27-16
Software Configuration Guide—Release 12.2(25)SG
OL-7659-03
Chapter27 Configuring Quality of Service
Overview of QoS
Packet Modification
A packet is classified, policed, and queued to provide QoS. Packet modifications can occur during this
process:
For IP packets, classification involves assigning a DSCP to the packet. However, the packet is not
modified at this stage; only an indication of the assigned DSCP is carried along. The reason for this
is that QoS classification and ACL lookup occur in parallel, and it is possible that the ACL specifies
that the packet should be denied and logged. In this situation, the packet is forwarded with its
original DSCP to the CPU, where it is again processed through ACL software.
For non-IP packets, classification involves assigning an internal DSCP to the packet, but because
there is no DSCP in the non-IP packet, no overwrite occurs. Instead, the internal DSCP is used both
for queueing and scheduling decisions and for writing the CoS priority value in the tag if the packet
is being transmitted on either an ISL or 802.1Q trunk por t.
During policing, IP and non-IP packets can have another DSCP assigned to them (if they are out of
profile and the policer specifies a markdown DSCP). Once again, the DSCP in the packet is not
modified, but an indication of the marked-down value is carried along. For IP packets, the packet
modification occurs at a later stage.
Per Port Per VLAN QoS
Per-port per-VLAN QoS (PVQoS) offers differentiated quality-of-services to individual VLANs on a
trunk port. It enables service providers to rate limit individual VLAN-based services on each trunk port
to a business or a residence. In an enterprise Voice-over-IP environment, it can be used to rate limit voice
VLAN even if an attacker impersonates an IP phone. A per-port per-VLAN ser vice policy can be
separately applied to either ingress or egress traffic.
QoS and Software Processed Packets
The Catalyst 4500 platform does not apply the QoS marking or policing configuration for any packets
that are forwarded or generated by the Cisco IOS software. This means that any input or output QoS
policy configured on the port or VLAN is not applied to packets if t he Cisco IOS is forwarding or
generating packets.
However, Cisco IOS marks all the generated control packets appropriately and uses the internal IP DSCP
to determine the transmit queue on the output transmission interface. For IP packets, the internal IP
DSCP is the IP DSCP field in the IP packet. For non-IP packets, Cisco IOS assigns a packet priority
internally and maps it to an internal IP DSCP value.
Cisco IOS assigns an IP precedence of 6 to routing protocol packets on the control plane. As noted in
RFC 791, "The Internetwork Control designation is intended for use by gateway control originators
only." Specifically, Cisco IOS marks the following IP-based control packets: Open Shortest Path First
(OSPF), Routing Information Protocol (RIP), Enhanced Interior Gateway Routing Protocol (EIGRP)
hellos, and keepalives. Telnet packets to and from the router also receive an IP precedence value of 6.
The assigned value remains with the packets when the output interface transmits them into the network.
For Layer 2 control protocols, the software assigns an internal IP DSCP. Typically, Layer 2 control
protocol packets are assigned an internal DSCP value of 48 (corresponding to a n IP precedence value of
6).