Home > Store

End-to-End QoS Network Design: Quality of Service for Rich-Media & Cloud Networks, 2nd Edition


  • Sorry, this book is no longer in print.
Not for Sale

eBook (Watermarked)

  • Your Price: $43.51
  • List Price: $54.39
  • Includes EPUB and PDF
  • About eBook Formats
  • This eBook includes the following formats, accessible from your Account page after purchase:

    ePub EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    Adobe Reader PDF The popular standard, used most often with the free Acrobat® Reader® software.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

Also available in other formats.

Register your product to gain access to bonus material or receive a coupon.



Thoroughly updated with Cisco validated best-practice design recommendations related to:

  • New applications, including rich-media applications and TelePresence
  • New places-in-the-network, including WLANs and cloud data centers
  • New industry standards, including IETF RFC 4594 and IEEE 802.1Q-2005
  • New Cisco platforms, including Nexus, ASR and ISR series platforms
  • New QoS technologies, including HQF and NBAR2


  • Copyright 2014
  • Dimensions: 7-3/8" x 9-1/8"
  • Pages: 1040
  • Edition: 2nd
  • Book
  • ISBN-10: 1-58714-369-0
  • ISBN-13: 978-1-58714-369-4

End-to-End QoS Network Design

Quality of Service for Rich-Media & Cloud Networks Second Edition

New best practices, technical strategies, and proven designs for maximizing QoS in complex networks

This authoritative guide to deploying, managing, and optimizing QoS with Cisco technologies has been thoroughly revamped to reflect the newest applications, best practices, hardware, software, and tools for modern networks.

This new edition focuses on complex traffic mixes with increased usage of mobile devices, wireless network access, advanced communications, and video. It reflects the growing heterogeneity of video traffic, including passive streaming video, interactive video, and immersive videoconferences. It also addresses shifting bandwidth constraints and congestion points; improved hardware, software, and tools; and emerging QoS applications in network security.

The authors first introduce QoS technologies in high-to-mid-level technical detail, including protocols, tools, and relevant standards. They examine new QoS demands and requirements, identify reasons to reevaluate current QoS designs, and present new strategic design recommendations. Next, drawing on extensive experience, they offer deep technical detail on campus wired and wireless QoS design; next-generation wiring closets; QoS design for data centers, Internet edge, WAN edge, and branches; QoS for IPsec VPNs, and more.

Tim Szigeti, CCIE No. 9794 is a Senior Technical Leader in the Cisco System Design Unit. He has specialized in QoS for the past 15 years and authored Cisco TelePresence Fundamentals.

Robert Barton, CCIE No. 6660 (R&S and Security), CCDE No. 2013::6 is a Senior Systems Engineer in the Cisco Canada Public Sector Operation. A registered Professional Engineer (P. Eng), he has 15 years of IT experience and is primarily focused on wireless and security architectures. 

Christina Hattingh spent 13 years as Senior Member of Technical Staff in Unified Communications (UC) in Cisco’s Services Routing Technology Group (SRTG). There, she spoke at Cisco conferences, trained sales staff and partners, authored books, and advised customers.

Kenneth Briley, Jr., CCIE No. 9754, is a Technical Lead in the Cisco Network Operating Systems Technology Group. With more than a decade of QoS design/implementation experience, he is currently focused on converging wired and wireless QoS.

n Master a proven, step-by-step best-practice approach to successful QoS deployment

n Implement Cisco-validated designs related to new and emerging applications

n Apply best practices for classification, marking, policing, shaping, markdown, and congestion management/avoidance

n Leverage the new Cisco Application Visibility and Control feature-set to perform deep-packet inspection to recognize more than 1000 different applications

n Use Medianet architecture elements specific to QoS configuration, monitoring, and control

n Optimize QoS in rich-media campus networks using the Cisco Catalyst 3750, Catalyst 4500, and Catalyst 6500

n Design wireless networks to support voice and video using a Cisco centralized or converged access WLAN

n Achieve zero packet loss in GE/10GE/40GE/100GE data center networks

n Implement QoS virtual access data center designs with the Cisco Nexus 1000V

n Optimize QoS at the enterprise customer edge

n Achieve extraordinary levels of QoS in service provider edge networks

n Utilize new industry standards and QoS technologies, including IETF RFC 4594, IEEE 802.1Q-2005, HQF, and NBAR2

This book is part of the Networking Technology Series from Cisco Press®, which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.



