Cisco Nexus 5600 Series NX-OS Quality of Service Configuration Guide, Release 7.x

Information About Classification

Classification is the separation of packets into traffic classes. You configure the device to take a specific action on the specified classified traffic, such as policing or marking down, or other actions.

You can create class maps to represent each traffic class by matching packet characteristics with classification criteria.

Table 1. Classification Criteria
Classification Criteria	Description
Class map	Criteria specified in a named class-map object.
Precedence	Precedence value within the Type of Service (ToS) byte of the IP Header.
Differentiated Services Code Point (DSCP)	DSCP value within the DIffServ field of the IP Header.
Protocol	Selected set of protocols, including Address Resolution Protocol (ARP) and Connectionless Network Service (CLNS).
IP RTP	Identify applications using Real-time Transport Protocol (RTP) by UDP port number range.
ACL	Traffic is classified by the criteria defined in the access control list (ACL).

Table 2. Supported RFCs
RFC	Title
RFC 2474	Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers

Ingress Classification Policies

You use classification to partition traffic into classes. You classify the traffic based on the packet property (CoS field) or the packet header fields that include IP precedence, Differentiated Services Code Point (DSCP), and Layer 2 to Layer 4 parameters. The values used to classify traffic are called match criteria.

Traffic that fails to match any class is assigned to a default class of traffic called class-default.

Licensing Requirements for Classification

This feature does not require a license. Any feature not included in a license package is bundled with the Cisco NX-OS system images and is provided at no extra charge to you. For a complete explanation of the Cisco NX-OS licensing scheme, see the Cisco NX-OS Licensing Guide.

Configuring Class Maps

You can create or modify a class map with the class-map command. The class map is a named object that represents a class of traffic. In the class map, you specify a set of match criteria for classifying the packets. You can then reference class maps in policy maps.

Note

The class map type default is type qos and its match criteria default is match-all.

Procedure

	Command or Action	Purpose
Step 1	switch# configure terminal	Enters global configuration mode.
Step 2	switch(config)# class-map [type {network-qos \| qos \| queuing}] `class-map name`	Creates or accesses a named object that represents the specified class of traffic. Class-map names can contain alphabetic, hyphen, or underscore characters, are case sensitive, and can be up to 40 characters. The three class-map configuration modes are as follows: network-qos—Network-wide (global) mode. CLI prompt: switch(config-cmap-nq)# qos—Classification mode; this is the default mode. CLI prompt: switch(config-cmap-qos)# queuing—Queuing mode. CLI prompt: switch(config-cmap-que)#
Step 3	(Optional) switch(config)# class-map [type qos] [match-all \| match-any] `class-map name`	(Optional) Specifies that packets must match any or all criteria that is defined for a class map. match-all—Classifies traffic if packets match all criteria that is defined for a specified class map (for example, if both the defined CoS and the ACL criteria match). match-any—Classifies traffic if packets match any criteria that is defined for a specified class map (for example, if either the CoS or the ACL criteria matches). Class-map names can contain alphabetic, hyphen, or underscore characters, are case sensitive, and can be up to 40 characters.
Step 4	(Optional) switch(config)# no class-map [type {network-qos \| qos \| queuing}] `class-name`	(Optional) Deletes the specified class map. Class-map names can contain alphabetic, hyphen, or underscore characters, are case sensitive, and can be up to 40 characters.

Configuring CoS Classification

You can classify traffic based on the class of service (CoS) in the IEEE 802.1Q header. This 3-bit field is defined in IEEE 802.1p to support QoS traffic classes. CoS is encoded in the high order 3 bits of the VLAN ID Tag field and is referred to as user_priority.

Procedure

	Command or Action	Purpose
Step 1	switch# configure terminal	Enters global configuration mode.
Step 2	switch(config)# class-map type qos `class-name`	Creates a named object that represents a class of traffic. Class-map names can contain alphabetic, hyphen, or underscore characters, are case sensitive, and can be up to 40 characters.
Step 3	switch(config-cmap-qos)# match cos `cos-value`	Specifies the CoS value to match for classifying packets into this class. You can configure a CoS value in the range of 0 to 7.
Step 4	(Optional) switch(config-cmap-qos)# no match cos `cos-value`	(Optional) Removes the match from the traffic class.

