QoS(Qaulity of Service) protocols were developed since data network demands efficiency of data delivery. Well known QoS protocols are RSVP, IntServ, DiffServ, MPLS, SBM and so on. In my opinion, just read thru and understand what those are. That would be enough unless you are crazy on QoS thoeory. There are a lot of information when you googling out there.
In practical world, most of time we will use DiffServ protocols and good to know about MPLS CoS as well
The Resource ReSerVation Protocol (RSVP), described inRFC 2205, is a Transport layerprotocol designed to reserve resources across a network for an integrated servicesInternet. “RSVP does not transport application data but is rather an Internet control protocol, like ICMP, IGMP, or routing protocols” – RFC 2205. RSVP provides receiver-initiated setup of resource reservations for multicast or unicast data flows with scaling and robustness.
RSVP can be used by either hosts or routers to request or deliver specific levels of quality of service (QoS) for application data streams or flows. RSVP defines how applications place reservations and how they can relinquish the reserved resources once the need for them has ended. RSVP operation will generally result in resources being reserved in each node along a path.
The idea of IntServ is that every router in the system implements IntServ, and every application that requires some kind of guarantees has to make an individual reservation. Flow Specs describe what the reservation is for, while RSVP is the underlying mechanism to signal it across the network. IntServ or integrated services is an architecture that specifies the elements to guarantee quality of service (QoS) on networks. IntServ can for example be used to allow video and sound to reach the receiver without interruption.
Differentiated Services or DiffServ is a computer networking architecture that specifies a simple, scalable and coarse-grained mechanism for classifying, managing network traffic and providing Quality of Service (QoS) guarantees on modern IP networks. DiffServ can, for example, be used to provide low-latency, guaranteed service (GS) to critical network traffic such as voice or video while providing simple best-effort traffic guarantees to non-critical services such as web traffic or file transfers.
DiffServ has largely supplanted other Layer 3 QoS mechanisms (such as IntServ) as the primary protocol routers use to provide different levels of service.
(1) How DiffServ works
– Packet will be classified into defined classes by ACL and class-map
– You can apply different weight or policy on each class by using policy-map
– IP precedence and DSCP were used on Layer 3 marking stratigy and 802.1p/Q, FR DE bit, MPLS EXP were used on Layer 2.
 IP precedence
– 3bits are used to make 8 different classes
IP Type of Service(RFC 791)
– 6bits are used to make 21 different classes
– If value of drop probability is 01, probability is low.
– If value of drop probability is 10, probability is normal.
– If value of drop probability is 11, probability is high.
DSCP(Differentiated Services CodePrint)
– There is two methods that are shaping which is controlling traffic using queuing technique and policying which is restirctly traffic control by dropping packet.
– FIFO, WFQ, CQ, PQ, CBWFQ, LLQ and etc.
– See article about “Easy QoS 101 – Queuing techniques”
With the convergence of voice, video and data applications, business networks face increasing traffic demands. MPLS enablesclass of service (CoS) tagging and prioritization of network traffic, so administrators may specify which applications should move across the network ahead of others. This function makes an MPLS network especially important to firms that need to ensure the performance of low-latency applications such as VoIP and their other business-critical functions. MPLS carriers differ on the number of classes of service they offer and in how these CoS tiers are priced
SBM is stand for Subnet Bandwidth Management(Manager) which works like the RSVP protocol. It a top-to-bottom QoS approach and applies to data link layer. All traffic must pass at least one of switch or router that was enabled. SBM is described in RFC 2814 (SBM-Subnet Bandwidth Manager: A Protocol for RSVP-Based Admission Control over IEEE 802-Style Networks, May 2000).
Here is the link to get NBAR(Network Based Application Recognition) PDLM(Packet Description Language Modules) for CIsco gears
What is implicit withdraw and explicit withdraw?
Route map for outgoing advertisements is out-cust-full
Prefix activity: —- —-
Prefixes Current: 267441 10 (Consumes 416 bytes)
Prefixes Total: 36446984 12
Implicit Withdraw: 31214720 6
Explicit Withdraw: 5210431 2
Used as bestpath: n/a 7
Used as multipath: n/a 0
Implicit withdraw: Number of times that a prefix has been withdrawn and readvertised, this number is smaller than Prefix Total(sent in this case).
Explicit withdraw: Number of times that prefix is withdrawn because it is no longer feasible.
