Cisco 10000 Series Router Quality of Service Configuration Guide
Classifying Traffic
Downloads: This chapterpdf (PDF - 423.0KB) The complete bookPDF (PDF - 21.32MB) | Feedback

Classifying Traffic

Table Of Contents

Classifying Traffic

Traffic Classification Using Class Maps

Feature History for Class Maps

System Limits for Class Maps

PRE3 Class Maps and QoS Scalability

class-map Command

Syntax Description

class-map Command History

Usage Guidelines for the class-map Command

qos match statistics Command

Syntax Description

Command Default

qos match statistics Command History

Usage Guidelines for the qos match statistics Command

Defining Match Criteria Using the match Commands

match Commands History

Usage Guidelines for match Commands

Class-Default Class

Restrictions and Limitations for Traffic Classification

Classifying Traffic Using a Class Map

Creating a Class Map

Configuration Examples for Classifying Traffic

Verifying Traffic Classification

Verification Example

Defining QoS Policy Actions

Related Documentation


Classifying Traffic


This chapter describes how to create traffic classification rules that the Cisco 10000 series router can use to classify inbound and outbound traffic.

Even with fast interfaces, most networks require a strong quality of service (QoS) management model to effectively manage the congestion points that occur due to speed-mismatch or diverse traffic patterns. Real world networks have limited resources and resource bottlenecks, and need QoS policies to ensure proper resource allocation.

The first step in creating a QoS service policy is to define how you want the router to classify traffic. The traffic that matches the classification criteria is then subject to the QoS policy you create and apply to the interface.

This chapter includes the following topics:

Traffic Classification Using Class Maps

Restrictions and Limitations for Traffic Classification

Classifying Traffic Using a Class Map

Related Documentation

Traffic Classification Using Class Maps

The Cisco 10000 router must differentiate traffic before it can apply the appropriate QoS actions to the traffic. The router supports a modular QoS CLI element called a class map, which you can use to define traffic classification rules or criteria.

Class maps organize data packets into specific categories called classes that can, in turn, receive user-defined QoS policies. The traffic class defines the classification rules for packets received on an interface. One or more match command statements in the class map define the criteria by which the router classifies packets into specific classes. Packets arriving at either the input or output interface (depending on the service-policy command configuration) are checked against the match criteria of a class map to determine if the packet belongs to that class.

When configuring a class map, you can use one or more match commands to specify match criteria. For example, you can use the following commands:

match access-group command

match protocol command

match input-interface command

Feature History for Class Maps

Cisco IOS Release
Description
Required PRE

Release 12.0(17)SL

The class map feature was introduced on the PRE1.

PRE1

Release 12.2(15)BX

This feature was introduced on the PRE2.

PRE2

Release 12.2(28)SB

This feature was integrated in Cisco IOS Release 12.2(28)SB for the PRE2.

PRE2

Release 12.2(31)SB2

This feature was integrated in Cisco IOS Release 12.2(31)SB2 for the PRE3.

Enhancements to the modular quality of service CLI (MQC) allow you to classify packets on the L2TP access concentrator (LAC) based upon the IP type of service (ToS) bits in an embedded IP packet. The classification is used to police ingress traffic according to the differentiated service code point (DSCP) value.

PRE3

Release 12.2(33)SB

This feature was enhanced to support matching on the Frame Relay Discard Eligibility (DE) bit.

PRE2, PRE3, PRE4


System Limits for Class Maps

Table 2-1 lists the system limits for class maps on the Cisco 10000 series router. In the table, the number of class maps per system and the number of classes per policy map include the class-default class.

Table 2-1 System Limits for Class Maps 

Processor
Cisco IOS Release
Number of Class Maps per System
Number of Match Statements per Class Map
Number of Classes
per Policy Map

PRE1

All Releases earlier than Release 12.0(17)SL

256

16

16

Release 12.0(17)SL
and later releases

256

16

256

Release 12.0(25)SX
and later releases

256

16

32

PRE2

Release 12.2(15)BX
and later releases

262,000

16

64

Release 12.3(7)XI
and later releases

262,000

16

127

PRE3

Release 12.2(31)SB2
and later releases

262,144 (per-match mode)

4,194,304 (per-class mode)

16

64

PRE4

Release 12.2(33)SB and later releases

262,144 (per-match mode)

4,194,304 (per-class mode)

16

64


PRE3 Class Maps and QoS Scalability

The Cisco 10000 series router with a PRE3 counts QoS matches for each class or for each match. As the following describes, you can achieve greater scalability with per-class mode counting enabled on the router:

Per-match mode (default mode)—The router counts matches for each match statement and class, and supports 262,144 unique class maps per system.

