential services are:

Model D.2 Definition, page 1-7

Model F Definition, page 1-7

Note

QoS Models D.2 and F are supported on PRE3 and PRE4.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-6

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Models

Model D.2 Definition


This model is equivalent to the ATM-DSL model where shaped virtual circuits (VCs) terminate on an
interface, without shaped virtual paths (VPs). In this model all QoS control is maintained at the
broadband remote access server or network processing engine (BRAS / NPE) and none at the DSLAM.
The traffic to each subscriber line is shaped to less than or equal to the DSLAM modem train rate. This
shaping at the BRAS / NPE accounts for the ATM overhead on the DSLAM-to-CPE link, even though
the downstream interface on the BRAS / NPE is an Ethernet interface.
The subscriber line is represented by individual or groups of IP or Point-to-Point Protocol (PPP)
sessions. The policy for per class policing or marking is applied per PPP or IP session.
The key components of Model D.2 are shown in Figure 1-2.
Figure 1-2

Key Components of Model D.2

Upstream and downstream


per subs/session per class:
1 rate 2 color policer
Treated as any other
trunk network:
Could use per class
PQ+CBQ, or
overprovision

No QOS supported

BRAS

PE-AGG / UPE

E-DSLAM

270995

Downstream per
subscriber line:
shape/min bw
per class PQ +
CBQ+ WRED

CPE

bw = bandwidth
PQ = Priority Queue
CBQ = Class Based Queue
WRED = Weighted Random Early Detection

Model F Definition
This model is functionally equivalent to the ATM model with shaped virtual paths (VPs) and shaped
virtual circuits (VCs). Similar to the Model D.2, this model has all QOS control at the broadband remote
access server or network processing engine (BRAS / NPE) and none at the DSLAM.
The traffic to a group of subscriber lines is shaped to a defined rate, equivalent to a virtual path in ATM.
In the case of residential services, a group of subscribers is represented by a VLAN, and for business
services a group of subscribers is represented by the outer 802.1q tag.
The traffic to individual subscriber lines is shaped to less than or equal to the DSLAM modem train rate.
The subscriber line for business services is identified by the inner and outer 802.1q tag. The subscriber
line is represented by individual or groups of IP or PPP sessions.
QoS Model F requires 3 levels of shaping, queuing and scheduling Subinterface / Session / Class
queues.
The key components of Model F are shown in Figure 1-3.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-7

Chapter 1

Quality of Service Overview

QoS Models

Figure 1-3

Key Components of Model F

ISP aggregate:
shape/min bw

Treated as any other


trunk network:
Could use per class
PQ+CBQ, or
overprovision

Downstream per
subscriber line:
shape/min bw
per class PQ+CBQ

Upstream and
downstream per ISP
aggregate per class:
police

No QOS supported

270996

Upstream and downstream,


per session per class:
1 rate 2 color policer

BRAS/NPE

PE-AGG/UPE

E-DSLAM

CPE

Configuration Tasks
Model D.2 supports two types of configurations:

Configuration on subinterfaces consists of hierarchical policy-maps attached to QinQ


subinterfaces, as shown in Example 1-1.

Configuration on IP or PPP sessions consists of hierarchical queuing policy-maps on IP or PPP


sessions, as shown in Example 1-2.

Configuration Steps on Subinterfaces for QoS Model D.2


To configure subinterfaces for QoS Model D.2 follow the steps given below:
Step 1

Discover the GigabitEthernet (GE) interface.

Step 2

Create subinterfaces on the GE interface.

Step 3

Apply policy-map to Subint 1.

Step 4

Apply policy-may to Subint 2.

Configuration Steps on Sessions for QoS Model D.2


To configure sessions for QoS Model D.2 follow the steps given below:
Step 1

Discover the GE interface.

Step 2

Create sessions on the GE interface.

Step 3

Apply policy-map to session S1.

Step 4

Apply policy-map to session S2.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-8

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Models

Model F supports multiple IP and/or PPP sessions per subscriber line with shaping occurring at the
subscriber line level, by using the line ID information present in DHCP option 82 and the PPP tag.
Shaping sessions with a common line ID effects traffic shaping for a particular subscriber line. See
Example 1-3 for more configuration information.
Model F configuration requires three levels of shaping/queuing hierarchy on the BRAS or NPE at the
Subinterface, Session and Class levels.

Configuration Steps for QoS Model F


To configure QoS Model F follow the steps given below:
Step 1

Discover the GE interface.

Step 2

Create subinterface1 on the GE interface.

Step 3

Apply isp_A shape policy to subinterface1.

Step 4

Create sessions on subinterface 1.

Step 5

Apply session-parent policy-map to session S1 belonging to subinterface1

Configuration Examples
An example of Model D.2 subinterface configuration is described in Example 1-1.
Example 1-1

Configuring Model D.2 Subinterface Configuration

Policy business-A-child
class voip
priority level 1
police <rate> <nb>
set cos <cos>
class video
priority level 2
police <rate> <nb>
set cos <cos>
class gaming
bandwidth remaining ratio <i> [account qinq aalx xxx]
set cos <cos>
class class-default
bandwidth remaining ratio <j> [account qinq aalx xxx]
set cos <cos>
Policy company-A-parent
class class-default
bandwidth remaining ratio <number> [account qinq aalx xxx]
shape average <cir> <nb> [account qinq aalx xxx]
service policy business-A-child

interface GigabitEthernet1/0/0.n
description Company A
encapsulation dot1q 1 second-dot1q n
service-policy output company-A-parent
interface GigabitEthernet1/0/0.m
description Company B
encapsulation dot1q 1 second-dot1q m
service-policy output company-B-parent

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-9

Chapter 1

Quality of Service Overview

QoS Models

An example of Model D.2 session configuration is described in Example 1-2.


Example 1-2

Model D.2 Session Configuration

Policy session-A-child
class voip
priority level 1
police <rate> <nb>
set cos <cos>
class video
priority level 2
police <rate> <nb>
set cos <cos>
class gaming
bandwidth remaining ratio <i> [account xxx aalx xxx]
set cos <cos>
class class-default
bandwidth remaining ratio <j> [account xxx aalx xxx]
set cos <cos>
Policy session-A-parent
bandwidth remaining ratio <number> [account xxx aalx xxx]
shape average <cir> <nb> [account xxx aalx xxx]
service policy session-A-child
Session-N-parent policy-maps attached to PPP/IP sessions via Radius or via a
Virtual-Template

An example of Model F configuration is described in Example 1-3.


Example 1-3

QoS Model F Configuration

Policy session-N-child
class voip
priority level 1
police <rate> <nb>
set cos <cos>
class video
priority level 2
police <rate> <nb>
set cos <cos>
class gaming
bandwidth remaining ratio <i> [account xxx aalx xxx]
set cos <cos>
class class-default
bandwidth remaining ratio <j> [account xxx aalx xxx]
set cos <cos>
Policy session-N-parent
class class-default
bandwidth remaining ratio <number> [account xxx aalx xxx]
shape average <cir> <nb> [account xxx aalx xxx]
service-policy session-N-child
Policy isp_A
class class-default
shape average
interface GigabitEthernet1/0/0.1
encapsulation dot1q 1
service-policy output isp_A

Cisco 10000 Series Router Quality of Service Configuration Guide

1-10

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Or
interface GigabitEthernet1/0/0.1
encapsulation dot1q 1 second-dot1q any
service-policy output isp_A
Session-N-parent policy-maps attached to PPP/IP sessions via Radius or via
Virtual-Templates.

QoS Features, Commands, and Changes


This section describes the QoS features and commands supported on the Cisco 10000 series router, and
lists feature and command changes. It includes the following topics:

Applying QoS Parameters Dynamically to Sessions, page 1-12

Applying Traffic Shaping Parameters Using RADIUS Profiles, page 1-12

Attaching QoS Service Policies, page 1-13

Classifying Traffic, page 1-15

Configuring QoS for MPLS Traffic, page 1-18

Control Plane Policing, page 1-19

Controlling Packet Queue Congestion, page 1-21

Distributing Bandwidth Between Queues, page 1-25

Dynamically Changing VC Weight and Watermark Values, page 1-26

Hierarchical Queuing Framework, page 1-27

Hierarchical Policies, page 1-27

IP Quality of Service for Subscribers, page 1-29

Layer 2 Access Concentrator, page 1-30

Link Fragmentation and Interleaving, page 1-31

Marking Traffic, page 1-36

Modular QoS Command Line Interface, page 1-39

Overhead Accounting, page 1-39

Oversubscribing Physical and Virtual Links, page 1-41

Policing Traffic, page 1-44

Prioritizing Traffic, page 1-48

PVC Bundles, page 1-50

QoS Policy Maps, page 1-53

Qos Policy Propagation through the Border Gateway Protocol, page 1-55

Shaping PPPoE Over VLAN Sessions Using RADIUS, page 1-55

Shaping Traffic, page 1-55

Sharing Bandwidth Fairly During Congestion, page 1-59

Simultaneous Policy Maps, page 1-60

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-11

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

VLAN Tag-Based Quality of Service, page 1-60

Applying QoS Parameters Dynamically to Sessions


Documentation Reference: Chapter 18, Regulating and Shaping Subscriber Traffic
Cisco IOS Release: Release 12.3(7)XI2
Description: The Define Interface Policy-Map AV Pairs AAA feature was introduced on the PRE2 to
provide two RADIUS vendor-specific attributes (VSAs): cisco-avpair = atm:vc-qos-policy-in=<in
policy name> and cisco-avpair = atm:vc-qos-policy-out=<out policy name>. These VSAs allow you
to apply (pull) a policy map on an ATM virtual circuit (VC) during Point-to-Point Protocol over ATM
(PPPoA) or PPP over Ethernet over ATM (PPPoEoA) session establishment.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB and enhanced to provide
push functionality.

Applying Traffic Shaping Parameters Using RADIUS Profiles


Documentation Reference: Chapter 17, Configuring Dynamic Subscriber Services

dbs enable Command, page 1-12

default dbs enable Command, page 1-12

Dynamic Bandwidth Selection Feature, page 1-13

dbs enable Command


Cisco IOS Release: Release 12.2(16)BX
Description: The dbs enable command was introduced on the PRE2 to enable dynamic bandwidth
selection.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.

default dbs enable Command


Cisco IOS Release: Release 12.2(16)BX
Description: The default dbs enable command was introduced on the PRE2 to remove the dbs enable
or no dbs enable command from an existing configuration.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-12

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Dynamic Bandwidth Selection Feature


Cisco IOS Release: Release 12.2(16)BX
Description: The Dynamic Bandwidth Selection (DBS) feature was introduced on the PRE2 to
dynamically change ATM traffic shaping parameters based on a subscribers RADIUS profile. This
feature is also known as Per User QoS Using AAA Policy Name.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.

Attaching QoS Service Policies


Documentation Reference: Chapter 4, Attaching Service Policies

service-policy Command, page 1-13

Attaching ATM QoS Service Policies, page 1-14

Attaching Frame Relay QoS Service Policies, page 1-14

Attaching LAC QoS Service Policies, page 1-15

Attaching Virtual LAN QoS Service Policies, page 1-15

Attaching Virtual Access Interface QoS Service Policies, page 1-15

service-policy Command
Cisco IOS Release: Release 12.0(17)SL
Description: The service-policy command was introduced on the PRE1 to attach a policy map that the
router can use to apply QoS services to inbound and outbound packets.
Cisco IOS Release: Release 12.2(15)BX
Description: This command was introduced on the PRE2.
Cisco IOS Release: Release 12.3(7)XI2
Description: This command was enhanced on the PRE2 to allow you to attach a policy map to a range
of PVCs, and to a specific PVC within the PVC range.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-13

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Attaching ATM QoS Service Policies


Cisco IOS Release: Release 12.0(17)SL
Description: The ATM QoS service policies feature was introduced on the PRE1 to enable you to attach
QoS policies to ATM interfaces, subinterfaces, and permanent virtual circuits (PVCs).
Cisco IOS Release: Release 12.0(22)S
Description: This feature was ported to the S train.
Cisco IOS Release: Release 12.2(15)BX
Description: This feature was introduced on the PRE2.
Cisco IOS Release: Release 12.3(7)XI2
Description: This feature was enhanced on the PRE2 to enable you to attach QoS policies to a range of
PVCs and to a specific PVC within the PVC range.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3.

Attaching Frame Relay QoS Service Policies


Cisco IOS Release: Release 12.0(23)SX
Description: The Frame Relay QoS service policies feature was introduced on the PRE1 to enable you
to attach QoS policies to Frame Relay interfaces, subinterfaces, and data-link connection identifiers
(DLCIs).
Cisco IOS Release: Release 12.0(25)S
Description: This feature was ported to the S train.
Cisco IOS Release: Release 12.2(16)BX
Description: This feature was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-14

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Attaching LAC QoS Service Policies


Cisco IOS Release: Release 12.3(7)XI3
Description: The LAC QoS feature was introduced on the PRE2 to enable you to attach QoS service
policies to ATM virtual circuits (VCs) on the Layer 2 Access Concentrator (LAC).

Attaching Virtual LAN QoS Service Policies


Cisco IOS Release: Release 12.2(15)BX
Description: The virtual LAN (VLAN) QoS service policies feature was introduced on the PRE2 to
enable you to attach QoS policies to a physical Ethernet interface, an individual VLAN subinterface, or
to both the physical interface and one or more VLAN subinterfaces.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.

Attaching Virtual Access Interface QoS Service Policies


Cisco IOS Release: Release 12.2(15)BX
Description: The virtual access interface (VAI) QoS service policies feature was introduced on the
PRE2 to enable you to apply virtual template interfaces with QoS policies to VCs. When the router
creates the VAI for a session, the router applies the QoS policies to the VAI.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.

Classifying Traffic
Documentation Reference: Chapter 2, Classifying Traffic

class-map Command, page 1-15

match Commands, page 1-16

Class Map Feature, page 1-18

class-map Command
Cisco IOS Release: Release 12.0(17)SL
Description: The class-map command was introduced on the PRE1 to enable you to configure a
classification policy for traffic classes.
Cisco IOS Release: Release 12.2(15)BX
Description: This command was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-15

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(31)SB2


Description: This command was introduced on the PRE3.
Enhancements to the modular quality of service CLI (MQC) allow you to classify packets on the L2TP
access concentrator (LAC) based upon the IP type of service (ToS) bits in an embedded IP packet. The
classification is used to police ingress traffic according to the DSCP value.
Cisco IOS Release: Release 12.2(33)SB
Description: This command was introduced on the PRE4.

match Commands
Cisco IOS Release: Release 12.0(17)SL
Description: The match command was introduced on the PRE1 to enable you to define the following
match criteria for a class map:

match-all CommandIndicates that a packet must match all of the match criteria specified.

match-any CommandIndicates that a packet must match only one of the match criteria specified.

match access-group CommandIndicates that a packet must match one of the predefined access
control list (ACL) statements.

match input-interface CommandIndicates that the input interface on which the packet arrives
must match the value you set using the set input-interface command.

match ip dscp CommandIndicates that the IP DSCP value of the packet must match the value you
set using the set ip dscp command.

match ip precedence CommandIndicates that the IP precedence value of the packet must match
the value you set using the set ip precedence command.

match ip rtp CommandIndicates that the IP Real-Time Transport Protocol (RTP) value of the
packet must match the value you set using the set ip rtp command.

match qos-group CommandIndicates that the QoS group value of the packet must match the
value you set using the set qos-group command.

match not CommandIndicates that the packet must not match the criteria you set. You can use
the match not command with any match criteria.
For example, to classify packets that do not have a specific class of service value, enter the
match not cos command in the appropriate class map as a match criterion. The router classifies a
packet when the CoS value of the packet does not match the value you set using the set cos
command.

Cisco IOS Release: Release 12.0(22)S


Description: This command was enhanced to enable you to match the MPLS experimental (EXP) bit
value of the class. If you specify the match mpls experimental command, the router classifies a packet
when the MPLS EXP value of the packet matches the value you set using the set mpls experimental
command. The match mpls experimental command is available only on the PRE1.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-16

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(15)BX


Description: This command was enhanced to enable you to match on the class of service of a packet.
When you specify the match cos command, packets that match the value you set using the set cos
command are assigned to the associated traffic class. The match cos command is available only on the
PRE2.
Cisco IOS Release: Release 12.2(16)BX
Description: This command was enhanced on the PRE2 to enable you to match the experimental (EXP)
value in the topmost label of the packet. The match mpls experimental topmost command is available
only on the PRE2.

Note

The router does not support the set mpls experimental topmost command.

Cisco IOS Release: Release 12.3(7)XI


Description: This command was enhanced on the PRE2 to enable you to match the MPLS experimental
(EXP) bit value on the imposed label entry of the packet. When you specify the match mpls
experimental imposition command, the router classifies a packet when the MPLS EXP value on the
imposed label entry of the packet matches the value you set using the set mpls experimental imposition
command. This command is available only on the PRE2.
The match command was also enhanced to enable you to match the discard value of the class. The
discard value indicates the drop eligibility of a packet. When you specify the match discard-class
command, the router classifies a packet when the discard value of the packet matches the value you set
using the set discard-class command. The match discard-class command is available only on the
PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: The match commands were integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3 to enable you to match on the class of service
of a packet. When you specify the match cos command, packets that match the value you set using the
set cos command are assigned to the associated traffic class. The match cos command is available on
the PRE2 and PRE3.
Enhancements to the modular quality of service CLI (MQC) allow you to classify packets on the L2TP
access concentrator (LAC) based upon the IP type of service (ToS) bits in an embedded IP packet. The
classification is used to police ingress traffic according to the DSCP value.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-17

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(33)SB


Description: This command was enhanced to enable you to match the Frame Relay discard eligibility
(DE) bit value, and was implemented on the PRE2, PRE3, and PRE4.

Class Map Feature


Cisco IOS Release: Release 12.0(17)SL
Description: The class map feature was introduced on the PRE1 to enable you to create and modify a
classification policy for traffic classes.
Cisco IOS Release: Release 12.2(15)BX
Description: This feature was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3.
Enhancements to the modular quality of service CLI (MQC) allow you to classify packets on the L2TP
access concentrator (LAC) based upon the IP type of service (ToS) bits in an embedded IP packet. The
classification is used to police ingress traffic according to the DSCP value.
Cisco IOS Release: Release 12.2(33)SB
Description: This feature was introduced on the PRE4.

Configuring QoS for MPLS Traffic


Documentation Reference: Chapter 20, Configuring Quality of Service for MPLS Traffic

MPLS CoS Multi-VC Mode, page 1-18

MPLS QoS Feature, page 1-19

MPLS Traffic EngineeringDiffServ Aware Feature, page 1-19

MPLS CoS Multi-VC Mode


Cisco IOS Release: Release 12.0(17)S
Description: The MPLS CoS Multi-VC Mode feature was introduced on the PRE1 to enable you to map
the experimental (EXP) field values of an MPLS label to an ATM VC, creating sets of labeled virtual
circuits (LVCs) to provide varying levels of QoS services for different types of traffic in an MPLS
network.
Cisco IOS Release: Release 12.2(16)BX
Description: This feature was introduced on the PRE2.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-18

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(28)SB


Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.

MPLS QoS Feature


Cisco IOS Release: Release 12.0(19)SL
Description: The MPLS QoS feature was introduced on the PRE1 to provide varying levels of QoS
services for different types of traffic in an MPLS network.
Cisco IOS Release: Release 12.0(22)S
Description: This feature was enhanced to allow classification and marking based on the MPLS
experimental (EXP) field.
Cisco IOS Release: Release 12.2(16)BX
Description: This feature was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.

MPLS Traffic EngineeringDiffServ Aware Feature


Cisco IOS Release: Release 12.3(7)XI
Description: The MPLS Traffic EngineeringDiffServ Aware (DS-TE) feature was introduced on the
PRE2 to provide stricter quality of service (QoS) guarantees.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3.

Control Plane Policing


Documentation Reference: Control Plane PolicingPlatform Enhancement, Release 12.2(33)SB
feature guide

Divert Cause Policer, page 1-19

Control Plane PolicingPlatform Enhancement, page 1-20

Divert Cause Policer


Cisco IOS Release: Release 12.2(31)SB
Description: The Divert Cause Policer was introduced on the PRE3.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-19

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(33)SB


Description: This feature was enhanced on the PRE3 and introduced on the PRE4 to enable you to
configure the rate and burst size of the divert cause policer. See the Control Plane PolicingPlatform
Enhancement feature.

Control Plane PolicingPlatform Enhancement


Cisco IOS Release: Release 12.2(33)SB
Description: The Control Plane PolicingPlatform Enhancement feature was introduced on the PRE3
and PRE4 and included:

User-Level Punt Monitoring, page 1-20

Configurable Rate and Burst Size for the Divert Cause Policer, page 1-20

Drop Alarms for Packet Drops by the To-RP Queues and Divert Cause Policer, page 1-20

User-Level Punt Monitoring


Cisco IOS Release: Release 12.2(33)SB
Description: The User-Level Punt Monitoring feature was introduced on the PRE3 and PRE4 to prevent
a denial of service (DoS) attack. Using this feature, you can monitor individual users and display
statistical information about traffic that the PXF engine sends (punts) to the route processor (RP).

Configurable Rate and Burst Size for the Divert Cause Policer
Cisco IOS Release: Release 12.2(33)SB
Description: The Configurable Rate and Burst Size for the Divert Cause Policer feature was introduced
on the PRE3 and PRE4 to configure the rate and burst size of the divert cause policer.

Drop Alarms for Packet Drops by the To-RP Queues and Divert Cause Policer
Cisco IOS Release: Release 12.2(33)SB
Description: The Drop Alarms for Packet Drops by the To-RP Queues and Divert Cause Policer feature
was introduced on the PRE3 and PRE4 to monitor possible DoS attacks by sending warning messages
(alarms) to the console and the syslog log file to alert you when a change in drop activities occurs, such
as packet drops due to congestion in the To-RP queues or due to aggregated traffic that violates the divert
cause policer.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-20

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Controlling Packet Queue Congestion


Documentation Reference: Chapter 11, Managing Packet Queue Congestion

queue-limit Command, page 1-21

random-detect Command, page 1-22

random-detect basis Command, page 1-23

show pxf cpu queue interface summary, page 1-23

Tail Drop Feature, page 1-23

Random Early Detection Feature, page 1-24

Weighted Random Early Detection Feature, page 1-24

queue-limit Command
Cisco IOS Release: Release 12.0(17)SL
Description: The queue-limit command was introduced on the PRE1 to allow you to specify or modify
the maximum number of packets that a particular class queue can hold.
Cisco IOS Release: Release 12.0(25)SX
Description: This command was enhanced on the PRE1 to allow you to simultaneously configure both
the queue-limit and random-detect commands in the same class of a policy map.
Cisco IOS Release: Release 12.2(16)BX
Description: This command was introduced on the PRE2 without the ability to simultaneously
configure the random-detect command and the queue-limit command for the same class queue.
Cisco IOS Release: Release 12.3(7)XI
Description: This command was enhanced on the PRE2 to allow you to simultaneously configure both
the queue-limit and random-detect commands in the same class of a policy map.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-21

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

random-detect Command
Cisco IOS Release: Release 12.0(17)SL
Description: The random-detect command was introduced on the PRE1 to configure a random early
detection drop policy for a traffic class that includes a bandwidth guarantee. The command allows you
to configure a drop policy based on IP precedence. An exponential-weight-constant option allows you
to change the default method random-detect uses to calculate the average queue size.
Cisco IOS Release: Release 12.0(21)ST
Description: This command was enhanced to support the MPLS experimental (EXP) field.
Cisco IOS Release: Release 12.0(22)S
Description: This command was enhanced to allow you to configure a drop policy based on a
differentiated services code point (DSCP).
Cisco IOS Release: Release 12.0(25)SX
Description: This command was enhanced to allow you to simultaneously configure the random-detect
command and the queue-limit command for the same class queue.
Cisco IOS Release: Release 12.2(16)BX
Description: This command was introduced on the PRE2.
Cisco IOS Release: Release 12.3(7)XI
Description: This command was enhanced on the PRE2 to:

Enable the configuration of eight unique drop precedence levels for one queue instead of four levels

Allow the simultaneous configuration of both the random-detect and queue-limit commands for a
class queue

Support discard-class-based WRED

Maintain separate WRED drop statistics for each IP precedence, discard-class, and DSCP value

Cisco IOS Release: Release 12.2(28)SB


Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.
Cisco IOS Release: Release 12.2(33)SB
Description: This command was enhanced to support the atm-clp clp-value option and implemented on
the PRE2, PRE3, and PRE4. This option allows you to specify a number that indicates the drop eligibility
of a packet based on the ATM CLP bit. Valid values are 0 or 1.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-22

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

random-detect basis Command


Cisco IOS Release: Release 12.0(17)SL
Description: The random-detect basis command was introduced on the PRE1 with the dscp-based and
prec-based options to enable a weighted random early detection (WRED) drop policy based on a DSCP
value or IP precedence level.
Cisco IOS Release: Release 12.2(16)BX
Description: This command was introduced on the PRE2.
Cisco IOS Release: Release 12.3(7)XI
Description: This command was enhanced to enable a drop policy based on a discard-class value. The
discard-class-based option is available only on the PRE2 for Cisco IOS Release 12.3XI images.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB with the dscp-based,
prec-based, and discard-class-based options.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3 with the dscp-based, prec-based, and
discard-class-based options.
Cisco IOS Release: Release 12.2(33)SB
Description: This command was enhanced to include the atm-clp-based option and implemented on the
PRE2, PRE3, and PRE4.

show pxf cpu queue interface summary


Cisco IOS Release: Release 12.2(33)SB
Description: The show pxf cpu queue interface summary command was modified to display only the
physical interface and the number of logical links, and implemented on the PRE3 and PRE4. The output
of the command no longer displays the number of priority queues, class queues and so on.

Tail Drop Feature


Cisco IOS Release: Release 12.0(17)SL
Description: The tail drop feature was introduced on the PRE1 to allow you to manage congestion of a
queue. When a queue reaches its configured queue limit, tail drop activates and drops packets. Tail drop
continues to drop packets until the queue is no longer full. Tail drop is the default mechanism used to
control congestion.
Cisco IOS Release: Release 12.2(16)BX
Description: This feature was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-23

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(31)SB2


Description: This feature was introduced on the PRE3.

Random Early Detection Feature


Cisco IOS Release: 12.0(17)SL
Description: The random early detection (RED) feature was introduced on the PRE1 to enable the
configuration of a packet drop policy. RED is a mechanism that is used to control congestion by
randomly discarding packets before a queue reaches its queue limit.
Cisco IOS Release: Release 12.0(22)S
Description: This feature was enhanced to include RED based on a differentiated services code point
(DSCP). For the PRE1, DSCP-based RED supports one default drop profile per class, three assured
forwarding (AF) drop profiles per class, and four non-AF drop profiles per policy map.
Cisco IOS Release: Release 12.0(25)SX
Description: This feature was enhanced to allow you to simultaneously configure a packet drop policy
for a class queue (using the random-detect command) and the size of the class queue (using the
queue-limit command).
Cisco IOS Release: Release 12.2(16)BX
Description: This feature was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3.

Weighted Random Early Detection Feature


Cisco IOS Release: Release 12.0(17)SL
Description: The weighted random early detection (WRED) feature was introduced on the PRE1 to
provide preferential handling of higher priority packets. WRED allows drop policies based on a
differentiated services code point (DSCP) and IP precedence levels.
Cisco IOS Release: Release 12.0(22)S
Description: This feature was enhanced to include WRED based on a differentiated services code point
(DSCP).
Cisco IOS Release: Release 12.0(25)SX
Description: This feature was enhanced to allow you to simultaneously configure a packet drop policy
for a class queue (using the random-detect command) and the size of the class queue (using the
queue-limit command).

Cisco 10000 Series Router Quality of Service Configuration Guide

1-24

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(16)BX


Description: This feature was introduced on the PRE2.
Cisco IOS Release: Release 12.3(7)XI
Description: This feature was enhanced on the PRE2 to:

Enable the configuration of eight unique drop precedence levels for one queue instead of four levels

Allow the simultaneous configuration of both the random-detect and queue-limit commands for a
class queue

Support discard-class-based WRED

Maintain separate WRED drop statistics for each IP precedence, discard-class, and DSCP value

Cisco IOS Release: Release 12.2(28)SB


Description: This feature was integrated in Cisco IOS Release 12.2(28)SB on the PRE2.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3. It provides DiffServ-compliant WRED and uses
per-packet RED.
Cisco IOS Release: Release 12.2(33)SB
Description: ATM cell loss priority-based WRED was introduced on the PRE3 and PRE4 to configure
a drop policy for WRED based on the CLP value.

Distributing Bandwidth Between Queues


Documentation Reference: Chapter 5, Distributing Bandwidth Between Queues

bandwidth Command, page 1-25

bandwidth remaining ratio Command, page 1-26

Distribution of Remaining Bandwidth Using Ratio, page 1-26

bandwidth Command
Cisco IOS Release: Release 12.0(17)SL
Description: The bandwidth command was introduced on the PRE1 to enable bandwidth fair queuing
and to create multiple class queues based on bandwidth.
Cisco IOS Release: Release 12.0(22)S
Description: This command was enhanced to include the percent option.
Cisco IOS Release: Release 12.0(23)SX
Description: This command was enhanced to include the remaining percent option.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-25

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(15)BX


Description: This command was introduced on the PRE2 and included the kilobits per second (kbps),
percent, and remaining percent options.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3.
Cisco IOS Release: Release 12.2(31)SB6
Description: This command supports per-session shaping and queuing on a L2TP Network Server
(LNS) on the PRE3.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was enhanced to support overhead accounting.
Cisco IOS Release: Release 12.2(33)SB
Description: This command was enhanced to support a user-defined offset, which the router uses when
calculating overhead.

bandwidth remaining ratio Command


Cisco IOS Release: Release 12.2(31)SB2
Description: The bandwidth remaining ratio command was introduced on the PRE3.

Distribution of Remaining Bandwidth Using Ratio


Cisco IOS Release: Release 12.2(31)SB2
Description: The distribution of remaining bandwidth using ratio feature was introduced on the PRE3
to allow you to prioritize subscriber traffic during periods of congestion. A bandwidth-remaining ratio
is used to influence how the router allocates excess bandwidth (unused by priority traffic) to a class of
non-priority traffic.

Dynamically Changing VC Weight and Watermark Values


Documentation Reference: Chapter 17, Configuring Dynamic Subscriber Services
Cisco IOS Release: Release 12.3(7)XI7
Description: The DBS ExtensionsVC Weight and Watermarks feature was introduced on the PRE2 to
enable you to modify existing VC weight and watermark values without tearing down and recreating the
VC.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-26

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Hierarchical Queuing Framework


Documentation Reference: Chapter 22, Hierarchical Scheduling and Queuing

Hierarchical Queuing Framework Feature, page 1-27

MQC Hierarchical Queuing with 3 Level Scheduler, page 1-27

, page 1-27

Hierarchical Queuing Framework Feature


Cisco IOS Release: Release 12.2(31)SB2
Description: The Hierarchical Queuing Framework (HQF) feature was introduced on the PRE3 to define
a QoS architecture for implementing hierarchical packet scheduling and queuing. The HQF enables
service providers to manage their QoS at three layers of hierarchy: physical, logical, and class.

MQC Hierarchical Queuing with 3 Level Scheduler


Cisco IOS Release: Release 12.2(31)SB2
Description: The MQC Hierarchical Queuing with 3 Level Scheduler feature provides a flexible packet
scheduling and queuing system in which you can specify how excess bandwidth is to be allocated among
the subscriber queues and logical interfaces. Rather than allocating an implicit minimum bandwidth
guarantee to each queue, the three-level scheduler uses the bandwidth-remaining ratio parameter to
allocate unused bandwidth to each logical queue.

Hierarchical Policies
Documentation Reference: Chapter 13, Defining QoS for Multiple Policy Levels

Nested Hierarchical Policies, page 1-27

Three-Level Hierarchical Policies, page 1-28

Hierarchical Input Policing, page 1-28

Nested Hierarchical Policies


Cisco IOS Release: Release 12.0(22)S
Description: The nested hierarchical policies feature was introduced on the PRE1. This feature defines
a minimum bandwidth for the multiple classes and a combined maximum bandwidth for the classes. This
feature supports two-level hierarchical policies.
Cisco IOS Release: Release 12.2(16)BX
Description: This feature was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-27

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(31)SB2


Description: This feature was introduced on the PRE3.

Three-Level Hierarchical Policies


Cisco IOS Release: Release 12.0(25)SX
Description: The nested hierarchical policies feature was enhanced on the PRE1 to support three-level
hierarchical policies.
Cisco IOS Release: Release 12.3(7)XI
Description: The nested hierarchical policies feature was enhanced on the PRE2 to support three-level
hierarchical policies.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3.

Hierarchical Input Policing


Cisco IOS Release: Release 12.2(28)SB
Description: The hierarchical input policing feature was introduced on the PRE2 to define up to two
levels of hierarchy for inbound traffic only.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-28

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

IP Quality of Service for Subscribers


Documentation Reference: Chapter 18, Regulating and Shaping Subscriber Traffic

MQC Support for IP Sessions, page 1-29

Per-Session Shaping for ATM Interfaces, page 1-29

Per Session Rate Limiting, page 1-29

Per User Multiservice Rate Limiting, page 1-29

Per Session Service Policy Using RADIUS, page 1-30

Per Session Shaping and Queuing on LNS, page 1-30

PPP Session Queuing on ATM VCs, page 1-30

MQC Support for IP Sessions


Cisco IOS Release: Release 12.2(33)SB
Description: The Modular QoS CLI (MQC) Support for IP Sessions feature was introduced on the
PRE2, PRE3, and PRE4 to support per-user QoS on IP sessions. Using this feature, you can configure
queuing and non-queuing features on IP sessions, either locally on the router or remotely using a
authentication, authorization, and accounting (AAA) server such as RADIUS.

Per-Session Shaping for ATM Interfaces


Cisco IOS Release: Release 12.2(33)SB
Description: The Per-Session Shaping for ATM Interfaces feature enables the router to shape session
traffic on L2TP network server (LNS) outbound ATM interfaces. Using this feature, you can apply a
hierarchical QoS policy to an ATM interface and manage the traffic belonging to a session.

Per Session Rate Limiting


Cisco IOS Release: Release 12.2(16)BX
Description: The per session rate limiting feature was introduced on the PRE2 to control the maximum
rate of traffic sent or received on an interface for a session.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.

Per User Multiservice Rate Limiting


Cisco IOS Release: Release 12.2(16)BX
Description: The per user multiservice rate limiting feature was introduced on the PRE2 to control the
maximum rate of traffic for each user behind a multiservice subscriber.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-29

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Per Session Service Policy Using RADIUS


Cisco IOS Release: Release 12.2(16)BX
Description: The per session service policy using RADIUS feature was introduced on the PRE2 to
enable a subscriber management server (SMS), typically a RADIUS server, to dynamically change the
traffic policing parameters for a user session.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.

Per Session Shaping and Queuing on LNS


Cisco IOS Release: Release 12.2(31)SB6
Description: The Per Session Shaping and Queuing on LNS feature was introduced on the PRE3 to
shape or queue traffic from an ISP to a subscriber as it traverses over an LNS.

PPP Session Queuing on ATM VCs


Cisco IOS Release: Release 12.2(31)SB6
Description: The PPP Session Queuing on ATM VCs feature was introduced on the PRE3 to enable you
to shape and queue PPP over ATM (PPPoA) and PPP over Ethernet over ATM (PPPoEoA) sessions to a
user specified rate.

Layer 2 Access Concentrator


Documentation References: Chapter 2, Classifying Traffic, Chapter 4, Attaching Service Policies,
Chapter 6, Policing Traffic, Chapter 7, Marking Traffic

Classification, Policing, and Marking on the LAC, page 1-30

LAC QoS, page 1-30

Classification, Policing, and Marking on the LAC


Cisco IOS Release: Release 12.2(31)SB2
Description: The classification, policing, and marking on the LAC feature was introduced on the PRE2
and PRE3 to allow you to configure class maps and policy maps with policers on the LAC.

LAC QoS
Cisco IOS Release: Release 12.2(31)SB3
Description: The show pxf cpu queue atm command displays dropped and dequeued packets for
classes associated with sessions that inherit queues from VCs.
Cisco IOS Release: Release 12.3(7)XI3
Description: The LAC QoS feature was introduced on the PRE2 to allow you to attach QoS service
policies to ATM VCs on the on the Layer 2 Access Concentrator (LAC).

Cisco 10000 Series Router Quality of Service Configuration Guide

1-30

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Link Fragmentation and Interleaving


Documentation Reference: Chapter 16, Fragmenting and Interleaving Real-Time and Nonreal-Time
Packets

interface multilink Command, page 1-31

multilink group Command, page 1-31

ppp multilink Command, page 1-32

ppp multilink fragment-delay Command, page 1-32

ppp multilink fragmentation Command, page 1-33

ppp multilink fragment disable Command, page 1-33

ppp multilink group Command, page 1-33

ppp multilink interleave Command, page 1-34

MLP Over ATM-Based LFI Feature, page 1-34

Multi-VC MLP Over ATM-Based LFI Feature, page 1-34

MLP Over Frame Relay-Based LFI Feature, page 1-35

Multi-VC MLP Over ATM-Based LFI Feature, page 1-34

FRF.12 Fragmentation Feature, page 1-35

interface multilink Command


Cisco IOS Release: Release 12.0
Description: The interface multilink command was introduced on the PRE1 to create and configure a
MLP bundle.
Cisco IOS Release: Release 12.2(16)BX
Description: This command was introduced on the PRE2 and provides a multilink interface range of 1
to 9999.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3 and the valid interface values for MLP over
serial and multi-VC MLP over ATM changed from 1 to 9999 (Release 12.2(28)SB) to from 1 to 9999
and 65,536 to 2,147,483,647.

multilink group Command


Cisco IOS Release: Release 12.0(23)SX
Description: The multilink group command was introduced on the PRE1 to assign a physical link to a
multilink group.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-31

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2


Description: This command was changed to ppp multilink group on the PRE2 to restrict a physical
link to joining only a designated multilink group interface. The multilink-group command is accepted
by the command line interpreter through Cisco IOS Release 12.2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

ppp multilink Command


Cisco IOS Release: Release 12.0(23)SX
Description: The ppp multilink command was introduced on the PRE1 to enable Multilink PPP (MLP)
on an interface.
Cisco IOS Release: Release 12.2(16)BX
Description: This command was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

ppp multilink fragment-delay Command


Cisco IOS Release: Release 12.0(23)SX
Description: The ppp multilink fragment-delay command was introduced on the PRE1 to specify the
maximum amount of time, in milliseconds, that is required to transmit a fragment.
Cisco IOS Release: Release 12.2(16)BX
Description: This command was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-32

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

ppp multilink fragmentation Command


Cisco IOS Release: Release 12.0(23)SX
Description: The ppp multilink fragmentation command was introduced on the PRE1 to enable
fragmentation.
Cisco IOS Release: Release 12.2(16)BX
Description: This command was introduced on the PRE2.
Cisco IOS Release: Release 12.2
Description: The no ppp multilink fragmentation command was changed to ppp multilink fragment
disable. The no ppp multilink fragmentation command was recognized and accepted through
Cisco IOS Release 12.2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

ppp multilink fragment disable Command


Cisco IOS Release: Release 11.3
Description: The ppp multilink fragment disable command was introduced on the PRE1 as
ppp multilink fragmentation.
Cisco IOS Release: Release 12.2
Description: The no ppp multilink fragmentation command was changed to ppp multilink fragment
disable to disable fragmentation. The no ppp multilink fragmentation command was recognized and
accepted through Cisco IOS Release 12.2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

ppp multilink group Command


Cisco IOS Release: Release 12.0
Description: The ppp multilink group command was introduced on the PRE1 as multilink-group.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-33

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2


Description: The multilink-group command was changed to ppp multilink group to restrict a physical
link to joining only a designated multilink group interface. The multilink-group command was accepted
by the command line interpreter through Cisco IOS Release 12.2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

ppp multilink interleave Command


Cisco IOS Release: Release 12.0(23)SX
Description: The ppp multilink interleave command was introduced on the PRE1 to enable
interleaving of real-time packets among the fragments of larger nonreal-time packets.
Cisco IOS Release: Release 12.2(16)BX
Description: This command was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

MLP Over ATM-Based LFI Feature


Cisco IOS Release: Release 12.2(28)SB
Description: The Multilink PPP (MLP) over ATM feature was introduced on the PRE2 to allow you to
fragment and interleave real-time and nonreal-time packets on ATM VCs.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3.

Multi-VC MLP Over ATM-Based LFI Feature


Cisco IOS Release: Release 12.2(28)SB
Description: The Multi-VC MLP over ATM-based LFI feature was introduced on the PRE2 to allow you
to fragment and interleave real-time and nonreal-time packets on multiple ATM VCs.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3 and the valid interface values changed from 1 to
9999 (Release 12.2(28)SB and later) to from 1 to 9999 and 65,536 to 2,147,483,647
(Release 12.2(31)SB2 and later).

Cisco 10000 Series Router Quality of Service Configuration Guide

1-34

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

MLP Over Frame Relay-Based LFI Feature


Cisco IOS Release: Release 12.2(28)SB
Description: The MLP over Frame Relay-based LFI feature was introduced on the PRE2 to allow you
to fragment and interleave real-time and nonreal-time packets on Frame Relay interfaces and DLCIs.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3.

MLP Over Serial-Based LFI Feature


Cisco IOS Release: Release 12.0(23)SX
Description: The MLP over serial-based LFI feature was introduced on the PRE1 to allow you to
fragment and interleave real-time and nonreal-time packets on serial links.
Cisco IOS Release: Release 12.2
Description: This feature was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3 and the valid interface values changed from 1 to
9999 (Release 12.2(28)SB and later) to from 1 to 9999 and 65,536 to 2,147,483,647
(Release 12.2(31)SB2 and later).

FRF.12 Fragmentation Feature


Cisco IOS Release: Release 12.0(23)SX
Description: The PVC-based FRF.12 Fragmentation feature was introduced on the PRE1.
Cisco IOS Release: Release 12.0(27)S
Description: This feature was enhanced to allow interface-based FRF.12 fragmentation.
Cisco IOS Release: Release 12.2
Description: This feature was introduced on the PRE2 to allow PVC-based and interface-based FRF.12
fragmentation.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-35

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Marking Traffic
Documentation Reference: Chapter 7, Marking Traffic

set atm-clp Command, page 1-36

set cos Command, page 1-36

set discard-class Command, page 1-36

set fr-de Command, page 1-37

set ip dscp Command, page 1-37

set ip precedence Command, page 1-37

set mpls experimental Command, page 1-37

set mpls experimental imposition Command, page 1-38

set qos-group Command, page 1-38

Marking Feature, page 1-38

set atm-clp Command


Cisco IOS Release: Release 12.0(17)SL
Description: The set atm-clp command was introduced on the PRE2 to set the cell loss priority (CLP)
bit to 1.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB for the PRE2.
Cisco IOS Release: Release 12.2(33)SB
Description: This command was introduced on the PRE3 and PRE4.

set cos Command


Cisco IOS Release: Release 12.2(16)BX
Description: The set cos command was introduced on the PRE2 to set the Layer 2 class of service (CoS)
value of an outgoing packet. This command is available only on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.

set discard-class Command


Cisco IOS Release: Release 12.3(7)XI
Description: The set discard-class command was introduced on the PRE2 to mark a packet with a
discard-class value or to drop a specific traffic type during congestion. This command is available only
on the PRE2.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-36

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(28)SB


Description: This command was integrated in Cisco IOS Release 12.2(28)SB.

set fr-de Command


Cisco IOS Release: Release 12.2(31)SB2
Description: The set fr-de command was introduced on the PRE2 and PRE3 to mark a Frame Relay
packets discard eligibility (DE) bit.
Cisco IOS Release: Release 12.2(33)SB
Description: This command was introduced on the PRE4.

set ip dscp Command


Cisco IOS Release: Release 12.0(17)SL
Description: The set ip dscp command was introduced on the PRE1 to mark a packet by setting the
differentiated services code point (DSCP) value in the type of service (ToS) byte.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3 to allow you to mark the IP DSCP bits of
traffic on the L2TP access concentrator (LAC).

set ip precedence Command


Cisco IOS Release: Release 12.0(17)SL
Description: The set ip precedence command was introduced on the PRE1 to set the precedence value
in a packet header.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.

set mpls experimental Command


Cisco IOS Release: Release 12.0(22)S
Description: The set mpls experimental command was introduced on the PRE1 to set the value of the
Multiprotocol Label Switching (MPLS) experimental (EXP) field. This command is available only on
the PRE1.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-37

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

set mpls experimental imposition Command


Cisco IOS Release: Release 12.3(7)XI1
Description: The set mpls experimental imposition command was introduced on the PRE2 to set the
value of the Multiprotocol Label Switching (MPLS) experimental (EXP) field on all imposed label
entries. This command is available only on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.

set qos-group Command


Cisco IOS Release: Release 12.0(17)SL
Description: The set qos-group command was introduced on the PRE1 to set a quality of service (QoS)
group identifier (ID) that can be used later to classify packets.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.

Marking Feature
Cisco IOS Release: Release 12.0(17)SL
Description: The marking feature was introduced on the PRE1 to enable you to differentiate packets
based on designated markings. Other devices can examine the marked bits and classify traffic based on
the marked values.
Cisco IOS Release: Release 12.0(22)S
Description: This feature was enhanced to support MPLS experimental (EXP) marking.
Cisco IOS Release: Release 12.2(16)BX
Description: This feature was introduced on the PRE2 and was enhanced to support 802.1Q class of
service (CoS) marking. This enhancement is available only on the PRE2.
Cisco IOS Release: Release 12.3(7)XI
Description: This feature was enhanced on the PRE2 to support MPLS experimental (EXP) and
discard-class marking. The discard-class enhancement is available only on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB for the PRE2.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3 to allow you to mark the IP DSCP bits of traffic
on the L2TP access concentrator (LAC). Frame Relay DE bit marking and tunnel header marking were
also introduced on the PRE3.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-38

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(33)SB


Description: This feature was introduced on the PRE4 and enhanced to allow Frame Relay DE bit
marking.

Modular QoS Command Line Interface


Documentation Reference: Chapter 1, Quality of Service Overview

MQC Feature, page 1-39

QoS CLI Migration from PRE2 to PRE3, page 1-39

MQC Feature
Cisco IOS Release: Release 12.0(17)SL
Description: The MQC feature was introduced on the PRE1 to enable you to configure QoS services on
the Cisco 10000 series router.
Cisco IOS Release: Release 12.2(15)BX
Description: This feature was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB for the PRE2.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3. Enhancements to the MQC allow you to classify
packets on the L2TP access concentrator (LAC) based upon the IP type of service (ToS) bits in an
embedded IP packet. When a policer is configured, the router uses packet classification to police ingress
traffic according to the DSCP value.

QoS CLI Migration from PRE2 to PRE3


Cisco IOS Release: Release 12.2(31)SB2
Description: The QoS CLI Migration from PRE2 to PRE3 feature was introduced on the PRE3 to
provide a migration path from PRE2 CLI commands to PRE3 CLI commands.

Overhead Accounting
Documentation Reference: Chapter 10, Overhead Accounting

bandwidth Command, page 1-25

shape Command, page 1-56

ATM Overhead Accounting, page 1-40

Ethernet Overhead Accounting, page 1-40

Traffic Shaping Overhead Accounting for ATM, page 1-40

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-39

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

ATM Overhead Accounting


Cisco IOS Release: Release 12.2(28)SB
Description: The ATM Overhead Accounting feature was introduced on the PRE2 to enable the router
to account for various encapsulation types when applying QoS to packets. The router uses the
encapsulation type you configure to calculate the ATM overhead per packet.
Cisco IOS Release: Release 12.2(33)SB
Description: This feature was enhanced on the PRE3 to allow a user-defined number of overhead bytes.

Ethernet Overhead Accounting


Cisco IOS Release: Release 12.2(33)SB
Description: The Ethernet Overhead Accounting feature was introduced on the PRE2, PRE3, and PRE4
to enable the router to account for downstream Ethernet frame headers when applying shaping to
packets. A user-defined offset specifies the number of overhead bytes the router is to use when
calculating the overhead per packet.

Traffic Shaping Overhead Accounting for ATM


Cisco IOS Release: Release 12.2(28)SB
Description: The Traffic Shaping Overhead Accounting for ATM feature was introduced on the PRE2
to enable the broadband access system (BRAS) to account for ATM encapsulation on the subscriber line
and the overhead added by cell segmentation. This enables the service provider to prevent overruns at
the subscriber line and ensures that the router executes QoS features on the actual bandwidth used by
ATM subscriber traffic.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3.
Cisco IOS Release: Release 12.2(33)SB
Description: This feature was introduced on the PRE4.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-40

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Oversubscribing Physical and Virtual Links


Documentation Reference: Chapter 15, Oversubscribing Physical and Virtual Links

atm over-subscription-factor Command, page 1-41

Interface Oversubscription Feature, page 1-41

ATM Virtual Circuit Oversubscription Feature, page 1-42

map-class frame-relay Command, page 1-42

Frame Relay PVC Oversubscription Feature, page 1-42

Virtual LAN Oversubscription Feature, page 1-43

queue-depth Command, page 1-43

weight Command, page 1-43

Weighting Feature, page 1-44

atm over-subscription-factor Command


Cisco IOS Release: Release 12.2(16)BX
Description: The atm over-subscription-factor command was introduced on the PRE2 to enable you
to oversubscribe ATM virtual circuits (VCs). The allowable oversubscription amount is 1 to 50 times the
physical transmission capacity.
Cisco IOS Release: Release 12.3(7)XI3
Description: The amount of oversubscription you can configure was increased to 500. For example, you
can oversubscribe the physical transmission capacity from 1 to 500 times.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3 to allow the aggregate VLAN rates to exceed
the available bandwidth. The oversubscription factor is from 1 to 500.

Interface Oversubscription Feature


Cisco IOS Release: Release 12.0(25)SX
Description: The interface oversubscription feature was introduced on the PRE1 to enable you to assign
a total committed information rate (CIR) to a given port that is greater than the speed of the port.
Cisco IOS Release: Release 12.3(7)XI
Description: This feature was introduced on the PRE2 to enable you to assign a total committed
information rate (CIR) to a given port that is greater than the speed of the port.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-41

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(31)SB2


Description: This command was introduced on the PRE3 with an oversubscription factor from 1 to 500.

ATM Virtual Circuit Oversubscription Feature


Cisco IOS Release: Release 12.2(16)BX
Description: The ATM virtual circuit (VC) oversubscription feature was introduced on the PRE2 to
enable you to assign a rate to a variable bit rate-nonreal time (VBR-nrt) VC, a constant bit rate (CBR)
VC, or a virtual path (VP) tunnel that is greater than the speed of the interface. The amount of allowable
oversubscription is 1 to 50 times the physical transmission capacity.
Cisco IOS Release: Release 12.3(7)XI3
Description: The amount of allowable ATM VC oversubscription was increased to 500 on the PRE2.
For example, you can oversubscribe the physical transmission capacity from 1 to 500 times.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3 with an oversubscription factor from 1 to 500.

map-class frame-relay Command


Documentation Reference: Appendix A, Configuring Frame Relay QoS Using Frame Relay Legacy
Commands
Cisco IOS Release: Release 12.0(23)SX
Description: The map-class frame-relay command was introduced on the PRE1.
Cisco IOS Release: Release 12.0(25)S
Description: This command was ported to the S train.
Cisco IOS Release: Release 12.2(15)BX
Description: This command was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.

Frame Relay PVC Oversubscription Feature


Cisco IOS Release: Release 12.3(7)XI1
Description: The Frame Relay PVC oversubscription feature was introduced on the PRE2 to enable you
to assign a total committed information rate (CIR) to a given PVC that is greater than the speed of the
interface.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-42

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(28)SB


Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3.

Virtual LAN Oversubscription Feature


Cisco IOS Release: Release 12.3(7)XI1
Description: The virtual LAN (VLAN) oversubscription feature was introduced on the PRE2 to enable
you to assign a total committed information rate (CIR) to a given VLAN that is greater than the speed
of the interface.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3 to allow the aggregate VLAN rates to exceed
the available bandwidth. The oversubscription factor is a value from 1 to 500.

queue-depth Command
Cisco IOS Release: Release 12.3(7)XI1
Description: The queue-depth command was introduced on the PRE2 to allow you to configure the
segmentation and reassembly (SAR) line card queue depth for each VC interface queue.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

weight Command
Cisco IOS Release: Release 12.3(7)XI1
Description: The weight command was introduced on the PRE2 to allow you to control virtual circuit
(VC) bandwidth when the virtual path (VP) is congested.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-43

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Weighting Feature
Cisco IOS Release: Release 12.3(7)XI1
Description: The VC weighting feature was introduced on the PRE2 to control the number of cells for
each VC that is sent into the virtual path (VP).
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3.

Policing Traffic
Documentation Reference: Chapter 6, Policing Traffic

police Command (Single-Rate), page 1-44

police percent Command, page 1-45

police Command (Two-Rate), page 1-45

show atm vp Command, page 1-46

Percent-Based Policing Feature, page 1-46

Policing Feature, page 1-46

Single-Rate Color Marker Feature, page 1-47

Two-Rate Three-Color Marker Feature, page 1-47

ATM VP Average Traffic Rate, page 1-48

police Command (Single-Rate)


Cisco IOS Release: Release 12.0(17)SL
Description: The police command was introduced on the PRE1 to allow you to control the maximum
rate of traffic sent or received on an interface. This command included a single-rate two-color policer,
which allows you to classify traffic into two groups: traffic that conforms to the specified committed
information rate (CIR) and burst sizes, and traffic that exceeds either the CIR or the burst sizes.
Cisco IOS Release: Release 12.0(22)S
Description: This command was enhanced to include the set-mpls-exp-transmit policing action. This
action is available only on the PRE1.
Cisco IOS Release: Release 12.0(25)S
Description: This command was enhanced to include a three-color marker. A new violate-action
parameter allows you to specify the action to take for traffic that consistently violates the committed rate.
Cisco IOS Release: Release 12.2(16)BX
Description: This command was introduced on the PRE2 and included a single-rate two-color marker.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-44

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.3(7)XI


Description: This command was enhanced on the PRE2 to include a three-color marker and the
set-mpls-exp-imposition-transmit policing action. This action is available only on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3 to allow you to police traffic on the L2TP
access concentrator (LAC) based on the value of a packets IP DSCP bits.
Cisco IOS Release: Release 12.2(33)SB
Description: This command was enhanced to include the following police actions:

set-cos-transmit to set the class of service (CoS) bit value

set-atm-clp-transmit to set the ATM cell loss priority (CLP) bit value.

set-frde-transmit to set the Frame Relay discard eligibility (DE) bit value.

police percent Command


Cisco IOS Release: Release 12.0(25)SX
Description: The police percent command was introduced on the PRE1 to allow you to configure traffic
policing as a percentage of the interface bandwidth on which policing is applied. Configuring traffic
policing based on bandwidth percentage enables you to use the same policy map for multiple interfaces
with differing amounts of bandwidth.
Cisco IOS Release: Release 12.3(7)XI
Description: This command was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was enhanced on the PRE2 to allow you to configure two traffic policing
rates as a percentage: the committed information rate (CIR) and the peak information rate (PIR).
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3 to allow you to police traffic on the L2TP
access concentrator (LAC) based on the value of a packets IP DSCP bits.

police Command (Two-Rate)


Cisco IOS Release: Release 12.2(28)SB
Description: The single-rate police command was enhanced on the PRE2 to allow you to configure two
traffic policing rates: the committed information rate (CIR) and the peak information rate (PIR).

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-45

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(31)SB2


Description: This command was introduced on the PRE3 to allow you to police traffic on the L2TP
access concentrator (LAC) based on the value of a packets IP DSCP bits.

show atm vp Command


Cisco IOS Release: Release 12.2(33)SB
Description: The show atm vp command was enhanced on the PRE2, PRE3, and PRE4 to provide rate
information. Minute counters on the ATM VPs support the show atm vp command.

Percent-Based Policing Feature


Cisco IOS Release: Release 12.0(25)SX
Description: The percent-based policing feature was introduced on the PRE1 to allow you to configure
traffic policing as a percentage of the interface bandwidth on which policing is applied. Configuring
traffic policing based on bandwidth percentage enables you to use the same policy map for multiple
interfaces with differing amounts of bandwidth.
Cisco IOS Release: Release 12.3(7)XI
Description: This feature was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was enhanced on the PRE2 to allow you to configure two traffic policing rates
as a percentage: the committed information rate (CIR) and the peak information rate (PIR).
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3 to allow you to police traffic on the L2TP
access concentrator (LAC) based on the value of a packets IP DSCP bits.

Policing Feature
Cisco IOS Release: Release 12.0(17)SL
Description: The policing feature was introduced on the PRE1 to allow you to control the maximum rate
of traffic sent or received on an interface. This feature included a single-rate two-color policer.
Cisco IOS Release: Release 12.0(25)S
Description: This feature was enhanced on the PRE1 to include a three-color marker.
Cisco IOS Release: Release 12.2(16)BX
Description: This feature was introduced on the PRE2 and included a single-rate two-color marker.
Cisco IOS Release: Release 12.3(7)XI
Description: This feature was enhanced on the PRE2 to include a three-color marker.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-46

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(28)SB


Description: This feature was enhanced on the PRE2 to include a two-rate policer.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3 to allow you to police traffic on the L2TP access
concentrator (LAC) based on the value of a packets IP DSCP bits. Control plane policing, policing of
GRE tunnels, and tunnel header marking using a police action were also introduced on the PRE3.

Single-Rate Color Marker Feature


Cisco IOS Release: Release 12.0(17)SL
Description: The single-rate color marker feature was introduced on the PRE1 with two-color marking
to allow you to police traffic streams into groups of conforming and non-conforming traffic.
Cisco IOS Release: Release 12.0(25)S
Description: This feature was enhanced on the PRE1 to include a single-rate three-color marker to allow
you to police traffic streams into groups of conforming, non-conforming, and violating traffic.
Cisco IOS Release: Release 12.2(16)BX
Description: This feature was introduced on the PRE2 and included a single-rate two-color marker.
Cisco IOS Release: Release 12.3(7)XI
Description: This feature was enhanced on the PRE2 to include a three-color marker.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3 to allow you to police traffic on the L2TP access
concentrator (LAC) based on the value of a packets IP DSCP bits.

Two-Rate Three-Color Marker Feature


Cisco IOS Release: Release 12.2(28)SB
Description: The two-rate three-color marker feature was introduced on the PRE2 to allow you to
manage bandwidth by setting the committed information rate (CIR) and the peak information rate. Using
this feature you can police traffic streams into groups of conforming, non-conforming, and violating
traffic.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3 to allow you to police traffic on the L2TP access
concentrator (LAC) based on the value of a packets IP DSCP bits.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-47

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

ATM VP Average Traffic Rate


Cisco IOS Release: Release 12.2(33)SB
Description: This feature was introduced on the PRE2, PRE3, and PRE4 to enable you to display the
5-minute traffic rates on virtual path (VP) counters. This feature is a subscriber and VP traffic reporting
feature that extends the show atm vp command to provide rate information. Minute counters on the
ATM VPs support the show atm vp command.

Prioritizing Traffic
Documentation Reference: Chapter 8, Prioritizing Services

priority Command, page 1-48

priority level Command, page 1-49

Child Service Policy Allowed Under Priority Class, page 1-49

Multi-Level Priority Queues, page 1-49

Priority Queuing Feature, page 1-49

priority Command
Cisco IOS Release: Release 12.0(17)SL
Description: The priority command was introduced on the PRE1 to give priority to a traffic class in a
policy map and to set the bandwidth rate for the queue in kilobits per second.
Cisco IOS Release: Release 12.0(20)ST
Description: This command was enhanced on the PRE1 to include a percent-based bandwidth rate.
Cisco IOS Release: Release 12.0(25)S
Description: This command was modified on the PRE1 to provide strict priority queuing. Strict priority
queuing guarantees low-latency for any packet that enters a priority queue, regardless of the current
congestion level on the link. To specify a bandwidth rate for a strict priority queue, you must specify the
police command.
Cisco IOS Release: Release 12.2(16)BX
Description: This command was introduced on the PRE2 to allow you to set the bandwidth rate for a
queue in kilobits per second or as a percentage.
Cisco IOS Release: Release 12.3(7)XI
Description: This command was modified to provide strict priority queuing on the PRE2. To specify a
bandwidth rate for a strict priority queue, you must specify the police command.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-48

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(31)SB2


Description: This command was introduced on the PRE3.

priority level Command


Cisco IOS Release: Release 12.2(31)SB2
Description: The priority level command was introduced on the PRE3 to allow you to configure
multiple priority queues for multiple traffic classes.

Child Service Policy Allowed Under Priority Class


Cisco IOS Release: Release 12.2(31)SB2
Description: The child service policy allowed under priority class feature was introduced on the PRE3
to allow you to attach a child policy with non-queuing features to a priority class.

Multi-Level Priority Queues


Cisco IOS Release: Release 12.2(31)SB2
Description: The multi-level priority queues (MPQ) feature was introduced on the PRE3 to allows you
to configure multiple priority queues for multiple traffic classes by specifying a different priority level
for each of the traffic classes in a single service policy map.

Priority Queuing Feature


Cisco IOS Release: Release 12.0(17)SL
Description: The priority queuing feature was introduced on the PRE1 to allow the router to dequeue
and transmit delay-sensitive data such as voice before it dequeues and sends packets in other queues.
Using priority queuing, delay-sensitive data receives preferential treatment over other traffic. This
feature allows you to set a bandwidth rate for a queue in kilobits per second.
Cisco IOS Release: Release 12.0(20)ST
Description: This feature was enhanced on the PRE1 to allow you to set a bandwidth rate for a queue
as a percentage.
Cisco IOS Release: Release 12.0(25)S
Description: This feature was modified on the PRE1 to provide strict priority queuing. Strict priority
queuing guarantees low-latency for any packet that enters a priority queue, regardless of the current
congestion level on the link. To specify a bandwidth rate for a strict priority queue, you must specify the
police command.
Cisco IOS Release: Release 12.2(16)BX
Description: This feature was introduced on the PRE2 to allow you to set a bandwidth rate for a queue
in kilobits per second or as a percentage.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-49

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.3(7)XI1


Description: This feature was modified on the PRE2 to provide strict priority queuing. To specify a
bandwidth rate for a strict priority queue, you must specify the police command.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

PVC Bundles
Documentation Reference: Chapter 19, Configuring Quality of Service for PVC Bundles

bump Command, page 1-50

bump Command (Frame Relay VC-bundle-member), page 1-51

bundle Command, page 1-51

class-bundle Command, page 1-51

class-vc Command, page 1-51

dscp Command (Frame Relay VC-bundle-member), page 1-51

exp Command, page 1-51

frame-relay vc-bundle Command, page 1-51

mpls experimental Command, page 1-52

oam-bundle Command, page 1-52

precedence Command, page 1-52

precedence Command (Frame Relay VC-bundle-member), page 1-52

protect Command, page 1-52

protect Command (Frame Relay VC-bundle-member), page 1-52

pvc-bundle Command, page 1-53

pvc Command (Frame Relay VC-bundle), page 1-53

PVC Bundles Over ATM and Frame Relay Feature, page 1-53

ATM PVC Bundle EnhancementMPLS EXP-Based PVC Selection Feature, page 1-53

Frame Relay PVC Bundles with QoS Support for IP and MPLS Feature, page 1-53

bump Command
Cisco IOS Release: Release 12.0(26)S
Description: The bump command was introduced on the PRE1 to configure the bumping rules for an
ATM PVC bundle or a specific ATM PVC bundle member.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-50

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

bump Command (Frame Relay VC-bundle-member)


Cisco IOS Release: Release 12.0(26)S
Description: The bump command was introduced on the PRE1 to configure the bumping rules for a
Frame Relay permanent virtual circuit (PVC) bundle member.

bundle Command
Cisco IOS Release: Release 12.0(26)S
Description: The bundle command was introduced on the PRE1 to create an ATM bundle or modify an
existing ATM bundle.

class-bundle Command
Cisco IOS Release: Release 12.0(26)S
Description: The class-bundle command was introduced on the PRE1 to configure an ATM virtual
circuit (VC) bundle with the bundle-level commands contained in the specified VC class.

class-vc Command
Cisco IOS Release: Release 12.0(26)S
Description: The class-vc command was introduced on the PRE1 to assign a virtual circuit (VC) class
to an ATM permanent virtual circuit (PVC) or PVC bundle member.

dscp Command (Frame Relay VC-bundle-member)


Cisco IOS Release: Release 12.0(26)S
Description: The dscp command was introduced on the PRE1 to configure the differentiated services
code point (DSCP) levels for a Frame Relay permanent virtual circuit (PVC) bundle member.

exp Command
Cisco IOS Release: Release 12.0(26)S
Description: The exp command was introduced on the PRE1 to configure Multiprotocol Label
Switching (MPLS) experimental (EXP) levels for a Frame Relay permanent virtual circuit (PVC) bundle
member.

frame-relay vc-bundle Command


Cisco IOS Release: Release 12.0(26)S
Description: The frame-relay vc-bundle command was introduced on the PRE1 to create a Frame
Relay permanent virtual circuit (PVC) bundle if it does not already exist, and to enter Frame Relay
VC-bundle configuration mode.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-51

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

mpls experimental Command


Cisco IOS Release: Release 12.0(26)S
Description: The mpls experimental command was introduced on the PRE1 to configure MPLS
experimental (EXP) levels for a VC class or for a PVC member of a bundle. The VC class is applied to
the PVC bundle and thus applied to all PVC members of the bundle.

oam-bundle Command
Cisco IOS Release: Release 12.0(26)S
Description: The oam-bundle command was introduced on the PRE1 to enable end-to-end F5
Operation, Administration, and Maintenance (OAM) loopback cell generation and OAM management
for all permanent virtual circuit (PVC) members of a bundle or a VC class that can be applied to a PVC
bundle.

precedence Command
Cisco IOS Release: Release 12.0(26)S
Description: The precedence command was introduced on the PRE1 to configure precedence levels for
a virtual circuit (VC) class, VC, or permanent virtual circuit (PVC) member of a bundle. The VC class
is assigned to a PVC bundle and thus applied to all PVC members of that bundle.

precedence Command (Frame Relay VC-bundle-member)


Cisco IOS Release: Release 12.0(26)S
Description: The precedence command was introduced on the PRE1 to configure the precedence levels
for a Frame Relay permanent virtual circuit (PVC) bundle member.

protect Command
Cisco IOS Release: Release 12.0(26)S
Description: The protect command was introduced on the PRE1 to configure a virtual circuit (VC) class
with protected group or protected VC status for application to a PVC bundle member and to configure a
specific VC or permanent virtual circuit (PVC) as part of a protected group of the bundle or to configure
it as an individually protected VC or PVC bundle member.

protect Command (Frame Relay VC-bundle-member)


Cisco IOS Release: Release 12.0(26)S
Description: The protect command was introduced on the PRE1 to configure a Frame Relay protected
permanent virtual circuit (PVC) bundle member with protected group or protected PVC status.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-52

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

pvc-bundle Command
Cisco IOS Release: Release 12.0(26)S
Description: The pvc-bundle command was introduced on the PRE1 to add a permanent virtual circuit
(PVC) to a bundle as a member of the bundle and enter bundle-vc configuration mode in order to
configure that PVC bundle member,

pvc Command (Frame Relay VC-bundle)


Cisco IOS Release: Release 12.0(26)S
Description: The pvc command was introduced on the PRE1 to create a permanent virtual circuit (PVC)
that is a Frame Relay PVC bundle member, and to enter Frame Relay VC-bundle-member configuration
mode.

PVC Bundles Over ATM and Frame Relay Feature


Cisco IOS Release: Release 12.0(26)S
Description: The PVC bundles over ATM and Frame Relay feature was introduced on the PRE1 to
combine PVCs into one logical interface. This feature provides IP precedence and DSCP-based PVC
selection.

ATM PVC Bundle EnhancementMPLS EXP-Based PVC Selection Feature


Cisco IOS Release: Release 12.0(26)S
Description: The ATM PVC Bundle EnhancementMPLS EXP-Based PVC Selection feature was
introduced on the PRE1 to provide ATM PVC selection based on the MPLS EXP level of a packet.

Frame Relay PVC Bundles with QoS Support for IP and MPLS Feature
Cisco IOS Release: Release 12.0(26)S
Description: The Frame Relay PVC Bundles with QoS Support for IP and MPLS feature was introduced
on the PRE1 to provide Frame Relay PVC selection based on the precedence, DSCP, or MPLS EXP level
of a packet.

QoS Policy Maps


Documentation Reference: Chapter 3, Configuring QoS Policy Actions and Rules

policy-map Command, page 1-54

qos match statistics Command, page 1-54

Policy Maps Feature, page 1-54

Policy Map Scaling Phase 2, page 1-54

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-53

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

policy-map Command
Cisco IOS Release: Release 12.0(17)SL
Description: This command was introduced on the PRE1 to configure a QoS policy map.
Cisco IOS Release: Release 12.2(16)BX
Description: This command was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB for the PRE2.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.
Cisco IOS Release: Release 12.2(33)SB
Description: This command was introduced on the PRE4.

qos match statistics Command


Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3 to configure the router to count QoS matches
for each class or for each match statement and class. Per-class counts provide for greater QoS scalability.

