OcNOS SP : Virtual Extensible LAN Guide : VxLAN - EVPN with Integrated Routing and Bridging Deployment Mode : VxLAN Quality of Service Configuration
VxLAN Quality of Service Configuration
This chapter contains the configurations for VxLAN Quality of Service (QoS).
Overview
VxLAN enables multiple tenants to operate in a data center. Each tenant is assigned a priority group to prioritize their traffic. Cloud carriers use QoS to differentiate different applications.
Data center networks are being increasingly used by telecommunications operators as well as by enterprises. Currently these networks are organized as one large Layer 2 network in a single building. In some cases, such a network is extended geographically using Virtual Local Area Network (VLAN) technologies as an even larger Layer 2 network connecting the virtual machines (VM), each with its own MAC address.
Multiple tenants might want their own isolated network domain. In a data center hosting multiple tenants, each tenant may independently assign MAC addresses and VLAN IDs and this might lead to duplication.
Cloud carriers wish to categorize the traffic based on the application such as voice, video, etc. Based on the type of the application different traffic classes may be identified and different priority levels can be assigned to each. To do so, quality of service marking is needed in VxLAN.
This chapter shows how to mark packet headers with the VxLAN tunnel end point (VTEP) when the frames are introduced by the virtual machines. The (re)marking /setting of QoS field DSCP/TOS in the VxLAN IP header is done with the two modes which are set globally.
Two commands support L2 VxLAN QoS:
qos profile dscp-encap: Use this command to create new profiles or to update "default" profiles for dscp-dscpEncap and Queue to DSCP value. This profile will be mapped to nvo vxlan tunnel at the egress direction of the VTEP. Default Qos profile dscp-encap would take preference than default qos profile queue-color-to dscp when no user-defined qos profile is configured on the nvo vxlan tunnel mode.
l2 queue dscp: Use this command to configure or update user defined mapping for queue to dscp for egress L2 Traffic over VxLAN tunnel.
Topology
VxLAN QoS
COS-DSCP
RTR1/VTEP1
 
VTEP1#configure terminal
Enter Configure mode.
VTEP1(config)#mac vrf vrf1
Create mac routing/forwarding instance with vrf1 name and enter into vrf mode
VTEP1(config-vrf)#rd 1.1.1.1:11
Assign RD value
VTEP1(config-vrf)#route-target both 10.10.10.10:100
Assign route-target value for import/export
VTEP1(config-vrf)#exit
Exit form vrf mode
VTEP1(config)#hardware-profile filter vxlan enable
Enable hardware profile for vxlan
VTEP1(config)#qos enable
Enable qos
VTEP1(config)#qos profile cos-to-queue COS-QUE
Create qos profile for mapping traffic towards tunnel from access-if.
VTEP1(config-ingress-cos-map)#cos 2 queue 3
Configure particular COS value to the queue value for con-figured profile.
VTEP1(config-ingress-cos-map)#exit
Exit from qos profile config mode
VTEP1(config)#qos profile queue-color-to-dscp QUE-DSCP
OR
VTEP1(config)#qos profile dscp-encap DSCP-ENCAP
 
Create qos profile for attaching in vxlan tunnel egress.
 
 
Either one of the qos profile CLI can be configured. Functionality of queue-color-to-dscp and dscp-encap qos profiles remains the same.
VTEP1(config-egress-dscp-map)#queue 3 dscp 16
OR
VTEP1(config-egress-dscp-encap-map)#l2 queue 3 dscp 16
Configure particular queue value to the dscp value for configured profile.
 
Either one of the qos profile CLI can be configured. Functionality of queue-color-to-dscp and dscp-encap qos profiles remains the same.
VTEP1(config-egress-dscp-encap-map)#exit
Exit from qos profile config mode
VTEP1(config)#interface po2
Create a port channel po2
VTEP1(config-if)#switchport
Configure port as switchport
VTEP1(config-if)#load-interval 30
Set load-interval
VTEP1(config-if)#interface po24
Create a port channel po24
VTEP1(config-if)#load-interval 30
Configure port as switchport
VTEP1(config-if)#ip address 24.1.1.1/30
Set load-interval
VTEP1(config-if)#interface lo
Enter in to loopback interface
VTEP1(config-if)#ip address 1.1.1.1/32 secondary
Configure ip address
VTEP1(config-if)#interface xe1
Enter in to interface mode
VTEP1(config-if)#channel-group 2 mode active
Map to channel-group
VTEP1(config-if)#interface xe2
Enter in to interface mode
VTEP1(config-if)#channel-group 2 mode active
Map to channel-group
VTEP1(config-if)#interface xe14
Enter in to interface mode
VTEP1(config-if)#channel-group 24 mode ac-tive
Map to channel-group
VTEP1(config-if)#interface xe15
Enter in to interface mode
VTEP1(config-if)#channel-group 24 mode ac-tive
Map to channel-group
VTEP1(config-if)#router ospf 1
Create ospf instance
VTEP1(config-router)#ospf router-id 1.1.1.1
Configure ospf router-id
VTEP1(config-router)#network 1.1.1.1/32 area 0.0.0.0
Configure loopback network address in to ospf
VTEP1(config-router)#network 24.1.1.0/30 area 0.0.0.0
Configure network address in to ospf
VTEP1(config-router)#router bgp 100
Enter into Router BGP mode
VTEP1(config-router)#neighbor 6.6.6.6 re-mote-as 100
Specify a neighbor router with peer ip address and remote-as defined
VTEP1(config-router)#neighbor 6.6.6.6 up-date-source lo
Specify the neighbor to use loopback address as source
VTEP1(config-router)#address-family l2vpn evpn
Enter into l2vpn evpn address-family
VTEP1(config-router-af)#neighbor 6.6.6.6 activate
Activate the neighbor to address-family
VTEP1(config-router)#nvo vxlan vtep-ip-global 1.1.1.1
Configure Source vtep-ip-global configuration
VTEP1(config)#nvo vxlan tunnel qos-map-mode cos-dscp egress QUE-DSCP
OR
VTEP1(config)#nvo vxlan tunnel qos-map-mode cos-dscp egress DSCP-ENCAP
 
