Transcript SEEREN_CoS_JUNOS_Module_4

SEEREN2 Summer School
Heraklion, Sept 25th
Routing Issues: QoS/CoS
Jean-Marc Uzé
Liaison Research & Education, EMEA
[email protected]
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
1
Agenda: QoS/CoS Workshop




Module 1: Overview of QoS/CoS
Module 2: JUNOS CoS implementation (J/M/T-Series)
Module 3: Introduction to JUNOS CLI
Module 4: GEANT2 QoS services Implementation
The content of this module is courtesy of
Dante (http://www.dante.net)
http://www.dante.net/nep/geantqos/
http://www.dante.net/tf-ngn/activities.html
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
2
Module 4:
GEANT2 QoS services implementation
 GÉANT
Network and Services
 Premium IP
 Less than Best Effort
 Queuing on GÉANT and status
 Router Configuration
 Premium IP Management
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
3
GEANT2 / Dante
Copyright © 2004 Juniper Networks, Inc.

10 Gb/s IP/MPLS backbone
with Juniper T640s, M160s,
M40s

4 x 10 Gb/s to North America

Dark fiber and WDM optical
technology

Connecting 34 European
Countries and 30 National
R&E Networks

European connectivity to over
3000 R&E institutions

Advanced Services:
 IPv6
 Premium IP
 Multicast v4 + v6
 Best Effort
 Less Than Best Effort
 Layer 2 VPN
www.juniper.net
4
Global Connectivity
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
5
IP QoS Services on GÉANT

Premium IP
upper-bounded one-way delay
 upper-bounded IPDV
 negligible packet loss
 guaranteed capacity


Less than Best Effort


class of traffic using the un-utilised Best Effort and
higher classes of service bandwidth
http://www.geant.net/server/show/nav.00700a009
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
6
AGENDA
 GÉANT
Network and Services
 Premium IP
 Less than Best Effort
 Queuing on GÉANT and status
 Router Configuration
 Premium IP Management
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
7
Premium IP Model

End-to-end service across multiple management
domains






using diffserv, ATM CBR or over-provisioning(!)
packet tagged DSCP 46 (EF - 101110)
destination aware service
packet with other DSCP are left untouched (packets from
other service)
Premium IP bandwidth limited to 10% of the link capacity
can cope with 20% in case of circuit failure
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
8
GEANT and IP Premium Service
Source: http://www.dante.net/sequin
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
9
Premium IP on GEANT

Protection of authorised Premium IP traffic

under normal circumstances, the Premium IP traffic of a
circuit is limited to 10% of the circuit capacity
 20%

in case of another circuit failure
bullet-proof all the GÉANT accesses against unauthorised
Premium IP traffic (tagged DSCP 46) on all the ingress
interfaces
 if
DSCP 46 packet arrives on GÉANT and part of an
unauthorised flow: classify the packet into the Best Effort
queue and remark it as Best Effort (DSCP 0)
 if DSCP 46 packet arrives on GÉANT and is part of an
authorised flow: check against policer according capacity
requested in the SLA (in-profile accepted, out-of-profile
dropped)
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
10
Premium IP on GEANT

Protection of authorised Premium IP traffic [cont]
per next AS rate-limitation (implemented by Juniper for GÉANT)
 can also do source-destination IP addresses when NREN don’t do
it. (NREN = National Research & Education Network, a Dante
customer network directly connected to GEANT)


Trust the Premium IP traffic received from a GÉANT backbone
interface.


Traffic checked at the GÉANT ingresses.
Configure queuing mechanism on the backbone and access
interfaces.

strict-high priority is configured to the Premium IP queue.


Don’t forget that the amount of Premium traffic expected in the
Premium IP queue is 10% of the link capacity (service overprovisioned by a factor 9); this is assured by ingress policing.
90% for the BE and 5% for the network control (and 5% for LBE)
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
11
Test result end-to-end IP Premium
Jitter distribution in VBR traffic - BE & Premium IP
percentage of packets
70%
60%
50%
40%
30%
20%
10%
Premium IP
BE
3.76
3.57
3.38
3.19
3.01
2.82
2.63
2.44
2.25
2.07
1.88
1.69
1.50
1.31
1.13
0.94
0.75
0.56
0.38
0.19
0.00
0%
jitter[ms]
Avg. jitter vs. packet size - BE & Premium IP
avg. jitter [ms]
14
12
10
8
6
4
2
Premium IP
Copyright © 2004 Juniper Networks, Inc.
98
5
12
34
13
30
13
55
13
82
13
84
14
01
14
26
14
45
14
50
14
80
14
90
85
3
74
7
52
0
44
3
26
2
78
17
1
20
2
0
BE
packet size [bytes]
www.juniper.net
12
AGENDA
 GÉANT
Network and Services
 Premium IP
 Less than Best Effort
 Queuing on GÉANT and status
 Router Configuration
 Premium IP Management
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
13
Less than Best Effort

Class of traffic using the un-utilised Best effort and
higher classes of service bandwidth
in case of competition for resources, the LBE traffic will de
discarded before any Best-Effort or higher classes of traffic.
 use the DSCP 8 (001000) - same as Internet2 scavenger service.