Policy Maps Feature


Cisco IOS Release: Release 12.0(17)SL
Description: The QoS policy map feature was introduced on the PRE1 to configure a QoS service
policy.
Cisco IOS Release: Release 12.2(16)BX
Description: This feature was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB for the PRE2.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3.

Policy Map Scaling Phase 2


Cisco IOS Release: Release 12.2(33)SB
Description: This feature was introduced on the PRE2, PRE3, and PRE4 to allow up to 8192 policy
maps per system.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-54

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Qos Policy Propagation through the Border Gateway Protocol


Documentation Reference: Appendix B, QoS Policy Propagation Through the Border Gateway
Protocol
Cisco IOS Release: Release 12.0(9)SL
Description: The QoS policy propagation through the Border Gateway Protocol (QPPB) feature was
introduced on the PRE1 to enable packet classification based on a Border Gateway Protocol (BGP)
prefix, BGP community list, and BGP autonomous system (AS) paths.
Cisco IOS Release: Release 12.2(16)BX
Description: This feature was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.

Shaping PPPoE Over VLAN Sessions Using RADIUS


Documentation Reference: Chapter 17, Configuring Dynamic Subscriber Services

Per Session Queuing and Shaping for PPPoE Over VLAN Support Using RADIUS Feature,
page 1-55

Per Session Queuing and Shaping for PPPoE Over VLAN Support Using RADIUS Feature
Cisco IOS Release: Release 12.3(7)XI7
Description: The Per Session Queuing and Shaping for PPPoE over VLAN Support Using RADIUS
feature was introduced on the PRE2 to enable dynamic queuing and shaping policies on PPPoEoVLAN
sessions.
Cisco IOS Release: Release 12.2(31)SB5
Description: This feature was integrated in Cisco IOS Release 12.2(31)SB5 for the PRE2.

Shaping Traffic
Documentation Reference: Chapter 9, Shaping Traffic

atm pvp Command, page 1-56

pvc Command, page 1-56

shape Command, page 1-56

shape percent Command, page 1-57

vbr-nrt Command, page 1-57

ATM VC/VP Shaping Feature, page 1-57

Class-Based Traffic Shaping Feature, page 1-58

Frame Relay Traffic Shaping Feature, page 1-58

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-55

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Percentage-Based Traffic Shaping Feature, page 1-58

Percentage-Based Traffic Shaping Feature, page 1-58

Traffic Shaping Overhead Accounting for ATM Feature, page 1-59

atm pvp Command


Cisco IOS Release: Release 12.0(17)SL
Description: This command was introduced on the PRE1.
Cisco IOS Release: Release 12.2(16)BX
Description: This command was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

pvc Command
Cisco IOS Release: Release 12.0(17)SL
Description: This command was introduced on the PRE1.
Cisco IOS Release: Release 12.2(16)BX
Description: This command was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

shape Command
Cisco IOS Release: Release 12.0(17)SL
Description: This command was introduced on the PRE1.
Cisco IOS Release: Release 12.2(16)BX
Description: This command was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-56

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(31)SB2


Description: This command was introduced on the PRE3.
Cisco IOS Release: Release 12.2(31)SB6
Description: This command supports per-session shaping and queuing on a L2TP Network Server
(LNS) on the PRE3.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was enhanced to support overhead accounting.
Cisco IOS Release: Release 12.2(33)SB
Description: This command was enhanced to support a user-defined offset, which the router uses when
calculating overhead.

shape percent Command


Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

vbr-nrt Command
Cisco IOS Release: Release 12.0(25)SX
Description: This command was introduced on the PRE1.
Cisco IOS Release: Release 12.2(16)BX
Description: This command was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This command was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

ATM VC/VP Shaping Feature


Cisco IOS Release: Release 12.3(7)XI
Description: The ATM VC/VP Shaping feature was introduced on the PRE2 to enable you to shape
traffic at both the VC-level and VP-level.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-57

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Class-Based Traffic Shaping Feature


Cisco IOS Release: Release 12.0(17)SL
Description: The Class-Based Traffic Shaping feature was introduced on the PRE1 to allow you to
control a class of traffic going out an interface in order to match its transmission to the speed of the
remote target interface and to ensure that the traffic conforms to policies contracted for it
Cisco IOS Release: Release 12.2(16)BX
Description: This feature was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

Frame Relay Traffic Shaping Feature


Cisco IOS Release: Release 12.0(17)SL
Description: The Frame Relay Traffic Shaping (FRTS) feature was introduced on the PRE1 to eliminate
bottlenecks in Frame Relay networks by allowing you to configure rate enforcement to either the
committed information rate (CIR) or some other defined value, such as the excess information rate, on
a per-VC basis.

Hierarchical Shaping Feature


Cisco IOS Release: Release 12.3(7)XI
Description: The Hierarchical Shaping feature was introduced on the PRE2 to enable you to shape
traffic at both the VC-level and VP-level.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB for the PRE2.
Cisco IOS Release: Release 12.2(231)SB2
Description: This feature was introduced on the PRE3.

Percentage-Based Traffic Shaping Feature


Cisco IOS Release: Release 12.2(31)SB2
Description: This feature was introduced on the PRE3 to enable you to shape traffic based on a
percentage of the available bandwidth.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-58

OL-7433-09

Chapter 1

Quality of Service Overview


QoS Features, Commands, and Changes

Traffic Shaping Overhead Accounting for ATM Feature


Cisco IOS Release: Release 12.2(31)SB2
Description: The Traffic Shaping Overhead Accounting for ATM feature was introduced on the PRE3
to enable the broadband aggregation system (BRAS) to account for various encapsulation types when
applying QoS to packets. Cisco IOS Release: Release 12.2(31)SB5
Description: The Traffic Shaping Overhead Accounting for ATM feature was enhanced to include a
user-defined offset value on the PRE3.

Sharing Bandwidth Fairly During Congestion


Documentation Reference: Chapter 12, Sharing Bandwidth Fairly During Congestion

Bandwidth Fair Queuing Feature, page 1-59

Class-Based Weighted Fair Queuing Feature, page 1-59

Class-Based Weighted Fair Queuing for Virtual Access Interfaces Feature, page 1-60

Bandwidth Fair Queuing Feature


Cisco IOS Release: Release 12.0(17)SL
Description: The bandwidth fair queuing feature was introduced on the PRE1 to share bandwidth fairly
among competing traffic.
Cisco IOS Release: Release 12.2(15)BX
Description: This feature was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.
Cisco IOS Release: Release 12.2(31)SB2
Description: This command was introduced on the PRE3.

Class-Based Weighted Fair Queuing Feature


Cisco IOS Release: Release 12.0(19)SL
Description: The class-based weighted fair queuing (CBWFQ) feature was introduced on the PRE1 to
provide support for user-defined traffic classes based on match criteria including protocols, access
control lists (ACLs), and input interfaces.
Cisco IOS Release: Release 12.2(16)BX
Description: This feature was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-59

Chapter 1

Quality of Service Overview

QoS Features, Commands, and Changes

Cisco IOS Release: Release 12.2(31)SB2


Description: This command was introduced on the PRE3.

Class-Based Weighted Fair Queuing for Virtual Access Interfaces Feature


Cisco IOS Release: Release 12.0(25)SX
Description: The Class-Based Weighted Fair Queuing (CBWFQ) for virtual access interfaces (VAIs)
feature was introduced on the PRE1 to allow a VAI to inherit the service policy of the VC that the VAI
uses.
Cisco IOS Release: Release 12.2(16)BX
Description: This feature was introduced on the PRE2.
Cisco IOS Release: Release 12.2(28)SB
Description: This feature was integrated in Cisco IOS Release 12.2(28)SB.

Simultaneous Policy Maps


Documentation Reference: Chapter 14, Simultaneous Policy Maps

Simultaneous QoS Policy Map on Interface and PPP SessionA-DSLAM Case, page 1-60

Simultaneous QoS Policy Map on Interface and PPP SessionA-DSLAM Case


Cisco IOS Release: Release 12.2(33)SB
Description: The Simultaneous QoS Policy Map on Interface and PPP SessionA-DSLAM Case
feature was introduced on the PRE2, PRE3, and PRE4 to allow the broadband aggregation system
(BRAS) to provide multiple levels of QoS hierarchy that shape traffic at different points of congestion
in the Layer 2 network. This enables the BRAS to avoid congestion in downstream links within the
network.

VLAN Tag-Based Quality of Service


Documentation Reference: Chapter 21, VLAN Tag-Based Quality of Service
Cisco IOS Release: Release 12.2(31)SB2
Description: The QoSVLAN Tag-Based feature was introduced on the PRE2 and PRE3 to enable you
to apply a single QoS policy, referred to as a VLAN-group policy, to a group of IEEE 802.1Q VLAN
subinterfaces.

Cisco 10000 Series Router Quality of Service Configuration Guide

1-60

OL-7433-09

Chapter 1

Quality of Service Overview


Related Documentation

Related Documentation
This section provides hyperlinks to additional Cisco documentation for the features discussed in this
chapter. To display the documentation, click the document title or a section of the document highlighted
in blue. When appropriate, paths to applicable sections are listed below the documentation title.
Feature

Related Documentation

Broadband and lease-line QoS features

Cisco 10000 Series Broadband Aggregation and Leased-Line


Configuration Guide

CISCO-CLASS-BASED-QOS-MIB and
CISCO-CLASS-BASED-QOS-CAPABILITY-MIB

Cisco 10000 Series MIB Documents

Line cards

Cisco 10000 Series Router Line Card Configuration Guide


Technology of Edge Aggregation: Cisco 10000 Series Router

Modular Quality of Service Command-Line Interface


(MQC)

Implementing Quality of Service white paper


Cisco IOS Quality of Service Solutions Configuration Guide,
Release 12.2
Modular Quality of Service Command-Line Interface Overview
Configuring the Modular Quality of Service Command-Line
Interface

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

1-61

Chapter 1

Quality of Service Overview

Related Documentation

Cisco 10000 Series Router Quality of Service Configuration Guide

1-62

OL-7433-09

CH A P T E R

Classifying Traffic
This chapter describes how to create traffic classification rules that the Cisco 10000 series router can use
to classify inbound and outbound traffic.
Even with fast interfaces, most networks require a strong quality of service (QoS) management model
to effectively manage the congestion points that occur due to speed-mismatch or diverse traffic patterns.
Real world networks have limited resources and resource bottlenecks, and need QoS policies to ensure
proper resource allocation.
The first step in creating a QoS service policy is to define how you want the router to classify traffic.
The traffic that matches the classification criteria is then subject to the QoS policy you create and apply
to the interface.
This chapter includes the following topics:

Traffic Classification Using Class Maps, page 2-1

Restrictions and Limitations for Traffic Classification, page 2-11

Classifying Traffic Using a Class Map, page 2-11

Related Documentation, page 2-14

Traffic Classification Using Class Maps


The Cisco 10000 router must differentiate traffic before it can apply the appropriate QoS actions to the
traffic. The router supports a modular QoS CLI element called a class map, which you can use to define
traffic classification rules or criteria.
Class maps organize data packets into specific categories called classes that can, in turn, receive
user-defined QoS policies. The traffic class defines the classification rules for packets received on an
interface. One or more match command statements in the class map define the criteria by which the
router classifies packets into specific classes. Packets arriving at either the input or output interface
(depending on the service-policy command configuration) are checked against the match criteria of a
class map to determine if the packet belongs to that class.
When configuring a class map, you can use one or more match commands to specify match criteria. For
example, you can use the following commands:

match access-group command

match protocol command

match input-interface command

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

2-1

Chapter 2

Classifying Traffic

Traffic Classification Using Class Maps

Feature History for Class Maps


Cisco IOS Release

Description

Required PRE

Release 12.0(17)SL

The class map feature was introduced on the PRE1.

PRE1

Release 12.2(15)BX

This feature was introduced on the PRE2.

PRE2

Release 12.2(28)SB

This feature was integrated in Cisco IOS


Release 12.2(28)SB for the PRE2.

PRE2

Release 12.2(31)SB2

This feature was integrated in Cisco IOS


Release 12.2(31)SB2 for the PRE3.

PRE3

Enhancements to the modular quality of service CLI (MQC)


allow you to classify packets on the L2TP access
concentrator (LAC) based upon the IP type of service (ToS)
bits in an embedded IP packet. The classification is used to
police ingress traffic according to the differentiated service
code point (DSCP) value.
Release 12.2(33)SB

This feature was enhanced to support matching on the Frame PRE2, PRE3,
Relay Discard Eligibility (DE) bit.
PRE4

System Limits for Class Maps


Table 2-1 lists the system limits for class maps on the Cisco 10000 series router. In the table, the number
of class maps per system and the number of classes per policy map include the class-default class.
Table 2-1

System Limits for Class Maps

Number of Class
Maps per System

Number of Match
Statements per
Number of Classes
Class Map
per Policy Map

Processor

Cisco IOS Release

PRE1

All Releases earlier than 256


Release 12.0(17)SL

16

16

Release 12.0(17)SL
and later releases

256

16

256

Release 12.0(25)SX
and later releases

256

16

32

Release 12.2(15)BX
and later releases

262,000

16

64

Release 12.3(7)XI
and later releases

262,000

16

127

PRE2

Cisco 10000 Series Router Quality of Service Configuration Guide

2-2

OL-7433-09

Chapter 2

Classifying Traffic
Traffic Classification Using Class Maps

Table 2-1

System Limits for Class Maps (continued)

Processor

Cisco IOS Release

Number of Class
Maps per System

PRE3

Release 12.2(31)SB2
and later releases

262,144
(per-match mode)

Number of Match
Statements per
Number of Classes
Class Map
per Policy Map
16

64

16

64

4,194,304
(per-class mode)
PRE4

Release 12.2(33)SB and


later releases

262,144
(per-match mode)
4,194,304
(per-class mode)

PRE3 Class Maps and QoS Scalability


The Cisco 10000 series router with a PRE3 counts QoS matches for each class or for each match. As the
following describes, you can achieve greater scalability with per-class mode counting enabled on the
router:

Per-match mode (default mode)The router counts matches for each match statement and class,
and supports 262,144 unique class maps per system.

Per-class modeThe router counts matches for the entire class and supports 4,194,304 unique class
maps. This mode provides greater scalability.

To configure per-match or per-class QoS match statistics, use the qos match statistics command. For
more information, see the qos match statistics Command section on page 2-4.

Note

The qos match statistics command is not available on the PRE2. Due to memory limitations, the PRE2
cannot exceed 262,000 class maps.
When using the show commands in per-class mode, the per-match statistics display a value of zero. In
per-class mode, the per-match statistics are zero in the MIB.

class-map Command
To create or modify a class map, use the class-map command in global configuration mode. To remove
a class map, use the no form of this command. By default, the router uses match-all.
class-map [match-any | match-all] class-map-name
no class-map [match-any | match-all] class-map-name

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

2-3

Chapter 2

Classifying Traffic

Traffic Classification Using Class Maps

Syntax Description
match-any

(Optional) Indicates that a packet must meet at least one of the match
criteria to be considered a member of the class.

match-all

(Optional) Indicates that a packet must meet all of the match criteria to be
considered a member of the class.

class-map-name

Is the name of the class map. The name can be a maximum of


40 alphanumeric characters.

class-map Command History


Cisco IOS Release

Description

Release 12.0(17)SL

The class-map command was introduced on the PRE1.

Release 12.0(15)BX

This command was introduced on the PRE2.

Release 12.2(28)SB

This command was integrated in Cisco IOS Release 12.2(28)SB for the
PRE2.

Release 12.2(31)SB2

This command was integrated in Cisco IOS Release 12.2(31)SB2 for the
PRE3.

Usage Guidelines for the class-map Command


Use the class-map command to create or modify class map match criteria. The router compares the
packets that arrive at the input or output interface to the match criteria configured for a class map. If a
packet matches the criteria, the router designates the packet as belonging to the class.
When you configure a class map, you can use one or more match commands to specify the match
criteria. For example, you can configure the match access-group command, the match protocol
command, and the match input-interface command in a class map. The router compares the arriving
packets to the match criteria in the order in which you entered the criteria.

qos match statistics Command


To configure the router to count QoS matches for each class or for each match statement and class, use
the qos match statistics command in global configuration mode.
qos match statistics {per-class | per-match}

Syntax Description
per-class

Specifies to count QoS matches for the entire class. This mode provides
greater scalability.

per-match

Specifies to count matches for each match statement and class. This mode
provides PRE2 backward compatibility.

Cisco 10000 Series Router Quality of Service Configuration Guide

2-4

OL-7433-09

Chapter 2

Classifying Traffic
Traffic Classification Using Class Maps

Command Default
Per-match is the default mode.

qos match statistics Command History


Cisco IOS Release

Description

Release 12.2(31)SB2

This command was introduced and implemented on the Cisco 10000 series
router for the PRE3.

Usage Guidelines for the qos match statistics Command


This command does not allow a no form of the command. The command operates in either per-match
mode or per-class mode. Specifying one mode automatically negates the current mode.
The Cisco 10000 series router with a PRE3 supports 262,144 unique class maps per system in per-match
mode and 4,194,304 unique class maps per system in per-class mode. Per-class mode provides greater
QoS scalability.
This command is not available on the PRE2. Due to memory limitations, the PRE2 supports a maximum
of 262,000 class maps per system.
When using the show commands in per-class mode, the per-match statistics display with a value of zero.
In per-class mode, the per-match statistics are zero in the MIB.

Defining Match Criteria Using the match Commands


To define the classification criteria for a class map, use the match commands in class-map configuration
mode. The match statements you define are the criteria the router uses to classify packets. To remove a
match statement, use the no form of this command. The router defaults to match-all.
Command

Purpose

Router(config-cmap)# match access-group {number |


name}

Specifies that the packet must be permitted by the specified access


control list (ACL).
number identifies the ACL applied to an interface. Valid values are
from 1 to 2699.
name specifies that the packet must be permitted by the access list
whose name is name. The name can be a maximum of
40 alphanumeric characters.

Router(config-cmap)# match-all

Specifies that the packet must match all of the matching criteria
defined for a class map.

Router(config-cmap)# match-any

Specifies that the packet must match at least one of the matching
criteria defined for a class map.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

2-5

Chapter 2

Classifying Traffic

Traffic Classification Using Class Maps

Command

Purpose

Router(config-cmap)# match not criteria

Specifies that the packet must not match this particular matching
criterion value.
criteria specifies the match criterion value that is an unsuccessful
match criterion. All other values of the specified match criterion
are considered successful match criteria.

Router(config-cmap)# match cos value

Specifies that the packet class of service (CoS) bit value must
match the specified CoS value.
value is a number from 0 to 7. You can specify up to four CoS
values, separated by a space.
Note

Router(config-cmap)# match discard-class value

For Cisco IOS Release 12.2(31)SB2 and later releases, this


command is available on the PRE2 and PRE3 for inbound
policies only. For earlier releases, this command is
available only on the PRE2 for inbound policies only.

Specifies that the discard-class value must match the specified


discard-class value.
Packets that match the specified discard-class value are treated
differently from packets marked with other discard-class values.
The discard-class is a matching criterion only, used in defining
per-hop behavior (PHB) for dropping traffic.
value is a number from 0 to 7. You can specify up to 4 values,
separated by a space. The value has no mathematical significance.
For example, the discard class value 2 is not greater than 1. The
value simply indicates that a packet marked with discard class 2
should be treated differently than a packet marked with discard
class 1.
Note

This command requires Cisco IOS Release 12.3(7)XI or


later releases and is available only on the PRE2.

Router(config-cmap)# match fr-de

Specifies that the router is to look for the Frame Relay discard
eligibility (DE) bit in the packets.

Router(config-cmap)# match input-interface name

Specifies that the packet input interface must match the interface
name.

Cisco 10000 Series Router Quality of Service Configuration Guide

2-6

OL-7433-09

Chapter 2

Classifying Traffic
Traffic Classification Using Class Maps

Command

Purpose

Router(config-cmap)# match ip dscp {ip-dscp-value


| afxy | csx | ef | default}

Specifies that the packet IP differentiated service code point


(DSCP) value must match one or more of the specified attributes.
ip dscp ip-dscp-value specifies the DSCP value to match on. Valid
values are from 0 to 63. You can specify up to 8 code point values,
using a space to separate consecutive values.
Instead of specifying a numeric ip-dscp-value, you can specify one
of the following reserved keywords:

afxy indicates assured forwarding points. The first number (x)


indicates the AF class. Valid values are from 1 to 4. The
second number (y) indicates the level of drop preference
within each class. Valid values are from 1 (low drop) to 3 (high
drop).

cs indicates class selector code points that are


backward-compatible with IP precedence. Valid values for x
are 1 through 7. The CS code points (CS1 through CS7) are
identical to IP precedence values 1 through 7.

ef indicates expedited forwarding.

default indicates best effort or DSCP 0.

For more information, see Table 7-4 on page 7-8.


Note

Router(config-cmap)# match ip precedence


{ip-precedence-value | precedence-name}

In Cisco IOS Release 12.2(31)SB2 and later releases,


enhancements to the modular quality of service CLI
(MQC) allow you to classify packets on the L2TP access
concentrator (LAC) based upon the IP type of service
(ToS) bits in an embedded IP packet. The classification is
used to police ingress traffic according to the DSCP value.

Specifies that the packet IP precedence value must match one or


more precedence values or the name of the precedence.
ip-precedence-value is the IP precedence value to match on. Valid
values are from 0 to 7. You can specify up to 8 precedence values,
using a space to separate consecutive values.
precedence-name is the name of the IP precedence value.
For more information, see Table 7-2 on page 7-4.

Router(config-cmap)# match ip rtp


{lowest-udp-port range}

Specifies that the packet even UDP port value must be within the
specified range of port numbers. Only even-numbered ports are
matched because they carry the real-time data streams.
Odd-numbered ports are not matched because they only carry
control information.
lowest-udp-port is a number from 0 to 65535 and is the lowest
number in the range.
range specifies a number from 0 to 65535 and is the highest
number in the range.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

2-7

Chapter 2

Classifying Traffic

Traffic Classification Using Class Maps

Command

Purpose

Router(config-cmap)# match mpls experimental


mpls-exp-value

Specifies that the experimental (EXP) bit value of the packet must
match the MPLS EXP value that you specify.
mpls-exp-value specifies the value to which you want to set the
MPLS EXP bits. Valid values are from 0 to 7. You can specify up
to 8 MPLS EXP values.
Note

Router(config-cmap)# match mpls experimental


imposition value

This command is available only on the PRE1.

Specifies that the experimental (EXP) bit value on the imposed


label entry of the packet must match the MPLS EXP value that you
specify.
value specifies the value to which you want to set the MPLS EXP
bits. Valid values are from 0 to 7. You can specify up to 8 MPLS
EXP values.
Note

Router(config-cmap)# match mpls experimental


topmost value

The match mpls experimental imposition command is


available only on the PRE2.

Matches the experimental (EXP) value in the topmost label.


value specifies the value to which you want to set the MPLS EXP
bits in the topmost label header. Valid values are from 0 to 7.
Note

Router(config-cmap)# match qos-group number

The match mpls experimental topmost command is


available only on the PRE2.

Specifies that the packet QoS group number value must match the
specified QoS group number.
number is a group number from 0 to 99.

Cisco 10000 Series Router Quality of Service Configuration Guide

2-8

OL-7433-09

Chapter 2

Classifying Traffic
Traffic Classification Using Class Maps

match Commands History


Cisco IOS Release

Command

Description

Release 12.0(17)SL

match

The match command was introduced on


the PRE1.

match access-group

This command was enhanced to include


matching on access lists.

match-all

This command was enhanced to include


matching on all of the match criteria.

match-any

This command was enhanced to include


matching on one match criterion.

match input-interface

This command was enhanced to include


matching on the input interface.

match ip dscp

This command was enhanced to include


matching on the IP DSCP value.

match ip precedence

This command was enhanced to include


matching on the IP precedence value.

match ip rtp

This command was enhanced to include


matching on the IP Real-Time Transport
Protocol (RTP).

match qos-group

This command was enhanced to include


matching on a QoS group.

Release 12.0(17)SL

match not

This command was enhanced to include


matching on criteria that the packet does
not match.

Release 12.0(22)S

match mpls experimental

This command was enhanced to include


matching on the MPLS experimental
(EXP) bit value.

Release 12.2(15)BX

match cos

This command was introduced on the


PRE2 and enhanced to include matching
on the class of service for inbound policies
only.

Release 12.2(16)BX

match mpls experimental


topmost

This command was enhanced to include


matching on the experimental (EXP) bit
value on the topmost label entry of the
packet.

Release 12.3(7)XI

match discard-class

This command was enhanced to include


matching on the discard-class value.

match mpls experimental


imposition

This command was enhanced to include


matching on the experimental (EXP) bit
value on the imposed label entry of the
packet.

match

This command was integrated in


Cisco IOS Release 12.2(28)SB.

Release 12.2(28)SB

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

2-9

Chapter 2

Classifying Traffic

Traffic Classification Using Class Maps

Cisco IOS Release

Command

Description

Release 12.2(31)SB2

match cos

This command was introduced on the


PRE3 to include matching on the class of
service for inbound policies only.

match ip dscp

This command was introduced on the


PRE3 to include matching on the IP DSCP
value on the L2TP access concentrator
(LAC).

match vlan

This command was introduced on the


PRE3 to include matching on the VLAN
ID for VLAN-group traffic classes.

match fr-de

This command was introduced on the


PRE2, PRE3, and PRE4 to include
matching on the Frame Relay discard
eligibility (DE) bit.

Release 12.2(33)SB

Usage Guidelines for match Commands


match ip dscp

You must use the ip keyword to match DSCP values for IPv4 packets. The router supports only
DSCP matching of IPv4 packets.

match ip precedence

You must use the ip keyword to match precedence values for IPv4 packets. The router supports only
precedence matching of IPv4 packets.

match ip rtp

Use this command to match IP RTP packets destined to all even-numbered user datagram port (UDP)
port numbers in the range you specify.

Matching on the RTP port range is particularly effective for applications that use RTP, such as voice
or video.

match mpls-experimental-topmost

Use this command to include matching on the EXP bit value on the topmost label entry of the packet.

You can enter this command on input and output interfaces.

This command matches only on MPLS packets.

match not

Use this command to specify a QoS policy value that is not used as a match criterion. When you use
the match not command, all other values of that QoS policy become successful match criteria.
For example, if you enter the match not qos-group 4 command in class-map configuration mode,
the specified class accepts all QoS group values except 4 as successful match criteria.

Cisco 10000 Series Router Quality of Service Configuration Guide

2-10

OL-7433-09

Chapter 2

Classifying Traffic
Restrictions and Limitations for Traffic Classification

match qos-group

Use this command to identify a specific QoS group number marking on a packet. You can also use
this command to convey the received MPLS experimental (EXP) field value to the output interface.

The router only uses the QoS group number as an identifying mark. The QoS group numbers have
no mathematical significance. For example, qos-group 2 is not greater than 1. The value simply
indicates that a packet marked with qos-group 2 is different than a packet marked with qos-group 1.
You define the treatment of these packets by defining QoS policies in a policy map.

The QoS group number is local to the router. The QoS group number that is marked on a packet does
not leave the router when the packet leaves the router. To mark the packet with a value that resides
in the packet, use an IP precedence setting, an IP DSCP setting, or another method of packet
marking.

match vlan

Do not use this command with any other match command in a class map.

Class-Default Class
The class named class-default is a predefined traffic class that the router uses to classify traffic that does
match one of the defined classes in a policy map. Although class-default is predefined, you can configure
policy actions for it in the policy map. If you do not configure policy actions, by default the router
classifies class-default traffic as first in, first out (FIFO) and gives the traffic best-effort treatment.
For more information on policy actions, see Chapter 3, Configuring QoS Policy Actions and Rules.

Restrictions and Limitations for Traffic Classification

Each class map can have a maximum of 16 match statements.

The Cisco 10000 series router does not have a predefined scaling limit for classification.

A policy map with a traffic class based on the match fr-de command can be applied only on an
inbound Frame Relay interface.

Classifying Traffic Using a Class Map


To classify traffic using a class map, perform the following tasks:

Creating a Class Map, page 2-12 (required)

Verifying Traffic Classification, page 2-13 (optional)

Defining QoS Policy Actions, page 2-13 (required)


(See Chapter 3, Configuring QoS Policy Actions and Rules.)

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

2-11

Chapter 2

Classifying Traffic

Classifying Traffic Using a Class Map

Creating a Class Map


To create a class map and specify the way in which the router should classify traffic, enter the following
commands beginning in global configuration mode:

Step 1

Command

Purpose

Router(config)# class-map class-map-name

Creates a class map and enters class-map configuration mode.


class-map-name is the name of the class map. The name can be a
maximum of 40 alphanumeric characters.

Step 2

Router(config-class-map)# match
match_statement

Defines the classification criteria for the class map.


match_statement defines the matching criteria and can be one of
the optional match commands listed in the Defining Match
Criteria Using the match Commands section on page 2-5.

Configuration Examples for Classifying Traffic


Example 2-1 creates three class maps named voice, data, and application. The voice class map matches
traffic using the even UDP port number, which must be within the specified range. In this example, the
lowest port number can be 16384 and the highest port number can be 16383. The data class map matches
traffic using IP precedence 1 and the application class map matches using IP precedence 2.
Example 2-1

Creating a Class Map

Router(config)# class-map voice


Router(config-cmap)# match ip rtp 16384 16383
Router(config-cmap)# exit
Router(config)# class-map data
Router(config-cmap)# match ip precedence 1
Router(config-cmap)# exit
Router(config)# class-map application
Router(config-cmap)# match ip precedence 2

Example 2-2 creates a class map named class1 that tells the router to look for packets that belong to
access list 1 or that have an IP precedence value of 3 or 7.
Example 2-2

Defining Match Criteria

Router(config)# class-map class1


Router(config-cmap)# match access-group 1
Router(config-cmap)# match ip precedence 3 7

Cisco 10000 Series Router Quality of Service Configuration Guide

2-12

OL-7433-09

Chapter 2

Classifying Traffic
Classifying Traffic Using a Class Map

Verifying Traffic Classification


To verify traffic classification criteria, enter the following command in privileged EXEC configuration
mode:
Command

Purpose

Router# show class-map class-map-name

Displays configuration information about the class map you


specify, including the match criterion.
If you do not specify a class-map-name, the router displays
configuration information for all of the class maps configured on
the router.

Verification Example
Example 2-3 shows configuration information about the class map named class1.
Example 2-3

show class-map Command

Router# show class-map class1


Class Map match-all class1 (id 3)
Match access-group 1
Match ip precedence 3 7

Defining QoS Policy Actions


After you create a class map and configure the match criteria by which the Cisco 10000 series router
classifies traffic, you then need to tell the router how you want it to handle the matching packets. To do
this, you define QoS policy actions in a policy map.
For more information, see Chapter 3, Configuring QoS Policy Actions and Rules.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

2-13

Chapter 2

Classifying Traffic

Related Documentation

Related Documentation
This section provides hyperlinks to additional Cisco documentation for the features discussed in this
document. To display the documentation, click the document title or a section of the document
highlighted in blue. When appropriate, paths to applicable sections are listed below the documentation
title.
Feature

Related Documentation

Classification

Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2


Part 1: Classification
QoS Packet Marking tech note
QoS: Classification of Locally Sourced Packets, Release 12.0S tech note
Packet Classification Using the Frame Relay DLCI Number, Release 12.0S tech
note
QoS Packet Marking, Implementing Quality of Service tech note
QoS in the Enterprise, Deploying QoS in the Enterprise, Considerations for
Multiservice Networks

Class maps

Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2


Part 8: Modular Quality of Service Command-Line Interface > Configuring
the Modular Quality of Service Command-Line Interface > Modular QoS CLI
Configuration Task List > Creating a Traffic Class
Cisco IOS Quality of Service Solutions Command Reference, Release 12.2
access-list rate-limit -- fair-queue (WFQ) > class-map command

match commands

Cisco IOS Quality of Service Solutions Command Reference, Release 12.3


match Commands

Modular Quality of Service


Command-Line Interface (MQC)

Implementing Quality of Service (QoS) white paper


Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2
Modular Quality of Service Command-Line Interface Overview
Configuring the Modular Quality of Service Command-Line Interface

Cisco 10000 Series Router Quality of Service Configuration Guide

2-14

OL-7433-09

CH A P T E R

Configuring QoS Policy Actions and Rules


The second step in creating a QoS service policy is to define how you want the router to handle the
packets that match the classification rules you defined in Chapter 2, Classifying Traffic. The
Cisco 10000 series router supports a modular CLI element called a policy map to enable you to configure
a QoS policy with the appropriate actions and rules.
This chapter describes how to create QoS policies that the Cisco 10000 series router applies to specific
traffic classes. It includes the following topics:

QoS Policies, page 3-1

Types of QoS Actions, page 3-4

Policing Actions, page 3-11

QoS Inheritance, page 3-12

Traffic Subject to QoS Policies, page 3-17

ATM Virtual Circuits Without QoS Policies, page 3-17

QoS Performance, page 3-18

Configuring QoS Policies, page 3-18

Verifying QoS Policy Configurations, page 3-20

Related Documentation, page 3-23

QoS Policies
After the Cisco 10000 series router classifies traffic based on the classification rules applied on an
inbound or outbound interface, the router needs to know how to handle the traffic that meets the
matching criteria. A modular quality of service command-line interface (MQC) element called a policy
map enables you to create QoS policies that tell the router the QoS actions and rules to apply to packets
belonging to a particular traffic class.
The following sections describe policy maps and QoS actions:

Feature History for QoS Policies, page 3-2

Defining QoS Actions Using a Policy Map, page 3-2

System Limits for Policy Maps, page 3-2

8K Policy Maps, page 3-3

policy-map Command, page 3-3

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

3-1

Chapter 3

Configuring QoS Policy Actions and Rules

QoS Policies

Feature History for QoS Policies


Cisco IOS Release

Description

Required PRE

Release 12.0(17)SL

The policy map feature was introduced on the router.

PRE1

Release 12.2(15)BX

This feature was introduced on the PRE2.

PRE2

Release 12.2(28)SB

This feature was integrated in Cisco IOS Release 12.2(28)SB PRE2


for the PRE2.

Release 12.2(31)SB

This feature was introduced on the PRE3.

PRE2, PRE3

Release 12.2(33)SB

This feature was enhanced to support 8192 policy maps per


system and implemented on the PRE3 and PRE4.

PRE3, PRE4

Defining QoS Actions Using a Policy Map


A policy map associates a traffic class with one or more QoS actions. When configuring a policy map,
you specify the name of a class map and configure the actions you want the router to take on the matching
traffic. Before you can create class policies in a policy map, the class must have classification criteria
configured in a class map. The router supports QoS actions such as marking, policing, and bandwidth
distribution.
A single policy map can be attached to multiple interfaces concurrently. If you attempt to attach a policy
map to an interface when the sum of the bandwidth assigned to classes is greater than 99 percent of the
available bandwidth, the router logs a warning message and does not allocate the requested bandwidth
to all of the classes. If the policy map is already attached to other interfaces, it is removed from them.
Whenever you modify a class policy in an attached policy map, class-based weighted fair queuing
(CBWFQ) is notified and the new classes are installed as part of the policy map in the CBWFQ system.

System Limits for Policy Maps


Table 3-1 lists the system limits for policy maps supported on the Cisco 10000 series router.
Table 3-1

System Limits for Policy Maps

Cisco IOS Release

Processor

Policy Maps per System1


(up to this amount)

All Releases prior to


Release 12.0(17)SL

PRE1

256

16

Release 12.0(17)SL
and later releases

PRE1

256

256

Release 12.0(25)SX
and later releases

PRE1

4096

32

Release 12.2(15)BX
and later releases

PRE2

256

64

Release 12.3(7)XI
and later releases

PRE2

4096

127

No. Classes per


Policy Map2

Cisco 10000 Series Router Quality of Service Configuration Guide

3-2

OL-7433-09

Chapter 3

Configuring QoS Policy Actions and Rules


QoS Policies

Table 3-1

System Limits for Policy Maps

Cisco IOS Release

Processor

Policy Maps per System1


(up to this amount)

Release 12.2(27)SBB

PRE2

4096

64

Release 12.2(31)SB2
and later releases

PRE3

4096

64

8192

64

4096

64

Release 12.2(33)SB and PRE3, PRE4


later releases
PRE2

No. Classes per


Policy Map2

1. Depending on the complexity of your configuration


2. Including the class-default class

8K Policy Maps
The 8K Policy Maps feature enables the router to support a maximum of 8192 unique policy maps for
the PRE3 and PRE4, doubling the number supported in previous releases. The router supports up to 4096
policy maps for the PRE2. To configure 8192 policy maps, the router must be running Cisco IOS
Release 12.2(33)SB. The router supports a maximum of 64 classes per policy map.

Note

The numbers above include both configured and attached policies. Each policy-map command counts
as one policy map, which counts against the system limit.
In releases through Cisco IOS Release 12.2(31)SB, the router supports a maximum of 4096 unique
policy maps for the PRE2 and PRE3.
For every additional policy map you create, approximately 2385 + (number of classes x 188) bytes of
memory are used. For example, 8192 policy maps with 64 classes in each uses approximately 118 MB
of memory. This is subtracted from memory that is available for such things as PPP sessions.
If you attempt to create 8193 policy maps, the following error message displays:
No more than 8192 policy maps can be defined.

The number of policy map instances supported on the router depends on the number of interfaces
(VCCIs) configured. The maximum number of interfaces allowed is 61,500. Therefore, the theoretical
maximum number of policy instances equals 2 x 61,500.
The router supports 512,000 policer instances and 4095 class maps.

policy-map Command
To create or modify a policy map, use the policy-map command in global configuration mode. Use the
no form of the command to remove a policy map. This command has no default behavior or values.
policy-map policy-map-name
no policy-map policy-map-name

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

3-3

Chapter 3

Configuring QoS Policy Actions and Rules

Types of QoS Actions

Syntax Description
policy-map-name

Is the name of the policy map. The name can be a maximum of 40


alphanumeric characters.

Usage Guidelines for the policy-map Command


You can configure class policies in a policy map only if the classes have match criteria defined for them
in a class map using the class-map and match commands.
You can attach a single policy map to multiple interfaces concurrently. After attaching the policy to
multiple interfaces, if you modify the policy such that it is no longer usable to the interfaces (for
example, the available bandwidth on the interface cannot accommodate the total bandwidth requested by
the class policies), the router removes the multiple attachments from the interfaces.

Types of QoS Actions


The following sections describe the QoS actions supported on the Cisco 10000 series router. These are
the actions that you configure in a policy map for specific traffic classes.

Input and Output Policy Actions, page 3-4

Policy Map ActionsReleases Prior to Cisco IOS Release 12.0(17)SL, page 3-7

Policy Map ActionsCisco IOS Release 12.0(17)SL and Later Releases, page 3-10

Policy Map ActionsCisco IOS Release 12.0(20)ST and Later Releases, page 3-10

Policy Map ActionsCisco IOS Release 12.0(22)S and Later Releases, page 3-11

Input and Output Policy Actions


The Cisco 10000 series router does not impose any restrictions on the classification definitions you
include in a class map. However, it does limit the input and output policy actions that you can define in
a policy map. These limitations are based on the type of interface on which you apply the service policy.
As indicated in Table 3-2 and Table 3-3, the interface types are:

Normal interface, including variable bit rate (VBR) virtual circuits (VCs) on ports configured in pxf
queuing mode

Tag interface (MPLS VPN)

Virtual access interface (VAI)

ATM unspecified bit rate (UBR) VCs and VCs configured on ports in no atm pxf queuing mode

Cisco 10000 Series Router Quality of Service Configuration Guide

3-4

OL-7433-09

Chapter 3

Configuring QoS Policy Actions and Rules


Types of QoS Actions

Table 3-2 lists the input policy actions that you can define in a policy map for specific interface types.
Table 3-2

Note

Input Policy Map Actions

Interface Type

Policy Map
Actions

Normal

Tag (MPLS VPN)

Virtual Access

ATM UBR VCs

bandwidth

Not Applicable

Not Applicable

Not Applicable

Not Applicable

queue-limit

Not Applicable

Not Applicable

Not Applicable

Not Applicable

priority

Not Applicable

Not Applicable

Not Applicable

Not Applicable

shape

Not Available

Not Available

Not Available

Not Available

random-detect

Not Applicable

Not Applicable

Not Applicable

Not Applicable

set ip prec/dscp

Valid

Not Applicable

Valid

Valid

set qos-group

Valid

Valid

Valid

Valid

set atm-clp

Not Applicable

Not Applicable

Not Applicable

Not Applicable

set cos

Not Applicable

Not Applicable

Not Applicable

Not Applicable

police

Valid

Valid

Valid

Valid

set mpls
experimental

Not Available

Not Available

Not Available

Not Available

In Table 3-2 and Table 3-3, Not Applicable indicates that you cannot perform the action on a Cisco
product or that it has no meaning in the context indicated. Not Available means the action is not
supported. When configuring an input policy map for a virtual access interface (VAI), be careful that you
do not include the Not Applicable or Not Available policy actions indicated. If you do, an error
message appears.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

3-5

Chapter 3

Configuring QoS Policy Actions and Rules

Types of QoS Actions

Table 3-3 lists the output policy actions that you can define in a policy map for specific interface types.
Table 3-3

Output Policy Map Actions

Interface Type

Policy Map
Actions

Normal

Tag (MPLS VPN)

Virtual Access

ATM UBR VCs

bandwidth

Valid

Valid

Valid

Not Applicable

(Applied to the
VC, not the VAI)
queue-limit

Valid

Valid

Not Available

Not Available

priority

Valid

Valid

Valid

Not Applicable

(Applied to the
VC, not the VAI)
shape

Valid

Valid

Valid

Not Applicable

(Applied to the
VC, not the VAI)
random-detect

Valid

Valid

Not Available

Not Available

set ip prec/dscp

Valid

Not Applicable

Valid

Valid

set qos-group

Not Applicable

Not Applicable

Not Applicable

Not Applicable

set atm-clp

Valid

Not Available

Not Available

Not Available

set cos

Valid

police
set mpls
experimental

Not Available

Valid

Not Applicable

Valid

Valid

Valid

Valid

Not Applicable

Not Available

Not Applicable

Not Applicable

1. The interface must be an Ethernet interface that is configured for 802.1Q VLAN.
2. The virtual access interface must be using an 802.1Q VLAN interface.

Cisco 10000 Series Router Quality of Service Configuration Guide

3-6

OL-7433-09

Chapter 3

Configuring QoS Policy Actions and Rules


Types of QoS Actions

Policy Map ActionsReleases Prior to Cisco IOS Release 12.0(17)SL


Table 3-4 lists the QoS action commands supported in all releases prior to Cisco IOS
Release 12.0(17)SL. These actions are also available in later releases.
Table 3-4

Policy Map ActionsReleases Prior to Cisco IOS Release 12.0(17)SL

Action

Description

police bps [burst-normal | burst-excess]


Configures traffic policing in policy-map class
[conform-action action | exceed-action action] configuration mode.
bps is the average rate in bits per second. Valid
values are from 8,000 to 200,000,000.
(Optional) burst-normal is the normal burst size in
bytes. Valid values are from 1,000 to 51,200,000.
(Optional) burst-excess is the excess burst size in
bytes. Valid values are from 1,000 to 51,200,000.
conform-action action specifies the action to take
on packets that conform to the rate limit. The default
action is transmit.
exceed-action action specifies the action to take on
packets that exceed the rate limit. The default action
is drop.
Note

You can specify only one action each for


conform or exceed. Do not specify multiple
actions.

See Table 3-9 on page 3-12 for a list of available


policing actions.
queue-limit number-of-packets

Specifies or modifies the maximum number of


packets that the queue can hold for this class.
For PRE1, number-of-packets is a number from 32
to 16,384; the number must be a power of 2. If the
number you specify is not a power of 2, the router
uses the nearest power of 2 to your number.
For Cisco IOS Release 12.2(15)BX and
Release 12.2(16)BX, number-of-packets is a
number from 32 to 16,384. The number does not
need to be a power of 2.
For Cisco IOS Release 12.3(7)XI and later releases,
if the interface speed is less than 500 MB,
number-of-packets is a number from 8 to 4096; the
number must be a power of 2. If the interface speed
is greater than 500 MB, number-of-packets is a
number from 128 to 64,000; the number must be a
power of 2.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

3-7

Chapter 3

Configuring QoS Policy Actions and Rules

Types of QoS Actions

Table 3-4

Policy Map ActionsReleases Prior to Cisco IOS Release 12.0(17)SL (continued)

Action

Description

random-detect dscp dscpvalue min-threshold


max-threshold drop-rate

Changes the minimum and maximum packet


thresholds for the differentiated services code point
(DSCP) value.
dscpvalue specifies the DSCP value, which is a
number from 0 to 63, or one of the following
keywords: EF, AFxy, or CS1 through CS7. For more
information, see the DSCP Per-Hop Behavior
section on page 7-6.
min-threshold is the minimum threshold. Valid
values are from 32 to 16,384 (PRE1) or 1 to 16,384
(PRE2).
max-threshold is the maximum threshold. Valid
values are from 32 to 16,384 (PRE1) or 1 to 16,384
(PRE2).
drop-rate is the drop probability and is a number
from 1 to 65,535. For example, if you set this value
to 256, 1 out of 256 packets is dropped when the
average queue is at the maximum threshold.
Note

random-detect exponential-weight-constant
value

Default values for random-detect vary from


release to release. Use the show policy
interface command to view default values.

Allows you to modify the default method that


random-detect uses to calculate average queue size.
Random-detect determines the average queue size
based on the current queue length and the last
average queue length.
value is a number from 1 to 16. The default value is
typically 9.

The higher the value, the more dependent the


average is on the historical average, making
weighted random early detection (WRED) slow
to react to changing traffic conditions that may
be only temporary.

The lower the value, the less dependent the


average is on the historical average, making
WRED more sensitive to rapidly changing
traffic conditions.

Note

In most cases, the benefits of WRED can be


best realized if you enter the random-detect
command without arguments.

Cisco 10000 Series Router Quality of Service Configuration Guide

3-8

OL-7433-09

Chapter 3

Configuring QoS Policy Actions and Rules


Types of QoS Actions

Table 3-4

Policy Map ActionsReleases Prior to Cisco IOS Release 12.0(17)SL (continued)

Action

Description

random-detect precedence precedence


min-threshold max-threshold drop-rate

Changes the minimum and maximum packet


thresholds for the precedence level you specify.
precedence is a number from 0 to 7, where 0
typically represents low priority traffic that can be
aggressively managed (dropped) and 7 represents
high priority traffic. For more information, see the
set ip precedence command in this table.
min-threshold is the minimum threshold. Valid
values are from 32 to 16,384 (PRE1) or 1 to 16,384
(PRE2).
max-threshold is the maximum threshold. Valid
values are from 32 to 16,384 (PRE1) or 1 to 16,384
(PRE2).
drop-rate is the drop probability and is a number
from 1 to 65,535. For example, if you set this value
to 256, 1 out of 256 packets is dropped when the
average queue is at the maximum threshold.
Note

set atm-clp

Default values for random-detect vary from


release to release. Use the show policy
interface command to view default values.

Sets the cell loss priority (CLP) bit setting.


Configure this command as an output action only.

set ip dscp dscp-value

Marks a packet by setting the IP differentiated


services code point (DSCP) in the type of
service (TOS) byte.
dscp-value is a number from 0 to 63.

set ip precedence {number | name}

Sets the precedence value in the IP header.


number and the corresponding name are listed below
from least important to most important (for
example, 0routine is the least important and
7network is the most important).
0routine, 1priority, 2immediate,
3flash, 4flash-override, 5critical
6internet, 7network

set qos-group group-id

Sets a group ID that can be used later to classify


packets. Configure this command as an input action
only.
group-id is a number from 0 to 99.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

3-9

Chapter 3

Configuring QoS Policy Actions and Rules

Types of QoS Actions

Policy Map ActionsCisco IOS Release 12.0(17)SL and Later Releases


Cisco IOS Release 12.0(17)SL adds support for the QoS action commands listed in Table 3-5. These
commands are also available in later releases.
Table 3-5

Policy Map ActionsCisco IOS Release 12.0(17)SL and Later Releases

Action

Description

bandwidth {bandwidth-kbps | percent percent}

Specifies or modifies the bandwidth allocated for


a traffic class in a policy map.
bandwidth-kbps is the guaranteed minimum
bandwidth (in kilobits per second) that you want
to allocate. Valid values are from 8 to 2,488,320.
percent percent is the percentage of the available
bandwidth that you want to allocate. Valid values
are from 1 to 99.

priority {bandwidth-kbps | percent percent}1

Assigns a priority to a traffic class in a policy


map. The priority class receives preference over
other class queues.
bandwidth-kbps is the guaranteed minimum
bandwidth (in kilobits per second) that you want
to allocate for the priority queue. Valid values are
from 8 to 2,000,000.
percent percent is the percentage of the available
bandwidth that you want to allocate for the
priority queue. Valid values are 1 to 99.

shape rate

Shapes traffic to the specified bit rate.


rate is a number from 8 to 2,488,320.

1. In Cisco IOS Release 12.0(23)SX1, Release 12.0(25)S, and Release 12.3(7)XI, and later releases, the syntax of the priority
command changed to priority (without any arguments). For these later releases, use the priority command with the police
command so that the priority class does not starve other traffic on a link. For more information, see the Avoiding Bandwidth
Starvation Due to Priority Services section on page 6-25 and the Bandwidth Starvation section on page 8-3.

Policy Map ActionsCisco IOS Release 12.0(20)ST and Later Releases


Cisco IOS Release 12.0(20)ST adds support for the QoS action command listed in Table 3-6. This
command is also available in later releases.
Table 3-6

Policy Map ActionsCisco IOS Release 12.0(20)ST and Later Releases

Action

Description

bandwidth remaining percent percent

Specifies or modifies the bandwidth allocated for a


traffic class in a policy map.
percent percent is the percentage of the remaining
bandwidth that you want to allocate. Valid values
are 1 to 99.

Cisco 10000 Series Router Quality of Service Configuration Guide

3-10

OL-7433-09

Chapter 3

Configuring QoS Policy Actions and Rules


Policing Actions

Policy Map ActionsCisco IOS Release 12.0(22)S and Later Releases


Cisco IOS Release 12.0(22)S adds support for the QoS action command listed in Table 3-7. This
command is also available in later releases.
Table 3-7

Policy Map ActionsCisco IOS Release 12.0(22)S and Later Releases

Action

Description

set mpls experimental value

Copies the setting of the IP precedence or DSCP


bits to the MPLS experimental bits of a packet.
value is a number from 0 to 7. Multiple values must
be space-delimited (for example, 3 4 7).

Policy Map ActionsCisco IOS Release 12.2(31)SB2 and Later Releases


Cisco IOS Release 12.2(31)SB2 adds support for the QoS action command listed in Table 3-8. This
command is also available in later 12.2 SB releases for the PRE3 and PRE4.
Table 3-8

Policy Map ActionsCisco IOS Release 12.2(31)SB2 and Later Releases

Action

Description

priority level level

Assigns priority to a traffic class at the priority


level specified.
level is the level of priority assigned to the priority
class. Valid values are:

1high priority

2low priority

The default value for priority is 1.


Note

In the same policy map, do not specify the


same priority level for two different
classes.

Policing Actions
The police command allows you to specify what you want the router to do when traffic meets, exceeds,
or violates the policing parameters you specified. Table 3-9 describes the policing actions the router
supports and the minimum Cisco IOS release required.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

3-11

Chapter 3

Configuring QoS Policy Actions and Rules

QoS Inheritance

Table 3-9

Policing Actions

Action

Description

Introduced in Cisco IOS Release

drop

Drops the packet.

Release 12.0(9)SL

This is the default action for traffic that exceeds the


committed rate.
set-clp-transmit value

Sets the ATM cell loss priority (CLP) bit on the


ATM cell. Valid values are from 0 to 1.

Release 12.3(7)XI

set-discard-class-transmit

Sets the discard class attribute of a packet and


transmits the packet with the new discard class
setting.

Release 12.3(7)XI

set-dscp-transmit value

Sets the IP differentiated services code point


Release 12.0(9)SL
(DSCP) value and transmits the packet with the new
IP DSCP value setting. Valid values are from 0 to
63.

set-mpls-exp-transmit value

Sets the Multiprotocol Label Switching (MPLS)


experimental (EXP) bits and transmits the packet
with the new MPLS EXP bit value setting. Valid
values are from 0 to 7.

set-mpls-exp-imposition-transmit
value

Modifies the set-mpls-exp-transmit command to Release 12.3(7)XI


set the MPLS experimental (EXP) bits in the
imposed label headers and transmit the packet with
the new MPLS EXP bit value setting. Valid values
are from 0 to 7.

set-prec-transmit value

Sets the IP precedence and transmits the packet


with the new IP precedence value setting. Valid
values are from 0 to 7.

set-qos-transmit value

Sets the qos-group value and transmits the packet Release 12.0(9)SL
with the new qos-group value setting. Valid values
are from 0 to 99.

transmit

Transmits the packet. The packet is not altered.

Release 12.0(22)S

Release 12.0(9)SL

Release 12.0(9)SL

QoS Inheritance
The Cisco 10000 series router applies service policies using the following QoS inheritance rules:

ATM portA service policy configured on an ATM port applies to all unspecified bit rate (UBR)
PVCs configured on the port without a service policy. Only unshaped UBR PVCs inherit the service
policy of the port. Variable bit rate (VBR), constant bit rate (CBR), and shaped UBR PVCs
configured on the port do not inherit the service policy of the port.
For more information about the ATM service classes, see the ATM Service Categories section on
page 3-13.

Cisco 10000 Series Router Quality of Service Configuration Guide

3-12

OL-7433-09

Chapter 3

Configuring QoS Policy Actions and Rules


QoS Inheritance

Label-controlled ATM (LC-ATM) subinterfaceA service policy configured on an LC-ATM


subinterface applies to the traffic of all constituent labeled VCs (LVCs).

Frame Relay physical interfaceA service policy configured on a Frame Relay physical interface
applies to the traffic of all PVCs configured on the port without a service policy.

Ethernet portA service policy configured on an Ethernet port applies to the traffic of all VLANs
configured on the port without a service policy.

SessionIf a service policy is not configured, the session inherits the service policy applied to the
virtual circuit (VC) or the inherited policy of the VC. If a session inherits a policy, the show policy
interface virtual access command does not display the state of the inherited policy. You can display
the state of the policy only on the interface where you configured the policy.

ATM Service Categories


The Cisco 10000 series router supports the following ATM service classes:

Constant Bit Rate, page 3-13

Unspecified Bit Rate, page 3-14

Variable Bit Rate, page 3-15

When operating in no atm pxf queuing mode, the router supports unshaped UBR PVCs, which do not
specify a peak cell rate (PCR). The router can support a high number of VCs when you configure the no
atm pxf queuing command on each port of the router. Point-to-Point Protocol over ATM (PPPoA)
supports one session per VC and requires that you enable no atm pxf queuing to support 32,000 PPPoA
sessions. Layer 2 Tunnel Protocol (L2TP) does not require that you enable no atm pxf queuing and
Point-to-Point Protocol over Ethernet (PPPoE) sessions do not require that you enable this queuing mode
because you can have 32,000 sessions on a single VC.
When operating in atm pxf queuing mode, the router supports the following ATM service classes:

UBR (Unshaped)No peak cell rate (PCR) specified

Shaped UBRPCR specified

VBR-nrtNon-real-time VBR

CBRConstant bit rate with PCR specified

If you specify a PCR value for UBR+, the router accepts the value, but does not use it, and it does not
notify you when this occurs.
For information about how the ATM service classes inherit QoS service policies, see the QoS
Inheritance section on page 3-12.

Constant Bit Rate


The constant bit rate (CBR) service class is a fixed bandwidth class, designed for ATM virtual circuits
(VCs) requiring a specific amount of bandwidth to be continuously available throughout the duration of
an active connection. CBR traffic is more time-dependent, less tolerant of delay, and generally more
deterministic in bandwidth requirements. Voice, circuit emulation, and high-resolution video are typical
examples of traffic utilizing this type of connection.
You define the required bandwidth in kbps by specifying a PCR. For example, the cbr 64 command
creates a CBR PVC with a PCR of 64 kbps.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

3-13

Chapter 3

Configuring QoS Policy Actions and Rules

QoS Inheritance

An ATM VC configured as CBR can transmit cells at peak cell rate (PCR) at any time and for any
duration. It can also transmit cells at a rate less than the PCR or even emit no cells. CBR is characterized
by PCR.

Unspecified Bit Rate


The unspecified bit rate (UBR) service class is intended for non-real-time applications that do not
require any maximum boundary on the transfer delay or on the cell loss ratio. The router delivers UBR
traffic only when there is spare bandwidth in the network. This behavior is enforced by setting the cell
loss priority (CLP) bit on UBR traffic when it enters a port.
The router delivers UBR traffic out to the network only when no other traffic is waiting to be served first.
The UBR traffic does not affect the trunk loading calculations performed by the switch software.
UBR is the default class of service running at the maximum line rate of the physical interface.
The router supports both unshaped (no PCR specified) and shaped UBRs.

Shaped UBR
Traffic shaping allows you to control the traffic going out an interface in order to match its flow to the
speed of the remote target interface and to ensure that the traffic conforms to policies contracted for it.
Traffic that adheres to a particular profile can be shaped to meet downstream requirements, thereby
eliminating bottlenecks in topologies with data-rate mismatches.
The Cisco 10000 series router supports traffic shaping for unspecified bit rate (UBR) traffic. Traffic
shaping is performed on a per-port basis and involves passing UBR traffic streams through VC queues
for scheduled rate shaping. When traffic shaping is enabled, all traffic exiting the port out to the network
is subject to VC scheduling based on the parameters you configure for the connection.

Cisco 10000 Series Router Quality of Service Configuration Guide

3-14

OL-7433-09

Chapter 3

Configuring QoS Policy Actions and Rules


QoS Inheritance

Configuring UBRs
To configure a UBR, enter the following commands in ATM VC configuration mode:
Command

Purpose

Step 1

Router(config)# interface type


slot/module/port.subinterface

Specifies an interface or subinterface and enters interface


configuration mode.

Step 2

Router(config-if)# atm pxf queuing

Specifies one of two ATM PXF queuing modes for an


interface or ATM port.

or

Note
Router(config-if)# no atm pxf queuing

Step 3

Router(config-subif)# pvc vci/vpi

Do not change this queuing mode while VCs are


configured on the interface. If you need to change the
mode, delete the VCs first and then change the mode.
Changing the mode while VCs are configured can
produce undesired results, and the change does not
take effect until the router reloads.

Configures a PVC on the subinterface and enters ATM VC


configuration mode.
vci is the virtual channel identifier.
vpi is the virtual path identifier.

Step 4

Router(config-atm-vc)# ubr output-pcr

Creates a UBR.
output-pcr is the output peak cell rate. The router configures
a shaped UBR when you specify the output PCR. Otherwise,
the router configures unshaped UBR.

Variable Bit Rate


Variable bit rate (VBR) connections are classified as one of the following:

Real time (VBR-rt)Used for connections that transmit at a rate varying with time and that can be
described as bursty, often requiring large amounts of bandwidth when active. The VBR-rt class is
intended for applications that require tightly constrained delay and delay variation such as
compressed voice video conferencingfor example, video conferencing requires real-time data
transfer with bandwidth requirements that can vary in proportion to the dynamics of the video image
at any given time. The VBR-rt category is characterized in terms of peak cell rate (PCR), sustained
cell rate (SCR), and maximum burst size (MBS).

Nonreal time (VBR-nrt)Used for connections that are bursty but are not constrained by delay and
delay variation boundaries. For those cells in compliance with the traffic contract, a low cell loss is
expected. Non-time critical data file transfers are an example of a VBR-nrt connection. A VBR-nrt
connection is characterized by PCR, SCR, and MBS.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

3-15

Chapter 3

Configuring QoS Policy Actions and Rules

QoS Inheritance

Configuring VBRs
To configure VBR-nrt, enter the following commands in ATM VC configuration mode:
Command

Purpose

Step 1

Router(config)# interface type


slot/module/port.subinterface

Specifies an interface or subinterface and enters interface


configuration mode.

Step 2

Router(config-if)# atm pxf queuing

Specifies one of two ATM PXF queuing modes for an


interface or ATM port.

or

Note
Router(config-if)# no atm pxf queuing

Step 3

Router(config-subif)# pvc vci/vpi

Do not change this queuing mode while VCs are


configured on the interface. If you need to change the
mode, remove the VCs first and then change the
mode. Changing the mode while VCs are configured
can produce undesired results, and the change does
not take effect until the router reloads.

Configures a PVC on the subinterface and enters ATM VC


configuration mode.
vci is the virtual channel identifier.
vpi is the virtual path identifier.

Step 4

Router(config-atm-vc)# vbr-nrt output-pcr


output-scr output-mbs

Creates a VBR-nrt.
output-pcr is the output peak cell rate (PCR).
output-scr is the output sustained cell rate (SCR).
output-mbs is the output maximum burst cell size (MBS).
Note

If the PCR and SCR values are equal, the MBS value
is 1.

Cisco 10000 Series Router Quality of Service Configuration Guide

3-16

OL-7433-09

Chapter 3

Configuring QoS Policy Actions and Rules


Traffic Subject to QoS Policies

Traffic Subject to QoS Policies


Table 3-10 lists the types of traffic on the Cisco 10000 series router that are subject to QoS policies.
Table 3-10

QoS Applicability

Traffic Types

Subject to QoS

In-transit IP packets

Yes

Locally Destined Traffic

Layer 2 signaling packets such as PPP or Frame Relay negotiation packets,


status packets, and keepalive messages

No

Packets with IP precedence 6 or 7, which IP-based routing protocols typically No


use
All other locally destined traffic

Yes

Locally Originated Traffic

Packets marked by Cisco IOS software as PAK_Priority

No

Packets marked as IP precedence 6 or 7

No1

All other locally originated traffic

Yes

1. IP precedence 6 and 7 are not subject to QoS in all releases prior to Cisco IOS Release 12.0(22)S and in Cisco IOS
Release 12.3(7)XI2.

ATM Virtual Circuits Without QoS Policies


For all ATM virtual circuits (VCs) that do not have a class-default class configured with a shape service
policy (the shape command is configured), the Cisco 10000 series router limits the transmission rate of
the VC to the interface bandwidth minus the sum of the shape rates of other VCs on the interface that do
have service policies.
For example, if you have two VCs on a 150-Mbps interface and VC1 has a shaped service policy of
90 Mbps and VC2 does not have a service policy, the router polices VC2 to 60 Mbps (150 minus 90).
You can change this default behavior by using a shaped service policy on either the VC or the interface:

If you apply the shaped service policy to a single VC that is not an unshaped UBR VC, the router
applies the specified bandwidth to only that specific VC.
By default, the router first allocates bandwidth to the VBR VCs and then allocates any bandwidth
leftover to unshaped UBR VCs. To override this default behavior, apply a service policy to the
unshaped UBR VC using an hierarchical shaping policy. For more information, see Chapter 13,
Defining QoS for Multiple Policy Levels.

If you apply the policy to an interface, the router applies the specified bandwidth to all of the VCs
on the interface that do not have their own service policies.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

3-17

Chapter 3

Configuring QoS Policy Actions and Rules

QoS Performance

QoS Performance
The parallel express forwarding (PXF) engine processes QoS traffic. Sometimes the PXF engine cannot
finish processing a packet before the packet completes a single pass through the PXF; the packet requires
additional processing. As a result, the packet is fed back through the PXF and processing continues. This
is referred to as a feedback operation.
Packets that are subject to both inbound and outbound QoS policies require additional PXF processing,
resulting in a feedback. However, packets subject to only one QoS policy (either inbound or outbound)
require only one pass through the PXF; a feedback is not needed.
Extra PXF passes reduce the system forwarding capacity. For example, if x packets per second require y
extra passes, the system forwarding capacity diminishes by xythe system has xy fewer packets per
second forwarding capacity than before. Although the forwarding capacity diminishes, system
performance is not affected. Packet classification processing affects only the forwarding capacity of the
system, not the speed. Packet delay due to additional PXF passes is negligible. Therefore, system
performance degradation occurs only at high system utilization.
The following describes PXF requirements:

All releases prior to Cisco IOS Release 12.0(17)SLFor each packet, the PXF requires one pass per
class-map match statement.

Cisco IOS Release 12.0(17)SLFor each packet, the PXF requires one pass for every four
non-access control list (ACL) class-map match statements. For each packet, the PXF requires one
pass for one ACL class-map match statement.

Cisco IOS Release 12.0(19)SL and later releasesFor each packet, the PXF requires one pass per
policy, regardless of the sum of the match statements in each class of the policy.

Configuring QoS Policies


To create a QoS policy, perform the following required tasks:

Creating a Policy Map, page 3-19

Defining QoS Actions in a Policy Map, page 3-20

Attaching Service Policies, page 3-20 (See Chapter 4, Attaching Service Policies.)

Cisco 10000 Series Router Quality of Service Configuration Guide

3-18

OL-7433-09

Chapter 3

Configuring QoS Policy Actions and Rules


Configuring QoS Policies

Creating a Policy Map


To create a policy map, enter the following commands beginning in global configuration mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Creates or modifies a policy map template with the name you


specify and enters policy-map configuration mode.
policy-map-name is the name of the policy map. The name can
be a maximum of 40 alphanumeric characters.

Step 2

Router(config-pmap)# class class-map-name

Specifies the class to which the policy map applies.


Note

On a given interface, the router uses the class-default


class to assign QoS policies to any packets that do not
belong to the classes defined in a policy map.

class-map-name is the name of the class map. The name can be


a maximum of 40 alphanumeric characters.

Configuration Examples for Creating a Policy Map


Example 3-1 shows how to create two policy maps named bronze and gold. The bronze policy includes
a class map named class1, which is configured with a bandwidth of 100 kbps. The gold policy includes
two class maps named voice and vlan. The voice class is the priority class and is policed at 50 kbps. The
vlan class has a bandwidth configuration of 20 percent of the link bandwidth.
Example 3-1

Assigning a Class to a Policy Map

Router(config)# policy-map bronze


Router(config-pmap)# class class1
Router(config-pmap-c)# bandwidth 100
Router(config-pmap-c)# exit
Router(config-pmap-c)# exit
Router(config)# policy-map gold
Router(config-pmap)# class voice
Router(config-pmap-c)# priority
Router(config-pmap-c)# police 50
Router(config-pmap)# class vlan
Router(config-pmap-c)# bandwidth percent 20

Example 3-2 shows how to configure the class-default class in the policy map named mypolicy. In this
example, class-default has a bandwidth configuration of 128 kbps:
Example 3-2

Assigning the Default Class to a Policy Map

Router(config)# policy-map mypolicy


Router(config-pmap)# class class-default
Router(config-pmap-c)# bandwidth 128

Note

For more information about defining QoS actions in a policy map, see the Input and Output Policy
Actions section on page 3-4.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

3-19

Chapter 3

Configuring QoS Policy Actions and Rules

Verifying QoS Policy Configurations

Defining QoS Actions in a Policy Map


To define QoS actions in a policy map, see the appropriate chapter in this guide.

Attaching Service Policies


Before the router can apply QoS service policies to packets, it needs to know which service policy to
apply. By attaching a service policy to the appropriate interface or virtual circuit, the router can then
apply the classification rules and QoS actions of the policy to the packets arriving at or leaving the router.
You can apply QoS service policies to:

Physical interfaces

Multilink PPP (MLPPP) and Multilink Frame Relay (MFR) interfaces

ATM unspecified bit rate (UBR) PVCs and point-to-point subinterfaces

ATM shaped UBR PVCs and point-to-point subinterfaces

ATM constant bit rate (CBR) and variable bit rate (VBR) PVCs and point-to-point subinterfaces

Label-controlled ATM (LC-ATM) subinterfaces

Frame Relay PVCs, point-to-point subinterfaces, and map classes

Ethernet VLANs

IP tunnel interfaces

Virtual access interfaces

For more information, see Chapter 4, Attaching Service Policies.

Verifying QoS Policy Configurations


To verify a policy map configuration, enter any of the following commands in privileged EXEC mode:
Command

Purpose

Router# show policy map policy-map-name

Displays the configuration of all classes contained in the policy


map you specify.
policy-map-name is the name of the policy map whose
configuration information you want to display. The name can be
a maximum of 40 characters.
If you do not specify a policy-map-name, the command displays
the configuration of all policy maps configured on the router.

Router# show policy-map policy-map-name class


class-name

Displays the configuration of the class you specify. The policy


map you specify includes this class.
policy-map-name is the name of the policy map that contains the
class configuration you want to display.
class-name is the name of the class whose configuration you want
to display. If you do not specify class-name, the router displays
class configuration for all classes in the policy map.

Cisco 10000 Series Router Quality of Service Configuration Guide

3-20

OL-7433-09

Chapter 3

Configuring QoS Policy Actions and Rules


Verifying QoS Policy Configurations

Command

Purpose

Router# show policy-map interface

Displays the configuration of all classes configured for all policy


maps attached to all interfaces.

Router# show policy-map interface interface-name


[input | output]

Displays the configuration of all classes configured for all


inbound or outbound policy maps attached to the specified
interface.
interface-name is the name of the interface or subinterface whose
policy configuration you want to display.
input indicates to display the statistics for the attached inbound
policy.
output indicates to display the statistics for the attached
outbound policy.
Note

Router# show policy-map interface [type number]


[input | output]

If you do not specify input or output, the router displays


information about all classes that are configured for all
inbound and outbound policies on all interfaces.

