MPLS and Quality of Service

Cisco Press

1 2 3 4 Page 3
Page 3 of 4

For the Pipe model, make sure that the egress LSR forwards the packets based on the LSP DiffServ information. That means you can either use the explicit NULL label in order to avoid PHP; or, if you do use the implicit NULL label, use qos-group on the penultimate LSR to copy the EXP bits of the incoming label to the exposed label after the pop operation. This is needed when the EXP bits were changed somewhere upstream. In the case of plain IP-over-MPLS, there is only one label in the label stack, and therefore you must avoid PHP.

For the Short Pipe model, the egress LSR forwards the packet based on the Tunneled DiffServ information. In that case, you can use implicit NULL, because the egress LSR no longer needs the LSP DiffServ information to forward the packet.

Recoloring the Packet

The MPLS network can encounter congestion, so the operator might want to recolor some packets. This recoloring means the router configuration is used to change the LSP DiffServ information of the packet on any LSR. In effect, the top label gets a new value for the EXP bits. This is allowed, but make sure that this change in QoS is propagated when a label is popped off. A label is popped off when using implicit NULL for PHP. PHP does not happen only at the egress LSR of the MPLS network. A label can also be popped at the tail LSR of a TE tunnel, which is not necessarily the egress LSR of the MPLS network. In the case of popping a label at an LSR, you can configure qos-group to propagate the QoS information. You need to do this for all three models if the pop operation is on an intermediate LSR.

In addition, for the Uniform model, make sure that at the egress LSR, you copy the QoS information to the labeled or IP packet that is leaving the egress LSR.

Figures 12-11 and 12-12 show examples of a packet being recolored on a P router in an MPLS VPN network.

Figure 12-11

Figure 12-11

Recoloring a Packet in an MPLS VPN Network for the Pipe and Short Pipe Models

Figure 12-12

Figure 12-12

Recoloring a Packet in an MPLS VPN Network for the Uniform Model

The Uniform model needs extra configuration on the egress PE. The EXP bits of the top label of the received packet must be propagated to the IP precedence or DSCP bits. You can accomplish this by configuring qos-group on the egress PE.

Table 12-4 shows an overview of the three Tunneling models regarding the label operation for plain IP-over-MPLS, MPLS traffic engineering, and MPLS VPN. Consider these three cases:

  • IP-to-Label—The packet is received as an IP packet and forwarded labeled (ingress PE).

  • Label-to-Label—The packet is received labeled and forwarded labeled (P router).

  • Label-to-IP—The packet is received labeled and forwarded as an IP packet (egress PE).

Table 12-4 Overview of the Three Tunneling Models for Plain IP-over-MPLS, MPLS Traffic Engineering, and MPLS VPN

Tunneling ModelIP-to-LabelLabel-to-LabelLabel-to-IP
UniformCopy IP precedence/DiffServ to MPLS EXPMPLS EXP copiedCopy MPLS EXP to IP precedence/DiffServ
PipeMPLS EXP set according to service provider policyMPLS EXP copied

Preserve IP precedence/DiffServ

Forwarding treatment based on MPLS EXP
Short PipeMPLS EXP set according to service provider policyMPLS EXP copied

Preserve IP precedence/DiffServ

Forwarding treatment based on IP precedence/DiffServ

With plain IP-over-MPLS, MPLS traffic engineering, and MPLS VPN, the incoming packet is an IP packet. However, in the case of Carrier's Carrier (CsC) and Inter-Autonomous MPLS VPN, the incoming packet on the ingress LSR is already labeled. Then both the Tunneled and the LSP DiffServ information are MPLS EXP bits, but in different labels in the label stack. Thus, it is possible to have hierarchical levels of MPLS DiffServ tunnels.

MQC Commands for MPLS QoS

Cisco IOS lets you change the EXP bits to a new value or implement the behavior of copying the EXP bits to the exposed IP precedence/DSCP bits on the egress LSR. In Cisco IOS, you can use the Modular QoS Command Line Interface (MQC) or Committed Access Rate (CAR) for this. However, MQC is the newest implemented feature and the one with the most capabilities, so it is the only one mentioned here.

You can use two commands in MQC to change the EXP bits of labels. The following command sets the EXP bits in the topmost label:

set mpls experimental topmost value

You can use it in an input or an output service policy.

The next command sets the EXP bits in the pushed label(s):

set mpls experimental imposition value

You can use it only in an input service policy.

The value for both commands is between 0 and 7.

