DiffServ is defined by the RFCs listed in Table 2-11.
Table 2-11 DiffServ RFCs
RFC Title Comments
2474 Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers
Contains the details of the 6-bit DSCP field in IP header.
2475 An Architecture for Differentiated Service This is the core DiffServ conceptual document.
2597 Assured Forwarding PHB Group Defines a set of 12 DSCP values and a convention for their use.
The RFCs introduce many new terms. Table 2-12 lists the terms and their definitions. This table provides a reference for study for the Cisco QoS exams; the rest of this section relates the terms to some network diagrams.
2598 An Expedited Forwarding PHB Defines a single DSCP value as a convention for use as a low-latency class.
3260 New Terminology and Clarifications for DiffServ
Clarifies, but does not supercede, existing DiffServ RFCs.
Table 2-12 DiffServ Terminology and Their Definitions
Term Definition
Behavior aggregate (BA) A DS behavior aggregate.
BA classifier A classifier that selects packets based only on the contents of the DS field.
Classifier An entity that selects packets based on the content of packet headers according to defined rules.
DS behavior aggregate A collection of packets with the same DS code point crossing a link in a particular direction.
DS boundary node A DS node that connects one DS domain to a node either in another DS domain or in a domain that is not DS capable.
DS code point A specific value of the DSCP portion of the DS field, used to select a PHB.
DS compliant Enabled to support differentiated services functions and behaviors as defined in [DSFIELD], this document, and other differentiated services documents; usually used in reference to a node or device.
DS ingress node A DS boundary node in its role in handling traffic as it enters a DS domain.
DS field The IPv4 header ToS octet or the IPv6 traffic class octet when interpreted in conformance with the definition given in [DSFIELD]. The bits of the DSCP field encode the DS code point, whereas the remaining bits are currently unused.
Dropper A device that performs dropping.
Marker A device that performs marking.
Meter A device that performs metering.
continues Table 2-11 DiffServ RFCs (Continued)
RFC Title Comments
DiffServ terminology overwhelms most people when first learning the architecture. Not all the DiffServ terms are even listed in the table. In fact, I wouldn’t be surprised if you are already wondering which of these terms you really need to know when using QoS and which of these terms you need to know for the Cisco QoS exams. Neither of the exams covered by this book focus on DiffServ as an end to itself. If you glance over the table, and read this section, you should become familiar enough with the terms to do well on those questions on the exams.
The rest of this section explores some examples of usage of DiffServ terminology. The first two terms are “behavior aggregate” and “per-hop behavior.” If you read the previous section about the fictitious “GOCS model” for QoS, you already know the concepts behind the terms.
Figure 2-14 shows the terms in a figure that is a duplicate of Figure 2-12.
MF classifier A multifield (MF) classifier that selects packets based on the content of some arbitrary number of header fields; typically some combination of source address, destination address, DS field, protocol ID, source port and destination port.
Per-hop behavior (PHB) The externally observable forwarding behavior applied at a DS-compliant node to a DS BA.
Policing The process of discarding packets (by a dropper) within a traffic stream in accordance with the state of a corresponding meter enforcing a traffic profile.
Re-mark To change the DS code point of a packet, usually performed by a marker in accordance with a TCA.
Shaper A device that performs shaping.
Traffic conditioner An entity that performs traffic-conditioning functions and which may contain meters, markers, droppers, and shapers. Traffic conditioners are typically deployed in DS boundary nodes only. A traffic conditioner may re-mark a traffic stream or may discard or shape packets to alter the temporal characteristics of the stream and bring it into compliance with a traffic profile.
Table 2-12 contains material reprinted from RFC 2475.
Table 2-12 DiffServ Terminology and Their Definitions (Continued)
Term Definition
Figure 2-14 Behavior Aggregates and Per-Hop Behavior
Consider the flow of packets from left to right in this network. The following list numbers correspond to the steps in the figure:
1 The packets are classified or categorized by matching fields in the header. For instance, packets with Server1’s destination IP address, and destination port 80, would be in the first class. The process of classifying the packets is performed by the DS classifier, MF classi-fier, or just classifier. The classifier marks the DSCP field inside the IP header; DSCP is a
R1
-The BA Classifier identifies BAs by looking at the DSCP field -Routers apply PHBs to each BA
-Good QoS design typically implies same BAs throughout network -PHBs may be different on each router and for each BA
X Y Z Mark
-DS Classifier recognizes BAs by a detailed examination of packet headers - DS Marker sets DSCP fields based on which BA it is a part of
- Best performed near the source
1
2 3
4
?