Download the two online only appendixes from End-to-End QoS Network Design here: Appendix 1 and Appendix 2

Sample Content

Online Sample Chapter

Campus Distribution (Cisco Catalyst 4500) QoS Design

Sample Pages

Download the sample pages (includes Chapter 15 and Index)

Table of Contents

<>Introduction xxxvi

Part I: QoS Design Overview

Chapter 1 Introduction and Brief History of QoS and QoE 1

History and Evolution 2

    Then 3

    Now 3

    Evolution of QoS 4

QoS Basics and Concepts 5

    User Expectations: QoS, QoE, and QoX 5

    QoS Models: IntServ and DiffServ 6

    Fundamental QoS Concepts and Toolset 7

    Packet Headers 8

    Simplifying QoS 9

Standardization and Consistency 9

Summary 11

Further Reading 11

    General 11

    IntServ 12

    DiffServ 12

Chapter 2 IOS-Based QoS Architectural Framework and Syntax Structure 13

QoS Deployment Principles 13

QoS Architectural Framework 14

    QoS Behavioral Model 15

    QoS Feature Sequencing 15

Modular QoS Command-Line Framework 16

    MQC Syntax 17

    Default Behaviors 19

    Traffic Classification (Class Maps) 19

    Definition of Policies (Policy Maps) 20

    Attaching Policies to Traffic Flows (Service Policy) 22

    Hierarchical QoS and HQF 23

    Legacy QoS CLI No Longer Used 25

AutoQoS 26

Summary 29

Further Reading 29

    General 29

    AutoQoS 29

Chapter 3 Classification and Marking 31

Classification and Marking Topics 31

    Classification and Marking Terminology 32

    Security and QoS 33

        Trust Boundaries 33

        Network Attacks 34

    Classification Challenges of Video and Wireless Traffic 34

    Marking Fields in Different Technologies 35

        Field Values and Interpretation 35

        Ethernet 802.1Q/p 37

        Ethernet 802.11 WiFi 38

        ATM and FR 38

        IPv4 and IPv6 39

        L2 and L3 Tunnels 39

        CAPWAP 40

        MPLS 41

    Mapping QoS Markings 41

        Mapping L2 to L3 Markings 41

        Mapping Cisco to RFC 4594 Markings 42

        Mapping Markings for Wireless Networks 43

Classification Tools 44

    Class-Based Classification (Class Maps) 45

    Network-Based Application Recognition 47

        NBAR Protocols 48

        RTP Traffic 49

        Performance Routing 49

        Metadata Classification 50

Marking Tools 50

    Class-Based Marking (Class Maps) 50

        Effects of Feature Sequence 52

        Mapping Markings with the Table Map Feature 52

    Marking (or Re-Marking) with Policing 53

    AutoQoS Marking 54

Recommendations and Guidelines 55

Summary 55

Further Reading 56

    Classification and Marking 56

    NBAR 56

    Video QoS 56

    Wireless QoS 57

    RFCs 57

Chapter 4 Policing, Shaping, and Markdown Tools 59

Policing and Shaping Topics 59

    Policing and Shaping Terminology 60

        Placing Policers and Shapers in the Network 61

        Tail Drop and Random Drop 61

        Re-Mark/Markdown 62

        Traffic Types to Police and Shape 62

    Token Bucket Algorithms 62

    Types of Policers 64

        Single-Rate Two-Color Policers 64

        RFC 2697 Single-Rate Three-Color Policers 65

        RFC 2698 Dual-Rate Three-Color Policers 66

    Security and QoS 68

Policing Tools 68

    Policers as Markers 68

    Class-Based Policing (Policy Maps) 69

        Multi-Action Policing 70

        Hierarchical Policing 71

        Percentage-Based Policing 72

        Color-Aware Policing 73

        Policing as Part of Low-Latency Queuing 73

    Control Plane Policing 74

    Unconditional Packet Drop 75

Traffic Shaping Tools 75

    Class-Based Shaping (Policy Maps) 76

        Hierarchical Class-Based Shaping 77

        Percentage-Based Shaping 77

    Legacy Shaping Tools 78

        ATM Traffic Shaping 78

        Frame Relay Traffic Shaping 78

Recommendations and Guidelines 79

Summary 80

Further Reading 80

    General 80

    DiffServ Policing Standards 80

    Policing 80

    Shaping 81

Chapter 5 Congestion Management and Avoidance Tools 83

Congestion Management and Avoidance Topics 84

    Congestion Management and Avoidance Terminology 84

