Taller Redes Emergentes

Características y
evolución de las redes
LAN y WAN para ofrecer
servicios de
Comunicación Unificada

Session ID
Presentation_ID © 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 1

Buenos Días a todos…!

Systems Engineer
Public Sector

arprieto@cisco.com

Session ID

The Elements of Unified
Communications
Voice Mail/ Web /Audio/ XML LDAP
Unified
Messaging
Video Phone
Services
Directory Applications
Conferencing

UC UC PSTN/IP
Media
Endpoints Resources
Processing Gateway UC Infrastructure
Agents
Gateway/ Comms
MTP Survivable Endpoints
GK
Remote
Xcode PSTN
Conf

Si

IP WAN
Si Branch Access
WAN Router Switch Branch
Access Distribution/
Aggregation
Campus
Switch Core Switch Router Network Infrastructure
Session ID

Network Infrastructure Agenda

 Building a Campus Network
 QoS in the Campus
 QoS in the WAN
 Qos in the Wireless LANs

Session ID

Systems Architecture

Bay Bridge: Golden Gate Bridge:
 Original cost in 1936: $1.1 billion  Original cost to in 1937:
(adjusted for today’s $) $446 million (adjusted for today’s $)
 Estimated cost to expand: $6.2
billion… and climbing

A Poorly Planned Architecture A Well Planned Architecture
Session ID

Building a Campus Network
Hierarchical Network Design
Without a Rock Solid Foundation the Rest Doesn’t Matter

• Offers hierarchy – each layer has specific
Access role
• Modular topology - building blocks
• Easy to grow, understand, and
Distribution troubleshoot Si Si

• Creates small fault domains – Clear
demarcations and isolation
• Promotes load balancing and redundancy
Core
• Promotes deterministic traffic patterns Si
Si
• Incorporates balance of both Layer 2 and
Layer 3 technology, leveraging the
strength of both
Distribution
• Utilizes Layer 3 Routing for load Si Si

balancing, fast convergence, scalability,
and control
Access • Sub second convergence possible
Building Block
Session ID

Building a Campus Network—The
Access Layer
Feature Rich Environment—Not Just About Connectivity
To Core

Si Si Distribution

Access

VLANS do not span access switches
 Aggregates network end-points  Catalyst® integrated security features
 Layer 2/Layer 3 feature rich environment; 802.1x, Port security, DHCP snooping,
convergence, HA, security, QoS, IP Dynamic ARP Insp, IP Source Guard, etc.
multicast, etc  Automatic phone discovery, conditional trust
 Intelligent network services: QoS, trust boundary, Power Over Ethernet, auxiliary
boundary, broadcast suppression, IGMP VLAN, etc.
snooping  Spanning tree toolkit: Portfast, UplinkFast,
 Intelligent network services: Rapid BackboneFast, LoopGuard, BPDUGuard,
PVST+, EIGRP, OSPF, DTP, PAgP, UDLD, BPDUFilter, RootGuard, etc.
Session ID etc.

Campus Network—Access Layer
Voice and Data VLANs
Phone VLAN = 110 PC VLAN = 10
(VVID) (PVID)

802.1Q encapsulation Native VLAN (PVID) No
with 802.1p Layer 2 Configuration Changes
CoS Needed on PC
 During initial CDP exchange phone is configured with a Voice
VLAN ID (VVID)
 Phone also supplied with QoS configuration via CDP TLV fields
 Quality—Separation of broadcast domains i.e. phones and PCs
are on separate subnets
 Security—Different network policies for different subnets; WORM
attacks can be contained to the PC VLANs.
Session ID

Distribution Layer
Policy, Convergence, QoS, and High Availability

Distribution
Si Si Si Si

Access

 Availability, load balancing, QoS and  EIGRP/ OSPF - Route summarization,
provisioning are the important passive interfaces to access layer, sub
considerations at this layer second convergence possible with timer
 Aggregates wiring closets (access adjustment, redundant path load sharing
layer) and uplinks to core  HSRP or GLBP to provide first hop
 Use Layer 3 switching in the redundancy, sub second convergence
distribution layer possible with timer adjustment
 Protects core from high density  Spanning tree features ( Only if needed ):
peering and problems in access layer Setting STP Root, Root Guard, Rapid
PVST+—Per VLAN 802.1w
Session ID