To make the impact of these two commands easier to understand, Figures 12-13, 12-14, 12-15, 12-16, and 12-17 show you the result of these commands when you apply them to the input or output interface of a router. The LSP is left to right, so the input interface is the left interface and the output interface is the right interface. The examples demonstrate the impact of the commands in terms of imposition, swapping labels, or disposition of labels. Pay close attention to when the EXP bits of a certain label change.

Figure 12-13

Figure 12-13

Set MPLS Experimental Commands with Imposition

Remember MPLS QoS Rule 2 for the imposition case.

Figure 12-14

Figure 12-14

Set MPLS Experimental Commands When Swapping Labels

Remember MPLS QoS Rule 2 for the swap case.

Figure 12-15

Figure 12-15

Set MPLS Experimental Commands with Disposition

Remember MPLS QoS Rule 3 in the case of pop.

Figure 12-16 shows an interesting use of the set MPLS experimental commands. You can use the commands on the incoming and outgoing interface at the same time. The top illustration shows you that this gives you an interesting possibility—namely, to recolor the EXP bits of the two labels to a different value. The incoming EXP bits are changed to four by the MQC command on the swapped and pushed labels is on the input interface, and the EXP bits are changed to five only on the top label on the output interface. The bottom illustration in Figure 12-16 is not a very useful one, because you can change the EXP bits by one command on the input or output interface. You do not need to have both commands here, except to show what happens if you do configure both. Clearly, the command on the input or the output interface suffices.

Figure 12-16

Figure 12-16

Set MPLS Experimental Commands on Input and Output Interfaces

Figure 12-17 shows the commands in the case of IP-to-Label imposition.

Figure 12-17

Figure 12-17

Set MPLS Experimental Commands with IP-to-Label Imposition

Remember MPLS QoS Rule 1 for the IP-to-Label case.

Moving MPLS QoS from the PE to the CE Router

These DiffServ Tunneling models are popular for MPLS VPN networks. However, the PE routers have some work to do, including running BGP, labeling packets, running LDP, running routing protocols over the virtual routing/forwarding (VRF) interfaces to the customer CE routers, and so on. If the MPLS VPN network also does one of the DiffServ models, the PE must have some MQC configuration. To make matters worse, the DiffServ models are configurable per interface—hence, per customer connecting to the MPLS VPN network. This considerably increases the needed amount of QoS configuration on the PE. One solution is to move the MPLS QoS to the CE routers. That means at a minimum that the CE routers will be the first routers encapsulating the IP packets with labels. You can use CsC for this. However, this entails running LDP between the PE and CE router—when the PE-CE routing protocol is an IGP, which is not always wanted.

If the only thing you need on the CE routers is to have the EXP bits conveying the MPLS QoS from CE to PE, you can use the explicit NULL label. A new interface command was invented to do just that: mpls ip encapsulate explicit-null. You need to configure this command on the interface of the CE router toward the PE. It encapsulates all IP packets, leaving the interface with one explicit NULL label. The PE router receives the explicit NULL-labeled packet on the VRF interface and forwards the packet in the normal manner into the MPLS network to the remote PE router. However, the PE router must have mpls ip configured on that VRF interface; otherwise, the explicit NULL-labeled packets are dropped. The PE router automatically copies the EXP bits from the incoming explicit NULL label to the EXP bits of all outgoing labels (without changing the precedence/DSCP of the IP packet). If you want to use MQC to implement one of the three DiffServ models, you can configure it now on the CE router. Thus, the QoS configuration per customer on the PE router is no longer needed. This greatly increases the scalability of the design. However, you do need to run newer Cisco IOS software (minimum 12.2[13]T) on the PE router so that the PE can automatically copy the EXP bits from the incoming explicit NULL label to the outgoing labels. If this is not possible, you can use the qos-group feature.

Figure 12-18 shows an example of using the explicit NULL label on the CE router toward the PE.

Figure 12-18

Figure 12-18

Explicit NULL Label on CE Router

As already mentioned, you can also move the MPLS QoS from the PE to the CE by using CsC. This does involve using the signalling protocol LDP between the PE and the CE. An alternative to LDP is eBGP as the signalling protocol. External BGP is the preferred protocol anyway between different autonomous systems today. However, using the explicit NULL label between the PE and CE implies that LDP is not needed when the PE-CE routing protocol is an IGP.

Implementing the DiffServ Tunneling Models in Cisco IOS

This section gives an overview of implementing the different MPLS DiffServ Tunneling models in Cisco IOS. The sample network used here is an MPLS VPN network, because this is the MPLS application used most often today. The configuration shown pertains to only one or two values of the MPLS experimental bits or the IP precedence bits to keep the configuration small. In a real-world network, this configuration might need to be expanded to cover all EXP and precedence bits (DSCP levels).

