An overview of JunOS Quality of Service (QoS / CoS) configuration
JunOS QoS configuration is flexible, albeit a lilliputian tricky to understand. It has a few telephone substitution components which I shall listing too and so explain. There's other less mutual things which are possible, I volition non essay out to explicate these here. This is largely based unopen to SRX devices but it should hold out generally applicable to other devices such every bit EX, MX too J Series:
Key Components
- Interface Egress Queues – When a physical interface tries to shipping to a greater extent than traffic than its bandwidth permits, packets are queued inwards 1 of a few dissimilar numbered queues
- Interface Bandwidth Definition – You should manually define the bandwidth of an interface if it is lower than the delineate of piece of occupation speed. For example, a 1gbit interface connected to a 200mbit fibre ethernet delineate of piece of occupation needs to hold out defined every bit existence 200mbit else it volition assume 1gbit too QoS volition non work
- Forwarding Classes – These effectively assign a mention to a numbered queue, for example assured-forwarding
- Assignment of traffic to a forwarding class – This tin hold out done inwards a number of ways:
- Classifiers – These discovery DSCP, Inet Precedence or other marking types to assign ingress traffic to forwarding classes
- Firewall Rules – Ingress traffic tin hold out matched alongside firewall rules too assigned to forwarding classes
- Drop Profiles – Influenza A virus subtype H5N1 drib profile defines the probability of packets existence dropped when a queue reaches a certainly size
- Schedulers – These define how differently queued egress traffic is prioritized
- Scheduler Maps – These link forwarding classes to schedulers
Interface Egress Queues
When a physical interface tries to shipping to a greater extent than traffic than its bandwidth permits, packets are queued inwards 1 of a few dissimilar numbered queues. You tin come across queues inwards the "extensive" interface output.
- root@edge> demonstrate interfaces pt-1/0/0 extensive
- Physical interface: pt-1/0/0, Enabled, Physical link is Up
- Egress queues: 8 supported, four inwards use
- Queue counters: Queued packets Transmitted packets Dropped packets
- 0 best-effort 1024518 1024201 317
- 1 expedited-fo 607 607 0
- 2 assured-forw 7775 7775 0
- iii network-cont 7948 7948 0
You tin come across a few things here:
- 8 queues are supported but alone four are inwards use
- Queues direct maintain been assigned named forwarding classes
- The number of packets that direct maintain passed through each queue
- The number of packets which direct maintain been dropped from each queue
Interface Bandwidth Definition
If your egress interface has less bandwidth than the actual interface speed, for instance you lot direct maintain 1gbit interface connected to a 200mbit Ethernet circuit, you lot necessitate to specify the bandwidth of the Interface. The configuration for this is every bit follows:
- interfaces {
- reth1 {
- description "Internet Connection";
- unit of measurement 0 {
- /* This is the available bandwidth of this connection, minus 10% */
- bandwidth 90m;
- }
- }
- }
It is suggested that you lot fix the bandwidth to nigh 90% of the internet service provider stated speed. E.g. for a "200mbit fibre ethernet line", fix it to 180m. Setting it every bit good depression isn't going to constabulary your speed – you lot volition withal larn maximum throughput. Setting it every bit good high volition essay out to allocate every bit good high a minimum bandwidth to each queue too you'll showtime to sense issues.
Forwarding Classes
A forwarding flat is mapped to a numbered queue. Traffic is assigned to forwarding classes too hence into the right queues. JunOS comes alongside a default configuration which is suitable for many implementations – for instance VOIP prioritization on a pocket-size to medium sized component network.
- root@edge> demonstrate class-of-service forwarding-class
- Forwarding flat ID Queue Policing priority SPU priority
- best-effort 0 0 normal low
- expedited-forwarding 1 1 normal low
- assured-forwarding 2 2 normal low
- network-control iii iii normal low
If you lot desire to configure more, you lot tin consult the Juniper documentation.