Displays the configuration of all classes configured for all


inbound or outbound service policies on all interfaces.
type is the interface type such as ATM.
number is the port number on the selected interface.
Note

Router# show policy-map interface [type number]


{input | output} class class-name

If you do not specify input or output, the router displays


information about all classes that are configured for both
inbound and outbound policies on all interfaces.

Displays the configuration of the class you specify for the


inbound or outbound policy map you specify for all interfaces.
type is the interface type such as ATM.
number is the port number on the selected interface.
class-name is the name of the class configuration you want to
display.

Router# show queue interface-type


interface-number

Displays queuing configuration information and statistics for the


specified interface.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

3-21

Chapter 3

Configuring QoS Policy Actions and Rules

Verifying QoS Policy Configurations

Verification Example for Service Policies


Example 3-3 shows the information displayed when you enter the show policy-map interface
command. In the example output, random early detection (RED) drop statistics display for each IP
precedence.
Example 3-3

show policy-map interface Command

Router# show policy-map interface atm 7/0/0.1


ATM7/0/0.1
Service-policy output: wred_1 (21036)
Class-map: prec_0_0 (match-all) (21037/2)
1445 packets, 1502800 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group 100 (21038)
Output queue: 0/64; 1445/1502800 packets/bytes output, 0 drops
Bandwidth: 75 kbps (Weight 50)
Random-detect (precedence-based):
Exponential weight: 3 (1/8)
Current average queue length: 0 packets
---------------------------------------Min
Max
Prob
Rand-Drops Tail-Drops
0
16
32
1/1
0
0
1
18
32
1/10
0
0
2
20
32
1/10
0
0
3
22
32
1/10
0
0
4
24
32
1/10
0
0
5
26
32
1/10
0
0
6
28
32
1/10
0
0
7
30
32
1/10
0
0
Class-map: prec_0_1 (match-all) (21041/3)
1417 packets, 1473680 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group 101 (21042)
Output queue: 0/64; 1417/1473680 packets/bytes output, 0 drops
Bandwidth: 73 kbps (Weight 49)
Random-detect (precedence-based):
Exponential weight: 3 (1/8)
Current average queue length: 0 packets
---------------------------------------Min
Max
Prob
Rand-Drops Tail-Drops
0
16
32
1/1
0
0
1
18
32
1/10
0
0
2
20
32
1/10
0
0
3
22
32
1/10
0
0
4
24
32
1/10
0
0
5
26
32
1/10
0
0
6
28
32
1/10
0
0
7
30
32
1/10
0
0
Class-map: class-default (match-any) (21045/0)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any (21046)
0 packets, 0 bytes
5 minute rate 0 bps
Output queue: 0/32; 0/0 packets/bytes output, 0 drops

Cisco 10000 Series Router Quality of Service Configuration Guide

3-22

OL-7433-09

Chapter 3

Configuring QoS Policy Actions and Rules


Related Documentation

Related Documentation
This section provides hyperlinks to additional Cisco documentation for the features discussed in this
chapter. To display the documentation, click the document title or a section of the document highlighted
in blue. When appropriate, paths to applicable sections are listed below the documentation title.
Feature

Related Documentation

Class maps

Cisco IOS Quality of Service Solutions Configuration Guide,


Release 12.2
Part 8: Modular Quality of Service Command-Line Interface
> Configuring the Modular Quality of Service
Command-Line Interface > Modular QoS CLI
Configuration Task List > Creating a Traffic Class
Cisco IOS Quality of Service Solutions Command Reference,
Release 12.2
access-list rate-limit -- fair-queue (WFQ) > class-map
command

Constant Bit Rate (CBR) ATM service class

ATM Traffic Management, Understanding the CBR Service


Category for ATM VCs
ATM Traffic Management, Understanding Router Support for
ATM Real-Time Service Categories

Policy maps

Cisco IOS Quality of Service Solutions Configuration Guide,


Release 12.2
Part 8: Modular Quality of Service Command-Line Interface
> Configuring the Modular Quality of Service
Command-Line Interface > Modular QoS CLI
Configuration Task List > Creating a Traffic Policy
Cisco IOS Quality of Service Solutions Command Reference,
Release 12.2
policy map - qos preclassify > policy-map command

Policy map scaling

Release Notes for the Cisco 10000 Series Internet Router for
Cisco IOS Release 12.0(25)SX
New Features in Cisco IOS Release 12.0(25)SX > Policy
Map Scaling

QoS service policies

QoS Configuration and Monitoring, Creating Time-of-Day QoS


Service Policies tech note
QoS Configuration and Monitoring, Monitoring Voice over IP
Quality of Service tech note
Site-to-Site MPLS VPN Solution for Service Providers, Service
Provider Quality-of-Service Overview tech note

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

3-23

Chapter 3

Configuring QoS Policy Actions and Rules

Related Documentation

Feature

Related Documentation

Unspecified bit rate (UBR) ATM service class

ATM Traffic Management, Understanding the UBR Service


Category for ATM Virtual Circuits
ATM Traffic Management, Understanding Router Support for
ATM Real-Time Service Categories
Cisco 10000 Series Router Line Card Configuration Guide
ATM Line Cards > 1-Port OC-12 ATM Line Card
Configuration > Commands > Interface and Subinterface
Commands > Creating a PVC
ATM Line Cards > 4-Port OC-3/STM-1 ATM Line Card
Configuration > ATM Commands > Interface and
Subinterface Commands > Creating a PVC
Cisco BPX 8600 Series Installation and Configuration,
Release 9.3.00
Configuring ATM Connections > ATM Connection Flow >
Traffic Shaping for CBR, rt-VBR, nrt-VBR, and UBR
Configuring ATM Connections > ATM Connection
Configuration > Unspecified Bit Rate Connections

Variable bit rate (VBR) ATM service class

ATM Traffic Management, Understanding the VBR-nrt Service


Category and Traffic Shaping for ATM VCs
ATM Traffic Management, Understanding Router Support for
ATM Real-Time Service Categories
Understanding the VBR-nrt Service Category and Traffic
Shaping for ATM VCs tech note
Cisco 10000 Series Router Line Card Configuration Guide
ATM Line Cards > 4-Port OC-3/STM-1 ATM Line Card
Configuration > ATM Commands > ATM PVC Commands
> Configuring VBR-nrt
Cisco BPX 8600 Series Installation and Configuration,
Release 9.3.00
Configuring ATM Connections > ATM Connection Flow >
Traffic Shaping for CBR, rt-VBR, nrt-VBR, and UBR
Configuring ATM Connections > ATM Connection
Configuration > Variable Bit Rate Connections

Cisco 10000 Series Router Quality of Service Configuration Guide

3-24

OL-7433-09

CH A P T E R

Attaching Service Policies


This chapter describes how to attach QoS service policies. After you create a QoS service policy, the
next step is to attach the policy to an interface or virtual circuit (VC). By doing this, the router knows
which service policy to apply to the packets arriving at or leaving the router. An interface can have
different service policies for inbound and outbound packets.
This chapter includes the following topics:

Interfaces Supporting QoS Service Policies, page 4-1

Attaching ATM QoS Service Policies, page 4-2

Attaching Frame Relay QoS Service Policies, page 4-11

Attaching Virtual LAN QoS Service Policies, page 4-20

Attaching Virtual Access Interface QoS Service Policies, page 4-23

Attaching Layer 2 Access Concentrator QoS Service Policies, page 4-30

Applying QoS on Layer 2 Tunnel Packets, page 4-32

Verifying and Monitoring QoS Service Policies, page 4-32

Related Documentation, page 4-36

Interfaces Supporting QoS Service Policies


You can attach QoS service policies to:

Physical interfaces

Multilink Point-to-Point Protocol (MLPPP) and Multilink Frame Relay (MFR) interfaces

ATM unspecified bit rate (UBR) permanent virtual circuits (PVCs) and point-to-point subinterfaces

ATM shaped (peak cell rate is specified) UBR PVCs and point-to-point subinterfaces

ATM constant bit rate (CBR) PVCs and point-to-point subinterfaces

ATM variable bit rate (VBR) PVCs and point-to-point subinterfaces

Label-controlled Asynchronous Transfer Mode (LC-ATM) subinterfaces

Frame Relay PVCs, point-to-point subinterfaces, and map classes

Ethernet virtual local area networks (VLANs)

IP tunnel interfaces

Virtual access interfaces

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-1

Chapter 4

Attaching Service Policies

Attaching ATM QoS Service Policies

Each interface, subinterface, or PVC can have no more than two policy maps attached: one for inbound
traffic and one for outbound traffic. The router does not require that the inbound and outbound policies
be the same; you can attach different input and output policies.

Note

In a Cisco 10000 series router, we recommend that you do not attach a service-policy to an interface that
has an IP interface session.

Attaching ATM QoS Service Policies


You can attach a QoS service policy to an ATM interface, point-to-point subinterface, or PVC using the
service-policy command.
This section describes the following topics:

Feature History for ATM QoS, page 4-2

ATM QoS Inheritance, page 4-2

service-policy Command, page 4-3

Restrictions and Limitations for Attaching ATM Service Policies, page 4-5

Attaching ATM QoS Service Policies to ATM Interfaces, Subinterfaces, and PVCs, page 4-5

Feature History for ATM QoS


Cisco IOS Release

Description

Required PRE

12.0(17)SL

The attachment of ATM QoS service policies feature was


introduced on the router.

PRE1

12.2(15)BX

This feature was introduced on the PRE2.

PRE2

12.3(7)XI2

This feature was modified to allow you to attach ATM QoS PRE2
service policies to a range of PVCs and to a specific PVC
within the PVC range.

12.2(28)SB

This feature was integrated in Cisco IOS


Release 12.2(28)SB for the PRE2.

PRE2

12.2(31)SB2

This feature was introduced on the PRE3.

PRE2
PRE3

ATM QoS Inheritance


The following describes how ATM traffic inherits QoS policies:

For all releases earlier than Cisco IOS Release 12.3(7)XI2, if you attach a service policy only to the
physical interface, the aggregate of all unspecified bit rate (UBR) PVCs is subject to the physical
interfaces service policy.
For Cisco IOS Release 12.3(7)XI2 and later releases, if you attach a service policy only to the
physical interface, the aggregate of all unshaped UBR PVCs is subject to the physical interfaces
service policy. In Cisco IOS Release 12.3(7)XI2 and later releases, the router treats shaped UBR
PVCs like variable bit rate (VBR) and constant bit rate (CBR) PVCs.

Cisco 10000 Series Router Quality of Service Configuration Guide

4-2

OL-7433-09

Chapter 4

Attaching Service Policies


Attaching ATM QoS Service Policies

If you attach a service policy only to individual PVCs and not to the physical interface, only the
individual PVC is subject to its attached service policy.

If you attach service policies to both the physical interface and individual PVCs, the aggregate of
all UBR PVCs that do not have a service policy is subject to the physical interfaces service policy.
All PVCs that do have a service policy are individually subject to their attached service policies.

The router can operate in one of two ATM queueing modes: atm pxf queuing or no atm pxf queuing. The
router supports:

Unshaped UBR and nonreal-time VBR (VBR-nrt) PVCs when you configure the atm pxf queuing
command on the ATM interfaces

Unshaped UBR, shaped UBR, and VBR-nrt PVCs when you configure the no atm pxf queuing
command on the ATM interfaces

For more information about ATM service classes, see the ATM Service Categories section on
page 3-13.
The router allocates bandwidth to VBR, CBR, and shaped UBR PVCs before allocating bandwidth to
unshaped UBR PVCs. As a result, a diminished amount of bandwidth is available to allocate to unshaped
UBR PVCs. To override this behavior, create an hierarchical policy with the bandwidth specified and
attach the policy to the ATM port or physical interface. For more information, see Chapter 13, Defining
QoS for Multiple Policy Levels.

service-policy Command
To attach a policy map that the router can use to apply QoS services to inbound and outbound packets,
use the service-policy command in interface or map class configuration mode. Use the no form of the
command to remove a service policy. This command has no default value or behavior.
service-policy {input | output} policy-map-name
no service-policy {input | output} policy-map-name

Syntax Description
input

Indicates to apply the QoS policy to inbound packets.

output

Indicates to apply the QoS policy to outbound packets.

policy-map-name

The name of the policy map (created using the policy-map command) you
want to attach. The policy-map-name can be a maximum of
40 alphanumeric characters.

service-policy Command History


Cisco IOS Release

Description

12.0(17)SL

This command was introduced on the PRE1.

12.2(15)BX

This command was introduced on the PRE2.

12.3(7)XI2

This command was enhanced on the PRE2 to allow you to attach a policy
map to a range of PVCs, and to a specific PVC within the PVC range.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-3

Chapter 4

Attaching Service Policies

Attaching ATM QoS Service Policies

Cisco IOS Release

Description

12.2(28)SB

This command was integrated in Cisco IOS Release 12.2(28)SB for the
PRE2.

12.2(31)SB2

This command was introduced on the PRE3.

service-policy Command Modes


You can configure this command in the following configuration modes:

Bundle-VC (for ATM VC bundle members)

Interface

Map-class (for Frame Relay VCs)

PVC-in-range (for ATM VCs)

PVC range (for ATM VCs)

VC submode (for a standalone VC)

Usage Guidelines for the service-policy Command


The service-policy {input | output} policy-map-name command is used to attach a service policy to an
interface.
The service-policy policy-map-name command is used to create hierarchical service policies in
policy-map class configuration mode. Do not specify input or output when using the service-policy
command in an hierarchical policy.
In Cisco IOS Release 12.2(33)SB and later releases, the router no longer accepts the abbreviated form
(ser) of the service-policy command. Instead, you must spell out the command name service- before the
router accepts the command.
For example, when attaching a policy map the following error message appears when you attempt to use
the abbreviated form of the service-policy command:
Router(config)# interface gigabit1/1/0
Router(config-if)# ser out ?
% Unrecognized command
Router(config-if)# ser ?
% Unrecognized command

When you enter the command as service-, the router accepts the command as shown in the following
example:
Router(config-if)# service- ?
input Assign policy-map to the input of an interface
output Assign policy-map to the output of an interface
type
Configure CPL Service Policy

In releases earlier than Cisco IOS Release 12.2(33)SB, the router accepts the abbreviated form of the
service-policy command. For example, the router accepts the following commands:
Router(config)# interface gigabit1/1/0
Router(config-if)# ser out test

Cisco 10000 Series Router Quality of Service Configuration Guide

4-4

OL-7433-09

Chapter 4

Attaching Service Policies


Attaching ATM QoS Service Policies

Restrictions and Limitations for Attaching ATM Service Policies

On ATM line cards, you can apply a policy map to the physical interface, point-to-point
subinterfaces, and to individual PVCs. The router does not support applying QoS service policies to
point-to-multipoint subinterfaces. However, you can apply service policies to VCs that are on
multipoint interfaces.

The policy map you assign to a PVC takes precedence over the policy map you assign to the main
interface.

You must first configure the atm pxf queuing command on the interface and then attach the policy
map.

Note

Do not change the queuing mode while VCs are configured on the interface. To change the mode,
first delete the VCs and then change the mode. Changing the mode while VCs are configured
can produce undesired results, and the change does not take effect until the router reloads.

For a policy map to be successfully attached to an interface or ATM VC, the aggregate of the
configured minimum bandwidths of the policy map classes is limited to the speed of the interface,
unless you use the atm over-subscription-factor command to oversubscribe the interface.

The router does not support a service policy based on queuing for unshaped UBR PVCs.

Attaching ATM QoS Service Policies to ATM Interfaces, Subinterfaces, and


PVCs
You can attach a QoS service policy to ATM interfaces, point-to-point subinterfaces, or PVCs.
To attach an ATM QoS service policy, perform one of the following configuration tasks:

Attaching QoS Service Policies to an ATM Interface, page 4-6

Attaching QoS Service Policies to an ATM Point-to-Point Subinterface, page 4-7

Attaching QoS Service Policies to an ATM PVC, page 4-8

Attaching QoS Service Policies to an ATM PVC Range and an ATM PVC in a Range, page 4-9

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-5

Chapter 4

Attaching Service Policies

Attaching ATM QoS Service Policies

Attaching QoS Service Policies to an ATM Interface


To attach a QoS service policy to an ATM interface, enter the following commands beginning in interface
configuration mode:
Command

Purpose

Step 1

Router(config)# interface atm


slot/module/port

Specifies the interface to which you want to attach the QoS


service policy and enters interface configuration mode.

Step 2

Router(config-if)# service-policy {input


| output} policy-map-name

Attaches the service policy you specify to the interface.


input indicates to apply the service policy to inbound traffic on
the interface.
output indicates to apply the service policy to outbound traffic on
the interface.
Note

For QoS policies containing the bandwidth, priority,


random-detect, queue-limit, and shape commands, you
must specify the output keyword. If you use these
commands with the input keyword, the router ignores the
commands.

policy-map-name is the name of the policy map you want to attach


to the subinterface.
Note

The router applies the service policy to the ATM interface


and to all PVCs configured on the interface that do not
have their own QoS policy applied.

Configuration Example for Attaching QoS Service Policies to an ATM Interface


Example 4-1 shows how to attach the QoS service policy named myQoS to inbound traffic arriving at
ATM interface 1/0/0. The router applies the service policy to all of the PVCs configured on the interface.
Example 4-1

Attaching a QoS Policy to an ATM Interface

Router(config)# interface atm 1/0/0


Router(config-if)# service-policy input myQoS

Cisco 10000 Series Router Quality of Service Configuration Guide

4-6

OL-7433-09

Chapter 4

Attaching Service Policies


Attaching ATM QoS Service Policies

Attaching QoS Service Policies to an ATM Point-to-Point Subinterface


To attach a QoS service policy to an ATM point-to-point subinterface, enter the following commands
beginning in interface configuration mode:

Note

The router does not support QoS service policies on ATM point-to-multipoint subinterfaces. However,
you can apply service policies to VCs that are configured on multipoint interfaces.

Command

Purpose

Step 1

Router(config)# interface atm


slot/module/port

Specifies the ATM interface and enters interface configuration


mode.

Step 2

Router(config-if)# atm pxf queuing

Specifies the interface mode. In this mode, the interface operates


in low VC count. The router operates in atm pxf queuing mode by
default. You do not need to specify this mode unless the router is
currently configured for no atm pxf queuing.
Note

This is the required interface operating mode for


QoS service policies that include queuing actions.

Step 3

Router(config-if)# interface atm


slot/module/port.subinterface
point-to-point

Specifies the point-to-point subinterface and enters subinterface


configuration mode.

Step 4

Router(config-subif)# service-policy
{input | output} policy-map-name

Attaches the service policy you specify to the ATM subinterface.


input indicates to apply the service policy to inbound traffic on
the interface.
output indicates to apply the service policy to outbound traffic on
the interface.
Note

For QoS policies containing the bandwidth, priority,


random-detect, queue-limit, and shape commands, you
must specify the output keyword. If you use these
commands with the input keyword, the router ignores the
commands.

policy-map-name is the name of the policy map you want to attach


to the subinterface.
Note

The router applies the service policy to the


ATM subinterface and to all PVCs configured on the
subinterface that does not have its own QoS policy
applied.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-7

Chapter 4

Attaching Service Policies

Attaching ATM QoS Service Policies

Configuration Example for Attaching QoS Service Policies to an ATM Point-to-Point Subinterface
Example 4-2 attaches a QoS service policy named myQoS to ATM point-to-point subinterface 3/0/0.1
for inbound traffic.
Example 4-2

Attaching a QoS Service Policy to an ATM Point-to-Point Subinterface

Router(config)# interface atm 3/0/0


Router(config-if)# atm pxf queuing
Router(config-if)# interface atm 3/0/0.1 point-to-point
Router(config-subif)# service-policy input myQoS

Attaching QoS Service Policies to an ATM PVC


To attach a QoS service policy to an individual ATM PVC, enter the following commands beginning in
interface configuration mode:
Command

Purpose

Step 1

Router(config)# interface atm


slot/module/port

Specifies the ATM interface and enters interface configuration


mode.

Step 2

Router(config-if)# atm pxf queuing

Specifies the interface mode. In this mode, the interface operates


in low VC count. The router operates in atm pxf queuing mode by
default. You do not need to specify this mode unless the router is
currently configured for no atm pxf queuing.
Note

This is the required interface operating mode for QoS


service policies that include queuing actions.

Step 3

Router(config-if)# interface atm


slot/module/port.subinterface
point-to-point

Specifies the point-to-point subinterface and enters subinterface


configuration mode.

Step 4

Router(config-subif)# pvc [name] vpi/vci

Creates an ATM permanent virtual circuit (PVC) and enters


ATM VC configuration mode.
name is the name used to identify the PVC.
vpi is the virtual path identifier.
vci is the virtual circuit identifier.

Cisco 10000 Series Router Quality of Service Configuration Guide

4-8

OL-7433-09

Chapter 4

Attaching Service Policies


Attaching ATM QoS Service Policies

Step 5

Command

Purpose

Router(config-if-atm-vc)# service-policy
[input | output] policy-map-name

Attaches the service policy you specify to the specified


ATM PVC.
input indicates to apply the service policy to inbound traffic on
the interface.
output indicates to apply the service policy to outbound traffic on
the interface.
Note

For QoS policies containing the bandwidth, priority,


random-detect, queue-limit, and shape commands, you
must specify the output keyword. If you use these
commands with the input keyword, the router ignores the
commands.

policy-map-name is the name of the policy map you want to attach


to the subinterface.
Note

The router applies the service policy to only the individual


ATM PVC that you specify.

Configuration Example for Attaching QoS Service Policies to an ATM PVC


Example 4-3 shows how to attach a QoS service policy named bronze to PVC 0/101 on the
ATM subinterface 3/0/0.1 for inbound traffic.
Example 4-3

Attaching a QoS Service Policy to an ATM PVC

Router(config)# interface atm 3/0/0


Router(config-if)# atm pxf queuing
Router(config)# interface atm 3/0/0.1
Router(config-subif)# pvc 0/101
Router(config-if-atm-vc)# service-policy input bronze

Attaching QoS Service Policies to an ATM PVC Range and an ATM PVC in a Range
To attach a QoS service policy to a range of ATM PVCs or to a specific ATM PVC in a range of PVCs,
enter the following commands beginning in global configuration mode:

Step 1

Command

Purpose

Router(config)# interface atm


slot/module/port

Specifies the ATM interface and enters interface configuration


mode.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-9

Chapter 4

Attaching Service Policies

Attaching ATM QoS Service Policies

Step 2

Command

Purpose

Router(config-if)# range [range-name] pvc


start-vpi/start-vci end-vpi/end-vci

Defines a range of ATM permanent virtual circuits (PVCs). Enters


ATM range configuration mode.
(Optional) range-name is the name of the range. The range-name
can be a maximum of 15 characters.
start-vpi/ specifies the beginning value for a range of virtual path
identifiers (VPIs). The slash is required. If you do not provide a
VPI value or the slash, the default value of 0 is used. Valid values
for VPI are from 0 to 255.
start-vci specifies the beginning value for a range of virtual
channel identifiers (VCIs). Valid values are from 32 to 65535.
end-vpi/ specifies the end value for a range of virtual path
identifiers (VPIs). The slash is required. If you do not provide a
VPI value or the slash, the start-vpi value is used by default. Valid
values for VPI are from 0 to 255.
end-vci specifies the end value for a range of virtual channel
identifiers (VCIs). Valid values are from 32 to 65535.

Step 3

Router(config-if-atm-range)#
service-policy [input | output]
policy-map-name

Attaches the service policy you specify to the specified ATM PVC
range.
input indicates to apply the service policy to inbound traffic on
the interface.
output indicates to apply the service policy to outbound traffic on
the interface.
Note

For QoS policies containing the bandwidth, priority,


random-detect, queue-limit, and shape commands, you
must specify the output keyword. If you use these
commands with the input keyword, the router ignores the
commands.

policy-map-name is the name of the policy map you want to attach


to the subinterface.
Note
Step 4

Router(config-if-atm-range)# pvc-in-range
[pvc-name] vpi/vci

The router applies the service policy to only the PVCs


within the PVC range.

Configures an individual PVC within a PVC range. Enters ATM


range PVC configuration mode.
(Optional) pvc-name is the name given to the PVC. The PVC
name can have a maximum of 15 characters.
vpi/ is the virtual path identifier (VPI) for this PVC. The slash is
required. If you do not specify a VPI value or the slash, the default
value of 0 is used. Valid VPI values are from 0 to 255.
vci is the virtual circuit identifier (VCI) for this PVC. Valid values
are from 32 to 2047.

Cisco 10000 Series Router Quality of Service Configuration Guide

4-10

OL-7433-09

Chapter 4

Attaching Service Policies


Attaching Frame Relay QoS Service Policies

Step 5

Command

Purpose

Router(config-if-atm-range-pvc)#
service-policy [input | output]
policy-map-name

Attaches the service policy you specify to the specified PVC


within the ATM PVC range.
input indicates to apply the service policy to inbound traffic on
the interface.
output indicates to apply the service policy to outbound traffic on
the interface.
Note

For QoS policies containing the bandwidth, priority,


random-detect, queue-limit, and shape commands, you
must specify the output keyword. If you use these
commands with the input keyword, the router ignores the
commands.

policy-map-name is the name of the policy map you want to attach


to the subinterface.
Note

The router applies the service policy to only the individual


ATM PVC within the PVC range.

Configuration Example for Attaching QoS Service Policies to an ATM PVC


Example 4-4 shows how to attach policy maps to a range of ATM PVCs and to a specific PVC within a
PVC range. In the example, the service policy named voice is attached to the range of ATM PVCs 1/32
to 1/34. The router applies the service policy to all of the PVCs within the PVC range. The service policy
named data is attached to PVC 1/33 within the PVC range. The router applies the service policy to only
PVC 1/33.
Example 4-4

Attaching Policy Maps to ATM PVC Ranges and PVCs in PVC Ranges

Router(config)# interface atm 2/0/0


Router(config-if)# range pvc 1/32 1/34
Router(config-if-atm-range)# service-policy input voice
Router(config-if-atm-range)# pvc-in-range 1/33
Router(config-if-atm-range-vc)# service-policy input data

Attaching Frame Relay QoS Service Policies


You can attach QoS service policies to Frame Relay interfaces, PVCs on subinterfaces, data-link
connection identifiers (DLCIs), and map classes using the map-class frame-relay and service-policy
commands. You can apply a map class to an interface or subinterface.
This section includes the following topics:

Feature History for Frame Relay QoS, page 4-12

Frame Relay QoS Inheritance, page 4-12

map-class frame-relay Command, page 4-12

Restrictions and Limitations for Frame Relay QoS Service Policies, page 4-13

Creating and Attaching QoS Policies to Frame Relay Interfaces, Subinterfaces, and Data-Link
Connection Identifiers, page 4-14

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-11

Chapter 4

Attaching Service Policies

Attaching Frame Relay QoS Service Policies

Feature History for Frame Relay QoS


Cisco IOS Release

Description

Required PRE

12.0(23)SX

The attachment of Frame Relay QoS service policies


feature was introduced on the router.

PRE1

12.0(25)S

This feature was integrated into Cisco IOS


Release 12.0(25)S.

PRE1

Frame Relay QoS Inheritance


On Frame Relay interfaces, you can attach a service policy to the physical interface, an individual PVC,
or to both the physical interface and one or more PVCs. The following describes how Frame Relay traffic
inherits QoS policies:

If you attach a service policy only to the physical interface, the aggregate of all PVCs is subject to
the physical interfaces service policy.

If you attach a service policy only to individual PVCs and not to the physical interface, only the
individual PVC is subject to its attached service policy.

If you attach service policies to both the physical interface and individual PVCs, the aggregate of
all PVCs that do not have a service policy is subject to the physical interfaces service policy. All
PVCs that do have a service policy are individually subject to their attached service policies.

If you attach a service policy to a Frame Relay point-to-point subinterface (either directly or using
a map class), the router applies the QoS service policy to the aggregate of all of the DLCIs
configured on the subinterface.

If you attach a service policy to an individual DLCI (either directly or using a map class), the router
only applies the QoS service policy to the individual DLCI.

map-class frame-relay Command


To attach a QoS service policy to a Frame Relay interface, PVC on a subinterface, DLCI, or map class,
use the map-class frame-relay command in global configuration mode. To remove a map class, use the
no form of the command. This command has no default behavior.
map-class frame-relay map-class-name
no map-class frame-relay map-class-name

Syntax Description
map-class-name

The name of the map class. The map-class-name can be a maximum of


40 alphanumeric characters.

Cisco 10000 Series Router Quality of Service Configuration Guide

4-12

OL-7433-09

Chapter 4

Attaching Service Policies


Attaching Frame Relay QoS Service Policies

map-class frame-relay Command History


Cisco IOS Release

Description

12.0(23)SX

This command was introduced on the PRE1.

12.0(25)S

This command was integrated into Cisco IOS Release 12.0(25)S.

Usage Guidelines for the map-class frame-relay Command


You can attach a QoS service policy to a Frame Relay map class using the service-policy command. For
more information, see the service-policy Command section on page 4-3.
You can apply a map class to a Frame Relay interface and subinterface.

Restrictions and Limitations for Frame Relay QoS Service Policies

Do not configure Frame Relay services using both the modular QoS command-line interface (MQC)
and the Frame Relay legacy commands.

For Cisco IOS Release 12.0(22)S and later releases, use the MQC to configure QoS services for
Frame Relay interfaces.

For all releases earlier than Cisco IOS Release 12.0(22)S, use the Frame Relay commands to
configure Frame Relay QoS services. For more information, see Appendix A, Configuring Frame
Relay QoS Using Frame Relay Legacy Commands.

The router has no preset scaling limit for Frame Relay QoS services. You can apply any number of
Frame Relay QoS services.

The router does not support attaching QoS service policies to Frame Relay point-to-multipoint
subinterfaces.

You cannot attach a policy map and a map class to the same subinterface. For Cisco IOS
Release 12.0(22)S and later releases, use the MQC to create and attach a policy map as described in
this chapter. For all releases earlier than Cisco IOS Release 12.0(22)S, use the Frame Relay legacy
commands to create and attach a Frame Relay QoS policy as described in Appendix A, Configuring
Frame Relay QoS Using Frame Relay Legacy Commands.

Output QoS policies that contain queuing actions must be nested service policies.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-13

Chapter 4

Attaching Service Policies

Attaching Frame Relay QoS Service Policies

Creating and Attaching QoS Policies to Frame Relay Interfaces, Subinterfaces,


and Data-Link Connection Identifiers
To create a Frame Relay QoS service policy, use the modular QoS CLI (MQC) elements called class
maps and policy maps. For more information, see the Classifying Traffic Using a Class Map section
on page 2-11 and the Creating a Policy Map section on page 3-19.
After you create the policy map, you can attach it to a Frame Relay interface, point-to-point subinterface,
data-link connection identifier (DLCI), or map class. You can apply a map class to an interface or
subinterface.

Note

The router does not support attaching a QoS service policy to a Frame Relay point-to-multipoint
subinterface. You can attach a QoS service policy to either a Frame Relay subinterface, a Frame Relay
DLCI, but not to both.
To attach a QoS service policy to a Frame Relay link, perform any of the following tasks:

Attaching a QoS Service Policy to a Frame Relay Interface or Point-to-Point Subinterface,


page 4-14

Attaching a QoS Service Policy to a Frame Relay DLCI, page 4-17

Attaching a QoS Service Policy to a Frame Relay Interface or Point-to-Point Subinterface


To attach a QoS policy to a Frame Relay interface or point-to-point subinterface, perform either of the
following tasks:

Attaching a QoS Policy Directly to a Frame Relay Interface or Point-to-Point Subinterface,


page 4-15

Attaching a QoS Service Policy to a Frame Relay Interface or Point-to-Point Subinterface Using a
Map Class, page 4-16

Note

You cannot attach a QoS policy to the same Frame Relay interface or subinterface by using both
the MQC and a map class. For releases earlier than Cisco IOS Release 12.0(22)S, use the Frame
Relay commands to attach QoS policies (see Appendix A, Configuring Frame Relay QoS Using
Frame Relay Legacy Commands). For Cisco IOS Release 12.0(22)S and later releases, use the
MQC.

Cisco 10000 Series Router Quality of Service Configuration Guide

4-14

OL-7433-09

Chapter 4

Attaching Service Policies


Attaching Frame Relay QoS Service Policies

Attaching a QoS Policy Directly to a Frame Relay Interface or Point-to-Point Subinterface


To attach a QoS policy directly to a Frame Relay interface or point-to-point subinterface, enter the
following commands beginning in global configuration mode:
Command

Purpose

Step 1

Router(config)# interface type


slot/subslot/port.subinterface

Specifies the interface or subinterface to which you want to attach


the QoS service policy. Enters interface or subinterface
configuration mode.

Step 2

Router(config-if)# service-policy {input


| output} policy-map-name

Applies the service policy you specify to the interface or


subinterface.
input indicates to apply the service policy to the inbound traffic
on the interface.
output indicates to apply the service policy to the outbound
traffic on the interface.
Note

For QoS policies containing the bandwidth, priority,


random-detect, queue-limit, and shape commands, you
must specify the output keyword. The router ignores
these commands when you use them with the input
keyword.

policy-map-name is the name of the policy map you want to attach


to the interface.
Note

The router applies the service policy to the aggregate of


all of the data link connection identifies (DLCIs)
configured on the interface or subinterface.

Configuration Examples for Attaching QoS Policies Directly to a Frame Relay Interface or Point-to-Point Subinterface
Example 4-5 shows how to attach the service policy named mypolicy2 to serial subinterface 1/0/0.1 in
the inbound direction.
Example 4-5

Attaching a QoS Policy Directly to a Frame Relay Point-to-Point Subinterface

Router(config)# interface serial 1/0/0.1 point-to-point


Router(config-if)# service-policy input mypolicy2

Example 4-6 shows how to attach the service policy named silver to serial interface 4/0/0 in the inbound
direction.
Example 4-6

Attaching a QoS Policy Directly to a Frame Relay Interface

Router(config)# interface serial 4/0/0


Router(config-if)# service-policy input silver

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-15

Chapter 4

Attaching Service Policies

Attaching Frame Relay QoS Service Policies

Attaching a QoS Service Policy to a Frame Relay Interface or Point-to-Point Subinterface Using a Map Class
To attach a QoS service policy to a Frame Relay interface or point-to-point subinterface using a Frame
Relay map class, enter the following commands beginning in global configuration mode:

Step 1

Command

Purpose

Router(config)# map-class frame-relay


map-class-name

Specifies a map class and enters map-class configuration mode.


map-class-name identifies the map class.

Step 2

Router(config-map-c)# service-policy
[input | output] policy-map-name

Applies the service policy you specify to the map class.


input indicates to apply the service policy to the inbound traffic
on the interface.
output indicates to apply the service policy to the outbound
traffic on the interface.
Note

For QoS policies containing the bandwidth, priority,


random-detect, queue-limit, and shape commands, you
must specify the output keyword. The router ignores
these commands when you use them with the input
keyword.

policy-map-name is the name of the policy map.


Step 3

Router(config-map-c)# exit

Exits map-class configuration mode.

Step 4

Router(config)# interface type


slot/subslot/port.subinterface
[point-to-point]

Specifies the interface or subinterface to which you want to attach


the map class. Enters interface or subinterface configuration
mode.

Step 5

Router(config-if)# frame-relay class name

Associates a map class with a Frame Relay subinterface.


name is the name of the map class you want to associate with the
interface.
Note

The router applies the service policy configured in the


map class to the aggregate of all of the data link
connection identifies (DLCIs) on the interface or
subinterface.

Configuration Examples for Attaching a QoS Policy to a Frame Relay Interface or Point-to-Point Subinterface Using a Map Class
Example 4-7 shows how to configure a policy map named policy1 within a Frame Relay map class
named VCs_slow and attach the map class to serial subinterface 1/0/0.1.
Example 4-7

Configuring a QoS Service Policy on a Frame Relay Subinterface Using a Map Class

Router(config)# map-class frame-relay VCs_slow


Router(config-map-c)# service-policy policy1
Router(config-map-c)# exit
Router(config)# interface serial 1/0/0.1 point-to-point
Router(config-if)# frame-relay class VCs-slow

Cisco 10000 Series Router Quality of Service Configuration Guide

4-16

OL-7433-09

Chapter 4

Attaching Service Policies


Attaching Frame Relay QoS Service Policies

Example 4-8 shows how to configure a policy map named bronze within a Frame Relay map class named
slow-VCs and attach the map class to serial interface 2/0/0.
Example 4-8

Configuring a QoS Service Policy on a Frame Relay Interface Using a Map Class

Router(config)# map-class frame-relay slow-VCs


Router(config-map-c)# service-policy bronze
Router(config-map-c)# exit
Router(config)# interface serial 2/0/0
Router(config-if)# frame-relay class slow-VCs

Attaching a QoS Service Policy to a Frame Relay DLCI


To attach a QoS service policy to a Frame Relay DLCI, perform one of the following tasks:

Note

Attaching a QoS Service Policy Directly to a Frame Relay DLCI, page 4-17

Attaching a QoS Service Policy to a Frame Relay DLCI Using a Map Class, page 4-19

You cannot attach a QoS policy to the same Frame Relay interface or subinterface by using both the
MQC and a map class. For releases earlier than Cisco IOS Release 12.0(22)S, use the Frame Relay
commands to attach QoS policies (see Appendix A, Configuring Frame Relay QoS Using Frame Relay
Legacy Commands). For Cisco IOS Release 12.0(22)S and later releases, use the MQC.

Attaching a QoS Service Policy Directly to a Frame Relay DLCI


You can attach a QoS service policy to a Frame Relay DLCI that is configured on an interface or
subinterface.
To attach a QoS service policy directly to a Frame Relay DLCI, enter the following commands beginning
in global configuration mode:
Command

Purpose

Step 1

Router(config)# interface type


slot/subslot/port.subinterface
[point-to-point]

Specifies the interface or subinterface. Enters interface or


subinterface configuration mode.

Step 2

Router(config-if)# frame-relay
interface-dlci dlci

Assigns a data link connection identifier (DLCI) to the Frame


Relay interface or subinterface. Enters Frame Relay DLCI
configuration mode.
dlci is a number that identifies the data link connection on the
interface or subinterface.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-17

Chapter 4

Attaching Service Policies

Attaching Frame Relay QoS Service Policies

Step 3

Command

Purpose

Router(config-fr-dlci)# service-policy
[input | output] policy-map-name

Attaches the service policy you specify to the individual DLCI.


input indicates to apply the service policy to inbound traffic on
the interface.
output indicates to apply the service policy to outbound traffic
on the interface.
Note

For QoS policies containing the bandwidth, priority,


random-detect, queue-limit, and shape commands,
you must specify the output keyword. If you use these
commands with the input keyword, the router ignores
the commands.

policy-map-name is the name of the policy map.


Note

The router applies the service policy only to the


individual DLCI.

Configuration Examples for Attaching a QoS Service Policy Directly to a Frame Relay DLCI
Example 4-9 shows how to attach the service policy named user_policy to the data link connection
identifier (DLCI) 100 on serial subinterface 1/0/0.1 for outbound packets.
Example 4-9

Attaching a QoS Service Policy Directly to a DLCI Configured on a Subinterface

Router(config)# interface serial 1/0/0.1 point-to-point


Router(config-if)# frame-relay interface-dlci 100
Router(config-fr-dlci)# service-policy output user_policy

Example 4-10 shows how to attach the service policy named voice to DLCI 201 on serial interface 4/0/0
for outbound packets.
Example 4-10 Attaching a QoS Service Policy Directly to a DLCI Configured on an Interface
Router(config)# interface serial 4/0/0
Router(config-if)# frame-relay interface-dlci 201
Router(config-fr-dlci)# service-policy output voice

Cisco 10000 Series Router Quality of Service Configuration Guide

4-18

OL-7433-09

Chapter 4

Attaching Service Policies


Attaching Frame Relay QoS Service Policies

Attaching a QoS Service Policy to a Frame Relay DLCI Using a Map Class
You can attach a map class with a QoS policy to a Frame Relay DLCI that is configured on an interface
or subinterface.
To attach a QoS service policy to a Frame Relay DLCI using a map class, enter the following commands
beginning in global configuration mode:
Command

Purpose

Step 1

Router(config)# map-class frame-relay


map-class-name

Specifies a map class and enters map-class configuration mode.

Step 2

Router(config-map-c)# service-policy
[input | output] policy-map-name

map-class-name identifies the map class.


Applies the service policy you specify to the map class.
input indicates to apply the service policy to inbound traffic on
the interface.
output indicates to apply the service policy to outbound traffic on
the interface.
Note

For QoS policies containing the bandwidth, priority,


random-detect, queue-limit, and shape commands, you
must specify the output keyword. If you use these
commands with the input keyword, the router ignores the
commands.

policy-map-name is the name of the policy map.


Step 3

Router(config-map-c)# exit

Exits map-class configuration mode.

Step 4

Router(config)# interface type


slot/module/port.subinterface
[point-to-point]

Specifies an interface or subinterface. Enters interface or


subinterface configuration mode.

Step 5

Router(config-if)# frame-relay
interface-dlci dlci

Assigns a data link connection identifier (DLCI) to the Frame


Relay interface or subinterface. Enters Frame Relay DLCI
configuration mode.
dlci is a number that identifies the data link connection on the
interface or subinterface.

Step 6

Router(config-fr-dlci)# frame-relay class


name

Associates a map class with the individual DLCI.


name is the name of the map class that you want to associate with
the DLCI.
Note

The router applies the service policy configured in the


map class to only this individual DLCI.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-19

Chapter 4

Attaching Service Policies

Attaching Virtual LAN QoS Service Policies

Configuration Examples for Attaching a QoS Service Policy to a Frame Relay DLCI Using a Map Class
Example 4-11 shows how to configure a policy map named gold within a Frame Relay map class named
group1, and attach the map class to DLCI 101 configured on the serial subinterface 1/0/0.2.
Example 4-11 Attaching a QoS Service Policy to a Frame Relay Subinterface DLCI Using a Map Class
Router(config)# map-class frame-relay group1
Router(config-map-class)# service-policy gold
Router(config-map-class)# exit
Router(config)# interface serial 1/0/0.2 point-to-point
Router(config-if)# frame-relay interface-dlci 101
Router(config-fr-dlci)# frame-relay class group1

Example 4-12 shows how to configure a policy map named Premium within a Frame Relay map class
named voice, and attach the map class to DLCI 200 configured on the serial interface 3/0/0.
Example 4-12 Attaching a QoS Service Policy to a Frame Relay Interface DLCI Using a Map Class
Router(config)# map-class frame-relay voice
Router(config-map-class)# service-policy Premium
Router(config-map-class)# exit
Router(config)# interface serial 3/0/0
Router(config-if)# frame-relay interface-dlci 200
Router(config-fr-dlci)# frame-relay class voice

Attaching Virtual LAN QoS Service Policies


On Ethernet interfaces with virtual LANs (VLANs) configured, you can attach a QoS service policy to
the physical interface, an individual VLAN subinterface, or to both the physical interface and one or
more VLAN subinterfaces.
This section describes the following topics:

Feature History for VLAN QoS, page 4-20

VLAN QoS Inheritance, page 4-21

Restrictions and Limitations for Attaching QoS Services to VLAN Subinterfaces, page 4-21

Attaching QoS Policies to VLAN Interfaces and Subinterfaces, page 4-21

Feature History for VLAN QoS


Cisco IOS Release

Description

Required PRE

12.0(25)SX

The attachment of virtual LAN QoS service policies was


introduced on the router.

PRE1

12.2(15)BX

This feature was introduced on the PRE2.

PRE2

12.2(28)SB

This feature was integrated in Cisco IOS


Release 12.2(28)SB for the PRE2.

PRE2

Cisco 10000 Series Router Quality of Service Configuration Guide

4-20

OL-7433-09

Chapter 4

Attaching Service Policies


Attaching Virtual LAN QoS Service Policies

VLAN QoS Inheritance


The following describes how VLAN traffic inherits QoS policies:

If you attach a service policy only to the physical interface, the aggregate of all of the VLAN
subinterfaces is subject to the physical interfaces service policy.

If you attach a service policy only to individual VLAN subinterfaces and not to the physical
interface, only the individual VLAN subinterfaces are subject to the attached service policies.

If you attach service policies to both the physical interface and to individual VLAN subinterfaces,
the aggregate of all VLAN subinterfaces without a service policy is subject to the physical
interfaces service policy, and all of the VLAN subinterfaces with a service policy are individually
subject to their attached service policies.

Restrictions and Limitations for Attaching QoS Services to VLAN Subinterfaces

The Cisco 10000 series router currently supports PPPoE over IEEE 802.1Q VLAN on Gigabit
Ethernet and Fast Ethernet 8-port half-height line cards. The Fast Ethernet port (fe0/0/0) of the
performance routing engine (PRE) does not support this feature. This port is for management traffic
only.

For PRE1 and PRE2, output QoS policies that contain queueing actions must be nested service
policies. However, for PRE3 and PRE4, there is no such restriction and thereby a flat queueing
policy can be directly attached to a VLAN subinterface.

Attaching QoS Policies to VLAN Interfaces and Subinterfaces


To attach QoS service policies to VLAN interfaces and subinterfaces, perform any of the following
configuration tasks:

Attaching QoS Service Policies to Physical Interfaces with VLAN Subinterfaces, page 4-22

Attaching QoS Service Policies to VLAN Subinterfaces, page 4-23

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-21

Chapter 4

Attaching Service Policies

Attaching Virtual LAN QoS Service Policies

Attaching QoS Service Policies to Physical Interfaces with VLAN Subinterfaces


To attach QoS service policies to physical interfaces with VLAN subinterfaces, enter the following
commands beginning in global configuration mode:
Command

Purpose

Step 1

Router(config)# interface type


slot/module/port

Specifies the physical Ethernet interface to which you want to


attach the QoS service policy. Enters interface configuration
mode.

Step 2

Router(config-if)# service-policy {input


| output} policy-map-name

Attaches the service policy you specify to the physical interface.


input indicates to apply the service policy to inbound traffic on
the interface.
output indicates to apply the service policy to outbound traffic on
the interface.
Note

For QoS policies containing the bandwidth, priority,


random-detect, queue-limit, and shape commands, you
must specify the output keyword. If you use these
commands with the input keyword, the router ignores the
commands.

policy-map-name is the name of the policy map.


Step 3

Router(config-if)# interface type


slot/module/port.subinterface

Creates a subinterface and enters subinterface configuration


mode.

Step 4

Router(config-subif)# encapsulation dot1q


vlanid

Configures the subinterface as a VLAN subinterface.


dot1q defines the encapsulation format as IEEE 802.1Q VLAN.
vlanid is a number that identifies the VLAN.
Note

The router applies the service policy of the physical


interface to all of the individual VLANs configured on the
interface.

Configuration Example for Attaching QoS Policies to Physical Interfaces with VLAN Subinterfaces
Example 4-13 shows how to attach a service policy named myQoS to the physical Gigabit Ethernet
interface 1/0/0 for inbound traffic. VLAN 4, configured on the GigabitEthernet subinterface 1/0/0.3,
inherits the service policy of the physical Gigabit Ethernet interface 1/0/0.
Example 4-13 Attaching a QoS Policy to a VLAN Interface
Router(config)# interface GigabitEthernet 1/0/0
Router(config-if)# service-policy input myQoS
Router(config-if)# interface GigabitEthernet 1/0/0.3
Router(config-subif)# encapsulation dot1q 4

Cisco 10000 Series Router Quality of Service Configuration Guide

4-22

OL-7433-09

Chapter 4

Attaching Service Policies


Attaching Virtual Access Interface QoS Service Policies

Attaching QoS Service Policies to VLAN Subinterfaces


To attach a QoS service policy to a VLAN subinterface, enter the following commands beginning in
global configuration mode:
Command

Purpose

Step 1

Router(config)# interface type


slot/module/port.subinterface

Specifies the Ethernet subinterface to which you want to attach


the QoS service policy. Enters subinterface configuration mode.

Step 2

Router(config-subif)# encapsulation dot1q


vlanid

Creates a VLAN subinterface.


dot1q defines the encapsulation format as IEEE 802.1Q VLAN.
vlanid is a number that identifies the VLAN.

Step 3

Router(config-subif)# service-policy
[input | output] policy-map-name

Attaches the service policy you specify to the subinterface.


input indicates to apply the service policy to inbound traffic on
the interface.
output indicates to apply the service policy to outbound traffic on
the interface.
Note

For QoS policies containing the bandwidth, priority,


random-detect, queue-limit, and shape commands, you
must specify the output keyword. When you use these
commands with the input keyword, the router ignores the
commands .

policy-map-name is the name of the policy map.


Note

The router applies the service policy to only this


individual VLAN subinterface.

Configuration Example for Attaching a QoS Service Policy to a VLAN Subinterface


Example 4-14 shows how to attach a policy map named bronze to VLAN 4 on GigabitEthernet
subinterface 1/0/0.3 for outbound traffic.
Example 4-14 Attaching a QoS Policy to an Individual VLAN
Router(config)# interface GigabitEthernet 1/0/0.3
Router(config-subif)# encapsulation dot1q 4
Router(config-subif)# service-policy output bronze

Attaching Virtual Access Interface QoS Service Policies


A virtual access interface (VAI) is a virtual interface that the router dynamically creates and configures
when a remote user initiates a session to the Cisco 10000 series router.
1.

The router uses a template of operational parameters called a virtual template interface to create and
configure the VAI.

2.

When the user connection terminates, the router deletes the VAI and frees the resources for other
client uses.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-23

Chapter 4

Attaching Service Policies

Attaching Virtual Access Interface QoS Service Policies

The virtual template interface is a logical entity that the router applies dynamically as needed to a
connection. It is a configuration for an interface, but it is not tied to the physical interface. The VAI uses
the attributes of the virtual template to create the session, which results in a VAI that is uniquely
configured for a specific user.
After you configure a virtual template, configure the virtual connection that will use the template and
then apply the template to the virtual connection. The order in which you create virtual templates and
configure the virtual connections that use the templates is not important. However, before a remote user
initiates a session to the router, both the virtual templates and connections must exist.
If you use a RADIUS server, the RADIUS configuration takes precedence over the virtual template
configuration. For example, the RADIUS configuration might override some parameters and the virtual
template provides the remainder of the configuration.

Note

Virtual template interfaces and VAIs do not apply to routed bridge encapsulation (RBE) over ATM.
For more information about virtual templates and VAIs, see the Cisco 10000 Series Broadband
Aggregation and Leased-Line Configuration Guide at:
http://www.cisco.com/en/US/products/hw/routers/ps133/products_configuration_guide_book0918
6a00804d45ca.html
This section describes the following topics:

Feature History for VAI QoS, page 4-24

VAI QoS Inheritance, page 4-24

Restrictions and Limitations for Attaching QoS Services to a VAI, page 4-25

Attaching QoS Policies to VAIs Using Virtual Template Interfaces, page 4-25

Feature History for VAI QoS


Cisco IOS Release

Description

Required PRE

12.0(25)SX

The attachment of VAI QoS service policies feature was


introduced on the router.

PRE1

12.2(15)BX

This feature was introduced on the PRE2.

PRE2

12.2(28)SB

This feature was integrated in Cisco IOS


Release 12.2(28)SB for the PRE2.

PRE2

12.2(31)SB2

This feature was introduced on the PRE3.

PRE2
PRE3

VAI QoS Inheritance


When you apply a QoS service policy to a virtual circuit (VC), the virtual access interfaces (VAIs) that
use that VC inherit the QoS policy of the VC. Any VAI that uses that VC is subject to the queueing,
policing, and marking actions defined in the VC service policy.

Cisco 10000 Series Router Quality of Service Configuration Guide

4-24

OL-7433-09

Chapter 4

Attaching Service Policies


Attaching Virtual Access Interface QoS Service Policies

Restrictions and Limitations for Attaching QoS Services to a VAI

Virtual template interfaces and VAIs do not apply to routed bridge encapsulation (RBE) over ATM.

Before a remote user initiates a session to the router, both the virtual template and virtual connection
must exist.

Cisco IOS Release 12.2(25)SX does not support the configuration of broadband aggregation (BBA)
groups using RADIUS. You must configure BBA groups manually.

You can only apply a QoS policy with queueing-related actions to a VC. Do not apply service
policies with class-based weighted fair queueing (CBWFQ) actions to a VAI using a virtual
template. The router supports queueing only when you apply the QoS policy to a VC.

You can apply a QoS policy without queueing-related actions to either a VC or a VAI, but not to both
at the same time.

You cannot use RADIUS to configure a QoS policy on the VC.

If you configure a QoS policy on a VC, the show policy interface VAI command does not display
information to indicate that the VAI is subject to the VC service policy. However, if you apply a
policy directly to a VAI, the show policy interface VAI command displays information about the
policy on the VAI.

Attaching QoS Policies to VAIs Using Virtual Template Interfaces


To attach QoS service policies to virtual access interfaces (VAIs), perform the following required
configuration tasks:

Applying a QoS Service Policy to a Virtual Template Interface, page 4-26

Applying a Virtual Template Interface to a BBA Group, page 4-27

Attaching a BBA Group to an Interface or Subinterface for PPPoE Sessions, page 4-28

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-25

Chapter 4

Attaching Service Policies

Attaching Virtual Access Interface QoS Service Policies

Applying a QoS Service Policy to a Virtual Template Interface


To apply a QoS service policy to a virtual template interface, enter the following commands beginning
in global configuration mode:

Step 1

Command

Purpose

Router(config)# interface virtual-template


number

Creates a virtual template interface and enters interface


configuration mode.
number is a number from 1 to 200 that identifies the virtual
template.

Step 2

Router(config-if)# service-policy [input |


output] policy-map-name

Attaches the service policy you specify to the virtual template


interface.
input indicates to apply the service policy to inbound traffic on
the interface.
output indicates to apply the service policy to outbound traffic
on the interface.
Note

For QoS policies containing the bandwidth, priority,


random-detect, queue-limit, and shape commands,
you must specify the output keyword. When you use
these commands with the input keyword, the router
ignores the commands.

policy-map-name is the name of the policy map.

Configuration Example for Applying QoS Policies to Virtual Template Interfaces


Example 4-15 shows how to apply the policy map named policy1 to the virtual template named
virtual-template1 for all inbound traffic. In this example, the virtual template configuration also includes
CHAP authentication and point-to-point protocol (PPP) authorization and accounting.
Example 4-15 Applying QoS Policies to a Virtual Template Interface
Router(config)# interface virtual-template1
Router(config-if)# ip unnumbered Loopback1
Router(config-if)# no peer default ip address
Router(config-if)# ppp authentication chap vpn1
Router(config-if)# ppp authorization vpn1
Router(config-if)# ppp accounting vpn1
Router(config-if)# service-policy policy1

Cisco 10000 Series Router Quality of Service Configuration Guide

4-26

OL-7433-09

Chapter 4

Attaching Service Policies


Attaching Virtual Access Interface QoS Service Policies

Applying a Virtual Template Interface to a BBA Group


A BBA group is a template used to control connections. Cisco IOS Release 12.2(25)SX does not support
the configuration of broadband aggregation (BBA) groups using RADIUS. You must configure BBA
groups manually.
To apply a virtual template interface to a BBA group for Point-to-Point Protocol over Ethernet (PPPoE)
over IEEE 802.1Q VLAN, enter the following commands beginning in global configuration mode:

Step 1

Command

Purpose

Router(config)# bba-group pppoe {name |


global}

Configures a BBA group to be used to establish PPPoE


sessions.
name identifies the BBA group. You can configure multiple
BBA groups.
global is the default BBA group used for PPPoE connections
when a BBA group name is not specified.

Step 2

Router(config-bba)# virtual-template
template-number

Applies the virtual template interface you specify to the BBA


group. The router uses the virtual template interface to clone
virtual access interfaces (VAIs).
template-number is a number that identifies the virtual
template and is used to clone virtual-access interfaces.

Note

You cannot simultaneously configure a BBA group for PPPoE and a VPDN group for PPPoE. If you
configure a BBA group and then you configure a VPDN group, the protocol command in VPDN
accept-dialin configuration mode does not include an option for PPPoE (for example, you cannot specify
the protocol pppoe command). Use the no bba-group pppoe command to re-enable the pppoe option
for the protocol command.

Configuration Example for Applying a Virtual Template Interface to a BBA Group


Example 4-16 shows how to create a BBA group named vpn1 and apply the virtual template named
VirtualTemplate 1 to the group. In the example, the BBA group configuration limits the number of
sessions per VC to 5 and specifies that a maximum of 10 PPPoE sessions can be terminated on the
interface or subinterface to which the BBA group is attached.
Example 4-16 Applying a Virtual Template Interface to a BBA Group
Router(config)# bba-group pppoe vpn1
Router(config-bba)# VirtualTemplate 1
Router(config-bba)# sessions per-vc limit 5
Router(config-bba)# sessions per-mac limit 10

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-27

Chapter 4

Attaching Service Policies

Attaching Virtual Access Interface QoS Service Policies

Attaching a BBA Group to an Interface or Subinterface for PPPoE Sessions


You can attach a BBA group to physical interfaces and subinterfaces with varying encapsulations, or to
permanent virtual circuits (PVCs).
To attach a BBA group to an interface or subinterface, enter the following commands beginning in global
configuration mode:
Command

Purpose

Step 1

Router(config)# interface type


slot/subslot/port.subinterface

Specifies the interface or subinterface to which you want to


attach the BBA group. Enters subinterface configuration
mode.

Step 2

Router(config-subif)# protocol pppoe group


group-name

Attaches the BBA group to the specified interface or


subinterface. Enables PPP over Ethernet (PPPoE) sessions to
be established on the interface, subinterface, or permanent
virtual circuits (PVCs).
Note

The router applies the QoS policy of the virtual


template associated with the BBA group. The QoS
policy applies to this interface or subinterface and to
any PVCs configured on the interface or subinterface
without a specified policy.

Configuration Examples for Attaching a BBA Group to an Interface or Subinterface


Example 4-17 shows how to attach a BBA group named bba1 to the ATM interface 1/0/0 for PPPoE
sessions.
Example 4-17 Attaching a BBA Group to an Interface
Router(config)# interface atm 1/0/0
Router(config-if)# protocol pppoe group bba1
Router(config-if)# encapsulation ppp
Router(config-if)# pppoe enable

Example 4-18 shows how to attach a BBA group named bba-voice to ATM subinterface 4/0/0.10 for
PPPoE sessions. The example also assigns VLAN 4 to the subinterface.
Example 4-18 Attaching a BBA Group to a VLAN Subinterface
Router(config)# interface atm 4/0/0.10
Router(config-subif)# protocol pppoe group bba-voice
Router(config-subif)# encapsulation dot1q 4
Router(config-subif)# pppoe enable

Cisco 10000 Series Router Quality of Service Configuration Guide

4-28

OL-7433-09

Chapter 4

Attaching Service Policies


Attaching Virtual Access Interface QoS Service Policies

Example 4-19 shows how to use a virtual template interface to apply a QoS policy to PPPoE sessions.
The example configuration shows how to create a virtual template interface, apply the virtual template
to a BBA group, and apply the BBA group to an interface or subinterface. The QoS policy named policy1
is applied to the virtual template interface named Virtual-Template1; Virtual-Template1 is applied to the
BBA group named VPN_1; and VPN_1 is applied to the ATM interface 5/0, which is configured for
aalsnap encapsulation. The QoS policy named voice1 is applied to the virtual template interface named
Virtual-Template2; Virtual-Template2 is applied to the BBA group named VPN_2; and VPN_2 is applied
to the FastEthernet subinterface 3/0/0.33, which is configured as a VLAN subinterface.
Example 4-19 Applying a QoS Policy to PPPoE Sessions Using a Virtual Template on a VLAN
Subinterface
Router(config)# interface Virtual-Template1
Router(config-if)# ip unnumbered Loopback0
Router(config-if)# mtu 1492
Router(config-if)# peer default ip address pool pool1
Router(config-if)# ppp authentication chap
Router(config-if)# service-policy input policy1
Router(config)# interface Virtual-Template2
Router(config-if)# ip unnumbered Loopback1
Router(config-if)# no peer default ip address
Router(config-if)# ppp authentication chap
Router(config-if)# ppp authorization
Router(config-if)# service-policy input voice1
Router(config)# bba-group pppoe VPN_1
Router(config-bba)# virtual-template 1
Router(config-bba)# sessions per-vc limit 5
Router(config-bba)# sessions per-mac limit 10
Router(config-bba)# sessions per-vlan limit 5
!
!
Router(config)# bba-group pppoe VPN_2
Router(config-bba)# virtual-template 2
Router(config-bba)# sessions per-vc limit 5
Router(config-bba)# sessions per-mac limit 10
Router(config-bba)# sessions per-vlan limit 5
!
!
Router(config)# interface atm 5/0
Router(config-if)# protocol pppoe group VPN_1
Router(config-if)# encapsulation aalsnap
!
Router(config)# interface FastEthernet 3/0/0.33
Router(config-subif)# protocol pppoe group VPN_2
Router(config-subif)# encapsulation dot.1q 5
!
!

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-29

Chapter 4

Attaching Service Policies

Attaching Layer 2 Access Concentrator QoS Service Policies

Attaching Layer 2 Access Concentrator QoS Service Policies


You can attach a QoS service policy to an ATM VC on the Layer 2 access concentrator (LAC) using the
service-policy command.
This section describes the following topics:

Feature History for LAC QoS, page 4-30

LAC QoS Inheritance, page 4-30

Restrictions and Limitations for Attaching LAC QoS, page 4-31

Attaching QoS Policies to LAC ATM Virtual Circuits, page 4-31

Feature History for LAC QoS


Cisco IOS Release

Description

Required PRE

12.3(7)XI3

The QoS: Broadband Aggregation Enhancements - Phase 1


feature (also known as LAC QoS) was introduced on the
router to support LAC QoS policies on an ATM virtual
circuit.

PRE2

12.2(28)SB

LAC QoS was integrated in Cisco IOS


Release 12.2(28)SB.

PRE2

LAC QoS Inheritance


The following describes how LAC traffic inherits QoS policies:

If you attach a service policy only to the physical ATM interface, the aggregate of all unshaped UBR
PVCs is subject to the physical interfaces service policy. The router treats shaped UBR PVCs like
variable bit rate (VBR) and constant bit rate (CBR) PVCs.

If you attach a service policy only to individual ATM PVCs and not to the physical ATM interface,
only the individual PVC is subject to its attached service policy.

If you attach service policies to both the physical ATM interface and individual ATM PVCs, the
aggregate of all UBR PVCs without an attached service policy is subject to the physical interfaces
service policy. All PVCs with an attached service policy are individually subject to their attached
service policies.

When a service policy is attached to an individual ATM PVC, sessions that use that PVC inherit the
service policy applied to the PVC or the inherited policy of the PVC. If a session inherits a policy, the
show policy interface virtual access command does not display the state of the inherited policy. You
can display the state of the policy only on the interface where you configured the policy. If you attach a
service policy only to:

The physical Ethernet interface, the aggregate of all of the VLAN subinterfaces is subject to the
physical interfaces service policy.

Individual VLAN subinterfaces, and not to the physical Ethernet interface, only the individual
VLAN subinterfaces are subject to the attached service policies.

Cisco 10000 Series Router Quality of Service Configuration Guide

4-30

OL-7433-09

Chapter 4

Attaching Service Policies


Attaching Layer 2 Access Concentrator QoS Service Policies

If you attach service policies to both the Ethernet physical interface and to individual VLAN
subinterfaces, the aggregate of all VLAN subinterfaces without a service policy is subject to the
physical interfaces service policy, and all of the VLAN subinterfaces with a service policy are
individually subject to their attached service policies.

Restrictions and Limitations for Attaching LAC QoS

Cisco IOS Release 12.3(7)XI3 does not support the attachment of LAC QoS directly to sessions by
attaching QoS services to a virtual access interface (VAI) using a virtual template. If you apply LAC
QoS to a virtual template, the router ignores it.

On ATM line cards, you can apply a policy map to the physical interface, point-to-point
subinterfaces, and to individual PVCs. The router does not support applying QoS service policies to
point-to-multipoint interfaces. However, you can apply service policies to VCs that are on
multipoint interfaces.

The policy map you assign to an ATM PVC takes precedence over the policy map you assign to the
main interface.

You must first configure the atm pxf queuing command on the ATM interface and then attach the
policy map.

Note

Do not change the queuing mode while VCs are configured on the interface. If you must change
the mode, first delete the VCs and then change the mode. Changing the mode while VCs are
configured can produce undesired results, and the change does not take effect until the router
reloads.

The aggregate bandwidth of the classes configured in a policy map is limited to the speed of the
interface or subinterface to which it is applied. The aggregate bandwidth of a policy applied to a VC
is limited to the capacity of the port, unless you configure oversubscription by using the
atm over-subscription-factor command.

The router does not support a service policy based on queueing for unshaped UBR PVCs.

The Cisco 10000 series router currently supports PPPoE over IEEE 802.1Q VLAN on Gigabit
Ethernet and Fast Ethernet 8-port half-height line cards. In a PPPoE over Ethernet configuration,
you cannot attach a service policy to a subinterface if another service policy is already attached to
its main interface.

The Fast Ethernet port (fe0/0/0) of the performance routing engine (PRE) does not support PPPoE
over Ethernet. This port is for management traffic only.

Output QoS policies that contain queueing actions must be hierarchical service policies. For more
information, see Chapter 13, Defining QoS for Multiple Policy Levels.

Attaching QoS Policies to LAC ATM Virtual Circuits


You can attach QoS policies to ATM virtual circuits on the LAC. For information about how to do this,
see the Attaching QoS Service Policies to an ATM PVC section on page 4-8.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-31

Chapter 4

Attaching Service Policies

Applying QoS on Layer 2 Tunnel Packets

Applying QoS on Layer 2 Tunnel Packets


The following describes how the Cisco 10000 series router applies QoS policies to Layer 2 tunnel
packets:
Inbound Layer 2 Tunnel Packets
1.

When a packet arrives on a physical interface, the router applies the input QoS policy (if one exists)
of the physical interface.

2.

The router then applies the input QoS policy of the packets tunnel interface.

Outbound Layer 2 Tunnel Packets


1.

When a packet leaves the router, it applies the output QoS policy (if one exists) of the outbound
tunnel interface.

2.

The router then applies the output QoS policy of the outbound physical interface.

When applying the QoS policy, the physical interface uses the tunnel outer IP header; the tunnel interface
uses the inner IP header.
When an IP packet is encapsulated in a tunnel, the router copies the packets original IP type of service
(ToS) value into the tunnel header.

Verifying and Monitoring QoS Service Policies


To verify and monitor QoS service policies attached to ATM, Frame Relay, and VLAN subinterfaces,
enter any of the following commands in privileged EXEC mode:
Command

Purpose

Router# show interface

Displays Layer 2 statistics for all interfaces configured on the


router.

Router# show interfaces virtual-access number


[configuration]

Displays statistical and configuration information about the active


VAI that was created using a virtual template interface.
number is the number of the virtual access interface (VAI) that is
used to identify the VAI.
The configuration keyword indicates to display only
configuration information.

Cisco 10000 Series Router Quality of Service Configuration Guide

4-32

OL-7433-09

Chapter 4

Attaching Service Policies


Verifying and Monitoring QoS Service Policies

Command

Purpose

Router# show policy-map interface

Displays the packet statistics of all classes that are configured for
all service policies either on the specified interface or subinterface
or on a specific PVC on the interface.
The following information displays for each policy:

Class map name

Total packets and bytes

30-second traffic rate

Queue statistics

Bandwidth allocated for the class map

Congestion avoidance parameters

In Cisco IOS Release 12.0(25)SX and later releases, the


show policy-map interface command also provides RED drop
counts for each IP precedence.
Router# show policy-map interface virtual-access
number

Displays statistical and configuration information about the


QoS policy configured on the virtual access interface (VAI) you
specify.
number is the number of the virtual access interface (VAI) that
identifies the VAI.
If you configure a QoS policy on a VC, the show policy-map
interface virtual-access command does not display information
to indicate that the VAI is subject to the VC service policy.
However, if you apply a QoS policy directly to a VAI, the show
policy interface virtual-access command displays information
about the QoS policy on the VAI.

Router# show pxf interface interface [detail]

Displays a summary of the statistics accumulated by column 0 of


the PXF for the interface you specify. If you do not specify an
interface, a summary of the statistics for all PXF interfaces on the
router appears.
interface is the type and number of the interface (for example,
serial 4/0/0).
detail indicates to display detailed information rather than a
summary of information.
The command displays information such as the following:

Number of packets input

Number of errors

Overall status of the interface queues

Board-level statistics for connection to the backplane

Router# show pppoe session all

Displays a summary of the status of all active tunnels for each


session ID.

Router# show pppoe session packets

Displays a summary of the status of all packets traveling in and


traveling out of a PPPoE session.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-33

Chapter 4

Attaching Service Policies

Verifying and Monitoring QoS Service Policies

Note

The show pxf commands are entered as show hardware pxf on the PRE1. For example, to
view a statistical summary of PXF column 0 for the specified interface, enter the
show hardware pxf interface command.

