Cisco Mobile Wireless Home Agent Release 5.2 for Cisco IOS Release 12.4(22)YD2
Home Agent Quality of Service
Downloads: This chapterpdf (PDF - 113.0KB) The complete bookPDF (PDF - 5.78MB) | Feedback

Home Agent Quality of Service

Table Of Contents

Home Agent Quality of Service

Overview of HA QoS

QoS Policing

Restrictions

Configuring HA QoS

QoS Configuration Examples

Verifying the Configuration

Show Command Examples


Home Agent Quality of Service


This chapter discusses concepts related to Quality of Service on the Cisco Mobile Wireless Home Agent, and provides details about how to configure this feature.

This chapter includes the following sections:

Overview of HA QoS

Configuring HA QoS

QoS Configuration Examples

Overview of HA QoS

Currently, the Home Agent does not support the ability to limit traffic based on rate specified on a per-user basis for various user-subscribed services such as Voice over IP (VoIP), Push-to-Talk (PTT) etc. The per-binding flow policing feature provides the ability to forward packets at rates enforced by a NAI-based user and appropriate for each binding registered on the Home Agent.


Note Per-binding flow means one binding per NAI.


The key benefits of this feature include the following:

Utilizes the robust Modular QoS CLI (MQC) for performing QoS actions.

Ensures the original DSCP options are preserved in the downstream packets originated from the internet to the MN, by copying the DSCP from the inner to the outer tunnel header.

Identifies, classifies, and polices traffic for individual or all users in a realm registered on the Home Agent. This is done for upstream and downstream traffic. The use of MQC allows operators to group user traffic according to a classmap and policymap, and dynamically specify bandwidth requirements at the time of binding flow identification.

QoS Policing

On the Cisco HA, QoS policing is enabled as follows:


Step 1 A user attaches a service-policy to an APN virtual interface recognized by the QoS infrastructure. This is done using the extended ip mobile realm command for convenience of performing policing for a group of NAI-based users (on a per-realm basis). This allows a user-configured policymap to be applied to the APN interface, which helps to classify Mobile IP data packets through the HA. Also the peak-rate can be specified to MQC in either input (downstream) or output (upstream) directions.

Step 2 Using MQC classmap/policymap commands, a "match flow pdp" filter is configured that classifies packets for individual flows (bindings) and informs the HA to send police parameters during flow identification. Police rate pdp peak-rate pdp commands, along with the burst values and the various actions needed, are configured under the policy-map, for the class-map for which the match type is flow pdp. Peak-rate values for the upstream and downstream are configured using the ip mobile realm command.

After the initial RRQ processing, when a binding is registered on the Home Agent, the first packet corresponding to a binding is intercepted in CEF path and policing rules are applied to it. Based on this behavior, police action is invoked on subsequent packets according to configured peak rate, conform burst, and exceed burst values. MQC QoS determines when a user police request has exceeded the configured rate and accordingly permits or drops the packet. For every active binding, a QoS flow exists and a run time state is stored on the HA.


Restrictions

Please note following restrictions:

Only single-rate policing is allowed. There is no bandwidth reservation, so policing is done based on a maximum bandwidth rate specified by user.

Once the service policy attachment and police actions are configured they cannot be modified. To modify policy or associated parameters, the existing service policy needs to be removed and a new one configured in its place.

Policing can be applied only to users registering using a NAI username.

In the MQC command set when match flow pdp is configured for a class only the police command can be configured. Other actions are not allowed.

There is no traffic shaping feature implemented.

Configuring HA QoS

To enable the HA QoS feature, perform the following tasks:

 
Command
Purpose

Step 1 

Router(config)ip mobile realm [nai | realm] [service-policy {input policy-name [peak-rate rate] |output policy-name [peak-rate rate]}]

Configures a policy and associated rate for one or more user bindings belonging to that policy on the basis of NAI/realm. This can be configured for both upstream and downstream traffic.

Step 2 

Router(conf t)# class-map class-name

Specifies a class map name and enters global classmap mode.