Assignment of Traffic to a Forwarding Class
This tin hold out done inwards a number of ways. Here I shall embrace 2 dissimilar ways:
Classifiers
These discovery DSCP, Inet Precedence or other marking types to assign ingress traffic to forwarding classes. JunOS comes alongside a default classifier for each type of classification (DSCP, MPLS, Inet Precedence, etc.). On a somebody network which you lot control, this is my preferred means of doing it. You should grade the packets every bit unopen to the source every bit possible. VOIP phones volition unremarkably grade packets themselves. Other materials may necessitate to hold out marked on switches or other routers.
Here's a (very) brusk excerpt of the default DSCP classifier on a branch SRX:
- root@edge> demonstrate class-of-service classifier type dscp
- Classifier: dscp-default, Code betoken type: dscp, Index: 7
- Code betoken Forwarding flat Loss priority
- 000000 best-effort low
- 001010 assured-forwarding low
- 101110 expedited-forwarding low
- 101111 best-effort low
- 110000 network-control low
Have a await at the default too come across how it suits you. You may desire to tweak it a little. You tin extend default classes too modify alone a few things, without the necessitate to redefine the whole lot. For VOIP, you lot may desire to assign AF31 (011010) to assured-forwarding. You also necessitate to assign the classifier to your ingress interface inwards gild to form the traffic every bit it comes in. Here's how you lot practise that:
- class-of-service {
- classifiers {
- dscp voip {
- import default;
- forwarding-class assured-forwarding {
- /* Default classfier is ok, except nosotros also necessitate AF31 */
- loss-priority depression code-points 011010;
- }
- }
- }
- interfaces {
- /* This is the interface(s) behind which VOIP phones reside */
- reth2 {
- unit of measurement * {
- classifiers {
- dscp voip;
- }
- }
- }
- }
- }
We "import" the default DSCP classifier too precisely assign the AF31 codepoint to the assured-forwarding class.
Firewall Rules
You tin purpose firewall rules to form traffic into a forwarding class. The below instance shows how to form SIP traffic into the assured-forwarding class:
- firewall {
- household unit of measurement inet {
- filter VOICE {
- term SIP {
- from {
- protocol udp;
- source-port 5060;
- destination-port 5060;
- }
- too so {
- forwarding-class assured-forwarding;
- accept;
- }
- }
- term ALL {
- too so accept;
- }
- }
- }
- }
- interfaces {
- interface fe-0/0/7 {
- unit of measurement 0 {
- household unit of measurement inet {
- filter {
- input VOICE;
- }
- address 1.2.3.4/24;
- }
- }
- }
- }
Drop Profiles
A drib profile defines the probability of packets existence dropped when a queue reaches a certainly size. Here is an instance config:
- class-of-service {
- drop-profiles {
- low_drop {
- fill-level 95 drop-probability 0;
- fill-level 100 drop-probability 100;
- }
- med_drop {
- fill-level 75 drop-probability 0;
- fill-level 95 drop-probability 30;
- }
- high_drop {
- fill-level l drop-probability 0;
- fill-level 95 drop-probability 50;
- }
- }
- }
For each drib profile, you lot define a number of fill upward levels too drib probabilities. For instance inwards the high_drop profile above, when the queue becomes 95% full, 50% of packets volition hold out dropped.
Schedulers
Schedulers are the telephone substitution constituent inwards the whole setup. They are associated alongside forwarding classes too define how traffic inwards the given flat is treated alongside honour to other traffic. They define a few telephone substitution things:
- The minimum amount of bandwidth a flat is to hold out given
- The minimum amount of buffer that a flat is to hold out given
- The "priority" of that class, relative to other classes
- The drib profiles associated alongside each loss priority
It is of import to empathize how JunOS volition prioritize traffic based on these settings. This is documented here. The summary is:
A given queue is "in profile" if it has non exceeded its allocated minimum bandwidth. Traffic volition hold out sent from the highest priority queue which is "in profile".