Verification Example for QoS Service Policies


Example 4-20 shows the information displayed when you enter the show policy-map interface
command. In the sample output, random early detection (RED) drop statistics display for each
IP precedence.
The sample output in Example 4-20 is based on the following class map and policy map configurations:
class-map match-all
match access-group
class-map match-all
match access-group
class-map match-any
policy-map wred_1
class prec_0_0
bandwidth 75
random-detect
random-detect
random-detect
class prec_0_1
bandwidth 73
random-detect
random-detect
random-detect

prec_0_0
100
prec_0_1
101
class-default

precedence-based
exponential-weighting-constant3
precedence 0 10 20 10

precedence-based
exponential-weighting-constant 3
precedence 1 10 20 10

Example 4-20 Displaying RED Drop Counts


Router# show policy-map interface atm 7/0/0.2
ATM7/0/0.2: VC 2/101 Service-policy output: wred_1
Class-map: prec_0_0 (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group 100
Output queue: 0/64; 0/0 packets/bytes output, 0/0 drops
Bandwidth : 75 kbps (Weight 3)
Random-detect (precedence-based):
Exponential weight: 3 (1/8)
Current average queue length: 0 packets
----------------------------------------------------------------------TOSMinMaxMarkRand-DropTail-Drop
precedencethresthresprobabilityPktsBytesPktsByte
----------------------------------------------------------------------0 1020 1/100 0 0
0
1 3664 1/100 0 0
0
2 4064 1/100 0 0
0
3 4464 1/100 0 0
0
4 4864 1/100 0 0
0
5 5264 1/100 0 0
0
6 5664 1/100 0 0
0
7 6064 1/100 0 0
0

Cisco 10000 Series Router Quality of Service Configuration Guide

4-34

OL-7433-09

Chapter 4

Attaching Service Policies


Verifying and Monitoring QoS Service Policies

Class-map: prec_0_1 (match-all)


0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group 101
Output queue: 0/64; 0/0 packets/bytes output, 0/0 drops
Bandwidth : 73 kbps (Weight 3)
Random-detect (precedence-based):
Exponential weight: 3 (1/8)
Current average queue length: 0 packets
----------------------------------------------------------------------TOSMinMaxMarkRand-DropTail-Drop
precedencethresthresprobabilityPktsBytesPktsByte
----------------------------------------------------------------------0 32 64 1/100 0 0
0
1 10 20 1/100 0 0
0
2 40 64 1/100 0 0
0
3 44 64 1/100 0 0
0
4 48 64 1/100 0 0
0
5 52 64 1/100 0 0
0
6 56 64 1/100 0 0
0
7 60 64 1/100 0 0
0
Class-map: class-default (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
Output queue: 0/64; 3/88 packets/bytes output, 0/0 drops

Example 4-21 shows another example of the information that appears when you enter the
show policy-map interface command. The sample output in Example 4-21 is based on a broadband
configuration with the following class map and policy map configurations:
class-map
match ip
match ip
class-map
match ip

match-any VoIP
dscp ef
precedence 5
match-any VoD
precedence 3

policy-map QOS-Policy1
class VoIP
police 64000 8000 0 conform-action transmit exceed-action drop violate-action drop
priority
class VoD
bandwidth 1500

Example 4-21 Displaying Packet Statistics for a Specific Interface


Router# show policy-map interface atm 7/0/0.2
ATM7/0/0.2: VC 2/101 Service-policy output: QOS-Policy1
Class-map: VoIP (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: ip dscp ef
0 packets, 0 bytes
5 minute rate 0 bps
Match: ip precedence 5
0 packets, 0 bytes
5 minute rate 0 bps
Output queue: 0/128; 0/0 packets/bytes output, 0/0 drops
Police:
64000 bps, 8000 limit, 0 extended limit

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

4-35

Chapter 4

Attaching Service Policies

Related Documentation

conformed 0 packets, 0 bytes; action: transmit


exceeded 0 packets, 0 bytes; action: drop
violated 0 packets, 0 bytes; action: drop
Absolute priority
Class-map: VoD (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: ip precedence 3
0 packets, 0 bytes
5 minute rate 0 bps
Output queue: 0/64; 0/0 packets/bytes output, 0/0 drops
Bandwidth : 1500 kbps (Weight 73)
Class-map: class-default (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
Output queue: 0/32; 0/0 packets/bytes output, 0/0 drops

Related Documentation
This section provides hyperlinks to additional Cisco documentation for the features described in this
chapter. To display the documentation, click the document title or a section of the document highlighted
in blue. When appropriate, paths to applicable sections are listed below the documentation title.
Feature

Related Documentation

BBA Groups

Cisco 10000 Series Broadband Aggregation and Lease-Line Configuration


Guide
Configuring PPPoE over Ethernet and IEEE 802.1Q VLAN

Frame Relay legacy commands

Cisco 10000 Series Router Quality of Service Configuration Guide


Configuring Frame Relay QoS Using Frame Relay Legacy Commands

Subinterface Policy Maps

Cross-Platform Release Notes for Cisco IOS Release 12.0S


Part 2: New Features and Important Notes > New and Changed
Information > New Software Features in Cisco IOS Release 12.0(22)S
> Subinterface Policy Maps
Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2
Part 8: Modular Quality of Service Command-Line Interface >
Configuring the Modular Quality of Service Command-Line Interface >
Modular QoS CLI Configuration Task List > Attaching a Traffic Policy
to an Interface

Virtual Access Interfaces

Cisco 10000 Series Broadband Aggregation and Lease-Line Configuration


Guide
Configuring Remote Access to MPLS VPN

Virtual Template Interfaces

Cisco 10000 Series Broadband Aggregation and Lease-Line Configuration


Guide
Configuring Remote Access to MPLS VPN
Cisco IOS Dial Technologies Configuration Guide, Release 12.2
Configuring Virtual Template Interfaces

Cisco 10000 Series Router Quality of Service Configuration Guide

4-36

OL-7433-09

CH A P T E R

Distributing Bandwidth Between Queues


Developing a queuing strategy is an important step in optimizing network functionality and services.
Equally important is ensuring that bandwidth is shared fairly among the competing traffic queues. By
distributing bandwidth between the different queues of a link, you can increase the capacity of a link and
optimize aspects of your network that have greater importance.
The Cisco 10000 series router allows you to distribute bandwidth to ensure that bandwidth is shared
fairly between the queues of a link. This chapter describes bandwidth distribution between queues on the
Cisco 10000 series router and contains the following topics:

Bandwidth Distribution Between Queues, page 5-1

Interfaces Supporting Bandwidth Distribution, page 5-2

Unused Bandwidth Allocation, page 5-3

Bandwidth Calculations, page 5-4

Bandwidth Allocation to PVCs, page 5-5

Class-Default Bandwidth Guarantee, page 5-6

Committed Rate Data, page 5-6

Bandwidth and Priority Service, page 5-7

Distribution of Remaining Bandwidth Using Ratio, page 5-14

Restrictions and Limitations for Bandwidth Distribution, page 5-9

Configuring Bandwidth Distribution Between Queues, page 5-10

Verifying and Monitoring Bandwidth Distribution, page 5-12

Related Documentation, page 5-26

Bandwidth Distribution Between Queues


Distributing bandwidth on a link using the bandwidth command ensures that bandwidth is shared fairly
among competing traffic. The router uses class queues to allocate bandwidth, first servicing priority
queue traffic followed by either bandwidth guarantee or bandwidth remaining queue traffic. By default,
a minimum bandwidth guaranteed queue has buffers for up to 50 milliseconds of 256-byte packets at line
rate, but not less than 32 packets. The router does not ensure latency characteristics for bandwidth
queues.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

5-1

Chapter 5

Distributing Bandwidth Between Queues

Bandwidth Distribution Between Queues

The router can commit up to 99 percent of the interface bandwidth to one or more class queues. If you
attempt to attach a policy map to an interface when the sum of the bandwidth assigned to classes is
greater than 99 percent of the available bandwidth, the router logs a warning message and does not
allocate the requested bandwidth to all of the classes. If the policy map is already attached to other
interfaces, it is removed from them.
Bandwidth includes the Layer 2 header, Layer 2 payload, and two bytes of trailer.

On ATM networks, the bandwidth is cell-based and includes Layer 2 overhead and cell overhead
(for example, cell overhead for SNAP and AAL5, the cell header, the AAL5 trailer, and AAL5
padding).

On Frame Relay networks with link fragmentation and interleaving (LFI) enabled, bandwidth is
based on fragments with Layer 2 overhead included.

The router converts the specified bandwidth to the nearest multiple of 1/255 (PRE1) or 1/65535 (PRE2)
of the interface speed. Use the show policy-map interface command to display the actual bandwidth.

Feature History for Bandwidth Distribution Between Queues


Cisco IOS Release

Description

Required PRE

Release 12.0(17)SL

This feature was introduced on the PRE1.

PRE1

Release 12.2(15)BX

This feature was introduced on the PRE2.

PRE2

Release 12.2(28)SB

This feature was integrated in Cisco IOS


Release 12.2(28)SB for the PRE2.

PRE2

Release 12.2(31)SB2

This feature was introduced on the PRE3. The Distribution PRE2


of Remaining Bandwidth Using Ratio feature was also
PRE3
introduced on the PRE3 only.

Interfaces Supporting Bandwidth Distribution


The following describes interface support for bandwidth distribution using the bandwidth command:
Interfaces Supporting the bandwidth Command (Outbound Only)

Physical

Multilink PPP and Multilink Frame Relay

ATM shaped (peak cell rate is specified) unspecified bit rate (UBR) PVCs and point-to-point
subinterfaces

ATM constant bit rate (CBR) PVCs and point-to-point subinterfaces

ATM variable bit rate (VBR) PVCs and point-to-point subinterfaces

Label-controlled ATM (LC-ATM) subinterfaces *

Frame Relay PVCs, point-to-point subinterfaces, and map classes *

Ethernet VLANs *

* Requires a specific type of hierarchical policy. For more information, see the Chapter 13, Defining
QoS for Multiple Policy Levels.

Cisco 10000 Series Router Quality of Service Configuration Guide

5-2

OL-7433-09

Chapter 5

Distributing Bandwidth Between Queues


Bandwidth Distribution Between Queues

Note

The router only supports the bandwidth command on outbound interfaces.


Interfaces Not Supporting the bandwidth Command

Note

ATM unshaped (no peak cell rate specified) UBR PVCs and point-to-point subinterfaces

IP tunnel

Virtual-access (See the VAI QoS Inheritance section on page 4-24.)

The router does not support the bandwidth command on inbound interfaces.

Unused Bandwidth Allocation


After the Cisco 10000 series router allocates bandwidth to priority and bandwidth guaranteed class
queues, the router divides unused (excess) bandwidth among the packets remaining in the class queues.

For all releases prior to Cisco IOS Release 12.0(19)SL, the router divides the unused bandwidth
equally among the class queues with outstanding packets.

For Cisco IOS Release 12.0(19)SL and later releases, the router divides unused bandwidth
proportional to the class bandwidth guarantee. You can override this proportional distribution by
using the bandwidth remaining percent command. The router distributes unused bandwidth only
to non-priority queues; a priority queue never receives more than its guaranteed bandwidth.

In Example 5-1, the policy-map named VLAN guarantees 30 percent of the bandwidth to the class
named Customer1 and 60 percent of the bandwidth to the class named Customer2. If you apply the
VLAN policy map to a 1-Mbps link, 300 kbps is guaranteed to class Customer1 and 600 kbps is
guaranteed to class Customer2, with 100 kbps remaining for the class-default class. If the class-default
class does not need additional bandwidth, the unused 100 kbps is available for use by class Customer1
and class Customer2. If both classes need the bandwidth, they share it in proportion to the configured
rates. In this example, the sharing ratio is 30:60 or 1:2.
Example 5-1

Excess Bandwidth Allocation

Router(config)# policy-map VLAN


Router(config-pmap)# class Customer1
Router(config-pmap-c)# bandwidth percent 30
Router(config-pmap-c)# exit
Router(config-pmap)# class Customer2
Router(config-pmap-c)# bandwidth percent 60

Traffic Classes That Can Use Excess Bandwidth


The bandwidth and priority commands provide bandwidth guarantees that are often described as
bandwidth that is reserved or set aside. However, neither command implements a true reservation of
bandwidth. If a traffic class is not using its configured bandwidth, the unused bandwidth is shared among
the other classes.
The Cisco 10000 series router guarantees a priority class 95 percent of the bandwidth. As a result, the
priority class can starve other traffic classes unless you configure policing. The router does not police
the priority class unless you configure a policer.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

5-3

Chapter 5

Distributing Bandwidth Between Queues

Bandwidth Distribution Between Queues

Table 5-1 describes when a class configured with the bandwidth or priority command can use excess
bandwidth.
Table 5-1

Comparing When a Bandwidth and Priority Class Can Use Excess Bandwidth

Command

Congestion

Non-Congestion

bandwidth

Allowed to exceed the allocated rate.

Allowed to exceed the


allocated rate.

priority

Not allowed to exceed the configured


rate.

Not allowed to exceed the


configured rate.

If you configure a policer for the priority


class, the router polices the priority class
to the configured bps or percentage rate,
and discards any excess packets.

If you configure a policer, the


router polices the priority
class to the configured bps or
percentage rate, and discards
any excess packets.

If you do not configure a policer, the


router guarantees a priority class 95
percent of the bandwidth, which can
result in bandwidth starvation of other
traffic classes.

Bandwidth Calculations
The Cisco 10000 series router can commit up to 99 percent of the interface bandwidth to one or more
class queues. If you attempt to attach a policy map to an interface when the sum of the bandwidth
assigned to classes is greater than 99 percent of the available bandwidth, the router logs a warning
message and does not allocate the requested bandwidth to all of the classes. If the policy map is already
attached to other interfaces, it is removed from them.
For a physical interface, the total bandwidth is the bandwidth of the physical interface. The router
converts the minimum bandwidth that you specify to the nearest multiple of 1/255 (PRE1) or 1/65535
(PRE2) of the interface speed. When you request a value that is not a multiple of 1/255 or 1/65535, the
router chooses the nearest multiple.
The bandwidth percentage is based on the interface bandwidth. In a hierarchical policy, the bandwidth
percentage is based on the nearest parent shape rate.
By default, a minimum bandwidth guaranteed queue has buffers for up to 50 milliseconds of 256-byte
packets at line rate, but not less than 32 packets.

Cisco 10000 Series Router Quality of Service Configuration Guide

5-4

OL-7433-09

Chapter 5

Distributing Bandwidth Between Queues


Bandwidth Distribution Between Queues

Table 5-2 describes the data included and excluded in the committed rate when a traffic shaper and
policer are configured on the interface.
Table 5-2

Committed Rate Data for Policing and Shaping

Action

Frame Relay

Ethernet

Policing

No bit or byte
stuffing

Generic Traffic Shaping No cell header


Class-Based Shaping

No 7E flags

No Frame Check
Sequence (FCS)

No Inter-Frame Gap
(IFG)
No Preamble
No Start of Frame
Delimiter (SFD)

ATM

ADSL

SDSL

Class-Based Shaping

Class-Based Shaping

No ATM cell
No AAL Common
overhead
Part Convergence
Sublayer (CPCS) pad No AAL Common
Part Convergence
No ATM trailer
Sublayer (CPCS) pad

No ATM cell
overhead
No AAL Common
Part Convergence
Sublayer (CPCS) pad

No ATM trailer

No ATM trailer

Class-Based Shaping

Class-Based Shaping

No Frame Check
Sequence (FCS)
Shaping

4 bytes of Frame
Check Sequence
(FCS)
No bit or byte
stuffing
No 7E flags

Generic Traffic Shaping ATM cell header


Class-Based Shaping

No Inter-Frame Gap
(IFG)
No Preamble
No Start of Frame
Delimiter (SFD)

AAL Common Part No ATM cell


overhead
Convergence
Sublayer (CPCS) pad No AAL Common
Part Convergence
ATM trailer
Sublayer (CPCS) pad

No ATM cell
overhead
No AAL Common
Part Convergence
Sublayer (CPCS) pad

Frame Check
Sequence (FCS)
1. The router does not account for flags or Frame Check Sequence (FCS) that the hardware adds or removes.

Table 5-3 describes what bandwidth is based on for each media type.
Table 5-3

Basis for Bandwidth

Media

Bandwidth Based On

Frame Relay

Fragments1

Ethernet

Bits

ATM variable bit rate (VBR)

Sustained cell rate (SCR)

ATM unspecified bit rate (UBR)

Peak cell rate (PCR)

ATM constant bit rate (CBR)

Peak cell rate (PCR)

1. For Frame Relay networks with link fragmentation and interleaving (LFI) enabled.

Bandwidth Allocation to PVCs


The router allocates bandwidth to variable bit rate (VBR), constant bit rate (CBR), and shaped (specifies
the peak cell rate) unspecified bit rate (UBR) PVCs before allocating bandwidth to unshaped UBR
PVCs. As a result, a diminished amount of bandwidth is available to allocate to unshaped UBR PVCs.
To override this behavior, create a hierarchical (nested) policy with the bandwidth specified and attach
the policy to the ATM port or physical interface.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

5-5

Chapter 5

Distributing Bandwidth Between Queues

Bandwidth Distribution Between Queues

Class-Default Bandwidth Guarantee


The Cisco 10000 series router guarantees bandwidth for the class-default class in the following way:

Note

For all releases prior to Cisco IOS Release 12.0(19)SL, when other classes are present, the
class-default class receives no bandwidth guarantee unless it has a bandwidth command configured.

Cisco IOS Release 12.0(19)SL adds support for an implicit bandwidth guarantee. In
Release 12.0(19)SL and later releases, the class-default class receives a bandwidth guarantee of any
uncommitted interface bandwidth plus one percent. You can decrease this guarantee by using the
bandwidth command in the class-default class.

You can decrease the class-default bandwidth guarantee, but you cannot increase it.
Configuring the bandwidth-remaining percent command for the class-default class can lead to
unexpected behavior such as a drop in link throughput or unfair bandwidth sharing between queues. This
occurs because the router allocates 1 percent of the interface bandwidth to the default class, regardless
of the value you specify in the bandwidth-remaining percent command. The router does this so that
the class-default queue has at least a minimum amount of the committed rate to guarantee bandwidth to
any control traffic flowing over the default class. This behavior is unique to the class-default class only
and the PRE2. To workaround this problem, you can:

Configure the bandwidth percent or bandwidth rate command in the policy map instead of the
bandwidth-remaining percent command.

Limit the traffic that flows over the class-default queue by configuring another class queue with the
bandwidth-remaining percent command specified and ensuring that the traffic that would have
flowed over the class-default queue now flows over the newly created queue, leaving the
class-default queue for control traffic.

Committed Rate Data


The committed rate includes the framing overhead, excluding bit and byte stuffing. For ATM, the
committed rate also includes the cell overhead. This causes the actual packet data rate to be lower than
what you specify in the bandwidth command. Therefore, be sure to allow for the framing and cell
overhead when you specify a minimum bandwidth for a class.
For example, if you need to commit a rate of 1000 64-byte packets per second and each have four bytes
of framing overhead, instead of specifying 512 kbps in the bandwidth command, you would specify
544 kbps, which is calculated in the following way:
1000 * (64+4) * 8 / 1000 = 544

A similar setup on ATM would require 848 kbps because each 64-byte packet requires two cells of
53 bytes:
1000 * 2 * 53 * 8 / 1000 = 848

Cisco 10000 Series Router Quality of Service Configuration Guide

5-6

OL-7433-09

Chapter 5

Distributing Bandwidth Between Queues


Bandwidth Distribution Between Queues

Bandwidth and Priority Service


To configure priority queuing, use the priority command in policy-map class configuration mode and
configure the bandwidth in the following way:

In releases prior to Cisco IOS Release 12.3(7)XI, specify a minimum bandwidth rate using the
priority command.

In Cisco IOS Release 12.3(7)XI and later releases, specify a minimum bandwidth rate using the
police command. The router no longer supports the percent and bandwidth-kbps options for the
priority command.

When you create a priority queue using the priority command, the router sets the committed information
rate (CIR) of the queue to near link bandwidth. Therefore, the priority queue can consume almost all of
the link bandwidth when packets are transmitted from it. As a result, there is no way to guarantee
bandwidth to the other queues on the link. To resolve this, configure the other queues using the
bandwidth remaining command. This command enables the router to allocate relative amounts of
bandwidth, eliminating the need to constantly change the class bandwidth.
Table 5-4 lists the functional differences between the bandwidth and priority commands:
Table 5-4

Comparison of Functional Differences Between the bandwidth and priority


Commands

Function

bandwidth Command

priority Command

Minimum bandwidth guarantee

Yes

Yes

Maximum bandwidth guarantee

No

Yes

Built-in policer

No

No

Provides low-latency

No

Yes

The bandwidth and priority commands are also designed to meet different QoS policy objectives.
Table 5-5 lists those differing objectives:
Table 5-5

Comparison of QoS Policy Objectives of the bandwidth and priority Commands

Application

bandwidth Command

priority Command

Bandwidth management for WAN links

Yes

Somewhat

Manage delay and variations in delay (jitter)

No

Yes

Improve application response time

No

Yes

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

5-7

Chapter 5

Distributing Bandwidth Between Queues

Bandwidth Distribution Between Queues

Queuing Modes
The Cisco 10000 series router supports the following queuing modes:

atm pxf queuing Mode, page 5-8

no atm pxf queuing Mode, page 5-9

atm pxf queuing Mode


The atm pxf queuing mode supports low VC counts. Before you configure VCs on an interface, configure
the queuing mode for the port (atm pxf queuing or no atm pxf queuing). After you configure the mode,
then configure the VCs. Do not change the mode while VCs are configured on the interface. If you need
to change the mode, delete the VCs first and then change the mode. Changing the mode while VCs are
configured can produce undesired results.
To support a low VC count, configure the atm pxf queuing command on each port of the Cisco 10000
series router. For Cisco IOS Release 12.3(7)XI2 and later releases, all line cards support a maximum of
28,672 VCs when configured for hierarchical shaping.

Note

For releases prior to Cisco IOS Release 12.3(7)XI2, the OC-3 and OC-12 line cards support a maximum
of 14,336 VCs when configured for hierarchical shaping. The DS3/E3 line card supports a maximum of
8,192 VCs when configured for shaping. You can configure the maximum number of VCs across the
ports in any fashion, provided that you do not exceed the per-port maximum. The OC-3 line card is
limited to 8,192 VCs per port and the DS3 is limited to 4,096 VCs per port.
The Cisco 10000 series router supports the following ATM traffic classes when you configure the atm
pxf queuing command:

Shaped and unshaped unspecified bit rate (UBR)


To configure shaped UBR, enter the ubr command and specify the PCR value. For unshaped UBR,
do not specify the PCR value.

Variable bit rate-nonreal time (VBR-nrt)


To configure VBR-nrt QoS, use the vbr-nrt command and specify the output PCR, output
sustainable cell rate (SCR), and output maximum burst cell size (MBS).

Constant bit rate (CBR)


To configure CBR QoS, use the cbr command and specify the average cell rate for the ATM circuit
emulation service (CES) for an ATM permanent virtual circuit (PVC).

Note

If you use the ubr+ command to configure shaped UBR, the router accepts the PCR value you specify,
but it does not use it. The router does not notify you of this behavior.

Cisco 10000 Series Router Quality of Service Configuration Guide

5-8

OL-7433-09

Chapter 5

Distributing Bandwidth Between Queues


Bandwidth Distribution Between Queues

no atm pxf queuing Mode

Note

Cisco recommends that you do not configure no atm pxf queuing mode for QoS-sensitive deployments.
The no atm pxf queuing mode supports high VC counts. Before you configure VCs on an interface,
configure the queuing mode for the port (atm pxf queuing or no atm pxf queuing). After you configure
the mode, then configure the VCs. Do not change the mode while VCs are configured on the interface.
If you need to change the mode, delete the VCs first and then change the mode. Changing the mode while
VCs are configured can produce undesired results.
To support a high number of virtual circuits (VCs), configure the no atm pxf queuing command on each
port of the Cisco 10000 series router. PPPoA supports one session per VC and requires that you enable
no atm pxf queuing mode to support up to 64,000 PPPoA sessions. Enabling no atm pxf queuing mode
is not required for L2TP and might not be required for PPPoE because you can have 64,000 sessions on
a single VC.
The Cisco 10000 series router supports the following ATM traffic classes when you configure the no atm
pxf queuing command:

Shaped and unshaped unspecified bit rate (UBR)


To configure shaped UBR, enter the ubr command and specify the PCR value. For unshaped UBR,
enter the ubr command without specifying the PCR value.

Variable bit rate-nonreal time (VBR-nrt)


To configure VBR-nrt QoS, use the vbr-nrt command and specify the output PCR, output
sustainable cell rate (SCR), and the output maximum burst cell size (MBS) for a VC class.

Note

If you use the ubr+ command to configure shaped UBR, the router accepts the PCR value you specify,
but it does not use it. The router does not notify you of this behavior.

Restrictions and Limitations for Bandwidth Distribution

You cannot configure the bandwidth command on a class with priority service configured.

In a policy map, you can configure the bandwidth, priority, or shape command for a maximum of
14 (PRE1) or 30 (PRE2) non-class-default classes.

The router supports a maximum of 32,767 (PRE1) or 128,000 (PRE2) output packet queues.

A policy map can have only one priority queue.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

5-9

Chapter 5

Distributing Bandwidth Between Queues

Bandwidth Distribution Between Queues

Configuring Bandwidth Distribution Between Queues


To configure or modify the amount of bandwidth allocated for a traffic class, enter the following
commands beginning in global configuration mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Specifies the name of the policy map and enters policy-map


configuration mode.
policy-map-name is the name of the policy map.

Step 2

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map. Enters
policy-map class configuration mode.
class-map-name is the name of a previously configured class
map and is the traffic class for which you want to define QoS
actions.

Step 3

Router(config-pmap-c)# bandwidth
{bandwidth-kbps | percent percentage |
remaining percent percentage}

Specifies or modifies the minimum bandwidth allocated for a


traffic class in a policy map.
bandwidth-kbps specifies or modifies the minimum
bandwidth allocated for a class belonging to a policy map.
Valid values are from 8 to 2,488,320, which represents from
1 to 99 percent of the link bandwidth.
Note

The range of valid values for bandwidth-kbps might


be smaller than the values indicated above. Use the
question mark (?) in context-sensitive help to display
the range of valid values.

percent percentage specifies or modifies the minimum


percentage of the link bandwidth allocated for a class
belonging to a policy map. Valid values are from 1 to 99.
remaining percent percentage specifies or modifies the
minimum percentage of unused link bandwidth allocated for
a class belonging to a policy map. Valid values are from 1 to
99.
Note

Configure the amount of bandwidth large enough to


also accommodate Layer 2 overhead.

For information about classifying traffic and creating QoS service policies, see Chapter 2, Classifying
Traffic and Chapter 3, Configuring QoS Policy Actions and Rules.

Configuration Examples for Configuring Bandwidth Distribution


This section provides the following configuration examples:

Configuration Example for Kilobits per Second-Based Bandwidth, page 5-11

Configuration Example for Percentage-Based Bandwidth, page 5-11

Configuration Example for Bandwidth-Remaining-Based Bandwidth, page 5-11

Cisco 10000 Series Router Quality of Service Configuration Guide

5-10

OL-7433-09

Chapter 5

Distributing Bandwidth Between Queues


Bandwidth Distribution Between Queues

Configuration Example for Kilobits per Second-Based Bandwidth


Example 5-2 shows how to create a policy-map named account1 and configure a class named gold,
which provides a guaranteed minimum bandwidth of 700 kbps for all gold class traffic. The maximum
queue depth for gold traffic is 64 packets. If the queue depth is reached, the router tail-drops excess
traffic.
Example 5-2

Configuring Bandwidth Based on Kilobits per Second

Router(config)# policy-map account1


Router(config-pmap)# class gold
Router(config-pmap-c)# bandwidth 700
Router(config-pmap-c)# queue-limit 64

Configuration Example for Percentage-Based Bandwidth


Example 5-3 shows how to create a policy map named mypolicy and configure a class named silver,
which allocates a minimum of 30 percent of the link bandwidth to all silver class traffic. The maximum
queue depth for silver traffic is 64 packets. The random-detect command ensures that excess traffic is
randomly discarded using a precedence-based algorithm.
Example 5-3

Configuring a Percentage-Based Bandwidth

Router(config)# policy-map mypolicy


Router(config-pmap)# class silver
Router(config-pmap-c)# bandwidth percent 30
Router(config-pmap-c)# queue-limit 64
Router(config-pmap-c)# random-detect precedence-based

Configuration Example for Bandwidth-Remaining-Based Bandwidth


Example 5-4 shows how to create a policy map named vlan and configure two traffic classes named
priority and premium. The priority class contains both the priority and police commands. The premium
class allocates a minimum of 25 percent of the unused bandwidth to this class.
Example 5-4

Configuring Bandwidth-Remaining-Based Bandwidth

Router(config)# policy-map vlan


Router(config-pmap)# class priority
Router(config-pmap-c)# priority
Router(config-pmap-c)# police percent 50
Router(config-pmap-c)# exit
Router(config-pmap)# class premium
Router(config-pmap-c) bandwidth remaining percent 25

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

5-11

Chapter 5

Distributing Bandwidth Between Queues

Bandwidth Distribution Between Queues

Verifying and Monitoring Bandwidth Distribution


The Cisco 10000 series router collects statistical information about the current queue length, and the
number of packets and bytes transmitted and dropped (64 bits), which you can display using the show
commands in this section.
To verify and monitor bandwidth distribution in a policy map, enter the following commands in
privileged EXEC mode:
Command

Purpose

Router# show policy-map interface

Displays the configuration of all classes configured for all policy


maps attached to all interfaces.

Router# show policy-map interface interface


[input | output]

Displays the configuration of all classes configured for all inbound


or outbound policy maps attached to the specified interface.
interface is the name of the interface or subinterface whose policy
configuration you want to display.
input indicates to display the statistics for the attached inbound
policy.
output indicates to display the statistics for the attached outbound
policy.
Note

Router# show policy-map policy-map-name

If you do not specify input or output, the router displays


information about all classes that are configured for all
inbound and outbound policies attached to the interface
you specified.

Displays the configuration of all classes contained in the policy


map you specify.
policy-map-name is the name of the policy map whose
configuration information you want to display. The name can be a
maximum of 40 characters.
If you do not specify a policy-map-name, the command displays
the configuration of all policy maps configured on the router.

Router# show policy-map policy-map-name class


class-name

Displays the configuration of the class you specify. The policy


map you specify includes this class.
policy-map-name is the name of the policy map that contains the
class configuration you want to display.
class-name is the name of the class whose configuration you want
to display. If you do not specify class-name, the router displays
class configuration for all classes in the policy map.

Cisco 10000 Series Router Quality of Service Configuration Guide

5-12

OL-7433-09

Chapter 5

Distributing Bandwidth Between Queues


Bandwidth Distribution Between Queues

Verification Example for Bandwidth Distribution


Example 5-5 shows the bandwidth configuration for the class named Business and the class named
Non-Business in the Gold policy map.
Example 5-5

Verifying Class Bandwidth

Router# show policy-map


Policy Map Gold
Class Business
bandwidth 5000
Class Non-Business
bandwidth 2000

Example 5-6 shows the bandwidth that the router allocated to the traffic classes in the Gold policy map.
Example 5-6

Verifying Bandwidth Distribution

Router# show policy-map interface atm 3/0/0


ATM3/0/0
Service-policy output: Gold
Class-map: Business (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: ip precedence 4
Output queue: 0/128; 0/0 packets/bytes output, 0/0 drops
Bandwidth : 4999 kbps (Weight 3)
Class-map: Non-Business (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: ip precedence 3 5
Output queue: 0/64; 0/0 packets/bytes output, 0/0 drops
Bandwidth : 2001 kbps (Weight 1)
Class-map: class-default (match-any)
134 packets, 2760 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
Output queue: 0/4096; 3046242/75866271 packets/bytes output, 0/0 drops

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

5-13

Chapter 5

Distributing Bandwidth Between Queues

Distribution of Remaining Bandwidth Using Ratio

Distribution of Remaining Bandwidth Using Ratio


The Distribution of Remaining Bandwidth Using Ratio feature allows service providers to prioritize
subscriber traffic during periods of congestion. A bandwidth-remaining ratio is used to influence how
the router allocates excess bandwidth (unused by priority traffic) to a class of non-priority traffic. Instead
of using only bandwidth rate, the router considers configured minimum bandwidth rates, maximum
bandwidth rates, and bandwidth-remaining ratios when determining excess bandwidth allocation. A
bandwidth-remaining ratio adds more flexibility in prioritizing traffic and enables you to influence
excess bandwidth allocation by basing the bandwidth-remaining ratio on factors other than speed.
When bandwidth-remaining ratios are not specified, the hierarchical queuing framework (HQF)
scheduler on the PRE3 does the following:

Computes a default bandwidth-remaining ratio based on the subinterface speedATM interfaces

Uses the minimum bandwidth-remaining ratio allowed (currently 1 on the PRE3)Other interfaces
such as VLANs and Frame Relay DLCIs

With bandwidth-remaining ratios, service providers have more flexibility in assigning priority to
subinterfaces and queues during congestion. In addition to speed, you can base the bandwidth-remaining
ratio on alternative factors, such as a service product or subscription rate. In this way, for example, you
can give higher weight to subinterfaces carrying business services and lower weight to subinterfaces
carrying residential services. The bandwidth-remaining ratio enables the HQF scheduler to service a
subinterface with a low SCR but a high bandwidth-remaining ratio more frequently than servicing a
subinterface with a high SCR but a low bandwidth-remaining ratio.
The Distribution of Remaining Bandwidth Using Ratio feature is available on outbound interfaces only.

Feature History for Bandwidth-Remaining Ratios


Cisco IOS Release

Modification

Release 12.2(31)SB22

This feature was introduced and implemented on the Cisco 10000 series
router for the PRE3.

Bandwidth-Remaining Ratio
A bandwidth-remaining ratio is a value from 1 to 1000 that is used to determine the amount of unused
(excess) bandwidth to allocate to a class queue or subinterface-level queue during congestion. The router
allocates excess bandwidth relative to the other class queues and subinterface-level queues configured
on the physical interface. The bandwidth-remaining ratio value does not indicate a percentage. For
example, a subinterface with a bandwidth-remaining ratio of 100 receives 10 times the unused (excess)
bandwidth during congestion than a subinterface with a bandwidth-remaining ratio of 10.
Without bandwidth-remaining ratios, the router allocates excess bandwidth based on the following:

Speed of the subinterface (for example, the configured SCR)ATM subinterfaces

Minimum bandwidth-remaining ratio allowed (currently 1 on the PRE3)Interface types such as


VLANs and Frame Relay DLCIs

With bandwidth-remaining ratios, excess bandwidth allocation can be based on factors other than the
bandwidth rate (for example, service product or subscription rate).

Cisco 10000 Series Router Quality of Service Configuration Guide

5-14

OL-7433-09

Chapter 5

Distributing Bandwidth Between Queues


Distribution of Remaining Bandwidth Using Ratio

Prerequisites for Distribution of Remaining Bandwidth Using Ratio


You must configure traffic classes using the class-map command.

Restrictions for Distribution of Remaining Bandwidth Using Ratio

Bandwidth-remaining ratios are only available on outbound interfaces.

The bandwidth remaining ratio command cannot coexist with another bandwidth command in
different traffic classes of the same policy map. For example, the following configuration is not valid
and causes an error message to display:
policy-map Prec1
class precedence_0
bandwidth remaining ratio 10
class precedence_2
bandwidth 1000

The bandwidth remaining ratio command cannot coexist with another bandwidth command in the
same class. For example, the following configuration is not valid and causes an error message to
display:
policy-map Prec1
class precedence_0
bandwidth 1000
bandwidth remaining ratio 10

In a hierarchical policy map in which the parent policy has only the class-default class defined with
a child queuing policy applied, the router accepts only the bandwidth remaining ratio form of the
bandwidth command in the class-default class of the parent policy.

The bandwidth remaining ratio command cannot coexist with the priority command in the same
class. For example, the following configuration is not valid and causes an error message to display:
policy-map Prec1
class precedence_1
priority percent 10
bandwidth remaining ratio 10

Configuring Bandwidth-Remaining Ratios


You can apply bandwidth-remaining ratios to different subinterfaces and to different traffic queues
within a single outbound interface or subinterface.
Use the following procedures to configure bandwidth-remaining ratios:

Configuring and Applying Bandwidth-Remaining Ratios to Subinterfaces, page 5-16

Configuring and Applying Bandwidth-Remaining Ratios to Class Queues, page 5-18

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

5-15

Chapter 5

Distributing Bandwidth Between Queues

Distribution of Remaining Bandwidth Using Ratio

Configuring and Applying Bandwidth-Remaining Ratios to Subinterfaces


To configure and apply bandwidth-remaining ratios to subinterfaces, enter the following commands
beginning in global configuration mode:

Note

Step 1

You can apply bandwidth-remaining ratios to outbound subinterfaces only.

Command or Action

Purpose

policy-map child-policy-name

Creates or modifies a child policy map. Enters policy-map


configuration mode.
child-policy-name is the name of the child policy map.

Step 2

class class-map-name

Configures the class map that you specify. Enters


policy-map class configuration mode.
class-map-name is the name of a previously created class
map.

Step 3

bandwidth bandwidth-kbps

Specifies the bandwidth, in kbps, to be allocated to this


traffic class.
bandwidth-kbps is the bandwidth in kilobits per second
(kbps).

Step 4

exit

Exits policy-map class configuration mode.

Step 5

exit

Exits policy-map configuration mode.

Step 6

policy-map parent-policy-name

Creates or modifies a parent policy map. Enters policy-map


configuration mode.
parent-policy-name is the name of the parent policy map.

Step 7

class class-default

Configures the class-default class. Enters policy-map class


configuration mode.
Note

Step 8

bandwidth remaining ratio ratio

The router interprets any features configured under


the class-default class as aggregate features on the
subinterface.

Specifies the bandwidth-remaining ratio for the


subinterface.
ratio is the value used to determine the amount of unused
bandwidth to allocate to each queue on the subinterface
during periods of congestion. The scheduler allocates the
excess bandwidth relative to other subinterfaces. Valid
values are 1 to 1000. The default value is
platform-dependent.
The router distinguishes between interface types at the
subinterface level when using default bandwidth-remaining
ratios. On the Cisco 10000 series router the default ratio
value is 1 for VLAN subinterfaces and Frame Relay DLCIs.
For ATM subinterfaces, the router computes the default
based on the subinterface speed.

Cisco 10000 Series Router Quality of Service Configuration Guide

5-16

OL-7433-09

Chapter 5

Distributing Bandwidth Between Queues


Distribution of Remaining Bandwidth Using Ratio

Step 9

Command or Action

Purpose

shape {average | peak} cir [bc] [be]

(Optional) Shapes the average or peak rate to the rate you


specify.
average specifies average rate shaping.
peak specifies peak rate shaping.
cir specifies the committed information rate (CIR), in bits
per second (bps).
(Optional) bc specifies the committed burst size, in bits.
(Optional) be specifies the excess burst size, in bits.

Step 10

service-policy child-policy-name

Applies the child policy map you specify to the traffic class.
The router applies the QoS actions specified in the child
policy to the traffic class.
child-policy-name is the name of the child policy.
Note

The service-policy command typically requires that


you specify the direction of the traffic using the
input or output keywords. However, when
applying a child policy to a parent policy, do not
specify traffic direction.

Step 11

exit

Exits policy-map class configuration mode.

Step 12

exit

Exits policy-map configuration mode.

Step 13

interface type slot/module/port.subinterface


[point-to-point | multipoint]

Creates or modifies the interface you specify. Enters


subinterface configuration mode.
type is the interface type (for example, Gigabit Ethernet).
slot/module/port.subinterface is the number of the
subinterface that identifies the subinterface (for example,
1/0/0.1).
(Optional) point-to-point indicates that the subinterface is
a point-to-point subinterface.
(Optional) multipoint indicates that the subinterface is a
point-to-multipoint subinterface.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

5-17

Chapter 5

Distributing Bandwidth Between Queues

Distribution of Remaining Bandwidth Using Ratio

Step 14

Command or Action

Purpose

service-policy {input | output}


parent-policy-name

Applies the parent policy to the subinterface.


input indicates to apply the service policy to inbound
traffic.
output indicates to apply the service policy to outbound
traffic.
parent-policy-name is the name of the parent policy map.
The router shapes the subinterface traffic to the shaping rate
specified in the parent class-default class and applies the
QoS actions specified in the child policy to traffic matching
the traffic classes.
During periods of congestion, the router uses the
bandwidth-remaining ratio specified in the parent policy
map to allocate unused bandwidth on this subinterface
relative to other subinterfaces.

Configuring and Applying Bandwidth-Remaining Ratios to Class Queues


To configure and apply bandwidth-remaining ratios to class queues, enter the following commands
beginning in global configuration mode:

Step 1

Command or Action

Purpose

policy-map child-policy-name

Creates or modifies a child policy map. Enters policy-map


configuration mode.
child-policy-name is the name of the child policy map.

Step 2

class class-map-name

Configures the class map that you specify. Enters


policy-map class configuration mode.
class-map-name is the name of a previously created class
map.

Step 3

shape {average | peak} cir [bc] [be]

(Optional) Shapes the average or peak rate to the rate you


specify.
average specifies average rate shaping.
peak specifies peak rate shaping.
cir specifies the committed information rate (CIR), in bits
per second (bps).
(Optional) bc specifies the committed burst size, in bits.
(Optional) be specifies the excess burst size, in bits.

Cisco 10000 Series Router Quality of Service Configuration Guide

5-18

OL-7433-09

Chapter 5

Distributing Bandwidth Between Queues


Distribution of Remaining Bandwidth Using Ratio

Step 4

Command or Action

Purpose

bandwidth remaining ratio ratio

(Optional) Specifies the bandwidth-remaining ratio for the


traffic class.
ratio is the value used to determine the amount of unused
bandwidth to allocate to each queue on the subinterface
during periods of congestion. The scheduler allocates the
excess bandwidth relative to other subinterfaces. Valid
values are 1 to 1000. The default value is
platform-dependent.
The router makes no distinction between interface types at
the class level when using the default bandwidth-remaining
ratio. On the Cisco 10000 series router the default
bandwidth-remaining ratio value is 1.

Step 5

exit

Exits policy-map class configuration mode.

Step 6

exit

Exits policy-map configuration mode.

Step 7

policy-map parent-policy-name

Creates or modifies a parent policy map. Enters policy-map


configuration mode.

Step 8

class class-default

parent-policy-name is the name of the parent policy map.


Configures the class-default class. Enters policy-map class
configuration mode.
Note

Step 9

shape {average | peak} cir [bc] [be]

The router interprets any features configured under


the class-default class as aggregate features on the
subinterface.

Shapes the average or peak rate to the rate you specify.


average specifies average rate shaping.
peak specifies peak rate shaping.
cir specifies the committed information rate (CIR), in bits
per second (bps).
(Optional) bc specifies the committed burst size, in bits.
(Optional) be specifies the excess burst size, in bits.

Step 10

bandwidth remaining ratio ratio

(Optional) Specifies the bandwidth-remaining ratio for the


subinterface.
ratio is the value used to determine the amount of unused
bandwidth to allocate to each queue on the subinterface
during periods of congestion. The scheduler allocates the
excess bandwidth relative to other subinterfaces. Valid
values are 1 to 1000. The default value is
platform-dependent.
The router distinguishes between interface types at the
subinterface level when using default bandwidth-remaining
ratios. On the Cisco 10000 series router the default ratio
value is 1 for VLAN subinterfaces and Frame Relay DLCIs.
For ATM subinterfaces, the router computes the default
based on the subinterface speed.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

5-19

Chapter 5

Distributing Bandwidth Between Queues

Distribution of Remaining Bandwidth Using Ratio

Step 11

Command or Action

Purpose

service-policy child-policy-name

Applies the child policy map you specify to the traffic class.
The router applies the QoS actions specified in the child
policy to the traffic class.
child-policy-name is the name of the child policy.
Note

The service-policy command typically requires that


you specify the direction of the traffic using the
input or output keywords. However, when
applying a child policy to a parent policy, do not
specify traffic direction.

Step 12

exit

Exits policy-map class configuration mode.

Step 13

exit

Exits policy-map configuration mode.

Step 14

interface type slot/module/port.subinterface


[point-to-point | multipoint]

Creates or modifies the interface you specify. Enters


subinterface configuration mode.
type is the interface type (for example, Gigabit Ethernet).
slot/module/port.subinterface is the number of the
subinterface that identifies the subinterface (for example,
1/0/0.1).
(Optional) point-to-point indicates that the subinterface is
a point-to-point subinterface.
(Optional) multipoint indicates that the subinterface is a
point-to-multipoint subinterface.

Step 15

service-policy {input | output}


parent-policy-name

Applies the parent policy to the subinterface.


input indicates to apply the service policy to inbound
traffic.
output indicates to apply the service policy to outbound
traffic.
parent-policy-name is the name of the parent policy map.
Note

When congestion occurs, the class queues receive


bandwidth according to the specified class-level
bandwidth-remaining ratios.

Configuration Examples for Distribution of Remaining Bandwidth Using Ratio


This section provides the following configuration examples:

Configuring Bandwidth-Remaining Ratios on Ethernet Subinterfaces: Example, page 5-21

Configuring Bandwidth-Remaining Ratios on ATM Subinterfaces: Example, page 5-21

Configuring Bandwidth-Remaining Ratios on Class Queues: Example, page 5-22

Verifying Bandwidth Remaining Ratios: Example, page 5-22

Cisco 10000 Series Router Quality of Service Configuration Guide

5-20

OL-7433-09

Chapter 5

Distributing Bandwidth Between Queues


Distribution of Remaining Bandwidth Using Ratio

Configuring Bandwidth-Remaining Ratios on Ethernet Subinterfaces: Example


The following example shows how to configure bandwidth-remaining ratios on an Ethernet subinterface
using a hierarchical policy. In the example, Gigabit Ethernet subinterface 1/0/0.1 is shaped to 100 Mbps.
During congestion, the router uses the bandwidth-remaining ratio of 10 to determine the amount of
excess bandwidth (unused by priority traffic) to allocate to the non-priority traffic on
subinterface 1/0/0.1, relative to the other subinterface-level and class-level queues on the interface.
policy-map Child
class precedence_0
bandwidth 10000
class precedence_1
shape average 100000
bandwidth 100
!
policy-map Parent
class class-default
bandwidth remaining ratio 10
shape average 100000000
service-policy Child
!
interface GigabitEthernet1/0/0.1
encapsulation dot1Q 100
ip address 10.1.0.1 255.255.255.0
service-policy output Parent

Configuring Bandwidth-Remaining Ratios on ATM Subinterfaces: Example


The following example shows how to differentiate one ATM PVC from another during congestion by
using bandwidth-remaining ratios. In the example, during periods of congestion in which the traffic on
all PVCs on the interface exceeds the interface speed, the router uses the configured
bandwidth-remaining ratio of 10 to determine the amount of excess (unused by priority traffic)
bandwidth to allocate to non-priority traffic on PVC 0/200, relative to the other ATM PVCs configured
on the interface.
policy-map Child
class precedence_0
bandwidth 100
class precedence_1
bandwidth 10000
!
policy-map Parent
class class-default
bandwidth remaining ratio 10
service-policy Child
!
interface ATM2/0/3.200 point-to-point
ip address 10.20.1.1 255.255.255.0
pvc 0/200
protocol ip 10.20.1.2
vbr-nrt 50000
encapsulation aal5snap
service-policy output Parent

Note

If PVC 98/204 is configured on the same interface as PVC 0/200 and with a bandwidth-remaining ratio
of 1, during times of congestion PVC 0/200 would have 10 times more bandwidth available to it for
non-priority traffic than PVC 98/204 would have.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

5-21

Chapter 5

Distributing Bandwidth Between Queues

Distribution of Remaining Bandwidth Using Ratio

Configuring Bandwidth-Remaining Ratios on Class Queues: Example


In the following sample configuration, the vlan10_policy is applied on the subinterface Gigabit
Ethernet 1/0/0.10 and the vlan20_policy is applied on the subinterface Gigabit Ethernet 1/0/0.20. During
congestion on the interface, subinterface GE 1/0/0.20 has 10 times more available bandwidth than
subinterface GE1/0/0.10 because the bandwidth-remaining ratio for subinterface GE 1/0/0.20 is 10 times
more than the bandwidth-remaining ratio for subinterface 1/0/0.10: 100 on subinterface 1/0/0.20 and 10
on subinterface 1/0/0.10.
When congestion occurs within a subinterface level, the class queues receive bandwidth according to the
class-level bandwidth-remaining ratios. In the example, the bandwidth for classes precedence_0,
precedence_1, and precedence_2 is allocated based on the bandwidth-remaining ratios of the classes: 20,
40, and 60, respectively.
policy-map child-policy
class precedence_0
shape average 500000
bandwidth remaining ratio 20 <---- Class-level ratio
class precedence_1
shape average 500000
bandwidth remaining ratio 40 <---- Class-level ratio
class precedence_2
shape average 500000
bandwidth remaining ratio 60 <---- Class-level ratio
!
policy-map vlan10_policy
class class-default
shape average 1000000
bandwidth remaining ratio 10 <---- Subinterface-level ratio
service-policy child-policy
!
policy-map vlan20_policy
class class-default
shape average 1000000
bandwidth remaining ratio 100 <---- Subinterface-level ratio
service-policy child_policy
!
!
interface GigabitEthernet 1/0/0.10
encapsulation dot1q 10
service-policy output vlan10_policy
!
interface GigabitEthernet 1/0/0.20
encapsulation dot1q 20
service-policy output vlan20_policy

Verifying Bandwidth Remaining Ratios: Example


The following sample output from the show policy-map interface command indicates that
bandwidth-remaining ratios are configured on class-level queues in the policy maps named
vlan10_policy and child_policy, which are attached to the Gigabit Ethernet subinterface 1/0/0.10.
Router# show policy-map interface GigabitEthernet1/0/0.10
Service-policy output: vlan10_policy
Class-map: class-default (match-any)
0 packets, 0 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: any
0 packets, 0 bytes

Cisco 10000 Series Router Quality of Service Configuration Guide

5-22

OL-7433-09

Chapter 5

Distributing Bandwidth Between Queues


Distribution of Remaining Bandwidth Using Ratio

30 second rate 0 bps


Queueing
queue limit 250 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 0/0
shape (average) cir 1000000, bc 4000, be 4000
target shape rate 1000000
bandwidth remaining ratio 10
Service-policy : child_policy
Class-map: precedence_0 (match-all)
0 packets, 0 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: ip precedence 0
Queueing
queue limit 62 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 0/0
shape (average) cir 500000, bc 2000, be 2000
target shape rate 500000
bandwidth remaining ratio 20
Class-map: precedence_1 (match-all)
0 packets, 0 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: ip precedence 1
Queueing
queue limit 62 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 0/0
shape (average) cir 500000, bc 2000, be 2000
target shape rate 500000
bandwidth remaining ratio 40
Class-map: precedence_2 (match-all)
0 packets, 0 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: ip precedence 2
Queueing
queue limit 62 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 0/0
shape (average) cir 500000, bc 2000, be 2000
target shape rate 500000
bandwidth remaining ratio 60
Class-map: class-default (match-any)
0 packets, 0 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: any
0 packets, 0 bytes
30 second rate 0 bps
queue limit 62 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 0/0

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

5-23

Chapter 5

Distributing Bandwidth Between Queues

Distribution of Remaining Bandwidth Using Ratio

The following sample output from the show policy-map interface command indicates that
bandwidth-remaining ratios are configured on class-level queues in the policy maps named
vlan20_policy and child_policy, which are attached to the Gigabit Ethernet subinterface 1/0/0.20.
Router# show policy-map interface GigabitEthernet1/0/0.20
Service-policy output: vlan20_policy
Class-map: class-default (match-any)
0 packets, 0 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: any
0 packets, 0 bytes
30 second rate 0 bps
Queueing
queue limit 250 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 0/0
shape (average) cir 1000000, bc 4000, be 4000
target shape rate 1000000
bandwidth remaining ratio 100
Service-policy : child_policy
Class-map: precedence_0 (match-all)
0 packets, 0 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: ip precedence 0
Queueing
queue limit 62 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 0/0
shape (average) cir 500000, bc 2000, be 2000
target shape rate 500000
bandwidth remaining ratio 20
Class-map: precedence_1 (match-all)
0 packets, 0 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: ip precedence 1
Queueing
queue limit 62 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 0/0
shape (average) cir 500000, bc 2000, be 2000
target shape rate 500000
bandwidth remaining ratio 40
Class-map: precedence_2 (match-all)
0 packets, 0 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: ip precedence 2
Queueing
queue limit 62 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 0/0
shape (average) cir 500000, bc 2000, be 2000
target shape rate 500000
bandwidth remaining ratio 60
Class-map: class-default (match-any)
0 packets, 0 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: any

Cisco 10000 Series Router Quality of Service Configuration Guide

5-24

OL-7433-09

Chapter 5

Distributing Bandwidth Between Queues


Distribution of Remaining Bandwidth Using Ratio

0 packets, 0 bytes
30 second rate 0 bps
queue limit 62 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 0/0

The following sample output from the show policy-map command indicates that a bandwidth-remaining
ratio of 10 is configured on the parent class-default class of the policy map named vlan10_policy.
Router# show policy-map vlan10_policy
Policy Map vlan10_policy
Class class-default
Average Rate Traffic Shaping
cir 1000000 (bps)
bandwidth remaining ratio 10
service-policy child_policy

The following sample output from the show policy-map command indicates that a bandwidth-remaining
ratio of 100 is configured on the parent class-default class of the policy map named vlan20_policy.
During congestion, the scheduler allocates the subinterface Gigabit Ethernet 1/0/0.20 10 times the
bandwidth that it allocates subinterface Gigabit Ethernet 1/0/0.10.
Router# show policy-map vlan20_policy
Policy Map vlan20_policy
Class class-default
Average Rate Traffic Shaping
cir 1000000 (bps)
bandwidth remaining ratio 100
service-policy child_policy

The following sample output from the show policy-map command indicates that a bandwidth-remaining
ratio of 20, 40, and 60 is configured on the class queues precedence_0, precedence_1, and precedence_2,
respectively.
Router# show policy-map child_policy
Policy Map child_policy
Class precedence_0
Average Rate Traffic Shaping
cir 500000 (bps)
bandwidth remaining ratio 20
Class precedence_1
Average Rate Traffic Shaping
cir 500000 (bps)
bandwidth remaining ratio 40
Class precedence_2
Average Rate Traffic Shaping
cir 500000 (bps)
bandwidth remaining ratio 60

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

5-25

Chapter 5

Distributing Bandwidth Between Queues

Related Documentation

Related Documentation
This section provides hyperlinks to additional Cisco documentation for the features discussed in this
chapter. To display the documentation, click the document title or a section of the document highlighted
in blue. When appropriate, paths to applicable sections are listed below the documentation title.
Feature

Related Documentation

bandwidth command

Cisco IOS Quality of Service Solutions Command Reference, Release 12.3 T


Quality of Service Commands: A through F > bandwidth (policy-map class)
Comparing the bandwidth and priority Commands of a QoS Service Policy

bandwidth remaining ratio

Distribution of Remaining Bandwidth Using Ratio, Release 12.2(31)SB2 feature


module

Class maps

Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2


Part 8: Modular Quality of Service Command-Line Interface > Configuring
the Modular Quality of Service Command-Line Interface > Modular QoS CLI
Configuration Task List > Creating a Traffic Class
Cisco IOS Quality of Service Solutions Command Reference, Release 12.2
access-list rate-limit -- fair-queue (WFQ) > class-map command

Hierarchical queuing framework

Cisco 10000 Series Router Quality of Service Configuration Guide


Hierarchical Scheduling and Queuing

Policing

Comparing Traffic Shaping and Traffic Policing for Bandwidth Limiting

Policy maps

Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2


Part 8: Modular Quality of Service Command-Line Interface > Configuring
the Modular Quality of Service Command-Line Interface > Modular QoS CLI
Configuration Task List > Creating a Traffic Policy
Cisco IOS Quality of Service Solutions Command Reference, Release 12.2
policy map - qos preclassify > policy-map command

QoS service policies

QoS Configuration and Monitoring, Creating Time-of-Day QoS Service Policies


tech note
QoS Configuration and Monitoring, Monitoring Voice over IP Quality of Service
tech note
Site-to-Site MPLS VPN Solution for Service Providers, Service Provider
Quality-of-Service Overview tech note

Shaping

Comparing Traffic Shaping and Traffic Policing for Bandwidth Limiting

Three-level scheduler

Cisco 10000 Series Router Quality of Service Configuration Guide


Hierarchical Scheduling and Queuing

Cisco 10000 Series Router Quality of Service Configuration Guide

5-26

OL-7433-09

CH A P T E R

Policing Traffic
It is critical that network resources are available to customers. When network resources are overloaded
due to inadequate traffic management, you lose the benefits that a network provides. Controlling the flow
of data across your network helps to ensure the efficiency of the network.
Policing is an important traffic regulation mechanism. Using policing, you can configure your system to
more effectively handle traffic issues before they overload your network. Policing enables you to
determine how traffic is managed by the network to avoid congestion and system inefficiencies, thereby
increasing network availability and maximizing the use of bandwidth.
This chapter describes the policing capabilities of the Cisco 10000 series router. It includes the following
topics:

Traffic Policing, page 6-2

Single-Rate Color Marker for Traffic Policing, page 6-4

Two-Rate Three-Color Marker for Traffic Policing, page 6-8

Percent-Based Policing, page 6-11

Control Plane Policing, page 6-13

AToM Set ATM CLP Bit Using a Policer, page 6-13

Policing Support for GRE Tunnels, page 6-17

Interfaces Supporting Policing, page 6-17

Metering Traffic and Token Buckets, page 6-18

Committed Bursts and Excess Bursts, page 6-21

Data Included in the Policing Rate, page 6-23

Policing Rate Granularity, page 6-25

Avoiding Bandwidth Starvation Due to Priority Services, page 6-25

Avoiding Bandwidth Starvation Due to Priority Services, page 6-25

Configuring Traffic Policing, page 6-27

Verifying and Monitoring Traffic Policing, page 6-41

Related Documentation, page 6-43

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-1

Chapter 6

Policing Traffic

Traffic Policing

Traffic Policing
Traffic policing is a traffic regulation mechanism that is used to limit the rate of traffic streams. Policing
allows you to control the maximum rate of traffic sent or received on an interface. Policing propagates
bursts of traffic and is applied to the inbound or outbound traffic on an interface. When the traffic rate
exceeds the configured maximum rate, policing drops or remarks the excess traffic. Although policing
does not buffer excess traffic, a configured queuing mechanism applies to conforming packets that might
need to be queued while waiting to be serialized at the physical interface.
Traffic policing uses a token bucket algorithm to manage the maximum rate of traffic. This algorithm is
used to define the maximum rate of traffic allowed on an interface at a given moment in time. The token
bucket algorithm is especially useful in managing network bandwidth in cases where several large
packets are sent in the same traffic stream. The algorithm puts tokens into the bucket at a certain rate.
Each token is permission for the source to send a specific number of bits into the network. With policing,
the token bucket determines whether a packet exceeds or conforms to the applied rate. In either case,
policing implements the action you configure such as setting the IP precedence or differentiated services
code point (DSCP). For more information about the token bucket, see the Metering Traffic and Token
Buckets section on page 6-18.
Policing restricts the output rate to a maximum kilobits per second (kbps) value or to a percentage of the
available or unused bandwidth. Policing does not provide a minimum bandwidth guarantee during
periods of congestion; to provide these guarantees, you must use the bandwidth or priority command.
Policing is class-based in that the policer is applied to a specific class of traffic within a policy map by
using the police command. When you attach the service policy to an interface, the router applies the
policing action to the packets that match that class.

Feature History for Traffic Policing


Cisco IOS Release

Description

Required PRE

Release 12.0(17)SL

The traffic policing feature was introduced on the router


and included a single-rate two-color policer.

PRE1

Release 12.0(25)S

This feature was enhanced to include a three-color marker. PRE1

Release 12.2(16)BX

This feature was introduced on the PRE2.

PRE2

Release 12.3(7)XI

This feature was enhanced on the PRE2 to include a


three-color marker.

PRE2

Release 12.2(27)SBB

This feature was enhanced on the PRE2 to include a


two-rate policer.

PRE2

Release 12.2(31)SB2

This feature was introduced on the PRE3 to allow you to PRE3


police traffic on the L2TP access concentrator (LAC)
based on the value of a packets IP DSCP bits. Control
plane policing, policing of GRE tunnels, tunnel header
marking using a police action, and ATM CLP bit marking
using a police action were also introduced on the PRE3.

Release 12.2(33)SB

This feature was introduced on the PRE4 and enhanced to PRE2, PRE3,
support marking of the ATM CLP bit, Frame Relay DE bit, PRE4
and CoS bit using a police action for the PRE2, PRE3, and
PRE4.

Cisco 10000 Series Router Quality of Service Configuration Guide

6-2

OL-7433-09

Chapter 6

Policing Traffic
Traffic Policing

Policing Actions
Table 6-1 lists the actions the router can take on packets. These are the actions you specify in the police
command.

Note

Table 6-1

In Table 6-1, the term transmit means that the packet is passed through the policer for further processing.
The policer acts as a filter before the packet is passed on to the next event to happen.

Policing Actions

Action

Description

Introduced in Cisco IOS Release

drop

Drops the packet.

Release 12.0(17)SL

This is the default action for traffic that exceeds or PRE1


violates the committed rate.
set-clp-transmit value

Sets the ATM cell loss priority (CLP) bit of the


ATM cell. Valid values are 0 or 1.

Release 12.3(7)XI
PRE2
Release 12.2(33)SB
PRE2, PRE3, PRE4

set-cos-transmit value

Sets the class of service (CoS) bits of a packet and Release 12.2(33)SB
transmits the packet with the new CoS setting.
PRE2, PRE3, PRE4
Valid values are 0 to 7.

set-cos-inner-transmit value

Sets the inner VLAN CoS bits and transmits the


Release 12.2(33)SB
packet with the new CoS setting. Valid values are 0
PRE2, PRE3, PRE4
to 7.
Note

set-discard-class-transmit

set-dscp-tunnel-transmit value

set-dscp-transmit value

The router supports this policing action on


QinQ interfaces only. We recommend that
you do not configure this action in 3-level
hierarchical policy maps attached to
non-QinQ interfaces.

Sets the discard class attribute of a packet and


transmits the packet with the new discard class
setting.

Release 12.3(7)XI
PRE2

Sets the DSCP bits in the packet headers of traffic Release 12.2(31)SB2
streams aggregated into the same tunnel. This
PRE3
enables the streams to receive a different level of
QoS processing at the outer ToS fields QoS
domain. Valid values are from 0 to 63 or one of the
following reserved keywords:

EF (expedited forwarding)

AF11 (assured forwarding class AF11)

AF12 (assured forwarding class AF12)

Sets the IP differentiated services code point


Release 12.0(17)SL
(DSCP) value and transmits the packet with the new
PRE1
IP DSCP value setting. Valid values are from 0 to
63.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-3

Chapter 6

Policing Traffic

Single-Rate Color Marker for Traffic Policing

Table 6-1

Policing Actions (continued)

Action

Description

Introduced in Cisco IOS Release

set-frde-transmit

Sets the Frame Relay discard eligibility (DE) bit


and transmits the frame with the new DE setting.

Release 12.2(33)SB

Sets the Multiprotocol Label Switching (MPLS)


experimental (EXP) bits and transmits the packet
with the new MPLS EXP bit value setting. Valid
values are from 0 to 7.

Release 12.0(22)S

Sets the MPLS experimental (EXP) bits in the


imposed label headers and transmits the packet
with the new MPLS EXP bit value setting. Valid
values are from 0 to 7.

Release 12.3(7)XI

set-mpls-exp-transmit value

set-mpls-exp-imposition-transmit
value

PRE2, PRE3, PRE4


PRE1

PRE2

The set-mpls-exp-imposition-transmit command


is available only on the PRE2 and replaces the
set-mpls-exp-transmit command.
set-prec-tunnel-transmit value

Sets the precedence bit in the packet headers of


Release 12.2(31)SB2
traffic streams aggregated into the same tunnel.
PRE3
This enables the streams to receive a different level
of QoS processing at the outer ToS fields QoS
domain. Valid values are from 0 to 7.

set-prec-transmit value

Sets the IP precedence and transmits the packet


with the new IP precedence value setting. Valid
values are from 0 to 7.

Release 12.0(17)SL
PRE1

set-qos-transmit value

Sets the QoS group value and transmits the packet Release 12.0(17) SL
with the new QoS group value setting. Valid values
PRE1
are from 0 to 99.

transmit

Transmits the packet. The packet is not altered.

Release 12.0(17)SL
PRE1

Single-Rate Color Marker for Traffic Policing


The Cisco 10000 series router supports a single-rate color marker to police traffic streams into groups
of conforming and nonconforming traffic. This marker is useful in marking packets in a packet stream
with different, decreasing levels of assurances (either absolute or relative). The marker can mark packets
with green, yellow, or red markings, which cause a specific action to occur. For example, a service might
discard all red packets because they exceed both the committed and excess burst sizes, forward yellow
packets as best effort, and forward green packets with a low drop probability.
The router provides two types of single-rate color markers: two-color and three-color.

In all releases prior to Cisco IOS Release 12.0(25)S and Release 12.3(7)XI, the router provides a
two-color marker. A two-color marker classifies traffic into two groups: traffic that conforms to the
specified committed information rate (CIR) and burst sizes, and traffic that exceeds either the CIR
or the burst sizes.

Cisco 10000 Series Router Quality of Service Configuration Guide

6-4

OL-7433-09

Chapter 6

Policing Traffic
Single-Rate Color Marker for Traffic Policing

In Cisco IOS Release 12.0(25)S and Release 12.3(7)XI, and later releases, the router adds support
for an IETF-defined, RFC 2697-based, single rate, three-color marker by adding the ability to
classify nonconforming traffic into a third group: traffic that violates the CIR. The three-color
marker distinguishes between the nonconforming traffic that occasionally bursts a certain number
of bytes more than the CIR and the traffic that continually violates the CIR allowance. Applications
can utilize the three-color marker to provide three service levels: guaranteed, best effort, and deny.
The router maintains the behavior of the two-color marker by automatically setting the violate action
to be the same as the exceed action (unless you configure the violate action). Therefore, you can
continue to use the two-color marker. However, it is important to note that the router collects
statistics for conforming, exceeding, and violating packets. Therefore, when verifying packet counts
be sure to observe all three statistical categories to ensure an accurate count.

Feature History for the Single-Rate Color Marker


Cisco IOS Release

Description

Required PRE

Release 12.0(17)SL

The single-rate two-color marker feature was introduced on PRE1


the router.

Release 12.0(25)S

This feature was enhanced to include a single-rate


three-color marker.

PRE1

Release 12.2(16)BX

This feature was introduced on the PRE2 and included a


single-rate two-color marker.

PRE2

Release 12.3(7)XI

This feature was enhanced on the PRE2 and included a


single-rate three-color marker.

PRE2

Release 12.2(28)SB

This feature was integrated in Cisco IOS


Release 12.2(28)SB for the PRE2.

PRE2

Release 12.2(31)SB2

This feature was introduced on the PRE3 to allow you to


PRE3
police traffic on the L2TP access concentrator (LAC) based
on the value of a packets IP DSCP bits.

Configuration Commands for the Single-Rate Color Marker


The commands used to configure the single-rate color marker are:

police Command (Single-Rate), page 6-6

police percent Command, page 6-11

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-5

Chapter 6

Policing Traffic

Single-Rate Color Marker for Traffic Policing

police Command (Single-Rate)


To configure traffic policing based on bits per second, use the police command in policy-map class
configuration mode. To remove traffic policing from the configuration, use the no form of this command.
By default, this command is disabled.
police [cir] bps [bc] burst-normal [be] burst-excess [conform-action action]
[exceed-action action] [violate-action action]
no police [cir] bps [bc] burst-normal [be] burst-excess [conform-action action]
[exceed-action action] [violate-action action]

Syntax Description
cir

(Optional) Committed information rate (CIR). Indicates an average rate at


which the policer meters traffic. CIR is based on the interface shape rate.

bps

Specifies the average rate in bits per second (bps). Valid values are from
8,000 to 2,488,320,000 bps. If you only specify police bps, the router
transmits the traffic that conforms to the bps value and drops the traffic that
exceeds the bps value. For information on how the router calculates the
policing rate, see the Policing Rate Granularity section on page 6-25.)

bc burst-normal

(Optional) Normal or committed burst (bc) size used by the first token
bucket for policing. The burst-normal specifies the bc value in bytes. Valid
values are from 1 to 512,000,000. The default is 9,216 bytes. For more
information, see the Committed Bursts and Excess Bursts section on
page 6-21.

be burst-excess

(Optional) Excess burst (be) size used by the second token bucket for
policing. The burst-excess specifies the excess burst in bytes. Valid values
are from 0 to 1,024,000,000 bytes. The default is 0. You must specify
burst-normal before you specify burst-excess. For more information, see
the Committed Bursts and Excess Bursts section on page 6-21.
Note

When the be value equals 0, we recommend that you set the egress
bc value to be greater than or equal to the ingress bc value plus 1.
Otherwise, packet loss can occur. For example:
be = 0
egress bc >= ingress bc + 1

conform-action action

Specifies the action to take on packets that conform to the rate limit. The
default action is transmit. You must specify burst-excess before you specify
the conform-action.

exceed-action action

Specifies the action to take on packets that exceed the rate limit, but not the
PIR. The default action is drop. You must specify the conform-action
before you specify the exceed-action.

violate-action action

(Optional) Specifies the action to take on packets that continuously exceed


the PIR rate limit. The default action is the same as the exceed-action. You
must specify the exceed-action before you specify the violate-action.

