Taking on the CCIE: My Journey

SysAdmin4066 · June 2010

I get where I made the mistake. It allows to reserve 100% of the bandwidth remaining. I'm good, just a little weird, though I can see where it could be useful with LLQ and voice.

SysAdmin4066 · June 2010

networker050184 wrote: »
If you have a subrate of your physical link speed then you would want to do nested policy maps. For example you have 10 Mbps and a 100Mbps interface you will want something like below.
policy-map PARENT
 class class-default
    shape average 10000000
  service-policy CHILD
!
interface FastEthernet1/0
 service-policy output PARENT
The policy-map CHILD will be your standard queuing policy with your classes defined.

What would be defined in the policy map CHILD?

SysAdmin4066 · June 2010

Moving forward to LLQ, again, a review from days gone past. Busy day at work today so not as much study as I'd like. Being on call sucks, but it's a nice little bonus in my paycheck so that's cool. Anyway, I've got about an hour to read and maybe do a practice quiz or two. Hopefully get through the second QoS chapter out of the way. I watched queuing video at lunch today, man Jeremy has a way of just making things plain. Excited about the 17th/18th (havent decided which day, probably Sat). I am going to destroy this exam!

networker050184 · June 2010

SysAdmin4066 wrote: »

What would be defined in the policy map CHILD?

The CHILD policy map will have your classes and bandwidth/priority guarantees. Your basic LLQ/CBWFQ policy map.

ColbyG · June 2010

This is my nested stuff at home:

policy-map SHAPER
 class PRIORITY
  priority 200
  set dscp ef
 class class-default
  shape average 1950000
  service-policy QoS_OUT
!
policy-map QoS_OUT
 class P2P_Out
   police rate percent 87
     conform-action transmit
     exceed-action drop
 class class-default
  fair-queue

Nuul · June 2010

Shaping is new to me, so let me see if I get what you're doing here. You have a ~20MB pipe and you're setting it so that if torrent traffic goes over 87% then drop the packets that exceed the 87%. I've never really gotten a good handle on why to do shaping over priority queuing so I'm curious about the subject.

ColbyG · June 2010

Nuul wrote: »

Shaping is new to me, so let me see if I get what you're doing here. You have a ~20MB pipe and you're setting it so that if torrent traffic goes over 87% then drop the packets that exceed the 87%. I've never really gotten a good handle on why to do shaping over priority queuing so I'm curious about the subject.

It's 2mbps. We'll start from the top, I'm LLQing priority traffic (voice, work VPN, etc) to 200kbps and marked with EF for the hell of it, this is being done outside the shaping because you shouldn't shape voice. In the class-default of the SHAPER policy, I configure shaping at ~1.9mbps. Finally, as you said, P2P traffic which exceeds 87% is dropped.

Nuul · June 2010

OK, so shaping is in bps but the maps are in Kbps. Grrrrr, I wish they'd be consistent about that kind of thing.

ColbyG · June 2010

I know, it's great, isn't it? haha

deth1k · June 2010

ColbyG wrote: »

I know, it's great, isn't it? haha

It would be quite cool if your ISP matched your EF markings

ColbyG · June 2010

deth1k wrote: »

It would be quite cool if your ISP matched your EF markings

Yea, that'd be nice too. It's pointless to mark them, but I figured why not.

burbankmarc · June 2010

Now when you're doing LLQ and CBWFQ under your policy-maps is the total alloted bandwidth you setup suppose to equal 75% of your actual speed, or is the 75% for something else.

QoS makes my head hurt.

Nuul · June 2010

My understanding of it, which admittedly may be wrong, is that it's 75% of the interfaces default bandwidth unless you have the bandwidth specifically set; in that case it's 75% of the configured BW value.

Shaping is different though, I'm still fuzzy on the specifics of that area.

jason_lunde · June 2010

You are basically playing with 75% of your interfaces bandwidth. By default 25% is left over for class-default.

burbankmarc · June 2010

Ok so I don't have to include my class-default setting into the 75%?

networker050184 · June 2010

burbankmarc wrote: »

Ok so I don't have to include my class-default setting into the 75%?

Nope. The class default will get the remaining unallocated. You can also change the 75% using the max-reserved-bandwidth command on the interface. On newer HQF IOS code you can reserve up to 100% of the interface bandwidth.

One thing to keep in mind when you are doing the nested policy map is that your percentages will be based on the shaping rate and not the interface rate. So if you have the parent shaper to 10Mbps and give your business critical class 10% bandwidth it will be 10%of the shaped rate and not 10% of the interface bandwidth.