Example

This example shows how to classify traffic by matching packets based on a defined CoS value:

switch# configure terminal
switch(config)# class-map type qos match-any class_cos
switch(config-cmap-qos)# match cos 4, 5-6

Use the show class-map command to display the CoS value class-map configuration:

switch# show class-map class_cos

Configuring Precedence Classification

You can classify traffic based on the precedence value in the type of service (ToS) byte field of the IP header (either IPv4 or IPv6). The following table shows the precedence values:

Table 3. Precedence Values
Value	List of Precedence Values
<0-7>	IP precedence value
critical	Critical precedence (5)
flash	Flash precedence (3)
flash-override	Flash override precedence (4)
immediate	Immediate precedence (2)
internet	Internetwork control precedence (6)
network	Network control precedence (7)
priority	Priority precedence (1)
routine	Routine precedence (0)

Procedure

	Command or Action	Purpose
Step 1	switch# configure terminal	Enters global configuration mode.
Step 2	switch(config)# class-map type qos match-any `class-name`	Creates a named object that represents a class of traffic. Class-map names can contain alphabetic, hyphen, or underscore characters, are case sensitive, and can be up to 40 characters.
Step 3	switch(config-cmap-qos)#match precedence `precedence-values`	Configures the traffic class by matching packets based on precedence values. For a list of precedence values, see the Precedence Values table.
Step 4	(Optional) switch((config-cmap-qos)# no match precedence `precedence-values`	(Optional) Removes the match from the traffic class. For a list of precedence values, see the Precedence Values table.

Example

This example shows how to classify traffic by matching packets based on the precedence value in the ToS byte field of the IP header:

switch# configure terminal
switch(config)# class-map type qos match-any class_precedence
switch(config-cmap-qos)# match precedence 1-2, critical

Use the show class-map command to display the IP precedence value class-map configuration:

switch# show class-map class_precedence

Configuring DSCP Classification

You can classify traffic based on the Differentiated Services Code Point (DSCP) value in the DiffServ field of the IP header (either IPv4 or IPv6).

Table 4. Standard DSCP Values
Value	List of DSCP Values
af11	AF11 dscp (001010)—decimal value 10
af12	AF12 dscp (001100)—decimal value 12
af13	AF13 dscp (001110)—decimal value 14
af21	AF21 dscp (010010)—decimal value 18
af22	AF22 dscp (010100)—decimal value 20
af23	AF23 dscp (010110)—decimal value 22
af31	AF31 dscp (011010)—decimal value 26
af32	AF32 dscp (011100)—decimal value 28
af33	AF33 dscp (011110)—decimal value 30
af41	AF41 dscp (100010)—decimal value 34
af42	AF42 dscp (100100)—decimal value 36
af43	AF43 dscp (100110)—decimal value 38
cs1	CS1 (precedence 1) dscp (001000)—decimal value 8
cs2	CS2 (precedence 2) dscp (010000)—decimal value 16
cs3	CS3 (precedence 3) dscp (011000)—decimal value 24
cs4	CS4 (precedence 4) dscp (100000)—decimal value 32
cs5	CS5 (precedence 5) dscp (101000)—decimal value 40
cs6	CS6 (precedence 6) dscp (110000)—decimal value 48
cs7	CS7 (precedence 7) dscp (111000)—decimal value 56
default	Default dscp (000000)—decimal value 0
ef	EF dscp (101110)—decimal value 46

Procedure

	Command or Action	Purpose
Step 1	switch# configure terminal	Enters global configuration mode.
Step 2	switch(config)# class-map type qos `class-name`	Creates a named object that represents a class of traffic. Class-map names can contain alphabetic, hyphen, or underscore characters, are case sensitive, and can be up to 40 characters.
Step 3	switch(config-cmap-qos)# match dscp `dscp-list`	Configures the traffic class by matching packets based on the values in the `dscp-list` variable. For a list of DSCP values, see the Standard DSCP Values table.
Step 4	(Optional) switch(config-cmap-qos)# no match dscp `dscp-list`	(Optional) Removes the match from the traffic class. For a list of DSCP values, see the Standard DSCP Values table.