See Table 6-1 on page 6-3 for a description of each action you can specify in the police command.
For information about conforming, exceeding, and violating traffic, see the Usage Guidelines for the
police Command section on page 6-7

Cisco 10000 Series Router Quality of Service Configuration Guide

6-6

OL-7433-09

Chapter 6

Policing Traffic
Single-Rate Color Marker for Traffic Policing

police Command History


Cisco IOS Release

Description

Release 12.0(17)SL

The police command was introduced on the PRE1 and included a


single-rate two-color marker.

Release 12.0(22)S

This command was enhanced to include the set-mpls-exp-transmit


policing action.

Release 12.0(25)S

This command was enhanced to include a three-color marker. A new


violate-action parameter allows you to specify the action to take for traffic
that consistently violates the committed rate.

Release 12.2(16)BX

This command was introduced on the PRE2 and included a single-rate


two-color marker.

Release 12.3(7)XI

This command was enhanced on the PRE2 and included a three-color


marker and the set-mpls-exp-imposition-transmit policing action. This
action is available on the PRE2 only.

Release 12.2(28)SB

This command was integrated in Cisco IOS Release 12.2(28)SB for the
PRE2.

Release 12.2(31)SB2

This command was introduced on the PRE3 to allow you to police traffic on
the L2TP access concentrator (LAC) based on the value of a packets IP
DSCP bits. The set-frde-transmit policing action was also added for the
PRE3.

Usage Guidelines for the police Command


A packet is classified as conforming (or of color green) if its size is at most the size of the normal or
committed burst (bc) and within the allowance of the committed information rate (CIR).
A packet is classified as exceeding (or of color yellow) only if its size is greater than the allowance of
the CIR, but is at most the number of bytes of the excess burst (be) and within the available surplus.
A packet is classified as violating (or of color red) only if its size is greater than both the CIR allowance
and the available surplus, either because the packets size exceeds the excess burst (be) size or because
a previous packet used some of the surplus and the traffic since then has not slowed sufficiently to
acquire the surplus needed for the current packet. The policer starts with a surplus equal to the excess
burst (be) size and replenishes it by the amount of unused CIR allowance until the surplus reaches the
be size.
The policer measures the committed burst size (CBS) and the excess burst size (EBS) in bytes. The
Cisco IOS software converts the policing rate you enter in bits per second to bytes per millisecond. You
must configure the CBS and EBS so that at least one of them is larger than 0.
When the be value equals 0, we recommend that you set the egress bc value to be greater than or equal
to the ingress bc value plus 1. Otherwise, packet loss can occur. For example:
be = 0
egress bc >= ingress bc + 1

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-7

Chapter 6

Policing Traffic

Two-Rate Three-Color Marker for Traffic Policing

Two-Rate Three-Color Marker for Traffic Policing


The two-rate three-color marker improves bandwidth management by allowing you to police traffic
streams according to two separate rates. Unlike the single-rate policer, which allows you to manage
bandwidth by setting the excess burst size (be), the two-rate policer allows you to manage bandwidth by
setting the committed information rate (CIR) and the peak information rate. Therefore, the two-rate
policer supports a higher level of bandwidth management and a sustained excess rate. The two-rate
policer also enables you to implement differentiated services (DiffServ) assured forwarding (AF)
per-hop behavior (PHB) traffic conditioning (see the Implementing DiffServ for End-to-End Quality of
Service section in the Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.3).

Note

For information about the single-rate color marker, see the Single-Rate Color Marker for Traffic
Policing section on page 6-4.
The two-rate policer is often configured on interfaces at the edge of a network to limit the rate of traffic
entering or leaving the network. In addition to rate-limiting traffic, the policers three-color marker can
mark packets according to whether the packet conforms (green), exceeds (yellow), or violates (red) a
specified rate. You decide the actions you want the router to take for conforming, exceeding, and
violating traffic. For example, you can configure conforming packets to be sent, exceeding packets to be
sent with a decreased priority, and violating packets to be dropped. In most common configurations,
traffic that conforms is sent and traffic that exceeds is sent with decreased priority or is dropped. You
can change these actions according to your network needs.
With packet marking, you can partition your network into multiple priority levels or classes of service
(CoS). For example, you can configure the two-rate three-color marker to do the following:

Assign packets to a QoS group, which the router then uses to determine how to prioritize packets
within the router.

Set the IP precedence level, IP DSCP value, or the MPLS experimental value of packets entering the
network. Networking devices within your network can then use this setting to determine how to treat
the traffic. For example, a weighted random early detection (WRED) drop policy can use the IP
precedence value to determine the drop probability of a packet.

Set the ATM cell loss priority (CLP) bit in ATM cells. The ATM CLP bit is used to prioritize packets
in ATM networks and is set to either 0 or 1. During congestion, the router discards cells with a CLP
bit setting of 1 before it discards cells with a CLP bit setting of 0.

The three-color marker distinguishes between the nonconforming traffic that occasionally bursts a
certain number of bytes more than the CIR and violating traffic that continually violates the PIR
allowance. Applications can utilize the three-color marker to provide three service levels: guaranteed,
best effort, and deny. The three-color marker is useful in marking packets in a packet stream with
different, decreasing levels of assurances (either absolute or relative). For example, a service might
discard all red packets because they exceed both the committed and excess burst sizes, forward yellow
packets as best effort, and forward green packets with a low drop probability.

Note

The router maintains the behavior of the two-color marker by automatically setting the violate action to
be the same as the exceed action (unless you configure the violate action). Therefore, you can continue
to use the two-color marker. However, it is important to note that the router collects statistics for
conforming, exceeding, and violating packets. Therefore, when verifying packet counts be sure to
observe all three statistical categories to ensure an accurate count.

Cisco 10000 Series Router Quality of Service Configuration Guide

6-8

OL-7433-09

Chapter 6

Policing Traffic
Two-Rate Three-Color Marker for Traffic Policing

The two-rate three-color marker uses a token bucket algorithm to manage the maximum rate of traffic.
The token bucket algorithm can use the values you specify to determine the maximum rate of traffic
allowed on an interface at a given moment in time. All traffic entering or leaving an interface affects the
token bucket algorithm, depending on whether the two-rate policer is configured on an inbound or
outbound interface. The token bucket algorithm is useful in managing network bandwidth when large
packets are sent in the same traffic stream. For more information about the token bucket algorithm, see
the Metering Traffic and Token Buckets section on page 6-18.
To mark traffic without using a policer, see Chapter 7, Marking Traffic.

Feature History for the Two-Rate Color Marker


Cisco IOS Release

Description

Required PRE

Release 12.2(27)SBB

The two-rate three-color marker feature was introduced on


the router.

PRE2

Release 12.2(31)SB2

This feature was introduced on the PRE3 to allow you to


PRE3
police traffic on the L2TP access concentrator (LAC) based
on the value of a packets IP DSCP bits.

Configuration Commands for the Two-Rate Color Marker


The commands used to configure the two-rate color marker are:

police Command (Two-Rate), page 6-9

police percent Command, page 6-11

police Command (Two-Rate)


To configure traffic policing using the committed information rate (CIR) and the peak information rate
(PIR), use the police command in policy-map class configuration mode. To remove two-rate traffic
policing from the configuration, use the no form of this command. By default, this command is disabled.
police {cir cir} [bc] burst-normal [pir pir] [be] peak-burst [conform-action action]
[exceed-action action] [violate-action action]
no police {cir cir} [bc] burst-normal [pir pir] [be] peak-burst [conform-action action]
[exceed-action action] [violate-action action]

Syntax Description
cir cir

Committed information rate (CIR). Indicates an average rate at which the


policer meters traffic. CIR is based on the interface shape rate. The cir
specifies the CIR value in bits per second. Valid values are from 8000 to
2,488,320,000 bits per second.

bc burst-normal

(Optional) Specifies the normal or committed burst (bc) size used by the
first token bucket for policing. The burst-normal specifies the bc value in
bytes. Valid values are from 1 to 512,000,000. The default is 9,216 bytes.
For more information, see the Committed Bursts and Excess Bursts
section on page 6-21.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-9

Chapter 6

Policing Traffic

Two-Rate Three-Color Marker for Traffic Policing

pir pir

Peak information rate (PIR). Indicates the rate at which the second token
bucket is updated. The pir specifies the PIR value in bits per second. Valid
values are from 8000 to 2,488,320,000.

be peak-burst

(Optional) Specifies the peak burst (be) size used by the second token
bucket for policing. The peak-burst specifies the be value in bytes. The size
depends on the interface used. Valid values are 0 to 1,024,000,000.
Note

When the be value equals 0, we recommend that you set the egress
bc value to be greater than or equal to the ingress bc value plus 1.
Otherwise, packet loss can occur. For example:
be = 0
egress bc >= ingress bc + 1

conform-action action

(Optional) Specifies the action to take on packets that conform to the rate
limit. The default action is transmit. You must specify burst-excess before
you specify the conform-action.

exceed-action action

(Optional) Specifies the action to take on packets that exceed the rate limit,
but not the PIR. The default action is drop. You must specify the
conform-action before you specify the exceed-action.

violate-action action

(Optional) Specifies the action to take on packets that continuously exceed


the PIR rate limit. The default action is the same as the exceed-action. You
must specify the exceed-action before you specify the violate-action.

See Table 6-1 on page 6-3 for a description of each action you can specify.
For information about conforming, exceeding, and violating traffic, see the Usage Guidelines for the
police Command section on page 6-7.

police Command History


Cisco IOS Release

Description

Release 12.2(27)SBB

The single-rate police command was enhanced on the PRE2 to allow you to
configure two traffic policing rates: the committed information rate (CIR)
and the peak information rate (PIR).

Release 12.2(31)SB2

This command was introduced on the PRE3 to allow you to police traffic on
the L2TP access concentrator (LAC) based on the value of a packets IP
DSCP bits.

Usage Guidelines for the police Command


When the be value equals 0, we recommend that you set the egress bc value to be greater than or equal
to the ingress bc value plus 1. Otherwise, packet loss can occur. For example:
be = 0
egress bc >= ingress bc + 1

Cisco 10000 Series Router Quality of Service Configuration Guide

6-10

OL-7433-09

Chapter 6

Policing Traffic
Percent-Based Policing

Percent-Based Policing
Percent-based policing enables you to configure traffic policing as a percentage of the bandwidth of the
network interface on which policing is applied. Configuring traffic policing based on bandwidth
percentage enables you to use the same policy map for multiple interfaces with differing amounts of
bandwidth.
Percent-based policing also allows you to specify burst sizes in milliseconds (ms). The router calculates
the burst value in milliseconds based on the policing rate.
When you use a percent-based police command within a nested policy, the police percent is based on
the nearest parent shape rate. If no parent shaping exists, the police percent is based on the link
bandwidth. The router calculates the burst value in milliseconds (ms) based on the policing rate.
Percent-based policing supports two traffic policing rates if the parent policy map has only one class
defined: the class-default class. The parent policy does only match-any matching when applying the
class-default shaping rate.

Feature History for Percent-Based Policing


Cisco IOS Release

Description

Required PRE

Release 12.0(25)SX

The percent-based policing feature was introduced on the


router.

PRE1

Release 12.3(7)XI

This feature was introduced on the PRE2.

PRE2

Release 12.2(28)SB

This feature was enhanced on the PRE2 to allow you to


PRE2
configure two traffic policing rates as a percentage: the
committed information rate (CIR) and the peak information
rate (PIR).

Release 12.2(31)SB2

This feature was introduced on the PRE3 to allow you to


PRE3
police traffic on the L2TP access concentrator (LAC) based
on the value of a packets IP DSCP bits. The
set-frde-transmit policing action was also added for the
PRE3.

police percent Command


To configure traffic policing on the basis of a percentage of bandwidth available on an interface, use the
police percent command in policy-map class configuration mode. To remove traffic policing from the
configuration, use the no form of the command. By default, this command is disabled.
police [cir] percent percent [bc] normal-burst-in-msec [pir pir] [be] excess-burst-in-msec
[conform-action action] [exceed-action action] [violate-action action]
no police [cir] percent percent [bc] normal-burst-in-msec [pir pir]
[be] excess-burst-in-msec [conform-action action] [exceed-action action] [violate-action
action]

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-11

Chapter 6

Policing Traffic

Percent-Based Policing

Syntax Description
cir

(Optional) Committed information rate (CIR). Indicates an average rate at


which the policer meters traffic. CIR is based on the interface shape rate.

percent percent

Indicates to use the percentage of available bandwidth specified in percent


to calculate the CIR. Valid values are from 1 to 100.

bc normal-burst-in-msec (Optional) Specifies the normal or committed burst size (CBS) that the
first token bucket uses for policing traffic. Specify the CBS value in
milliseconds (ms). Valid values are from 1 to 2000. The default value is
the greater of 2 ms worth of bytes at the police rate or the network
minimum transmission unit (MTU).
pir pir

(Optional) Peak information rate (PIR), expressed as a percentage.


Indicates the rate at which the second token bucket is updated. Valid values
are from 1 to 100.
Note

be excess-burst-in-msec

When using percent-based policing, you must explicitly enter the


PIR value.

(Optional) Specifies the excess burst size (EBS) that the second token
bucket uses for policing traffic. Specify the EBS value in milliseconds
(ms). Valid values are from 0 to 2000. The default value is zero (0). You
must specify normal-burst-in msec before you specify
excess-burst-in-msec.
Note

Burst in milliseconds is based on the policing committed


information rate (CIR).

conform-action action

(Optional) Specifies the action to take on packets that conform to the rate
limit. The default action is transmit. You must specify a value for
excess-burst-in-msec before you specify the conform-action.

exceed-action action

(Optional) Specifies the action to take on packets that exceed the rate limit,
but not the PIR. The default action is drop. You must specify the
conform-action before you specify the exceed-action.

violate-action action

(Optional) Specifies the action to take on packets that continuously exceed


the PIR rate limit. The default action is the same as the exceed-action. You
must specify the exceed-action before you specify the violate-action.

See Table 6-1 on page 6-3 for a description of each action you can specify.
For information about conforming, exceeding, and violating traffic, see the Usage Guidelines for the
police Command section on page 6-7.

police percent Command History


Cisco IOS Release

Description

Release 12.0(25)SX

The police percent command was introduced on the PRE1.

Release 12.3(7)XI

This command was introduced on the PRE2.

Cisco 10000 Series Router Quality of Service Configuration Guide

6-12

OL-7433-09

Chapter 6

Policing Traffic
Control Plane Policing

Cisco IOS Release

Description

Release 12.2(28)SB

This command was enhanced on the PRE2 to allow you to configure two
traffic policing rates as a percentage: the committed information rate (CIR)
and the peak information rate (PIR)

Release 12.2(31)SB2

This command was introduced on the PRE3 to allow you to police traffic on
the L2TP access concentrator (LAC) based on the value of a packets IP
DSCP bits.

Usage Guidelines for the police percent Command


Percent-based policing supports two levels of policing if the parent policy map has only one class
defined: the class-default class. The parent policy does only match-any matching when applying the
class-default shaping rate.
Shaping affects the input and output policer. For example, if you configure a percent-based policer on
an input interface and the output interface has a nested policy attached, the policing percentage is based
on the outgoing shape rate.
You must explicitly enter the PIR when using percent-based policing.

Example
The following configuration polices Data traffic at 20 percent and sets the PIR to 25 percent.
Router(config)# policy-map Business
Router(config-pmap)# class Data
Router(config-pmap-c)# police percent 20 3 ms pir 25 10 ms

Control Plane Policing


The Cisco 10000 series router supports control plane policing in Cisco IOS Release 12.2(31)SB2 and
later releases. The Control Plane Policing feature allows you to configure a quality of service (QoS) filter
that manages the traffic flow of control plane packets. This allows you to protect the control plane of the router
against reconnaissance and denial-of-service (DoS) attacks. In this way, the control plane (CP) can help
maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch.
For more information, see the Control Plane Policing, Release 12.2(31)SB2 feature module.

AToM Set ATM CLP Bit Using a Policer


The AToM Set ATM CLP Bit Using a Policer feature enables you to police and mark inbound ATM
traffic before forwarding it onto Any Transport over MPLS (AToM) Layer 2 virtual private network
(VPN) pseudowire. Using this feature, you can configure the police command to set the ATM cell loss
priority (CLP) bit in the packet header. This bit indicates the drop priority of the ATM cell. During ATM
network congestion, the router discards ATM cells with the CLP bit set to 1 before discarding cells with
a CLP bit setting of 0.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-13

Chapter 6

Policing Traffic

AToM Set FR DE as Police Action

The Set ATM CLP Bit Using a Policer feature polices the traffic on the inbound interface of the provider
edge (PE) router where the attachment VC terminates. Marking of the ATM cells using the
set-clp-transmit policing action occurs on the outbound interface. Therefore, when configuring this
feature for AToM, you must attach a policy map that includes the set-clp-transmit action to the interface
upon which the ATM VC terminates or, in other words, attach the policy map to the input interface of
the PE.
The router supports the set-clp-transmit policing action in single-rate and dual-rate policing policies, and
in hierarchical policies.
The router allows you to simultaneously configure the policing actions set-clp-transmit and
set-mpls-exp-imposition-transmit in a single police command on the Layer 2 VPN inbound interface.

Feature History for Set ATM CLP Bit Marking As a Police Action
Cisco IOS Release

Description

Required PRE

Release 12.3(7)XI

This feature was introduced on the PRE2.

PRE2

Release 12.2(33)SB

This feature was introduced on the PRE3 and PRE4.

PRE3, PRE4

AToM Set FR DE as Police Action


The AToM Set FR DE as Police Action feature enables you to police and mark inbound Frame Relay
traffic before forwarding it onto Any Transport over MPLS (AToM) Layer 2 virtual private network
(VPN) pseudowire. Using this feature, you can configure the police command to set the Frame Relay
discard eligibility (DE) bit in the packet header. This bit indicates the drop priority of the frame. During
Frame Relay network congestion, the router discards frames with the DE bit set to 1 before discarding
frames with a DE bit setting of 0.
The AToM Set FR DE as Police Action feature polices the traffic on the inbound interface of the provider
edge (PE) router where the attachment VC terminates. Marking of frames using the set-frde-transmit
policing action occurs on the outbound interface. Therefore, when configuring this feature, you must
attach a policy map that includes the set-frde-transmit action to an input interface of the PE.
The router supports the set-frde-transmit policing action in single-rate and dual-rate policing policies,
and in hierarchical policies.
The router allows you to configure the set-frde-transmit and set-mpls-exp-imposition-transmit policing
actions in a single police command on Any Transport over MPLS (AToM) Layer 2 VPN inbound
interfaces.

Feature History for AToM Set FR DE as Police Action


Cisco IOS Release

Description

Required PRE

Release 12.2(33)SB

This feature was introduced on the PRE2, PRE3, and PRE4. PRE2, PRE3,
PRE4

Cisco 10000 Series Router Quality of Service Configuration Guide

6-14

OL-7433-09

Chapter 6

Policing Traffic
Set Layer 2 CoS as a Policer Action

Set Layer 2 CoS as a Policer Action


The Set Layer 2 CoS as a Policer Action feature enables you to police and mark inbound VLAN and
QinQ traffic before forwarding the traffic onto the outbound link. Using this feature, you can configure
the police command to set the class of service (CoS) bits for VLAN traffic and to set the outer CoS bits
for QinQ traffic. The 3-bit CoS field is part of the VLAN tag and indicates the priority level of the frame.
IEEE 802.1p establishes eight levels of priority: 0 to 7.
This feature polices the traffic on the inbound interface of the provider edge (PE) router where the
attachment VC terminates. Marking of frames using the set-cos-transmit policing action occurs on the
outbound interface. Therefore, when configuring this feature, you must attach a policy map that includes
the set-cos-transmit action to an outbound interface, not to an inbound interface.
The set-cos-transmit policing action marks the outer CoS bits. To configure marking of outer CoS bits,
configure the police command and specify the set-cos-transmit policing action as a conform, exceed, or
violate action.
The router supports set-cos-transmit as a three-color policing action in single-rate and dual-rate policing
policies, and in hierarchical policies.

Feature History for Set Layer 2 CoS as Policer Action


Cisco IOS Release

Description

Required PRE

Release 12.2(33)SB

This feature was introduced on the router for the PRE2,


PRE3, and PRE4.

PRE2, PRE3,
PRE4

Set Inner CoS as a Policer Action


The Set Inner CoS as a Policer Action feature uses the police command to set the inner VLAN class of
service (CoS) bits for QinQ traffic on the PRE2, PRE3, and PRE4. The 3-bit CoS field is part of the
VLAN tag and indicates the priority level of the frame. IEEE 802.1p establishes eight levels of priority:
0 to 7
This feature polices the traffic on the inbound interface of the provider edge (PE) router where the
attachment VC terminates. Marking of frames using the set-cos-inner-transmit policing action occurs on
the outbound interface. Therefore, when configuring this feature, you must attach a policy map that
includes the set-cos-inner-transmit action to an outbound interface, not to an inbound interface.
To configure marking of inner CoS bits, configure the police command and specify the
set-cos-inner-transmit policing action as a conform, exceed, or violate action.
The router supports the set-cos-inner-transmit policing action in single-rate and dual-rate policing
policies, and in hierarchical policies.

Feature History for Set Inner CoS as a Policer Action


Cisco IOS Release

Description

Required PRE

Release 12.2(33)SB

This feature was introduced on the router for the PRE2,


PRE3, and PRE4.

PRE2, PRE3,
PRE4

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-15

Chapter 6

Policing Traffic

Set Inner and Outer CoS as a Policer Action

Set Inner and Outer CoS as a Policer Action


The Set Inner and Outer CoS as a Policer Action feature uses the police command to set the inner and
outer VLAN class of service (CoS) bits for QinQ traffic on the PRE2, PRE3, and PRE4. The 3-bit CoS
field is part of the VLAN tag and indicates the priority level of the frame. IEEE 802.1p establishes eight
levels of priority: 0 to 7
This feature polices the traffic on the inbound interface of the provider edge (PE) router where the
attachment VC terminates. Marking of frames using the set-cos-transmit and set-cos-inner-transmit
policing actions occurs on the outbound interface. Therefore, when configuring this feature, you must
attach a policy map that includes the both of these policing actions to an outbound interface, not to an
inbound interface.
The set-cos-transmit policing action sets the outer CoS bits whereas the set-cos-inner-transmit action
sets the inner CoS bits. To configure marking of both inner and outer CoS bits at the same time, you must
specify both the set-cos-transmit and set-cos-inner-transmit policing actions in a single police command.
You can specify these policing actions as conform, exceed, or violate actions.
The router supports simultaneous inner and outer CoS marking in single-rate and dual-rate policing
policies, and in hierarchical policies.

Feature History for Set Inner and Outer CoS as a Policer Action
Cisco IOS Release

Description

Required PRE

Release 12.2(33)SB

This feature was introduced on the router for the PRE2,


PRE3, and PRE4.

PRE2, PRE3,
PRE4

Dual Police Actions


The router allows you to specify dual actions for conforming, exceeding, and violating traffic, one line
at a time. After you provide the police rates, press Return to enter the policy-map-class-police
configuration mode. While in this mode, you can configure the dual conform, exceed, and violate actions
by entering an action keyword and action value, and pressing Return after each specified action. Valid
combinations of dual actions are:

Note

set-clp-transmit and set-mpls-exp-imposition-transmit

set-frde-transmit and set-mpls-exp-imposition-transmit

set-cos-transmit and set-cos-inner-transmit

The router allows only the dual action combinations listed above and does not do error checking for these
actions.
For example, you can specify the first conform-action as set-frde-transmit and the second
conform-action as set-mpls-exp-imposition-transmit. If desired, you can then specify these same two
actions as the action for the first and second exceed actions and for the two violate actions.

Cisco 10000 Series Router Quality of Service Configuration Guide

6-16

OL-7433-09

Chapter 6

Policing Traffic
Policing Support for GRE Tunnels

If you upgrade from a Cisco IOS software release that does not support dual police actions to a
Cisco IOS release that supports dual police actions, the police command displays on a single line. If you
configure each police action on a separate line and then downgrade to a Cisco IOS release that does not
support dual actions, the router rejects the policer.
For backward compatibility, the router accepts the police command on a single line, but after entering
the police command, the router enters policy-map-class-police configuration mode.

Feature History for Dual Police Actions


Cisco IOS Release

Description

Required PRE

Release 12.2(33)SB

This feature was introduced on the router for the PRE3 and PRE3, PRE4
PRE4.

Policing Support for GRE Tunnels


The Policing Support for GRE Tunnels feature allows you to set the Differentiated Services Code Point
(DSCP) and IP precedence values on Generic Routing Encapsulation (GRE) tunnel packets.
This feature is essential for MPLS carriers to offer QoS on Multicast VPN services. Multicast VPN
(MVPN) uses GRE tunnels between PE devices, and multicast packets are placed in GRE tunnels for
transmission across the MPLS core network. The Policing Support for GRE Tunnels feature allows the
GRE tunnel to reflect the underlying QoS of the multicast packets. Once the GRE packets accurately
reflect the QoS markings of the underlying multicast packets, they may be queued accordingly as they
travel across the core nodes.
For more information, see the Policing Support for GRE Tunnels, Release 12.2(31)SB2 feature module
and the Tunnel Header Marking section on page 7-18.

Interfaces Supporting Policing


The following describes interface support for policing using the police command:
Interfaces Supporting the police Command

Physical

Multilink PPP and multilink Frame Relay

ATM unspecified bit rate (UBR) PVCs and point-to-point subinterfaces

ATM variable bit rate (VBR) and constant bit rate (CBR) PVCs, and point-to-point subinterfaces

Label-controlled ATM (LC-ATM) subinterfaces

Frame Relay permanent virtual circuits (PVCs), point-to-point subinterfaces, and map classes

Ethernet VLANs

IP tunnel

Virtual-access (See the VAI QoS Inheritance section on page 4-24.)

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-17

Chapter 6

Policing Traffic

Metering Traffic and Token Buckets

Note

The router supports the police command on inbound and outbound interfaces.
Interfaces Not Supporting the police Command

Fast Ethernet channel

Frame Relay data link connection identifier (DLCI)

Metering Traffic and Token Buckets


The following sections describe how single-rate and two-rate policers meter traffic using token buckets:

Metering Traffic Using Token Buckets (Single-Rate Policer), page 6-18

Metering Traffic Using Token Buckets (Two-Rate Policer), page 6-19

Metering Traffic Using Token Buckets (Single-Rate Policer)


The router uses two token buckets to meter the traffic that passes through the system: conforming and
exceeding. The router uses the first bucket to hold tokens that determine whether the committed
information rate (CIR) is conforming (green) or exceeding (yellow). A traffic stream is conforming when
the average number of bytes over time does not cause the bucket to overflow. The first bucket can hold
bytes up to the size of the committed burst (bc) before overflowing.
A traffic stream exceeds the police rate when it causes the first token bucket to overflow into the second
token bucket. When this occurs, the router marks the traffic stream yellow. The second token bucket is
filled as long as the traffic exceeds the police rate.
The second token bucket can hold bytes up to the size of the excess burst (be) before overflowing. A
traffic stream violates the police rate if the second token bucket overflows. When this occurs, the router
marks the traffic stream red.
The router updates the tokens for both the conforming and exceeding token buckets based on the token
arrival rate or the committed information rate (CIR). When a packet of a given size (for example, B
bytes) arrives at specific time (time T), the following actions occur:

The router updates the tokens in the conforming bucket. If the previous arrival of the packet was at
the rate of T1 (1.544 Mbps) and the current arrival of the packet is at T, the router updates the bucket
with T minus T1 worth of bits based on the token arrival rate. The router places refill tokens in the
conforming bucket. If the tokens overflow the conforming bucket, the router places the overflow
tokens in the exceeding bucket.
The router calculates the token arrival rate in the following way:
(time between packets * policer rate) / 8 bytes
where time between packets equals T T1

If the number of bytes in the conforming bucket is greater than or equal to 0, the packet conforms.
The router removes the number of bytes of the packet from the conforming bucket and takes the
conform action on the packet. In this scenario, the exceeding bucket is unaffected.

If the number of bytes in the conforming bucket is less than 0, the router checks the exceeding bucket
for bytes. If the number of bytes in the exceeding bucket is greater than or equal to 0, the router
removes the number of bytes of the packet from the exceeding token bucket and takes the exceed
action. The router does not remove bytes from the conforming bucket.

Cisco 10000 Series Router Quality of Service Configuration Guide

6-18

OL-7433-09

Chapter 6

Policing Traffic
Metering Traffic and Token Buckets

If the number of bytes in the exceeding bucket is less than 0, the packet violates the rate and the
router takes the violate action.

Metering Traffic Using Token Buckets (Two-Rate Policer)


The two-rate policer manages the maximum rate of traffic by using two token buckets: the committed
token bucket and the peak token bucket. The dual-token bucket algorithm uses user-configured values to
determine the maximum rate of traffic allowed on a queue at a given moment. In this way, the two-rate
policer can meter traffic at two independent rates: the committed information rate (CIR) and the peak
information rate (PIR).
The committed token bucket can hold bytes up to the size of the committed burst (bc) before
overflowing. This token bucket holds the tokens that determine whether a packet conforms to or exceeds
the CIR as the following describes:

A traffic stream is conforming when the average number of bytes over time does not cause the
committed token bucket to overflow. When this occurs, the token bucket algorithm marks the traffic
stream green.

A traffic stream is exceeding when it causes the committed token bucket to overflow into the peak
token bucket. When this occurs, the token bucket algorithm marks the traffic stream yellow. The
peak token bucket is filled as long as the traffic exceeds the police rate.

The peak token bucket can hold bytes up to the size of the peak burst (be) before overflowing. This token
bucket holds the tokens that determine whether a packet violates the PIR. A traffic stream is violating
when it causes the peak token bucket to overflow. When this occurs, the token bucket algorithm marks
the traffic stream red.
The dual-token bucket algorithm provides users with three actions for each packeta conform action,
an exceed action, and an optional violate action. Traffic entering a queue with the two-rate policer
configured is placed into one of these categories. Within these three categories, users can decide packet
treatments. For instance, packets that conform can be configured to be sent; packets that exceed can be
configured to be sent with a decreased priority; and packets that violate can be configured to be dropped.
Figure 6-1 shows how the two-rate policer marks a packet and assigns a corresponding action to the
packet.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-19

Chapter 6

Policing Traffic

Metering Traffic and Token Buckets

Figure 6-1

Marking Packets and Assigning Actions2-Rate Policer

CIR

PIR

Bc

Be

B > Tp

No

B > Tc

No

Packet of size B
Yes

Violate

Exceed

Conform

Action

Action

Action

60515

Yes

For example, if a data stream with a rate of 250 kbps arrives at the two-rate policer, and the CIR is
100 kbps and the PIR is 200 kbps, the policer marks the packet in the following way:

100 kbps conforms to the rate

100 kbps exceeds the rate

50 kbps violates the rate

The router updates the tokens for both the committed and peak token buckets in the following way:

The router updates the committed token bucket at the CIR value each time a packet arrives at the
interface. The committed token bucket can contain up to the committed burst (bc) value.

The router updates the peak token bucket at the PIR value each time a packet arrives at the interface.
The peak token bucket can contain up to the peak burst (be) value.

When an arriving packet conforms to the CIR, the router takes the conform action on the packet and
decrements both the committed and peak token buckets by the number of bytes of the packet.

When an arriving packet exceeds the CIR, the router takes the exceed action on the packet,
decrements the committed token bucket by the number of bytes of the packet, and decrements the
peak token bucket by the number of overflow bytes of the packet.

When an arriving packet exceeds the PIR, the router takes the violate action on the packet, but does
not decrement the peak token bucket.

Cisco 10000 Series Router Quality of Service Configuration Guide

6-20

OL-7433-09

Chapter 6

Policing Traffic
Committed Bursts and Excess Bursts

Committed Bursts and Excess Bursts


Unlike a traffic shaper, a traffic policer does not buffer excess packets and transmit them later. Instead,
the policer executes a send or do not send policy without buffering. During periods of congestion,
proper configuration of the excess burst parameter enables the policer to drop packets less aggressively.
Therefore, it is important to understand how policing uses the committed (normal) and excess burst
values to ensure the router reaches the configured committed information rate (CIR).
Burst parameters are based on a generic buffering rule for routers, which recommends that you configure
buffering to be equal to the round-trip time bit-rate to accommodate the outstanding TCP windows of all
connections in times of congestion.
The following sections describe committed bursts and excess bursts, and the recommended formula for
calculating each of them:

Committed Bursts, page 6-21

Excess Bursts, page 6-22

Deciding if Packets Conform or Exceed the Committed Rate, page 6-23

Committed Bursts
The committed burst (bc) parameter of the police command implements the first, conforming (green)
token bucket that the router uses to meter traffic. The bc parameter sets the size of this token bucket.
Initially, the token bucket is full and the token count is equal to the committed burst size (CBS).
Thereafter, the meter updates the token counts the number of times per second indicated by the
committed information rate (CIR).
The following describes how the meter uses the conforming token bucket to send packets:

If sufficient tokens are in the conforming token bucket when a packet arrives, the meter marks the
packet green and decrements the conforming token count by the number of bytes of the packet.

If there are insufficient tokens available in the conforming token bucket, the meter allows the traffic
flow to borrow the tokens needed to send the packet. The meter checks the exceeding token bucket
for the number of bytes of the packet. If the exceeding token bucket has a sufficient number of tokens
available, the meter marks the packet:
a. Green and decrements the conforming token count down to the minimum value of 0.
b. Yellow, borrows the remaining tokens needed from the exceeding token bucket, and decrements

the exceeding token count by the number of tokens borrowed down to the minimum value of 0.

Note

If an insufficient number of tokens is available, the meter marks the packet red and does not
decrement either of the conforming or exceeding token counts.

When the meter marks a packet with a specific color, there must be a sufficient number of tokens of that
color to accommodate the entire packet. Therefore, the volume of green packets is never smaller than the
committed information rate (CIR) and committed burst size (CBS). Tokens of a given color are always
used on packets of that color.
The default committed burst size is the greater of 2 milliseconds of bytes at the police rate or the network
maximum transmission unit (MTU).

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-21

Chapter 6

Policing Traffic

Committed Bursts and Excess Bursts

Committed Burst Calculation


To calculate committed burst, use the following formula:
bc = CIR bps * (1 byte) / (8 bits) * 1.5 seconds

Note

1.5 seconds is the typical round-trip time.


For example, if the committed information rate is 512000 bps, then using the committed burst formula,
the committed burst is 96000 bytes.
bc = 512000 * 1/8 * 1.5
bc = 64000 * 1.5 = 96000

Note

When the be value equals 0, we recommend that you set the egress bc value to be greater than or equal
to the ingress bc value plus 1. Otherwise, packet loss can occur. For example:
be = 0
egress bc >= ingress bc + 1

Excess Bursts
The excess burst (be) parameter of the police command implements the second, exceeding (yellow)
token bucket that the router uses to meter traffic. The exceeding token bucket is initially full and the
token count is equal to the excess burst size (EBS). Thereafter, the meter updates the token counts the
number of times per second indicated by the committed information rate (CIR).
The following describes how the meter uses the exceeding token bucket to send packets:

When the first token bucket (the conforming bucket) meets the committed burst size (CBS), the
meter allows the traffic flow to borrow the tokens needed from the exceeding token bucket. The
meter marks the packet yellow and then decrements the exceeding token bucket by the number of
bytes of the packet.

If the exceeding token bucket does not have the required tokens to borrow, the meter marks the
packet red and does not decrement the conforming or the exceeding token bucket. Instead, the meter
performs the exceed-action configured in the police command (for example, the policer drops the
packets).

Excess Burst Calculation


To calculate excess burst, use the following formula:
be = 2 * committed burst
For example, if you configure a committed burst of 4000 bytes, then using the excess burst formula, the
excess burst is 8000 bytes.
be = 2 * 4000 = 8000
The default excess burst size is 0.

Cisco 10000 Series Router Quality of Service Configuration Guide

6-22

OL-7433-09

Chapter 6

Policing Traffic
Data Included in the Policing Rate

Deciding if Packets Conform or Exceed the Committed Rate


Policing uses normal or committed burst (bc) and excess burst (be) values to ensure that the configured
committed information rate (CIR) is reached. Policing decides if a packet conforms or exceeds the CIR
based on the burst values you configure. Several factors can influence the policers decision, such as the
following:

Low burst valuesIf you configure burst values too low, the achieved rate might be much lower than
the configured rate.

Temporary burstsThese bursts can have a strong adverse impact on throughput of Transmission
Control Protocol (TCP) traffic.

It is important that you set the burst values high enough to ensure good throughput. If your router drops
packets and reports an exceeded rate even though the conformed rate is less than the configured CIR, use
the show interface command to monitor the current burst, determine whether the displayed value is
consistently close to the committed burst (bc) and excess burst (be) values, and if the actual rates (the
committed rate and exceeded rate) are close to the configured committed rate. If not, the burst values
might be too low. Try reconfiguring the burst rates using the suggested calculations in the Committed
Burst Calculation section on page 6-22 and the Excess Burst Calculation section on page 6-22.

Data Included in the Policing Rate


Table 6-2 describes the data included and excluded in the policing rate.
Table 6-2

Policing Rate Data

Media

Data Included

Data Excluded

Frame Relay

Layer 2 framing

No bit or byte stuffing


No 7E flags1
No Frame Check Sequence (FCS)

Ethernet

Layer 2 framing

Generic Traffic Shaping Class-Based


Shaping

No Inter-Frame Gap (IFG)


No Preamble
No Start of Frame Delimiter (SFD)
No Frame Check Sequence (FCS)
ATM
(VBR)

Layer 2 framing

No cell header

Cell overhead

No AAL Common Part Convergence


Sublayer (CPCS) pad
No ATM trailer

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-23

Chapter 6

Policing Traffic

Data Included in the Policing Rate

Table 6-2

Policing Rate Data

Media

Data Included

Data Excluded

ATM
(UBR)

Layer 2 framing

Class-Based Shaping

Cell overhead

No ATM cell overhead


No AAL Common Part Convergence
Sublayer (CPCS) pad

ATM
(CBR)

Layer 2 framing

Class-Based Shaping

Cell overhead

No ATM cell overhead


No AAL Common Part Convergence
Sublayer (CPCS) pad

1. The router does not account for flags or Frame Check Sequence (FCS) that the hardware adds or removes.

Table 6-3 describes what bandwidth is based on for each media type.
Table 6-3

Basis for Bandwidth

Media

Bandwidth Based On

Frame Relay

Fragments1

Ethernet

Bits

ATM variable bit rate (VBR)

Sustained cell rate (SCR)

ATM unspecified bit rate (UBR)

Peak cell rate (PCR)

ATM constant bit rate (CBR)

Peak cell rate (PCR)

1. For Frame Relay networks with link fragmentation and interleaving (LFI) enabled.

Be sure to take into account the framing and cell overhead when specifying a minimum bandwidth for a
class. For example, if you need to commit a rate of 1000 64-byte packets per second and each packet has
4 bytes of framing overhead, instead of using 512 kbps in the bandwidth or police command, use
544 kbps, calculated as follows:
1000 * (64 + 4) * 8 /1000 = 544
A similar scenario for ATM requires 848 kbps because each 64-byte packet requires two cells of
53 bytes.
1000 * 2 * 53 * 8 / 1000 = 848

Cisco 10000 Series Router Quality of Service Configuration Guide

6-24

OL-7433-09

Chapter 6

Policing Traffic
Policing Rate Granularity

Policing Rate Granularity


Policing

The router converts the policing rate you specify in bits per second to 8,000-byte increments. When
you specify a policing rate, the router rounds the rate up or down to the nearest multiple of 8000.
For example, if you request 127,000 bps, the router rounds up to 128,000 bps; for 124,000 bps, the
router rounds up to 128,000 bps; and for 123,999 bps the router rounds down to 120,000 bps.

Percent-Based Policing

The committed information rate (CIR) is based on a percentage of the maximum amount of
bandwidth available on the interface.

For percent-based policing, the burst value in milliseconds is based on the policing rate.

Within a nested policy, the police percentage is based on the nearest parent shape rate. If no parent
shaping exists, the police percentage is based on the link bandwidth.

Avoiding Bandwidth Starvation Due to Priority Services


The Cisco 10000 series router services priority traffic at near line rate to ensure that traffic is handled
with minimal delay. The router gives preference to the priority class over other class queues on a traffic
link. Unless the priority class contains a police command, the router does not police the priority traffic
to its configured rate and the router does not discard excess priority traffic. As a result, excess priority
traffic might cause additional packet delay and other queues on the link might experience bandwidth
starvation.
To prevent the priority queue from starving the other queues, use the police command with the priority
command. To ensure the committed rate of the priority queue, you must set the exceed and violate
actions of the police command to drop. You can use the bandwidth command on the other queues on
the link to create one or more queues with guaranteed bandwidth.
Example 6-1 shows how to configure the priority and police commands for a priority class:
Example 6-1

Configuring the priority and police Commands

Router(config)# policy-map gold


Router(config-pmap)# class class1
Router(config-pmap-c)# priority
Router(config-pmap-c)# police 512000 8000 1000 conform-action transmit exceed-action drop
violate-action drop

Example 6-2 shows how to configure the priority and police percent commands for a priority class:
Example 6-2

Configuring the priority and police percent Commands

Router(config)# policy-map new-traffic


Router(config-pmap)# class voice
Router(config-pmap-c)# priority
Router(config-pmap-c)# queue-limit 32
Router(config-pmap-c)# police percent 25 2 ms 2 ms conform-action transmit exceed-action
drop violate-action drop

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-25

Chapter 6

Policing Traffic

Restrictions and Limitations for Traffic Policing

Bandwidth and Policing


The police command allows you to police the traffic that passes through the router. You can configure
traffic policing in bits per second (bps) or as a percentage of bandwidth of the network interface on which
policing is applied. Configuring traffic policing based on bandwidth percentage enables you to use the
same policy map for multiple interfaces with differing amounts of bandwidth.
To configure traffic policing on the basis of a percentage of bandwidth available on an interface, use the
police percent command in policy-map class configuration mode. The police percent command
calculates the CIR based on a percentage of the maximum amount of bandwidth available on the
interface. When you attach a policy map to an interface, the router calculates the equivalent CIR values
in bits per second (bps) based on the interface bandwidth and the percentage you entered for the
police percent command.
The police percent command also allows you to optionally specify values for the conform burst size and
the peak burst size in bytes per millisecond. If you specify the burst sizes, be sure to specify the size in
milliseconds.
If the interface bandwidth changes (for example, more is added), the router recalculates the bps values
of the CIR based on the revised amount of bandwidth. If you change the CIR percentage after you attach
the policy map to the interface, the router recalculates the bps value of the CIR.
When you use a percent-based police command within a nested policy, the police percentage is based on
the policys topmost, class-default, shape rate. Otherwise, the police percentage is based on the
bandwidth of the network interface on which the police command is applied.
In a hierarchical policy, the police percent command uses the maximum rate of bandwidth available as
the reference point for calculating the bandwidth percentage. Within a nested policy, the police percent
is based on the policys topmost, class-default, shape rate. Otherwise, the police percent is based on the
bandwidth of the network interface on which the police command is applied.
When the police percent command is configured in a child (secondary-level) policy map, the police
percent command uses the bandwidth amount specified in the next higher-level policy, which in this
case is the parent (primary-level) policy map. The police percent command always looks to the next
higher level for the bandwidth reference point.

Restrictions and Limitations for Traffic Policing

You can configure a maximum of 131,072 (PRE1) or 262,144 (PRE2) policing instances.

The router supports only the policing actions listed in Table 6-1 on page 6-3.

You cannot specify multiple conform or exceed actions for a specific class in a policy map.

In releases prior to Cisco IOS Release 12.2(33)SB, the router supports up to 16 police action types.
In Cisco IOS Release 12.2(33)SB and later releases, the router supports up to 32 police action types.

The router does not allow you to attach a policy map to the inbound interface when the policy map
contains a set-cos-transmit or set-cos-inner-transmit policing action.

The router supports only the following combinations of dual actions on the output interface:
set-cos-transmit and set-cos-inner-transmit

The router allows the set-cos-transmit police action only when it is applied to an output policy.

The set-cos-transmit police action sets only the outer CoS bits.

The router allows the set-cos-inner-transmit police action only when it is applied to an output policy.

Cisco 10000 Series Router Quality of Service Configuration Guide

6-26

OL-7433-09

Chapter 6

Policing Traffic
Configuring Traffic Policing

The set-cos-inner-transmit police action sets only the inner CoS bits.

The router supports the set-cos-inner-transmit policing action only on QinQ subinterfaces. If you
configure this policing action in a flat policy map or a 2-level hierarchical policy and attach the
policy to an interface that is not a QinQ subinterface, the router displays an error message. However,
if you configure the set-cos-inner--transmit action in a 3-level policy map and attach the policy to a
non-QinQ subinterface, no error message displays and the router appears to accept the policy.
Therefore, we recommend that you do not use the set-cos-inner-transmit policing action in a 3-level
policy map attached to non-QinQ subinterfaces.

The router supports the set-clp-transmit and set frde-transmit police actions on the ingress for an
Any Transport over MPLS (AToM) Layer 2 VPN (L2VPN) configuration only.

The router supports only the following combinations of dual actions on the AToM L2VPN ingress:
set-clp-transmit and set-mpls-exp-imposition-transmit
set-frde-transmit and set-mpls-exp-imposition-transmit

The router does not perform extensive error checking to reject invalid combinations of dual actions.
If you provide unsupported combinations, the results may be unpredictable.

On the PRE3 and PRE4, the router enters policy-map-class-police configuration mode after you
enter the police command, regardless of whether the command specifies a single action or dual
actions.

On the PRE3 and PRE4, when specifying multiple actions, the router displays each action on a
separate line.

Configuring Traffic Policing


To configure traffic policing, perform any of the following configuration tasks:

Configuring Single-Rate Traffic Policing Based on Bits per Second, page 6-28

Configuring Percent-Based Policing, page 6-32

Configuring Two-Rate Policing, page 6-35

Marking Traffic Using Police Actions, page 6-36

Configuring Dual Police Actions, page 6-37

For more information about classifying traffic and creating QoS service policies, see Chapter 2,
Classifying Traffic and Chapter 3, Configuring QoS Policy Actions and Rules.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-27

Chapter 6

Policing Traffic

Configuring Traffic Policing

Configuring Single-Rate Traffic Policing Based on Bits per Second


To configure traffic policing based on bits per second (bps), enter the following commands beginning in
global configuration mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Specifies the name of the policy map and enters policy-map


configuration mode.
policy-map-name is the name of the policy map.

Step 2

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map.


Enters policy-map class configuration mode.
class-map-name is the name of a previously configured
class map and is the traffic class for which you want to
define QoS actions.

Step 3

Router(config-pmap-c)# police [cir] bps


[bc] burst-normal [pir pir] [be] burst-excess
[conform-action action] [exceed-action action]
[violate-action action]

Configures bits per second-based traffic policing.


For more information, see the police Command
(Single-Rate) section on page 6-6 or the police Command
(Two-Rate) section on page 6-9.

Configuration Examples for Configuring Single-Rate Traffic Policing Based on Bits per Second
This section provides the following configuration examples:

Configuration Example for Configuring a Single Policing Rate and Burst Sizes, page 6-28

Configuration Example for Configuring Single-Rate Two-Color Policing, page 6-29

Configuration Example for Configuring Single-Rate Three-Color Policing, page 6-29

Configuration Example for Policing a Priority Service, page 6-30

Configuration Example for Configuring Single-Rate Policing in a Hierarchical Policy, page 6-30

Configuration Example for Policing PPPoE over ATM Sessions, page 6-31

Configuration Example for Configuring a Single Policing Rate and Burst Sizes
Example 6-3 shows how to configure a policing rate for the class named group1 in the policy map named
police. In the example, the router polices group1 traffic at 8000 bits per second and allows committed
bursts of 2000 bytes and excess bursts of 4000 bytes.
Example 6-3

Configuring a Policing Rate Based on Bits per Second

Router(config)# class-map group1


Router(config-cmap)# match access-group 2
Router(config-cmap)# exit
Router(config)# policy-map police
Router(config-pmap)# class group1
Router(config-pmap-c)# police 8000 2000 4000
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface atm 1/0/0.1 point-to-point
Router(config-subif)# service-policy input police

Cisco 10000 Series Router Quality of Service Configuration Guide

6-28

OL-7433-09

Chapter 6

Policing Traffic
Configuring Traffic Policing

Configuration Example for Configuring Single-Rate Two-Color Policing


Example 6-4 shows how to configure single-rate two-color policing that includes actions for conforming
and exceeding traffic. In the example, policing is configured for the class named Group1 in the policy
map named Premium. The router polices Group1 traffic at 8,000,000 bits per second and allows
committed bursts of 4000 bytes and excess bursts of 6000 bytes. The router transmits Group1 traffic that
conforms to the normal or committed rate and sets the precedence-transmit value to 2 for Group1 traffic
that exceeds the burst sizes. The router polices Group2 traffic at 4,000,000 bits per second and allows
committed bursts of 2000 bytes and excess bursts of 5000 bytes. The router transmits Group2 traffic that
conforms to the policing rate and sets the dscp-transmit value to 5 for Group2 traffic that exceeds the
burst sizes.
Example 6-4

Configuring Single-Rate Two-Color Policing

Router(config)# policy-map Premium


Router(config-pmap)# class Group1
Router(config-pmap-c)# police 8000000 4000 6000 conform-action transmit exceed-action
set-prec-transmit 2
Router(config-pmap-c)# exit
Router(config-pmap)# class Group2
Router(config-pmap-c)# police 4000000 2000 5000 conform-action transmit exceed-action
set-dscp-transmit 5
Router(config-pmap)# exit
Router(config)# interface atm 1/0/0.1 point-to-point
Router(config-subif)# service-policy input Premium

Configuration Example for Configuring Single-Rate Three-Color Policing


Example 6-5 shows how to configure single-rate three-color policing that includes actions for
conforming, exceeding, and violating traffic. In the example, policing is configured for the classes
named Bronze and Silver in the policy map named Policy_0. The router polices Bronze traffic at
4,000,000 bits per second and allows normal or committed bursts of 5000 bytes and excess bursts of 2000
bytes. The router transmits Bronze traffic that conforms to the policing rate, sets the precedence-transmit
value to 2 for Bronze traffic that exceeds the burst sizes, and drops Bronze traffic that violates the
policing rate. The router polices Silver traffic at 8,000,000 bits per second and allows committed bursts
of 6000 bytes and excess bursts of 4000 bytes. The router transmits Silver traffic that conforms to the
policing rate, drops Silver traffic that exceeds the burst sizes, and drops Silver traffic that violates the
policing rate.
Example 6-5

Configuring Single-Rate Three-Color Policing

Router(config)# policy-map Policy_0


Router(config-pmap)# class class-default
Router(config-pmap-c)# set ip precedence 0
Router(config-pmap-c)# class Bronze
Router(config-pmap-c)# police 4000000 5000 2000 conform-action transmit exceed-action
set-prec-transmit 2 violate-action drop
Router(config-pmap-c)# class Silver
Router(config-pmap-c)# police 8000000 6000 4000 conform-action transmit exceed-action drop
violate-action drop
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface atm 1/0/0.1 point-to-point
Router(config-subif)# pvc 1/32
Router(config-atm-vc)# service-policy input Policy_0

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-29

Chapter 6

Policing Traffic

Configuring Traffic Policing

Configuration Example for Policing a Priority Service


Example 6-6 shows how to configure the police command for a priority service. In the example, the
priority class named Priority-Class is configured in the policy map named Gold. The router polices
Priority-Class traffic at 10200 bits per second and allows committed bursts of 1000 bytes and excess
bursts of 500 bytes. The router transmits Priority-Class traffic that conforms to the policing rate, drops
Priority-Class traffic that exceeds the burst sizes, and drops Priority-Class traffic that violates the
policing rate.
Example 6-6

Policing a Priority Service

Router(config)# policy-map Gold


Router(config-pmap)# class Priority-Class
Router(config-pmap-c)# priority
Router(config-pmap-c)# police 102000 1000 500 conform-action transmit exceed-action drop
violate-action drop

Configuration Example for Configuring Single-Rate Policing in a Hierarchical Policy


Example 6-7 shows how to configure a hierarchical policy named Parent-Policy and attach it to VLAN 2
(as indicated in the encapsulation dot1q 2 command) on the Gigabit Ethernet subinterface 1/0/0.1. In
the Parent-Policy class-default class, bandwidth is shaped to 512 kbps. The policy map named
Child-Policy is applied to the Parent-Policy. After the router shapes the bandwidth to 512 kbps as
indicated in class-default, the router then polices Group1 and Group2 traffic configured in the policy
map named Child-Policy. The router polices Group1 traffic at 12000 bits per second and allows
committed bursts of 500 bytes and excess bursts of 1000 bytes. The router polices Group2 traffic at 8000
bits per second and allows committed bursts of 4000 bytes and excess bursts of 2000 bytes. The router
performs three-color policing on both Group1 and Group2 traffic.
Example 6-7

Configuring Single-Rate Policing in a Hierarchical Policy

Router(config)# policy-map Child-Policy


Router(config-pmap)# class Group1
Router(config-pmap-c)# police 12000 500 1000 conform-action transmit exceed-action
set-qos-transmit 4 violate-action set-qos-transmit 4
Router(config-pmap-c)# class Group2
Router(config-pmap-c)# police 8000 4000 2000 conform-action transmit exceed-action drop
violate-action drop
Router(config-pmap-c)# exit
Router(config-pmap)# policy-map Parent-Policy
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape 512000
Router(config-pmap-c)# service-policy Child-Policy
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface GigabitEthernet 1/0/0.1
Router(config-subif)# encapsulation dot1q 2
Router(config-atm-range)# service-policy output Parent-Policy

Cisco 10000 Series Router Quality of Service Configuration Guide

6-30

OL-7433-09

Chapter 6

Policing Traffic
Configuring Traffic Policing

Configuration Example for Policing PPPoE over ATM Sessions


Example 6-8 shows how to create a policy map named Group1 and associate it with a virtual template
interface named Virtual-Template 1. In the example, the router polices the Gold traffic at 8000 bits per
second and allows committed bursts of 4000 bytes and excess bursts of 2000 bytes. The router polices
the Bronze traffic at 5000 bits per second and allows committed bursts of 2000 bytes and excess bursts
of 1000 bytes. The router performs three-color policing on the Gold traffic and two-color policing on the
Bronze traffic.
When PPPoE sessions arrive on an interface, the protocol pppoe command configured on the interface
points to a broadband aggregation (BBA) group, which references a virtual template that the router uses
to create the virtual access interface (VAI) for the session. The router applies the QoS policy attached to
the virtual template to the session.
Example 6-8

Configuring Policing for PPPoE Sessions

Router(config)# policy-map Group1


Router(config-pmap)# class Gold
Router(config-pmap-c)# police 8000 4000 2000 conform-action transmit exceed-action drop
violate-action drop
Router(config-pmap-c)# class Bronze
Router(config-pmap-c)# police 5000 2000 1000 conform-action transmit exceed-action drop
!
Router(config)# bba-group PPPoE
Router(config-bba)# pppoe limit per-vc 200
Router(config-bba)# protocol pppoe
Router(config-bba)# Virtual-Template 1
!
Router(config)# interface Loopback0
Router(config-if)# ip address 192.168.1.1 255.255.255.0
!
Router(config)# interface atm 1/0/0.132 multipoint
Router(config-atm-vc)# pvc 1/33
Router(config-atm-vc)# encapsulation aal5snap
Router(config-atm-vc)# protocol pppoe group PPPoE
!
Router(config)# interface Virtual-Template 1
Router(config-if)# ip unnumbered Loopback0
Router(config-if)# peer default ip address pool PPPoEpool
Router(config-if)# ppp authentication chap
Router(config-if)# service-policy input Gold
!
Router(config)# ip local pool PPPoEpool 192.168.1.2 192.168.1.254

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-31

Chapter 6

Policing Traffic

Configuring Traffic Policing

Configuring Percent-Based Policing


To configure policing based on a percentage of the bandwidth available on an interface, enter the
following commands beginning in global configuration mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Specifies the name of the policy map and enters


policy-map configuration mode.
policy-map-name is the name of the policy map.

Step 2

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map.


Enters policy-map class configuration mode.
class-map-name is the name of a previously configured
class map and is the traffic class for which you want to
define QoS actions.

Step 3

Router(config-pmap-c)# police [cir] percent


percent [bc] normal-burst-in-msec
[be] excess-burst-in-msec [conform-action action]
[exceed-action action] [violate-action action]

Configures traffic policing based on a percentage of


bandwidth available on an interface.
For more information, see the police percent Command
section on page 6-11.

Configuration Examples for Configuring Percent-Based Policing


This section provides the following configuration examples:

Configuration Example for Configuring Percent-Based Policing, page 6-32

Configuration Example for Configuring Percent-Based Two-Color Policing, page 6-33

Configuration Example for Configuring Percent-Based Three-Color Policing, page 6-33

Configuration Example for Configuring Percent-Based Policing in a Hierarchical Policy, page 6-34

Configuration Example for Percent-Based Policing of a Priority Service, page 6-34

Configuration Example for Configuring Percent-Based Policing


Example 6-9 shows how to configure percent-based policing. In the example, the class named Premium
is configured in the policy map named Test. The Premium class is a priority class with a queue depth of
32. The router allocates 5 percent of the committed rate to Premium traffic and allows burst sizes of 2 ms
for both committed and excess bursts.
Example 6-9

Configuration Example for Percent-Based Policing

Router(config)# policy-map Test


Router(config-pmap)# class Premium
Router(config-pmap-c)# priority
Router(config-pmap-c)# queue-limit 32
Router(config-pmap-c)# police percent 5 2 ms 2 ms

Cisco 10000 Series Router Quality of Service Configuration Guide

6-32

OL-7433-09

Chapter 6

Policing Traffic
Configuring Traffic Policing

Configuration Example for Configuring Percent-Based Two-Color Policing


Example 6-10 shows how to configure two-color percent-based policing. In the example, policing is
configured for the classes named Voice and Test in the policy map named Premium. The router allocates
10 percent of the committed rate to voice traffic and allows burst sizes of 2 ms. The router transmits
Voice traffic that conforms to the committed rate and sets the precedence-transmit value to 2 for Voice
traffic that exceeds the burst sizes. The router allocates 5 percent of the committed rate to Test traffic
and allows committed bursts of 4 ms and excess bursts of 2 ms. The router transmits Test traffic that
conforms to the committed rate and drops Test traffic that exceeds the burst sizes.
Example 6-10 Configuring Percent-Based Two-Color Policing
Router(config)# policy-map Premium
Router(config-pmap)# class Voice
Router(config-pmap-c)# police percent 10 2 ms 2 ms conform-action transmit exceed-action
set-prec-transmit 2
Router(config-pmap-c)# class Test
Router(config-pmap-c)# police percent 5 4 ms 2 ms conform-action transmit exceed-action
drop
Router(config-pmap)# exit
Router(config)# interface atm 1/0/0.1 point-to-point
Router(config-subif)# service-policy input Premium

Configuration Example for Configuring Percent-Based Three-Color Policing


Example 6-11 shows how to configure three-color percent-based policing. In the example, policing is
configured for the class named Bronze in the policy map named Policy_0. The router allocates 10
percent of the committed rate to Bronze traffic and allows burst sizes of 2 ms. The router transmits
Bronze traffic that conforms to the committed rate, sets the precedence-transmit value to 2 for Bronze
traffic that exceeds the burst sizes, and drops Bronze traffic that violates the committed rate. For the
Silver class, the router polices Silver traffic at 8,000,000 bits per second and allows committed bursts of
4000 bytes and excess bursts of 6000 bytes. The router transmits Silver traffic that conforms to the
committed rate, sets the QoS transmit value to 4 for Silver traffic that exceeds the burst sizes, and drops
Silver traffic that violates the committed rate.
Example 6-11 Configuring Percent-Based Three-Color Policing
Router(config)# policy-map Policy_0
Router(config-pmap)# class class-default
Router(config-pmap-c)# set ip precedence 0
Router(config-pmap-c)# class Bronze
Router(config-pmap-c)# police percent 10 2 ms 2 ms conform-action transmit exceed-action
set-prec-transmit 2 violate-action drop
Router(config-pmap-c)# class Silver
Router(config-pmap-c)# police 8000000 4000 6000 conform-action transmit exceed-action
set-qos-transmit 4 violate-action drop
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface atm 1/0/0.1 point-to-point
Router(config-subif)# pvc 1/32
Router(config-if-atm-range)# service-policy input Policy_0

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-33

Chapter 6

Policing Traffic

Configuring Traffic Policing

Configuration Example for Configuring Percent-Based Policing in a Hierarchical Policy


Example 6-12 shows how to configure a hierarchical policy and attach it to PVC 5/101. The router first
shapes the bandwidth to 512000 bits per second as indicated in the Parent policy class-default class. The
router then polices the Bronze and Gold classes in the policy-map named Child. The router allocates
30 percent of the committed rate to the Bronze traffic and allows committed bursts of 6 ms and excess
bursts of 4 ms. The router transmits Bronze traffic that conforms to the committed rate and drops Bronze
traffic that exceeds the burst sizes. The router polices Gold traffic at 8000 bits per second and allows
committed bursts of 2000 bytes and excess bursts of 4000 bytes. The router transmits Gold traffic that
conforms to the committed rate and sets the QoS transmit value to 4 for traffic that exceeds burst sizes.
Example 6-12 Policing in a Hierarchical Policy
Router(config)# policy-map Child
Router(config-pmap)# class Bronze
Router(config-pmap-c)# police percent 30 6 ms 4 ms conform-action transmit exceed-action
drop
Router(config-pmap-c)# class Gold
Router(config-pmap-c)# police 8000 2000 4000 conform-action transmit exceed-action
set-qos-transmit 4
Router(config-pmap-c)# exit
Router(config-pmap)# policy-map Parent
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape 512000
Router(config-pmap-c)# service-policy Child
!
Router(config-if)# interface atm 3/0/0.3 point-to-point
Router(config-subif)# no atm pxf queuing
Router(config-subif)# pvc 5/101
Router(config-if-atm-vc)# vbr-nrt 5000 2000
Router(config-if-atm-vc)# service-policy out Parent

Configuration Example for Percent-Based Policing of a Priority Service


Example 6-13 shows how to configure the police percent command for a priority service. In the
example, the priority class named Voice is configured in the policy map named New-Traffic. The router
allocates 25 percent of the committed rate to Voice traffic and allows committed bursts of 4 ms and
excess bursts of 1 ms. The router transmits Voice traffic that conforms to the committed rate, sets the
QoS transmit value to 4 for Voice traffic that exceeds the burst sizes, and drops Voice traffic that violates
the committed rate.
Example 6-13 Policing a Priority Service Using Percent-Based Policing
Router(config)# policy-map New-Traffic
Router(config-pmap)# class Voice
Router(config-pmap-c)# priority
Router(config-pmap-c)# queue-limit 32
Router(config-pmap-c)# police percent 25 4 ms 1 ms conform-action transmit exceed-action
set-qos-transmit 4 violate-action drop

Cisco 10000 Series Router Quality of Service Configuration Guide

6-34

OL-7433-09

Chapter 6

Policing Traffic
Configuring Traffic Policing

Configuring Two-Rate Policing


To configure policing based on a committed information rate (CIR) and a peak information rate (PIR),
enter the following commands beginning in global configuration mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Specifies the name of the policy map and enters policy-map


configuration mode.
policy-map-name is the name of the policy map.

Step 2

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map. Enters
policy-map class configuration mode.
class-map-name is the name of a previously configured class map
and is the traffic class for which you want to define QoS actions.

Step 3

Router(config-pmap-c)# police {cir cir}


[bc] burst-normal [pir pir]
[be] peak-burst [conform-action action]
[exceed-action action] [violate-action
action]

Configures two-rate traffic policing by specifying both the


committed information rate (CIR) and the peak information rate
(PIR).
For more information, see the police Command (Two-Rate)
section on page 6-9.

Configuration Example for Configuring Two-Rate Three-Color Policing


Example 6-14 shows how to configure two-rate three-color policing for the Premium traffic class in the
policy map named Business. In the example, the committed information rate (CIR) is 512 kbps and the
peak information rate (PIR) is 1 Mbps. Traffic that conforms to the CIR is sent as is. Traffic that exceeds
the CIR, but not the PIR is marked with IP precedence 4. Traffic that exceeds the PIR is dropped. The
burst parameters are set to 10,000 bytes.
Example 6-14 Configuring Two-Rate Three-Color Policing
Router(config)# class-map match-all Premium
Router(config-cmap)# match access-group 106
Router(config-cmap)# exit
Router(config)# policy-map Business
Router(config-pmap)# class Premium
Router(config-pmap-c)# police cir 512000 bc 10000 pir 1000000 be 10000 conform-action
transmit exceed-action set-prec-transmit 4 violate-action drop
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface atm 3/0/0
Router(config-if)# service-policy output Business

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-35

Chapter 6

Policing Traffic

Configuring Traffic Policing

Marking Traffic Using Police Actions


To mark traffic using police actions, enter the following commands beginning in global configuration
mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Specifies the name of the policy map and enters policy-map


configuration mode.
policy-map-name is the name of the policy map.

Step 2

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map. Enters
policy-map class configuration mode.
class-map-name is the name of a previously configured class map
and is the traffic class for which you want to define QoS actions.

Step 3

Router(config-pmap-c)# police {cir cir}


[bc] burst-normal [pir pir]
[be] peak-burst [conform-action action]
[exceed-action action] [violate-action
action]

Configures traffic policing and optionally configures the policing


action for conforming, exceeding, or violating traffic.
action specifies the policing action, such as set-clp-transmit,
set-frde-transmit, set-cos-transmit, or set-cos-inner-transmit.
Valid values for these actions are 0 to 7. For more information
about the actions you can specify, see Table 6-1 on page 6-3.

Configuration Example for Marking Traffic Using Police Actions


Example 6-15 shows how to configure conform, exceed, and violate actions in the police command. In
the example configuration, traffic is policed at 8000 bps with the normal burst size set to 2000 bytes and
the peak burst size set to 1000 bytes. Traffic whose rate is less than the conform burst rate has the CLP
bit set to 1; traffic whose rate is within the conform and conform plus exceed burst rate has the CoS bits
set to 3; and traffic whose rate is higher than the conform plus exceed rate has the CoS bits also set to 3.
Example 6-15 Marking Traffic Using Police Actions
Router(config)# policy-map policy1
Router(config-pmap)# class gold
Router(config-pmap-c)# police 8000 2000 1000 conform-action set-clp-transmit exceed-action
set-cos 3 violate-action set-cos 3

Cisco 10000 Series Router Quality of Service Configuration Guide

6-36

OL-7433-09

Chapter 6

Policing Traffic
Configuring Traffic Policing

Configuring Dual Police Actions


To configure dual police actions for conform, exceed, and violate actions, enter the following commands
beginning in global configuration mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Specifies the name of the policy map and enters policy-map


configuration mode.
policy-map-name is the name of the policy map.

Step 2

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map. Enters
policy-map class configuration mode.
class-map-name is the name of a previously configured class map
and is the traffic class for which you want to define QoS actions.

Step 3

Router(config-pmap-c)# police {cir cir}


[bc] burst-normal [pir pir]
[be] peak-burst conform-action action

Configures traffic policing and specifies the first conform action.


Valid combinations of dual actions are:

set-clp-transmit and set-mpls-exp-imposition-transmit

set-frde-transmit and set-mpls-exp-imposition-transmit

set-cos-transmit and set-cos-inner-transmit

Step 4

Router(config-pmap-c-police)#
conform-action action

Configures the second conform action.

Step 5

Router(config-pmap-c-police)#
exceed-action action

Configures the first exceed action.

Step 6

Router(config-pmap-c-police)#
exceed-action action

Configures the second exceed action.

Step 7

Router(config-pmap-c-police)#
violate-action action

Configures the first violate action.

Step 8

Router(config-pmap-c-police)#
violate-action action

Configures the second violate action.