Congestion on an interface due to LBE
should be transparent to the BE or higher classes of services
 no BE or higher classes of services packet loss

Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
14
Less than Best Effort

No end-to-end guarantees


Can be supported on one interface


no metric needed to quantitatively describe the service
anywhere else, the LBE tagging should be passed transparently.
Application scenarios

mirroring, test traffic, some GRID data transfers, network
backups, protection of research traffic from student dormitory
one.
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
15
LBE Queuing Technique

For algorithm with bandwidth shared assignment,
as Weighted Wound Robin and Weighted Fair
Queuing, a very small bandwidth share is allocated
to the LBE queue.

Typically between 0% and 5%
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
16
LBE: Measurement with congestion

One-way delay


Increase of LBE maximum one-way delay of 1.5ms
Increase of BE maximum one-way delay of 400µs
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
17
LBE live test:
ER2002 Demo - VLBI - dataGRID

Normal Traffic
+
Radio Astronomy Data
+
Less Than Best Effort
2.0 Gbit/s

Normal Traffic
+
Less Than Best Effort
2.0 Gbit/s

Normal Traffic
+
Radio Astronomy Data
500 Mbit/s

Copyright © 2004 Juniper Networks, Inc.
Normal Traffic
www.juniper.net
18
AGENDA
 GÉANT
Network and Services
 Premium IP
 Less than Best Effort
 Queuing on GÉANT and status
 Router Configuration
 Premium IP Management
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
19
Queuing Technique

WRR - Juniper M-series

Weight


Priority



Assure the queue to be given a minimum amount of
bandwidth proportional to the weight.
queue with high priority are served before the low priority
allow the BE (and other high priority queues) to be served first
until empty before serving the LBE one.
WRED


is used to limit the queuing delay in case of congestion
use to protect one class of traffic over the other within a
queue.
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
20
DSCP/ToS Values used by GEANT

The DSCP/ToS values used in GÉANT to classify the traffic of the different
QoS classes are shown in the table below. In addition to the three service
classes offered to transiting traffic there is a DWS (IP commodity service)
and a Network Control class, which are traffic classes used internally to the
GÉANT network.
Service
DSCP value
ToS value
Juniper alias
ToS (hex)
46
184
ef
B8
101110 101110xx
LBE
8
32
cs1
20
001000 001000xx
DWS
32
128
cs4
80
100000 100000xx
Network
control 1
48
192
cs6
C0
110000 110000xx
Network
control 2
56
224
cs7
E0
111000 111000xx
Premium IP
Copyright © 2004 Juniper Networks, Inc.
DSCP-ToS
binary
www.juniper.net
21
Juniper Networks and CoS Services
GEANT with IP Premium + LBE Service
Queue
0
FC
BE
1
EF
2
LBE
3
NC



LP
low
high
low
high
low
high
low
high
Service
Best Effort
DWS
Premium IP
/
Less than BE
Retag to BE
Network control
Network control
DSCP
/
32
46
/
8
0
48
56
Weight
90%
Priority Buffer
Low
50%
N/A
15%
5%
Stricthigh
low
5%
high
5%
30%
WRR
Junos CoS features include policing, (strict) priority
queuing, weighted round robin (WRR), precedence/DSCP
field rewrite, and random early drop RED.
On a Juniper M-series Router each port has 4 Queues
Weighted Round Robin Percentages can be set for each
Queue
New generation Q-PICs offers multiples queues per logical
interfaces (Ethernet VLAN, ATM PVC, etc.)
Source: http://www.dante.net/nep/geantqos/ and http://www.dante.net/tf-ngn/activities.html
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
22
QoS Configuration on GEANT

The configuration has completed on most of the
GEANT routers allowing Premium IP, BE and LBE to
co-exist.

The routers where the three services have been enable are
represented as green on the following map.