Configure the mapping qos profile in to vxlan tunnel egress
 
 
 
Configure the mapping qos profile in to vxlan tunnel egress
VTEP1(config)#nvo vxlan id 1 in-gress-replication inner-vid-disabled
Create vnid 1 and disable inner-vid
VTEP1(config-nvo)#vxlan host-reachability-protocol evpn-bgp vrf1
Assign vrf for evpn-bgp to carry EVPN route
VTEP1(config-nvo)#nvo vxlan access-if port-vlan po2 1001
Create vxlan access-if with vlan 1001
VTEP1(config-nvo-acc-if)#no shutdown
No shut the vxlan access-if
VTEP1(config-nvo-acc-if)#map vnid 1
Map vnid to the vxlan access-if
VTEP1(config-nvo-acc-if)#map qos-profile cos-to-queue COS-QUE
Map qos profile for vxlan access-if ingress traffic from CE
VTEP1(config-nvo-acc-if)#exit
Exit from VxLAN access-interface mode and enter into configuration mode.
VTEP1(config)#commit
Commit the candidate configuration to the running configuration
RTR2
 
R2#configure terminal
Enter Configure mode.
R2(config)#interface po24
Create port channel
R2(config-if)#load-interval 30
Set load-interval
R2(config-if)#ip address 24.1.1.2/30
Assign ip address
R2(config-if)#interface po46
Create port channel
R2(config-if)#load-interval 30
Set load-interval
R2(config-if)#ip address 46.1.1.1/30
Assign ip address
R2(config-if)#interface lo
Enter in to loopback interface
R2(config-if)#ip address 4.4.4.4/32 sec-ondary
Assign secondary ip address
R2(config-if)#interface xe4
Enter into interface mode
R2(config-if)#channel-group 46 mode active
Map port channel to the interface
R2(config-if)#interface xe5
Enter into interface mode
R2(config-if)#channel-group 46 mode active
Map port channel to the interface
R2(config-if)#interface xe14
Enter into interface mode
R2(config-if)#channel-group 24 mode active
Map port channel to the interface
R2(config-if)#interface xe15
Enter into interface mode
R2(config-if)#channel-group 24 mode active
Map port channel to the interface
R2(config-if)#router ospf 1
Create ospf instance
R2(config-router)#ospf router-id 4.4.4.4
Configure ospf router-id
R2(config-router)#network 4.4.4.4/32 area 0.0.0.0
Configure ospf network address with respective area
R2(config-router)#network 24.1.1.0/30 area 0.0.0.0
Configure ospf network address with respective area
R2(config-router)#network 46.1.1.0/30 area 0.0.0.0
Configure ospf network address with respective area
R2(config-router)#exit
Exit from router mode.
R2(config)#commit
Commit the candidate configuration to the running configuration
RTR3/VTEP2
 