Per-class mode—The router counts matches for the entire class and supports 4,194,304 unique class maps. This mode provides greater scalability.

To configure per-match or per-class QoS match statistics, use the qos match statistics command. For more information, see the "qos match statistics Command" section.


Note The qos match statistics command is not available on the PRE2. Due to memory limitations, the PRE2 cannot exceed 262,000 class maps.


When using the show commands in per-class mode, the per-match statistics display a value of zero. In per-class mode, the per-match statistics are zero in the MIB.

class-map Command

To create or modify a class map, use the class-map command in global configuration mode. To remove a class map, use the no form of this command. By default, the router uses match-all.

class-map [match-any | match-all] class-map-name
 
   
no class-map [match-any | match-all] class-map-name

Syntax Description

match-any

(Optional) Indicates that a packet must meet at least one of the match criteria to be considered a member of the class.

match-all

(Optional) Indicates that a packet must meet all of the match criteria to be considered a member of the class.

class-map-name

Is the name of the class map. The name can be a maximum of 40 alphanumeric characters.


class-map Command History

Cisco IOS Release
Description

Release 12.0(17)SL

The class-map command was introduced on the PRE1.

Release 12.0(15)BX

This command was introduced on the PRE2.

Release 12.2(28)SB

This command was integrated in Cisco IOS Release 12.2(28)SB for the PRE2.

Release 12.2(31)SB2

This command was integrated in Cisco IOS Release 12.2(31)SB2 for the PRE3.


Usage Guidelines for the class-map Command

Use the class-map command to create or modify class map match criteria. The router compares the packets that arrive at the input or output interface to the match criteria configured for a class map. If a packet matches the criteria, the router designates the packet as belonging to the class.

When you configure a class map, you can use one or more match commands to specify the match criteria. For example, you can configure the match access-group command, the match protocol command, and the match input-interface command in a class map. The router compares the arriving packets to the match criteria in the order in which you entered the criteria.

qos match statistics Command

To configure the router to count QoS matches for each class or for each match statement and class, use the qos match statistics command in global configuration mode.

qos match statistics {per-class | per-match}

Syntax Description

per-class

Specifies to count QoS matches for the entire class. This mode provides greater scalability.

per-match

Specifies to count matches for each match statement and class. This mode provides PRE2 backward compatibility.


Command Default

Per-match is the default mode.

qos match statistics Command History

Cisco IOS Release
Description

Release 12.2(31)SB2

This command was introduced and implemented on the Cisco 10000 series router for the PRE3.


Usage Guidelines for the qos match statistics Command

This command does not allow a no form of the command. The command operates in either per-match mode or per-class mode. Specifying one mode automatically negates the current mode.

The Cisco 10000 series router with a PRE3 supports 262,144 unique class maps per system in per-match mode and 4,194,304 unique class maps per system in per-class mode. Per-class mode provides greater QoS scalability.

This command is not available on the PRE2. Due to memory limitations, the PRE2 supports a maximum of 262,000 class maps per system.

When using the show commands in per-class mode, the per-match statistics display with a value of zero. In per-class mode, the per-match statistics are zero in the MIB.

Defining Match Criteria Using the match Commands

To define the classification criteria for a class map, use the match commands in class-map configuration mode. The match statements you define are the criteria the router uses to classify packets. To remove a match statement, use the no form of this command. The router defaults to match-all.

Command
Purpose

Router(config-cmap)# match access-group {number | name}

Specifies that the packet must be permitted by the specified access control list (ACL).

number identifies the ACL applied to an interface. Valid values are from 1 to 2699.

name specifies that the packet must be permitted by the access list whose name is name. The name can be a maximum of 40 alphanumeric characters.

Router(config-cmap)# match-all

Specifies that the packet must match all of the matching criteria defined for a class map.

Router(config-cmap)# match-any

Specifies that the packet must match at least one of the matching criteria defined for a class map.

