Message classification and marking

Message classification and marking

• In the previous section, we explained the QoS service model. Now we need to explain the classification and marking of QoS implementation traffic, and also introduce the configuration accordingly.

Necessity of
message classification What are the basis of message classification? Earlier we learned that ACL can be used to match quintuples for classification. What classification methods does QoS support?
Quintuple: a set of five quantities: source IP address, source port, destination IP address, destination port, and transport layer protocol.
For example: 192.168.1.1 10000 TCP 121.14.88.76 80 constitutes a quintuple. The significance is that a terminal with an IP address of 192.168.1.1 connects to a terminal with an IP address of 121.14.88.76 and a port of 80 through the port 10000 using TCP protocol.
The quintuple can distinguish different conversations, and the corresponding conversations are unique.

The

TAG field of packet classification is composed of 4 bytes. The first two bytes are TPID (TAG Protocol Identifier), and its value is fixed at 0x8100, which means dot1q standard TAG. The last two bytes are TCI (TAG Control Information), which is divided into three parts, as shown below:
1) user_priority: user priority, occupies 3 bits, can represent 8 different priorities, different priorities The message can get different levels of service;
2) CFI: Canonical Format Indicator (Canonical Format Indicator), which occupies one bit, it is usually set to 0, indicating that the MAC address format in the message is the canonical format (following the IEEE 802 standard , That is, the bit order in the byte is consistent with the standard). If the bit is set to 1, it has different meanings according to the type of network. For details, please refer to the dot1q standard document.
3) VID: the identifier of the VLAN, which occupies 12 bits and represents an unsigned integer, ranging from 0 to 4095, where 0 means that the packet does not have a specified VID (priority tagged), 4095 is reserved according to regulations and cannot be used , The switch will not forward such a packet when received, so the available VID range is 1 to 4094, where VID 1 is also specified as the default VLAN. In the case of no configuration by the user, the factory configuration of the device is that all ports belong to the VLAN 1. The default VID of the port is also VLAN 1.
4) When transmitting on the second layer, our PRI value possibility is also 0-7. If we encounter DSCP, we actually need to use a value called COS value. This value actually has a table on the switch. And DSCP values ​​form a map, so we can query COS-> DSCP and DSCP-》 COS map on the switch

• When we explained MPLS before, we mentioned that the EXP field in MPLS and the ipp in IP mean the same thing. Also three bits

Mainly, here will give a detailed explanation of the parameters in the ToS field in the IP header
. Using the QoS priority field contained in the packet itself is a rough classification method, and the matching rule is relatively simple, so this method is called Simple flow classification

VLAN 802.1p field / MPLS EXP field

· According to the IEEE 802.1Q definition, the PRI field in the VLAN TAG is used to identify the QoS service level.
For MPLS packets, the EXP field in the label information is usually used as the CoS field of the MPLS packet, which is equivalent to the ToS field of the IP network, and is used to distinguish the service level of data traffic.

IP-Precedence field of IPv4 packets

• According to the definition of RFC791, in the ToS in the IP packet header, the upper three digits are ip-precedence bits. Of course, there are multiple RFC documents that define the ToS in the IP packet header. The definition of the upper three digits is the same as RFC791.
• RFC: is a series of documents arranged by number. The file collects information about the Internet, as well as software files for UNIX and the Internet community, that is, similar to the existence of Internet memos, all Internet standards of Base Arc are included in RFC files.
• The middle 3 bits of ToS belong to D / T / R, D bit stands for Delay, T bit stands for Throughput, and R bit stands for Reliability.
• If there are three bits, we have a total of 8 possibilities, so it can only be divided into 8 types of traffic, which is definitely not enough for the Internet, so in order to solve this problem, a new standard has emerged

DSCP field of IPv4 packets (1)

• In RFC2474, the ToS field of the IPv4 packet header has been redefined, which is the DS field we are using now.

• Using this form, the original 3 bits were expanded to 6 bits, so there are a total of 2 ^ 6 possibilities, that is, 64 types, and now we are using DSCP

• In fact, we can see
  different combinations of IP precedence and names on the device.
  Demo:
  

• It can be seen that if the IPP standard is used, then there are 8 possibilities displayed, which are 0-7, which is the following distribution, and each flow has a designated digital label

• You can write numbers directly or use names, which is actually the same effect
  
  || || || || || || || || ||| || || ||
  
  DSCP
  

• There are 64 possibilities, 0-63. There are combinations in it, but now there are different combinations, and I give it a different name.

• By default, DSCP is all 0

Detailed DSCP

• The default DSCP is 0.
  The ToS field in the IPv4 packet header and a traffic class field in IPv6 are collectively called the DS field
  . The DSCP has the first six bits used for PHB behavior (the PHB behavior here is not popped at the end of the hop) Meaning, called per-hop behaviors) Each hop behavior, we need to do every hop to do QoS to be effective, so called each hop behavior, PHB behavior is reflected in the data forwarding method, queue scheduling method and Whether there is reserved bandwidth, this kind of behavior, so in theory, DSCP value is different, we need to have different PHB behavior.
  ·
  

· DSCP has 0-63, these 64 possibilities, but in fact, for the value itself, there is no action, the action needs to be considered by us, but after just going to see it, we found that after using some help, It will have recommended standards. For example, the DSCP value may represent EF. EF should give voice flow, but if you do n’t follow the usual rules, I will use EF to BT traffic, then there is definitely no problem to perform the operation of killing. Therefore, the action is artificial, and the value itself has no meaning, just a sign.
· DSCP is compatible with the old equipment, because the old equipment still supports the allocation of the upper three digits of IPP, so you can see that the values ​​in the experiment just

found that the first three digits will change, but the last three digits will not change. In case, we can use DSCP to be compatible with IPP

DSCP field of IPv4 message (2)

EF defines DSCP as 101110, which is a fixed value. EF is often used to carry voice traffic, because voice requires low latency, low jitter, and low packet loss rate. It is the most important packet after protocol packets.

---

Summary:
① QoS classifies data flow
② Marking (coloring) after classifying the flow
③ Implementing policies on the correspondingly marked traffic.
④ Congestion management (using different queue scheduling methods)
⑤ Congestion avoidance

Packet classification configuration requirements

· Traffic classification is actually to identify packets that meet certain characteristics according to certain rules. Packets with different characteristics enjoy different services. According to the classification rules, we can divide the traffic classification into simple flow classification and complex flow classification
· simple flow classification: ↓

· complex flow classification ↓

Complex flow classification is generally used on DS boundary nodes. When data comes from the non-DS domain, we mark it through the quintuple, and then in the DS domain, you can use a unified simple flow classification, you can use ipp, Dscp, cos, exp can be classified.