Quality of Service (QoS) forwarding per-hop behavior encompasses several mechanisms that network devices use to manage traffic at each router or switch along a path.
**Classification** is the first step where traffic is identified and categorized based on various criteria such as IP addresses, por…Quality of Service (QoS) forwarding per-hop behavior encompasses several mechanisms that network devices use to manage traffic at each router or switch along a path.
**Classification** is the first step where traffic is identified and categorized based on various criteria such as IP addresses, port numbers, protocols, or DSCP values. This process examines packet headers to determine which QoS policy should be applied to each flow.
**Marking** involves setting specific values in packet headers to indicate their priority level. Common marking fields include the IP Precedence (3 bits), DSCP (6 bits) in the IP header, and CoS (3 bits) in the 802.1Q Ethernet frame. Marking allows downstream devices to quickly identify traffic priority.
**Queuing** refers to how packets are stored and scheduled for transmission. Different queuing mechanisms like Priority Queuing (PQ), Weighted Fair Queuing (WFQ), and Class-Based Weighted Fair Queuing (CBWFQ) determine the order in which packets are processed. Low Latency Queuing (LLQ) provides strict priority for delay-sensitive traffic like voice.
**Congestion Management** occurs when network interfaces become overwhelmed. Techniques like Weighted Random Early Detection (WRED) proactively drop packets before queues fill completely, preventing tail drops and TCP synchronization issues.
**Policing** enforces traffic rate limits by measuring traffic against configured thresholds. When traffic exceeds the committed rate, excess packets can be dropped or re-marked to a lower priority. Policing does not buffer traffic and is typically applied at ingress interfaces.
**Shaping** smooths traffic output by buffering excess packets rather than dropping them. Traffic is delayed in queues and transmitted at a consistent rate, conforming to configured bandwidth limits. Shaping is commonly used at egress interfaces when connecting to slower WAN links.
Together, these mechanisms ensure critical applications receive appropriate bandwidth and latency treatment across the network.
QoS Per-Hop Behavior (PHB) - Complete CCNA Guide
Why QoS Per-Hop Behavior is Important
In modern networks, different types of traffic have different requirements. Voice calls need low latency, video streaming needs consistent bandwidth, and file downloads can tolerate delays. QoS Per-Hop Behavior ensures that each network device (hop) treats packets appropriately based on their priority and requirements. This prevents critical applications from suffering performance degradation when the network is congested.
What is Per-Hop Behavior?
Per-Hop Behavior (PHB) refers to the specific treatment a packet receives at each router or switch along its path. PHB is defined by how devices handle packets marked with particular DSCP (Differentiated Services Code Point) values. The main PHB types are:
• Default PHB (Best Effort) - Standard treatment with no special handling • Expedited Forwarding (EF) - Low latency, low jitter for voice traffic • Assured Forwarding (AF) - Four classes with three drop probabilities each • Class Selector (CS) - Backward compatible with IP Precedence
How QoS Mechanisms Work
1. Classification Classification identifies traffic types by examining packet headers, port numbers, protocols, or access lists. This is the first step where traffic is categorized into different classes. Examples include identifying VoIP traffic on UDP ports 16384-32767 or HTTP traffic on port 80.
2. Marking Marking modifies packet headers to indicate priority. Layer 2 marking uses CoS (Class of Service) in 802.1Q frames (3 bits, values 0-7). Layer 3 marking uses DSCP in the IP header (6 bits, values 0-63). Marking should occur as close to the source as possible, at the trust boundary.
3. Queuing Queuing places packets into different queues based on their markings. Common queuing methods include: • FIFO - First In, First Out (no prioritization) • Priority Queuing (PQ) - Strict priority for certain traffic • Weighted Fair Queuing (WFQ) - Bandwidth shared based on weights • Class-Based Weighted Fair Queuing (CBWFQ) - Customizable bandwidth allocation • Low Latency Queuing (LLQ) - CBWFQ with a priority queue for voice
4. Congestion Management When queues fill up, congestion management determines which packets to drop. Tail Drop drops all new packets when the queue is full, which can cause TCP synchronization issues. Weighted Random Early Detection (WRED) proactively drops packets before queues are full, based on priority markings, preventing global synchronization.
5. Policing Policing enforces traffic rate limits by measuring traffic against a configured rate. Excess traffic is either dropped or re-marked to a lower priority. Policing is typically applied at network edges to enforce Service Level Agreements (SLAs). It does not buffer traffic and can cause packet loss during bursts.
6. Shaping Shaping buffers excess traffic instead of dropping it, smoothing traffic bursts to conform to a specified rate. This delays packets rather than dropping them, making it suitable for applications sensitive to packet loss. Shaping is commonly used on WAN interfaces to match provider speeds.
Key Differences: Policing vs. Shaping
• Policing: Drops or re-marks excess traffic, no buffering, causes jitter, used inbound or outbound • Shaping: Buffers excess traffic, adds delay, smoother output, used outbound only
2. Trust boundaries: Mark traffic at the access layer where it enters the network. Untrusted devices should have their markings overwritten.
3. DSCP values to memorize: • EF = 46 (voice) • AF classes: AF11-AF43 (first digit = class, second = drop probability) • CS values: CS0-CS7 (multiply by 8 for DSCP value)
4. LLQ is the answer for voice: When asked about the best queuing method for voice traffic, LLQ (Low Latency Queuing) is typically correct because it provides a strict priority queue.
5. WRED prevents TCP synchronization: If a question mentions preventing global TCP synchronization or proactive congestion management, WRED is the answer.
6. Policing vs. Shaping scenarios: • Service provider enforcing customer rates = Policing • Matching traffic rate to a slower WAN link = Shaping • Inbound rate limiting = Policing (shaping cannot be applied inbound)
7. CoS vs. DSCP: CoS operates at Layer 2 (requires 802.1Q), DSCP operates at Layer 3. DSCP survives routing between networks; CoS does not.
8. Watch for keywords: • 'Buffer' or 'delay' suggests shaping • 'Drop' or 're-mark' suggests policing • 'Real-time' or 'latency-sensitive' suggests priority queuing or EF marking