    Congestion Management and Congestion Avoidance 85

    Scheduling Algorithms 85

    Levels of Queuing 85

Queuing and Scheduling Tools 86

    Class-Based Queuing (Policy Maps) 86

        Class-Based Weighted Fair Queuing 88

        Low-Latency Queuing 88

    Queuing Below Layer 3: Tx-Ring Operation 91

Congestion Avoidance Tools 92

    Random Early Detection 93

    Weighted Random Early Detection 93

Recommendations and Guidelines 95

Summary 96

Further Reading 96

    Queuing 96

    Congestion Avoidance 96

Chapter 6 Bandwidth Reservation Tools 99

Admission Control Tools 100

Resource Reservation Protocol 101

    RSVP Overview 101

    RSVP Proxy 102

    RSVP Deployment Models 103

        Basic RSVP Design (IntServ/DiffServ Model) 104

        Advanced RSVP Design (IntServ/DiffServ Model) 105

    RSVP and LLQ 106

Recommendations and Guidelines 108

Summary 108

Further Reading 109

    RSVP for Medianet 109

    RSVP Technology 109

Chapter 7 QoS in IPv6 Networks 111

IPv6 and QoS Overview 111

QoS Tools for IPv6 112

    QoS Feature Support for IPv6 112

    Packet Headers, Classification, and Marking 112

        Packet Classification 113

        Packet Marking 114

    Policing and Shaping 115

Recommendations and Guidelines 115

Summary 116

Further Reading 116

Chapter 8 Medianet 117

An Introduction to Medianet 117

Medianet Architecture and Framework 119

Medianet Features and Capabilities 120

    Autoconfiguration 121

        Auto Smartports 121

        AutoQoS 121

    Media Monitoring 122

        Mediatrace 122

        Performance Monitor 125

        IPSLA Video Operation (Traffic Simulator, IPSLA VO) 127

    Media Awareness 128

        Flow Metadata 129

        Network Based Application Recognition 2 130

        Media Services Interface 132

        Media Services Proxy 132

Summary 133

Further Reading 133

    Overviews 133

    Design Documents 134

    Configuration Guides and Command References 134

    Resources and Services 134

Chapter 9 Application Visibility Control (AVC) 135

AVC Use Cases 136

How AVC Works 138

The AVC Building Blocks 140

    Building Block 1: NBAR2 140

        NBAR2 Protocol Discovery 142

        NBAR2 MQC Traffic Classification 144

    Building Block 2: Flexible NetFlow 147

        Flexible NetFlow Key Fields and Non-Key Fields 148

        Configuration of FNF 149

    Building Block 3: AVC Management and Reporting 152

        Insight Reporter 153

    Building Block 4: AVC QoS Controls 154

        Deploying AVC QoS Controls at the WAN Edge 154

        Deploying AVC QoS Controls at the Internet Edge 156

Performance Considerations When Using AVC 159

Summary 160

Additional Reading 161

Part II: QoS Design Strategies

Chapter 10 Business and Application QoS Requirements 163

Global Trends in Networking 164

The Evolution of Video Applications 164

The Explosion of Media 166

The Phenomena of Social Networking 167

The Bring Your Own Device Demand 167

The Emergence of Bottom-Up Applications 168

The Convergence of Media Subcomponents Within Multimedia Applications 168

The Transition to High-Definition Media 169

QoS Requirements and Recommendations by Application Class 169

    Voice 170

    Video Applications 171

        Broadcast Video 173

        Real-Time Interactive 174

    Multimedia Applications 175

        Multimedia Conferencing 176

        Multimedia Streaming 177

    Data Applications 177

        Transactional Data (Low-Latency Data) 178

        Bulk Data (High-Throughput Data) 178

        Best Effort Data 179

        Scavenger (Lower-Priority Data) 180

    Control Plane Traffic 180

        Network Control 181

        Signaling 181

        Operations/Administration/Management 182

Cisco (RFC 4594-Based) QoS Recommendations by Application Class Summary 182

QoS Standards Evolution 183

    RFC 2597, Clarification 183

    RFC 5865, Proposed Standard 184

    RFC 4594, Update Draft 185

Summary 187

Further Reading 187

Chapter 11 QoS Design Principles and Strategies 189

QoS Best-Practice Design Principles 189

    Hardware Versus Software QoS Best Practices 190