Core Layer
Scalability, High Availability, and Fast Convergence

Core

Distribution

Access

 Backbone for the network—connects network building blocks
 Performance and stability vs. complexity—less is more in the core
 Aggregation point for distribution layer
 Tune routing protocol timers for sub second convergence
 Separate core layer helps in scalability during future growth
Session ID
 Use hardware accelerated services only to maintain performance

Campus Design Best Practices
First Hop Redundancy
 Used to provide a resilient
default gateway/first hop 1st Hop Redundancy
address to end stations
 HSRP, VRRP, and GLBP Si Si Si Si Si Si

alternatives
 VRRP, HSRP and GLBP
provide millisecond timers Layer 3 Equal Layer 3 Equal
and excellent sub second Cost Link’s
Si Si
Cost Link’s
convergence performance
 VRRP if you need multi-
vendor interoperability Si Si Si Si

Si Si

 GLBP facilitates uplink load
balancing
 Preempt timers need to
WAN Data Center Internet
be tuned to avoid black-
holed traffic
Session ID

Campus Design—Routed Access Layer
 Tune CEF load balancing
 Match CatOS/IOS Ether-channel
settings and tune load balancing Si Si
Core

 Summarize routes
towards core
 Filter routes towards the access Distribution
 Disable Ether-channel Si
Layer 3
Si

unless needed P-t-P Link

 ―Set port host‖ on access
layer ports:
Disable Trunking
Disable Etherchannel Access
VLAN 20 Data VLAN 40 Data
Enable PortFast 10.1.20.0/24 10.1.40.0/24
VLAN 120 Voice VLAN 140 Voice
 RootGuard or BPDU-Guard 10.1.120.0/24 10.1.140.0/24

 Use security features
Session ID

Building a Campus Network
Summary

 Access layer Access
Rapid Per-VLAN Layer 2
spanning-tree
( PSVT +)
Rootguard
Portfast Distribution
Layer 3
UplinkFast
Server Farm
Layer 3 to the edge ?
Core
 Distribution Layer Layer 3
HSRP/GLBP with load
balancing
OSPF/EIGRP Distribution
configured for fast Layer 3
convergence
 Core Layer
Access
OSPF/EIGRP
configured for fast
Layer 2
convergence WAN Internet PSTN
http://www.cisco.com/en/US/netsol/ns656/networking_solutions_design_guidances_list.html#anchor2
Session ID


 QoS in the WAN
 QoS in the Wireless LANs

Session ID

Enabling QoS in the Campus
Traffic Profiles and Requirements

Voice Video-Conf Data

 Smooth  Bursty  Smooth/bursty
 Benign  Greedy  Benign/greedy
 Drop sensitive  Drop sensitive  Drop insensitive
 Delay sensitive  Delay sensitive  Delay insensitive
 UDP priority  UDP priority  TCP retransmits

Bandwidth per Call IP/VC has the Same Traffic patterns for
Depends on Codec, Requirements as VoIP, Data Vary Among
Sampling-Rate, but Has Radically Applications
and Layer 2 Media Different Traffic Patterns
(BW Varies Greatly)
 Latency ≤ 150 ms  Latency ≤ 150 ms Data Classes:
 Jitter ≤ 30 ms  Jitter ≤ 30 ms Mission-Critical Apps
 Loss ≤ 1%  Loss ≤ 1% Transactional/Interactive Apps
One-Way Requirements One-Way Requirements Bulk Data Apps
Best Effort Apps (Default)
Session ID

Why QoS in the Campus
Protect the Good and Punish the Bad

 QoS does more than just protect Voice and Video
 For "best-effort" traffic an implied "good faith" commitment that
there are at least some network resources available is assumed
 Need to identify and potentially punish out of profile traffic
(potential worms, DDOS, etc.)
 Scavenger class is an Internet-2 Draft Specification => CS1/CoS1
Access Distribution Core

Voice Voice

Data Data

Scavenger Scavenger

Session ID

Layer 2 Classification: 802.1p, CoS
TAG
Pream. SFD DA SA Type 4 Bytes PT Data FCS

