GET THE CORRET TRAINING

The syntax for configuring WRED changed with the introduction of class-based QoS. The old method defined WRED across an entire interface:

Router#configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#interface HSSI0/0

Router(config-if)#random-detect

Router(config-if)#random-detect precedence 0 10 20 10

Router(config-if)#random-detect precedence 1 12 20 10

Router(config-if)#random-detect precedence 2 15 25 15

Router(config-if)#random-detect precedence 3 18 25 15

Router(config-if)#random-detect precedence 4 20 30 20

Router(config-if)#random-detect precedence 5 22 30 20

Router(config-if)#random-detect precedence 6 30 40 25

Router(config-if)#random-detect precedence 7 40 50 100

Router(config-if)#random-detect precedence RSVP 45 50 100

Router(config-if)#exit

Router(config)#end

Router#

The new configuration method uses the same syntax as CBWFQ:

Router#configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#class-map Prec5

Router(config-cmap)#description Critical

Router(config-cmap)#match ip precedence 5

Router(config-cmap)#exit

Router(config)#policy-map cb_wred

Router(config-pmap)#class Prec5

Router(config-pmap-c)#random-detect dscp-based

Router(config-pmap-c)#exit

Router(config-pmap)#class class-default

Router(config-pmap-c)#fair-queue 512

Router(config-pmap-c)#queue-limit 96

Router(config-pmap-c)#random-detect dscp-based

Router(config-pmap-c)#exit

Router(config-pmap)#exit

Router(config)#interface HSSI0/1

Router(config-if)#service-policy output cb_wred

Router(config-if)#exit

Router(config)#end

Router#

For the older method, you can set up the drop probabilities according to IP Precedence values by using the following command:

Router(config-if)#random-detect precedence 7 40 50 100

The first argument after the precedence keyword here is the IP Precedence value. The options are any integer between 0 and 7, or the keyword RSVP. After this are the minimum threshold, maximum threshold, and the so-called mark probability denominator.

The minimum threshold is the number of packets that must be in the queue before the router starts to discard. The probability at the minimum threshold is essentially zero, but it rises linearly as the number of packets in the queue rises. The maximum probability occurs at the maximum threshold. You specify the actual value of the probability at this maximum by using the mark probability denominator. In this case we have set the value to 100, which means that, at the maximum, we will discard one packet in 100. This means that halfway between the maximum and minimum thresholds, the router will drop one packet in 200.

Rather, it uses a moving average so that temporary bursts of data are not dropped. This configured minimum is the lower limit of this moving average, which is reached only when the congestion continues for a longer period of time.

If you do not change these values, the defaults take IP Precedence values into account. The default mark probability denominator is 10, so the router will discard one packet in 10. The default maximum threshold depends on the speed of the interface and the router's capacity for buffering packets, but it is the same for all Precedence values. So, by default, the only differences between WRED's treatment of different IP Precedence levels is in the minimum threshold. The default minimum threshold for packets with an IP Precedence of 0 is 50 percent of the maximum threshold. This value rises linearly with Precedence so that the minimum threshold for Precedence 7 and packets with RSVP reserved bandwidth allocations are almost the same as the maximum threshold.

In the new-style example, we have created only one class-based queue to show the principle. In practice, of course, you would probably want to create more than this. All of the traffic that doesn't have an IP Precedence value of 5 uses the default queue, where we have configured both WFQ and WRED.

This example uses DSCP-based random detection. WRED has a built-in ability to discriminate based on DSCP value, so that traffic streams with higher drop precedence values are more likely to drop packets. The default WRED settings when using DSCP-based random detection are shown in Table 11-1.

Table 11-1. Default WRED settins
DSCP value	Minimum threshold queue depth	Maximum threshold queue depth	Drop probability at maximum
AFx1	32	40	1/10
AFx2	28	40	1/10
AFx3	24	40	1/10

As Table 11-1 shows, the default DSCP-based thresholds are the same for every class. So, for example, AF12, AF22, AF32, and AF42 all begin dropping packets in a sustained congestion situation when the queue depth reaches 28 packets. They reach their maximum drop probability when there are 40 packets in the queue. In all cases, the drop probability at the maximum threshold value is 1/10 (the mark probability), meaning that the router will randomly drop one packet in 10.