Configuration Example for Configuring Dual Police Actions


Example 6-16 shows how to configure the dual police actions set-clp-transmit and
set-mpls-exp-imposition-transmit. The example configures set-clp-transmit and set-mpls-exp-transmit
as the conform action and set-clp-transmit and set-mpls-exp-transmit as the exceed and violate actions.
Example 6-16 Configuring Dual Police Actions
Router(config)# policy-map clp
Router(config-pmap)# class class-default
Router(config-pmap-c) police 100000 100 10 conform-action set-clp-transmit
Router(config-pmap-c-police)# conform-action set-mpls-exp-transmit 1
Router(config-pmap-c-police)# exceed-action set-clp-transmit
Router(config-pmap-c-police)# exceed-action set-mpls-exp-transmit 2
Router(config-pmap-c-police)# violate-action set-clp-transmit
Router(config-pmap-c-police)# violate-action set-mpls-exp-transmit 3
Router(config-pmap-c-police)# end
Router#

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-37

Chapter 6

Policing Traffic

Configuration Examples

Configuration Examples
This section provides the following configuration examples:

Configuration Example for Dual Actionsset-clp-transmit and set-mpls-exp-transmit, page 6-38

Configuration Example for Dual Actionsset-frde-transmit and set-mpls-exp-imposition-transmit,


page 6-39

Configuration Example of the set-cos-transmit Police Action, page 6-40

Configuration Example for Dual Actionsset-clp-transmit and


set-mpls-exp-transmit
The following example shows how to configure set-clp-transmit and set-mpls-exp-transmit as the
conform action and set-clp-transmit and set-mpls-exp-transmit as the exceed and violate actions:
policy-map clp
class class-default
police 100000 100 10 conform-action set-clp-transmit
conform-action set-mpls-exp-transmit 1
exceed-action set-clp-transmit
exceed-action set-mpls-exp-transmit 2
violate-action set-clp-transmit
violate-action set-mpls-exp-transmit 3

The following shows sample output from the show policy-map command:
Router# show policy-map clp
Policy Map clp
Class class-default
police 104000 100 10
conform-action set-clp-transmit
conform-action set-mpls-exp-transmit 1
exceed-action set-clp-transmit
exceed-action set-mpls-exp-transmit 2
violate-action set-clp-transmit
violate-action set-mpls-exp-transmit 3

The following shows sample output from the show running-config command beginning at the point
where clp is specified:
Router# show running-config | begin clp
|show running-config begin clp
class class-default
police 104000 100 10
conform-action set-clp-transmit
conform-action set-mpls-exp-transmit 1
exceed-action set-clp-transmit
exceed-action set-mpls-exp-transmit 2
violate-action set-clp-transmit
violate-action set-mpls-exp-transmit 3

If the policy map is attached to an ATM PVC that is configured for Layer 2 VPN, the output from the
show policy-map interface command displays the following information:
Router# show policy-map interface atm4/0/0.1
ATM4/0/0.1: VC 1/100 Service-policy input: clp

Cisco 10000 Series Router Quality of Service Configuration Guide

6-38

OL-7433-09

Chapter 6

Policing Traffic
Configuration Examples

Class-map: class-default (match-any)


0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
0 packets, 0 bytes
5 minute rate 0 bps
Police:
104000 bps, 100 limit, 10 extended limit
conformed 0 packets, 0 bytes; action:
set-clp-transmit
set-mpls-exp-transmit 1
exceeded 0 packets, 0 bytes; action:
set-clp-transmit
set-mpls-exp-transmit 2
violated 0 packets, 0 bytes; action:
set-clp-transmit
set-mpls-exp-transmit 3

Configuration Example for Dual Actionsset-frde-transmit and


set-mpls-exp-imposition-transmit
The following example shows how to configure set-frde-transmit and set-mpls-exp-imposition-transmit
as the conform action and set-frde-transmit and set-mpls-exp-imposition-transmit as the exceed and
violate actions.
policy-map frde
class class-default
police 100000 100 10 conform-action set-frde-transmit
conform-action set-mpls-exp-imposition-transmit 1
exceed-action set-frde-transmit
exceed-action set-mpls-exp-imposition-transmit 2
violate-action set-frde-transmit
violate-action set-mpls-exp-imposition-transmit 3

The following shows sample output from the show policy-map command:
Router# show policy-map frde
Policy Map frde
Class class-default
police 104000 100 10
conform-action set-frde-transmit
conform-action set-mpls-exp-imposition-transmit 1
exceed-action set-frde-transmit
exceed-action set-mpls-exp-imposition-transmit 2
violate-action set-frde-transmit
violate-action set-mpls-exp-imposition-transmit 3

The following shows sample output from the show running-config command:
Router# show running-config | begin frde
|show running-config begin frde
class class-default
police 104000 100 10
conform-action set-frde-transmit
conform-action set-mpls-exp-imposition-transmit 1
exceed-action set-frde-transmit
exceed-action set-mpls-exp-imposition-transmit 2
violate-action set-frde-transmit
violate-action set-mpls-exp-imposition-transmit 3

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-39

Chapter 6

Policing Traffic

Configuration Examples

If the policy map is attached to Frame Relay DLCI 101 that is configured for Layer 2 VPN, the output
from the show policy-map interface command displays the following information:
Router# show policy-map serial4/0/0.1
Serial4/0/0.1: DLCI 101 Service-policy input: frde
Class-map: class-default (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
0 packets, 0 bytes
5 minute rate 0 bps
Police:
104000 bps, 100 limit, 10 extended limit
conformed 0 packets, 0 bytes; action:
set-frde-transmit
set-mpls-exp-imposition-transmit 1
exceeded 0 packets, 0 bytes; action:
set-frde-transmit
set-mpls-exp-imposition-transmit 2
violated 0 packets, 0 bytes; action:
set-frde-transmit
set-mpls-exp-imposition-transmit 3

Configuration Example of the set-cos-transmit Police Action


The following example shows how to configure the set-cos-transmit police action on the PRE2. In the
example, the traffic class group2 is policed at 20000 bps with a normal burst of 100 bytes. Traffic that
conforms to the rate is transmitted; traffic that exceeds the rate has the CoS bits set to 3; and traffic that
violates the rate has the CoS bits set to 4.
policy-map police
class group2
police 20000 100 0 conform-action transmit exceed-action set-cos-transmit 3
violate-action set-cos-transmit 4

The following example shows sample output from the show running-config command for a 2-level
hierarchical policy that is configured with the set-cos-transmit action on the PRE2:
policy-map in-parent
class class-default
police percent 85 1000 ms 2000 ms conform-action transmit exceed-action drop
violate-action drop
service-policy in-child
policy-map in-child
class c0
priority
police 1000000 20000 30000 conform-action set-cos-transmit
set-cos-transmit 0 violate-action set-cos-transmit 0
class c1
police 1000000 20000 30000 conform-action set-cos-transmit
set-cos-transmit 1 violate-action set-cos-transmit 1
class c2
police 1000000 20000 30000 conform-action set-cos-transmit
set-cos-transmit 2 violate-action set-cos-transmit 2
class c3
police 1000000 20000 30000 conform-action set-cos-transmit
set-cos-transmit 3 violate-action set-cos-transmit 3

0 exceed-action

1 exceed-action

2 exceed-action

3 exceed-action

Cisco 10000 Series Router Quality of Service Configuration Guide

6-40

OL-7433-09

Chapter 6

Policing Traffic
Verifying and Monitoring Traffic Policing

class c4
police 1000000 20000 30000 conform-action set-cos-transmit 4 exceed-action
set-cos-transmit 4 violate-action set-cos-transmit 4
class class-default
police 1000000 20000 30000 conform-action set-cos-transmit 5 exceed-action
set-cos-transmit 5 violate-action set-cos-transmit 5

On the PRE3, output from the show running-config command is the same as the above sample output,
except that the priority command configured in class c0 displays as priority level level-number.
On the PRE2 and PRE3, the show policy-map interface commands displays the set-cos-transmit action
and corresponding value when configured as a police action in a policy map.

Verifying and Monitoring Traffic Policing


The Cisco 10000 series router collects information about the number of conforming, exceeding, and
violating packets and bytes.
To verify and monitor traffic policing, enter any of the following commands in privileged EXEC mode:
Command

Purpose

Router# show policy-map

Displays statistical and configuration information about all of the


configured policy maps.

Router# show policy-map policy-map-name

Displays statistical and configuration information about the


policy map you specify.

Router# show policy-map interface interface

Displays statistical and configuration information about all of the


input and output policy maps attached to the interface you
specify.
For Cisco IOS Release 12.2(33)SB and later releases, if the
policy map attached to an interface has the police command
configured in it, the output from the show policy-map interface
command displays the police actions in a new line.

Verification Examples for Traffic Policing


This section provides the following verification examples:

Verifying Policing for a Specific Traffic Class, page 6-42

Verifying Policing on a Specific Interface, page 6-42

Verifying Dual Police Actionsset-clp-transmit and set-mpls-exp-transmit, page 6-43

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-41

Chapter 6

Policing Traffic

Verifying and Monitoring Traffic Policing

Verifying Policing for a Specific Traffic Class


The following example shows how to verify policing for a specific traffic class in a policy map. In this
example, the Bronze class in the Child policy map is policed at 30 percent of the available bandwidth.
The committed burst is 6 ms and the excess burst is 4 ms.
Router# show policy-map Child class Bronze
Class Bronze
police percent 30 6 ms 4 ms conform-action transmit exceed-action drop
set dscp 3

Verifying Policing on a Specific Interface


The following example uses the show policy-map interface command to verify traffic policing on the
ATM 3/0/0.3 subinterface. The QoS policy attached to PVC 5/101 on ATM subinterface 3/0/0.3 is a
hierarchical policy that consists of a Parent policy and a Child policy. The Bronze class is policed at
600,000 bps and the Gold class is policed at 8000 bps.
Router# show policy-map interface atm 3/0/0.3
ATM3/0/0.3: VC 5/101 Service-policy output: Parent
Class-map: class-default (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
Output queue: 0/64; 0/0 packets/bytes output, 0/0 drops
Shape : 2000 kbps
Service-policy : Child
Class-map: Bronze (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: ip precedence 3 5
Police:
600000 bps, 1536 limit, 1000 extended limit
conformed 0 packets, 0 bytes; action: transmit
exceeded 0 packets, 0 bytes; action: set-prec-transmit 2
violated 0 packets, 0 bytes; action: drop
Class-map: Gold (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: ip precedence 2
Police:
8000 bps, 2000 limit, 4000 extended limit
conformed 0 packets, 0 bytes; action: transmit
exceeded 0 packets, 0 bytes; action: set-qos-transmit 4
violated 0 packets, 0 bytes; action: drop
Class-map: class-default (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
Output queue: 0/64; 0/0 packets/bytes output, 0/0 drops

Cisco 10000 Series Router Quality of Service Configuration Guide

6-42

OL-7433-09

Chapter 6

Policing Traffic
Related Documentation

Verifying Dual Police Actionsset-clp-transmit and set-mpls-exp-transmit


The following shows sample output from the show policy-map command on the PRE3 and PRE4. In the
example, the class-default class is configured for dual police actions: set-clp-transmit and
set-mpls-exp-transmit.
Router# show policy-map clp
Policy Map clp
Class class-default
police 104000 100 10
conform-action set-clp-transmit
conform-action set-mpls-exp-transmit 1
exceed-action set-clp-transmit
exceed-action set-mpls-exp-transmit 2
violate-action set-clp-transmit
violate-action set-mpls-exp-transmit 3

Related Documentation
This section provides hyperlinks to additional Cisco documentation for the features discussed in this
chapter. To display the documentation, click the document title or a section of the document highlighted
in blue. When appropriate, paths to applicable sections are listed below the documentation title.
Feature

Related Documentation

Control Plane Policing

Control Plane Policing feature module, Release 12.2(31)SB2

DiffServ

Cisco IOS Quality of Service Solutions Configuration Guide,


Release 12.3
Part 7: Quality of Service Solutions > Implementing DiffServ
for End-to-End Quality of Service Overview

Policing

Comparing Traffic Policing and Traffic Shaping for Bandwidth


Limiting
Cisco IOS Quality of Service Solutions Configuration Guide,
Release 12.2
Quality of Service Overview > Policing and Shaping

Single-rate policer

RFC 2697, A Single Rate Three Color Marker


Cisco IOS Quality of Service Solutions Configuration Guide,
Release 12.2
Part 4: Policing and Shaping > Policing and Shaping Overview

Three-color marker for traffic policing (single-rate)

Release Notes for the Cisco 10000 Series ESR for Cisco IOS
Release 12.0(23)SX
New Features in Cisco IOS Release 12.0(23)SX > Single-Rate
3-Color Marker for Traffic Policing
RFC 2697, A Single Rate Three Color Marker

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

6-43

Chapter 6

Policing Traffic

Related Documentation

Feature

Related Documentation

Token bucket

Cisco IOS Quality of Service Solutions Configuration Guide,


Release 12.2
Part 4: Policing and Shaping > Policing and Shaping Overview
> What Is a Token Bucket?

Two-rate policer three-color marker

RFC 2698, A Two Rate Three Color Marker


Two-Rate Policer, Release 12.2(4)T3 feature module

Cisco 10000 Series Router Quality of Service Configuration Guide

6-44

OL-7433-09

CH A P T E R

Marking Traffic
To service the growing numbers of customers and their needs, service provider networks have become
more complex and often include both Layer 2 and Layer 3 network devices. With this continued growth,
service providers must quickly identify the packets streaming across the network and apply the
appropriate service behavior before sending them to their destinations.
A differentiated service (DiffServ) model enables you to classify packets based on traffic classes. In this
model, traffic marking allows you to partition your network into multiple priority levels or classes of
service. By marking traffic, other network devices along the forwarding path can quickly determine the
proper class of service (CoS) to apply to a traffic flow.
An important aspect of DiffServ is that the markings must be consistently interpreted from end-to-end.
All devices in the network path must understand the per-hop behavior to apply to a specific class of
traffic. If one of the routers in the path does not act appropriately, the overall service for a particular
packet might not be as desired.
This chapter describes the marking capabilities of the Cisco 10000 series router. It includes the following
topics:

QoS Packet Marking, page 7-2

IP Precedence Marking, page 7-4

IP Differentiated Services Code Point Marking, page 7-6

Class of Service Marking, page 7-10

QoS Group Marking, page 7-13

ATM Cell Loss Priority Marking, page 7-14

MPLS Experimental Marking, page 7-14

Discard-Class Marking, page 7-16

Class-Based Frame Relay DE Bit Marking, page 7-17

Marking and Policing Traffic, page 7-18

Tunnel Header Marking, page 7-18

Restrictions and Limitations for Marking, page 7-19

Restrictions and Limitations for Marking, page 7-19

Interfaces Supporting Marking, page 7-20

Classification and Marking Design Guidelines, page 7-21

Recommended Values for Traffic Marking, page 7-21

Configuring Traffic Marking, page 7-22

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-1

Chapter 7

Marking Traffic

QoS Packet Marking

Verifying Traffic Marking, page 7-37

Related Documentation, page 7-39

QoS Packet Marking


QoS packet marking is a QoS tool used to differentiate packets based on designated markings. Using
marking, you can partition your network into multiple priority levels or classes of service. Marking
simplifies the network Qos design and QoS tools configuration, and reduces the overhead of packet
classification by other QoS tools.
You can configure QoS packet marking on a main interface, subinterface, or an individual virtual
circuit (VC). Traffic marking involves setting bits inside frame, packet, or cell header fields that are
specifically designed for QoS marking. Other devices can examine the marked bits and classify traffic
based on the marked values.
Table 7-1 summarizes the mechanisms you can use to mark packets. The internal mechanisms affect only
the Cisco 10000 series routers behavior; internal marks are not passed on to other routers.
Table 7-1

Traffic Marking Actions

Action

Description

Layer

Section Reference

atm-clp

Sets the ATM cell loss priority 2


(CLP) bit to 1.

ATM Cell Loss Priority


Marking, page 7-14

cos

Sets the IEEE 802.1Q class of 2


service bits in the user priority
field.

Class of Service Marking,


page 7-10

discard-class

Marks a packet with the


discard-class value that you
specify, which indicates the
drop eligibility of a packet.

Internal

Discard-Class Marking,
page 7-16

dscp

Marks a packet with the


differentiated services code
point (DSCP) you specify.

IP Differentiated Services
Code Point Marking,
page 7-6

mpls experimental
imposition

Sets the value of the MPLS


experimental (EXP) field on
all imposed label entries.

MPLS Experimental
Marking, page 7-14

ip precedence

Marks a packet with the IP


precedence level you specify.

IP Precedence Marking,
page 7-4

qos-group

Marks a packet with the QoS


group identifier you specify.

Internal

QoS Group Marking,


page 7-13

Cisco 10000 Series Router Quality of Service Configuration Guide

7-2

OL-7433-09

Chapter 7

Marking Traffic
QoS Packet Marking

Feature History for QoS Packet Marking


Cisco IOS Release

Description

Required PRE

Release 12.0(17)SL

The marking feature was introduced on the router.

PRE1

Release 12.0(22)S

This feature was enhanced to support MPLS experimental PRE1


marking.

Release 12.2(16)BX

This feature was introduced on the PRE2 and enhanced to PRE2


support 802.1Q class of service marking.

Release 12.3(7)XI1

This feature was enhanced on the PRE2 to support MPLS PRE2


experimental marking on all imposed label entries and
discard-class marking.

Release 12.2(28)SB

This feature was integrated in Cisco IOS


Release 12.2(28)SB for the PRE2.

Release 12.2(31)SB2

This feature was introduced on the PRE3 for class of


PRE3
service marking. Enhancements to the modular QoS CLI
allow you to mark the IP DSCP bits of traffic on the L2TP
access concentrator (LAC). The Class-Based Frame Relay
DE Bit Marking and Tunnel Header Marking features were
also introduced on the PRE3.

Release 12.2(33)SB

This feature was enhanced to support Class-Based Frame


Relay DE Bit Marking on the PRE4.

PRE2

PRE3, PRE4

Benefits of QoS Packet Marking


Network Partitioning and Categorizing

Packet marking allows you to partition your network into multiple priority levels or classes of service.
Layer 2 to Layer 3 Mapping

If a packet that needs to be marked to differentiate user-defined QoS services is leaving the router and
entering a switch, the router can set the class of service (CoS) value of the packet because the switch can
process the Layer 2 CoS header marking.
Weighted Random Early Detection Configuration

Weighted random early detection (WRED) uses IP precedence values or IP DSCP values to determine
the drop probability of a packet. Therefore, you can use the IP precedence and IP DSCP markings with
the WRED feature.
Improved Bandwidth Management in ATM Networks

The ability to set the ATM CLP bit allows you to extend your IP QoS policies into an ATM network. As
congestion occurs in the ATM network, cells with the CLP bit set are more likely to be dropped, resulting
in improved network performance for higher priority traffic and applications.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-3

Chapter 7

Marking Traffic

IP Precedence Marking

IP Precedence Marking
You can mark the importance of a packet by using the IP precedence marking mechanism. IP precedence
marking helps to do the following:

Manage congestionIP precedence field is used to determine how to schedule packets.

Avoid congestionIP precedence field is used to determine how to handle packets when
packet-dropping mechanisms, such as weighted random early detection (WRED), are configured.

Police trafficNetworking devices within the network can use IP precedence values to determine
how to handle inbound traffic based on the transmission rate.

Layer 2 media often changes as packets traverse from source to destination. A more ubiquitous marking
can occur at Layer 3, using the IP type of service (ToS) byte. The ToS byte is the second byte in an IPv4
packet. The first three bits of the ToS byte are the IP precedence bits, which enable you to set eight IP
precedence markings (0 through 7).
Table 7-2 lists the 8 different IP precedence markings defined in RFC 791. Notice that IP precedence 6
and 7 are used for network control. Do not use IP precedence 6 or 7 to mark packets, unless you are
marking control packets.
Table 7-2

IP Precedence Values

Precedence Value

Precedence Name

Binary Value

Recommended Use

Routine

000

Default marking value

Priority

001

Data applications

Immediate

010

Flash

011

Call signaling

Flash Override

100

Video conferencing and


streaming video

Critic

101

Voice

Internetwork Control

110

Network Control

111

Network control traffic (such


as routing, which is typically
precedence 6)

You can configure a QoS policy to include IP precedence marking for packets entering the network.
Devices within your network can then use the newly marked IP precedence values to determine how to
treat the packets. For example, class-based weighted random early detection (WRED) uses IP
precedence values to determine the probability that a packet is dropped. You can also mark voice packets
with a particular precedence. You can then configure low-latency queuing (LLQ) to place all packets of
that precedence into the priority queue.

IP Precedence-Based Weighted Random Early Detection


When you configure IP precedence-based weighted random early detection (WRED) on an output policy
map and the outgoing packets are MPLS packets, the router drops the MPLS packets based on the three
experimental (EXP) bits in the MPLS label, instead of using the 3-bit IP precedence field in the
underlying IP packets.

Cisco 10000 Series Router Quality of Service Configuration Guide

7-4

OL-7433-09

Chapter 7

Marking Traffic
IP Precedence Marking

set ip precedence Command


To set the precedence value in a packet header, use the set ip precedence command in policy-map class
configuration mode. To remove the precedence value, use the no form of this command. By default, this
command is disabled.
set ip precedence prec-value
no set ip precedence prec-value

Syntax Description
ip

Specifies that the match is for IPv4 packets only. You must specify this
keyword.

precedence prec-value

Sets the precedence value. Valid values are from 0 to 7.

set ip precedence Command History


Cisco IOS Release

Description

Release 12.0(17)SL

The set ip precedence command was introduced on the PRE1.

Release 12.2(16)BX

This command was introduced on the PRE2.

Release 12.2(28)SB

This command was integrated in Cisco IOS Release 12.2(28)SB for the
PRE2.

Release 12.2(31)SB2

This command was introduced on the PRE3.

Release 12.2(33)SB

This command was introduced on the PRE4.

Usage Guidelines for the set ip precedence Command


Bit Settings

After the precedence bits are set, other quality of service (QoS) features such as weighted fair queuing
(WFQ) and weighted random early detection (WRED) can then operate on the bit settings.
Precedence Value

The network can give priority (or some type of expedited handling) to marked traffic through the
application of weighted fair queuing (WFQ) or weighted random early detection (WRED) at points
downstream in the network. Typically, you set the precedence value at the edge of the network (or
administrative domain); data then is queued according to the specified precedence. WFQ can speed up
handling for certain precedence traffic at congestion points. WRED can ensure that certain precedence
traffic has lower loss rates than other traffic during times of congestion.
In Cisco IOS Release 12.3(7)XI, the router accepts the set precedence command without specifying the
ip keyword. However, you must specify the set ip precedence command to set the precedence value in
a packet header.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-5

Chapter 7

Marking Traffic

IP Differentiated Services Code Point Marking

IP Differentiated Services Code Point Marking


IP precedence marking might seem too restrictive and limiting because only eight classes are available
for marking. You might choose instead to use the IP differentiated services code point (DSCP) marking
model, which offers up to 64 different values (0 through 63).
The differentiated services (DiffServ) functionality of the Cisco IOS software is fully compliant with the
Internet Engineering Task Force (IETF) standards defined in the following request for comments (RFCs)
documents:

RFC-2474

RFC-2475

RFC-2597

RFC-2598

The router leverages the IETF definition of the IPv4 1-byte type of service (ToS) field in the IP packet
header by using the six most significant bits of this field (the DSCP bits) to classify traffic into any of
the 64 possible classes. After the router classifies packets, you can use the modular QoS CLI to
implement IETF-defined per-hop behaviors (PHBs), including assured forwarding (AF) and expedited
forwarding (EF).
The router also uses bits in the ToS field to prioritize packets using an IP precedence value. Because the
IP precedence value is actually part of the DSCP value, you cannot simultaneously set both the IP
precedence and DSCP values. If you attempt to, an error message displays.
Figure 7-1 shows the DSCP bits in the ToS field.
Figure 7-1

VER

DSCP Bits in the IP ToS Byte

HL

TOS

LEN

ID

FLAG

OFFSET

TTL

PROTO

CS

SIP

DIP

DSCP

87065

7 6 5 4 3 2 1 0 1-Byte TOS

DSCP Per-Hop Behavior


You can enter DSCP values as numeric values or as special keyword names called per-hop behaviors
(PHBs). For example, DSCP EF is the same as DSCP 46 and DSCP AF31 is the same as DSCP 26.
The router supports the following classes of DSCP PHBs:

Best effort (BE)DSCP 0

Assured forwarding (AF)AF classes 1 through 4

Expedited forwarding (EF)DSCP 46

Class selector code pointsCS1 through CS7

Cisco 10000 Series Router Quality of Service Configuration Guide

7-6

OL-7433-09

Chapter 7

Marking Traffic
IP Differentiated Services Code Point Marking

Again, vendor-specific mechanisms need to be configured to implement these PHBs. For more
information about EF PHB, see RFC-2598. To implement the PHBs, you must configure vendor-specific
mechanisms. For more information, see the appropriate RFC as indicated in Table 7-4 on page 7-8.

Assured Forwarding
There are four assured forwarding (AF) classes, AF1x through AF4x. The first number corresponds to
the AF class and the second number (x) refers to the level of drop preference within each AF class. There
are three drop probabilities, ranging from 1 (low drop) through 3 (high drop). Depending on a network
policy, packets can be selected for a PHB based on required throughput, delay, jitter, loss, or according
to the priority of access to network services. AF allows for a committed information rate between
multiple classes in a network according to desired policies.
Table 7-3 provides the DSCP coding and drop probability for AF classes 1 through 4. Bits 0, 1, and 2
define the class; bits 3 and 4 specify the drop probability; bit 5 is always 0.
Table 7-3

Assured Forwarding DSCP Code Points

Drop Probability

Class 1

Class 2

Class 3

Class4

Low Drop

001010

010010

011010

100010

AF11

AF21

AF31

AF41

DSCP 10

DSCP 18

DSCP 26

DSCP 34

001100

010100

011100

100100

AF12

AF 22

AF32

AF42

DSCP 12

DSCP 20

DSCP 28

DSCP 36

001110

010110

011110

100110

AF13

AF23

AF33

AF43

DSCP 14

DSCP 22

DSCP 30

DSCP 38

Medium Drop

High Drop

Expedited Forwarding
The expedited forwarding (EF) PHB is used to build a low-loss, low-latency, low-jitter, assured
bandwidth, end-to-end service through differentiated services (DiffServ) domains. This PHB appears to
the endpoints like a point-to-point connection or a virtual leased line. EF PHB, also referred to as a
premium service, is suitable for applications such as Voice over IP (VoIP).
The recommended code point for the EF PHB is 101110.

Class Selector Code Points


The router also supports class selector (CS) code points, which is a way of marking the six DSCP bits
so that the code points are identical to IP precedence values. These code points can be used with systems
that only support the IP precedence. The CS code points have the form xyz000, where x, y, and z represent
a 1 or 0.
For more information, see the appropriate RFC as indicated in Table 7-4 on page 7-8.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-7

Chapter 7

Marking Traffic

IP Differentiated Services Code Point Marking

DSCP Values
The following differentiated services (DiffServ) RFCs define DSCP values:

RFC-2474, Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers

RFC-2475, An Architecture for Differentiated Services

RFC-2597, Assured Forwarding PHB Group

RFC-2598, An Expedited Forwarding PHB

The RFCs do not dictate the way to implement PHBs; this is the responsibility of the vendor. Cisco
implements queuing techniques that can base their PHB on the IP precedence or DSCP value in the IP
header of a packet. Based on DSCP or IP precedence, traffic can be put into a particular service class.
Packets within a service class are treated the same way.
Table 7-4 lists only the DSCP values suggested by the DiffServ RFCs.
Table 7-4

DSCP Values

DSCP Value

DSCP Name

Binary Value

Defined in RFC

Best Effort or Default

000000

2475

CS1

001000

16

CS2

010000

24

CS3

011000

32

CS4

100000

40

CS5

101000

48

CS6

110000

56

CS7

111000

10

AF11

001010

12

AF12

001100

14

AF13

001110

18

AF21

010010

20

AF22

010100

22

AF23

010110

26

AF31

011010

28

AF32

011100

30

AF33

011110

34

AF41

100010

36

AF42

100100

38

AF43

100110

46

EF

101110

2597

2598

Cisco 10000 Series Router Quality of Service Configuration Guide

7-8

OL-7433-09

Chapter 7

Marking Traffic
IP Differentiated Services Code Point Marking

You can configure a QoS policy to include an IP DSCP marking for packets entering the network.
Devices within your network can then use the newly marked IP DSCP values to determine how to treat
the packets. For example, class-based weighted random early detection (WRED) uses IP DSCP values
to determine the probability that a packet is dropped. You can also mark voice packets with a particular
DSCP value. You can then configure low-latency queuing (LLQ) to place all packets of that DSCP value
into the priority queue.

DSCP-Based Weighted Random Early Detection


When you configure DSCP-based weighted random early detection (WRED) on an output policy map
and the outgoing packets are MPLS packets, the router drops the MPLS packets based on the three
experimental (EXP) bits in the MPLS label, instead of using the 6-bit DSCP field in the underlying IP
packets. The router shifts the three EXP bits to the left to make it six bits. For example, if the value of
the EXP bits is 5 (binary 101), the router left-shifts the bits to make them binary 101000, thus making it
look like a 6-bit DSCP field. The router drops packets based on the shifted binary value.

set ip dscp Command


To mark a packet by setting the differentiated services code point (DSCP) value in the type of
service (ToS) byte, use the set ip dscp command in policy-map class configuration mode. To remove a
previously set DSCP value, use the no form of this command. By default, no packets are marked.
set ip dscp {dscp-value | afxy | csx | ef | default}
no set ip dscp {dscp-value | afxy | csx | ef | default}

Syntax Description
ip

Specifies that the match is for IPv4 packets only. You must specify this
keyword.

dscp dscp-value

Sets the DSCP value. Valid values are from 0 to 63.


Instead of specifying a numeric dscp-value, you can specify one of the
following reserved keywords:

afxy indicates assured forwarding.

csx indicates class selector code points that are backward-compatible


with IP precedence. These code points (CS1 through CS7) are identical
to IP precedence values 1 through 7.

ef indicates expedited forwarding.

default indicates best effort or DSCP 0.

For more information, see Table 7-4 on page 7-8.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-9

Chapter 7

Marking Traffic

Class of Service Marking

set ip dscp Command History


Cisco IOS Release

Description

Release 12.0(17)SL

This command was introduced on the PRE1.

Release 12.2(16)BX

This command was introduced on the PRE2.

Release 12.2(28)SB

This command was integrated in Cisco IOS Release 12.2(28)SB for the
PRE2.

Release 12.2(31)SB2

This command was introduced on the PRE3 to allow you to mark the IP
DSCP bits of traffic on the L2TP access concentrator (LAC).

Release 12.2(33)SB

This command was introduced on the PRE4.

Usage Guidelines for the set ip dscp Command

After the DSCP bit is set, other quality of service (QoS) features can then operate on the bit settings.

You cannot use the set ip dscp command with the set ip precedence command to mark the same
packet. DSCP and precedence values are mutually exclusive. A packet can have one value or the
other, but not both.

The network can give priority (or some type of expedited handling) to marked traffic. Typically, you
set the precedence value at the edge of the network (or administrative domain); data is then queued
according to the precedence. Weighted fair queuing (WFQ) can speed up handling for
high-precedence traffic at congestion points. Weighted random early detection (WRED) can ensure
that high-precedence traffic has lower loss rates than other traffic during times of congestion.

In Cisco IOS Release 12.3(7)XI, the router accepts the set dscp command without specifying the
ip keyword. However, you must specify the set ip dscp command to set the DSCP value in a packet
header. The ip keyword is required.

Class of Service Marking


Class of service (CoS) marking enables the Cisco 10000 series router to interoperate with switches to
deliver end-to-end QoS. The IEEE 802.1p standard enables the router to:

Classify inbound Ethernet packets based on the value in the CoS field

Set the value in the CoS field of outbound packets

For Layer 2 devices, you can assign priority-indexed IEEE 802.1p CoS values to Ethernet frames.
Layer 2 IEEE 802.1Q frame headers have a 2-byte Tag Control Information field in the 802.1p portion
of the header. The three most-significant bits of this field (the User Priority bits) make up the Layer 2
CoS field. This 3-bit field allows you to mark eight classes of service (0 through 7) on Layer 2 Ethernet
frames. Other QoS tools can then use the CoS marking to classify traffic. For IEEE 802.1Q, the User
Priority bits are set to zero (0) in the Ethernet header.
Figure 7-2 shows the PRI field containing the 3-bit User Priority field.

Cisco 10000 Series Router Quality of Service Configuration Guide

7-10

OL-7433-09

Chapter 7

Marking Traffic
Class of Service Marking

Figure 7-2

User Priority Bits in the IEEE 802.1p Header

4 bytes

DA

SA

EtherType/Tag header

EtherType = 0x8100 PRI

CFI

LEN/TYPE

DATA PAD FCS

VLAN ID
87064

PRE

COS

For CoS-based QoS, the Cisco 10000 series router uses the IP precedence bits in the IP header to give
preference to higher-priority traffic. Layer 3 IP headers have a 1-byte Type of Service (ToS) field. The
router uses the six most significant bits of this field (the differentiated services code point (DSCP) bits)
to prioritize traffic. Figure 5-3 shows the DSCP bits in the TOS field.
Figure 7-3

VER

DSCP Bits in the IP ToS Byte

HL

TOS

LEN

ID

FLAG

OFFSET

TTL

PROTO

CS

SIP

DIP

DSCP

87065

7 6 5 4 3 2 1 0 1-Byte TOS

The router uses the CoS value to determine how to prioritize packets for transmission and can also use
CoS marking to perform Layer 2 to Layer 3 mapping. Using the CoS field, you can differentiate
user-defined QoS services for packets leaving a router and entering a switch. Switches already have the
ability to match and set CoS values; therefore, a router can set the CoS value of a packet to enable
Layer 2 to Layer 3 mapping. The switch can then process the Layer 2 CoS header marking.
To allow the Cisco 10000 series router to interoperate with Layer 2 devices, CoS-based QoS on the router
allows the 802.1p User Priority bits to be mapped to the IP DSCP bits for packets received on inbound
interfaces. The DSCP bits are mapped to the User Priority bits for packets forwarded from outbound
interfaces.
In the inbound direction, you can configure the router to match on the CoS bits and then perform an
action (such as setting the IP precedence or DSCP bits). By default, the router ignores the CoS field of
inbound packets.
In the outbound direction, you can configure the router to set the CoS bits of outbound packets to a value
that you specify. If you do not do this, by default, the router ignores the CoS field and leaves it set to a
default value.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-11

Chapter 7

Marking Traffic

Class of Service Marking

QinQ Class of Service Marking


For EXP-to-CoS mapping in QinQ configurations, the parallel express forwarding (PXF) engine marks
both the inner and outer CoS bits.
For CoS-to-EXP mapping in QinQ configurations, the PXF engine looks at the CoS bits in the outer
dot1q header to determine how to mark the EXP bits.

set cos Command


To set the Layer 2 class of service (CoS) value of an outgoing packet, use the set cos command in
policy-map class configuration mode. To remove a specific CoS value setting, use the no form of this
command. By default, this command is disabled.
set cos cos-value
no set cos cos-value

Syntax Description
cos-value

Is a specific IEEE 802.1Q CoS value from 0 to 7.

set cos Command History


Cisco IOS Release

Description

Release 12.0(16)BX

This command was introduced on the PRE2 only.

Release 12.2(28)SB

This command was integrated in Cisco IOS Release 12.2(28)SB for the
PRE2.

Release 12.2(31)SB2

This command was integrated in Cisco IOS Release 12.2(31)SB2 for the
PRE3.

Release 12.2(33)SB

This command was introduced on the PRE4.

Usage Guidelines for the set cos Command


The set cos command allows switches and routers to interoperate. By configuring the router to match
packets based on the CoS value (using the match cos command) and to set CoS values, you can configure
Layer 2 to Layer 3 mapping. If a packet that needs to be marked to differentiate user-defined QoS
services is leaving a router and entering a switch, the router can set the CoS value of the packet because
the switch can process the Layer 2 header.
Use the set cos command only in service policies that are attached in the output direction of an interface;
packets entering an interface cannot be set with a CoS value. You can configure a CoS value on an
Ethernet interface that is configured for 802.1Q or on a virtual access interface that is using an 802.1Q
interface.

Cisco 10000 Series Router Quality of Service Configuration Guide

7-12

OL-7433-09

Chapter 7

Marking Traffic
QoS Group Marking

QoS Group Marking


You can use QoS group marking to assign packets to a QoS group. The QoS group field is an internal
marking that exists only within the router. You can set this field as packets pass through the fabric of the
router. The router uses the group ID marking to determine how to prioritize packets for transmission.
QoS groups are used as part of QoS policy propagation through the Border Gateway Protocol (QPPB)
and are useful in configurations that support MPLS QoS tunneling modes: short pipe, long pipe, and
uniform pipe.
You can set up to 100 different QoS group markings.

set qos-group Command


To set a quality of service (QoS) group identifier (ID) that can be used later to classify packets, use the
set qos-group command in policy-map class configuration mode. To remove the group ID, use the no
form of this command. By default, this command is disabled; no group ID is specified.
set qos-group group-id
no set qos-group group-id

Syntax Description
group-id

Is the group identifier. Valid values are from 0 to 99.

set qos-group Command History


Cisco IOS Release

Description

Release 12.0(17)SL

This command was introduced on the PRE1.

Release 12.2(16)BX

This command was introduced on the PRE2.

Release 12.2(28)SB

This command was integrated in Cisco IOS Release 12.2(28)SB for the
PRE2.

Usage Guidelines for the set qos-group Command


The set qos-group command allows you to associate a group ID with a packet. The group ID can be used
later to classify packets into QoS groups as part of QoS policy propagation through the Border Gateway
Protocol (QPPB). QoS groups are also useful in configurations supporting MPLS QoS tunneling modes:
short pipe, long pipe, and uniform pipe.
A QoS group and discard class are required when the input per-hop behavior (PHB) marking is used for
classifying packets on the output interface

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-13

Chapter 7

Marking Traffic

ATM Cell Loss Priority Marking

ATM Cell Loss Priority Marking


You can change the cell loss priority (CLP) bit setting in an ATM header of a cell to control the
discarding of cells in congested ATM environments. As congestion occurs in the ATM network, the ATM
network switch can discard cells with the CLP bit set to 1 (discard) before discarding cells with a CLP
bit setting of 0.
You can set ATM CLP marking only on outbound packets. The Cisco 10000 series router does not
support CLP bit matching.

set atm-clp Command


To set the cell loss priority (CLP) bit to 1, use the set atm-clp command in policy-map class
configuration mode. To change the CLP bit setting back to 0, use the no form of the command. By
default, the CLP bit automatically sets to 0 when the router sends packets as ATM cells.
set atm-clp
no set atm-clp

set atm-clp Command History


Cisco IOS Release

Description

Release 12.0(17)SL

This command was introduced on the PRE1.

Release 12.2(28)SB

This command was integrated in Cisco IOS Release 12.2(28)SB for the
PRE2.

Release 12.2(31)SB2

This command was introduced on the PRE3.

Release 12.2(33)SB

This command was introduced on the PRE4.

Usage Guidelines for the set atm-clp Command


You can attach a policy map containing the set atm-clp command only as an output policy. The
set atm-clp command does not support packets that originate from the router.
To disable this command, remove the service policy from the interface by using the no service-policy
command.
The router discards packets with the CLP bit set to 1 before it discards packets with the CLP bit set to 0.

MPLS Experimental Marking


The Multiprotocol Layer Switching (MPLS) experimental (EXP) field is a 3-bit field within the MPLS
label that is used in QoS marking. By default, the IP precedence field in the underlying IP packet is
copied to the MPLS EXP field during label imposition. Using the MPLS EXP field does not modify the
DSCP or IP precedence markings in the packet IP header.
The MPLS EXP field allows up to eight different QoS markings that correspond to the eight possible IP
precedence values. For more information, see Table 7-2 on page 7-4.

Cisco 10000 Series Router Quality of Service Configuration Guide

7-14

OL-7433-09

Chapter 7

Marking Traffic
MPLS Experimental Marking

The value of the EXP bits determines the per-hop behavior (PHB) for MPLS nodes and is also used as
transparency mechanisms when used with MPLS DiffServ tunneling modes such as pipe and uniform
modes. IP marking does not modify an MPLS packet carrying IP data. You must configure MPLS
marking on an input interface. MPLS marking takes effect only during label imposition. You can
combine marking and policing to change the DSCP and MPLS EXP values of an IP packet during MPLS
label imposition.
A provider edge (PE) router at the edge of the MPLS network can be configured to map the DSCP or IP
precedence field to the MPLS EXP field. The router uses the value of the EXP field as the basis for IP
QoS. As a result, MPLS routers can perform QoS features indirectly, based on the original IP precedence
field inside the MPLS-encapsulated IP packet. The IP packet does not need to be opened to examine the
IP precedence field. When a packet leaves the MPLS network, IP QoS is still based on the DSCP or IP
precedence value in the IP header.

QinQ MPLS Experimental Marking


For CoS-to-EXP mapping in QinQ configurations, the parallel express forwarding (PXF) engine looks
at the CoS bits in the outer dot1q header to determine how to mark the EXP bits.
For EXP-to-CoS mapping in QinQ configurations, the PXF marks both the inner and outer CoS bits.

set mpls experimental imposition Command


To set the value of the Multiprotocol Label Switching (MPLS) experimental (EXP) field on all imposed
label entries, use the set mpls experimental imposition command in policy-map class configuration
mode. To disable the setting, use the no form of the command. By default, no MPLS EXP value is set.
set mpls experimental imposition mpls-exp-value
no set mpls experimental imposition mpls-exp-value

Syntax Description
mpls-exp-value

Specifies the value used to set the MPLS EXP bits. Valid values are from 0
to 7.

set mpls experimental imposition Command History


Cisco IOS Release

Description

Release 12.0(22)S

The set mpls experimental command was introduced on the PRE1.

Release 12.3(7)XI1

The set mpls experimental imposition command was introduced on the


PRE2.

Release 12.2(28)SB

This command was integrated in Cisco IOS Release 12.2(28)SB for the
PRE2.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-15

Chapter 7

Marking Traffic

Discard-Class Marking

Note

Cisco IOS software replaced the set mpls experimental command with the set mpls experimental
imposition command. However, the Cisco 10000 series router continues to use the set mpls
experimental command for PRE1. For PRE2, the command is set mpls experimental imposition.

Usage Guidelines for the set mpls experimental imposition Command


The set mpls experimental imposition command is supported only on input interfaces. Use this
command during label imposition. This command sets the MPLS EXP field on all imposed label entries.
You can use the set mpls experimental imposition command on the input interface of a provider edge
(PE) router connected to a customer edge (CE) router. In MPLS QoS differentiated services (DiffServ)
tunneling modes, you can also use this command on the input interfaces of CE routers in pipe mode.

Note

The Cisco 10000 series router does not support the set mpls experimental topmost command.

Discard-Class Marking
The discard-class is a 3-bit field that is used to set the per-hop behavior (PHB) for dropping traffic. The
discard-class indicates the drop portion of the PHB. You can set the discard-class on the input interface
to use as a matching criterion and to affect how packets are dropped on the output interface. You can use
the discard-class with weighted random early detection (WRED) on the output interface to classify
packets and determine packet drop probability. You can set up to eight discard-class values (0 through 7).

set discard-class Command


To mark a packet with a discard-class value or to drop a specific traffic type during congestion, use the
set discard-class command in policy-map class configuration mode. To remove a discard-class value or
to disable the discard-class value, use the no form of the command. By default, the discard-value is zero.
set discard-class value
no set discard-class value

Syntax Description
value

Is the priority of a type of traffic. Valid values are from 0 to 7.


Note

This command is available only on the PRE2.

set discard-class Command History


Cisco IOS Release

Description

Release 12.3(7)XI

This command was introduced on the PRE2 only.

Release 12.2(28)SB

This command was integrated in Cisco IOS Release 12.2(28)SB for the
PRE2.

Cisco 10000 Series Router Quality of Service Configuration Guide

7-16

OL-7433-09

Chapter 7

Marking Traffic
Class-Based Frame Relay DE Bit Marking

Usage Guidelines for the set discard-class Command


You can set the discard-class on the input interface to use as a matching criterion and to affect how
packets are dropped on the output interface. You can use the discard-class with weighted random early
detection (WRED) on the output interface to classify packets and determine packet drop probability.
The router supports the set discard-class command only on the PRE2.

Class-Based Frame Relay DE Bit Marking


The Class-Based Frame Relay DE Bit Marking feature provides the ability to prioritize frames in a
Frame Relay network by setting the discard eligibility (DE) bit in the header of Frame Relay frames. As
congestion occurs in the Frame Relay network, frames with the DE bit set are more likely to be dropped,
resulting in improved network performance for higher priority traffic and applications.
This feature supports the classification of inbound Frame Relay traffic based on the DE bit setting and
the marking of the DE bit of outbound Frame Relay traffic. During classification, the router matches the
DE bit of inbound packets to previously configured traffic classes (created using a class map) and
classifies each matching packet as belonging to a specific traffic class.
DE bit marking can occur either as a class-based shaping action or as a class-based policing action. The
modular QoS command-line interface (MQC) commands used to mark the DE bit are the following:

set fr-de command (class-based shaping)

set-frde-transmit command (class-based policing)

The set-frde-transmit command is a policing action for conforming traffic and is used with the police
command. When using the conforming-action set-frde-transmit command, the router sends the frames
through the policers token bucket mechanism for processing and sets the DE bit for all frames that
conform to the committed rate.
The PRE3 and PRE4 support Frame Relay DE bit marking across packet fragments.

History for the Class-Based Frame Relay DE Bit Marking Feature


Cisco IOS Release

Description

Required PRE

Release 12.2(31)SB22

This feature was introduced on the PRE3.

PRE2, PRE3

Release 12.2(33)SB

This feature was introduced on the PRE4.

PRE2, PRE3,
PRE4

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-17

Chapter 7

Marking Traffic

Marking and Policing Traffic

Marking and Policing Traffic


When you simultaneously configure a class in a policy map to include both marking and policing
commands (the set and police commands), the router processes the set command first and then processes
the police command. As a result, the values set by the police command override the values of the set
command. This occurs regardless of whether you attach a policy map to an inbound or outbound
interface.
For example, if you use the set command to configure a value for the IP precedence field and you
configure a value for the same field by using the police command, the IP precedence value you set for
the police command overrides the IP precedence value you configured for the set command.
The set and police commands allow you to configure the following fields:

IP precedence and IP DSCP

QoS group

MPLS experimental imposition

Discard-class

ATM cell loss priority

Tunnel Header Marking


The Tunnel Header Marking (THM) feature allows you to mark the outer IP headers DSCP or
precedence value during tunnel encapsulation of the packet.
The outer IP header type of service (ToS) field of a tunneled packet is typically exposed to a different
QoS domain from that of the inner IP header. For example, for Multicast Virtual Private Network
(MVPN) packets placed in Generic Routing Encapsulation (GRE) tunnels, the router processes the
packets outer ToS field based on the QoS services of a common core MPLS network. The router
processes the packets inner IP ToS field based on the QoS services of a particular VRF. Using tunnel
header marking, different traffic streams that are aggregated into the same tunnel can mark their outer
ToS field differently. This enables the streams to receive a different level of QoS processing at the outer
ToS fields QoS domain.
A policy map is used to enable tunnel header marking and is applied to the inbound interface. If the
outbound interface is a tunnel, the router marks the outer headers of packets as tunnel encapsulation
occurs. If the outbound interface is not a tunnel, the policy map has no affect on the arriving packet
headers.
As shown in Figure 7-4, the policy map named policy1 has tunnel header marking configured and is
attached to inbound interface P1, and outbound interface P2 is a tunnel. As a result, the router classifies
traffic as it enters the router through interface P1 and marks the traffic as it leaves through interface P2.

Cisco 10000 Series Router Quality of Service Configuration Guide

7-18

OL-7433-09

Chapter 7

Marking Traffic
Restrictions and Limitations for Marking

Tunnel Header Marking


190190

Figure 7-4

Cisco 10008 Router


Tunnel Header Marking
policy-map
Traffic
P1
Inbound
Interface

P2

Packet
headers marked
Tunnel
Outbound
Interface

Tos=xyz
Tos=abc
191282

Tos=abc

Feature History for Tunnel Header Marking


Cisco IOS Release

Description

Required PRE

Release 12.2(31)SB2

This feature was introduced on the PRE2 to allow you to


mark the outer IP headers DSCP or precedence value
during tunnel encapsulation of the packet.

PRE2

Restrictions and Limitations for Marking


DSCP-Based and Precedence-Based Marking

You cannot simultaneously configure both the set ip dscp command and the set ip precedence
command in a policy map.

Because IP precedence is actually part of the DSCP value, you cannot simultaneously set both the
IP precedence and DSCP values for a traffic class. A packet can have one value or the other, but not
both. If you do configure both values, the router marks the packet with the DSCP value.

Because the router copies the IP precedence value to the MPLS EXP bits during label imposition,
you cannot simultaneously set both IP precedence and MPLS experimental marking for a class.

Marking has no preset scaling limit.

In Cisco IOS Release 12.3(7)XI, the router accepts the set precedence and set dscp commands
without specifying the ip keyword. However, you must specify the set ip precedence command to
set the precedence value in a packet header and the set ip dscp command to set the DSCP value. The
ip keyword is required.

Frame Relay DE Bit Marking Restrictions

In Cisco IOS Release 12.3(7)XI, when you enter the set ? command, the context-sensitive help lists
the fr-de keyword to allow you to set the Frame Relay discard eligibility (DE) bit. However, the
router does not support setting the DE bit in Cisco IOS Release 12.3(7)XI and later releases.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-19

Chapter 7

Marking Traffic

Interfaces Supporting Marking

Discard-Class-Based Marking Restrictions

The router supports the set discard-class command only on the PRE2.

When you use the input per-hop behavior (PHB) marking to classify packets on the output interface,
you must configure the set discard-class command in the input policy.

CoS-Based Marking Restrictions

The router supports CoS-based QoS only on Ethernet interfaces or PPPoE sessions associated with
Ethernet interfaces.

The router supports matching and marking for physical Ethernet interfaces and subinterfaces. The
router supports CoS-based QoS for virtual access interfaces (VAIs) associated with PPPoE
interfaces and it supports classification on the input policy and marking on the output policy.

Tunnel Header Marking Restrictions

If the outbound interface is not a tunnel, a policy map with tunnel header marking has no effect on
the packet headers.

The router accepts only input service policies for tunnel header marking. You must apply a policy
map with tunnel header marking to inbound interfaces. If you attempt to apply a service policy with
tunnel header marking to an outbound interface, an error message displays.

You may use the [no] set ip [dscp | precedence] tunnel value command in conjunction with other
input set actions. However, if you specify tunnel header marking as a policer action, using the
set-dscp-tunnel-transmit or set-prec-tunnel-transmit command, then you cannot specify any other
policer action. The router only supports a single police action.

The marking statistics for tunnel header marking are included in the statistical information for the
class map.

Interfaces Supporting Marking


The following describes interface support for marking using the set commands:
Interfaces Supporting the set Command

Note

Physical

Multilink PPP and multilink Frame Relay

ATM unspecified bit rate (UBR) PVCs and point-to-point subinterfaces

ATM variable bit rate (VBR) and constant bit rate (CBR) PVCs, and point-to-point subinterfaces

Label-controlled ATM (LC-ATM) subinterfaces

Frame Relay permanent virtual circuits (PVCs), point-to-point subinterfaces, and map classes

Ethernet VLANs

IP tunnel

Virtual-access (See the VAI QoS Inheritance section on page 4-24.)

The router supports the set command on inbound and outbound interfaces.

Cisco 10000 Series Router Quality of Service Configuration Guide

7-20

OL-7433-09

Chapter 7

Marking Traffic
Classification and Marking Design Guidelines

Interfaces Not Supporting the set Command

Fast Ethernet channel

Frame Relay data link connection identifier (DLCI)

Classification and Marking Design Guidelines


The Cisco 10000 series router provides many tools for classifying and marking traffic. Your task is to
determine how best to use these tools in your network environment. The following are guidelines to help
you make good design choices for classification and marking tools:

Classify and mark traffic as close to the ingress edge as possible.

Consider the trust boundary in the network, making sure to mark or remark traffic after it reaches a
trusted device in the network.

Because the IP precedence and DSCP marking fields are part of the IP header and, therefore, are
carried end-to-end, mark one of these fields to maximize the benefits of reducing classification
overhead by the other QoS tools enabled in the network.

If LAN switches connected to the router support only Layer 2 QoS (for example, the switch reacts
to marked CoS bits, but not to marked IP precedence or DSCP bits), mark the CoS bits on the router
before sending the frames onto the Ethernet.

We suggest that you use the values indicated in Table 7-5 on page 7-21 for DSCP settings for voice
and video payload, voice and video signaling, and data. Otherwise, follow the differentiated services
(DiffServ) per-hop behavior (PHB) RFCs for DSCP settings as indicated in Table 7-4 on page 7-8.

Recommended Values for Traffic Marking


Table 7-5 lists the recommended values to use for traffic marking.
Table 7-5

Recommended Values for Traffic Marking

Traffic Type

IP Precedence

IP DSCP

Class of Service

Voice payload

EF

Video payload

AF41

Voice and video signaling

AF31

High priority data

AF21

AF22
AF23
Medium priority data

AF11

AF12
AF13
All other traffic

Default

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-21

Chapter 7

Marking Traffic

Configuring Traffic Marking

Configuring Traffic Marking


To configure class-based traffic marking, perform any of the following optional tasks:

Configuring IP Precedence Marking, page 7-22

Configuring IP DSCP Marking, page 7-24

Configuring Class of Service Marking, page 7-26

Configuring QoS Group Marking, page 7-28

Setting the ATM Cell Loss Priority Bit, page 7-29

Configuring MPLS Experimental Marking, page 7-31

Configuring Discard-Class Marking, page 7-33

Configuring Tunnel Header Marking Using the set Command, page 7-35

Configuring Tunnel Header Marking Using the police Command, page 7-36

For more information about classifying traffic and creating QoS service policies, see Chapter 2,
Classifying Traffic and Chapter 3, Configuring QoS Policy Actions and Rules.

Configuring IP Precedence Marking


To mark the IP precedence field of packets, enter the following commands beginning in global
configuration mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Specifies the name of the policy map and enters policy-map


configuration mode.
policy-map-name is the name of the policy map.

Step 2

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map. Enters
policy-map class configuration mode.
class-map-name is the name of a previously configured class
map and is the traffic class for which you want to define QoS
actions.

Step 3

Router(config-pmap-c)# set ip precedence


prec-value

Specifies the IP precedence of packets within a traffic class.


prec-value is the IP precedence value. Valid values are from
0 to 7. See Table 7-2 on page 7-4.
Note

Be sure you specify the ip keyword.

Cisco 10000 Series Router Quality of Service Configuration Guide

7-22

OL-7433-09

Chapter 7

Marking Traffic
Configuring Traffic Marking

Command

Purpose

Step 4

Router(config-pmap-c)# exit

Exits policy-map class configuration mode.

Step 5

Router(config-pmap)# exit

Exits policy-map configuration mode.

Step 6

Router(config)# interface type number

Specifies the interface to which you want to attach the service


policy map. Enters interface configuration mode.
type is the type of interface (for example, serial).
number is the number of the interface (for example, 1/0/0).

Step 7

Router(config-if)# service-policy {input |


output} policy-map-name

Attaches the policy map you specify to the interface. The


router applies the service policy to packets on the interface in
either the input or output direction.
input indicates to apply the service policy to inbound
packets.
output indicates to apply the service policy to outbound
packets.
policy-map-name is the name of the policy map.

Configuration Examples for IP Precedence Marking and Classification


Example 7-1 shows how to configure IP precedence marking. In the example, a policy map named
Bronze is created and the class map named Voice is associated with the Bronze policy. For all outbound
packets on the Gigabit Ethernet 2/0/1 interface, the router sets the IP precedence bits to 5.
Example 7-1

Configuring IP Precedence Marking

Router(config)# class-map Voice


Router(config-cmap)# match access-group 110
Router(config-cmap)# exit
Router(config)# policy-map Bronze
Router(config-pmap)# class Voice
Router(config-pmap-c)# set ip precedence 5
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface GigabitEthernet 2/0/1
Router(config-if)# service-policy output Bronze

Example 7-2 shows how to configure IP precedence-based classification. In the example, a policy map
named Second is created and the class map named ip-prec is associated with the Second policy. For all
outbound packets on Gigabit Ethernet interface 2/0/1, the router classifies packets based on the setting
of their IP precedence bits. If the bits are set to 3, the router assigns the packets to the ip-prec class and
polices the traffic as indicated in the Second policy map.
Example 7-2

Configuring IP Precedence-Based Classification

Router(config)# class-map ip-prec


Router(config-cmap)# match ip precedence 3
Router(config-cmap)# exit
Router(config)# policy-map Second
Router(config-pmap)# class ip-prec
Router(config-pmap-c)# police 8000 4000 2000 conform-action transmit exceed-action drop
violate-action drop
Router(config-pmap-c)# exit
Router(config-pmap)# exit

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-23

Chapter 7

Marking Traffic

Configuring Traffic Marking

Router(config)# interface GigabitEthernet 2/0/1


Router(config-if)# service-policy output Second

Configuring IP DSCP Marking


To mark the DSCP field of packets, enter the following commands beginning in global configuration
mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Specifies the name of the policy map and enters policy-map


configuration mode.
policy-map-name is the name of the policy map.

Step 2

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map. Enters
policy-map class configuration mode.
class-map-name is the name of a previously configured class
map and is the traffic class for which you want to define QoS
actions.

Step 3

Router(config-pmap-c)# set ip dscp


{dscp-value | afxy | csx | ef | default}

Sets the DSCP value in the ToS byte.


ip specifies that the match is for IPv4 packets only. You must
specify this keyword.
dscp dscp-value sets the DSCP value. Valid values are from 0
to 63.
Instead of specifying a numeric dscp-value, you can specify
one of the following reserved keywords:

afxy indicates assured forwarding points. The first


number (x) indicates the AF class. Valid values are from
1 to 4. The second number (y) indicates the level of drop
preference within each class. Valid values are from
1 (low drop) to 3 (high drop).

cs indicates class selector code points that are


backward-compatible with IP precedence. Valid values
for x are 1 through 7. The CS code points (CS1 through
CS7) are identical to IP precedence values 1 through 7.

ef indicates expedited forwarding.

default indicates best effort or DSCP 0.

For more information, see Table 7-4 on page 7-8.

Cisco 10000 Series Router Quality of Service Configuration Guide

7-24

OL-7433-09

Chapter 7

Marking Traffic
Configuring Traffic Marking

Command

Purpose

Step 4

Router(config-pmap-c)# exit

Exits policy-map class configuration mode.

Step 5

Router(config-pmap)# exit

Exits policy-map configuration mode.

Step 6

Router(config)# interface type number

Specifies the interface to which you want to attach the service


policy map. Enters interface configuration mode.
type is the type of interface (for example, serial).
number is the number of the interface (for example, 1/0/0).

Step 7

Router(config-if)# service-policy {input |


output} policy-map-name

Attaches the policy map you specify to the interface. The


router applies the service policy to packets on the interface in
either the input or output direction.
input indicates to apply the service policy to inbound
packets.
output indicates to apply the service policy to outbound
packets.
policy-map-name is the name of the policy map.

Configuration Examples for IP DSCP Marking and Classification


Example 7-3 shows how to configure IP DSCP marking. In the example, the router assigns outbound
traffic on the Gigabit Ethernet 1/0/0 interface to either class1 or class2. The router marks the packets by
setting the DSCP bits of class1 packets to DSCP 5 and by setting the DSCP bits of class2 packets to
DSCP 3 as indicated in the policy map named Silver.
Example 7-3

Configuring IP DSCP Marking

Router(config)# class-map class1


Router(config-cmap)# match qos-group 2
Router(config-cmap)# class class2
Router(config-cmap)# match access-group 108
Router(config-cmap)# exit
Router(config)# policy-map Silver
Router(config-pmap)# class class1
Router(config-pmap-c)# set ip dscp 5
Router(config-pmap-c)# class class2
Router(config-pmap-c)# set ip dscp 3
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface GigabitEthernet 1/0/0
Router(config-if)# service-policy output Silver

Example 7-4 shows how to configure IP DSCP-based classification. In the example, the router checks
the DSCP bits of outbound packets on the GigabitEthernet interface 1/0/0. If the packet DSCP bits are
set to 5, the router assigns the packet to the Voice class and gives the packet priority handling as indicated
in the policy map named Platinum. All intermediate routers provide low-latency treatment to the Voice
packets.
Example 7-4

Configuring IP DSCP-Based Classification

Router(config)# class-map Voice


Router(config-cmap)# match ip dscp 5
Router(config-cmap)# exit
Router(config)# policy-map Platinum

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-25

Chapter 7

Marking Traffic

Configuring Traffic Marking

Router(config-pmap)# class Voice


Router(config-pmap-c)# priority
Router(config-pmap-c)# police 8000 600 400 conform-action transmit exceed-action drop
violate-action drop
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface GigabitEthernet 1/0/0
Router(config-if)# service-policy output Platinum

Configuring Class of Service Marking


To mark the Layer 2 class of service (CoS) field in the 802.1p header of outbound packets, enter the
following commands beginning in global configuration mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Specifies the name of the policy map and enters policy-map


configuration mode.
policy-map-name is the name of the policy map.

Step 2

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map. Enters
policy-map class configuration mode.
class-map-name is the name of a previously configured class
map and is the traffic class for which you want to define QoS
actions.

Step 3

Router(config-pmap-c)# set cos cos-value

Step 4

Router(config-pmap-c)# exit

Exits policy-map class configuration mode.

Step 5

Router(config-pmap)# exit

Exits policy-map configuration mode.

Step 6

Router(config)# interface type number

Specifies the interface to which you want to attach the service


policy map. Enters interface configuration mode.

Sets the Layer 2 class of service (CoS) value of an outbound


packet.
cos-value is a specific IEEE 802.1Q CoS value from 0 to 7.

type is the type of interface (for example, serial).


number is the number of the interface (for example, 1/0/0).
Step 7

Router(config-if)# service-policy output


policy-map-name

Attaches the policy map you specify to the interface. The


router applies the service policy to packets on the interface in
either the input or output direction.
output indicates to apply the service policy to outbound
packets.
policy-map-name is the name of the policy map.
Note

You can attach a service policy containing the set cos


command to only an outbound VLAN interface. The
router cannot apply the set cos command to inbound
packets.

Cisco 10000 Series Router Quality of Service Configuration Guide

7-26

OL-7433-09

Chapter 7

Marking Traffic
Configuring Traffic Marking

Configuration Examples for CoS Marking and Classification


Example 7-5 shows how to configure CoS classification and marking on an interface, setting the Layer 2
CoS value in the 802.1p header. In the example, the router checks the DSCP bits of inbound packets on
the Gigabit Ethernet interface 1/0/0. If the bits are set to DSCP AF11, the router assigns the packet to
the class named Cos-Class and on the outbound interface marks the packet by setting the class of service
bits to 5 as indicated in the policy map named Policy1.
Example 7-5

Configuring CoS Marking

Router(config)# class-map Cos-Class


Router(config-cmap)# match ip dscp AF11
Router(config-cmap)# exit
Router(config)# policy-map Policy1
Router(config-pmap)# class Cos-Class
Router(config-pmap-c)# set cos 5
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface GigabitEthernet 1/0/0
Router(config-if)# service-policy output Policy1

Example 7-6 shows how to configure CoS-based classification on outbound packets. In the example, the
router checks the class of service bits of packets leaving on Gigabit Ethernet interface 4/0/0. If the bits
are set to 3, the router assigns the packet to the class named Voice and marks the packet by setting the
IP DSCP bits to 8 as indicated in the policy map named Policy1.

Note

By default, the router maps the CoS field to the IP DSCP bits for packets received on inbound interfaces.
The router maps IP precedence bits to the user priority bits for packets forwarded in the outbound
direction. You can override this default behavior by creating a QoS policy that specifies the desired
action.
Example 7-6

Configuring CoS-Based Classification

Router(config)# class-map Voice


Router(config-cmap)# match cos 3
Router(config-cmap)# exit
Router(config)# policy-map Policy1
Router(config-pmap)# class Voice
Router(config-pmap-c)# set ip dscp 8
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface GigabitEthernet 4/0/0
Router(config-if)# service-policy output Policy1

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-27

Chapter 7

Marking Traffic

Configuring Traffic Marking

Configuring QoS Group Marking


To mark packets with a local QoS group ID, enter the following commands beginning in global
configuration mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Specifies the name of the policy map and enters policy-map


configuration mode.
policy-map-name is the name of the policy map.

Step 2

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map. Enters
policy-map class configuration mode.
class-map-name is the name of a previously configured class
map and is the traffic class for which you want to define QoS
actions.

Step 3

Router(config-pmap-c)# set qos-group


group-id

Sets a QoS group identifier (ID) to use in classifying packets.


group-id is the group identifier. Valid values are from 0 to 99.

Step 4

Router(config-pmap-c)# exit

Exits policy-map class configuration mode.

Step 5

Router(config-pmap)# exit

Exits policy-map configuration mode.

Step 6

Router(config)# interface type number

Specifies the interface to which you want to attach the service


policy map. Enters interface configuration mode.
type is the type of interface (for example, serial).
number is the number of the interface (for example, 1/0/0).

Step 7

Router(config-if)# service-policy {input |


output} policy-map-name

Attaches the policy map you specify to the interface. The


router applies the service policy to packets on the interface in
either the input or output direction.
input indicates to apply the service policy to inbound
packets.
output indicates to apply the service policy to outbound
packets.
policy-map-name is the name of the policy map.

Configuration Examples for Configuring QoS Group Marking and Classification


Example 7-7 shows how to configure QoS group marking. In this example, the router classifies inbound
packets on the Gigabit Ethernet interface 1/0/0 based on the class of service value. If the packet CoS
value is 5, the router assigns the packet to the class named Group and sets the packet qos-group ID to 4
as indicated in the policy map named Policy1.
Example 7-7

Configuring QoS Group Marking

Router(config)# class-map Group


Router(config-cmap)# match cos 5
Router(config-cmap)# exit
Router(config)# policy-map Policy1
Router(config-pmap)# class Group
Router(config-pmap-c)# set qos-group 4

Cisco 10000 Series Router Quality of Service Configuration Guide

7-28

OL-7433-09

Chapter 7

Marking Traffic
Configuring Traffic Marking

Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface GigabitEthernet 1/0/0
Router(config-if)# service-policy input Policy1

Example 7-8 shows how to configure the router to classify packets based on the QoS group ID of the
packet. In this example, the router checks outbound packets on Ethernet interface 1/0/0 for QoS group
ID 5, assigns the matching packets to the traffic class named QoSGroup, defined in the policy map
named Gold, and sets the packet DSCP bits to DSCP 0 (best effort).
Example 7-8

Configuring QoS Group-Based Classification

Router(config)# class-map QoSGroup


Router(config-cmap)# match qos-group 5
Router(config-cmap)# exit
Router(config)# policy-map Gold
Router(config-pmap)# class QoSGroup
Router(config-pmap-c)# set dscp 0
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface Ethernet 1/0/0
Router(config-if)# service-policy output Gold

Setting the ATM Cell Loss Priority Bit


To set the ATM cell loss priority (CLP) bit to 1, enter the following commands beginning in global
configuration mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Specifies the name of the policy map and enters policy-map


configuration mode.
policy-map-name is the name of the policy map.

Step 2

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map. Enters
policy-map class configuration mode.
class-map-name is the name of a previously configured class
map and is the traffic class for which you want to define QoS
actions.

Step 3

Router(config-pmap-c)# set atm-clp

Sets the cell loss priority bit to 1. The router discards packets
with the CLP bit set to 1 before it discards packets with the
CLP bit set to 0.
Note

To change the CLP bit back to 0, use the


no set atm-clp command.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-29

Chapter 7

Marking Traffic

Configuring Traffic Marking

Command

Purpose

Step 4

Router(config-pmap-c)# exit

Exits policy-map class configuration mode.

Step 5

Router(config-pmap)# exit

Exits policy-map configuration mode.

Step 6

Router(config)# interface type number

Specifies the interface to which you want to attach the service


policy map. Enters interface configuration mode.
type is the type of interface (for example, serial).
number is the number of the interface (for example, 1/0/0).

Step 7

Router(config-if)# service-policy {input |


output} policy-map-name

Attaches the policy map you specify to the interface. The


router applies the service policy to packets on the interface in
either the input or output direction.
input indicates to apply the service policy to inbound
packets.
output indicates to apply the service policy to outbound
packets.
policy-map-name is the name of the policy map.

Configuration Example for Setting the ATM CLP Bit


Example 7-9 shows how to set the ATM CLP bit of packets. For all packets arriving on the
ATM interface 1/0/1, the router assigns the packets that match access control list (ACL) 100 to the
Class1 traffic class and sets the ATM CLP bit of each packet.
Example 7-9

Setting the ATM CLP Bit

Router(config)# class-map Class1


Router(config-cmap)# match access-group 100
Router(config-cmap)# exit
Router(config)# policy-map Premium
Router(config-pmap)# class Class1
Router(config-pmap-c)# set atm-clp
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface atm 1/0/1
Router(config-if)# service-policy output Premium

Cisco 10000 Series Router Quality of Service Configuration Guide

7-30

OL-7433-09

Chapter 7

Marking Traffic
Configuring Traffic Marking

Configuring MPLS Experimental Marking


To copy the IP precedence or DSCP value to the MPLS experimental bits during label imposition, enter
the following commands beginning in global configuration mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Specifies the name of the policy map and enters policy-map


configuration mode.
policy-map-name is the name of the policy map.

Step 2

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map. Enters
policy-map class configuration mode.
class-map-name is the name of a previously configured class
map and is the traffic class for which you want to define QoS
actions.

Step 3

Router(config-pmap-c)# set mpls experimental


imposition mpls-exp-value

Sets the value of the MPLS experimental (EXP) field on all


imposed label entries.
mpls-exp-value specifies the value used to set the MPLS EXP
bits. Valid values are from 0 to 7.

Step 4

Router(config-pmap-c)# exit

Exits policy-map class configuration mode.

