Learn in this tip how using QoS to limit bandwidth can decongest your wide area network (WAN) link. Understand DSCP, queuing and where prioritization fits into your environment before you consider turning to a WAN optimization solution.
Network Quality of Service, or QoS, describes both the performance that users experience with a given application over the network, and the idea of controlling that performance using differentiated network services. For some kinds of network performance challenges, such as prioritizing VoIP traffic over other kinds of network traffic on a WAN link, IT can use QoS as a straightforward solution that can be implemented without adding new layers of equipment to the network -- though it may require adding services to a WAN contract.
Using QoS DSCP
At the WAN level, QoS is governed by the Differentiated Services Code Point (DSCP), which takes up 6 bits in the IP header. The DSCP can assume any one of 64 possible values, allowing up to 64 QoS classes -- more than anyone ever uses. In fact, having four classes turns out to be good enough for most QoS users.
The DSCP field marks packets as belonging to a specific delivery class, the idea being that the enterprise will define certain delivery goals for that class. Routers and other equipment can use packet queues -- buffers, essentially -- and algorithms for delivering packets out of queues to achieve those goals. There are recommended standards for some values of the DSCP field (as laid out in RFC 2474); they define some desired behaviors centering on expedited forwarding -- or EF, as further described by RFC 3246 -- requiring delivery with low loss, low latency and minimal jitter; and assured forwarding (or AF, RFC 2597), providing a good guarantee of lossless delivery.
The RFCs recommend that the EF class be tagged with a DSCP value of 46 -- as 6 bits, this would make the DSCP value 101110 -- and offer a set of 12 tag values for AF traffic, offering various degrees of delivery guarantee. EF behavior is meant to be suitable for real-time, interactive multimedia traffic such as VoIP or video conferencing. (See what wide area network design requirements are required to use QoS for video conferencing in this tip.)
Wherever QoS behavior is not dictated strictly by open standards, vendors do their own thing. With WAN service providers such as AT&T or Verizon, the number and meaning of available QoS classes varies. You might get five or seven or 11 classes, and the same DSCP value may not mean the same thing for two different providers. In some cases, a single vendor will implement several distinct schemes in different offerings.
Using QoS queuing
There are no standards per se in queuing. Queuing strategies are just algorithms to tell a network node how to deal with packets sitting in queues. If the queues represent delivery classes, the queuing strategy is responsible for keeping the delivery promises that the DSCP tags represent.
These are the core strategies for using QoS to limit bandwidth via queuing:
- Fair Queuing (FQ): It divides bandwidth evenly across flows. FQ does not help with QoS, and in fact prevents it unless you can guarantee that there will never be oversubscription of the links (congestion), requiring one packet to wait while others are delivered.
- Weighted Fair Queuing (WFQ): It allows some flows to be weighted as receiving more bandwidth, so bandwidth is not allocated evenly.
- Class-Based Weighted Fair Queuing (CBWFQ): It allows flows to be grouped into classes, with bandwidth assigned to each class and WFQ within the classes.
- Prioritized CBWFQ (P-CBWFQ) : This adds strict prioritization of classes, so the router can definitively say a packet waiting in one queue will always be delivered before packets in other queues.
Adding priority to the system limits maximum queuing delays so delivery can meet the needs of real-time traffic, and it minimizes jitter better than non-prioritizing schemes. This implements EF behavior, while class-based schemes can implement AF levels with or without priority.
Fitting prioritization into your WAN environment
Packet marking can take place at the endpoint, in the LAN or at the WAN edge. At the endpoint, for example, a hard IP phone or a PC can mark traffic as belonging to an EF-style class, to make sure all intervening nodes can give the packets preferential treatment so the voice calls sound good. This pushes the tagging decision out to the point where traffic is generated and consumed, and keeps the work off devices further inside the network. Windows 7, for example, can do outbound traffic marking driven by group policy objects (GPOs). Tagging can be based on source node, target node, source application and other things. Control can be limited to GPOs, with local per-application requests for marking disabled, which may make it possible for more organizations to trust marking coming from the end nodes.
However, if bandwidth at the LAN edge is, as it is in most places, vastly underutilized, aggregation routers may have plenty of capacity to do the tagging instead. If you have trouble trusting the endpoint devices, say because you don’t use GPOs, pulling tagging into the core keeps it better under IT control.
You can also push the decision to the WAN edge router, as that is the place most likely to have real congestion issues and actually require differentiated services. The routers can tag and queue according to policy, and if the WAN links are the only place where congestion ever occurs, they can be the only parts of the network you have to configure for QoS.
The base strategy for tagging is to define the classes and the associated queuing behavior, then use firewall-style access control lists (ACLs) to match traffic to classes for tagging. This requires that you identify network addresses and/or ports or protocols for the traffic to be tagged.
Try (QoS) before you buy (another solution)
If media or real-time applications are experiencing performance problems due to packet loss, latency or jitter through congested WAN links, using QoS may be the simplest and cheapest way to fix this performance problem. It is not a cure-all, but for some classes of problems, it is the fix you didn’t know you already had.
→ For more information, read my tip on using QoS classification mapping to improve WAN application traffic.