Example

This example shows how to classify traffic by matching packets based on the DSCP value in the DiffServ field of the IP header:

switch# configure terminal
switch(config)# class-map type qos match-any class_dscp
switch(config-cmap-qos)# match  dscp af21, af32

Use the show class-map command to display the DSCP class-map configuration:

switch# show class-map class_dscp

Configuring Protocol Classification

You can classify traffic based on the IPv4 Protocol field or the IPv6 Next Header field in the IP header. The following table shows the protocol arguments:

Table 5. Protocol Arguments
Argument	Description
arp	Address Resolution Protocol (ARP)
clns_es	CLNS End Systems
clns_is	CLNS Intermediate System
dhcp	Dynamic Host Configuration (DHCP)
ldp	Label Distribution Protocol (LDP)
netbios	NetBIOS Extended User Interface (NetBEUI)

Procedure

	Command or Action	Purpose
Step 1	switch# configure terminal	Enters configuration mode.
Step 2	switch(config)# class-map type qos `class-name`	Creates a named object that represents a class of traffic. Class-map names can contain alphabetic, hyphen, or underscore characters, are case sensitive, and can be up to 40 characters.
Step 3	switch(config-cmap-qos)# match protocol {arp \| clns_es \| clns_is \| dhcp \| ldp \| netbios}	Configures the traffic class by matching packets based on the specified protocol.
Step 4	(Optional) switch(config-cmap-qos)# no match protocol {arp \| clns_es \| clns_is \| dhcp \| ldp \| netbios}	(Optional) Removes the match from the traffic class.

Example

This example shows how to classify traffic by matching packets based on the protocol field:

switch# configure terminal

switch(config)# class-map type qos class_protocol

switch(config-cmap-qos)# match protocol arp

Use the show class-map command to display the protocol class-map configuration:

switch# show class-map class_protocol

Configuring IP RTP Classification

The IP Real-time Transport Protocol (RTP) is a transport protocol for real-time applications that transmits data such as audio or video and is defined by RFC 3550. Although RTP does not use a common TCP or UDP port, you typically configure RTP to use ports 16384 to 32767. UDP communications use an even port and the next higher odd port is used for RTP Control Protocol (RTCP) communications.

When defining a match statement in a type qos class-map, to match with upper layer protocols and port ranges (UDP/TCP/RTP, etc.), the system cannot differentiate, for example, between UDP traffic and RTP traffic in the same port range. The system classifies both traffic types the same. For better results, you must engineer the QoS configurations to best match the traffic types present in the environment.

Procedure

	Command or Action	Purpose
Step 1	switch# configure terminal	Enters global configuration mode.
Step 2	switch(config)# class-map type qos `class-name`	Creates a named object that represents a class of traffic. Class-map names can contain alphabetic, hyphen, or underscore characters, are case sensitive, and can be up to 40 characters.
Step 3	switch(config-cmap-qos)# match ip rtp `port-number`	Configures the traffic class by matching packets based on a range of lower and upper UDP port numbers, which is likely to target applications using RTP. Values can range from 2000 to 65535.
Step 4	(Optional) switch(config-cmap-qos)# no match ip rtp `port-number`	(Optional) Removes the match from the traffic class.

Example

The following example shows how to classify traffic by matching packets based on UDP port ranges that are typically used by RTP applications:

switch# configure terminal
switch(config)# class-map type qos match-any class_rtp
switch(config-cmap-qos)# match  ip rtp 2000-2100, 4000-4100

Use the show class-map command to display the RTP class-map configuration:

switch# show class-map class_rtp

Configuring ACL Classification

You can classify traffic by matching packets based on an existing access control list (ACL). Traffic is classified by the criteria defined in the ACL. The permit and deny ACL keywords are ignored in the matching; even if a match criteria in the access-list has a deny action, it is still used for matching for this class.

Procedure

Command or Action

Purpose

Step 1

switch# configure terminal

Enters global configuration mode.