Step 5

Router(config-pmap)# exit

Exits policy-map configuration mode.

Step 6

Router(config)# interface type number

Specifies the interface to which you want to attach the service


policy map. Enters interface configuration mode.
type is the type of interface (for example, serial).
number is the number of the interface (for example, 1/0/0).

Step 7

Router(config-if)# service-policy {input |


output} policy-map-name

Attaches the policy map you specify to the interface. The


router applies the service policy to packets on the interface in
either the input or output direction.
input indicates to apply the service policy to inbound
packets.
output indicates to apply the service policy to outbound
packets.
policy-map-name is the name of the policy map.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-31

Chapter 7

Marking Traffic

Configuring Traffic Marking

Configuration Examples for Configuring MPLS Experimental Marking and Classification


Example 7-10 shows how to configure MPLS Experimental (EXP) marking. In the example, for all
packets on the inbound Gigabit Ethernet interface 1/0/0 that match class of service 3, the router sets the
packet MPLS experimental bits to 5.
Example 7-10 Configuring MPLS EXP Marking
Router(config)# class-map voice
Router(config-cmap)# match cos 3
Router(config-cmap)# exit
Router(config)# policy-map Silver
Router(config-pmap)# class voice
Router(config-pmap-c)# set mpls experimental imposition 5
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface GigabitEthernet 1/0/0
Router(config-if)# mpls ip
Router(config-if)# service-policy input Silver

Example 7-11 shows how to configure MPLS EXP-based classification. In the example, the router
checks the MPLS EXP bits of the packets arriving on the Gigabit Ethernet interface 1/0/0. The router
assigns the packets whose bits have a setting of 5 to the mpls-exp class. As indicated in the policy map,
the router provides low-latency priority handling of MPLS experimental traffic.
Example 7-11 Configuring MPLS EXP-Based Classification
Router(config)# class-map mpls-exp
Router(config-cmap)# match mpls experimental 5
Router(config-cmap)# exit
Router(config)# policy-map Platinum
Router(config-pmap)# class mpls-exp
Router(config-pmap-c)# priority
Router(config-pmap-c)# police percent 30 4000 2000 conform-action transmit exceed-action
drop
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface GigabitEthernet 1/0/0
Router(config-if)# mpls ip
Router(config-if)# service-policy output Platinum

Cisco 10000 Series Router Quality of Service Configuration Guide

7-32

OL-7433-09

Chapter 7

Marking Traffic
Configuring Traffic Marking

Configuring Discard-Class Marking


To mark packets with a discard-class value, enter the following commands beginning in global
configuration mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Specifies the name of the policy map and enters policy-map


configuration mode.
policy-map-name is the name of the policy map.

Step 2

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map. Enters
policy-map class configuration mode.
class-map-name is the name of a previously configured class
map and is the traffic class for which you want to define QoS
actions.

Step 3

Router(config-pmap-c)# set discard-class


value

Marks a packet with a discard eligibility value, setting the


per-hop behavior (PHB) for dropping traffic.
value is the priority of a type of traffic. Valid values are from
0 to 7.
Note

This command is only available on the PRE2.

Step 4

Router(config-pmap-c)# exit

Exits policy-map class configuration mode.

Step 5

Router(config-pmap)# exit

Exits policy-map configuration mode.

Step 6

Router(config)# interface type number

Specifies the interface to which you want to attach the service


policy map. Enters interface configuration mode.
type is the type of interface (for example, serial).
number is the number of the interface (for example, 1/0/0).

Step 7

Router(config-if)# service-policy {input |


output} policy-map-name

Attaches the policy map you specify to the interface. The


router applies the service policy to packets on the interface in
either the input or output direction.
input indicates to apply the service policy to inbound
packets.
output indicates to apply the service policy to outbound
packets.
policy-map-name is the name of the policy map.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-33

Chapter 7

Marking Traffic

Configuring Traffic Marking

Configuration Examples for Configuring Discard-Class Marking and Classification


Example 7-12 shows how to configure the discard eligibility value for a traffic class. In the example, the
router classifies inbound traffic on Ethernet interface 1/0/0 based on the class of service setting of the
packets. If the CoS value matches 1, the router assigns the matching packets to the class named Class1
and sets the packet discard-class value to 4, as defined in the policy map named MyPolicy.
Example 7-12 Configuring Discard-Class Marking
Router(config)# class-map Class1
Router(config-cmap)# match cos 1
Router(config-cmap)# exit
Router(config)# policy-map MyPolicy
Router(config-pmap)# class Class1
Router(config-pmap-c)# set discard-class 4
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface Ethernet 1/0/0
Router(config-if)# service-policy input MyPolicy

Example 7-13 shows how to configure discard-class-based classification. In the example, the router
classifies outbound traffic on Gigabit Ethernet interface 2/0/1 based on the discard-class setting of the
packets. If the discard-class value matches 3, the router assigns the matching packets to the class named
Group1 and provides a minimum bandwidth guarantee of 8000 kbps to Group1 traffic, as defined in the
policy map named Manhattan.
Example 7-13 Configuring Discard-Class-Based Classification
Router(config)# class-map Group1
Router(config-cmap)# match discard-class 3
Router(config-cmap)# exit
Router(config)# policy-map Manhattan
Router(config-pmap)# class Group1
Router(config-pmap-c)# police 8000 600 400 conform-action transmit exceed-action drop
Router(config-pmap-c)# exit
Router (config-pmap)# exit
Router(config)# interface GigabitEthernet 2/0/1
Router(config-if)# service-policy output Manhattan

Cisco 10000 Series Router Quality of Service Configuration Guide

7-34

OL-7433-09

Chapter 7

Marking Traffic
Configuring Traffic Marking

Configuring Tunnel Header Marking Using the set Command


To configure tunnel header marking using the set command, enter the following configuration
commands beginning in global configuration mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Specifies the name of the policy map and enters policy-map


configuration mode.
policy-map-name is the name of the policy map.

Step 2

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map.


Enters policy-map class configuration mode.
class-map-name is the name of a previously configured
class map and is the traffic class for which you want to
define QoS actions.

Step 3

Router(config-pmap-c)# set ip [dscp |


precedence] tunnel value

Marks a packet by setting the differentiated services code


point (DSCP) value or precedence level in the type of
service (ToS) byte.
(DSCP) tunnel value is a number from 0 to 63 or one of the
following reserved keywords:

EF (expedited forwarding)

AF11 (assured forwarding class AF11)

AF12 (assured forwarding class AF12)

(Precedence) tunnel value is a number from 0 to 7 that sets


the precedence bit in the packet header.

Configuration Example for Tunnel Header Marking Using the set Command
The following example configuration shows how to configure tunnel header marking using the set
command. In the example, marking is configured for the match_ip traffic class. For all packets belonging
to that class, the router sets the DSCP bits to 3.
class-map match_ip
match protocol ip
policy-map Tunnel_Marking
class match_ip
set ip dscp tunnel 3
class class-default
shape 64000

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-35

Chapter 7

Marking Traffic

Configuring Traffic Marking

Configuring Tunnel Header Marking Using the police Command


To configure tunnel header marking using the police command, enter the following commands beginning
in global configuration mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Specifies the name of the policy map and enters policy-map


configuration mode.
policy-map-name is the name of the policy map.

Step 2

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map.


Enters policy-map class configuration mode.
class-map-name is the name of a previously configured
class map and is the traffic class for which you want to
define QoS actions.

Step 3

Router(config-pmap-c)# police [cir] bps


[bc] burst-normal [pir pir] [be] burst-excess
[conform-action {set-dscp-tunnel-transmit value
| set-prec-tunnel-transmit value}]
[exceed-action {set-dscp-tunnel-transmit value
| set-prec-tunnel-transmit value}]
[violate-action {set-dscp-tunnel-transmit value
| set-prec-tunnel-transmit value}]

Configures policing and uses the policer action to mark a


packets outer tunnel header.
set-dscp-tunnel-transmit value is a number from 0 to 63
or one of the following reserved keywords:

EF (expedited forwarding)

AF11 (assured forwarding class AF11)

AF12 (assured forwarding class AF12)

set-prec-tunnel-transmit value is a number from 0 to 7


that sets the precedence bit in the packet header.
For more information, see the police Command
(Single-Rate) section on page 6-6 or the police Command
(Two-Rate) section on page 6-9.

Example Configuration for Tunnel Header Marking Using the police Command
The following example configuration shows how to mark the tunnel header of a packet using the police
command. In the example, the policer sets the DSCP bits to 4 for all conforming traffic belonging to the
match_ip class.
class-map match_ip
match protocol ip
policy-map Tunnel_Marking
class match_ip
police 8000 conform-action set-dscp-tunnel-transmit 4
class class-default
shape 64000

Cisco 10000 Series Router Quality of Service Configuration Guide

7-36

OL-7433-09

Chapter 7

Marking Traffic
Verifying Traffic Marking

Verifying Traffic Marking


The Cisco 10000 series router collects statistical information about the number of packets and bytes
marked.
To verify traffic marking, enter any of the following commands in privileged EXEC configuration mode:
Command

Purpose

Router# show policy-map

Displays configuration information for all configured policy


maps.

Router# show policy-map policy-map-name

Displays configuration information for the policy map you


specify.

Router# show policy-map interface

Displays configuration and statistical information for all of the


input and output policies that are attached to an interface.
For example, statistical information such as the incoming traffic
rate, dropped packet rate, and the number of matched packets and
bytes.

Router# show policy-map interface interface

Displays configuration and statistical information for the input


and output policies attached to the interface you specify.
interface is the name of the interface or subinterface whose policy
configuration you want to display.

Router# show policy-map interface interface


[input | output]

Displays the configuration of all classes configured for all


inbound or outbound policy maps attached to the specified
interface.
interface is the name of the interface or subinterface whose policy
configuration you want to display.
input indicates to display the statistics for the attached inbound
policy.
output indicates to display the statistics for the attached
outbound policy.
Note

Router# show policy-map policy-map-name class


class-name

If you do not specify input or output, the router displays


information about all classes that are configured for all
inbound and outbound policies attached to the interface
you specified.

Displays the configuration of the class you specify for the policy
map you specify.
policy-map-name is the name of the policy map that contains the
class configuration you want to display.
class-name is the name of the class whose configuration you want
to display.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-37

Chapter 7

Marking Traffic

Verifying Traffic Marking

Verification Examples for Traffic Marking


Example 7-14 shows how to verify marking for the traffic classes in a policy map. In this example, traffic
assigned to the Gold class has the precedence bits set to 5.
Example 7-14 Verifying Marking in a Policy Map
Router# show policy-map Child
Policy Map Child
Class Bronze
police percent 30 6 ms 4 ms conform-action transmit exceed-action set-prep
Class Gold
police 8000 2000 4000 conform-action transmit exceed-action set-qos-transp
set ip precedence 5

Example 7-15 shows how to verify marking on a specific interface. In this example, the QoS policy is a
hierarchical policy that is attached to PVC 5/101 on the ATM 3/0/0.3 subinterface. In the Child policy,
the Bronze class indicates to set the DSCP bits of Bronze packets to 3. The Gold class indicates to set
the IP precedence bits of Gold packets to 5.
Example 7-15 Verifying Marking in a Hierarchical Policy
Router# show policy-map interface atm 3/0/0.3
ATM3/0/0.3: VC 5/101 Service-policy output: Parent
Class-map: class-default (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
Output queue: 0/64; 0/0 packets/bytes output, 0/0 drops
Shape : 2000 kbps
Service-policy : Child
Class-map: Bronze (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: ip precedence 3 5
Police:
600000 bps, 1536 limit, 1000 extended limit
conformed 0 packets, 0 bytes; action: transmit
exceeded 0 packets, 0 bytes; action: set-prec-transmit 2
violated 0 packets, 0 bytes; action: drop
QoS Set
dscp 3
Packets marked 0
Class-map: Gold (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: ip precedence 2
Police:
8000 bps, 2000 limit, 4000 extended limit
conformed 0 packets, 0 bytes; action: transmit
exceeded 0 packets, 0 bytes; action: set-qos-transmit 4
violated 0 packets, 0 bytes; action: drop
QoS Set
precedence 5

Cisco 10000 Series Router Quality of Service Configuration Guide

7-38

OL-7433-09

Chapter 7

Marking Traffic
Related Documentation

Packets marked 0
Class-map: class-default (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
Output queue: 0/64; 0/0 packets/bytes output, 0/0 drops

Related Documentation
This section provides hyperlinks to additional Cisco documentation for the features discussed in this
chapter. To display the documentation, click the document title or a section of the document highlighted
in blue. When appropriate, paths to applicable sections are listed below the documentation title.
Feature

Related Documentation

3-Color Marker for Traffic Policing (single rate)

Release Notes for the Cisco 10000 Series ESR for Cisco IOS
Release 12.0(23)SX
New Features in Cisco IOS Release 12.0(23)SX > Single Rate
3-Color Marker for Traffic Policing

ATM Cell Loss Priority Marking

When Does a Router Set the CLP Bit in an ATM Cell?


Cisco IOS Quality of Service Solutions Configuration Guide,
Release 12.2
Part 1: Classification > Configuring Class-Based Packet
Marking

Classification and Marking

Cisco IOS Quality of Service Solutions Configuration Guide,


Release 12.2
Part 1: Classification > Configuring Class-Based Packet
Marking
Class-Based Marking, Release 12.0(26)S feature module
Configuring Packet Marking on Frame Relay PVCs
QoS Packet Marking, Implementing Quality of Service

Class of Service Marking

Service Provider Quality of Service Design Guide


Cisco IOS Quality of Service Solutions Configuration Guide,
Release 12.2
Part 1: Classification > Configuring Class-Based Packet
Marking

DSCP Marking

Service Provider Quality of Service Design Guide


Cisco IOS Quality of Service Solutions Configuration Guide,
Release 12.2
Part 1: Classification > Configuring Class-Based Packet
Marking
QoS Packet Marking, Implementing Quality of Service Policies with
DSCP

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

7-39

Chapter 7

Marking Traffic

Related Documentation

Feature

Related Documentation

IP Precedence Marking

Service Provider Quality of Service Design Guide


Cisco IOS Quality of Service Solutions Configuration Guide,
Release 12.2
Part 1: Classification > Configuring Class-Based Packet
Marking

MPLS Experimental Marking

Cisco IP Solution Center, 3.0: Quality of Service Management User


Guide, Release 3.0
Quality of Service Concepts > MPLS Experimental Values
Service Provider Quality of Service Design Guide

QoS Group Marking

Cisco IOS Quality of Service Solutions Configuration Guide,


Release 12.2
Part 1: Classification > Configuring Class-Based Packet
Marking

QoS Policy Propagation through the Border Gateway


Protocol (QPPB)

Cisco IOS Quality of Service Solutions Configuration Guide,


Release 12.2
Part 1: Classification > Classification Overview > QoS Policy
Propagation via Border Gateway Protocol
Part 1: Classification > Configuring QoS Policy Propagation via
Border Gateway Protocol

Cisco 10000 Series Router Quality of Service Configuration Guide

7-40

OL-7433-09

CH A P T E R

Prioritizing Services
Voice, video, and data applications have differing quality of service needs. Voice applications, for
example, require a small but guaranteed amount of bandwidth, are less tolerant of packet delay or loss,
and require low jitter. A data application such as File Transfer Protocol (FTP) needs more bandwidth
than voice and can tolerate packet delay and jitter. To provide end-to-end differentiated services, QoS
policies must allow critical applications to receive the resources required while ensuring that other
applications are not neglected.
Priority queuing offers the ability to deliver assured bandwidth, low latency, low jitter, and low packet
loss for voice applications while simultaneously ensuring that other applications receive portions of the
available bandwidth.
This chapter describes low-latency priority queuing and includes the following topics:

Low-Latency Priority Queuing, page 8-1

Multi-Level Priority Queues, page 8-3

Child Service Policy Allowed Under Priority Class, page 8-4

Interfaces Supporting Priority Queuing, page 8-4

Queues per Policy Map, page 8-5

Restrictions and Limitations for Priority Queuing, page 8-5

Restrictions for Multi-Level Priority Queues, page 8-5

Configuring a Priority Queue, page 8-6

Configuring Multi-Level Priority Queues, page 8-7

Configuration Examples for Configuring Priority Queues, page 8-9

Verifying and Monitoring Priority Queues, page 8-11

Verification Examples for Priority Queues, page 8-11

Related Documentation, page 8-13

Low-Latency Priority Queuing


Using a single queue for packets from all traffic streams is simple, efficient, and offers optimal average
delay per packet because the queue uses the entire link bandwidth to transmit waiting packets. The
drawback to this method is it does not distinguish among different traffic streamsvoice, data, video.
The more traffic in a stream, the larger its share of the link bandwidth. Packets arriving first are the first
packets out of the queue, regardless of the packet type.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

8-1

Chapter 8

Prioritizing Services

Low-Latency Priority Queuing

Priority queuing overcomes the shortcomings of single queuing by allowing the router to dequeue and
transmit delay-sensitive data such as voice before it dequeues and sends packets in other queues. Using
priority queuing, delay-sensitive data receives preferential treatment over other traffic.
In all releases prior to Cisco IOS Release 12.0(25)S and Release 12.3(7)XI, low-latency priority queuing
(LL/PQ) and bandwidth reservation together enabled you to provide differentiated services (DiffServ).
Priority queuing lets you assign a guaranteed minimum bandwidth to one queue to minimize packet
delay. Bandwidth reservation divides the link bandwidth among the different traffic streams into multiple
queues, with each queue receiving its fair share of the link bandwidth divided among all non-empty
queues. By dividing the unused bandwidth among the queues with packets to send, multiple queuing has
the same average delay per packet as the single queue scheme, with the advantage of each queue
receiving its fair share of the bandwidth.
In Cisco IOS Release 12.0(25)S and Release 12.3(7)XI, and later releases, strict priority queuing
guarantees low-latency for any packet that enters a priority queue, regardless of the current congestion
level on the link. With strict priority queuing, the router gives the traffic full priority and services it at
line rate, which can cause bandwidth starvation of other traffic queues. To avoid this, use the police
command to restrict the amount of bandwidth the priority queue can use. When you specify the police
command, the router sets the committed information rate (CIR) for the priority queue to the bandwidth
you specify in the police command. The router must drop packets that exceed the committed rate.

Note

The actual throughput of a priority queue does not exceed its configured value even if other queues on
the link are empty.
For multilink PPP (MLPPP) bundling, the router restricts the priority queue bandwidth to the bandwidth
of one of the bundle members.

Note

The router supports multilink PPP (MLPPP) for Cisco IOS Release 12.3(7)XI2 and later releases. For
Cisco IOS Release 12.2(16)BX3 and Release 12.3(7)XI1, the router does not support MLPPP.

Feature History for Low-Latency Priority Queuing


Cisco IOS Release

Description

Required PRE

Release 12.0(17)SL

The priority queuing feature was introduced on the router PRE1


to allow you to configure a bandwidth rate for a queue in
kilobits per second.

Release 12.0(20)ST

This feature was enhanced to allow you to configure a


bandwidth rate for a queue as a percentage.

PRE1

Release 12.0(25)S

This feature was modified to provide strict priority


queuing on the PRE1.

PRE1

Release 12.2(16)BX

This feature was introduced on the PRE2 to allow you to


configure a bandwidth rate for a queue in kilobits per
second or as a percentage.

PRE2

Release 12.3(7)XI1

This feature was modified to provide strict priority


queuing on the PRE2.

PRE2

Release 12.2(28)SB

This feature was integrated in Cisco IOS


Release 12.2(28)SB for the PRE2.

PRE2

Release 12.2(31)SB2

This feature was introduced on the PRE3.

PRE3

Cisco 10000 Series Router Quality of Service Configuration Guide

8-2

OL-7433-09

Chapter 8

Prioritizing Services
Multi-Level Priority Queues

Bandwidth Starvation
In Cisco IOS Release 12.3(7)XI and later releases, to prevent the priority queue from starving other
queues, specify a guaranteed bandwidth using the police command.

Note

In Cisco IOS Release 12.0(25)S and Release 12.3(7)XI, and later releases, the priority command no
longer allows you to specify a priority rate in kbps or as a percentage of the available bandwidth.
In Cisco IOS Release 12.3(7)XI and later releases, the router allocates the bandwidth you specify in the
police command to the priority queue before it allocates bandwidth to the other queues on the link. As
a result, the amount of bandwidth allocated to the other queues is based on the bandwidth remaining after
the priority queue receives its bandwidth allocation. In a policy map, if you configure a traffic class as a
priority queue and you specify a guaranteed bandwidth, you must use the bandwidth remaining
command to configure bandwidth for other traffic classes in the policy map.

Multi-Level Priority Queues


The Multi-Level Priority Queues (MPQ) feature allows you to configure multiple priority queues for
multiple traffic classes by specifying a different priority level for each of the traffic classes in a single
service policy map. You can configure multiple service policy maps per router.
Previously, Cisco IOS-based routers could have only one strict priority queue per policy map for all
delay-sensitive trafficthe router associated all priority traffic with this one single priority queue.
However, having only one priority queue can cause significant delay in delivering traffic, especially if
the router sends high priority traffic (for example, voice) behind low priority traffic (for example, video).
Using class-based weighted fair queuing (CBWFQ) to reduce delay by heavily weighting one queue can
affect the granularity of bandwidth allocations to the other queues. The MPQ feature addresses these
issues and improves latency.
The priority command is used to specify that a class of traffic has latency requirements with respect to
other classes. For multiple priority queues, you can use the priority level command to configure a level
of priority service on a class in a policy map. Currently, the router supports two priority levels:
level 1 (high) and level 2 (low). The router places traffic with a high priority level on the outbound link
ahead of traffic with a low priority level. High priority packets, therefore, are not delayed behind low
priority packets.
The router associates a single priority queue with all of the traffic enabled with the same priority level
and services the high level priority queues until empty before servicing the next level priority queues and
non-priority queues. While the router services a queue, the service rate is as fast as possible and is
constrained only by the rate of the underlying link or parent node in a hierarchy. If a rate is configured
and the router determines that a traffic stream has exceeded the configured rate, the router drops the
exceeding packets during periods of congestion. If the link is currently not congested, the router places
the exceeding packets onto the outbound link.
When configuring MPQ on different traffic classes in a policy map, you must specify different priority
levels for the traffic classes. For example, configure one traffic class to have priority level 2 and another
class to have level 1.
If high priority traffic is not policed appropriately, bandwidth starvation of low priority traffic can occur.
Therefore, though not required, we recommend that you configure a policer for high priority traffic using
the police command. If you configure the police command for priority queues, the traffic rate is policed
to the police rate for each of the priority queues.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

8-3

Chapter 8

Prioritizing Services

Child Service Policy Allowed Under Priority Class

You cannot configure the priority command and the priority level command on different classes in the
same policy map.

Feature History for Multi-Level Priority Queues


Cisco IOS Release

Description

Required PRE

Release 12.2(31)SB2

This feature was introduced and implemented on the


Cisco 10000 series router for the PRE3.

PRE3

Child Service Policy Allowed Under Priority Class


The Cisco 10000 series router supports the Child Service Policy Allowed Under Priority Class feature
in Cisco IOS Release 12.2(31)SB2. This feature allows you to attach a child policy with non-queuing
features to a priority class. The priority class must be in the middle-level policy of a three-level
hierarchical policy or in the parent policy of a two-level hierarchical policy (nested policy).
For more information, see the Child Service Policy Allowed Under Priority Class, Release 12.2(31)SB2
feature module.

Interfaces Supporting Priority Queuing


The following describes interface support for priority queuing using the priority command:
Interfaces Supporting the priority Command

Physical

Multilink PPP and Multilink Frame Relay

ATM shaped (peak cell rate is specified) unspecified bit rate (UBR) PVCs and point-to-point
subinterfaces

ATM constant bit rate (CBR) PVCs and point-to-point subinterfaces

ATM variable bit rate (VBR) PVCs and point-to-point subinterfaces

Label-controlled ATM (LC-ATM) subinterfaces *

Frame Relay PVCs, point-to-point subinterfaces, and map classes *

Ethernet VLANs *

* Requires a specific type of hierarchical policy. For more information, see Chapter 13, Defining QoS
for Multiple Policy Levels.

Note

The router only supports the priority command on outbound interfaces.


Interfaces Not Supporting the priority Command

ATM unshaped (no peak cell rate specified) UBR PVCs and point-to-point subinterfaces

IP tunnel

Virtual-access (See the VAI QoS Inheritance section on page 4-24.)

Cisco 10000 Series Router Quality of Service Configuration Guide

8-4

OL-7433-09

Chapter 8

Prioritizing Services
Queues per Policy Map

Note

The router does not support the priority command on inbound interfaces.

Queues per Policy Map


Table 8-1 lists the number of queues per policy map supported on the PRE2 and PRE3.
Table 8-1

Number of Queues per Policy Map

PRE

Queues Supported per Policy Map

PRE2

31 class queues

PRE3

1 priority level one queue


1 priority level two queue
12 class queues
1 default queue

Restrictions and Limitations for Priority Queuing

Each policy map can have only one priority class.

You cannot configure the random-detect or bandwidth commands with a priority service.

Restrictions for Multi-Level Priority Queues

You cannot configure both the priority command and the priority level command for two different
classes in the same policy map.

You cannot specify the same priority level for two different classes in the same policy map.

You cannot configure the default queue as a priority queue at any level. For example, the router
rejects the following configuration:
policy-map P1
class class-default
priority level 1

You cannot configure the bandwidth command and multi-level priority queuing on the same class.
For example, the router rejects the following configuration:
policy-map P1
class C1
priority level 1
bandwidth 200

You cannot configure the shape command and multi-level priority queuing on the same class. For
example, the router rejects the following configuration:
policy-map P1
class C1
priority level 1
shape average 56000

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

8-5

Chapter 8

Prioritizing Services

Configuring a Priority Queue

To convert a one-level (flat) service policy with multiple priority queuing configured to a
hierarchical multi-level priority queuing service policy, you must first detach the flat service policy
from the interface using the no service-policy command, and then add a child policy map to it.

Configuring a Priority Queue


To assign priority to a class in a policy map, enter the following commands beginning in global
configuration mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Specifies the name of the policy map and enters policy-map


configuration mode.
policy-map-name is the name of the policy map.

Step 2

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map. Enters
policy-map class configuration mode.
class-map-name is the name of a previously configured class
map and is the traffic class for which you want to define QoS
actions.

Step 3

Router(config-pmap-c)# priority

Assigns priority to the class you specified and reserves a


priority queue for class-based weighted fair queuing
(CBWFQ) traffic.
For Cisco IOS Release 12.0(25)S and Release 12.3(7)XI, and
later releases the priority command does not have any
arguments. You must use the police command to specify a
guaranteed bandwidth.
Releases prior to Cisco IOS Release 12.0(25)S and
Release 12.3(7)XI do not support the priority command
without any arguments. Use the following priority command
syntax for these releases to configure a priority queue and
specify a minimum guaranteed bandwidth (for example,
priority 56 or priority percent 20):
priority {bandwidth-kbps | percent percentage}

Step 4

Router(config-pmap-c)# police [cir] bps


[bc burst-normal] {pir pir} [be burst-excess]
[conform-action action [exceed-action action
[violate-action action]]]

Configures traffic policing and allows you to configure a rate


for the priority queue.
For more information, see Chapter 6, Policing Traffic.

Cisco 10000 Series Router Quality of Service Configuration Guide

8-6

OL-7433-09

Chapter 8

Prioritizing Services
Configuring Multi-Level Priority Queues

Configuring Multi-Level Priority Queues


To configure Multi-Level Priority Queues (MPQ) in a policy map, enter the following commands
beginning in global configuration mode:

Step 1

Command or Action

Purpose

policy-map policy-name

Creates or modifies a policy map. Enters policy-map


configuration mode.
policy-name is the name of the policy map.

Step 2

class class-name

Specifies a traffic class. Enters policy-map class


configuration mode.
class-name is the name of a previously configured traffic
class.

Step 3

priority level level

Assigns priority to a traffic class at the priority level


specified.
level level is the level of priority assigned to the priority
class. Valid values are 1 (high priority) and 2 (low priority).
Default: 1
Note

Do not specify the same priority level for two


different classes in the same policy map.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

8-7

Chapter 8

Prioritizing Services

Configuring Multi-Level Priority Queues

Step 4

Command or Action

Purpose

police [cir] bps [bc] burst-normal [pir pir]


[be] burst-excess [conform-action action]
[exceed-action action] [violate-action action]

(Optional) Configures bits per second-based traffic


policing.
(Optional) cir is the committed information rate and is
based on the interface shape rate. Indicates an average rate
at which the policer meters traffic.
bps specifies the average rate in bits per second (bps). Valid
values are from 8,000 to 2,488,320,000 bps.
(Optional) bc burst-normal is the normal or committed
burst (bc) size (in bytes) used by the first token bucket for
policing. Valid values are from 1 to 512,000,000. Default:
9,216
(Optional) pir pir is the peak information rate (PIR),
expressed as a percentage. The pir pir option indicates the
rate at which the second token bucket is updated. Valid
values are from 1 to 100.
(Optional) be burst-excess is the excess burst (be) size (in
bytes) used by the second token bucket for policing. Valid
values are from 0 to 1,024,000,000 bytes. Default: 0
(Optional) conform-action action specifies the action to
take on packets that conform to the rate limit. Default:
transmit
(Optional) exceed-action action specifies the action to take
on packets that exceed the rate limit (but not the PIR if
two-rate policing is configured). Default: drop
(Optional) violate-action action specifies the action to take
on packets that continuously exceed the PIR rate limit.
Default: same as the exceed-action
Note

Step 5

police [cir] percent percent [bc]


normal-burst-in-msec [pir pir]
[be] excess-burst-in-msec [conform-action
action] [exceed-action action] [violate-action
action]

You must specify burst-normal before you specify


burst-excess, burst-excess before conform-action,
conform-action before exceed-action, and
exceed-action before violate-action.

(Optional) Configures traffic policing based on a


percentage of bandwidth available on the interface.
(Optional) cir is the committed information rate. Indicates
an average rate at which the policer meters traffic. CIR is
based on the interface shape rate.
percent percent indicates to use the percentage of available
bandwidth specified in percent to calculate the CIR. Valid
values are from 1 to 100.
(Optional) pir pir is the peak information rate (PIR)
expressed as a percentage. The pir pir option indicates the
rate at which the second token bucket is updated. Valid
values are from 1 to 100.

Cisco 10000 Series Router Quality of Service Configuration Guide

8-8

OL-7433-09

Chapter 8

Prioritizing Services
Configuration Examples for Configuring Priority Queues

Configuration Examples for Configuring Priority Queues


This section provides the following configuration examples:

Configuring a Priority Queue with a Guaranteed Bandwidth Based on Kilobits per Second:
Example, page 8-9

Configuring a Priority Queue with a Percent-Based Bandwidth Guarantee: Example, page 8-9

Configuring Multi-Level Priority Queues: Example, page 8-10

Unacceptable MPQ Configurations: Examples, page 8-10

Configuring a Priority Queue with a Guaranteed Bandwidth Based on Kilobits


per Second: Example
Example 8-1 shows how to configure a priority queue with a guaranteed bandwidth of 8000 kbps. In the
example, the Voice1 class in the policy map named Gold is configured as the priority queue. The Gold
policy also includes the Voice2 class with a minimum bandwidth guarantee of 48 kbps. The Gold policy
is attached to PVC 0/101 on the outbound ATM subinterface 2/0/0.1.
Example 8-1

Priority Queuing Configuration

Router(config)# class-map Voice


Router(config-cmap)# match ip precedence 3
Router(config)# policy-map Gold
Router(config-pmap)# class Voice1
Router(config-pmap-c)# priority
Router(config-pmap-c)# police 8000
Router(config-pmap)# class Voice2
Router(config-pmap-c)# bandwidth 48
Router(config)# interface atm 2/0/0.1
Router(config-subif)# pvc 0/101
Router(config-atm-vc)# ubr 10000
Router(config-atm-vc)# service-policy output Gold

Configuring a Priority Queue with a Percent-Based Bandwidth Guarantee:


Example
Example 8-2 shows how to configure a priority queue with a minimum bandwidth guarantee based on a
percentage of the link bandwidth. In the example, the policy map named Premium has two traffic classes:
Class1 is configured as the priority queue and has a minimum guaranteed bandwidth of 25 percent of the
link bandwidth and Class2 has a minimum bandwidth guarantee of 48 kbps. The Premium service policy
is attached to the outbound ATM interface 1/0/0.
Example 8-2

Priority Queue with Bandwidth Percentage

Router(config)# class-map Class1


Router(config-cmap)# match ip dscp ef
Router(config)# policy-map Premium
Router(config-pmap)# class Class1
Router(config-pmap-c)# priority
Router(config-pmap-c)# police percent 25
Router(config-pmap)# class Class2

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

8-9

Chapter 8

Prioritizing Services

Configuration Examples for Configuring Priority Queues

Router(config-pmap-c)# bandwidth 48
Router(config)# interface atm 1/0/0
Router(config-subif)# service-policy output Premium

Configuring Multi-Level Priority Queues: Example


The following example shows how to configure multiple priority queues. The policy map named
Business has two traffic classes: Bronze and Gold. Bronze traffic has a level 2 (low) priority while Gold
traffic has level 1 (high) priority. To prevent bandwidth starvation of Bronze traffic, the Gold traffic is
policed at 30 percent of the interface bandwidth.
enable
config terminal
policy-map Business
class Bronze
priority level 2
police 1000
exit
class Gold
priority level 1
police percent 30

Note

Although a policer is not required, we recommend that you configure policing for priority traffic to
prevent bandwidth starvation of low priority traffic. When policing is configured, the traffic rate is
policed to the police rate for each of the priority queues.

Unacceptable MPQ Configurations: Examples


You cannot specify both the priority command and the priority level command for two different classes
in the same policy map. For example, the router does not accept the following configuration:
policy-map Map1
class Bronze
priority level 1
exit
class Gold
priority rate 1000

You cannot specify the same priority level for two different classes in the same policy map. For example,
the router does not accept the following configuration:
Router(config)# policy-map Map1
Router(config-pmap)# class Bronze
Router(config-pmap-c)# priority level 1
Router(config-pmap-c)# police percent 30
Router(config-pmap-c)# exit
Router(config-pmap)# class Gold
Router(config-pmap-c)# priority level 1
Router(config-pmap-c)# police 10000

Cisco 10000 Series Router Quality of Service Configuration Guide

8-10

OL-7433-09

Chapter 8

Prioritizing Services
Verifying and Monitoring Priority Queues

Verifying and Monitoring Priority Queues


The Cisco 10000 series router collects statistical information about the current priority queue length, and
the number of packets and bytes transmitted and dropped.
To verify and monitor the contents of the priority queue (such as queue depth and the first packet
queued), and to verify the configuration of multi-level priority queues and to display statistical
information for each priority level, enter any of the following commands in privileged EXEC mode:
Command

Purpose

Router# show policy-map policy-map-name

Displays the contents of the policy map you specify, including the
priority class.

Router# show policy-map interface interface

Displays statistical and configuration information about the input


and output policies attached to the interface you specify, and
indicates any dropped packets or bytes for the priority class.

Verification Examples for Priority Queues


This section provides the following verification examples:

Verifying a Priority Queue: Example, page 8-11

Verifying Multi-Level Priority Queues: Example, page 8-12

Verifying a Priority Queue: Example


Example 8-3 shows sample output from the show policy-map interface command. In the example, the
Business class is the priority queue and is policed at 8000 bps with committed bursts of 5000 bytes and
extended bursts of 6000 bytes.
Example 8-3

Verifying Priority Queuing

Router# show policy-map interface atm 3/0/0.532


ATM3/0/0.532: VC 5/32 Service-policy output: Gold
Class-map: Business (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: ip precedence 4
Output queue: 0/512; 0/0 packets/bytes output, 0/0 drops
Police:
8000 bps, 5000 limit, 6000 extended limit
conformed 0 packets, 0 bytes; action: transmit
exceeded 0 packets, 0 bytes; action: drop
violated 0 packets, 0 bytes; action: drop
Absolute priority
Class-map: Non-Business (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: ip precedence 3 5

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

8-11

Chapter 8

Prioritizing Services

Verification Examples for Priority Queues

Output queue: 0/64; 0/0 packets/bytes output, 0/0 drops


Bandwidth : 2000 kbps (Weight 25)
Class-map: class-default (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
Output queue: 0/256; 0/0 packets/bytes output, 0/0 drops

Verifying Multi-Level Priority Queues: Example


The following example shows sample output from the show policy-map interface command.
Router# show policy-map interface
Serial2/1/0
Service-policy output: P1
Queue statistics for all priority classes:
.
.
.
Class-map: Gold (match-all)
0 packets, 0 bytes/*Updated for each priority level configured.*/
5 minute offered rate 0 bps, drop rate 0 bps
Match: ip precedence 2
Priority: 0 kbps, burst bytes 1500, b/w exceed drops: 0
Priority Level 2:
0 packets, 0 bytes

Cisco 10000 Series Router Quality of Service Configuration Guide

8-12

OL-7433-09

Chapter 8

Prioritizing Services
Related Documentation

Related Documentation
This section provides hyperlinks to additional Cisco documentation for the features discussed in this
chapter. To display the documentation, click the document title or a section of the document highlighted
in blue. When appropriate, paths to applicable sections are listed below the documentation title.
Feature

Related Documentation

Bandwidth and priority queues

Comparing the Bandwidth and Priority Commands of a QoS Service


Policy

Bandwidth starvation

Cisco 10000 Series Router Quality of Service Configuration Guide


Prioritizing Services > Low-Latency Priority Queuing >
Bandwidth Starvation

Child Policy Under Priority Class

Child Service Policy Allowed Under Priority Class feature module,


Release 12.2(31)SB2

Congestion management

QoS Congestion Management (Queuing), Introduction

Multi-Level Priority Queues

Multi-Level Priority Queues feature module, Release 12.2(31)SB2

Priority Queuing

Cisco IOS Quality of Service Solutions Configuration Guide,


Release 12.2
Part 2: Congestion Management > Configuring Priority Queues
ATM Traffic Management, Troubleshooting Output Drops with
Priority Queuing tech note
Low Latency Queuing, Release 12.0S feature module
IP to ATM Class of Service, Low Latency Queuing
Low Latency Queuing, Release 12.0T feature module

priority command

Cisco IOS Quality of Service Solutions Command Reference,


Release 12.3T
Quality of Service Commands: O through P > priority

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

8-13

Chapter 8

Prioritizing Services

Related Documentation

Cisco 10000 Series Router Quality of Service Configuration Guide

8-14

OL-7433-09

CH A P T E R

Shaping Traffic
Managing the flow of data across your network helps to ensure network efficiency by maximizing
bandwidth and avoiding congestion. Manage network traffic using traffic policing and traffic shaping.
Using these tools, you can configure your system to effectively manage issues before an overload on the
network. Traffic policing uses rate-limiting to regulate traffic and traffic shaping regulates traffic by
shaping it to a specified rate. Deploying policing and shaping throughout your network helps to ensure
that a packet, or data source, conforms to the QoS policies contracted for it.
The Cisco 10000 series router supports traffic policing and shaping. This chapter describes traffic
shaping and includes the following topics:

Traffic Shaping, page 9-2

Differences Between Traffic Shaping Mechanisms, page 9-10

Bandwidth and Traffic Shaping, page 9-10

Differences Between Shaping and Policing, page 9-11

Advantages and Disadvantages of Shaping and Policing for Bandwidth Limiting, page 9-11

Modifying the VC Weight and the VP Shaping Parameters, page 9-12

Example Scenarios of Traffic Shaping Usage, page 9-12

Interfaces Supporting Traffic Shaping, page 9-13

Configuring Traffic Shaping, page 9-13

Verifying Traffic Shaping, page 9-17

Configuration Examples for Traffic Shaping, page 9-21

Related Documentation, page 9-22

For information about traffic policing, see Chapter 6, Policing Traffic.


For information about per-session traffic shaping and queuing, see Chapter 18, Regulating and Shaping
Subscriber Traffic.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

9-1

Chapter 9

Shaping Traffic

Traffic Shaping

Traffic Shaping
Traffic shaping is a tool used to manage network traffic by shaping the traffic to a specified rate. Traffic
shaping enables you to control access to available bandwidth, to ensure that traffic conforms to the
policies established for it, and to regulate the flow of traffic to avoid congestion that can occur when the
transmitted traffic exceeds the access speed of its remote target interface.
Traffic shaping uses a traffic descriptor for a packetindicated by the classification of the packetto
ensure that a packet, or data source, adheres to the policies contracted for it and to determine the QoS to
apply to the packet. Traffic shaping enables you to control the traffic leaving an interface, matching its
packet flow to the speed of a particular remote interface. By shaping a class of traffic to conform to
downstream requirements, you can eliminate bottlenecks in topologies with data-rate mismatches.
The Cisco 10000 series routers traffic shaping algorithm is not based on the token bucket model.
Therefore, the concepts of committed burst (Bc) and excess burst (Be) are not applicable. Because
shaping does not use token buckets, the router cannot gather shaping statistics. As a result, you cannot
display the amount of shaped traffic in relation to the amount of traffic forwarded unshaped.
Unlike traffic policing, shaping does not propagate bursts and is applied to only outbound traffic on an
interface. When congestion occurs, policing drops traffic whereas traffic shaping delays the excess
traffic using a buffer or queuing mechanism and then schedules the excess packets for later transmission
over increments of time. This results in a smooth packet output rate. Shaping requires a queue and
sufficient memory to buffer delayed packets. Since queuing is an outbound function, only packets
leaving an interface can be queued and shaped.
When configuring shaping, you must ensure that the following exists:

Sufficient memory to buffer delayed packets

Scheduling function for later transmission of delayed packets

The Cisco 10000 series router supports the following types of traffic shaping:

Class-Based ShapingEnables you to shape a class of traffic to control the flow of traffic on an
interface. A service policy that defines shaping for a particular traffic class is attached to an
interface. Shaping is applied on a per-class basis. For more information, see the Class-Based
Traffic Shaping section on page 9-3.

Hierarchical ShapingProvides two levels of shapingper-VC ATM-level shaping and per-VC


packet-level shapingand provides per-VC and per-VP traffic shaping to control or modify the flow
of traffic on an interface. Traffic shaping ensures that traffic from one VC does not adversely impact
another VC and result in loss of data. For more information, see the Hierarchical Shaping section
on page 9-4.

Percentage-Based ShapingProvides the ability to configure traffic shaping on the basis of a


percentage of bandwidth available on an interface. For more information, see the Percentage-Based
Traffic Shaping section on page 9-8.

Frame Relay Traffic Shaping (FRTS)Shapes traffic on Frame Relay interfaces. Using FRTS,
service providers can organize traffic into per-data-link connection identifier (DLCI) queues, and
shape each DLCI separately. For more information, see the Frame Relay Traffic Shaping section
on page 9-8.

Note

FRTS is available only on the PRE1.

Cisco 10000 Series Router Quality of Service Configuration Guide

9-2

OL-7433-09

Chapter 9

Shaping Traffic
Traffic Shaping

Feature History for Traffic Shaping


Cisco IOS Release

Description

Required PRE

Release 12.0(17)SL

The Traffic Shaping feature was introduced on the router PRE1


to provide generic traffic shaping and Frame Relay Traffic
Shaping (FRTS).

Release 12.0(25)SX

This feature was enhanced to include the Class-based


Traffic Shaping feature.

PRE1

Release 12.2(16)BX

This feature was introduced on the PRE2 to provide


Class-based Traffic Shaping.

PRE2

Release 12.3(7)XI

This feature was enhanced on the PRE2 to include the


Hierarchical Shaping feature and the ATM VC/VP
Shaping feature, enabling you to shape traffic at both the
VC-level and VP-level.

PRE2

Release 12.2(28)SB

This feature was integrated in Cisco IOS


Release 12.2(28)SB for the PRE2.

PRE2

Release 12.2(31)SB2

This feature was introduced on the PRE3 to provide


Class-based Traffic Shaping, Hierarchical Shaping, and
Percentage-based Shaping.

PRE2, PRE3

Release 12.2(33)SB

This feature was introduced on the PRE4 to provide


Class-based Traffic Shaping, Hierarchical Shaping, and
Percentage-based Shaping.

PRE2, PRE3,
PRE4

Class-Based Traffic Shaping


Class-based traffic shaping allows you to control the traffic going out an interface in order to match its
transmission to the speed of the remote target interface and to ensure that the traffic conforms to policies
contracted for it. Class-based traffic shaping creates a class of traffic that is shaped to meet downstream
requirements, thereby eliminating bottlenecks in topologies with data-rate mismatches.
Any interface that supports generic traffic shaping also supports class-based shaping. Using class-based
traffic shaping, you can do the following:

Configure generic traffic shaping on a traffic classConfiguring generic traffic shaping on traffic
classes provides greater flexibility for configuring traffic shaping. Previously, this ability was
limited to the use of ACLs.

Specify average rate traffic shapingSpecifying average rate shaping allows you to make better use
of available bandwidth by allowing the maximum number of bits to be sent out in each interval. This
option is only supported on the PRE3.

CBWFQ allows you to define what constitutes a class based on criteria that exceed the confines of
flow. CBWFQ allows you to use ACLs and protocols or input interface names to define how traffic
is classified, thereby providing coarser granularity. You do not need to maintain traffic classification
on a flow basis. Moreover, you can configure up to 64 discrete classes in a service policy.

Configure class-based weighted fair queueing (CBWFQ) inside generic traffic shapingCBWFQ
allows you to specify the exact amount of bandwidth to be allocated for a specific class of traffic.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

9-3

Chapter 9

Shaping Traffic

Traffic Shaping

Feature History for Class-Based Traffic Shaping


Cisco IOS Release

Description

Required PRE

Release 12.0(25)SX

The Class-Based Traffic Shaping feature was introduced


on the router.

PRE1

Release 12.2(16)BX

This feature was introduced on the PRE2.

PRE2

Release 12.2(28)SB

This feature was integrated in Cisco IOS


Release 12.2(28)SB for the PRE2.

PRE2

Release 12.2(31)SB2

This feature was introduced on the PRE3.

PRE3

System Limits for Class-Based Shaping


Table 3-1 on page 3-2 lists the system limits for policy maps supported on the Cisco 10000 series router.

Restrictions and Limitations for Class-Based Shaping

A single policy map can be attached to multiple interfaces concurrently. If you attempt to attach a
policy map to an interface when the sum of the bandwidth assigned to classes is greater than 99
percent of the available bandwidth, the router logs a warning message and does not allocate the
requested bandwidth to all of the classes. If the policy map is already attached to other interfaces, it
is removed from them.

Whenever you modify a class policy in an attached policy map, class-based weighted fair queuing
(CBWFQ) is notified and the new classes are installed as part of the policy map in the CBWFQ
system.

Hierarchical Shaping
Hierarchical shaping provides two levels of shapingper-VC ATM-level shaping and per-VC
packet-level shapingand provides per-VC and per-VP traffic shaping to control or modify the flow of
traffic on an interface. Traffic shaping limits throughput by buffering excess traffic instead of dropping
packets. The shaping function also ensures that traffic from one VC does not adversely impact another
VC, resulting in loss of data.
The Cisco 10000 series router supports hierarchical shaping for the following ATM line cards:

OC-12

4-port OC-3

8-port E3/DS3

The router supports hierarchical shaping when operating as a Layer 2 Access Concentrator (LAC) and
in the following modes:

PPP termination and aggregation (PTA)

Router bridge encapsulation (RBE)

RFC 1483

Hierarchical shaping does not require that you configure policy maps. You can use hierarchical shaping
with non-queuing related policy maps configured in a virtual template or configured directly on the VC.
Apply queuing-related policy maps directly to the VC.

Cisco 10000 Series Router Quality of Service Configuration Guide

9-4

OL-7433-09

Chapter 9

Shaping Traffic
Traffic Shaping

Hierarchical shaping supports the range pvc command to define shaping for a range of PVCs and the
vc-class atm command to create a VC class with shaping defined for a PVC.

Feature History for Hierarchical Shaping


Cisco IOS Release

Description

Required PRE

Release 12.3(7)XI

The Hierarchical Shaping and ATM VC/VP Shaping


features were introduced on the router.

PRE2

Release 12.2(28)SB

This feature was integrated in Cisco IOS


Release 12.2(28)SB for the PRE2.

PRE2

Release 12.2(31)SB2

This feature was introduced on the PRE3.

PRE3

VP-Level Shaping
The segmentation and reassembly (SAR) mechanism of the Cisco 10000 series router handles VP-level
shaping functions, based on the aggregate VP traffic. VP shaping regulates the output rate of the VP
tunnel, rather than the output rate of the individual VCs. The SAR limits the rate of the overall output of
the VP tunnel to the constant bit rate (CBR) with a peak cell rate (PCR) specified for the tunnel that is
compliant with VP-level shaping requirements.
The SAR sends the cells (from the VCs in the VP tunnel) into the tunnel based on a weighted round robin
format. The weight indicates the number of cells a VC can send into the tunnel before the SAR processes
the next VC. The line card software programs a weight that is proportional to the VCs rate. Only
variable bit rate (VBR) VCs are allowed in the tunnel.

VC-Level Shaping
The parallel express forwarding (PXF) engine of the Cisco 10000 series router handles the VC-level
shaping functions. The PXF shapes the VCs at the packet level, including all ATM overheads based on
the sustained cell rate (SCR). VC-level shaping ensures that the VC traffic stream averages to be no
greater than the SCR, but is not compliant with ATM level instantaneous shaping requirements.

Shaped UBR PVCs


Prior to Cisco IOS Release 12.3(7)XI2, you could configure shaped unspecified bit rate (UBR) PVCs
only when the no atm pxf queuing command is configured. In Cisco IOS Release 12.3(7)XI2 and later
releases, you can configure shaped UBR PVCs when the atm pxf queuing command is configured.
When you specify shaped UBR, the router sets up layer 3 scheduling for the UBR VC in the same fashion
as VBR and CBR VCs. The VC has its own VTMS link and a set of queues assigned to it. The rate of
the link is based on the PCR you specify. Flowbits are assigned to the VC. Unlike VBR and CBR VCs,
only a single flowbit is assigned to the VC; it is not based on rate.
Like VBR and CBR VCs, the shaped UBR VCs can have queuing service policies applied to them. The
UBR VCs are not subject to any CAC checks, but the number of shaped UBR VCs must be within
existing limits, which include the maximum number of VCs per system, maximum number of VCs per
port, and maximum number of VCs with flowbits.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

9-5

Chapter 9

Shaping Traffic

Traffic Shaping

Shaped UBRs on the ATM OC-12 Line Card


On an ATM OC-12 line card, when you configure UBR PVCs with a shaped value (UBR-PCR) and the
shaped value is greater than one-half of the line rate (for example, 299,520 Kbps), the following
limitations apply:

The number of VCs the OC-12 line card supports is up to one-half of the VC scaling limit of 16,384
VCs. Cisco IOS software counts each UBR-PVC above 299,520 as two VCs. Therefore, the active
VC count must be maintained at the following:
16,384 > (number of VCs at 299,520 and above * 2) + (number of VCs below 299,520)
At any time, if more VCs are active than the allowed number above, the SAR on the line card leaks
buffers, which results in a reduced buffer pool for active VCs and the SAR might fail if enough
buffers are lost. To recover the lost buffers, reboot the system.

The router allows you to enter shaping values between 299,520 and 599,040, which the SAR does
not support. The SAR performs shaping in the range of 599,040 and 299,520 to 299,538. If you
configure a shaping value between 299,528 and 399,032, the shape rate the SAR returns is unclear.

If you initially set a shaping rate of 599,040 and then change to another rate, or you initially
configure a shape rate and change to a rate of 599,040, the router accepts the command and the show
commands display the new rate. However, the SAR does not perform shaping correctly until the next
reload.
If you change the shaping rate from 599,040 to a lower rate, the LP shaper in VTMS allows the
average rate to be met. However, during traffic bursts, ATM-level shaping is not accurate.

How Hierarchical Shaping Works


The virtual time management system (VTMS) provides a single stage shaper at the packet level (IP plus
the appropriate MAC header) and the segmentation and reassembly (SAR) mechanism provides a single
stage shaper at the cell level. You can configure the SAR to shape and schedule at the VC level or VP
level. However, the SAR cannot shape and schedule at both the VC and VP levels simultaneously (for
example, shaping an individual VC and then shaping the aggregate VCs into a VP). When configured to
perform VP shaping, the SAR is configured with permanent virtual path (PVP) parameters.
Hierarchical shaping combines the single-stage VTMS and SAR mechanisms to provide a simultaneous
VC and VP shaping solution. When using hierarchical shaping, VC shaping occurs at the packet level
(using the VTMS) with the ATM VC functioning as a link scheduling mechanism.
From the perspective of the command line interface (CLI), you configure the shaped VC the same way
as you configure a regular VBR-nrt VC. Hierarchical shaping uses the CLI values you enter to configure
VTMS traffic shaping instead of SAR shaping. The VTMS schedules packets at the configured bit rate
for transmission to the appropriate line card SAR.
You configure the VP as a PVP. When you configure the VP as a constant bit rate (CBR) VP service,
hierarchical shaping uses the CLI values you enter to configure the SAR for ATM-based cell scheduling.
Hierarchical shaping shapes the ATM VC at the AAL5 packet layer on the parallel express forwarding
(PXF) processor using the VTMS. (Normally, the SAR provides this function at the cell layer in
non-PVP configurations.) The VTMS shapes the VC at the sustained cell rate (SCR) for VBR-nrt VCs
and at the peak cell rate (PCR) for CBR VCs. The VTMS uses the virtual path identifier (VPI) and the
virtual channel identifier (VCI) of VCs to associate shaped VCs with the appropriate PVP. The VTMS
places all VCs with the same VPI value in a common PVP and schedules the VCs to the SAR.

Cisco 10000 Series Router Quality of Service Configuration Guide

9-6

OL-7433-09

Chapter 9

Shaping Traffic
Traffic Shaping

The SAR uses weighted round-robin scheduling to schedule the PVP VCs onto the wire. The SAR also
does the following:

Assigns high rate VCs a high weighting

Ensures that cells are scheduled in accordance with the configured rate of the PVP

Offers per-VC buffering to accommodate small bursts at the VC packet level

Ensures that transmitted cells conform to ATM transmission standards, including cell delay
variation tolerance (CDVT)

The priority of the PVP is the same as the priority of CBR VCs on an interface. If the physical interface
experiences congestion, the PVPs and any CBR VC have priority over VBR-nrt VCs and unspecified bit
rate (UBR) VCs.

Hierarchical Shaping and Oversubscription


You can oversubscribe the PVP bandwidth by configuring the VCs in such a way that the sum of the VCs
bandwidths exceeds the configured rate of the PVP. The atm over-subscription-factor command is used
to configure oversubscription. This command sets up flow-control between the SAR and the VTMS, and
provides Caller Admission Control (CAC) based on the configured oversubscription value. Valid values
for oversubscription are from 0 (no oversubscription allowed) to 10.
You cannot oversubscribe the physical interface by oversubscribing the interfaces PVPs. For a given
interface, the sum of the PVPs bandwidth must be less than or equal to the physical interface speed,
minus the appropriate overhead. PVPs are subject to the same CAC mechanisms as the VCs.
The current oversubscription mechanism is optimized for VC-level fairness. When PVP congestion
occurs, the router cannot guarantee bandwidth allocation to an IP traffic class on a given VC.
The current oversubscription mechanism is optimized for VCsit is not designed to handle PVP
congestion. If VCs are oversubscribed and PVP congestion occurs, VC shaping accuracy and bandwidth
distribution can degrade.

Active ATM VCs


Table 9-1 lists the maximum number of active VCs supported on ATM line cards when configured for
hierarchical shaping.
Table 9-1

Active VCs on ATM Line Cards

Line Card

Maximum VCs per Port

Maximum VCs per Module

VBR, CBR, Shaped UBR VCs

E3/DS3

4,096

32,768

28,672

OC-3

8,192

32,768

28,672

OC-12

16,384

16,384

16,384

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

9-7

Chapter 9

Shaping Traffic

Traffic Shaping

Restrictions and Limitations for Hierarchical Shaping

The Cisco 10000 series router supports a maximum of 31,500 VCs when hierarchical shaping is
enabled.

You can configure a maximum of 127 VP tunnels for each ATM line card, configured across the
ports in any fashion.

You can configure the maximum number of VCs across the ports in any fashion, provided that you
do not exceed the per-port maximum.

You must have the atm pxf queuing command configured on the port. If not, the SAR still does VP
shaping and the VCs are sent to the tunnel based on a weighted round robin format; however, the
PXF does not shape the VCs. The default queuing mode for a port is atm pxf queuing.

Only variable bit rate (VBR) VCs are allowed in the VP tunnel. You cannot configure unspecified
bit rate (UBR) VCs or constant bit rate (CBR) VCs in the tunnels.

Congestion is not handled at the VP tunnel or at the port. During congestion, shaping is degraded.

During congestion at the port-level, shaping degrades to simple round robin for all VPs contending
for the ports capacity; shaping is not weighted based on the rate of the VPs.

Percentage-Based Traffic Shaping


Percentage-based shaping allows you to configure traffic shaping on the basis of a percentage of
bandwidth available on the interface. Instead of using a strict fixed-rate for shaping, percentage-based
shaping allows you to offer a shaping service that dynamically adjusts to an interface rate based on the
shape percent command configured in a policy map.

History for the Percentage-Based Shaping Feature


Cisco IOS Release

Description

Release 12.2(31)SB2 This feature was introduced on the PRE3.

PRE Required
PRE3

Frame Relay Traffic Shaping


Note

Frame Relay traffic shaping (FRTS) is available only on the PRE1.


Frame Relay traffic shaping (FRTS) is a shaping mechanism used to eliminate bottlenecks in Frame
Relay networks with high-speed connections at the central site and low-speed connections at the branch
sites. Using FRTS, you can configure rate enforcement to either the committed information rate (CIR)
or some other defined value, such as the excess information rate, on a per-VC basis. The ability to allow
the transmission speed used by the router to be controlled by criteria other than line speed (that is, by
the CIR or the excess information rate) provides the mechanism by which multiple VCs can share media.
By allocating bandwidth to each VC, you create a virtual time-division multiplexing (TDM) network.
Defining a priority queue (PQ) or weighted fair queue (WFQ) at the VC or subinterface level allows for
finer granularity in the prioritization and queuing of traffic. As a result, you have more control over the
traffic flow on an individual VC.

Cisco 10000 Series Router Quality of Service Configuration Guide

9-8

OL-7433-09

Chapter 9

Shaping Traffic
Traffic Shaping

Using information contained in the BECN-tagged packets received from the network, FRTS can
dynamically throttle (decrease) traffic. When an interface configured with FRTS receives a BECN, it
immediately decreases its maximum rate and holds the packets in the buffers of the router to reduce the
data flow from the router into the Frame Relay network. If, after several intervals, the interface has not
received another BECN and traffic is waiting in the queue, the maximum rate increases slightly. FRTS
decreases traffic on a per-VC basis and adjusts the transmission rate based on the number of
BECN-tagged packets received. The dynamically adjusted maximum rate is called the derived rate.
The derived rate is always between the upper bound and the lower bound rate configured on the interface.
For more information, see the Configuring Frame Relay Traffic Shaping section on page A-5.

Feature History for Frame Relay Traffic Shaping


Cisco IOS Release

Description

Required PRE

Release 12.0(17)SL

The Frame Relay Traffic Shaping (FRTS) feature was


introduced on the router.

PRE1

Restrictions and Limitations for Frame Relay Traffic Shaping

Frame Relay traffic shaping applies only to Frame Relay PVCs.

Configuration Commands for Traffic Shaping


The following commands are used to configure class-based and hierarchical shaping (see the Cisco IOS
command reference documentation):

shape

shape percent

atm pvp

pvc

vbr-nrt

For information about configuring Frame Relay and Generic Traffic Shaping using Frame Relay legacy
commands, see the Configuring Frame Relay Traffic Shaping section on page A-5.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

9-9

Chapter 9

Shaping Traffic

Differences Between Traffic Shaping Mechanisms

Differences Between Traffic Shaping Mechanisms


Table 9-2 describes the differences between traffic shaping mechanisms.
Table 9-2

Comparison of Traffic Shaping Mechanisms

Shaping Type

Shaping Queue

Applies Parameters

Class-Based Shaping

Class-based weighted fair queuing (CBWFQ)


inside generic traffic shaping

Per interface or per class

Not Applicable

Per VC and per VP

Hierarchical Shaping
Frame Relay Traffic Shaping (FRTS)

Weighted fair queue (WFQ), strict priority queue All virtual circuits (VCs) on an
with WFQ, custom queue (CQ), priority queue
interface through the inheritance
(PQ), or First-In-First-Out (FIFO) per VC
mechanism or per DLCI

1. Available only on the PRE1.

Bandwidth and Traffic Shaping


The router uses class queues to allocate bandwidth, first servicing priority queue traffic followed by
either bandwidth guarantee or bandwidth remaining queue traffic. By default, a minimum bandwidth
guaranteed queue has buffers for up to 50 milliseconds of 256-byte packets at line rate, but not less than
32 packets. The router does not ensure latency characteristics for bandwidth queues.
The router can commit up to 99 percent of the interface bandwidth to one or more class queues. If you
attempt to attach a policy map to an interface when the sum of the bandwidth assigned to classes is
greater than 99 percent of the available bandwidth, the router logs a warning message and does not
allocate the requested bandwidth to all of the classes. If the policy map is already attached to other
interfaces, it is removed from them.
Bandwidth includes the Layer 2 header and payload, and two bytes of trailer.

On ATM networks, the bandwidth is cell-based and includes Layer 2 overhead and cell overhead
(for example, it includes the cell overhead for SNAP and AAL5, the cell header, the AAL5 trailer,
and AAL5 padding).

On Frame Relay networks with link fragmentation and interleaving (LFI) enabled, bandwidth is
based on fragments with Layer 2 overhead included.

For a physical interface, the total bandwidth is the bandwidth of the physical interface. The router
converts the minimum bandwidth that you specify to the nearest multiple of 1/255 (PRE1) or 1/65535
(PRE2) of the interface speed. When you request a value that is not a multiple of 1/255 or 1/65535, the
router chooses the nearest multiple. Use the show policy-map interface command to display the actual
bandwidth.
The bandwidth percentage is based on the interface bandwidth. In a hierarchical policy, the bandwidth
percentage is based on the nearest parent shape rate.

Cisco 10000 Series Router Quality of Service Configuration Guide

9-10

OL-7433-09

Chapter 9

Shaping Traffic
Differences Between Shaping and Policing

Differences Between Shaping and Policing


Table 9-3 describes the differences between shaping and policing for bandwidth limiting.
Table 9-3

Comparison of Shaping and Policing for Bandwidth Limiting

Criteria

Shaping

Policing

Primary Function

Buffers and queues excess packets above the


committed rates.

Drops or remarks excess packets above


the committed rates.
Does not buffer.

Token Value

Bits per second (bps)

Bytes

Applicable on Inbound

No

Yes

Applicable on Outbound

Yes

Yes

Bursts

Controls bursts by smoothing the output rate.

Propagates bursts.

Uses a leaky bucket to delay traffic, resulting in Does no smoothing.


a smoothing effect.
Optional Packet Remarking

No

Yes (using the legacy committed access


rate (CAR) feature)

Advantages and Disadvantages of Shaping and Policing for


Bandwidth Limiting
As the following describes, shaping and policing both have advantages and disadvantages for limiting
bandwidth:
Advantages

Shaping
Buffers excess packets, therefore, less likely to drop excess packets.
Buffers packets up to the length of the queue. Drops may occur if excess traffic is sustained at

a high rate.
Typically avoids retransmissions due to dropped packets.

Policing
Controls the output rate through packet drops.
Avoids delays resulting from queuing.

Disadvantages

Shaping
Can introduce delay resulting from queuing (especially when deep queues are used).

Policing
Drops excess packets (when configured), throttles TCP window sizes, and reduces the overall

output rate of affected traffic streams.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

9-11

Chapter 9

Shaping Traffic

Modifying the VC Weight and the VP Shaping Parameters

Overly aggressive burst sizes can lead to excess packet drops and throttle the overall output rate

(particularly with TCP-based flows).

Modifying the VC Weight and the VP Shaping Parameters


In Cisco IOS Release 12.3(7)XI1, when you change the weight of a VC or the VP shaping parameters,
the SAR mechanism brings down the VC or VP and the session goes down.
In Cisco IOS Release 12.3(7)XI2 and later releases, you can change the VC weight, VP shaping
parameters, or VC shaping parameters without affecting the state of the VC or VP. Instead, the VC and
VP remain up and operational.
The dynamic parameters include the following:

ATM VP parameters such as peak cell rate (PCR) and cell delay variation tolerance (CDVT)

VC parameters such as weight, PCR, sustained cell rate (SCR), maximum burst size (MBS), and
CDVT

If VC members of a VP do not have a configured weight and you dynamically modify the VP rate, the
router dynamically adjusts the weight of the member VCs based on the associated tunnels new rate. The
member VCs remain up as their weights are dynamically modified.
If you dynamically modify the tunnel VCs shaping parameters (for example, the PCR or SCR), the
router adjusts the weight of the tunnel VC based on the VC speed if no weight is configured for the VC.
If a VC weight is configured, the router adjusts the weight of the tunnel VC based on the configured
weight.

Example Scenarios of Traffic Shaping Usage


Traffic shaping is primarily used to control access to available bandwidth, to ensure that traffic conforms
to the policies established for it, and to regulate the flow of traffic to avoid congestion that can occur
when the transmitted traffic exceeds the access speed of its remote target interface.
The following describe scenarios in which you can apply traffic shaping to interfaces to regulate traffic:

Controlling access to bandwidthA policy stipulates that the rate of a given interface should not,
on the average, exceed a certain rate, even though the access rate exceeds the speed.

Differing access rates defined in a networkOne end of a link in a Frame Relay network runs at
256 kbps and the other end of the link runs at 128 kbps. Sending packets at 256 kbps could cause
failure of the applications using the link.

Differing access rates defined on different DTEsA link-layer network is giving indications of
congestion. The network has differing access rates defined on different DTEs attached to the
network. The network might be able to deliver more transit speed to a given DTE device at one time
than another. (This scenario warrants that the token bucket be derived and then its rate maintained.)

Offering subrate servicesIf you offer a subrate service, traffic shaping enables you to partition T1
or T3 links into smaller channels.

Preventing packet lossTraffic shaping prevents packet loss. Using traffic shaping is especially
important in Frame Relay networks because the switch cannot determine which packets take
precedence. As a result, the switch cannot determine which packets to drop when congestion occurs.
It is critically important for real-time traffic that latency be bounded, thereby bounding the amount
of traffic and traffic loss in the data link network at any given time by keeping the data in the router

Cisco 10000 Series Router Quality of Service Configuration Guide

9-12

OL-7433-09

Chapter 9

Shaping Traffic
Interfaces Supporting Traffic Shaping

that is making the guarantees. Retaining the data in the router allows the router to prioritize traffic
according to the guarantees it is making. (Packet loss can result in detrimental consequences for
real-time and interactive applications.)

Interfaces Supporting Traffic Shaping


The following describes interface support for traffic shaping:
Interfaces Supporting Traffic Shaping

Physical

Multilink PPP and multilink Frame Relay

ATM variable bit rate (VBR) and constant bit rate (CBR) PVCs, and point-to-point subinterfaces

Label-controlled ATM (LC-ATM) subinterfaces *

Frame Relay permanent virtual circuits (PVCs), point-to-point subinterfaces, and map classes **

Ethernet VLANs **

* Requires a specific type of hierarchical policy or a policy map with only the class-default class defined.
The class-default class must have the shape command configured.
** Requires a specific type of hierarchical policy. For more information, see Chapter 13, Defining QoS
for Multiple Policy Levels.

Note

The router supports traffic shaping only on outbound interfaces.


Interfaces Not Supporting Traffic Shaping

Note

ATM unspecified bit rate (UBR) PVCs and point-to-point subinterfaces

IP tunnel

Virtual-access (See the VAI QoS Inheritance section on page 4-24.)

The router does not support traffic shaping on inbound interfaces.

Configuring Traffic Shaping


To configure traffic shaping, perform the following configuration tasks:

Shaping a Traffic Class, page 9-14

Shaping Traffic at the VC-Level and Virtual Path-Level, page 9-15

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

9-13

Chapter 9

Shaping Traffic

Configuring Traffic Shaping

Shaping a Traffic Class


To shape a traffic class to control the flow of traffic on an interface, enter the following commands
beginning in global configuration mode:

Note

Step 1

These steps configure class-based traffic shaping, which can be applied to interfaces, subinterfaces, VCs,
and DLCIs.

Command

Purpose

Router(config)# policy-map policy-map-name

Creates or modifies a policy map.


policy-map-name is the name of the child policy map. The
name can be a maximum of 40 alphanumeric characters.

Step 2

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map. Enters
policy-map class configuration mode.
class-map-name is the name of a previously configured class
map and is the traffic class you want to shape.

Step 3

Router(config-pmap-c)# shape [average] cir


or
Router(config-pmap-c)# shape [average]
percent percentage [be excess-burst-in-msec
ms] [bc committed-burst-in-msec ms]

Shapes traffic to the rate you specify, or shapes traffic based


on the percentage of available bandwidth you specify.
average is the committed burst (Bc) that specifies the
maximum number of bits sent out in each interval. This
option is only supported on the PRE3.
cir specifies the committed information rate (CIR), in bits per
second (bps).
percent percentage specifies the percentage of available
bandwidth to allocate.
(Optional) be excess-burst-in-msec ms is the excess (peak)
burst (be) size in milliseconds (ms).
(Optional) bc committed-burst-in-msec ms is the committed
(conform) burst (bc) size in milliseconds (ms).