    Classification and Marking Best Practices 191

    Policing and Markdown Best Practices 192

    Queuing and Dropping Best Practices 192

        EF Queue Recommendations: The 33% LLQ Rule 193

        AF Queue Recommendations 195

        DF Queue Recommendations 195

        Scavenger Class Queue Recommendations 195

        WRED Recommendations 197

QoS Design Strategies 198

    Four-Class Model QoS Strategy 198

    Eight-Class Model QoS Strategy 200

    Twelve-Class Model QoS Strategy 202

    Application Class Expansion QoS Strategies 204

    QoS for Security Strategies 206

        Control Plane Policing Recommendations 208

        Data Plane Policing Recommendations 210

Summary 213

Further Reading 214

Chapter 12 Strategic QoS Design Case Study 215

Tifosi Software Inc.: Company Overview 215

Original (Four-Class) QoS Model 215

Business Catalysts for QoS Reengineering 216

Proposed (Eight-Class) QoS Model 217

“Layer 8” Challenges 219

Summary 221

Additional Reading 221

Part III: Campus QoS Design

Chapter 13 Campus QoS Design Considerations and Recommendations 223

MLS Versus MQC 225

Default QoS 226

Internal DSCP 226

Trust States and Operations 227

Trust Boundaries 230

DSCP Transparency 231

Port-Based QoS Versus VLAN-Based QoS Versus Per-Port/Per-VLAN QoS 232

EtherChannel QoS 234

Campus QoS Models 235

    Ingress QoS Models 235

    Egress QoS Models 238

Campus Port QoS Roles 239

Campus AutoQoS 241

Control Plane Policing 243

Summary 244

Additional Reading 246

Chapter 14 Campus Access (Cisco Catalyst 3750) QoS Design 247

Cisco Catalyst 3750 QoS Architecture 248

QoS Design Steps 249

    Enabling QoS 250

    Ingress QoS Models 250

        Trust Models 251

        Classification and Marking Models 254

        Classification, Marking, and Policing Models 256

    Queuing Models 260

        Ingress Queuing Model 261

        Egress Queuing Models 265

Additional Platform-Specific QoS Design Options 271

    Per-VLAN QoS Design 271

    Per-Port/Per-VLAN QoS 272

    EtherChannel QoS Design 273

    AutoQoS SRND4 273

    Control Plane Policing 274

Summary 274

Additional Reading 274

Chapter 15 Campus Distribution (Cisco Catalyst 4500) QoS Design 275

Cisco Catalyst 4500 QoS Architecture 276

QoS Design Steps 277

Queuing Models 277

    Four-Class Egress Queuing Model 278

    Eight-Class Egress Queuing Model 281

    Twelve-Class Egress Queuing Model 284

Additional Platform-Specific QoS Design Options 289

    Access-Edge Design Options 290

        Conditional Trust Model 290

        Medianet Metadata Classification Model 292

        Classification and Marking Models 293

        Classification, Marking, and Policing Model 294

    Per-VLAN QoS Design 297

    Per-Port/Per-VLAN QoS 298

    EtherChannel QoS Design 299

    Flow-Based QoS 301

    Control Plane Policing 303

Summary 303

Further Reading 303

Chapter 16 Campus Core (Cisco Catalyst 6500) QoS Design 305

Cisco Catalyst 6500 QoS Architecture 306

QoS Design Steps 308

Queuing Models 308

    Four-Class (4Q4T Ingress and 1P3Q4T Egress) Queuing Models 311

    Eight-Class (8Q4T Ingress and 1P7Q4T Egress) Queuing Models 314

    Twelve-Class (8Q4T Ingress and 1P7Q4T Egress) Queuing Models 318

    2P6Q4T Ingress and Egress Queuing Models 328

Additional Platform-Specific QoS Design Options 329

    Access-Edge Design Options 330

        Conditional Trust Model 330

        Classification and Marking Models 332

        Classification, Marking, and Policing Model 335

    Microflow Policing 341

    Per-VLAN QoS Design 342

    EtherChannel QoS Design 343

    AutoQoS SRND4 344

    Control Plane Policing 344

Summary 344

Further Reading 345

Chapter 17 Campus QoS Design Case Study 347

Tifosi Campus Access QoS Design 350

    Policy 1: Access-Edge Design for Printer Endpoints (No Trust) 351

    Policy 2: Access-Edge Design for Wireless Access Endpoints (DSCP Trust) 351

    Policy 3: Access-Edge Design for Cisco TelePresence Endpoints (Conditional Trust) 352

    Policy 4: Access-Edge Design for Cisco IP Phones or PCs (Conditional Trust and Classification and Marking) 352

