Network devices don’t really care about the type of traffic they have to forward. Your switch receives an Ethernet frame, looks for the destination MAC address and forwards the frame towards the destination. The same thing applies to your router, it receives an IP packet, looks for the destination in the routing table and it forwards the packet towards the destination.
Does the frame or packet contain data from a user downloading the latest songs from Spotify or is it important speech traffic from a VoIP phone? The switch or router doesn’t really care.
This forwarding logic is called best effort or FIFO (First In First Out). Sometimes, this can be an issue. Here is a quick example:
Above we see a small network with two routers, two switches, two host devices and two IP phones. We use Gigabit Ethernet everywhere except between the two routers; this is a slow serial link of, let’s say 1.54 Mbps.
When the host and IP phone transmit data and voice packets destined for the host and IP phone on the other side, it is likely that we get congestion on the serial link. The router will queue packets that are waiting to be transmitted but the queue is not unlimited. What should the router do when the queue is full? drop the data packets? the voice packets? When you drop voice packets, the user on the other side will complain about poor voice quality. When you drop data packets, a user might complain that transfer speeds are poor.
QoS is about using tools to change how the router or switch deals with different packets. For example, we can configure the router so that voice traffic is prioritized before data traffic.
In this lesson, I’ll give you an overview of what QoS is about, the problems we are trying to solve and the tools we can use.
Characteristics of network traffic
There are four characteristics of network traffic that we must deal with:
Bandwidth is the speed of the link, in bits per second (bps). With QoS, we can tell the router how to use this bandwidth. With FIFO, packets are served on a first come first served basis. One of the things we can do with QoS is create different queues and put certain traffic types in different queues. We can then configure the router so that queue one gets 50% of the bandwidth, queue two gets 20% of the bandwidth and queue three gets the remaining 30% of the bandwidth.
Delay is the time it takes for a packet to get from the source to a destination, this is called the one-way delay. The time it takes to get from a source to the destination and back is called the round-trip delay. There are different types of delay; without going into too much detail, let me give you a quick overview:
- Processing delay: this is the time it takes for a device to perform all tasks required to forward the packet. For example, a router must do a lookup in the routing table, check its ARP table, outgoing access-lists and more. Depending on the router model, CPU, and switching method this affects the processing delay.
- Queuing delay: the amount of time a packet is waiting in a queue. When an interface is congested, the packet will have to wait in the queue before it is transmitted.
- Serialization delay: the time it takes to send all bits of a frame to the physical interface for transmission.
- Propagation delay: the time it takes for bits to cross a physical medium. For example, the time it takes for bits to travel through a 10 mile fiber optic link is much lower than the time it takes for bits to travel using satellite links.
Some of these delays, like the propagation delay, is something we can’t change. What we can do with QoS however, is influence the queuing delay. For example, you could create a priority queue that is always served before other queues. You could add voice packets to the priority queue so they don’t have to wait long in the queue, reducing the queuing delay.
Jitter is the variation of one-way delay in a stream of packets. For example, let’s say an IP phone sends a steady stream of voice packets. Because of congestion in the network, some packets are delayed. The delay between packet 1 and 2 is 20 ms, the delay between packet 2 and 3 is 40 ms, the delay between packet 3 and 4 is 5 ms, etc. The receiver of these voice packets must deal with jitter, making sure the packets have a steady delay or you will experience poor voice quality.
Loss is the amount of lost data, usually shown as a percentage of lost packets sent. If you send 100 packets and only 95 make it to the destination, you have 5% packet loss. Packet loss is always possible. For example, when there is congestion, packets will be queued but once the queue is full…packets will be dropped. With QoS, we can at least decide which packets get dropped when this happens.
With QoS, we can change our network so that certain traffic is preferred over other traffic when it comes to bandwidth, delay, jitter and loss. What you need to configure however really depends on the applications that you use. Let’s take a closer look at different applications and traffic types.
Let’s start with a simple example, a user that wants to download a file from the Internet. Perhaps the latest IOS image:
Let’s think about how important bandwidth, delay, jitter, and loss are when it comes to downloading a file like this.
The file is 103.92 MB or 108967472 bytes. An IP packet is 1500 bytes by default, without the IP and TCP header there are 1460 bytes left for the TCP segment. It would take 108967472 / 1460 = ~74635 IP packets to transfer this file to your computer.
Bandwidth is nice to have, it makes the difference between having to wait a few seconds, minutes or a few days to download a file like this.
What about delay? There is a one-way delay to get the data from the server to your computer. When you click on the download link, it might take a short while before the download starts. Once the packets come in, it doesn’t really matter much what the delay is or the variation of delay (jitter) between the packets. You are not interacting with the download, just waiting for it to complete.
What about packet loss? File transfers like these use TCP and when some packets are lost, TCP will retransmit your data, making sure the download makes it completely to your computer.