Router(config-cmap)# match not criteria

Specifies that the packet must not match this particular matching criterion value.

criteria specifies the match criterion value that is an unsuccessful match criterion. All other values of the specified match criterion are considered successful match criteria.

Router(config-cmap)# match cos value

Specifies that the packet class of service (CoS) bit value must match the specified CoS value.

value is a number from 0 to 7. You can specify up to four CoS values, separated by a space.

Note For Cisco IOS Release 12.2(31)SB2 and later releases, this command is available on the PRE2 and PRE3 for inbound policies only. For earlier releases, this command is available only on the PRE2 for inbound policies only.

Router(config-cmap)# match discard-class value

Specifies that the discard-class value must match the specified discard-class value.

Packets that match the specified discard-class value are treated differently from packets marked with other discard-class values. The discard-class is a matching criterion only, used in defining per-hop behavior (PHB) for dropping traffic.

value is a number from 0 to 7. You can specify up to 4 values, separated by a space. The value has no mathematical significance. For example, the discard class value 2 is not greater than 1. The value simply indicates that a packet marked with discard class 2 should be treated differently than a packet marked with discard class 1.

Note This command requires Cisco IOS Release 12.3(7)XI or later releases and is available only on the PRE2.

Router(config-cmap)# match fr-de

Specifies that the router is to look for the Frame Relay discard eligibility (DE) bit in the packets.

Router(config-cmap)# match input-interface name

Specifies that the packet input interface must match the interface name.

Router(config-cmap)# match ip dscp {ip-dscp-value | afxy | csx | ef | default}

Specifies that the packet IP differentiated service code point (DSCP) value must match one or more of the specified attributes.

ip dscp ip-dscp-value specifies the DSCP value to match on. Valid values are from 0 to 63. You can specify up to 8 code point values, using a space to separate consecutive values.

Instead of specifying a numeric ip-dscp-value, you can specify one of the following reserved keywords:

afxy indicates assured forwarding points. The first number (x) indicates the AF class. Valid values are from 1 to 4. The second number (y) indicates the level of drop preference within each class. Valid values are from 1 (low drop) to 3 (high drop).

cs indicates class selector code points that are backward-compatible with IP precedence. Valid values for x are 1 through 7. The CS code points (CS1 through CS7) are identical to IP precedence values 1 through 7.

ef indicates expedited forwarding.

default indicates best effort or DSCP 0.

For more information, see Table 7-4.

Note In Cisco IOS Release 12.2(31)SB2 and later releases, enhancements to the modular quality of service CLI (MQC) allow you to classify packets on the L2TP access concentrator (LAC) based upon the IP type of service (ToS) bits in an embedded IP packet. The classification is used to police ingress traffic according to the DSCP value.

Router(config-cmap)# match ip precedence {ip-precedence-value | precedence-name}

Specifies that the packet IP precedence value must match one or more precedence values or the name of the precedence.

ip-precedence-value is the IP precedence value to match on. Valid values are from 0 to 7. You can specify up to 8 precedence values, using a space to separate consecutive values.

precedence-name is the name of the IP precedence value.

For more information, see Table 7-2.

Router(config-cmap)# match ip rtp {lowest-udp-port range}

Specifies that the packet even UDP port value must be within the specified range of port numbers. Only even-numbered ports are matched because they carry the real-time data streams. Odd-numbered ports are not matched because they only carry control information.

lowest-udp-port is a number from 0 to 65535 and is the lowest number in the range.

range specifies a number from 0 to 65535 and is the highest number in the range.

Router(config-cmap)# match mpls experimental mpls-exp-value

Specifies that the experimental (EXP) bit value of the packet must match the MPLS EXP value that you specify.

mpls-exp-value specifies the value to which you want to set the MPLS EXP bits. Valid values are from 0 to 7. You can specify up to 8 MPLS EXP values.

Note This command is available only on the PRE1.

Router(config-cmap)# match mpls experimental imposition value

Specifies that the experimental (EXP) bit value on the imposed label entry of the packet must match the MPLS EXP value that you specify.

value specifies the value to which you want to set the MPLS EXP bits. Valid values are from 0 to 7. You can specify up to 8 MPLS EXP values.

Note The match mpls experimental imposition command is available only on the PRE2.

Router(config-cmap)# match mpls experimental topmost value

Matches the experimental (EXP) value in the topmost label.

value specifies the value to which you want to set the MPLS EXP bits in the topmost label header. Valid values are from 0 to 7.