    Eight-Class 1P1Q3T Ingress Queuing Design 355

    Eight-Class 1P3Q3T Egress Queuing Design 357

        Policy 5: Access Layer Uplink Design 359

Tifosi Campus Distribution QoS Design 360

    Policy 6: Distribution Layer Downlink Ports (Catalyst 4500E Supervisor 7-E) 360

    Policy 7: Distribution Layer Distribution-Link / Core-Uplink Ports 362

Tifosi Campus Core QoS Design 364

    Policy 8: Core Layer (10GE) Downlink Design 364

    Policy 9: Core Layer (40GE) Core-Link Design 368

Summary 370

Further Reading 371

Part IV: Wireless LAN QoS Design

Chapter 18 Wireless LAN QoS Considerations and Recommendations 373

Comparing QoS in Wired and Wireless LAN Environments 374

WLAN QoS Building Blocks 376

    The Distributed Coordination Function 376

    CSMA/CA 377

    The DCF Contention Window 378

IEEE 802.11e and Wireless Multimedia (WMM) 382

    Retrofitting DCF: Enhanced Distributed Channel Access 382

        Access Categories 383

        Arbitration Interframe Spacing 385

        Contention Window Enhancements 386

        Transmission Opportunity 388

        802.11e TSpec: Call Admission Control 388

QoS Design Considerations 389

    Defining Upstream and Downstream Traffic Flow 389

    QoS Mapping and Marking Considerations 390

    The Upstream QoS Marking Strategy 392

    The Downstream QoS Marking Strategy 394

Summary 395

Additional Reading 396

Chapter 19 Centralized (Cisco 5500 Wireless LAN Controller) QoS Design 397

QoS Enforcement Points in the WLAN 398

Managing QoS Profiles in the Wireless LAN Controller 399

    QoS Marking and Conditional Trust Boundaries 399

    WLAN QoS Profiles 400

    Building a Guest QoS Profile 408

QoS Design for VoIP Applications 410

    Tweaking the EDCA Configuration 411

    Call Admission Control on the Wireless Network 413

Enabling WMM QoS Policy on the WLAN 413

Enabling WMM QoS Policy on the WLAN 414

Media Session Snooping (a.k.a. SIP Snooping) 416

Application Visibility Control in the WLC 417

Developing a QoS Strategy for the WLAN 424

    Four-Class Model Design 424

        Tweaking the QoS Classification Downstream 425

        Tweaking the QoS Classification Upstream 429

    Eight-Class Model Design 430

    Twelve-Class Model Design 431

Summary 432

Further Reading 433

Chapter 20 Converged Access (Cisco Catalyst 3850 and the Cisco 5760 Wireless LAN Controller) QoS Design 435

Converged Access 438

Cisco Catalyst 3850 QoS Architecture 439

QoS Design Steps 442

    Enabling QoS 442

    Ingress QoS Models 444

        Wired-Only Conditional Trust Model 444

        Classification and Marking Models 446

        Classification, Marking, and Policing Model 448

    Queuing Models 454

        Wired Queuing 455

        Wired 1P7Q3T Egress Queuing Model 456

        Wired 2P6Q3T Egress Queuing Model 459

        Wireless Queuing 470

        Wireless 2P2Q Egress Queuing Model 472

Summary 474

Additional Reading 475

Chapter 21 Converged Access QoS Design Case Study 477

Tifosi Converged Access QoS Design: Wired 481

    Policy 1: Access-Edge Design for Wired Printer Endpoints (No Trust) 481

    Policy 2: Access-Edge Design for Wired Access Endpoints (DSCP Trust) 481

    Policy 3: Access-Edge Design for Cisco TelePresence Endpoints (Conditional Trust) 482

    Policy 4: Access-Edge Design for Cisco IP Phones and PCs (Conditional Trust and Classification and Marking) 482

    Policy 5: Access-Edge Wired Queuing Design 485

Tifosi Converged Access QoS Design: Wireless 488

    Policy 6: Access-Edge Design for Mobile Wireless Clients (Dynamic Policy with and Classification & Marking) 489

    Policy 7: Access-Edge Wireless Queuing Design 491

    Policy 8: SSID Bandwidth Allocation Between Guest and Enterprise SSIDs (SSID Policy to Separate Bandwidth Distribution) 492