You can change these values in a policy map as follows:

Router(config-pmap)#class AF1x

Router(config-pmap-c)#bandwidth percent 20

Router(config-pmap-c)#random-detect dscp-based

Router(config-pmap-c)#random-detect dscp af13 10 20

Router(config-pmap-c)#random-detect dscp af12 20 50

Router(config-pmap-c)#random-detect dscp af11 50 100 50

Router(config-pmap-c)#exit

In each of the random-detect dscp commands, the first argument is the DSCP value, followed by the minimum threshold, the maximum threshold, and the denominator of the mark probability. In the case of the AF11 entry, the router will start dropping these packets when there are more than 50 packets in the queue, and increase the probability until the number reaches 100. At that point, the probability of dropping a packet of this type will be one in 50.

Note that these thresholds apply to all traffic in the queue, not just traffic with this particular DSCP value. So there may be 20 AF11 packets, 10 AF12, and 20 more marked with the AF13 DSCP value. Since this adds up to 50 packets, the router will start to drop the AF11 packets. However, because the maximum thresholds for AF12 and AF13 packets are 50 and 20, respectively, the router will already be dropping packets of these types at the full rate (1 packet in 10 by default) before it starts to drop any AF11 packets.

This example assumes that you want to use DSCP values to control the WRED thresholds. This is not necessary, however. You can also use an unweighted version of the command as follows:

Router(config)#class-map AF11

Router(config-cmap)#match ip dscp af11

Router(config-cmap)#exit

Router(config)#policy-map example

Router(config-pmap)#class AF11

Router(config-pmap-c)#bandwidth percent 10

Router(config-pmap-c)#random-detect

Router(config-pmap-c)#exit

This is particularly useful when your class definitions already take DSCP values into account, as this class map does. Since there is no variation of DSCP values among the class of packets that have a DSCP value of AF11, it isn't necessary for WRED to look at the DSCP value again.

The syntax for configuring WRED changed with the introduction of class-based QoS. The old method defined WRED across an entire interface:

Router#configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#interface HSSI0/0

Router(config-if)#random-detect

Router(config-if)#random-detect precedence 0 10 20 10

Router(config-if)#random-detect precedence 1 12 20 10

Router(config-if)#random-detect precedence 2 15 25 15

Router(config-if)#random-detect precedence 3 18 25 15

Router(config-if)#random-detect precedence 4 20 30 20

Router(config-if)#random-detect precedence 5 22 30 20

Router(config-if)#random-detect precedence 6 30 40 25

Router(config-if)#random-detect precedence 7 40 50 100

Router(config-if)#random-detect precedence RSVP 45 50 100

Router(config-if)#exit

Router(config)#end

Router#

The new configuration method uses the same syntax as CBWFQ:

Router#configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#class-map Prec5

Router(config-cmap)#description Critical

Router(config-cmap)#match ip precedence 5

Router(config-cmap)#exit

Router(config)#policy-map cb_wred

Router(config-pmap)#class Prec5

Router(config-pmap-c)#random-detect dscp-based

Router(config-pmap-c)#exit

Router(config-pmap)#class class-default

Router(config-pmap-c)#fair-queue 512

Router(config-pmap-c)#queue-limit 96

Router(config-pmap-c)#random-detect dscp-based

Router(config-pmap-c)#exit

Router(config-pmap)#exit

Router(config)#interface HSSI0/1

Router(config-if)#service-policy output cb_wred

Router(config-if)#exit

Router(config)#end

Router#

For the older method, you can set up the drop probabilities according to IP Precedence values by using the following command:

Router(config-if)#random-detect precedence 7 40 50 100

The first argument after the precedence keyword here is the IP Precedence value. The options are any integer between 0 and 7, or the keyword RSVP. After this are the minimum threshold, maximum threshold, and the so-called mark probability denominator.

The minimum threshold is the number of packets that must be in the queue before the router starts to discard. The probability at the minimum threshold is essentially zero, but it rises linearly as the number of packets in the queue rises. The maximum probability occurs at the maximum threshold. You specify the actual value of the probability at this maximum by using the mark probability denominator. In this case we have set the value to 100, which means that, at the maximum, we will discard one packet in 100. This means that halfway between the maximum and minimum thresholds, the router will drop one packet in 200.

Rather, it uses a moving average so that temporary bursts of data are not dropped. This configured minimum is the lower limit of this moving average, which is reached only when the congestion continues for a longer period of time.

