This is the first post about Converged Access (applicable to 3850/3650/5760) QoS in detail. The primary difference is these new platforms are using MQC (Modular QoS CLI) as oppose to MLS (Multi Layer Switching) QoS in Legacy switch platforms (3750X,3560,2960,etc) when provisioning. So this new CA platforms QoS is align with 4500/6500 QoS config mechanism.
In addition to this difference, 3850 is having 8 Queues for wired & 4 Queues for wireless traffic (In legacy systems they had 4 queues & no way to inspect wireless traffic as CAPWAP tunnels are not terminate on the access switch).
Due to inherent differences between wireless and wired technology, difference touch points within QoS architecture has defined.
1. Wired to Wireless
2. Wireless to Wired
Below diagram show the QoS touch points Wired to Wireless touch pointsAs traffic travels out of the wireless port (any port directly attached to an AP), there are several QoS touch point to consider.
1. Client Level – Classified on egress using class maps & provide two strict priority for voice & video.
2. SSID Level – Classified on egress using class maps. In addition to classifying & marking, there is a shape command to limit the rate of traffic at the SSID per radio (BSSID). A bandwidth for the SSID can also be configured to provide a ratio limit between the SSIDs sharing the same radio.
3. Radio Level – Traffic is subject to 4 egress queues, two of which are strict priority (for Voice & Video). The non-real-time queue is effectively the default class and the multicast-non-real time queue is used for all non real time multicast traffic. This is non configurable & generated based on the radio level shaper negotiation. Queing Sheduler is Class Based Weighted Fair Queue(CBWFQ) and bandwidth management is based on Approximate Fair Drop (AFD) algorithm, which provides faireness between users.
Below diagram illustrated the Wireless to Wired QoS touch points.Marking or Policing policies can be applied to individual clients or at the SSID as an aggregate. If you do the classification or marking at the SSID level, it will have precedence over client level classification & marking.
As traffic leaves out wired port, again classification done by class maps & policing policies can be configured on physical port or on SVI. Queuing mechanism is CBWFQ and dual Low Latency Queues (LLQ) & the dropping algorithm is Weighted Tail Drop (WTD)
Now lets see how to default QoS configuration in these platform works. In MQC based products, QoS is enabled by default and any QoS markings are sent through the platform is untouched. There is one exception for this if traffic passes from a wireless-to-wired port or vice versa. In this situation QoS values are re-marked to default (0). However this is not the case with Wired-to-Wired traffic. This restriction can be disabled by disabling default un-trust command in 3850 global config as shown below.
3850-2#sh run | in qos qos wireless-default-untrust 3850-2#conf t Enter configuration commands, one per line. End with CNTL/Z. 3850-2(config)#no qos wireless-default-untrust
Also as described above, Radio level policy is non-configurable & hence it should be there in default config. You can verify that using “show policy-map interface wireless x” command. You should have a registered AP to check these.
3850-2#show ap summary Number of APs: 1 Global AP User Name: Not configured Global AP Dot1x User Name: Not configured AP Name AP Model Ethernet MAC Radio MAC State ---------------------------------------------------------------------------------------- AP3702I-1 3702I 7cad.74ff.2bc6 08cc.68b4.0370 Registered 3850-2#show policy-map interface wireless ? ap Wireless AP client Wireless Client radio Wireless Radio ssid Wireless SSID 3850-2#show policy-map interface wireless ap ? iifid Wireless target iifid name Wireless target identifier name | Output modifiers <cr> 3850-2#show policy-map interface wireless ap AP AP3702I-1 iifid: 0x010605C000000008 Service-policy output: defportac Class-map: class-default (match-any) Match: any 0 packets, 0 bytes 30 second rate 0 bps Queueing (total drops) 0 (bytes output) 18512197 shape (average) cir 1000000000, bc 4000000, be 4000000 target shape rate 1000000000 Service-policy : port_child_policy Class-map: non-client-nrt-class (match-any) Match: non-client-nrt 0 packets, 0 bytes 30 second rate 0 bps Queueing (total drops) 0 (bytes output) 18512197 bandwidth remaining ratio 10 Class-map: class-default (match-any) Match: any 0 packets, 0 bytes 30 second rate 0 bps (total drops) 0 (bytes output) 0 3850-2#show policy-map interface wireless radio Radio dot11b iifid: 0x010605C000000008.0x00CC838000000004 Service-policy output: def-11gn Class-map: class-default (match-any) Match: any 0 packets, 0 bytes 30 second rate 0 bps shape (average) cir 200000000, bc 800000, be 800000 target shape rate 200000000 Radio dot11a iifid: 0x010605C000000008.0x00CCB74000000005 Service-policy output: def-11ac Class-map: class-default (match-any) Match: any 0 packets, 0 bytes 30 second rate 0 bps shape (average) cir 1000000000, bc 4000000, be 4000000 target shape rate 1000000000
As you can see client & SSID level QoS is user defined & hence nothing is there by default.
3850-2#show policy-map interface wireless ssid ? iifid Wireless target iifid name Wireless SSID name | Output modifiers <cr> 3850-2#show policy-map interface wireless ssid ***** NO OUTPUT ****** 3850-2#show policy-map interface wireless client ? iifid Wireless target iifid mac Wireless target identifier name | Output modifiers <cr> 3850-2#show policy-map interface wireless client **** NO OUTPUT *****
Below diagram illustrate the port specific QoS role of a converged access campus access switch like 3850/3650.