Step 3 

Router(config-cmap)#match flow pdp


Classifies HA packets for each binding belonging to a class of MN users with a specified rate.

Step 4 

Router(config-pmap-c)# police rate pdp [burst bytes] [peak-rate pdp [peak-burst bytes]] conform-action action [exceed-action action [violate-action action]]

Invokes a specified police action on a binding flow. peak-rate pdp keywords ensure that policing is done based on the rate specified for each binding flow.

The above configuration details have the following restrictions:

You cannot remove one of the policies (either input or output) if both policies are configured.

You cannot modify the existing service-policy for a realm without unconfiguring and then configuring it.

You cannot configure output-policy first, and then input policy.

QoS Configuration Examples

Here is a configuration example for the QoS feature on the Cisco Mobile Wireless HA:

class-map match-all class-mip
 match flow pdp
 
policy-map policy-mip-flow
 class class-mip
   police rate pdp burst 1400  peak-rate pdp peak-burst 1700
     conform-action transmit
     exceed-action drop
     violate-action drop
 
ip mobile realm @cisco.com service-policy input policy-mip-flow peak-rate 9000 output 
policy-mip-flow peak-rate 8000

Verifying the Configuration

To dislay various statistics for the HA QoS feature, perform the following tasks:

 
Command
Purpose

Step 1 

Router#show ip mobile binding police nai @example.com

Displays when QoS policing is enabled, statistics for each individual binding, and is provided as an extension to the existing show ip mobile binding command. Details such as police rate in bps, and the packets that have conformed, exceeded, or violated the rate are displayed.

Step 2 

Router# show policy-map apn realm string

Displays aggregate statistics on a per-realm basis.

Show Command Examples

The following examples display QoS binding statistics and aggregate statistics:

Router#sh ip mob bind police nai mip-qos-user1@cisco.com: 
Mobility Binding List:
Total number of QoS bindings is 1
mip-qos-user1@cisco.com: 
Downlink Policing
 
      police:
          rate 8000 , bc 1400 bytes
         peak-rate 9000, be 1700 bytes
        conformed 3000 packets, 312000 bytes; actions:
          drop 
        exceeded 0 packets, 0 bytes; actions:
          drop 
        violated 0 packets, 0 bytes; actions:
          drop 
Uplink Policing
 
      police:
          rate 8000 , bc 1400 bytes
         peak-rate 8000, be 1700 bytes
        conformed 6000 packets, 516000 bytes; actions:
          drop 
        exceeded 0 packets, 0 bytes; actions:
          drop 
        violated 0 packets, 0 bytes; actions:
          drop 
Router#
 
Router#sh policy-map apn realm cisco.com
 APN 566497294
 
  Service-policy input: toMN
 
    Class-map: HA4.0 (match-all)
      1 packets, 118 bytes
      30 second offered rate 0 bps, drop rate 0 bps
      Match: flow pdp
      police:
          rate pdp, bc 1400 bytes
         peak-rate pdp, be 1700 bytes
        conformed 0 packets, 0 bytes; actions:
          transmit
        exceeded 0 packets, 0 bytes; actions:
          drop
        violated 0 packets, 0 bytes; actions:
          drop
 
    Class-map: class-default (match-any)
      0 packets, 0 bytes
      30 second offered rate 0 bps, drop rate 0 bps
      Match: any
 
  Service-policy output: fromMN
 
    Class-map: HA4.0 (match-all)
      1 packets, 100 bytes
      30 second offered rate 0 bps, drop rate 0 bps
      Match: flow pdp
      police:
          rate pdp, bc 1400 bytes
         peak-rate pdp, be 1700 bytes
        conformed 1 packets, 100 bytes; actions:
          transmit
        exceeded 0 packets, 0 bytes; actions:
          drop
        violated 0 packets, 0 bytes; actions:
          drop
 
    Class-map: class-default (match-any)
      0 packets, 0 bytes
      30 second offered rate 0 bps, drop rate 0 bps
      Match: any
Router#