Note The match mpls experimental topmost command is available only on the PRE2.

Router(config-cmap)# match qos-group number

Specifies that the packet QoS group number value must match the specified QoS group number.

number is a group number from 0 to 99.


match Commands History

Cisco IOS Release
Command
Description

Release 12.0(17)SL

match

The match command was introduced on the PRE1.

match access-group

This command was enhanced to include matching on access lists.

match-all

This command was enhanced to include matching on all of the match criteria.

match-any

This command was enhanced to include matching on one match criterion.

match input-interface

This command was enhanced to include matching on the input interface.

match ip dscp

This command was enhanced to include matching on the IP DSCP value.

match ip precedence

This command was enhanced to include matching on the IP precedence value.

match ip rtp

This command was enhanced to include matching on the IP Real-Time Transport Protocol (RTP).

match qos-group

This command was enhanced to include matching on a QoS group.

Release 12.0(17)SL

match not

This command was enhanced to include matching on criteria that the packet does not match.

Release 12.0(22)S

match mpls experimental

This command was enhanced to include matching on the MPLS experimental (EXP) bit value.

Release 12.2(15)BX

match cos

This command was introduced on the PRE2 and enhanced to include matching on the class of service for inbound policies only.

Release 12.2(16)BX

match mpls experimental topmost

This command was enhanced to include matching on the experimental (EXP) bit value on the topmost label entry of the packet.

Release 12.3(7)XI

match discard-class

This command was enhanced to include matching on the discard-class value.

match mpls experimental imposition

This command was enhanced to include matching on the experimental (EXP) bit value on the imposed label entry of the packet.

Release 12.2(28)SB

match

This command was integrated in Cisco IOS Release 12.2(28)SB.

Release 12.2(31)SB2

match cos

This command was introduced on the PRE3 to include matching on the class of service for inbound policies only.

match ip dscp

This command was introduced on the PRE3 to include matching on the IP DSCP value on the L2TP access concentrator (LAC).

match vlan

This command was introduced on the PRE3 to include matching on the VLAN ID for VLAN-group traffic classes.

Release 12.2(33)SB

match fr-de

This command was introduced on the PRE2, PRE3, and PRE4 to include matching on the Frame Relay discard eligibility (DE) bit.


Usage Guidelines for match Commands

match ip dscp

You must use the ip keyword to match DSCP values for IPv4 packets. The router supports only DSCP matching of IPv4 packets.

match ip precedence

You must use the ip keyword to match precedence values for IPv4 packets. The router supports only precedence matching of IPv4 packets.

match ip rtp

Use this command to match IP RTP packets destined to all even-numbered user datagram port (UDP) port numbers in the range you specify.

Matching on the RTP port range is particularly effective for applications that use RTP, such as voice or video.

match mpls-experimental-topmost

Use this command to include matching on the EXP bit value on the topmost label entry of the packet.

You can enter this command on input and output interfaces.

This command matches only on MPLS packets.

match not

Use this command to specify a QoS policy value that is not used as a match criterion. When you use the match not command, all other values of that QoS policy become successful match criteria.

For example, if you enter the match not qos-group 4 command in class-map configuration mode, the specified class accepts all QoS group values except 4 as successful match criteria.

match qos-group

Use this command to identify a specific QoS group number marking on a packet. You can also use this command to convey the received MPLS experimental (EXP) field value to the output interface.

The router only uses the QoS group number as an identifying mark. The QoS group numbers have no mathematical significance. For example, qos-group 2 is not greater than 1. The value simply indicates that a packet marked with qos-group 2 is different than a packet marked with qos-group 1. You define the treatment of these packets by defining QoS policies in a policy map.

The QoS group number is local to the router. The QoS group number that is marked on a packet does not leave the router when the packet leaves the router. To mark the packet with a value that resides in the packet, use an IP precedence setting, an IP DSCP setting, or another method of packet marking.

match vlan

Do not use this command with any other match command in a class map.

Class-Default Class

The class named class-default is a predefined traffic class that the router uses to classify traffic that does match one of the defined classes in a policy map. Although class-default is predefined, you can configure policy actions for it in the policy map. If you do not configure policy actions, by default the router classifies class-default traffic as first in, first out (FIFO) and gives the traffic best-effort treatment.