If you do not change these values, the defaults take IP Precedence values into account. The default mark probability denominator is 10, so the router will discard one packet in 10. The default maximum threshold depends on the speed of the interface and the router's capacity for buffering packets, but it is the same for all Precedence values. So, by default, the only differences between WRED's treatment of different IP Precedence levels is in the minimum threshold. The default minimum threshold for packets with an IP Precedence of 0 is 50 percent of the maximum threshold. This value rises linearly with Precedence so that the minimum threshold for Precedence 7 and packets with RSVP reserved bandwidth allocations are almost the same as the maximum threshold.

In the new-style example, we have created only one class-based queue to show the principle. In practice, of course, you would probably want to create more than this. All of the traffic that doesn't have an IP Precedence value of 5 uses the default queue, where we have configured both WFQ and WRED.

This example uses DSCP-based random detection. WRED has a built-in ability to discriminate based on DSCP value, so that traffic streams with higher drop precedence values are more likely to drop packets. The default WRED settings when using DSCP-based random detection are shown in Table 11-1.

Table 11-1. Default WRED settins
DSCP value	Minimum threshold queue depth	Maximum threshold queue depth	Drop probability at maximum
AFx1	32	40	1/10
AFx2	28	40	1/10
AFx3	24	40	1/10

As Table 11-1 shows, the default DSCP-based thresholds are the same for every class. So, for example, AF12, AF22, AF32, and AF42 all begin dropping packets in a sustained congestion situation when the queue depth reaches 28 packets. They reach their maximum drop probability when there are 40 packets in the queue. In all cases, the drop probability at the maximum threshold value is 1/10 (the mark probability), meaning that the router will randomly drop one packet in 10.

You can change these values in a policy map as follows:

Router(config-pmap)#class AF1x

Router(config-pmap-c)#bandwidth percent 20

Router(config-pmap-c)#random-detect dscp-based

Router(config-pmap-c)#random-detect dscp af13 10 20

Router(config-pmap-c)#random-detect dscp af12 20 50

Router(config-pmap-c)#random-detect dscp af11 50 100 50

Router(config-pmap-c)#exit

In each of the random-detect dscp commands, the first argument is the DSCP value, followed by the minimum threshold, the maximum threshold, and the denominator of the mark probability. In the case of the AF11 entry, the router will start dropping these packets when there are more than 50 packets in the queue, and increase the probability until the number reaches 100. At that point, the probability of dropping a packet of this type will be one in 50.

Note that these thresholds apply to all traffic in the queue, not just traffic with this particular DSCP value. So there may be 20 AF11 packets, 10 AF12, and 20 more marked with the AF13 DSCP value. Since this adds up to 50 packets, the router will start to drop the AF11 packets. However, because the maximum thresholds for AF12 and AF13 packets are 50 and 20, respectively, the router will already be dropping packets of these types at the full rate (1 packet in 10 by default) before it starts to drop any AF11 packets.

This example assumes that you want to use DSCP values to control the WRED thresholds. This is not necessary, however. You can also use an unweighted version of the command as follows:

Router(config)#class-map AF11

Router(config-cmap)#match ip dscp af11

Router(config-cmap)#exit

Router(config)#policy-map example

Router(config-pmap)#class AF11

Router(config-pmap-c)#bandwidth percent 10

Router(config-pmap-c)#random-detect

Router(config-pmap-c)#exit

This is particularly useful when your class definitions already take DSCP values into account, as this class map does. Since there is no variation of DSCP values among the class of packets that have a DSCP value of AF11, it isn't necessary for WRED to look at the DSCP value again.

Greatest CCIE Coaching together with the ideal solution to get CCIE Certification CCIE Training

There is not a have got to have a further qualified schooling or study course certificates to qualify. The CCIE Security coaching consists of a written examination to qualify and after that the lab examination. You will be recommended to acquire at the least 3-5 years of occupation skills previously than hoping this certification.

The examination for that CCIE Safety is of two-hour length with several possibilities. This is made of hundred questions, that can go over subjects equal to software system protocols, doing work techniques, security technologies, safety protocols, and Cisco basic safety applications. The exam materials are provided around the spot and you simply are not allowed to usher in outdoors reference materials.

Network engineers possessing a CCIE certificates are thought of as since the expert in the local community engineering self-control as well as masters of CISCO products and solutions. The CCIE has introduced revolution within the group trade concerning technically tough assignments and possible choices using the mandatory instruments and methodologies. There may be a software which updates and reorganizes the instruments to produce superior quality support. You'll notice assorted modes of CCIE Workout like prepared examination preparing and efficiency based lab. This allows to bolster the effectiveness and normal on the market place. CISCO has launched this certification policy in 1993 which has a see to differentiate the top specialists from the rest.