Example 12-2 shows how to implement the MPLS DiffServ Uniform model in Cisco IOS and demonstrates the configuration needed on the ingress PE. Only precedence 4 is being matched. Precedence 4 is mapped to EXP bits value 4 by the policer, unless the bandwidth is exceeded, in which case the EXP bits are recolored to the value 2. The egress interface configuration is not needed for the MPLS DiffServ Uniform model, but it is added to show how to perform QoS on the EXP bits.

Example 12-2 Ingress PE: MPLS DiffServ Uniform Model

!Ingress interface:

class-map IP-AF11
 match ip precedence 4
!
policy-map set-MPLS-PHB
 class IP-AF11
 police cir 8000
 conform-action set-mpls-exp-transmit 4
 exceed-action set-mpls-exp-transmit 2
!
interface ethernet 3/1
 service-policy input set-MPLS-PHB

!Egress interface:

class-map MPLS-AF1
 match mpls experimental topmost 2 4
!
policy-map output-qos
 class MPLS-AF1
 bandwidth percent 40
 random-detect
!
interface ethernet 3/0
 service-policy output output-qos

For the Uniform model, you must copy the precedence bits to the EXP bits on the ingress PE.

Example 12-3 shows the configuration of an intermediate P router.

Example 12-3 P Router: MPLS DiffServ Uniform Model

!Ingress interface:

!Nothing needed because the EXP bits are copied to the swapped outgoing label by default.


!Egress interface:

class-map MPLS-AF1
 match mpls experimental topmost 2 4
!
policy-map output-qos
 class MPLS-AF1
 bandwidth percent 40
 random-detect
!
interface ethernet 3/0
 service-policy output output-qos

Example 12-4 shows the configuration of the PHP P router.

Example 12-4 PHP P Router: MPLS DiffServ Uniform Model

!Ingress interface:

class-map mpls-in
 match mpls experimental topmost 2 4
!
policy-map policy2
 class mpls-in
 set qos-group mpls experimental topmost
!
interface ethernet 3/1
 service-policy input policy2


!Egress interface:

class-map qos-group-out
 match qos-group 2
 match qos-group 4
!
policy-map policy3
 class qos-group-out
 set mpls experimental topmost qos-group
 bandwidth percent 40
 random-detect
!
interface ethernet 3/1
 service-policy output policy3

On the PHP router, qos-group ensures that the EXP bit values 2 and 4 are copied to the exposed outgoing top label after popping the incoming label.

Example 12-5 shows the configuration of the egress PE.

Example 12-5 Egress PE: MPLS DiffServ Uniform Model

!Ingress interface:

class-map mpls-in
 match mpls experimental topmost 2 4
policy-map foo
 class mpls-in
 set qos-group mpls experimental topmost
!
interface ethernet 3/0
 service-policy input foo


!Egress Interface:

class-map qos-out
 match qos-group 2
 match qos-group 4
!
policy-map foo-out
 class qos-out
 set precedence qos-group
 bandwidth percent 40
 random-detect
!
interface ethernet 3/1
 service-policy output foo-out

On the egress PE, copy the EXP bits to the precedence bits by using qos-group.

The following configuration is an example of how to implement the MPLS DiffServ Pipe model in Cisco IOS. Only the egress PE is shown, because this LSR has a different configuration from the previous example. For the Pipe and Short Pipe DiffServ model, however, the ingress PE can change the EXP bits according to the policy of the service provider. In Example 12-6, the egress LSR does not copy the EXP bits to the precedence bits of the outgoing IP packet. The scheduling of the packets on the egress interface is still done indirectly on the EXP bits as qos-group is being used. Example 12-6 shows the configuration of the egress PE for the MPLS DiffServ Pipe model.

Example 12-6 Egress PE: MPLS DiffServ Pipe Model

!Ingress interface:

class-map mpls-in
 match mpls experimental topmost 2 4
!
policy-map foo
 class mpls-in
 set qos-group mpls experimental topmost
!
interface ethernet 3/0
 service-policy input foo

!Egress Interface:

class-map qos-out
 match qos-group 2
 match qos-group 4
!
policy-map foo-out
 class qos-out
 bandwidth percent 40
 random-detect
!
interface ethernet 3/1
 service-policy output foo-out
Related:
1 2 3 4 Page 3
Page 3 of 4