    Policy 9: CT 5760 Wireless LAN Controller Uplink Ports 493

Cisco Identity Services Engine 495

Summary 496

Additional Reading 496

Part V: Data Center QoS Design

Chapter 22 Data Center QoS Design Considerations and Recommendations 499

Data Center Architectures 500

    High-Performance Trading Data Center Architectures 500

    Big Data (HPC/HTC/Grid) Architectures 501

    Virtualized Multiservice Data Center Architectures 503

    Secure Multitenant Data Center Architectures 505

    Massively Scalable Data Center Architectures 506

Data Center QoS Tools 507

    Data Center Bridging Toolset 508

        Ethernet Flow Control: IEEE 802.3x 508

        Priority Flow Control: IEEE 802.1Qbb 510

        Skid Buffers and Virtual Output Queuing 512

        Enhanced Transmission Selection: IEEE 802.1Qaz 514

        Congestion Notification: IEEE 802.1Qau 515

        Data Center Bridging Exchange: IEEE 802.1Qaz + 802.1AB 516

    Data Center Transmission Control Protocol 517

NX-OS QoS Framework 519

Data Center QoS Models 520

    Data Center Marking Models 520

        Data Center Applications and Protocols 521

        CoS/DSCP Marking 523

        CoS 3 Overlap Considerations and Tactical Options 524

        Data Center Application-Based Marking Models 526

        Data Center Application/Tenant-Based Marking Models 527

    Data Center QoS Models 528

Data Center Port QoS Roles 529

Summary 532

Additional Reading 534

Chapter 23 Data Center Virtual Access (Nexus 1000V) QoS Design 535

Cisco Nexus 1000 System Architecture 537

Nexus 1000V Configuration Notes 539

    Monitoring QoS Statistics 540

Ingress QoS Model 540

    Trust Models 541

        Trusted Server Model 541

        Untrusted Server Model 541

    Classification and Marking 544

        Single-Application Server Model 544

        Multi-Application Server Model 545

    Server Policing Model 547

Egress QoS Model 549

    Four-Class Egress Queuing Model 551

    Eight-Class Egress Queuing Model 556

Summary 559

Additional Reading 559

Chapter 24 Data Center Access/Aggregation (Nexus 5500/2000) QoS Design 561

Cisco Nexus 5500 System Architecture 562

    Architectural Overview 563

    Virtual Output Queuing 564

    QoS Groups and System Classes 567

QoS Design Steps 569

Ingress QoS Models 569

    Trust Models 570

        Trusted Server Model 570

        Untrusted Server Model 570

    Classification and Marking Models 572

        Single-Application Server Model 573

        Multi-Application Server Model 576

    Application Policing Server Model 578

    Modifying the Ingress Buffer Size 580

Egress Queuing Models 582

    Four-Class Model 582

    Eight-Class Model 587

Additional QoS Designs Options 592

    Nexus 5500 L3 QoS Configuration 592

    Nexus 2000 Fabric Extender QoS 593

    Using the network-qos Policy to Set MTU 597

Summary 597

Additional Reading 598

Chapter 25 Data Center Core (Nexus 7000) QoS Design 599

Nexus 7000 Overview 600

Nexus 7000 M2 Modules: Architecture and QoS Design 604

    M2 QoS Design Steps 607

    M2 Queuing Models 607

        M2 Default Queuing Models 608

        M2 Four-Class (4Q2T Ingress / 1P3Q4T Egress) Queuing Model 610

        M2 Eight-Class (8Q2T Ingress / 1P3Q4T Egress) Queuing Model 615

    M2 OTV Edge Device QoS Design 621

Nexus 7000 F2 Modules: Architecture and QoS Design 623

    F2 QoS Design Steps 625

    F2 Network QoS Policy Design 625

    F2 Queuing Models 630

        F2 Default Queuing Models 631

        F2 Four-Class (4Q1T Ingress / 1P3Q1T Egress) Queuing Model 634

        F2 Eight-Class (4Q1T Ingress / 1P3Q1T Egress) Queuing Model 634

    FEX QoS Design 638

Additional M2/F2 QoS Design Options 638

    Trusted Server Model 638

    Untrusted Server Model 638

    Single-Application Server Marking Model 642

    Multi-Application Server Classification and Marking Model 642

    Server Policing Model 643

    DSCP-Mutation Model 645

CoPP Design 648

Summary 648

Further Reading 649

Chapter 26 Data Center QoS Design Case Study 651

Tifosi Data Center Virtual Access Layer Nexus 1000V QoS Design 655

    Policy 1: Trusted Virtual Machines 655

    Policy 2: Single-Application Virtual Machine 655

    Policy 3: Multi-Application Virtual Machine 656

    Policy 4: Network-Edge Queuing 657

Tifosi Data Center Access/Aggregation Layer Nexus 5500/2000 QoS Design 659

    Policy 5: Trusted Server 660

    Policy 6: Single-Application Server 660

    Policy 7: Multi-Application Server 661

    Policy 8: Network-Edge Queuing Policy 662

Tifosi Data Center Core Layer Nexus 7000 QoS Design 666

    Policy 9: Network-Edge Queuing (F2 Modules) 666

    Policy 10: Network-Edge Queuing (M2 Modules) 668

    Policy 11: DSCP Mutation for Signaling Traffic Between Campus and Data Center 671