SysAdmin4066 · June 2010

Man, what a great conversation. While QoS is probably my least favorite topic, I am definitely starting to understand it more and more.

rakem · June 2010

ColbyG wrote: »

This is my nested stuff at home:

policy-map SHAPER
 class PRIORITY
  priority 200
  set dscp ef
 class class-default
  shape average 1950000
  service-policy QoS_OUT
!
policy-map QoS_OUT
 class P2P_Out
   police rate percent 87
     conform-action transmit
     exceed-action drop
 class class-default
  fair-queue

I have noticed that when you nest policy maps it limits you to only using the shape command once.... For example, I requested some QoS changes from our ISP recently, the change was to shape down specific traffic to a fairly slow speed. There was already a shape command applied on the router to limit the IPMAN service to 10Mb.

So they tried to apply the following to the router. The CCTV network class was the new request.

policy-map Shape-Queue-Out
 class CCTV-Network
  shape average 262144
 class class-default
  fair-queue
  random-detect
policy-map 10Mb-out
 class lan_traffic
  shape average 10000000
  service-policy Shape-Queue-Out

When service policy shape-queue-out was applied to the interface the following error showed
"GTS : Can be enabled only at the first level" and the service policy was not applied.

The ISP then told me i had ot police rather than shape. I didn't believe them, and after some research and labbing came up with the following config

policy-map Shape-Queue-Out
 class CCTV-Network
  shape average 262144
 class class-default
  fair-queue
  random-detect
class lan_traffic
  shape average 10000000

So instead of nesting the shape-queue-out policy map, i just created a single policy map with different classes.... Worked perfectly.

networker050184 · June 2010

rakem wrote: »
I have noticed that when you nest policy maps it limits you to only using the shape command once.... For example, I requested some QoS changes from our ISP recently, the change was to shape down specific traffic to a fairly slow speed. There was already a shape command applied on the router to limit the IPMAN service to 10Mb.

So they tried to apply the following to the router. The CCTV network class was the new request.
policy-map Shape-Queue-Out
 class CCTV-Network
  shape average 262144
 class class-default
  fair-queue
  random-detect
policy-map 10Mb-out
 class lan_traffic
  shape average 10000000
  service-policy Shape-Queue-Out
When this was applied to the interface the following error showed
"GTS : Can be enabled only at the first level" and the service policy was not applied.

The ISP then told me i had ot police rather than shape. I didn't beileve them, and after some research and labbing came up with the following config
policy-map Shape-Queue-Out
 class CCTV-Network
  shape average 262144
 class class-default
  fair-queue
  random-detect
class lan_traffic
  shape average 10000000
So instead of nesting the shape-queue-out policy map, i just created a single policy map with different classes.... Worked perfectly.

Something to keep in mind if you try to use queuing in that scenario it will only come into play when the interface is congested. Since the bandwidth is below the physical interface capacity your queuing won't kick in until you already over subscribed. With a nested policy the queuing will come into action when the shaped rate is reached. Your class default is also going to try and use more bandwidth than the contracted rate.

SysAdmin4066 · June 2010

Kind of glanced over WRED, I understand the concept and the configuration is pretty simple but I feel like I will probably want to go over it again sometime when my brain is quieter.

jason_lunde · June 2010

SysAdmin4066 wrote: »

Man, what a great conversation. While QoS is probably my least favorite topic, I am definitely starting to understand it more and more.

Ya dude, Qos can be pretty fun though. When I was studying for the QoS test I got pretty good with the stuff, but haven't even thought about it in a while until this thread. Probably time to look back over it?!? Looks like your cranking along nicely. Do you have a tentative date for the written yet? You tracking?

....<looks up confused only to see a blaring tentative date in your signature....doh>

Turgon · June 2010

SysAdmin4066 wrote: »

Kind of glanced over WRED, I understand the concept and the configuration is pretty simple but I feel like I will probably want to go over it again sometime when my brain is quieter.

It could be worthwhile. WFQ, RED, WRED are old school. Understand those and you are well on the way to understanding a lot of the other congestion avoidance mechanisms. Happy Saturday studying!

SysAdmin4066 · June 2010

Yeah, going to shoot for July 17th Jason, though I might let that slip just a little tiny bit, maybe another week or two to solidify some stuff. Just depends on how I feel come that time.

I'm definitely going to have to revisit QoS turgon, its coming into focus, but that'll be a sore spot for me, especially policing/shaping. All the Be, Tc, Bc crap is just making my head hurt.