So as to be licensed, primary authored examination ought to be passed after which needs to cross the lab test. CISCO in the slightest degree situations tries to apply fully varied CCIE Instruction techniques for greater effectiveness. There are a number of methods for that CCIE certification. The primary action for certification is usually to move a two hours lasting personal computer dependent primarily MCQ oriented composed test. For this examination vital payments must be finished by means of on-line. This examination is associated with test vouchers and promotional codes. The authenticity in the voucher furnishing company ought to be effectively recognized to the candidates. The promotional code needs to be accessed effectively and in case of fraudulent vouchers alongside promotional codes should not acceptable and CISCO will not likely repay the cost. The candidates must wait five days for the penned examination as a result of fee and so they can't sit for the very same exam for that following 100 eighty days in the event of recertification.

Which has a watch to acquire licensed and qualified for the CCIE Schooling some aspects are to become remembered effectively. Soon after passing the published examination the candidates possess a nearly all of 18 months time for wanting the lab exam. When the period of time exceeds then the authenticity belonging to the developed exam may be invalid. For the primary timer used to have CCIE certification the prepared examination is obtainable in the type of Beta examination with savings around. In the Beta period the candidates can sit only the minute for that exam. The outcomes will arrive inside of 6 to eight weeks once the examination is in excess of.

The following stage for that CCIE certification would be the Lab examination. The shortlisted candidates of your authored exam can solely utilize for the fingers-on lab test. While there are several composed examination centers of CISCO though Lab examination services are constrained. It is an eight hour fingers-on useful based mostly mostly examination whereby the ability of troubleshooting and configuring group chiefly primarily based troubles and software system are checked. For your scheduling of Lab examination the shortlisted candidates of the earlier published exam will need to current the identification quantity in addition to passing score additionally, the date of passing.

The fee for Lab examination has to be cleared before than ninety days of this scheduled exam. With out the charge the reservation could be cancelled. As a result of passing the Lab exam mixed together with the written exam the candidates can use for the CCIE certification. By contemplating most of the particulars linked together with the brought up measures, one can get the CISCO certification in hand and be certified for the CCIE Training.

The solution to this difficulty relies on the kind of potential customers distinctions you wish for making, at the same time the model of IOS you happen to be jogging inside your routers.

There should be something that defines the different sorts of website traffic which you want to prioritize. Usually, the simpler the distinctions are to generate, the better. This is because each of the exams consider router assets and introduce processing delays. The most typical rules for distinguishing among page views variations use the packet's input interface and common IP header answers these as TCP port quantities. The next examples exhibit methods to set an IP Precedence worth of immediate (two) for all FTP control visitors that arrives because of the serial0/0 interface, and an IP Precedence of priority (1) for all FTP knowledge page views. This distinction is possible for the reason that FTP control potential customers works by using TCP port 21, and FTP information uses port 20.

The newest methodology for configuring this makes use of course maps. Cisco primary introduced this aspect in IOS Edition twelve.0(5)T. This process 1st defines a class-map that specifies how the router will determine this sort of potential customers. It then defines a policy-map that truly helps make the adjustments with the packet's TOS subject:

Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#access-list 101 permit any eq ftp any
Router(config)#access-list 101 permit any any eq ftp
Router(config)#access-list 102 permit any eq ftp-data any
Router(config)#access-list 102 permit any any eq ftp-data
Router(config)#class-map match-all ser00-ftpcontrol
Router(config-cmap)#description branch ftp control traffic
Router(config-cmap)#match input-interface serial0/0
Router(config-cmap)#match access-group 101
Router(config-cmap)#exit
Router(config)#class-map match-all ser00-ftpdata
Router(config-cmap)#description branch ftp data traffic
Router(config-cmap)#match input-interface serial0/0
Router(config-cmap)#match access-group 102
Router(config-cmap)#exit
Router(config)#policy-map serialftppolicy
Router(config-pmap)#description branch ftp traffic policy
Router(config-pmap)#class ser00-ftpcontrol
Router(config-pmap-c)#set ip precedence immediate
Router(config-pmap-c)#exit
Router(config-pmap)#class ser00-ftpdata
Router(config-pmap-c)#set ip precedence priority
Router(config-pmap-c)#exit
Router(config-pmap)#exit
Router(config)#interface serial0/0
Router(config-if)#ip route-cache policy
Router(config-if)#service-policy input serialftppolicy
Router(config-if)#exit
Router(config)#end
Router#