1. How do I remove a neighbor?
2. How do I shutdown a session?
3. How do I clear or restart a session?
4. How do I clear BGP session without hard reset?
5. How do I clear all BGP sessions?
7. How do I display routes that belong to the specified communities?
8. How do I display routes that are permitted by community list?
9. How do I display routes that are matched by the specified autonomouse system path access list?
10. How do I display the routes with inconsistent originating autonomous systems?
11. How do I display the routes that match the specified regular expression entered on the command line?
12. How do I display the contents of the BGP routing table?
13. How do I display routes learned from a paticular BGP neighbor?
15. How do I display information about BGP peer groups?
16. How do I display the status of all BGP connections?
17. How do I look at a BGP session to see if it is up?
18. How do I see what routes are being seen?
19. How do I see what routes are being advertised?
1. Get the latest BGP community string from your ISP/upstream provider or check CiscoNET.com web site.
2. Pick the best BGP community string for your traffic shaping plan (mainly incoming traffic). Most of ISPs are providing community string with local preference and AS prepending option. Cannot tell which one is better than the other. It will depend on your global traffic shaping plan.
3. Follow the below commands ( Cisco only )
The below Sample configuration will tag the 10.0.0.0/24 route with [ISP AS]:120 or [ISP AS]:3 and will not tag any other routes.
router(config)#ip bgp-community new-format
router(config)#access-list 10 permit 10.0.0.0 0.0.0.255
router(config)#access-list 10 deny any
router(config)#route-map [to-ISP] permit 10
router(config-route-map)#match ip address 10
router(config-route-map)#set community [ISP AS]:120 <—- using Local Preference
router(config-route-map)#set community [ISP AS]:3 <——- using AS prepending
router(config-route-map)#route-map [to-ISP] permit 20
router(config)#router bgp [xxxx] <——————————- xxxx = customer’s ASN
router(config-router)#neighbor x.x.x.x send-community
router(config-router)#neighbor x.x.x.x route-map [to-ISP] out
router#copy running-config startup-config
4. And then, go to www.CiscoNET.com and pick one of route server on the map to see your announcement. If you are using AS prepending option, you will see your AS prepends on route servers. Sometime you might not see your route with particular ISP path.
In most of case it might not be any routing problem, just the route path was dropped at somewhere by BGP best path selection scheme. Try Oregon route server, if you can see your route. The Oregon route server is providing many possible and available paths between BGP speakers and neighbors.
If you don’t see your route on there? check other route servers and also check your BGP configuration. You might need to contact your upstream provider to check what they are learning BGP route from you.
Backdoor only makes the IGP learned route the preferred route. To specify a backdoor route to a BGP border router that will provide better information about the network, use the network backdoor router configuration command. To remove an address from the list, use the no form of this command.
By definition, eBGP updates have a distance of 20 that is lower than the IGP distances. Default distance is 120 for RIP, 100 for IGRP, 90 for EIGRP, and 110 for OSPF. By default, BGP has the following distances, but that could be changed by the distance command
It will change the distance of an eBGP route to 200
Within any BGP autonomous system, every IBGP speaker must have a fully meshed peering arrangement with every other iBGP speaker. This is due to the fact that a BGP speaker will not advertise a route learned via another iBGP speaker to a third iBGP speaker. The use of route reflectors is one way to maintain connectivity throughout the AS without having a fully meshed peering arrangement. By relaxing this restriction a bit and by providing additional control, we can allow a router to advertise (reflect) iBGP learned routes to other iBGP speakers.
When using route reflectors, the clients need only peer to the route reflector.
RFC 1105, Obsolete – Border Gateway Protocol (BGP)
RFC 1654, Obsolete – A Border Gateway Protocol 4 (BGP-4)
RFC 1655, Obsolete – Application of the Border Gateway Protocol in the Internet
RFC 1657, Definitions of Managed Objects for the Fourth Version of the Border Gateway
RFC 1771, Obsolete – A Border Gateway Protocol 4 (BGP-4)
RFC 1772, Application of the Border Gateway Protocol in the Internet Protocol (BGP-4) using SMIv2
RFC 1965, Obsolete – Autonomous System Confederations for BGP
RFC 2918, Route Refresh Capability for BGP-4
RFC 3065, Autonomous System Confederations for BGP
RFC 3392, Capabilities Advertisement with BGP-4
RFC 4272, BGP Security Vulnerabilities Analysis
RFC 4273, Definitions of Managed Objects for BGP-4
RFC 4274, BGP-4 Protocol Analysis
RFC 4275, BGP-4 MIB Implementation Survey
RFC 4276, BGP-4 Implementation Report
RFC 4277, Experience with the BGP-4 Protocol
RFC 4278, Standards Maturity Variance Regarding the TCP MD5 Signature Option and the BGP-4 Specification
Reset BGP session without interrupt session using soft out or soft inbound commands
Configure BGP Soft-Reconfiguration
Whenever there is a change in the policy, the BGP session has to be cleared for the new policy to take effect. Clearing a BGP session causes cache invalidation and results in a tremendous impact on the operation of networks. Which is not delightful event!