Step 4

Router(config-pmap-c)# shape max-buffers


number-of-buffers

(Optional) Specifies the maximum number of buffers allowed


on shaping queues.
number-of-buffers specifies the maximum number of buffers.
Valid values are from 1 to 4096.

Step 5

Router(config-pmap-c)# service-policy
policy-map-name

(Optional) Applies the child policy map you specify to the


traffic class. The router applies the QoS actions specified in
the child policy to the traffic class.
policy-map-name is the name of the child policy.
Note

Do not specify the output or input keywords.

For more information, see Chapter 13, Defining QoS for


Multiple Policy Levels.

Cisco 10000 Series Router Quality of Service Configuration Guide

9-14

OL-7433-09

Chapter 9

Shaping Traffic
Configuring Traffic Shaping

Shaping Traffic at the VC-Level and Virtual Path-Level


To shape traffic at the VC-level and simultaneously shape traffic at the virtual path (VP)-level, enter the
following commands beginning in global configuration mode:

Note

Step 1

These steps configure hierarchical shaping. Use these commands to shape an individual VC and then
shape the aggregate VCs into a VP.

Command

Purpose

Router(config)# interface atm


slot/module/port

Creates or modifies an ATM interface. Enters interface


configuration mode.
slot/module/port is the interface number.

Step 2

Router(config-if)# atm
over-subscription-factor factor

(Optional) Enables oversubscription on ATM virtual circuits and


specifies the factor by which the sum of the sustained cell rate
(SCR) values of all VCs in a tunnel can oversubscribe the tunnels
peak cell rate (PCR).
factor specifies the amount of oversubscription. Valid values are
from 1 to 500. The default value is 1, which indicates no
oversubscription.

Step 3

Router(config-if)# atm pvp vpi


[peak-rate] [cdvt]

Creates a permanent virtual path (PVP) used to multiplex (or


bundle) one or more virtual circuits (VCs).
vpi is the ATM network virtual path identifier (VPI) of the VC.
Valid values are 0 to 255. The vpi value is unique only on a single
link, not throughout the ATM network because it has local
significance only.
Note

The number specified for the vpi must not already exist. If
the number specified is already being used by an existing
VC, the router rejects this command.

(Optional) peak-rate is the maximum rate in kbps at which the


PVP can transmit data. Valid values are 84 kbps to line rate. The
default is the line rate.
(Optional) cdvt is the cell delay variation tolerance (CDVT).
Step 4

Router(config-if)# interface atm


slot/module/port.subinterface
[point-to-point | multipoint]

Creates or modifies an ATM subinterface.


slot/module/port.subinterface is the number of the subinterface
that identifies the subinterface.
point-to-point indicates that the subinterface is a point-to-point
subinterface.
multipoint indicates that the subinterface is a point-to-multipoint
subinterface.

Step 5

Router(config-if)# pvc vpi/vci

Creates an ATM permanent virtual circuit (PVC) and enters ATM


virtual circuit configuration mode.
vpi is the virtual path identifier.
vci is the virtual channel identifier.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

9-15

Chapter 9

Shaping Traffic

Configuring Traffic Shaping

Step 6

Command

Purpose

Router(config-if-atm-vc)# vbr-nrt
output-pcr output-scr output-mbs

Enables shaping on the ATM PVC and configures variable bit


rate-nonreal time (VBR-NRT) quality of service (QoS).
output-pcr is the peak cell rate (PCR) for outbound traffic.
output-scr is the sustained cell rate (SCR) for outbound traffic.
(Optional) output-mbs is the output maximum burst cell size, in
number of cells.

Step 7

Router(config-if-atm-vc)# encapsulation
{aal5mux ppp virtual-template number |
aal5ciscoppp virtual-template number |
aal5snap}

Configures the ATM adaptation layer (AAL) and encapsulation


type for an ATM virtual circuit (VC).
aal5mux ppp specifies the AAL and encapsulation type for
multiplex (MUX)-type VCs. The keyword ppp is Internet
Engineering Task Force (IETF)-compliant PPP over ATM. It
specifies the protocol type being used by the MUX encapsulated
VC.
aal5ciscoppp specifies the AAL and encapsulation type for Cisco
PPP over ATM.
aal5snap specifies the AAL and encapsulation type that supports
Inverse ARP. Logical Link Control/Subnetwork Access Protocol
(LLC/SNAP) precedes the protocol datagram.
virtual-template number is the number used to identify the
virtual template.

Step 8

Router(config-atm-vc)# queue-depth hwm


lwm

(Optional) Defines the queue-depth size by setting the high and


low watermarks. This ensures the correct shaping of traffic.
hwm is the high watermark. The value you specify is not required
to be higher than 288.
lwm is the low watermark. The value you specify is not required
to be higher than 256.
For information about the default high and low watermark values,
see the High Watermark and Low Watermark Default Values
section on page 15-25.
Note

The values for high and low watermarks of a VC queue


depend greatly on the queues configuration, its purpose,
and usage. We recommend that you configure watermark
values small enough so as to avoid exhausting the line
card buffer. When the queues exhaust the buffer, packets
are randomly dropped, which can cause the loss of critical
system traffic.

Cisco 10000 Series Router Quality of Service Configuration Guide

9-16

OL-7433-09

Chapter 9

Shaping Traffic
Verifying Traffic Shaping

Configuration Example for Traffic Shaping at the VC-Level and the VP-Level
Example 9-1 configures hierarchical shaping and shapes traffic at the VC-level and the VP-level. In the
example, shaping is enabled on PVC 1/36 on ATM interface 5/0/0.
Example 9-1

Configuring Traffic Shaping at the VC-Level and the VP-Level

Router(config)# interface atm 5/0/0


Router(config-if)# atm over-subscription-factor 50
Router(config-if)# atm pvp 1 1000 cdvt 600
Router(config-if)# pvc 1/36
Router(config-atm-vc)# vbr-nrt 1000 512
Router(config-atm-vc)# encapsulation aal5mux ppp Virtual-Template1
Router(config-atm-vc)# queue-depth 288 256
Router(config-atm-vc)# exit

Verifying Traffic Shaping


To verify the configuration of traffic shaping, enter any of the following commands in privileged EXEC
mode:
Command

Purpose

Router# show atm vp [vpi]

Displays the statistics for all virtual paths (VPs) on an interface


or for a specific VP.
(Optional) vpi is the ATM network virtual path identifier (VPI)
for the permanent virtual path (PVP). Valid values are from 0 to
255. The VPI is an 8-bit field in the header of the ATM cell.

Router# show atm vc [vcd] [interface


interface-number]

Displays all ATM permanent virtual circuits (PVCs) and traffic


information.
(Optional) vcd specifies a virtual circuit. When you specify vcd,
information about only the specified virtual circuit displays.
(Optional) interface interface-number is the interface number or
subinterface number of the PVC. When you specify interface
interface-number, information about all of the PVCs on the
specified interface or subinterface displays.

Router# show controllers atm slot/module/port

Displays ATM controller status.


Use this command to ensure that packets are not being discarded
due to internal buffer exhaustion.
slot/module/port is the interface number.

Router# show policy-map

Displays the configuration of all policy maps configured on the


router.

Router# show policy-map interface

Displays the configuration of all of the classes configured in all


of the policy maps that are attached to all of the router interfaces.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

9-17

Chapter 9

Shaping Traffic

Verifying Traffic Shaping

Command

Purpose

Router# show policy-map interface interface


[input | output]

Displays the configuration of all classes configured for all


inbound or outbound policy maps attached to the specified
interface.
interface interface is the type and number of the interface or
subinterface to which the policy configuration you want to
display is attached.
input indicates to display the statistics for the attached inbound
policy.
output indicates to display the statistics for the attached
outbound policy.
Note

Router# show policy-map policy-map-name

If you do not specify input or output, the router displays


information about all classes that are configured for all
inbound and outbound policies attached to the interface
you specify.

Displays the configuration of all classes contained in the policy


map you specify.
policy-map-name is the name of the policy map for the
configuration information you want to display.
If you do not specify a policy-map-name, the command displays
the configuration of all policy maps configured on the router.

Router# show policy-map policy-map-name class


class-name

Displays the configuration of the class you specify. The policy


map you specify includes this class.
policy-map-name is the name of the policy map that contains the
class configuration you want to display.
class-name is the name of the class whose configuration you want
to display. If you do not specify class-name, the router displays
class configuration for all classes in the policy map.

Router# show pxf cpu queue atm number

Displays the number of dropped and dequeued packets for each


VC on the interface, and for classes associated with sessions that
inherit queues from VCs. Also, monitors the current capacity of
the queue.
number is the number of the interface or subinterface.

Router# show running-config

Displays the contents of the currently running configuration file.

Router# show running-config [interface interface]

Displays the configuration of the interface you specify that is


currently configured in the running-config file, including any
service policies attached to the interface.
(Optional) interface interface is the type and number of the
interface.

Cisco 10000 Series Router Quality of Service Configuration Guide

9-18

OL-7433-09

Chapter 9

Shaping Traffic
Verifying Traffic Shaping

Verification Examples for Traffic Shaping


Example 9-2 shows sample output from the show atm vp command for a specific virtual path identifier
(VPI). The output displays packet counts, AAL and encapsulation, the status of each PVC with a VPI of
10, and the total packet counts for the PVP.
Example 9-2

show atm vp Command Sample Output for a Specific VPI

Router# show atm vp 10


ATM7/0/0 VPI: 10, PeakRate: 1000, CesRate: 0, CDVT: 35.0 Usecs, DataVCs: 10
CesVCs: 0, Status: ACTIVE
VCD VCI Type InPkts OutPkts AAL/Encap Status
1
3
PVC
0
0
F4 OAM ACTIVE
2
4
PVC
0
0
F4 OAM ACTIVE
3
33 PVC 4007
6632
AAL5-MUX ACTIVE
4
34 PVC 4009
6625
AAL5-MUX ACTIVE
5
35 PVC 4008
6625
AAL5-MUX ACTIVE
6
36 PVC 4011
6625
AAL5-MUX ACTIVE
7
37 PVC 4014
6624
AAL5-MUX ACTIVE
8
38 PVC 4013
6636
AAL5-MUX ACTIVE
9
39 PVC 4010
3
AAL5-MUX ACTIVE
10 40 PVC 4012
3
AAL5-MUX ACTIVE
11 41 PVC 4009
3
AAL5-MUX ACTIVE
12 42 PVC 4010
3
AAL5-MUX ACTIVE
TotalInPkts: 40103, TotalOutPkts: 39779, TotalInFast: 0, TotalOutFast: 39779,
TotalBroadcasts: 0
TotalInPktDrops: 0, TotalOutPktDrops: 0

Example 9-3 shows sample output from the show atm vp command. The output displays the
configuration of the virtual path (VP) with an identifier of 10.
Example 9-3

show atm vp Command Sample Output

Router# show atm vp


Data CES Peak CES CDVT
Interface VPI VCs VCs Kbps Kbps Usecs Status
ATM7/0/0
10 10
0 1000
0
35.0 ACTIVE

Example 9-4 shows sample output from the show pxf cpu queue atm command. The output indicates
the number of packets dropped and dequeued for VC 1/229 and VC 1/233.
Example 9-4

show pxf cpu queue Command Sample Output

Router# show pxf cpu queue atm 5/0/2


VCCI 2517: ATM non-aggregated VC 1/229, VCD 1, Handle 1, Rate 500 kbps
VCCI/ClassID
0 2517/0
0 2517/31

ClassName
class-default
pak-priority

QID
269
268

Length/Max
0/4096
0/32

Res
11
11

Dequeues
3
4

Drops
0
0

Queues Owned but Unused by VC (inheritable by sessions)


ClassID
0
31

ClassName
class-default
pak-priority

QID
275
268

Length/Max
0/32
0/32

Res
11
11

Dequeues
100
4

Drops
0
0

VCCI 2517: ATM non-aggregated VC 1/233, VCD 4, Handle 4, Rate 50 kbps


VCCI/ClassID
0 2517/0

ClassName
class-default

QID
269

Length/Max
0/4096

Res
11

Dequeues
3

Drops
0

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

9-19

Chapter 9

Shaping Traffic

Verifying Traffic Shaping

0 2517/31

pak-priority

268

0/32

11

Dequeues
0
4

Drops
0
0

Queues Owned but Unused by VC (inheritable by sessions)


ClassID
0
31

ClassName
class-default
pak-priority

QID
274
268

Length/Max
0/32
0/32

Res
11
11

Example 9-5 shows sample output from the show controllers atm command. The output indicates that
no output packets were discarded due to internal buffer exhaustion.
Example 9-5

show controllers atm Command Sample Output

Router# show controllers atm 6/0/0


ATM6/0/0, Card type is 4oc3atm-1 (0x02D8)
The current state of the controller is up.
Current configurable parameter settings;
Clock source is LINE, Loopback is NONE, Framing is SONET,
Cell payload scrambling is enabled, STS stream scrambling is enabled,
MTU is 4470, PXF queuing is enabled, hold-queue is 27230
Burst tolerance floor 2
Total subscribed rate is 50000, flowbit change 90 / no change 0
Configuration collisions 0
SECTION
LOF =0LOS=0RDOOL=0BIP(B1)=0
LINE
AIS=0RDI=0FEBE=0BIP(B2)=0
PATH
AIS=0RDI=0FEBE=0BIP(B3)=0
LOP=0NEWPTR =0PSE=0NSE=0
LCD=0
Active Defects: None
Active Alarms: None
Alarm reporting enabled for: SF SLOS SLOF B1-TCA LAIS LRDI B2-TCA PAIS PLOP PRDI B3-TCA
RDOOL LCD
PATH TRACE BUFFER: STABLE
Remote hostname:
Remote interface:
Remote IP addr:
Remote Rx(K1/K2): / Tx(K1/K2): /
BER thresholds: SF = 10e-3 SD = 10e-6
TCA thresholds: B1 = 10e-6 B2 = 10e-6 B3 = 10e-6
Per
0
0
0
0
0
0
0

Card Statistics:
Input Packets Discarded, queue exhaustion
Input Packets Discarded, no host buffers
Output Packets Discarded, no channel
Output Packets Discarded, MRED
Output Packets Discarded, internal buffer exhaustion
Output Packets Discarded, Utopia RX errors
Output Packets Discarded, EPD

Cisco 10000 Series Router Quality of Service Configuration Guide

9-20

OL-7433-09

Chapter 9

Shaping Traffic
Configuration Examples for Traffic Shaping

Configuration Examples for Traffic Shaping


This section provides the following sample configurations for traffic shaping:

Configuration Example for Class-Based Shaping, page 9-21

Configuration Examples for Hierarchical Shaping, page 9-21

Configuration Example for Class-Based Shaping


Example 9-6 defines one class named c1, which is configured to shape traffic to 384 kbps with a normal
burst size of 15,440 bits.
Example 9-6

Configuring Class-Based Shaping

policy-map shape
class c1
shape average 38400 15440
!
interface serial 3/3/0
service-policy output shape

Note

The shape average command is available only on the PRE3. The PRE2 supports the shape cir command.

Configuration Examples for Hierarchical Shaping


Example 9-7 shows how to configure hierarchical shaping. In this example, the total VC bandwidth (the
sum of SCR) is above the tunnel rate. The PVP is configured with a PCR of 1000 kbps and is
oversubscribed by the total rate of the VCs (2 VCs at 256 kbps and 2 VCs at 512 kbps). The queue-depth
command ensures the correct shaping.
Example 9-7

Configuring Hierarchical Shaping

interface ATM5/0/0
no ip address
no ip mroute-cache
atm over-subscription-factor 50
atm pvp 1 1000 cdvt 600
no atm auto-configuration
no atm ilmi-keepalive
no atm address-registration
no atm ilmi-enable
!
interface ATM5/0/0.1 point-to-point
pvc 1/33
vbr-nrt 1000 256
encapsulation aal5mux ppp Virtual-Template1
queue-depth 288 256
!
!
interface ATM5/0/0.2 point-to-point
pvc 1/34
vbr-nrt 1000 256
encapsulation aal5mux ppp Virtual-Template1
queue-depth 288 256

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

9-21

Chapter 9

Shaping Traffic

Related Documentation

!
!
interface ATM5/0/0.3 point-to-point
pvc 1/35
vbr-nrt 1000 512
encapsulation aal5mux ppp Virtual-Template1
queue-depth 288 256
!
!
interface ATM5/0/0.4 point-to-point
pvc 1/36
vbr-nrt 1000 512
encapsulation aal5mux ppp Virtual-Template1
queue-depth 288 256
!

Related Documentation
This section provides hyperlinks to additional Cisco documentation for the features discussed in this
chapter. To display the documentation, click the document title or a section of the document highlighted
in blue. When appropriate, paths to applicable sections are listed below the documentation title.
Feature

Related Documentation

ATM overhead accounting

Traffic Shaping Overhead Accounting for ATM, Release 12.2(31)SB2 feature


module.

Class-based shaping

Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.3


Part 4: Policing and Shaping > Configuring class-Based Shaping

Class maps

Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2


Part 8: Modular Quality of Service Command-Line Interface > Configuring
the Modular Quality of Service Command-Line Interface > Modular QoS CLI
Configuration Task List > Creating a Traffic Class

Percentage-Based Traffic Shaping

QoS: Percentage-Based Shaping, Release 12.2(31)SB2 feature module

Policing

Comparing Traffic Shaping and Traffic Policing for Bandwidth Limiting

Policy maps

Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2


Part 8: Modular Quality of Service Command-Line Interface > Configuring
the Modular Quality of Service Command-Line Interface > Modular QoS CLI
Configuration Task List > Creating a Traffic Policy

QoS service policies

QoS Configuration and Monitoring, Creating Time-of-Day QoS Service Policies


tech note
QoS Configuration and Monitoring, Monitoring Voice over IP Quality of Service
tech note
Site-to-Site MPLS VPN Solution for Service Providers, Service Provider
Quality-of-Service Overview tech note

Traffic shaping

Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.3


Part 4: Policing and Shaping

Cisco 10000 Series Router Quality of Service Configuration Guide

9-22

OL-7433-09

CH A P T E R

10

Overhead Accounting
This chapter describes overhead accounting on the Cisco 10000 series router and contains the following
topics:

Overhead Accounting Features, page 10-1

Configuration Commands for Overhead Accounting, page 10-5

Subscriber Line Encapsulation Types, page 10-5

Overhead Calculation on the Router, page 10-5

Overhead Accounting and Hierarchical Policies, page 10-6

Restrictions and Limitations for Overhead Accounting, page 10-7

Configuring Overhead Accounting in a Hierarchical Policy, page 10-7

Configuration Examples for Overhead Accounting, page 10-10

Verifying Overhead Accounting, page 10-12

Verification Examples for Overhead Accounting, page 10-13

Related Documentation, page 10-15

Overhead Accounting Features


Overhead accounting enables the router to account for packet overhead when shaping traffic to a specific
rate. This accounting ensures that the router executes quality of service (QoS) features on the actual
bandwidth used by subscriber traffic.
The Cisco 10000 series router supports the following overhead accounting features:

ATM Overhead Accounting, page 10-2

MLP on LNS with HQoS and ATM Overhead Accounting, page 10-3

Traffic Shaping Overhead Accounting for ATM, page 10-4

Ethernet Overhead Accounting, page 10-4

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

10-1

Chapter 10

Overhead Accounting

Overhead Accounting Features

Feature History for Overhead Accounting


Required PRE1

Cisco IOS Release

Description

Release 12.3(7)XI7

The ATM Overhead Accounting feature was introduced on PRE2


the router to enable the router to account for various
encapsulation types when applying QoS to packets.

Release 12.2(28)SB

The ATM Overhead Accounting feature was introduced in PRE2


Cisco IOS Release 12.2(28)SB.

Release 12.2(31)SB2

The Traffic Shaping Overhead Accounting for ATM


feature was introduced on the PRE3.

Release 12.2(33)SB

The Ethernet Overhead Accounting feature was introduced PRE2


on the PRE2, PRE3, and PRE4. ATM overhead accounting PRE3
was enhanced on the PRE3 to allow a user-defined number PRE4
of overhead bytes and introduced on the PRE4. The PRE4
inherits all overhead accounting features from the PRE3.

Release 12.2(33)SB2

The MLP on LNS with HQoS and ATM Overhead


Accounting feature was introduced on the PRE3 and
PRE4.

PRE3

PRE3
PRE4

1. Performance Routing Engine (PRE)

ATM Overhead Accounting


ATM overhead accounting enables the router to account for various encapsulation types when applying
QoS to packets. Typically, in Ethernet Digital Subscriber Line (DSL) environments, the encapsulation
from the router to the DSLAM is Gigabit Ethernet and the encapsulation from DSLAM to customer
premise equipment (CPE) is ATM. ATM overhead accounting enables the router to account for ATM
encapsulation on the subscriber line and for the overhead added by cell segmentation. This accounting
enables the service provider to prevent overruns at the subscriber line and ensures that the router
executes QoS features on the actual bandwidth used by ATM packets.
The router uses the encapsulation type you configure to calculate the ATM overhead per packet. When
calculating ATM overhead at the subscriber line, the router considers the encapsulation used between
the router and DSLAM and between the DSLAM and CPE (as described in the following list). You
configure the encapsulation type and the router calculates the overhead associated with ATM cell
segmentation.

IEEE 802.1Q and qinq encapsulation are typically used between the router and DSLAM. Because
the DSLAM removes the encapsulation, the router does not account for this encapsulation in the
calculation.

The encapsulation used between the DSLAM and the CPE is based on the Subnetwork Access
Protocol (SNAP) and multiplexer (MUX) formats of ATM Adaptation Layer 5 (AAL5) and AAL3.
These encapsulation types can be routed bridge encapsulation (RBE), PPP over Ethernet (PPPoE),
or PPP over ATM (PPPoA), and IP. Because the DSLAM treats IP and PPPoE packets as payload,
the router does not account for IP and PPPoE encapsulation in the calculation.

AAL5 segmentation processing adds the additional overhead of the 5-byte cell headers, the AAL5
Common Part Convergence Sublayer (CPCS) padding, and the AAL5 trailer. For more information, see
the Overhead Calculation on the Router section on page 10-5.

Cisco 10000 Series Router Quality of Service Configuration Guide

10-2

OL-7433-09

Chapter 10

Overhead Accounting
Overhead Accounting Features

MLP on LNS with HQoS and ATM Overhead Accounting


MLP on LNS (MLPoLNS) sessions are shaped at a negotiated bandwidth that reflects the downstream
link bandwidth on the CPE. The link bandwidth on the L2TP network server (LNS) is received on the
line either through the connect speed attribute-value pairs (AVP) or PPPoE tags from the L2TP access
concentrator (LAC).
In releases earlier than Cisco IOS 12.2(33), hierarchical policies were not supported on MLPoLNS
single-member bundles. With MLPoLNS, if LNS sessions do not have a defined bandwidth associated
with the session, users must specify the bandwidth of the MLP bundle in the downstream direction (LNS
toward the CPE) to avoid drops downstream. The bandwidth of the bundle is the aggregate of all the
member links. For single-member MLPoLNS bundles, the bundle bandwidth is the same as the members
link bandwidth. With hierarchical policies, the parent shape value overrides the bandwidth received
through the AVP or PPPoE tag.
For more information on the MLP at LNS feature, see the Configuring Multilink Point-to-Point
Protocol Connections chapter in the Cisco 10000 Series Router Software Configuration Guide at the
following URL:
http://www.cisco.com/en/US/docs/routers/10000/10008/configuration/guides/broadband/mlp.html
The MLP on LNS with HQoS and ATM Overhead Accounting feature is described in the following
sections:

HQoS, page 10-3

Overhead Accounting, page 10-3

Restrictions and Limitations for Overhead Accounting, page 10-7

Enabling ATM Overhead Accounting on the PRE3 and PRE4 for MLPoLNS, page 10-11

HQoS
The HQoS bandwidth from the parent policy overrides the default bandwidth (based on the rate received
on the line) of the bundle. When the parent policy is removed, the default value is restored.
The users RADIUS environment is responsible for providing the HQoS policy after determining the rate
from the connect speed AVP and PPPoE downstream rate tag. The changes assume that platform will be
presented the service policies (after the algorithm has run) through the existing API.

Overhead Accounting
With overhead accounting, the downstream transmission rate from the LNS is adjusted to meet the
LAC-to-CPE bandwidth. This adjustment accounts account for the difference between the LNS-to-LAC
overhead versus the LAC-to-CPE overhead to achieve optimal link utilization for the LAC-to-CPE
interface. The overhead differences include IP/UDP/L2TP headers over the L2TP tunnel, as well as the
header size and segmentation overhead when the physical interface from the LNS is Gigabit Ethernet
and the LAC-to-CPE interface is ATM. Proper accounting can also avoid loss of data from any overruns
between the LAC and the CPE.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

10-3

Chapter 10

Overhead Accounting

Overhead Accounting Features

Traffic Shaping Overhead Accounting for ATM


The Traffic Shaping Overhead Accounting for ATM feature enables the broadband aggregation system
(BRAS) to account for various encapsulation types when applying QoS to packets. Typically, in Ethernet
Digital Subscriber Line (DSL) environments, the encapsulation from the BRAS to the DSLAM is
Gigabit Ethernet and the encapsulation from the DSLAM to the CPE is ATM. ATM overhead accounting
enables the BRAS to account for ATM encapsulation on the subscriber line and for the overhead added
by cell segmentation. This accounting enables the service provider to prevent overruns at the subscriber
line and ensures that the router executes QoS features on the actual bandwidth used by ATM subscriber
traffic.
The BRAS uses the encapsulation type you configure for the DSLAM-CPE side to calculate the ATM
overhead per packet, except for IP and PPPoE packets. DSLAM-CPE encapsulation types are based on
SNAP and MUX formats of ATM Adaptation Layer 5 (AAL5), followed by routed bridge encapsulation
(RBE), IP, PPP over Ethernet (PPPoE), or PPP over ATM (PPPoA). Because the DSLAM treats IP and
PPPoE packets as payload, the BRAS does not account for these encapsulations.
On the BRAS-DSLAM side, encapsulation is IEEE 802.1Q VLAN or qinq. However, because the
DSLAM removes the BRAS-DSLAM encapsulation, the BRAS does not account for 802.1Q or qinq
encapsulation.
AAL5 segmentation processing adds the additional overhead of the 5-byte cell headers, the AAL5
Common Part Convergence Sublayer (CPCS) padding, and the AAL5 trailer. For more information, see
the Overhead Calculation on the Router section on page 10-5.
If the parent policy has overhead accounting enabled, you are not required to explicitly enable
accounting on the child policy because, by default, child priority queues that do not contain the shape
or bandwidth command have ATM overhead accounting enabled implicitly.
By default, child priority queues that do not contain the shape or bandwidth command have ATM
overhead accounting enabled implicitly if the parent policy has overhead accounting enabled; you are
not required to explicitly enable accounting on the child policy.
If a child traffic class contains the shape or bandwidth command, you must explicitly enable ATM
overhead accounting on the class.

Ethernet Overhead Accounting


The Ethernet Overhead Accounting feature enables the router to account for downstream Ethernet frame
headers when applying shaping to packets. A user-defined offset specifies the number of overhead bytes
the router is to use when calculating the overhead per packet. Valid offset values are from +63 bytes to
-63 bytes of overhead. Before applying shaping, the router calculates the overhead.
Ethernet interfaces and subinterfaces support overhead accounting. Using the shape or bandwidth
command, you can configure accounting per VLAN and per port.

Cisco 10000 Series Router Quality of Service Configuration Guide

10-4

OL-7433-09

Chapter 10

Overhead Accounting
Configuration Commands for Overhead Accounting

Configuration Commands for Overhead Accounting


To enable overhead accounting, use the shape and bandwidth commands. These commands allow you
to specify the encapsulation type and user-defined offset that the router uses in calculating overhead. The
commands have the following syntax:
shape rate [account {{qinq | dot1q} {aal5 | aal3} {subscriber-encap}} | {user-defined offset
[atm]}]
bandwidth {bandwidth-kbps | percent percentage | remaining percent percentage} {{qinq |
dot1q} {aal5 | aal3} {subscriber-encap}} | {user-defined offset [atm]}]

Note

The options {{qinq | dot1q} {aal5 | aal3} {subscriber-encap}} and {user-defined offset [atm]} are
mutually exclusive.

Subscriber Line Encapsulation Types


The subscriber-encap option of the shape and bandwidth commands specifies the encapsulation type
at the subscriber line. The router supports the following subscriber line encapsulation types:

snap-1483routed

mux-1483routed

snap-dot1q-rbe

mux-dot1q-rbe

snap-pppoa

mux-pppoa

snap-rbe

mux-rbe

Overhead Calculation on the Router


When calculating overhead for traffic shaping, the router considers the encapsulation type used between
the BRAS and the DSLAM, and between the DSLAM and CPE.
Table 10-1 describes the fields the router uses for the various encapsulation types when calculating ATM
overhead.
Table 10-1

Overhead Calculation

Encapsulation Type

Number of Bytes

Description

802.1Q

18

6-byte destination MAC address + 6-byte source MAC


address + 2-byte protocol ID (0x8100) + 2-byte
VID/CFI/PRIORITY + 2-byte length/type

802.3

14

6-byte destination MAC address + 6-byte source MAC


address + 2-byte protocol ID (0x8000)

AAL5 MUX plus 1483

8-byte AAL5 trailer

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

10-5

Chapter 10

Overhead Accounting

Overhead Accounting and Hierarchical Policies

Table 10-1

Overhead Calculation (continued)

Encapsulation Type

Number of Bytes

Description

AAL5 MUX plus PPPoA

10

8-byte AAL5 trailer + 2-byte protocol ID (0x0021)

AAL5 SNAP plus 1483

18

8-byte AAL5 trailer + 3-byte LLC header


(0xAAAA03) + 3-byte OUI (0x0080c2) + 2-byte
protocol ID (0x0007) + 2-byte PAD (0x0000)

AAL5 SNAP plus PPPoA

12

8-byte AAL5 trailer + 3-byte LLC header (0xFEFE03)


+ 1-byte protocol ID (0xCF)

PPPoE

1-byte version/type (0x11) + 1-byte code (0x00) +


2-byte session ID + 2-byte length

qinq

22

6-byte destination MAC address + 6-byte source MAC


address + 2-byte protocol ID (0x8100) + 2-byte
VID/CFI/PRIORITY + 2-byte protocol ID + 2-byte
inner tag + 2-byte length or type

Overhead Accounting and Hierarchical Policies


In hierarchical policies, you can enable overhead accounting for shaping and bandwidth on top-level
parent policies, middle-level child policies, and bottom-level child policies. If you enable overhead
accounting on a:

Parent class-default class, you are not required to enable accounting on a child traffic class that does
not contain the bandwidth or shape command.

Child policy, then you must enable overhead accounting on the parent policy.

The parent and child classes must specify the same encapsulation type when enabling overhead
accounting and configuring an offset using the user-defined offset [atm] command option.
Table 10-2 summarizes the configuration requirements for overhead accounting. For example, if
overhead accounting is currently enabled for a parent policy, then accounting can be disabled or enabled
on a child policy.
Table 10-2

Overhead Accounting Configuration Requirements

Policy Map or Class

Current Configuration

Configuration Requirement

Parent

Enabled

Enabled on child policy

Child

Enabled

Enabled on parent policy

Child class

Enabled

Enabled on all classes in the child policy map,


except priority classes with policing

Child class (nonpriority


without policing)

Disabled

Disabled on all classes in the child policy map

Child class (priority with


policing)

Disabled

Disabled or enabled on all nonpriority classes


in the child policy map

Cisco 10000 Series Router Quality of Service Configuration Guide

10-6

OL-7433-09

Chapter 10

Overhead Accounting
Restrictions and Limitations for Overhead Accounting

Restrictions and Limitations for Overhead Accounting

You can enable overhead accounting for shaping and bandwidth on top-level parent policies,
middle-level child policies, and bottom-level child policies.

If you enable overhead accounting on a parent policy, you are required to enable accounting on a
child policy that is configured with the shape or bandwidth command. You are not required to
enable accounting on a child policy that does not have the shape or bandwidth command
configured.

If you enable overhead accounting on a child policy, then you must enable overhead accounting on
the parent policy.

In a policy map, you must either enable overhead accounting for all classes in the policy or disable
overhead accounting for all classes in the policy. You cannot enable overhead accounting for some
classes and disable overhead accounting for other classes in the same policy.

The router supports overhead accounting only for the shape and bandwidth commands.

When you enter the show policy-map interface command, the resulting classification byte counts
and the queuing feature byte counts do not match. This mismatch occurs because the classification
byte count does not consider overhead, whereas the queuing features do consider overhead.

This feature supports only Ethernet and ATM interfaces.

Ethernet overhead accounting allows the automatic inclusion of downstream Ethernet frame headers
in the shaped rate. However, policing is not supported for Ethernet overhead accounting.

For the MLPoLNS feature, overhead accounting is supported only on HQoS.

For MLPoLNS, HQoS with overhead accounting is supported only on single-member bundles and
not on multimember bundles.

QoS restriction on the main interface also apply to single-member MLPoLNS virtual-access bundles
(for example, oversubscription of the bundle bandwidth with a parent shaper).

For MLPoLNS single-member bundles with HQoS, 100 Mbps is the default bundle bandwidth. The
bandwidth received on the line (Connect speed of AVP pairs or PPPoE tags) at the LNS overrides
this bandwidth. If the connection speed of an AV pair of the MLP bundle is arbitrarily low,
overriding with shaper is not possible.

For the MLPoLNS feature, applying service policies on physical interfaces is not supported. Service
policies must be applied on the virtual template of the MLP bundle or from the RADIUS server.

Configuring Overhead Accounting in a Hierarchical Policy


To configure overhead accounting in a hierarchical policy, enter the following commands beginning in
global configuration mode:

Step 1

Command

Purpose

Router(config)# policy-map policy-map-name

Creates or modifies the child policy. Enters policy-map


configuration mode.
policy-map-name is the name of the child policy map. The
name can be a maximum of 40 alphanumeric characters.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

10-7

Chapter 10

Overhead Accounting

Configuring Overhead Accounting in a Hierarchical Policy

Step 2

Command

Purpose

Router(config-pmap)# class class-map-name

Assigns the traffic class you specify to the policy map.


Enters policy-map class configuration mode.
class-map-name is the name of a previously configured
class map.

Step 3

Router(config-pmap-c)# bandwidth
{bandwidth-kbps | percent percentage |
remaining percent percentage} [account {{qinq
| dot1q} {aal5} {subscriber-encap}} |
{user-defined offset [atm]}]

Enables class-based fair queuing and overhead accounting.


bandwidth-kbps specifies or modifies the minimum
bandwidth allocated for a class belonging to a policy map.
Valid values are from 8 to 2,488,320, which represents from
1 to 99 percent of the link bandwidth.
percentage specifies or modifies the maximum percentage
of the link bandwidth allocated for a class belonging to a
policy map. Valid values are from 1 to 99.
remaining percentage specifies or modifies the minimum
percentage of unused link bandwidth allocated for a class
belonging to a policy map. Valid values are from 1 to 99.
account enables ATM overhead accounting.
qinq specifies queue-in-queue encapsulation as the
BRAS-DSLAM encapsulation type.
dot1q specifies IEEE 802.1Q VLAN encapsulation as the
BRAS-DSLAM encapsulation type.
aal5 specifies the ATM Adaptation Layer 5 that supports
connection-oriented variable bit rate (VBR) services.
subscriber-encap specifies the encapsulation type at the
subscriber line. For more information, see the Overhead
Accounting and Hierarchical Policies section on
page 10-6.
user-defined indicates that the router is to use the offset
value you specify when calculating ATM overhead.
offset specifies the number of bytes the router is to use when
calculating overhead. Valid values are from -63 to 63 bytes.
atm applies the ATM cell tax in the ATM overhead
calculation.
Note

Configuring both the offset and atm options adjusts


the packet size to the offset size and then adds the
ATM cell tax.

Step 4

Router(config-pmap-c)# exit

Exits policy-map class configuration mode.

Step 5

Router(config-pmap)# policy-map policy-map-name

Creates or modifies the top-level parent policy.


policy-map-name is the name of the parent policy map. The
name can be a maximum of 40 alphanumeric characters.

Step 6

Router(config-pmap)# class class-default

Configures or modifies the parent class-default class.

Cisco 10000 Series Router Quality of Service Configuration Guide

10-8

OL-7433-09

Chapter 10

Overhead Accounting
Configuring Overhead Accounting in a Hierarchical Policy

Step 7

Command

Purpose

Router(config-pmap-c)# shape [average] rate


[account {{qinq | dot1q} {aal5}
{subscriber-encap}} | {user-defined offset
[atm]}]

Shapes traffic to the indicated bit rate and enables overhead


accounting.
(Optional) average is the committed burst (Bc) that
specifies the maximum number of bits sent out in each
interval. This option is only supported on the PRE3.
rate indicates the bit rate used to shape the traffic, in bits per
second. When this command is used with backward explicit
congestion notification (BECN) approximation, the bit rate
is the upper bound of the range of bit rates that are
permitted.
account enables ATM overhead accounting.
qinq specifies queue-in-queue encapsulation as the
BRAS-DSLAM encapsulation type.
dot1q specifies IEEE 802.1Q VLAN encapsulation as the
BRAS-DSLAM encapsulation type.
aal5 specifies the ATM Adaptation Layer 5 that supports
connection-oriented variable bit rate (VBR) services.
subscriber-encap specifies the encapsulation type at the
subscriber line. For more information, see the Overhead
Accounting and Hierarchical Policies section on
page 10-6.
user-defined indicates that the router is to use the offset
value you specify when calculating ATM overhead.
offset specifies the number of bytes the router is to use when
calculating overhead. Valid values are from -63 to +63
bytes. The router configures the offset size if you do not
specify the offset option.
atm applies the ATM cell tax in the ATM overhead
calculation.
Note

Step 8

Router(config-pmap-c)# service-policy
policy-map-name

Configuring both the offset and atm options adjusts


the packet size to the offset size and then adds the
ATM cell tax.

Applies a child policy to the parent class-default class.


policy-map-name is the name of a previously configured
child policy map.
Note

Do not specify the input or output keywords when


applying a child policy to a parent class-default
class.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

10-9

Chapter 10

Overhead Accounting

Configuration Examples for Overhead Accounting

Configuration Examples for Overhead Accounting


This section provides the following configuration examples:

Enabling ATM Overhead Accounting, page 10-10

Enabling ATM Overhead Accounting on the PRE3 and PRE4 for MLPoLNS, page 10-11

Enabling Ethernet Overhead Accounting on the PRE2, page 10-11

Enabling Ethernet Overhead Accounting on the PRE3 and PRE4, page 10-12

Enabling ATM Overhead Accounting


The following configuration example shows how to enable ATM overhead accounting using a
hierarchical policy. The Child policy map has two classes: Business and Nonbusiness. The Business
class has priority and is policed at 128,000 kbps. The Nonbusiness class has ATM overhead accounting
enabled and has a bandwidth of 20 percent of the available bandwidth. The Parent policy map shapes the
aggregate traffic to 256,000 kbps and enables ATM overhead accounting.
Notice that Layer 2 overhead accounting is not explicitly configured for the Business traffic class. If the
class-default class of a parent policy has ATM overhead accounting enabled, you are not required to
enable ATM overhead accounting on a child traffic class that does not contain the bandwidth or shape
command. Therefore, in this example, the Business priority queue implicitly has ATM overhead
accounting enabled because its parent class-default class has overhead accounting enabled.
policy-map Child
class Business
priority
police 128000
class Nonbusiness
bandwidth percent 20 account dot1q aal5 snap-rbe-dot1q
exit
exit
policy-map Parent
class class-default
shape 256000 account dot1q aal5 snap-rbe-dot1q
service-policy Child

In the following configuration example, overhead accounting is enabled for bandwidth on the gaming
and class-default classes of the child policy map named subscriber_classes, and on the class-default class
of the parent policy map named subscriber_line. The voip and video classes do not have accounting
explicitly enabled; these classes have ATM overhead accounting implicitly enabled because the parent
policy has overhead accounting enabled. Notice that the features in the parent and child policies use the
same encapsulation type.
policy-map subscriber_classes
class voip
priority level 1
police 8000
class video
priority level 2
police 20
class gaming
bandwidth remaining percent 80 account dot1q aal5 snap-rbe-dot1q
class class-default
bandwidth remaining percent 20 account dot1q aal5 snap-rbe-dot1q
policy-map subscriber_line
class class-default

Cisco 10000 Series Router Quality of Service Configuration Guide

10-10

OL-7433-09

Chapter 10

Overhead Accounting
Configuration Examples for Overhead Accounting

bandwidth remaining ratio 10 account dot1q aal5 snap-rbe-dot1q


shape average 512 account dot1q aal5 snap-rbe-dot1q
service policy subscriber_classes

Note

The shape average rate command is available only on the PRE3 and PRE4. The PRE2 supports the
shape rate command.
Example 10-1 shows that the Child policy map has two classes: Business and Nonbusiness. The Business
class has priority and is policed at 128,000 kbps. The Nonbusiness class has ATM overhead accounting
enabled and has a bandwidth of 20 percent of the available bandwidth. The Parent policy map shapes the
aggregate traffic to 256,000 kbps and enables ATM overhead accounting. Notice that Layer 2 overhead
accounting does not occur for the Business traffic class.
Example 10-1 Enabling ATM Overhead Accounting
Router(config)# policy-map Child
Router(config-pmap)# class Business
Router(config-pmap-c)# priority
Router(config-pmap-c)# police 128000 //*No Layer 2 overhead accounted*/
Router(config-pmap-c)# class Nonbusiness
Router(config-pmap-c)# bandwidth percent 20 account dot1q aal5 snap-rbe-dot1q
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# policy-map Parent
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape 256000 account dot1q snap-rbe-dot1q
Router(config-pmap-c)# service-policy Child

Enabling ATM Overhead Accounting on the PRE3 and PRE4 for MLPoLNS
Example 10-2 shows how to enable ATM overhead accounting using the hierarchical service policy
where there is a parent with a child policy. In the example, the child policy map has a predefined class
prec2 that shapes the aggregate traffic to 10,000 kbps and enables ATM overhead accounting.
Example 10-2 Enabling ATM Overhead AccountingMLPoLNS
Router(config)# policy-map child
Router(config-pmap)# class prec2
Router(config-pmap-c)# shape average 10000 account user-defined 63 atm
Router(config-pmap-c)# exit
Router(config)# policy-map parent
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 256000 account user-defined 63 atm
Router(config-pmap-c)# service-policy child

Enabling Ethernet Overhead Accounting on the PRE2


The following configuration example shows how to enable Ethernet overhead accounting on the PRE2
and specify the number of bytes the router should take into account when calculating the overhead. In
the example, the policy map named ethernet_ovrh contains the class-default class, which has overhead
accounting enabled for shaping and a user-defined offset of 18 bytes specified. The ethernet_ovrh policy
map is attached to subinterface Gigabit Ethernet 1/0/0.100.
policy-map ethernet_ovrh
class class-default

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

10-11

Chapter 10

Overhead Accounting

Verifying Overhead Accounting

shape 200 account user-defined 18


!
interface GigabitEthernet1/0/0.100
encapsulation dot1q 100
pppoe enable group global
no snmp trap link-status
service-policy output ethernet_ovrh

Enabling Ethernet Overhead Accounting on the PRE3 and PRE4


The following configuration example shows how to enable Ethernet overhead accounting on the PRE3
or PRE4. In the example, the configuration of the policy map named ethernet_ovrh shapes class-default
traffic at a rate of 200,000 kbps and enables overhead accounting with a user-defined value of 18. The
ethernet_ovrh policy is attached to subinterface Gigabit Ethernet 1/0/0.100, thereby enabling overhead
accounting on the subinterface.
Router# configuration-terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# policy-map ethernet_ovrh
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 200000 account user-defined 18
!
Router(config)# interface GigabitEthernet1/0/0.100
Router(config-subif)# service-policy output ethernet_ovrh
!
Router# show running-config | begin 1/0/0.100
interface GigabitEthernet1/0/0.100
encapsulation dot1Q 101
pppoe enable group group_pta
service-policy output ethernet_ovrh

Verifying Overhead Accounting


To verify overhead accounting, enter any of the following commands in privileged EXEC mode:
Command

Purpose

Router# show policy-map [interface interface]

Displays information about the policy map attached to the


interface you specify, including ATM overhead accounting. If
you do not specify an interface, the command displays
information about all of the policy maps configured on the router.
interface interface is the interface type and number (for example,
atm 4/0/0).
Note

When you enter the show policy-map interface


command, the resulting classification byte counts and the
queuing feature byte counts do not match. This mismatch
occurs because the classification byte count does not
consider overhead, whereas the queuing features do
consider overhead.

Cisco 10000 Series Router Quality of Service Configuration Guide

10-12

OL-7433-09

Chapter 10

Overhead Accounting
Verification Examples for Overhead Accounting

Command

Purpose

Router# show running-config

Displays the running configuration on the router. The output


shows the AAA setup and the configuration of the policy map,
ATM VC, PPPoA, dynamic bandwidth selection, virtual
template, and RADIUS server.

Verification Examples for Overhead Accounting


This section provides the following verification examples:

Verifying ATM Overhead Accounting Using show policy-map, page 10-13

Verifying Overhead Accounting Using show running-config, page 10-14

Verifying Ethernet Overhead Accounting with User-Defined Option, page 10-14

Verifying ATM Overhead Accounting Using show policy-map


The following sample output from the show policy-map command indicates that ATM overhead
accounting is enabled for shaping and disabled for bandwidth:
Service-policy output:unit-test
Class-map: class-default (match-any)
100 packets, 1000 bytes
30 second offered rate 800 bps, drop rate 0 bps
Match: any
shape (average) cir 154400, bc 7720, be 7720
target shape rate 154400
overhead accounting: enabled
bandwidth 30% (463 kbps)
overhead accounting: disabled
queue limit 64 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(packets output/bytes output) 100/1000

The following sample output from the show policy-map command indicates that ATM overhead
accounting is enabled for the class-default class for shaping. The BRAS-DSLAM encapsulation is dot1q
and the subscriber line encapsulation is snap-rbe based on the AAL3 service.
Policy Map unit-test
Class class-default
Average Rate Traffic Shaping
cir 10% account dot1q aal3 snap-rbe

The following sample output from the show policy-map interface command indicates that ATM
overhead accounting is enabled for shaping and disabled for bandwidth:
Service-policy output:unit-test
Class-map: class-default (match-any)
100 packets, 1000 bytes
30 second offered rate 800 bps, drop rate 0 bps
Match: any
shape (average) cir 154400, bc 7720, be 7720
target shape rate 154400
overhead accounting: enabled

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

10-13

Chapter 10

Overhead Accounting

Verification Examples for Overhead Accounting

bandwidth 30% (463 kbps)


overhead accounting: disabled
queue limit 64 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(packets output/bytes output) 100/1000

Verifying Overhead Accounting Using show running-config


The following sample output from the show running-config command indicates that ATM overhead
accounting is enabled for shaping. The BRAS-DSLAM encapsulation is dot1q and the subscriber line
encapsulation is snap-rbe based on the AAL5 service.
subscriber policy recording rules limit 64
no mpls traffic-eng auto-bw timers frequency 0
call rsvp-sync
!
controller T1 2/0
framing sf
linecode ami
!
controller T1 2/1
framing sf
linecode ami
!
!
policy-map unit-test
class class-default
shape average 10 account dot1q aal5 snap-rbe

Note

The shape average rate command is available only on the PRE3 and PRE4. The PRE2 supports the
shape rate command.

Verifying Ethernet Overhead Accounting with User-Defined Option


The following sample output for the policy map named ethernet_ovrh indicates that Ethernet overhead
accounting is enabled for shaping and the user-defined offset is 18 bytes. The sample output from the
show policy-map interface command indicates that the ethernet_ovrh policy map is attached to the
subinterface Gigabit Ethernet 1/0/0.100, enabling overhead accounting on the subinterface.
Router# show policy-map ethernet_ovrh
Policy Map ethernet_ovrh
Class class-default
Average Rate Traffic Shaping
cir 200000 (bps) account user-defined 18
Router# show policy-map interface GigabitEthernet1/0/0.100
GigabitEthernet1/0/0.100
Service-policy output: ethernet_ovrh
Class-map: class-default (match-any)
0 packets, 0 bytes
30 second offered rate 0 bps, drop rate 0 bps
Match: any

Cisco 10000 Series Router Quality of Service Configuration Guide

10-14

OL-7433-09

Chapter 10

Overhead Accounting
Related Documentation

0 packets, 0 bytes
30 second rate 0 bps
Queueing
queue limit 8 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 0/0
shape (average) cir 200000, bc 800, be 800
target shape rate 200000
Overhead Accounting Enabled

Related Documentation
This section lists additional Cisco documentation for the features discussed in this chapter. When
appropriate, paths to applicable sections are listed below the documentation title.
Feature

Related Documentation

ATM overhead accounting

Traffic Shaping Overhead Accounting for ATM, Release 12.2(31)SB2 feature


module

Class-based shaping

Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.3


Part 4: Policing and Shaping > Configuring class-Based Shaping

Class maps

Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2


Part 8: Modular Quality of Service Command-Line Interface > Configuring
the Modular Quality of Service Command-Line Interface > Modular QoS CLI
Configuration Task List > Creating a Traffic Class

Percentage-based traffic shaping

QoS: Percentage-Based Shaping, Release 12.2(31)SB2 feature module

Policing

Comparing Traffic Shaping and Traffic Policing for Bandwidth Limiting

Policy maps

Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2


Part 8: Modular Quality of Service Command-Line Interface > Configuring
the Modular Quality of Service Command-Line Interface > Modular QoS CLI
Configuration Task List > Creating a Traffic Policy

QoS service policies

QoS Configuration and Monitoring, Creating Time-of-Day QoS Service Policies


Tech Note
QoS Configuration and Monitoring, Monitoring Voice over IP Quality of Service
Tech Note
Site-to-Site MPLS VPN Solution for Service Providers, Service Provider
Quality-of-Service Overview Tech Note

Traffic shaping

Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.3


Part 4: Policing and Shaping

MLP on LNS

Cisco 10000 Series Router Software Configuration Guide


Chapter 19: Configuring Multilink Point-to-Point Protocol Connections

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

10-15

Chapter 10

Overhead Accounting

Related Documentation

Cisco 10000 Series Router Quality of Service Configuration Guide

10-16

OL-7433-09

CH A P T E R

11

Managing Packet Queue Congestion


A Layer 3 queuing strategy provides differentiated levels of service and assigns priority to
delay-sensitive packets. Queuing limits the amount of traffic that can be sent to queues so that all of the
packet buffers are not consumed. Commonly used mechanisms, such as random early detection (RED),
monitor network traffic loads to control congestion by acting on the traffic if congestion is about to
occur.
This chapter discusses congestion control mechanisms supported on the Cisco 10000 series router and
includes the following topics:

Queue Scaling Limits, page 11-1

Queue Limit, page 11-2

Queue IDs and Interface Queues, page 11-6

Queuing Outbound Traffic, page 11-7

Controlling Congestion Using Tail Drop, page 11-8

Controlling Congestion Using Random Early Detection, page 11-9

Controlling Congestion Using Weighted Random Early Detection, page 11-11

Interfaces Supporting Layer 3 Packet Drop Policies, page 11-21

Restrictions and Limitations for Controlling Layer 3 Congestion, page 11-22

Configuring Layer 3 Queue Limit and Drop Policies, page 11-24

Verifying and Monitoring Layer 3 Packet Dropping, page 11-32

Controlling Packet Flow on Layer 2 Queues, page 11-39

Related Documentation, page 11-40

Queue Scaling Limits


The router allocates at least two queues for every interface or subinterface for which separate queues are
created. The first queue is the default queue for normal traffic and the second queue is the system queue.
The system queue is used for a small amount of router-generated traffic that bypasses the normal drop
mechanisms. For 32,000 VCs, the router would need to allocate a minimum of 64,000 queues. While
Cisco IOS Release 12.3(7)XI1 adds support for up to 128,000 queues, a more effective use of these
limited resources is to have the subinterfaces on a given main interface share the single system queue of
the main interface.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

11-1

Chapter 11

Managing Packet Queue Congestion

Queue Limit

In Cisco IOS Release 12.3(7)XI2, the subinterfaces on a given main interface share the single system
queue of the main interface. This allows for 32,000 subinterfaces with a three-queue model that supports
assured forwarding (AF) queues, expedited forwarding (EF) queues, and the default best effort (BE)
queues. Because a system queue is not allocated for every subinterface, queues are freed up for a
four-queue model.
Table 11-1 lists the scaling limits for class queues.
Table 11-1

Queue Scaling Limits

Queue Criteria

PRE3
Release 12.2(31)SB2 or later

PRE2
Release 12.3(7)XI or later

PRE2
Release 12.2(16)BX or later

PRE1

Total Number of Queues Per


System1

256,000

131,070

65,534

32,766

No. Queues Per Link

15

322

32

163

Total Number of Packet


Buffers for Queue Depth4

Not Applicable5

4,194,304

4,194,304

1,048,576

1. Includes network-control and default queues.


2. 29 user-configurable queues, 1 class-default queue, 1 system queue, and 1 reserved queue
3. 14 user-configurable queues, 1 class-default queue, 1 system queue
4. With 131,070 queues configured, the average queue limit across all of the configured queues is less than or equal to 32 packets per queue: 4,194,304
divided by 131,070 equals 32.
5. The PRE3 implements queues in such a way that this limit no longer exists.

Queue Limit
Each queue has a limit on the number of packets that the router can place onto the queue. This limit,
referred to as the depth, is a user-configurable limit. During periods of high traffic, a queue fills with
packets waiting for transmission. When a queue reaches its queue limit and becomes full, by default the
router drops packets until the queue is no longer full.
Table 11-2 describes the queuing limits for the various processor cards.

Cisco 10000 Series Router Quality of Service Configuration Guide

11-2

OL-7433-09

Chapter 11

Managing Packet Queue Congestion


Queue Limit

Table 11-2

Packets Per Queue

Processor

Cisco IOS Release

Packets Per Queue

PRE1

All releases

32 to 16,384
If you do not specify a value that is a power of 2,
the router uses the nearest power of 2.

PRE2
PRE2

Cisco IOS Release 12.2(15)BX


and Release 12.2(16)BX

32 to 16,384

Cisco IOS Release 12.3(7)XI


and later releases

Interfaces with speeds that are less than 500 MB

The value does not need to be a power of 2.


8 to 4,096 packets per queue
The value must be a power of 2.
Interfaces with speeds that are greater than 500 MB

128 to 64,000 packets per queue


The value must be a power of 2.
PRE3
PRE4

Cisco IOS Release 12.2(31)SB2 16 to 32,767


and later releases

When a packet queue temporarily experiences congestion, increasing the depth of the queue using the
queue-limit command reduces the number of packets dropped. However, setting the queue limit to a
high value might reduce the number of packet buffers available to other interfaces.
The queue limit applies to each buddy queue on links with:

Note

At least 500 Mbps (PRE1)

1 Gbps (PRE2)

The PRE3 does not use buddy queues.


If you do not specify a queue limit, the router calculates the default buffer size for each class queue as
follows:

Note

Class queues with weighted random early detection (WRED)The router uses the default queue
limit of two times the largest WRED maximum threshold value, rounded to the nearest power of 2.

For Cisco IOS Release 12.2(15)BX and Release 12.2(16)BX, the router does not round the value
to the nearest power of 2.

Class queues without WREDThe router has buffers for up to 50 milliseconds of 256-byte packets
(PRE2) or 250-byte packets (PRE3) at line rate, but not less than 32 packets (PRE2) or 16 packets
(PRE3).

Priority queues without WREDThe router has buffers for up to 25 milliseconds of 80-byte packets
at line rate, but not less than 32 packets (PRE2) or 16 packets (PRE3).

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

11-3

Chapter 11

Managing Packet Queue Congestion

Queue Limit

Queue Limit Packet Buffers


The router provides a total of 4,194,304 buffers for queuing packets and calculates the default buffer size
for each class queue as described in the Queue Limit section on page 11-2. Whatever the default queue
size the system calculates, if a class has a random early detection (RED) drop policy configured and one
of the maximum thresholds is configured to be larger than the default buffer size, the router
automatically increases the queue size to the nearest power of 2 of the largest maximum threshold.
You can use the show policy-map interface command to display the actual queue size. To make the
queue size larger than the default size the router calculated, do the following:

Cisco IOS Release 12.0(25)SX and Release 12.3(7)XI, and later releasesConfigure the
queue-limit command with RED.
For more information, see the queue-limit Command section on page 11-4, the Random Early
Detection and Queue Limit section on page 11-10, and the WRED and Queue Limit section on
page 11-20.

Releases prior to Cisco IOS Release 12.0(25)SX and Release 12.3(7)XIRED with queue-limit is
not supported. As a workaround, configure RED with an unused IP precedence or DSCP level and
define a maximum threshold that is larger than the default size the router calculated. By doing this,
you force the router to increase the queue size to accommodate the larger threshold.

With 131,070 queues configured, the average queue limit across all of the configured queues is less than
or equal to 32 packets per queue:
Total number of packet buffers / Total number of queues
4,194,304 / 131,070 = 32
If you change the queue size several times for 131,070 queues, the queue packet buffers can become
fragmented or might still be in use. For more information, see the Restrictions and Limitations for
Controlling Layer 3 Congestion section on page 11-22.
For more information, see the Average Queue Size and the Exponential Weight Constant section on
page 11-21.

Default Queue Limit and Packet Buffers


When a queue is part of a high-speed interface, the default queue limit is very large. This allows the
queue to store up many packets during congestion. If too many of these type of queues are congested on
the system, it causes system packet buffer exhaustion and all queues in the system experience packet
drop.

queue-limit Command
To specify or modify the maximum number of packets that a particular class queue can hold, use the
queue-limit command in policy-map class configuration mode. To remove the queue packet limit from
a class, use the no form of this command.
queue-limit number-of-packets
no queue-limit number-of-packets

Cisco 10000 Series Router Quality of Service Configuration Guide

11-4

OL-7433-09

Chapter 11

Managing Packet Queue Congestion


Queue Limit

Syntax Description
number-of-packets

For PRE1, number-of-packets is a number from 32 to 16384; the number


must be a power of 2. If the number you specify is not a power of 2, the
router converts the number to the nearest power of 2 value.
For Cisco IOS Release 12.2(15)BX and Release 12.2(16)BX using the
PRE2, number-of-packets is a number from 32 to 16384. The number does
not need to be a power of 2.
For Cisco IOS Release 12.3(7)XI and later releases using the PRE2, if the
interface speed is less than 500 MB, number-of-packets is a number from 8
to 4096; the number must be a power of 2. If the interface speed is greater
than 500 MB, number-of-packets is a number from 128 to 64000 and must
be a power of 2. If it is not, the router converts the number to the nearest
power of 2 value.
For Cisco IOS Release 12.2(31)SB2 and later releases using the PRE3,
number-of-packets is a number from 1 to 32,767. The number does not need
to be a power of 2.

queue-limit Command History


Cisco IOS Release

Description

Release 12.0(17)SL

The queue-limit command was introduced on the PRE1.

Release 12.0(25)SX

This command was enhanced to allow you to simultaneously configure


both the queue-limit and random-detect commands in the same class of
a policy map.

Release 12.2(16)BX

This command was introduced on the PRE2.

Release 12.3(7)XI

This command was enhanced on the PRE2 to allow you to simultaneously


configure both the queue-limit and random-detect commands in the
same class of a policy map.

Release 12.2(28)SB

This command was integrated in Cisco IOS Release 12.2(28)SB for the
PRE2.

Release 12.2(31)SB2

This command was introduced on the PRE3.

Default Behavior for the queue-limit Command


The following describes the default behavior of the queue-limit command for class queues with and
without weighted random early detection (WRED):

Note

Class queues with weighted random early detection (WRED)The router uses the default queue
limit of two times the largest WRED maximum threshold value, rounded to the nearest power of 2.

For Cisco IOS Release 12.2(15)BX and Release 12.2(16)BX using the PRE2, and for Cisco IOS
Release 12.2(31)SB2 and later releases using the PRE3, the router does not round the value to
the nearest power of 2.
Priority queues and class queues without WREDThe router has buffers for up to 50 milliseconds
of 256-byte packets at line rate, but not less than 32 packets.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

11-5

Chapter 11

Managing Packet Queue Congestion

Queue IDs and Interface Queues

Usage Guidelines for the queue-limit Command


Whenever you configure the bandwidth command for a class queue, the command sets a default queue
limit for the class, which in most cases is sufficient to meet minimum bandwidth guarantees. However,
if you configure all of the 131,070 queues for a system, lower the queue limit so that all of the queues
have enough bandwidth. The queue-limit command overrides the default queue limit set by the
bandwidth command. For more information, see the Queue Limit Packet Buffers section on
page 11-4.
Cisco IOS Release 12.2(16)BX does not require that you specify a queue limit value that is a power of
2; therefore, the router does not round the value to the nearest power of 2.

Queue IDs and Interface Queues


The router allocates queue IDs (QIDs) to interface queues. The number of queues supported on an
interface and the number of QIDs allocated depend on the speed of the interface and the processor card
installed in the chassis. For each class that has a queue on an interface, the router allocates one or two
QIDs as indicated in Table 11-3.
Table 11-3

QID Allocation for Classes with Queues on an Interface

Processor

Interface Bandwidth

QIDs Allocated

Queues Supported

PRE1

Less than 500 Mbps

500 Mbps or greater

32,766 total queues per


system

Less than 622 Mbps

130,816

622 Mbps or greater

2541

Not applicable 2

256,000

PRE2
PRE3

1. QID 0 and QID 1 are not legal values. Therefore, instead of supporting 256 QIDs, the router supports 254.
2. The PRE3 does not support buddy queues.

Note

The PRE2 has buddy queues only for the OC-48 line card. All other interfaces have 1 queue. The PRE1
requires a buddy queue for the full-height Gigabit Ethernet line card.

Reserved QIDs
On the PRE2, if no more QIDs are left (all of them are used) and you attempt to modify the queue limit
in a policy map that is attached to one or more interfaces, the operation fails and an out of resource
message displays. To avoid this, you can do the following:

Reserve one or more available QIDs

Remove the policy map from the interface first, modify the queue limit, and then attach the new
policy map to the interface

You might desire to reserve a pool of unused queues just in case a service policy is applied on a live
production network and someone attempts to change the queue parameters. By using the show ha pxf
cpu queue summary command, you can learn how many available queues are in the pool and plan
accordingly.

Cisco 10000 Series Router Quality of Service Configuration Guide

11-6

OL-7433-09

Chapter 11

Managing Packet Queue Congestion


Queuing Outbound Traffic

Queuing Outbound Traffic


This section describes how the Cisco 10000 series router queues outbound traffic and includes the
following:

Queuing Outbound Traffic on ATM Interfaces, page 11-7

Queuing Outbound Traffic on Frame Relay Interfaces, page 11-7

Queuing Outbound Traffic on Virtual LAN Interfaces, page 11-7

Queuing Outbound Traffic on ATM Interfaces


On ATM interfaces, the Cisco 10000 series router creates one set of queues for all of the unspecified bit
rate (UBR) PVCs and a separate set of queues for each variable bit rate (VBR) PVC. The following lists
the queues the router creates:

One default queue for all unshaped (no PCR specified) UBR PVCs

One default queue for each VBR and shaped (PCR is specified) UBR PVCs

One network control queue for each port

Using a policy map, you can optionally create additional class-based queues for UBR PVCs and each
VBR PVC, and attach the policy map to the physical interface for UBR PVCs or to a VBR PVC.
Unshaped UBR PVCs that have their own service policy use the physical interfaces default queue only.
These PVCs cannot use any user-defined, class-based queue defined on the physical interface.

Queuing Outbound Traffic on Frame Relay Interfaces


The Cisco 10000 series router supports two queuing modes for Frame Relay interfaces: interface-based
queuing and PVC-based queuing. In interface-based queuing, all PVCs share the same set of queues. In
PVC-based queuing, each PVC has its own set of queues for its outbound traffic.
Interface-based queuing is the default queuing mode. In this mode, the system creates a default set of
queues that all PVCs on the interface can use. Using a policy map, you can optionally create additional
class-based queues, which are shared among all the PVCs.
You can configure PVC-based queuing by creating a hierarchical policy. In this way, you can enable
class-based fair queuing for a PVC and shape the total PVC traffic to a desired rate. For more
information, see Chapter 13, Defining QoS for Multiple Policy Levels.
For information about enabling PVC-based fair queuing by using the Frame Relay QoS CLI, see
Appendix A, Configuring Frame Relay QoS Using Frame Relay Legacy Commands.

Queuing Outbound Traffic on Virtual LAN Interfaces


By default, the Cisco 10000 series router does not create a queue for a virtual LAN (VLAN) interface.
All VLANs share the same set of queues on the physical Ethernet interface.
To create a separate queue for a VLAN interface, use a hierarchical policy. For more information, see
Chapter 13, Defining QoS for Multiple Policy Levels.

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

11-7

Chapter 11

Managing Packet Queue Congestion

Controlling Congestion Using Tail Drop

Controlling Congestion Using Tail Drop


The tail drop mechanism controls congestion using a specific drop policy to ensure that the maximum
number of packets held in a queue is not exceeded.
During periods of high traffic, a queue fills with packets waiting for transmission. When a queue reaches
its queue limit and becomes full, by default the router employs the tail drop mechanism to drop packets
until the queue is no longer full.
Tail drop is the default mechanism used to control congestion for Layer 3 queues. While some
mechanisms activate before a queue reaches its queue limit, tail drop activates when a queue becomes
full. Tail drop treats all traffic equally and does not differentiate between classes of service. When a
queue becomes full, tail drop continues to drop packets until the queue has room for more packets (the
queue is no longer full).

Feature History for Tail Drop


Cisco IOS Release

Description

Required PRE

Release 12.0(17)SL

The tail drop feature was introduced on the router.

PRE1

Release 12.2(16)BX

This feature was introduced on the PRE2.

PRE2

Release 12.2(28)SB

This feature was integrated in Cisco IOS


Release 12.2(28)SB for the PRE2.

PRE2

Release 12.2(31)SB2

This feature was introduced on the PRE3.

PRE2
PRE3

Tail Drop and Random Early Detection


The Cisco 10000 series router allows you to combine tail drop with another congestion control
mechanism called random early detection (RED). RED does not replace tail drop, but rather
complements it by dropping packets before the queue reaches its queue limit or maximum threshold. Tail
drop occurs after the queue is already full, when the mean queue depth for RED exceeds the maximum
threshold value and when the queue limit is reached.
For more information about random early detection, see the Controlling Congestion Using Random
Early Detection section on page 11-9 and the Controlling Congestion Using Weighted Random Early
Detection section on page 11-11.

Cisco 10000 Series Router Quality of Service Configuration Guide

11-8

OL-7433-09

Chapter 11

Managing Packet Queue Congestion


Controlling Congestion Using Random Early Detection

Controlling Congestion Using Random Early Detection


Random early detection (RED) is an alternative mechanism for controlling congestion of Layer 3
queues. Unlike the tail drop mechanism, RED implements a proactive queuing strategy that controls
congestion before a queue reaches its queue limit.
RED randomly discards packets. If the source host is using Transmission Control Protocol (TCP), the
host detects that packets are dropped and decreases its transmission rate until all of the packets reach
their destinations, indicating that the congestion is clear. The host can then resume its original
transmission rate.
You can configure a drop policy for RED that is based on one of the following. Each queue on the router
can have only one type of RED drop policy.

IP precedence-based REDConfigures a drop policy for RED based on an IP precedence level.


Valid values are from 0 to 7, where 0 typically represents low priority traffic that can be aggressively
managed (dropped) and 7 represents high priority traffic. Traffic at a low precedence level typically
has a higher drop probability. When RED drops packets, source hosts using TCP detect the drops
and slow the transmission of packets.

DSCP-based REDConfigures a drop policy for RED based on a differentiated services code point
(DSCP) value. When configured, the router randomly drops packets with the specified DSCP value,
according to the RED thresholds you configure. For the PRE1, DSCP-based RED supports one
default drop profile per class, three assured forwarding (AF) drop profiles per class, and four
non-AF drop profiles per policy map.

Feature History for Random Early Detection


Cisco IOS Release

Description

Required PRE

Release 12.0(17)SL

The random early detection feature was introduced on the PRE1


router.

Release 12.0(22)S

This feature was enhanced to allow you to configure RED PRE1


based on a differentiated services code point (DSCP).

Release 12.0(25)SX

This feature was enhanced to allow you to simultaneously PRE1


configure the random-detect command and the
queue-limit for the same class queue.

Release 12.2(16)BX

This feature was introduced on the PRE2.

PRE2

Release 12.2(28)SB

This feature was integrated in Cisco IOS


Release 12.2(28)SB for the PRE2.

PRE2

Release 12.2(31)SB2

This feature was introduced on the PRE3.

PRE3

Cisco 10000 Series Router Quality of Service Configuration Guide


OL-7433-09

11-9

Chapter 11

Managing Packet Queue Congestion

Controlling Congestion Using Random Early Detection

Random Early De