Dropped
DSCP = AF11: Behavior Aggregate of Flows to Web Server DSCP = AF21: Behavior Aggregate of Flows to Server1 FTP Server DSCP = AF31: Behavior Aggregate of Lots of VoIP Payload Flows DSCP = AF41: Behavior Aggregate of VoIP Signaling Traffic
Classify
Queue Drop
Shape
6-bit field inside the DS field (byte) inside the IP header. Classification and marking are considered to be two different steps—the DiffServ marker actually performs the process of marking the packets. DiffServ defines each class or category of packets as a BA.
2 Router R1 determines which packets are part of which BA by using a BA classifier. A BA classifier only examines the DSCP field, so technically it differs from an MF classifier, as described in step 1, because the MF classifier can look at many fields besides the DSCP field. When R1 decides to apply a QoS tool to a BA (for example, queuing), the action is called a per-hop behavior. The term PHB makes sense to most people, particularly if you think of it as a per-hop QoS behavior.
3 Router R2 performs the same types of tasks as R1; these tasks are described with the same terms as in step 2. Also note that the PHBs can be, and often are, different on one router to the next. In this case, R2 may want to use a shaping PHB—DiffServ would call the shaping tool a shaper—but because all implemented shaping tools need to calculate the rate at which packets are sent, DiffServ would consider both a meter and shaper to be used.
4 Likewise, no new terminology is required to describe step 4, as compared with the two preceding steps. However, the terms “AF11,” “AF21,” “AF31,” and “AF41” have not yet been defined. DiffServ defines several suggested values to be used in the DSCP field. Most installations do not need all 64 values possible in DSCP. The next section in this chapter covers the details, but in this case, AF11, AF21, AF31, and AF41 represent different DSCP values.
DiffServ models good QoS design specifically to support Internet-scale QoS. Reading through the RFCs, you will notice that DiffServ focuses on issues between different networks. Figure 2-15 shows the same two enterprise networks and the same two ISPs shown in Figure 2-13 in the GOCS section of this chapter. The figure shows examples of several of the DiffServ terms that relate to interconnecting networks.
Figure 2-15 DiffServ Domains, Regions, and Nodes
McCoy Ordinance, Inc.
Hatfield Gunsmiths
ISP1 ISP2
DS Domain
DS Region
DS Ingress Boundary Node DS Egress Boundary Node DS Interior Node
Direction of Flow of Packets in This Example R1
R3 R2
DS Domain DS Domain DS Domain
The terms in this figure only apply in cases where multiple organizations’ networks are inter-connected. The entire figure comprises one DS region, which includes connected networks that are providing differentiated services. Each individual network, typically an autonomous sys-tem, is a single DiffServ domain.
The remaining terms in the figure relate to the particular direction of flow of the packets. In this figure, packets flow left to right. Therefore, R1 is a DS ingress boundary node, because it is on the boundary between two domains, and packets in the flows shown first enter the DS domain through R1. Similarly, R2 is a DS egress boundary node. R3 is a DS interior node, because it is not on the boundary of the network. Ingress and egress DS boundary nodes typically perform reclassification and re-marking work.
DiffServ formalizes the same general goals and concepts described in the GOCS section earlier in this chapter, but it goes beyond those basic concepts. The next two sections examine two additional important aspects of DiffServ more closely, namely the DSCP field and the different types of PHBs. As described so far, DiffServ operation can be summarized as follows:
1 Good planning must be performed to define the BAs needed for a network.
2 To mark packets to signify what BA they belong to, DiffServ suggests using MF classifiers, which can look at all fields in the packet header.
3 The classifier should be used near the ingress point of the network to assign unique DSCP values to packets inside each BA.
4 After marking has occurred, interior DS nodes use BA classifiers. BA classifiers only look at the DSCP field. When the BA is identified, that node’s PHBs can take action on that packet.
5 The ingress DS boundary node in a neighboring downstream DS domain network may not trust the neighboring upstream DS domain at all, requiring an MF classifier and marker at the DS ingress boundary node to reclassify and re-mark all traffic.
6 If the ingress DS boundary node trusts the neighboring DS domain, but the domains use different DSCP values for the same BA, a BA classifier function can be used to reclassify and re-mark the ingress traffic.