Step 2

switch(config)# class-map type qos class-name

Creates a named object that represents a class of traffic. Class-map names can contain alphabetic, hyphen, or underscore characters, are case sensitive, and can be up to 40 characters.

Step 3

switch(config-cmap-qos)# match access-group name acl-name

Configures a traffic class by matching packets based on the acl-name . The permit and deny ACL keywords are ignored in the matching.

Note

You can only define a single ACL in a class map.

You cannot add any other match criteria to a class with a match access-group defined.

Step 4

(Optional) switch(config-cmap-qos)# no match access-group name acl-name

(Optional)

Removes the match from the traffic class.

Example

This example shows how to classify traffic by matching packets based on existing ACLs:

switch# configure terminal

switch(config)# class-map type qos class_acl

switch(config-cmap-qos)# match access-group name acl-01

Use the show class-map command to display the ACL class-map configuration:

switch# show class-map class_acl

QoS ACL Per-Entry Statistics

Starting with Cisco NX-OS Release 7.2(0)N1(1), for ACLs associated with QoS Policy, statistics are shown per ACE.

Due to the way statistics and policers are attached to the TCAM entries, there are certain limitations to viewing the statistics:

Statistics per ACE in an ACL cannot be viewed if there is more than one ACE in the ACL and a policer is attached to the QoS policy.
The above limitation applies to qos-based matches as well (for example, match dscp value , match precedence value , and so on).
- Statistics cannot be viewed with match-all rules.
- Statistics can be viewed only with match-any.

Statistics per-ACE of ACL for QoS policies applied of FEX HIF ports will be shown only if policer is not present.

Example: Enabling QoS Policy Statistics

Statistics will be enabled if the user provides statistics per-entry in the ACL, which is used in QoS Policies.

Switch(config-acl)# show ip access-lists test_ACL1

IPV4 ACL test_ACL1
        statistics per-entry
        10 permit ip 10.10.10.1/24 20.2.2.2/24 ------>//Operation when a policer is attached//
        20 deny ip 40.4.4.4/24 any
        30 permit ip 30.3.3.3/24 11.11.11.1/24
Switch(config-acl)#
Switch(config-acl)# class-map type qos test_map
Switch(config-cmap-qos)# match access-group name test_ACL1
Switch(config-cmap-qos)# exit
Switch(config)# policy-map type qos test_pmap
Switch(config-pmap-qos)# class test_map
Switch(config-pmap-c-qos)# set qos-group 4
Switch(config-pmap-c-qos)# conf
Switch(config)# int e1/26
Switch(config-if)# service-policy type qos input test_pmap
Switch(config-if)# conf
Switch(config)# show ip access-lists test_ACL1

IPV4 ACL test_ACL1
        statistics per-entry
        10 permit ip 10.10.10.1/24 20.2.2.2/24 [match=0]--->//Operation with no policer attached or ACL having only one entry//
        20 deny ip 40.4.4.4/24 any [match=0]
        30 permit ip 30.3.3.3/24 11.11.11.1/24 [match=0]

Verifying the Classification Configuration

Use one of the following commands to verify the configuration:


Command	Purpose
show class-map	Displays the class maps defined on the switch.
show policy-map [`name`]	Displays the policy maps defined on the switch. Optionally, you can display the named policy only.
running-config ipqos	Displays information about the running configuration for QoS.
startup-config ipqos	Displays information about the startup configuration for QoS.

Bias-Free Language

Book Title

Cisco Nexus 5600 Series NX-OS Quality of Service Configuration Guide, Release 7.x

Chapter Title

Configuring Classification

Results

Chapter: Configuring Classification

Configuring Classification

Information About Classification

Ingress Classification Policies

Licensing Requirements for Classification

Configuring Class Maps

Procedure

Configuring CoS Classification

Procedure

Example

Configuring Precedence Classification

Procedure

Example

Configuring DSCP Classification

Procedure

Example

Configuring Protocol Classification

Procedure

Example

Configuring IP RTP Classification

Procedure

Example

Configuring ACL Classification

Procedure

Example

QoS ACL Per-Entry Statistics

Example: Enabling QoS Policy Statistics

Verifying the Classification Configuration

Was this Document Helpful?

Contact Cisco