Soft reconfiguration allows policies to be configured and activated without clearing the BGP session. Soft reconfiguration can be done on a per-neighbor basis.
- When soft reconfiguration is used to generate inbound updates from a neighbor, it is called inbound soft reconfiguration.
- When soft reconfiguration is used to send a new set of updates to a neighbor, it is called outbound soft reconfiguration.
Performing inbound reconfiguration enables the new inbound policy to take effect. Performing outbound reconfiguration causes the new local outbound policy take effect without resetting the BGP session. As a new set of updates is sent during outbound policy reconfiguration, a new inbound policy of the neighbor can also take effect.
In order to generate new inbound updates without resetting the BGP session, the local BGP speaker should store all the received updates without modification, regardless of whether it is accepted or denied by the current inbound policy. This is memory intensive and should be avoided. On the other hand, outbound soft reconfiguration does not have any memory overhead. One could trigger an outbound reconfiguration in the other side of the BGP session to make the new inbound policy take effect.
To allow inbound reconfiguration, BGP should be configured to store all received updates. However, outbound reconfiguration does not require preconfiguration.
To configure BGP soft configuration, perform the following task in router configuration mode:
To clear bgp session from router CLI
Router#clear ip bgp x.x.x.x (neighbor IP) soft inbound
Well, if you want to reset entire BGP sessions
Our implementation of BGP supports BGP Versions 2, 3, and 4. If the neighbor does not accept default Version 4, dynamic version negotiation is implemented to negotiate down to Version 2.
If you specify a BGP peer group by using the peer-group-name argument, all members of the peer group will inherit the characteristic configured with this command.
! ip vrf ALL-VRF rd 123:4 route-target export 123:4 route-target import 123:1 route-target import 123:2 route-target import 123:3
By definition the routes that you “export” are only the routes you advertise on the vrf address family in BGP. The routes that you import are the cummulative routes with the same label that were exported from the other routers participating in the MPLS VPN. Remember that you don’t export what you have learned through importation. Check the diagram below and the scenario we need to accomplish in this lab.
1. EMEA should have full ip reachability to APAC and AMERICAS but APAC and AMERICAS should not see each other.
2. RR should only see the all the routes but will not be seen by the routers.
I have setup everything and configured MPLS as well. I have configured the clients on the RR on both ipv4 and vpnv4 address-families. The command “show ip bgp vpnv4 all sum” on the RR should show that its learning prefixes from the clients.
RR#sh ip bgp vpnv4 all sum BGP router identifier 126.96.36.199, local AS number 123 BGP table version is 13, main routing table version 13 12 network entries using 1644 bytes of memory 12 path entries using 816 bytes of memory 4/3 BGP path/bestpath attribute entries using 496 bytes of memory 3 BGP extended community entries using 72 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 3028 total bytes of memory BGP activity 12/0 prefixes, 12/0 paths, scan interval 15 secs Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 188.8.131.52 4 123 52 57 13 0 0 00:40:41 2 184.108.40.206 4 123 53 61 13 0 0 00:41:26 2 220.127.116.11 4 123 43 44 13 0 0 00:36:44 2
We can clearly see that its learning prefixes in the vpnv4 but will not put those routes in the routing table until it has been imported in one of the VRF’s. In our case, I have configured vrf ALL-VRF in RR and imported all the route-targets 123:1, 123:2 and 123:4. In a VRF you can export and import as many route-targets as needed. Lets see if RR can see the routes now
RR ! ip vrf ALL-VRF rd 123:4 route-target export 123:4 route-target import 123:1 route-target import 123:2 route-target import 123:3 RR#sh ip route vrf ALL-VRF Routing Table: ALL-VRF Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 18.104.22.168/32 is subnetted, 1 subnets B 22.214.171.124 [200/0] via 126.96.36.199, 00:46:26 188.8.131.52/32 is subnetted, 1 subnets B 184.108.40.206 [200/0] via 220.127.116.11, 00:46:26 18.104.22.168/32 is subnetted, 1 subnets B 22.214.171.124 [200/0] via 126.96.36.199, 00:46:26 188.8.131.52/32 is subnetted, 1 subnets B 184.108.40.206 [200/0] via 220.127.116.11, 00:46:26 18.104.22.168/32 is subnetted, 1 subnets B 22.214.171.124 [200/0] via 126.96.36.199, 00:46:26 188.8.131.52/32 is subnetted, 1 subnets B 184.108.40.206 [200/0] via 220.127.116.11, 00:46:28 18.104.22.168/32 is subnetted, 1 subnets C 22.214.171.124 is directly connected, Loopback40
Ok, we have meet the first condition. RR is now able to see the routes exported by the RR clients. They won’t see the route advertised in RR because the clients are not even importing that route. Full reachability in MPLS VPN requires that one router’s exported route-target should be imported by another and vice-versa, otherwise you can only see the route but you won’t be able to reach it. The networks should be in the corresponding VRF routing table of the routers.