Ethernet Frame
Three Bits Used for CoS
(802.1p User Priority)
PRI CFI VLAN ID 802.1Q/p
Header

CoS Application
 802.1p user priority field also 7 Reserved
called Class of Service (CoS) 6 Reserved
 Different types of traffic are 5 Voice Bearer
assigned different CoS values 4 Video Conferencing*
 CoS six and seven are 3 Call Signaling
reserved for network use
2 High Priority Data
1 Medium Priority Data
* Including Audio and Video
Session ID
0 Best Effort Data

Layer 3 Classification: IP Precedence, DSCP
Version ToS
Length Byte Len ID Offset TTL Proto FCS IP SA IP DA Data
IPv4 Packet

7 6 5 4 3 2 1 0
IP Precedence Unused Standard IPv4
DiffServ Code Point (DSCP) Flow Ctrl DiffServ Extensions

 IPv4: three most significant bits of ToS byte are called IP precedence—
other bits unused by IP precedence
 DiffServ: six most significant bits of ToS byte are called Diff Serv Code
Point (DSCP)—remaining two bits used for flow control
 DSCP is backward-compatible with IP precedence
 DSCP values correspond to Per Hop Behavior (PHB) designations
 RFC 2474 provides more information on DSCP; also, see appendix in this
presentation
Session ID

IP Precedence and DSCP Compatibility

Compatibility with current IP precedence usage (RFC 1812)
Differentiates probability of timely forwarding:
(xyz000) >= (abc000) if xyz > abc
(that is, if a packet has DSCP value of 011000, it has a greater
probability of timely forwarding than a packet with DSCP value of
001000)

Session ID

Per-Hop Behaviors

 DSCP selects PHB throughout the network:
Default PHB (FIFO, tail drop)
EF PHB
AF PHB
Class-selector PHB (IP precedence)

Session ID

EF PHB

EF PHB:
Ensures a minimum departure rate
Guarantees bandwidth—class guaranteed an amount of bandwidth
with prioritized forwarding
Polices bandwidth—class not allowed to exceed the guaranteed
amount (excess traffic is dropped)
DSCP value of 101110: Looks like IP precedence 5 to non-DiffServ-
compliant devices:
Bits 5 to 7: 101 = 5 (same 3 bits are used for IP precedence)
Bits 3 and 4: 11 = No drop probability
Bit 2: Just 0
Session ID

AF PHB

AF PHB:
Guarantees bandwidth
Allows access to extra bandwidth, if available
Four standard classes: AF1, AF2, AF3, and AF4
DSCP value range of aaadd0:
aaa is a binary value of the class
dd is drop probability

Session ID

AF PHB (Cont.)

Each AF class uses three DSCP values.
Each AF class is independently forwarded with its guaranteed
bandwidth.
Congestion avoidance is used within each class to prevent
congestion within the class.
Session ID

DSCP Summary

Session ID

Classification and Marking Cisco Marking
Recommendations
L3 Classification L2
Application
IPP PHB DSCP CoS
Routing 6 CS6 48 6
Voice 5 EF 46 5
Video Conferencing 4 AF41 34 4
Streaming Video 4 CS4 32 4
Mission-Critical Data 3 AF31* 26 3
Call Signaling 3 CS3* 24 3

Transactional Data 2 AF21 18 2

Network Management 2 CS2 16 2
Bulk Data 1 AF11 10 1
Scavenger 1 CS1 8 1

Session ID Best Effort 0 0 0 0

Congestion Scenario: TCP Traffic Burst + VoIP

Core Instantaneous
Typical 4:1
Si Si Interface
Data Over- Congestion
Subscription
Distribution
Si Si

Typical 20:1
Data Over-
Subscription Access

= Data
= Voice

Session ID

Congestion Scenario: Data + VoIP

IP Phone
Enclosure Phone

Voice Integrated
Max. 80 Kbps 3-Port Switch
P0
P P2 P1

Access
Switch Data
PC
Max. 100 Mbps
Potential
Congestion Points

During Data Traffic Bursts, Buffers Can Become
Congested, Causing Voice Packets to Be Dropped
Session ID