Summary 672

Further Reading 673

Part VI: WAN and Branch QoS Design

Chapter 27 WAN and Branch QoS Design Considerations and Recommendations 675

WAN and Branch Architectures 677

Hardware Versus IOS Software QoS 678

Latency and Jitter 679

Tx-Ring 682


LLQ 684

WRED 685

RSVP 685

Medianet 686

AVC 687

AutoQoS 687

Control Plane Policing 687

Link Types and Speeds 687

WAN and Branch QoS Models 688

    Ingress QoS Models 689

    Egress QoS Models 689

Control Plane Policing 692

WAN and Branch Interface QoS Roles 692

Summary 693

Further Reading 694

Chapter 28 WAN Aggregator (Cisco ASR 1000) QoS Design 697

Cisco ASR 1000 QoS Architecture 698

QoS Design Steps 700

ASR 1000 Internal QoS 701

    SPA-Based PLIM 706

    SIP-Based PLIM 707

Ingress QoS Models 708

Egress QoS Models 709

    Four-Class Model 709

    Eight-Class Model 712

    Twelve-Class Model 715

Additional Platform-Specific QoS Design Options 725

    RSVP 725

        Basic RSVP Model 726

        Advanced RSVP Model with Application ID 729

    AutoQoS SRND4 733

    Control Plane Policing 733

Summary 733

Further Reading 734

Chapter 29 Branch Router (Cisco ISR G2) QoS Design 735

Cisco ISR G2 QoS Architecture 736

QoS Design Steps 738

Ingress QoS Models 738

    Medianet Classification Models 738

        Medianet Application-Based Classification and Marking Model 739

        Medianet Application-Group-Based Classification Model 743

        Medianet Attribute-Based Classification Model 744

    NBAR2 Classification Models 744

        NBAR2 Application-Based Classification and Marking Model 745

        NBAR2 Application-Group-Based Classification Model 748

        NBAR2 Attribute-Based Classification Model 748

        Custom-Protocol NBAR2 Classification 752

Egress QoS Models 753

    Four-Class Model 754

    Eight-Class Model 754

    Twelve-Class Model 754

Additional Platform-Specific QoS Design Options 757

    RSVP 757

    AutoQoS SRND4 757

    Control Plane Policing 757

Summary 757

Further Reading 758

Chapter 30 WAN and Branch QoS Design Case Study 759

Policy 1: Internal (PLIM) QoS for ASR 1000 761

    Policy 1a: SIP-Based PLIM QoS 762

    Policy 1b: SPA-Based PLIM QoS 762

Policy 2: LAN-Edge QoS Policies 763

Policy 3: WAN Edge QoS Policies 765

Summary 768

Further Reading 769

Part VII: MPLS VPN QoS Design

Chapter 31 MPLS VPN QoS Design Considerations and Recommendations 771

MPLS VPN Architectures 772

MAN and WAN Ethernet Service Evolution 773

Sub-Line-Rate Ethernet Design Implications 775

QoS Paradigm Shift 779

Service Provider Class of Service Models 781

MPLS DiffServ Tunneling Modes 781

    Uniform Mode 782

    Short Pipe Mode 783

    Pipe Mode 784

Enterprise-to-Service Provider Mapping 785

    Mapping Real-Time Voice and Video 785

    Mapping Control and Signaling Traffic 786

    Separating TCP from UDP 786

    Re-Marking and Restoring Markings 787

MPLS VPN QoS Roles 787

Summary 789

Further Reading 790

Chapter 32 Enterprise Customer Edge (Cisco ASR 1000 and ISR G2) QoS Design 793

QoS Design Steps 794

Ingress QoS Models 795

Egress QoS Models 795

    Sub-Line-Rate Ethernet: Hierarchical Shaping and Queuing Models 795

        Known SP Policing Bc 796

        Unknown SP Policing Bc 797

    Enterprise-to-Service Provider Mapping Models 798

        Four-Class Enterprise Model Mapped to a Four-CoS Service Provider Model 798

        Eight-Class Enterprise Model Mapped to a Six-CoS Service Provider Model 800

        Twelve-Class Enterprise Model Mapped to an Eight Class-of-Service Service Provider Model 803