The routers coloured yellow are Juniper routers where
“old” FPCs have been re-used from TEN-155 (1999) These
old FPC’s that do not allow for the full functionality of QoS.
 As
such BE is not ideally protected by LBE and the bandwidth
is effectively shared. Premium IP only is supported.
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
23
Current QoS Configuration on GEANT
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
24
AGENDA
 GÉANT
Network and Services
 Premium IP
 Less than Best Effort
 Queuing on GÉANT and status
 Router Configuration
 Premium IP Management
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
25
Router Configuration

Each router in the GÉANT network contains certain QoS
building blocks in order to configure Per Hop Behaviors (PHB).
The configuration shown here is taken from a Juniper M160
router with JUNOS 5.7 and with E-FPC (enhanced FPCs) and
SDH interfaces.

Classifiers, schedulers and rewrite rules can be associated to
each interface. In GÉANT two types of interface configurations
are used for QoS


a backbone interface
an access interface (i.e. the interface where the traffic from an
NREN is entering GÉANT)
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
26
DSCP and ToS Values
 Type
of Service field illustration
 Illustration
of DSCP Type of Service field
configuration
Service
DSCP value
ToS value
Juniper alias
ToS (hex)
DSCP-ToS binary
Premium IP
46
184
ef
B8
101110 - 101110xx
LBE
8
32
cs1
20
001000 - 001000xx
DWS
32
128
cs4
80
100000 - 100000xx
Network control 1
48
192
cs6
C0
110000 - 110000xx
Network control 2
56
224
cs7
E0
111000 - 111000xx
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
27
Router Interfaces

Backbone interface
so-7/0/0 {
scheduler-map MAP-BASIC;
unit 0 {
classifiers {
dscp backbone-classifier;
}
rewrite-rules {
dscp basic-rewrite-rules;
}
}
}

Access interface
so-0/2/3 {
scheduler-map MAP-BASIC;
unit 0 {
classifiers {
dscp access-classifier;
}
rewrite-rules {
dscp basic-rewrite-rules;
}
}
}
In addition, the access interface may contain filters in order to classify and police
Premium IP traffic.
The following configurations apply to all (access and backbone) interfaces.
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
28
Drop Profiles

Drop profile define the parameters used by the
Random Early Detection (RED) mechanism that
MAY be used in a queue
dws-drop-profile {
fill-level 35 drop-probability 10;
fill-level 40 drop-probability 100;
}
be-drop-profile {
fill-level 15 drop-probability 30;
fill-level 19 drop-probability 50;
fill-level 24 drop-probability 70;
fill-level 30 drop-probability 100;
}
less-than-be-drop-profile {
fill-level 25 drop-probability 30;
fill-level 30 drop-probability 50;
fill-level 40 drop-probability 70;
fill-level 50 drop-probability 100;
}
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
29
Queues and Schedulers
1. Associate a name with each queue

Note: a queue is sometimes also called a forwarding class
forwarding-classes {
queue 0 best-effort;
queue 1 expedited-forwarding;
queue 2 less-than-best-effort;
queue 3 network-control;
}
The Premium IP traffic is classified into the expedited-forwarding
queue. The naming of the queues is performed once and applies to
all interfaces of the router.
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
30
Queues and Schedulers
1. Define scheduler configurations

scheduler weight, queue size and priority as set at the GÉANT
router for each queue:
sch-best-effort {
transmit-rate percent 90;
buffer-size percent 50;
priority low;
}
sch-expedited-forwarding {
buffer-size percent 15;
priority strict-high;
}
sch-less-than-best-effort {
transmit-rate percent 5;
buffer-size percent 30;
priority low;
drop-profile-map loss-priority low protocol any drop-profile less-than-be-drop-profile;
drop-profile-map loss-priority high protocol any drop-profile be-drop-profile;
}
sch-network-ctrl {
transmit-rate percent 5;
buffer-size percent 5;
priority high;
}
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
31
Queues and Schedulers
3. Associate a scheduler with a queue (FC)

The main advantage of the scheduler-map is that it
can be applied to more than one interface.
MAP-BASIC {
forwarding-class best-effort scheduler sch-best-effort;
forwarding-class expedited-forwarding scheduler sch-expedited-forwarding;
forwarding-class less-than-best-effort scheduler sch-less-than-best-effort;
forwarding-class network-control scheduler sch-network-ctrl;
}
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
32
Classification

The classifier is a functional block located at the input interface that sets
three internal bits for each IP packet