Scheduling in IP Phones
IP Phone Enclosure P1 Untrusted:
P Trusted: Phone Switch
Phone Rewrites CoS = 0
Switch Accepts
incoming CoS Voice
CoS = 5 CoS = 5
P0
P P2 P1

Access Data
CoS = 0
Switch Priority Q
PC
Data Qs

 Voice media traffic is marked with CoS 5/ DSCP EF (high priority)
 Data traffic from the PC is remarked with CoS 0 (low priority) by
the IP phone switch; this occurs if PC tags frames as 802.1p/Q;
phone switch transparent if PC frames untagged

Session ID

Campus QoS Considerations
Establishing Trust Boundaries
Endpoints Access Distribution Core WAN Aggregators

1 Si Si

2
Si
3 Si

Trust Boundary

For scalability, classification should be done as close to the edge as possible
The outermost trusted devices represent the trust boundary

1 Optimal Trust Boundary: Trusted Endpoint
A device is trusted if it correctly classifies packets

2 Optimal Trust Boundary: Untrusted Endpoint

3 Suboptimal Trust Boundary
Only use if access switch cannot perform classification
Session ID


 QoS in the WAN

Session ID

Enabling QoS in the WAN
Factors That Negatively Affect Packet-Based
Voice/Video

Delay
Loss Delay Variation
(Jitter)

Session ID

Types of Delay

Processing Delay: The time it takes for a router to take the packet from an input interface, examine it,
and put it into the output queue of the output interface
Queuing Delay: The time a packet resides in the output queue of a router
Serialization Delay: The time it takes to place the ―bits on the wire‖
Propagation Delay: The time it takes to transmit a packet

Session ID

Processing and Queuing Delay

Processing Delay: The time it takes for a router to take the packet from an input interface, examine it,
and put it into the output queue of the output interface
Queuing Delay: The time a packets resides in the output queue of a router
Serialization Delay: The time it takes to place the ―bits on the wire‖
Propagation Delay: The time it takes to transmit a packet

Session ID

Ways to Reduce Delay

Upgrade the link; the best solution but also the most expensive.
Forward the important packets first.
Compress the payload of Layer 2 frames (it takes time).
Compress IP packet headers.
Session ID

Packet Loss

Tail drops occur when the output queue is full. These are common drops, which
happen when a link is congested.
Many other types of drops exist, usually the result of router congestion, that are
uncommon and may require a hardware upgrade (input drop, ignore, overrun,
frame errors).
Session ID

Ways to Prevent Packet Loss

Upgrade the link; the best solution but also the most expensive.
Guarantee enough bandwidth to sensitive packets.
Prevent congestion by randomly dropping less important packets before
congestion occurs.
Session ID

Traffic Policing and Shaping Overview

These mechanisms must classify packets before policing or shaping the
traffic rate.
Traffic policing typically drops or marks excess traffic to stay within a
traffic rate limit.
Traffic shaping queues excess packets to stay within the desired traffic
rate.
Session ID

Policing vs. Shaping

• Incoming and outgoing directions. • Outgoing direction only.
• Out-of-profile packets are dropped. • Out-of-profile packets are queued until
• Dropping causes TCP retransmits. a buffer gets full.
• Policing supports packet marking or • Buffering minimizes TCP retransmits.
re-marking. • Marking or re-marking not supported.
• Shaping supports interaction with
Frame Relay congestion indication.

Session ID

Link Fragmentation and Interleaving (LFI)

Fragment-Size Recommendations
Fragmentation
Size Matrix
Serialization Delay Matrix (Based on 10-msec Delay)

64 128 256 512 1024 1500 PVC Frag
Bytes Bytes Bytes Bytes Bytes Bytes Speed Size

56 kbps 9 ms 18 ms 36 ms 72 ms 144 ms 214 ms 56 kbps 70 Bytes



640 768 kbps 1000 Bytes

X
768 kbps 1.2 ms 2.6 ms 5 ms 10 ms 15 ms
Used 1536 kbps 2000 Bytes

Session ID

Scheduling in the WAN

PQ Packets Do not Go Through Fragmentation:
on Low-Link Speeds, You Cannot put Large
(i.e., Video) Packets in the PQ with Voice Packets
Therefore video traffic not recommended for link
speeds <768kbps