Summary 808

Further Reading 808

Chapter 33 Service Provider Edge (Cisco ASR 9000) QoS Design 809

QoS Architecture 810

QoS Design Steps 814

MPLS DiffServ Tunneling Models 814

    Uniform Mode MPLS DiffServ Tunneling 815

        Uniform Mode Ingress Policer 816

        Uniform Mode (MPLS EXP-Based) Egress Queuing Policy 822

        Uniform Mode (MPLS EXP-to-QG) Ingress Mapping Policy 823

        Uniform Mode (QG-Based) Egress Queuing Policy 824

    Pipe Mode MPLS DiffServ Tunneling 826

        Pipe Mode Ingress Policer 827

        Pipe Mode (MPLS EXP-Based) Egress Queuing Policy 830

        Pipe Mode (MPLS EXP-to-QG) Ingress Mapping Policy 831

        Pipe Mode (QG-Based) Egress Queuing Policy 832

    Short Pipe Mode MPLS DiffServ Tunneling 834

        Short Pipe Mode Ingress Policer 835

        Short Pipe Mode (MPLS EXP-Based) Egress Queuing Policy 838

        Short Pipe Mode (DSCP-Based) Egress Queuing Policy 840

Summary 842

Additional Reading 843

Chapter 34 Service Provider Core (Cisco CRS) QoS Design 845

QoS Architecture 846

QoS Design Steps 849

SP Core Class-of-Service QoS Models 849

    Four-Class-of-Service SP Model 850

        Four-Class-of-Service Fabric QoS Policy 850

        Four-Class-of-Service Interface QoS Policy 853

    Six-Class-of-Service SP Core Model 854

        Six-Class-of-Service Fabric QoS Policy 855

        Six-Class-of-Service Interface QoS Policy 856

    Eight-Class-of-Service SP Core Model 857

        Eight-Class-of-Service Fabric QoS Policy 857

        Eight-Class-of-Service Interface QoS Policy 858

Summary 860

Additional Reading 860

Chapter 35 MPLS VPN QoS Design Case Study 861

Policy 1: CE Router Internal QoS (Cisco ASR 1000) 863

Policy 2: CE Router LAN-Edge QoS Policies 863

Policy 3: CE Router VPN-Edge QoS Policies 863

Policy 4: PE Router Internal QoS (Cisco ASR 9000) 866

Policy 5: PE Router Customer-Edge QoS 866

Policy 6: PE Router Core-Edge QoS 867

Policy 7: P Router Internal QoS (Cisco CRS-3) 868

Policy 8: P Router Interface QoS 868

Summary 868

Additional Reading 868

Part VIII: IPsec QoS Design

Chapter 36 IPsec VPN QoS Considerations and Recommendations 871

IPsec VPN Topologies 871

    Standard IPsec VPNs 872

        Tunnel Mode 872

        Transport Mode 873

    IPsec with GRE 873

    Remote-Access VPNs 874

QoS Classification of IPsec Packets 875

The IOS Preclassify Feature 877

MTU Considerations 880

    How GRE Handles MTU Issues 881

    How IPsec Handles MTU Issues 881

    Using the TCP Adjust-MSS Feature 883

Compression Strategies Over VPN 885

    TCP Optimization Using WAAS 885

    Using Voice Codecs over a VPN Connection 886

    cRTP and IPsec Incompatibilities 887

Antireplay Implications 888

Summary 891

Additional Reading 891

Chapter 37 DMVPN QoS Design 893

The Role of QoS in a DMVPN Network 895

    DMVPN Building Blocks 895

    How QoS Is Implemented in a DMVPN? 895

DMVPN QoS Configuration 896

    Next-Hop Routing Protocol 897

    The Need for a Different Approach to QoS in DMVPNs 898

    The Per-Tunnel QoS for DMVPN Feature 899

DMVPN QoS Design Example 900

    DMVPN QoS Design Steps 902

    Configuring the Hub Router for Per-Tunnel QoS 902

        Configuring the Hub Router for the Four-Class QoS Model 903

        Configuring the Hub Router for the Eight-Class QoS Model 905

        Configuring the Hub Router for the Twelve-Class QoS Model 907

    Configuring the Spoke Routers for Per-Tunnel QoS 910

    Verifying Your DMVPN QoS Configuration 913

Per-Tunnel QoS Between Spokes 917

Summary 918

Additional Reading 919

Chapter 38 GET VPN QoS Design 921

GET VPN QoS Overview 922

    Group Domain of Interpretation 923

    GET VPN Building Blocks 924

    IP Header Preservation 926

GET VPN Configuration Review 928

    Key Server Configuration 928

    Group Member Configuration 929

GET VPN QoS Configuration 931

    Configuring a GM with the Four-Class Model 932

    Configuring a GM with the Eight-Class Model 933

    Configuring a GM with the Twelve-Class Model 934

    Confirming the QoS Policy 936

How and When to Use the QoS Preclassify Feature 939

A Case for Combining GET VPN and DMVPN 940

Working with Your Service Provider When Deploying GET VPN 941

Summary 941

Additional Reading 942

Chapter 39 Home Office VPN QoS Case Study 943

Building the Technical Solution 943

The QoS Application Requirements 944

The QoS Configuration 945

    Headend Router Configuration 946

    Home Office Router (Spoke) Configuration 948

Summary 952

Additional Reading 952

Index 953


Part XI: Appendixes (Online)

Appendix A AutoQoS for Medianet

Appendix B Control Plane Policing 



We've made every effort to ensure the accuracy of this book and its companion content. Any errors that have been confirmed since this book was published can be downloaded below.

Download the errata (617 KB .doc)

Download new Figure 14-4

Submit Errata

More Information

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020