I just finished reading through the congestion management and avoidance earlier today and moving on to policing/shaping. I've been supplementing my reading with audio study and videos as well. So I think I am really starting to grasp most of the concepts, but I will soon start running through mock exams to test where my weakest points are, 100 questions, 2 hour time limit. So we'll see. More reading tonight, then off to bed and a new week.

Turgon · June 2010

SysAdmin4066 wrote: »

Yeah, going to shoot for July 17th Jason, though I might let that slip just a little tiny bit, maybe another week or two to solidify some stuff. Just depends on how I feel come that time.

I'm definitely going to have to revisit QoS turgon, its coming into focus, but that'll be a sore spot for me, especially policing/shaping. All the Be, Tc, Bc crap is just making my head hurt.

I just finished reading through the congestion management and avoidance earlier today and moving on to policing/shaping. I've been supplementing my reading with audio study and videos as well. So I think I am really starting to grasp most of the concepts, but I will soon start running through mock exams to test where my weakest points are, 100 questions, 2 hour time limit. So we'll see. More reading tonight, then off to bed and a new week.

For QoS read the chapters in Odom. Then do the end of chapter questions repeatedly and all the QoS questions in the test engine that comes with the book. Do all the Boson QoS questions.

For the exam understand the basic arithmetic for the Tc/Bc/CIR stuff. You want to be looking closely at the configurations in the book and the test examples. Try and understand how a QoS config hangs together as well as you can. The exam will present you with configurations. You will need to declare the outcome of those configs. This requires working the config through. DSCP conversions watch out for.

With QoS you could easily spend a year working on it and still have much to learn. It's really one of those subjects that requires live projects in the field to cement in your head. You will want decent marks on QoS to take you over the pass mark on the exam so shoot for 75%.

If you read the chapters and repeatedly do those test questions it's surprising how much makes sense in multiple choice land even if you cant verbally explain the details very well

Eliminate the reading fast on those chapters then rinse and repeat those questions in the days ahead. Beware of the elephants in the room. There are actually two of those..routing and switching. The test is loaded with routing and switching scenarios so I strongly advise you to divert most of your study time on those topics now. You have to be strong on those topics to pass. Watch out for switching. If your loopguard, rootguard, bpduguard, bpdufilter, spanning-tree is off (for example) expect pain.

Mechanism..mechanism..mechanism..and config.

Postscript. The last two weeks are vital for written prep because now you have to bring everything together, getting around all the topics and fine tuning your understanding with quick reference to the solution explanations and your books. Smash the test engine hard now everyday.

SysAdmin4066 · July 2010

Happy Independance Day!

You're so right turgon, that's what I'm seeing pretty much. Fortunately I'm very good with switching, all the guards and spanning tree was and still is my most solid topics. I am reading through the WAN technologies now, HDLC, PPP and Frame Relay. Shouldnt be too long through these. I am getting beat up less and less with the questions and I'm going to start running actual 100 question sim exams in a week or two so I can really start to guage where I am weakest and where I am strongest. I've always done that with my exams, run through the actual number that will be on the real exam. Getting closer and closer to proficiency in the written, looking like I'm not too far off of the 17th.

gorebrush · July 2010

Sorry if this is late, but someone up top of this thread mentioned that they would be employing shaping to drop traffic.

Shaping does not drop traffic - it buffers it to send so that when queues are less congested the packets are then sent

Policing can be used to drop traffic

Turgon · July 2010

SysAdmin4066 wrote: »

Happy Independance Day!

You're so right turgon, that's what I'm seeing pretty much. Fortunately I'm very good with switching, all the guards and spanning tree was and still is my most solid topics. I am reading through the WAN technologies now, HDLC, PPP and Frame Relay. Shouldnt be too long through these. I am getting beat up less and less with the questions and I'm going to start running actual 100 question sim exams in a week or two so I can really start to guage where I am weakest and where I am strongest. I've always done that with my exams, run through the actual number that will be on the real exam. Getting closer and closer to proficiency in the written, looking like I'm not too far off of the 17th.

Keep at it. Not long now.

SysAdmin4066 · July 2010

Just finished WAN reading, Frame Relay, HDLC and PPP. Practice exams on deck after a short break. Looking at getting at least 2 hours of practice exams today.

Turgon · July 2010

Keep hitting the tests!

Turgon · July 2010

SysAdmin4066 wrote: »

Just finished WAN reading, Frame Relay, HDLC and PPP. Practice exams on deck after a short break. Looking at getting at least 2 hours of practice exams today.

Hi dude. How is it going? Not long to your test now right?

Taking on the CCIE: My Journey

Comments