Cisco Catalyst 2000 Configuration Handbook page 248

■ Classification can be performed at ingress switch ports. Inbound CoS, IP prece-
dence, or DSCP values can be trusted by accepting the values that were assigned by
an attached device. This is acceptable when the source of the values is known and
under administrative control. If these values cannot be trusted as they enter a switch,
they can be mapped to new values. An internal DSCP value is derived from the clas-
sification for each frame.
Ingress switch port queues and scheduling can be tuned to support advanced QoS
■
needs.
■ Policers can be used to control ingress traffic:
■ Policers use a token bucket algorithm to monitor the bandwidth utilization of a
traffic flow. The lengths of inbound frames are added to the token bucket as
they arrive. Every 0.25 ms (1/4000th of a second), a value of the committed
information rate (CIR) or average policed rate is subtracted from the token
bucket. The idea is to keep the token bucket equal to zero for a sustained data
rate.
The policer allows the traffic rate to burst a certain amount over the average
■
rate. Valid burst amounts are allowed as the token bucket rises up to the level of
the burst value (in bytes). This is also called in-profile traffic.
When the token bucket size exceeds the burst value, the policer considers the
■
traffic flow to be "excessive." With a PFC2 module, a peak information rate
(PIR) can be defined. When traffic flows exceed the maximum burst size over
the PIR, the policer considers the flow to be "in violation." This type of traffic is
also called out-of-profile traffic.
Aggregate policers monitor and control a cumulative flow that travels through
■
one or more ingress ports or a VLAN. Up to 1023 aggregate policers can be
defined on a Catalyst 6500 switch.
■ Microflow policers monitor and control one specific traffic flow, or a
microflow. An IP microflow is defined by source and destination IP addresses,
Layer 4 protocol, and source and destination port numbers. An IPX microflow
has common source and destination networks and a common destination node.
A MAC layer microflow has a common protocol and common source and desti-
nation MAC addresses. Up to 63 microflow policers can be defined on a
Catalyst 6000 switch.
■ Access control entries (ACE) match traffic based on address and Layer 4 port infor-
mation. ACEs are grouped into access control lists (ACL) or QoS policies that are
applied to specific switch ports.
Congestion avoidance is configured by assigning thresholds to the various egress
■
queues. Traffic is dropped when the queue level rises above the appropriate thresh-
old, reserving queue space for other traffic.
Egress switch port queue scheduling can be tuned to assign classes of traffic to
■
queues and thresholds with relative service priorities.
Chapter 13: Quality of Service 227