For more information on policy actions, see Chapter 3 "Configuring QoS Policy Actions and Rules."

Restrictions and Limitations for Traffic Classification

Each class map can have a maximum of 16 match statements.

The Cisco 10000 series router does not have a predefined scaling limit for classification.

A policy map with a traffic class based on the match fr-de command can be applied only on an inbound Frame Relay interface.

Classifying Traffic Using a Class Map

To classify traffic using a class map, perform the following tasks:

Creating a Class Map (required)

Verifying Traffic Classification (optional)

Defining QoS Policy Actions (required)
(See Chapter 3 "Configuring QoS Policy Actions and Rules.")

Creating a Class Map

To create a class map and specify the way in which the router should classify traffic, enter the following commands beginning in global configuration mode:

 
Command
Purpose

Step 1 

Router(config)# class-map class-map-name

Creates a class map and enters class-map configuration mode.

class-map-name is the name of the class map. The name can be a maximum of 40 alphanumeric characters.

Step 2 

Router(config-class-map)# match match_statement

Defines the classification criteria for the class map.

match_statement defines the matching criteria and can be one of the optional match commands listed in the "Defining Match Criteria Using the match Commands" section.

Configuration Examples for Classifying Traffic

Example 2-1 creates three class maps named voice, data, and application. The voice class map matches traffic using the even UDP port number, which must be within the specified range. In this example, the lowest port number can be 16384 and the highest port number can be 16383. The data class map matches traffic using IP precedence 1 and the application class map matches using IP precedence 2.

Example 2-1 Creating a Class Map

Router(config)# class-map voice
Router(config-cmap)# match ip rtp 16384 16383
Router(config-cmap)# exit
Router(config)# class-map data
Router(config-cmap)# match ip precedence 1
Router(config-cmap)# exit
Router(config)# class-map application
Router(config-cmap)# match ip precedence 2
 
   

Example 2-2 creates a class map named class1 that tells the router to look for packets that belong to access list 1 or that have an IP precedence value of 3 or 7.

Example 2-2 Defining Match Criteria

Router(config)# class-map class1
Router(config-cmap)# match access-group 1
Router(config-cmap)# match ip precedence 3 7

Verifying Traffic Classification

To verify traffic classification criteria, enter the following command in privileged EXEC configuration mode:

Command
Purpose

Router# show class-map class-map-name

Displays configuration information about the class map you specify, including the match criterion.

If you do not specify a class-map-name, the router displays configuration information for all of the class maps configured on the router.


Verification Example

Example 2-3 shows configuration information about the class map named class1.

Example 2-3 show class-map Command

Router# show class-map class1
 Class Map match-all class1 (id 3)
   Match access-group 1
	Match ip precedence 3 7

Defining QoS Policy Actions

After you create a class map and configure the match criteria by which the Cisco 10000 series router classifies traffic, you then need to tell the router how you want it to handle the matching packets. To do this, you define QoS policy actions in a policy map.

For more information, see Chapter 3 "Configuring QoS Policy Actions and Rules."

Related Documentation

This section provides hyperlinks to additional Cisco documentation for the features discussed in this document. To display the documentation, click the document title or a section of the document highlighted in blue. When appropriate, paths to applicable sections are listed below the documentation title.

Feature
Related Documentation

Classification

Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2

Part 1: Classification

QoS Packet Marking tech note

QoS: Classification of Locally Sourced Packets, Release 12.0S tech note

Packet Classification Using the Frame Relay DLCI Number, Release 12.0S tech note

QoS Packet Marking, Implementing Quality of Service tech note

QoS in the Enterprise, Deploying QoS in the Enterprise, Considerations for Multiservice Networks

Class maps

Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2

Part 8: Modular Quality of Service Command-Line Interface > Configuring the Modular Quality of Service Command-Line Interface > Modular QoS CLI Configuration Task List > Creating a Traffic Class

Cisco IOS Quality of Service Solutions Command Reference, Release 12.2

access-list rate-limit -- fair-queue (WFQ) > class-map command

match commands

Cisco IOS Quality of Service Solutions Command Reference, Release 12.3

match Commands

Modular Quality of Service Command-Line Interface (MQC)

Implementing Quality of Service (QoS) white paper

Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2

Modular Quality of Service Command-Line Interface Overview

Configuring the Modular Quality of Service Command-Line Interface