Here is an instance scheduler configuration:
- class-of-service {
- schedulers {
- ef {
- transmit-rate percent 15;
- buffer-size percent 15;
- priority high;
- drop-profile-map loss-priority high protocol whatever drop-profile high_drop;
- drop-profile-map loss-priority medium-high protocol whatever drop-profile med_drop;
- drop-profile-map loss-priority medium-low protocol whatever drop-profile med_drop;
- drop-profile-map loss-priority depression protocol whatever drop-profile low_drop;
- }
- nc {
- transmit-rate percent 5;
- buffer-size percent 5;
- priority medium-high;
- drop-profile-map loss-priority high protocol whatever drop-profile high_drop;
- drop-profile-map loss-priority medium-high protocol whatever drop-profile med_drop;
- drop-profile-map loss-priority medium-low protocol whatever drop-profile med_drop;
- drop-profile-map loss-priority depression protocol whatever drop-profile low_drop;
- }
- hold out {
- transmit-rate {
- remainder;
- }
- buffer-size {
- remainder;
- }
- priority low;
- drop-profile-map loss-priority high protocol whatever drop-profile high_drop;
- drop-profile-map loss-priority medium-high protocol whatever drop-profile med_drop;
- drop-profile-map loss-priority medium-low protocol whatever drop-profile med_drop;
- drop-profile-map loss-priority depression protocol whatever drop-profile low_drop;
- }
- af {
- transmit-rate percent 50;
- buffer-size percent 50;
- priority medium-low;
- drop-profile-map loss-priority high protocol whatever drop-profile high_drop;
- drop-profile-map loss-priority medium-high protocol whatever drop-profile med_drop;
- drop-profile-map loss-priority medium-low protocol whatever drop-profile med_drop;
- drop-profile-map loss-priority depression protocol whatever drop-profile low_drop;
- }
- }
- }
This defines a few dissimilar schedulers – 1 for each forwarding class. You volition come across below how schedulers are associated alongside forwarding classes. My classes are prioritized inwards the gild ef, nc,. af, be. They are allocated a proportion of the interface's bandwidth. It is of import to depository fiscal establishment complaint that this is the minimum bandwidth. For example, if at that spot is alone best-effort (be) traffic, it volition larn the total interface bandwidth.
It is of import to tweak the percentages to reverberate your ain traffic. If, for example, you lot are a large telephone hollo upward pump inwards which VOIP makes upward 75% of your Internet traffic, too so 15% for EF is in all likelihood a lilliputian low.
Scheduler Maps
Scheduler maps associate forwarding classes alongside schedulers. You too so assign a scheduler map to an interface such that the schedulers are used for egress traffic on that interface. Below is a map that associates the four schedulers that I defined higher upward alongside the four default forwarding classes on an SRX. This map is assigned to each egress interface where the scheduler(s) should hold out used.
- class-of-service {
- scheduler-maps {
- normal {
- forwarding-class expedited-forwarding scheduler ef;
- forwarding-class assured-forwarding scheduler af;
- forwarding-class best-effort scheduler be;
- forwarding-class network-control scheduler nc;
- }
- }
- interfaces {
- /* This is your egress interface */
- reth1 {
- scheduler-map normal;
- }
- }
- }
Complete Configuration
A consummate configuration to correctly apply QoS to VOIP traffic, assuming phones volition fix AF31 for signalling (SIP) too EF for media (RTP):
- class-of-service {
- classifiers {
- dscp voip {
- import default;
- forwarding-class assured-forwarding {
- /* Default classfier is ok, except nosotros also necessitate AF31 */
- loss-priority depression code-points 011010;
- }
- }
- }
- drop-profiles {
- low_drop {
- fill-level 95 drop-probability 0;
- fill-level 100 drop-probability 100;
- }
- med_drop {
- fill-level 75 drop-probability 0;
- fill-level 95 drop-probability 30;
- }
- hig