For before IOS variations, just where class-maps were not accessible, you could have to implement policy-based routing to alter the TOS field within a packet. Making use of this policy to your interface tells the router to utilize this coverage to test all incoming packets on this interface and rewrite the ones that match the route map:Router#configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#access-list 101 permit any eq ftp any
Router(config)#access-list 101 permit any any eq ftp
Router(config)#access-list 102 permit any eq ftp-data any
Router(config)#access-list 102 permit any any eq ftp-data
Router(config)#route-map serialftp-rtmap permit 10
Router(config-route-map)#match ip address 101
Router(config-route-map)#set ip precedence immediate
Router(config-route-map)#exit
Router(config)#route-map serialftp-rtmap permit 20
Router(config-route-map)#match ip address 102
Router(config-route-map)#set ip precedence priority
Router(config-route-map)#exit
Router(config)#interface serial0/0
Router(config-if)#ip policy route-map serialftp-rtmap
Router(config-if)#ip route-cache policy
Router(config-if)#exit
Router(config)#end
Router#

Prior to you can actually tag a packet for unique remedy, you may have to own an incredibly obvious idea of what varieties of site traffic will be needing extraordinary therapy, not to mention specifically what sort of amazing remedy they may will need. Within the case in point, we have now made a decision to give a specific concern to FTP traffic obtained on the precise serial interface. We display the best ways to do that using equally the previous and new configuration techniques.
This may appear for being a considerably synthetic instance. After all, why would you treatment about tagging inbound visitors that you have currently acquired from a low-speed interface? Actually, one of the many most significant principles for utilizing QoS within a network is it's best to frequently tag the packet as early as you possibly can, ideally for the edges of your network. Then, since it passes throughout the network, each router only must take a look at the tag, and won't have to do any more classification. In cases like this, we'd make certain the FTP visitors returning during the other path is tagged because of the initially router that receives it. And so the outbound targeted traffic has previously been tagged, and it is a waste of router sources to reclassify the outbound packets.

A great number of organizations ultimately take this idea of marking for the edges just one action additional, and remark any received packet. This can help to guarantee that users are not requesting exceptional QoS privileges they are not permitted to own. Although, you should be cautious of this due to the fact that it could actually oftentimes disrupt legitimate markings. Such as, a real-time software may very well use RSVP to reserve bandwidth throughout the network. It happens to be necessary the packets for this software possess the ideal Expedited Forwarding (EF) DSCP marking or even the network may not handle them appropriately. Still, you also really don't aspire to permit other non-real-time applications from this exact supply hold the same exact EF priority degree. So, when you are heading to configure your routers to remark all incoming packets at the edges, make sure that you recognize what incoming markings are reliable.

In that circumstance, the routers are operating DLSw to bridge SNA targeted traffic by using an IP network. Therefore the routers themselves really make the IP packets. This creates a further challenge for the reason that there is certainly no incoming interface. In order that recipe employs native policy-based routing. The fact which the router generates the packets also presents it an important benefit since it does not have to think about any DLSw packets that might just occur to pass through.

The benefits in the newer class-map technique are not apparent on this instance, but among the list of very first massive positive aspects appears if you want to use the greater contemporary DSCP tagging scheme. Since the more mature policy-based routing approach doesn't immediately support DSCP, you've to faux it by environment both equally the IP Precedence as well as the TOS independently as follows.

Router(config)#route-map serialftp-rtmap permit 10
Router(config-route-map)#match ip address 115
Router(config-route-map)#set ip precedence immediate
Router(config-route-map)#set ip tos max-throughput

In this case, the packet will wind up with an IP Precedence value of immediate, or 2 (010 in binary), and TOS of max-throughput, or 4 (0100 in binary).

Doing the same thing with the class-map method is much more direct:

Router(config)#policy-map serialftppolicy
Router(config-pmap)#class serialftpclass
Router(config-pmap-c)#set ip dscp af21

Class-maps may also be valuable later on in this chapter after we talk about class-based weighted fair queuing and class-based site traffic shaping.
It is vital to note that all over this entire illustration, we have only put a particular price in to the packet's TOS or DSCP discipline. This, by by itself, won't have an impact on how the packet is forwarded thru the network. To try and do that, you ought to assure that as every router during the network forwards these marked packets, the interface queues will react appropriately to this specifics.

Eventually, we should always note that when this recipe demonstrates two useful ways of marking packets, utilizing Committed Access Price (Car) options. Auto tends to become alot more productive on higher pace interfaces.