Two bits that select the output-queue. There are four output queues, also called
forwarding-classes, per port.
One bit to indicate the loss-priority, the packets classified in an output-queue can
have two different values of loss-priority (low or high).
Note that it is also possible to classify packets by means of an input filter.
Backbone Classifier
Access Classifier
dscp backbone-classifier {
import default;
forwarding-class best-effort {
loss-priority low code-points [ af11 af12 af13 ];
loss-priority high code-points cs4;
}
forwarding-class less-than-best-effort {
loss-priority low code-points cs1;
}
}
dscp access-classifier {
import default;
forwarding-class best-effort {
loss-priority low code-points [ af11 af12 af13 ];
}
forwarding-class less-than-best-effort {
loss-priority low code-points cs1;
loss-priority high code-points [ ef cs4 ];
}
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
33
Marking

The marking of packets with a DSCP value is the last QoS
action performed before the transmission of the packet
(hence after firewall filter evaluation)
dscp basic-rewrite-rules {
forwarding-class best-effort {
loss-priority high code-point cs4;
}
forwarding-class expedited-forwarding {
loss-priority low code-point ef;
}
forwarding-class network-control {
loss-priority low code-point nc1;
loss-priority high code-point nc2;
}
forwarding-class less-than-best-effort {
loss-priority high code-point be;
loss-priority low code-point cs1;
}
}
Copyright © 2004 Juniper Networks, Inc.
Service
Incoming DSCP
value
New DSCP
value
Authorised Premium IP
46
46/drop
Un-authorised Premium
IP
46
0/5
DWS
32
0
LBE
8
8
Network Control
48/56
48
Best Effort
other values
Unchanged
www.juniper.net
34
AGENDA
 GÉANT
Network and Services
 Premium IP
 Less than Best Effort
 Queuing on GÉANT and status
 Router Configuration
 Premium IP Management
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
35
Useful Tool

Feature of the NANOG traceroute to discover the
DSCP changes along the path (Simon Leinen from
Switch:-)
[root]# ./traceroute -t 184 193.171.2.1
traceroute to 193.171.2.1 (193.171.2.1), 30 hops max, 40 byte
packets
1 css7-ATM4-0-0-101-dmsk.man.poznan.pl (150.254.160.62) 1 ms 1
ms 1
ms
2 150.254.163.118 (150.254.163.118) 2 ms 2 ms 2 ms
3 z-pozmanu-oc3.poznan-gw.pol34.pl (212.191.127.49) 2 ms 2 ms 2
ms
4 pol-34.pl1.pl.geant.net (62.40.103.109) 2 ms 2 ms 2 ms
5 pl.cz1.cz.geant.net (62.40.96.45) 22 ms (TOS=0!) 22 ms 22 ms
6 cz.de1.de.geant.net (62.40.96.38) 30 ms 30 ms 30 ms
7 de1-1.de2.de.geant.net (62.40.96.130) 30 ms 30 ms 31 ms
8 de.at1.at.geant.net (62.40.96.5) 43 ms 43 ms 43 ms
9 aconet-gw.at1.at.geant.net (62.40.103.2) 43 ms 43 ms 43 ms
10 193.171.2.1 (193.171.2.1) 45 ms * 45 ms
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
36
Need for Automation
 Service
management was done manually
 Service set up, maintenance and
termination was done by phone calls and
emails
 Considerable manual effort required
 Complexity in keeping track of:
 Path
information
 Current and future reservations
 Premium IP utilisation levels
 Changes in network topology
 Multi-party
Copyright © 2004 Juniper Networks, Inc.
communication
www.juniper.net
37
System Architecture
 Java
web-based architecture
 Using Apache 1.3 web server, Tomcat
servlet container & MySQL Database
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
38
Premium IP Reservation Tool Features (1)
 Authentication
 Path
& Authorisation
Finder
 Find
shortest path between two end points
 Dynamic
 Utilisation
based upon configured IS-IS cost
Monitoring
 Check
Premium IP reservation levels on each
intermediate link along the path
 Take into account all active reservation during
the given time period
 Display the available Premium IP capacity
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
39
Premium IP Reservation Tool Features (2)
 Reservation
Management
 View,
Request, Modify, Cancel
 Based upon available Premium IP capacity
 Contact
management
 IP Address management
 Automated
email notification
 to
User, DANTE - Premium IP team, NOC
 upon Reservation Request, Modification,
Cancellation
 Router
Configuration update (script)
 Others: IS-IS cost, Reports, Archival,
System Administration...
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
40
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
41
Thank you
Jean-Marc Uzé
Liaison Research & Education, EMEA
[email protected]
Mobile: +33615432512
31 Place Ronde, 92986 Paris-La-Defense, France
Copyright © 2004 Juniper Networks, Inc.
www.juniper.net
42