QoS - Classification by IP
When applying QoS mechanisms to traffic, it is possible to classify traffic based solely on the source IPv4 or IPv6 address. Specifically, it is possible, using Access-List (ACL)s to classify traffic based on the subnet from which it is sourced, or based on the subnet to which it is destined.
However, classifying traffic solely on the IP address without including DSCP markings has certain implications and caveats that must be considered.
-
Impact on Underlay Network Traffic:
- By classifying traffic solely based on subnets, you may not fully distinguish between different types of traffic within the same subnet. This might lead to all traffic from a prioritized subnet being treated equally, regardless of its actual importance or requirements.
- If DSCP markings are not used, there's a risk that your network devices (like routers and switches) will not be able to differentiate and prioritize traffic effectively. This can impact the performance of your underlay network, especially under high load conditions.
- The absence of DSCP markings can also affect QoS policies, which are often reliant on these markings to make forwarding decisions.
-
Risk of Routing Protocol Traffic Being Blackholed:
- If your congestion management strategy does not account for the specific needs of routing protocol traffic (like OSPF, MPLS, MP-BGP), there is a risk that this critical traffic could be deprioritized or dropped in congested scenarios.
- Routing protocol traffic is essential for the stability and efficiency of your network. If it's impacted, it could lead to routing inefficiencies or even outages.
-
Best Practices:
- Marking traffic using DSCP can provide more granular control over traffic prioritization and handling. This allows for more sophisticated QoS policies that can differentiate not just between subnets but also between types of traffic within those subnets.
- For mission-critical traffic, it's often advisable to ensure that it's explicitly identified and prioritized across the network. This can be done through a combination of subnet-based classification and DSCP markings.
- Ensure that your routing protocol traffic is always treated with high priority to maintain network stability. This often means reserving a portion of the bandwidth for control plane traffic and marking it accordingly.
-
Capacity Considerations:
- If your links reach capacity, effective congestion management becomes even more crucial. You should ensure that your congestion management policies are robust enough to handle peak loads without impacting critical network functions.
While classifying traffic by subnet-only with ACLs is a valid approach, it's generally beneficial to incorporate DSCP markings for more nuanced and effective traffic management, especially for ensuring the priority of mission-critical subnets and the integrity of your routing protocol traffic. This combined approach can help mitigate the risks of network instability and ensure efficient utilization of network resources.