An application like your web browser that downloads a file is a non-interactive application, often called a batch application or batch transfer. Bandwidth is nice to have since it reduces the time to wait for the download to complete. Delay, jitter and loss don’t matter much. With QoS, we can assign enough bandwidth to applications like these to ensure downloads complete in time and reducing packet loss to a minimum to prevent retransmissions.
Another type of application is the interactive application. A good example is when you use telnet or SSH to access your router or switch:
These applications don’t require a lot of bandwidth but they are somewhat sensitive to delay and packet loss. Since you are typing commands and waiting for a response, a high delay can be annoying to work with. If you ever had to access a router through a satellite link, you will know what I’m talking about. Satellite links can have a one-way delay of between 500-700ms which means that when you type a few characters, there will be a short pause before you see the characters appear on your console.
With QoS, we can ensure that in case of congestion, interactive applications are served before bandwidth-hungry batch applications.
Voice and Video Application
Voice (and video) applications are the most “difficult” applications you can run on your network as it’s very sensitive to delay, jitter and packet loss. First, let me give you a quick overview of how VoIP works:
Above we have a user that is speaking. With VoIP, we use a codec that processes the analog sound into a digital signal. The analog sound is digitized for a certain time period which is usually 20 ms. With the G711 codec, each 20 ms of audio is 160 bytes of data.
The phone will then create a new IP packet with an UDP and RTP (Realtime Transport Protocol) header, adds the voice data to it and forwards the IP packet to the destination. The IP, UDP and RTP header add 40 bytes of overhead so the IP packet will be 200 bytes in total.
For one second of audio, the phone will create 50 IP packets. 50 IP packets * 200 bytes = 10000 bytes per second. That’s 80 Kbps. The G.729 codec requires less bandwidth (but with reduced audio quality) and requires only about 24 Kbps.
Bandwidth isn’t much of an issue for VoIP but delay is. If you are speaking with someone on the phone, you expect it to be real-time. If the delay is too high, the conversation becomes a bit like a walkie talkie conversation where you have to wait a few seconds before you get a reply. Jitter is an issue because the codec expects a steady stream of IP packets with voice data that it must convert back into an analog signal. Codecs can work a bit around jitter but there are limitations.
Packet loss is also an issue, too many lost packets and your conversations will have gaps in it. Voice traffic on a data network is possible but you will need QoS to ensure there is enough bandwidth and to keep the delay, jitter and packet loss under control. Here are some guidelines you can follow for voice traffic:
- One-way delay: < 150 ms.
- Jitter: <30 ms.
- Loss: < 1%
(Interactive) video traffic has similar requirements to voice traffic. Video traffic requires more bandwidth than voice traffic but this really depends on the codec and the type of video you are streaming. For example, if I record a video of my router console, 90% of the screen remains the same. The background image remains the same, only the text changes every now and then. A video with a lot of action, like a sports video, requires more bandwidth. Like voice traffic, interactive video traffic is sensitive to delay, jitter and packet loss. Here are some guidelines:
- One-way delay: 200 – 400 ms.
- Jitter: 30 – 50 ms.
- Loss: 0.1% – 1%
We talked a bit about why we need QoS and different application types that have different requirements. Now let’s talk about the actual tools we can use to implement QoS:
- Classification and marking: if we want to give certain packets a different treatment, we have to identify and mark them.
- Queuing – Congestion Management: instead of having one big queue where packets are treated with FIFO, we can create multiple queues with different priorities.
- Shaping and Policing: these two tools are used to rate-limit your traffic.
- Congestion Avoidance: there are some tools we can use to manage packet loss and to reduce congestion.
Let’s walk through these tools one-by-one.
Classification and Marking
Before we can give certain packets a better treatment, we first have to identify those packets. This is called classification.
Classification can be done in a number of ways. One common way to do it is to use an access-list and match on certain values in the IP packet like the source and/or destination addresses or port numbers. For example, an access-list that matches on TCP destination port 80 is a quick way to classify all HTTP traffic.
Once the traffic is classified, it’s best practice to mark the packet.
Marking means we change one or more of the header fields in a packet or frame. For example, an IP packet has the ToS (Type of Service) field that we can use to mark the packet:
Ethernet frames don’t have such field but we do have something for trunks. The tag that is added by 802.1Q has a priority field:
Here’s an illustration to help you visualize classification and marking:
Above we see a switch with two hosts and one phone. The switch receives a number of packets from the hosts and phone and is configured to classify these packets using an access-list on its interfaces. The switch then marks the IP packets using the ToS field in the IP header.
The reason that we use marking is that sometimes classification requires some complex access-lists / rules and can degrade performance on the router or switch that is doing classification. In the example above, the router receives marked packets so it doesn’t have to do complex classification using access-lists like the switch. It will still do classification but only has to look for marked packets.