To illustrate this point, let’s configure the second scenario. Below are the VRF configurations on the 3 clients.
APAC# ! ip vrf APAC rd 123:1 route-target export 123:1 route-target import 123:3 AMERICAS# ! ip vrf AMERICAS rd 123:2 route-target export 123:2 route-target import 123:2 EMEA# ! ip vrf EMEA rd 123:3 route-target export 123:3 route-target export 123:2 route-target import 123:1 route-target import 123:2
APAC is exporting route-target 123:1 and its importing 123:3 which is exported by EMEA. EMEA on the other hand is importing 123:1 and exporting 123:3. There should be full ip reachability between the two. By the way the route-target ID doesn’t necessarily match with the RD. Normally for networks that should see each other in MPLS VPN both the export and import route target ID’s are the same. It will get rid of any unnecessary confusion created by using different RT ID’s. Take into consideration AMERICAS and EMEA routers. As you can see on the config above, AMERICAS is importing and exporting 123:2. One command can generate the both export and import and that is “route-target both 123:2”. EMEA is importing and exporting also 123:2 which means they will reach each other. Let’s test if we have accomplished the condition, we will show the routing table in APAC and AMERICAS and let’s ping the networks in EMEA. The ping should be sourced on the loopback interfaces where we configured the VRF’s.
APAC#sh ip route vrf APAC Routing Table: APAC Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 126.96.36.199/32 is subnetted, 1 subnets C 188.8.131.52 is directly connected, Loopback0 184.108.40.206/32 is subnetted, 1 subnets B 220.127.116.11 [200/0] via 18.104.22.168, 01:04:51 22.214.171.124/32 is subnetted, 1 subnets B 126.96.36.199 [200/0] via 188.8.131.52, 01:04:51 184.108.40.206/32 is subnetted, 1 subnets C 220.127.116.11 is directly connected, Loopback10 APAC#ping vrf APAC 18.104.22.168 source lo0 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 22.214.171.124, timeout is 2 seconds: Packet sent with a source address of 126.96.36.199 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 248/346/436 ms AMERICAS#sh ip route vrf AMERICAS Routing Table: AMERICAS Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 188.8.131.52/32 is subnetted, 1 subnets C 184.108.40.206 is directly connected, Loopback0 220.127.116.11/32 is subnetted, 1 subnets B 18.104.22.168 [200/0] via 22.214.171.124, 00:56:20 126.96.36.199/32 is subnetted, 1 subnets B 188.8.131.52 [200/0] via 184.108.40.206, 00:56:20 220.127.116.11/32 is subnetted, 1 subnets C 18.104.22.168 is directly connected, Loopback10 AMERICAS#ping vrf AMERICAS 22.214.171.124 source lo0 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 126.96.36.199, timeout is 2 seconds: Packet sent with a source address of 188.8.131.52 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 184/593/1020 ms EMEA#sh ip route vrf EMEA Routing Table: EMEA Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 184.108.40.206/32 is subnetted, 1 subnets B 220.127.116.11 [200/0] via 18.104.22.168, 00:00:00 22.214.171.124/32 is subnetted, 1 subnets B 126.96.36.199 [200/0] via 188.8.131.52, 01:07:06 184.108.40.206/32 is subnetted, 1 subnets C 220.127.116.11 is directly connected, Loopback10 18.104.22.168/32 is subnetted, 1 subnets C 22.214.171.124 is directly connected, Loopback0 126.96.36.199/32 is subnetted, 1 subnets B 188.8.131.52 [200/0] via 184.108.40.206, 01:07:06 220.127.116.11/32 is subnetted, 1 subnets B 18.104.22.168 [200/0] via 22.214.171.124, 00:00:03
It will take a while to get used to VRF Route-target if you are just learning it but this should be pretty easy. Remember, you can’t reach a network that you have imported unless it exported your network. In MPLS VRF, entries in your VRF routing table doesn’t assure reachability, the router in the destination network should also have your network in its VRF routing table.