Low Latency Queuing Link Fragmentation
Police and Interleave
Voice
Video PQ

TX
Interleave Ring
Signaling
Packets Packets
In Out
Critical Data CBWFQ Fragment

WFQ Best Effort

Session ID
Presentation_ID
Layer 3 Queuing Subsystem
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Layer 2 Queuing Subsystem 42

How Many Classes of Service Do I Need?
Expanding the Number of Classes of Service over Time

4/5 Class Model 8 Class Model 11 Class Model

Voice Voice
Realtime Interactive-Video
Video Streaming Video
Call Signaling Call Signaling Call Signaling
IP Routing
Network Control
Network Management
Critical Data Mission-Critical Data
Critical Data
Transactional Data
Bulk Data Bulk Data

Best Effort Best Effort Best Effort

Scavenger Scavenger Scavenger
Time
Session ID

Provisioning Bandwidth with Compressed RTP (cRTP)
VoIP Packet
Voice RTP UDP Link
IP Header
Payload Header Header Header
X Bytes 12 Bytes 8 Bytes 20 Bytes X Bytes

 Compresses RTP + UDP + IP
headers (40 bytes) down to cRTP
2–4 bytes Header
~2-4 Bytes
 Enabled on a per-link basis
ATM
PPP Frame-Relay
Codec 53 Bytes Cells with
6 Bytes of Header 4 Bytes of Header
a 48-Byte Payload
G.711 at 50 pps 68 kbps 85 kbps 67 kbps
G.711 at 33 pps 66 kbps 84 kbps 65.5 kbps
G.729A at 50 pps 12 kbps 21.2 kbps 11.2 kbps
G.729A at 33 pps 10.5 kbps 14 kbps 10 kbps

Session ID

A Day in the Life of a VoIP Packet: Without cRTP

Assumption:
G.729, 20-ms Sample Payload
(20)
Payload = 20 Bytes

Frame
Relay

Packet 78 78
Size (Bytes)
64
60 Enet (14) Enet (14) 60
802.1Q (4) F/R (4) 802.1Q (4)
IP (20) IP (20) IP (20) IP (20) IP (20)
20 UDP (8) UDP (8) UDP (8) UDP (8) UDP (8) 20
RTP (12) RTP (12) RTP (12) RTP (12) RTP (12)
Payload Payload Payload Payload Payload Payload Payload
(20) (20) (20) (20) (20) (20) (20)

Session ID

A Day in the Life of a VoIP Packet: With cRTP

Assumption:
Payload cRTP Is not Free!
G.729, 20-ms Sample Watch for CPU on
(20)
Payload = 20 Bytes WAN Edge Routers!!!

Frame
Relay

Packet 78 cRTP Is 78
Size (Bytes) Point to
Enet (14) Point Enet (14) 60
60
802.1Q (4) 28 802.1Q (4)
IP (20) IP (20) IP (20) IP (20)
20 UDP (8) UDP (8) UDP (8) UDP (8) 20
F/R (4)
RTP (12) RTP (12) cRTP (4)
RTP (12) RTP (12)
Payload Payload Payload Payload Payload Payload Payload
(20) (20) (20) (20) (20) (20) (20)
Session ID


 QoS in the WAN

Session ID

WLAN and LAN

 Wireless LAN (WLAN) as an extension to wired LAN

Session ID

WLAN QoS Queuing Overview

Session ID

WLAN QoS RF Backoff Timing

Session ID

WLAN QoS Queuing Overview

Session ID

What We Have Built So Far

Si

IP WAN
Si Branch Access
WAN Router Switch Branch
Access Distribution/
Aggregation
Campus
Switch Core Switch Router Network Infrastructure
Session ID

Session ID

Taller Redes Emergentes

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (18)

Semelhante a Taller Redes Emergentes

Semelhante a Taller Redes Emergentes (20)

Mais de Mundo Contact

Mais de Mundo Contact (20)

Último

Último (20)

Taller Redes Emergentes