In this post we will look at QoS recommendation for AireOS based WLCs. If you haven’t followed recent QoS configuration guidelines from Cisco on AireOS controllers, you may not aware that following are the current key recommendations.
1. Trust Upstream DSCP (Not 802.11 UP value like in the past)
2. Trust DSCP on AP & WLC connected switch ports (not COS value on WLC connected or FlexConnect AP switchports)
3. Metal QoS profile “Platinum” on SSID (Outer CAPWAP IP header DSCP value caps based on QoS profile)
4. Enable “Fastlane” on SSID (Simplification of all QoS related config implementation on AireOS based WLCs)
“Trust Upstream DSCP” is based on RFC 8325 recommendations that we discussed in my previous post. Below shows where you configure those QoS maps on AireOS (Wireless > QoS > QoS Maps)
Other recommendation to configure Platinum QoS profile on your SSID (unless Guest or Hotspot SSID). By configuring QoS profile value, it affects outer CAPWAP IP header DSCP value between AP & WLC communication (Local mode AP & Flex Central Switching traffic). Below summarize max DSCP value allowed in outer IP header when you configure those metal QoS profile in AireOS WLC.
For example, if your SSID configured with “Platinum” QoS profile up to DSCP 46 value is allowed in outer IP Header when it comes to CAPWAP between AP & WLC. When you change that to Gold, Silver & Bronze, that will cap outer header DSCP value. It is important to remember that inner packet DSCP value is not rewrite/change in AireOS deployment (one major difference compare to 9800).
For example, if you set WLAN QoS profile to Gold, that impact outer header DSCP values cap to AF41 (34) for traffic comes with DSCP value higher than 34 (eg Voice traffic that comes with DSCP value EF (46). This is applicable to both Downstream and Upstream direction of CAPWAP tunnel. Below diagram summarized “Gold” QoS profile QoS value modification in both directions.
You will see a different behavior with Cisco 9800 WLCs where inner packet DSCP also rewrite/change based on QoS policy config. Even though it is not common we configure those metal QoS profiles on 9800, option is available for you to configure. Here is the illustration of DSCP value changes in both upstream & downstream direction in a 9800 when you configure QoS gold policy on SSID level. Note that inner DSCP also change to AF41 (34) for voice traffic comes with EF (46)
In 9800 we do not specifically configure Platinum QoS profile under SSID QoS policy (under Policy Profile), However, by default it allows up to DSCP 46 value in CAPWAP outer headers (equivalent of Platinum QoS profile in AireOS)
It is also important to remember, when you configure “Fastlane” on a SSID, it automatically configure an “AUTOQOS-AVC-PROFILE” and apply to SSID. Note that in AireOS you can have maximum 32 rules per AVC profile. Below are the applications and respective DSCP value in that AVC profile. This is one area 9800 become much more flexible where you can use all AVC applications “Business Relevance” attribute to define your class-maps. (we will look at that in next post)
Hope this post gave you an overall idea how you should configure QoS configuration in AireOS WLCs today. We will look at 9800 QoS config recommendations in the next post.
If you are interested to learn 9800 QoS please register for my webinar next week.(30th Sep 2021-3PM CST)
1. QoS for WLAN Professionals
2. RFC8325 – QoS Mappings
3. Cisco 9800 QoS Recommendations
4. Understanding Wireless QoS (Part 1-5)
5. 3850 QoS (Part 1-5)
6. Best Practice QoS Config (AireOS 7.x)