VTEP3#configure terminal
Enter Configuration mode
VTEP3(config)#mac vrf vrf1
Create mac routing/forwarding instance with vrf1 name and enter into vrf mode
VTEP3(config-vrf)#rd 6.6.6.6:11
Assign RD value
VTEP3(config-vrf)#route-target both 10.10.10.10:100
Assign route-target value for import/export
VTEP1(config-vrf)#exit
Exit from vrf mode
VTEP1(config)#hardware-profile filter vxlan enable
Enable hardware profile for vxlan
VTEP3(config)#qos enable
Enable QOS
VTEP3(config)#qos statistics
Enable QOS statistics
VTEP3(config)#qos profile queue-color-to-cos QUE-COS
Create qos profile for mapping incoming traffic from tunnel to access-if.
VTEP3(config-egress-cos-map)#queue 4 cos 5
Configure particular queue value to the cos value for con-figured profile.
VTEP3(config-egress-cos-map)#qos profile dscp-to-queue DSCP-QUE
Create qos profile for attaching in vxlan tunnel ingress.
VTEP3(config-ingress-dscp-map)#dscp 16 queue 4
Configure particular dscp value to the queue value for con-figured profile.
VTEP3(config-egress-dscp-map)#interface po46
Create port channel
VTEP3(config-if)#load-interval 30
Set load interval
VTEP3(config-if)#ip address 46.1.1.2/30
Assign ip address
VTEP3(config-if)#interface lo
Enter into loopback interface
VTEP3(config-if)#ip address 6.6.6.6/32 secondary
Assign secondary ip address
VTEP3(config-if)#interface xe4
Enter into interface mode
VTEP3(config-if)#channel-group 46 mode active
Map channel group into the interface
VTEP3(config-if)#interface xe5
Enter into interface mode
VTEP3(config-if)#channel-group 46 mode active
Map channel group into the interface
VTEP3(config-if)#interface xe15
Enter into interface mode
VTEP3(config-if)#switchport
Make interface as L2 port
VTEP3(config-if)#load-interval 30
Set load interval
VTEP3(config-if)#router ospf 1
Create ospf instance
VTEP3(config-router)#ospf router-id 6.6.6.6
Configure ospf router-id
VTEP3(config-router)#network 6.6.6.6/32 area 0.0.0.0
Configure ospf network address with respective area
VTEP3(config-router)#network 46.1.1.0/30 area 0.0.0.0
Configure ospf network address with respective area
VTEP3(config-router)#router bgp 100
Enter into Router BGP mode
VTEP3(config-router)#neighbor 1.1.1.1 re-mote-as 100
Specify a neighbor router with peer ip address and remote-as defined
VTEP3(config-router)#neighbor 1.1.1.1 up-date-source lo
Specify the neighbor to use loopback address as source
VTEP3(config-router)#address-family l2vpn evpn
Enter into l2vpn evpn address-family
VTEP3(config-router-af)#neighbor 1.1.1.1 activate
Activate the neighbor to address-family
VTEP3(config)#nvo vxlan vtep-ip-global 6.6.6.6
Configure Source vtep-ip-global configuration
VTEP3(config)#nvo vxlan tunnel qos-map-mode cos-dscp ingress DSCP-QUE
Configure the mapping qos profile in to vxlan tunnel ingress
VTEP3(config)#nvo vxlan id 1 in-gress-replication inner-vid-disabled
Create vnid 1 and disable inner-vid
VTEP3(config-nvo)#vxlan host-reachability-protocol evpn-bgp vrf1
Assign vrf for evpn-bgp to carry EVPN route
VTEP3(config-nvo)#nvo vxlan access-if port-vlan xe15 1000
Create vxlan access-if with vlan 1000
VTEP3(config-nvo-acc-if)#no shutdown
No shut the vxlan access-if
VTEP3(config-nvo-acc-if)#map vnid 1
Map vnid to the vxlan access-if
VTEP3(config-nvo-acc-if)#map qos-profile queue-color-to-cos QUE-COS
Map qos profile for vxlan access-if egress traffic to CE
VTEP3(config-nvo-acc-if)#exit
Exit from VxLAN access-interface mode and enter into configuration mode
VTEP3(config)#commit
Commit the candidate configuration to the running configuration
Validation
As per the QoS configuration, when L2 traffic with cos value 2 is sent to VTEP1 access-if, the packets are forwarded to queue 3 and packets in queue 3 are mapped with dscp value 16 while egress out of tunnel. At VTEP2, when packets with dscp value 16 ingress at tunnel, it is forwarded to queue 4 and packets of queue 4 are remarked with cos value 5.
RTR1/VTEP1
 
VTEP1#sh run nvo vxlan
!
nvo vxlan enable
!
nvo vxlan vtep-ip-global 1.1.1.1
!
nvo vxlan tunnel qos-map-mode cos-dscp egress QUE-DSCP (OR DSCP-ENCAP)
!
nvo vxlan id 1 ingress-replication inner-vid-disabled
vxlan host-reachability-protocol evpn-bgp vrf1
!
nvo vxlan access-if port-vlan po2 1001
map vnid 1
map qos-profile cos-to-queue COS-QUE
!
VTEP1#show run qos
qos enable
!
qos profile cos-to-queue COS-QUE
cos 2 queue 3
!
qos profile queue-color-to-dscp QUE-DSCP
queue 3 color all dscp 16
!
OR
VTEP1#show run qos
qos enable
!
qos profile cos-to-queue COS-QUE
cos 2 queue 3
!
qos profile dscp-encap DSCP-ENCAP
l2 queue 3 dscp 16
!
 
VTEP1#sh int xe14 count queue-stats
E - Egress, I - Ingress, Q-Size is in bytes
+--------------------+--------+-----------------+-------------------+-----------------+-------------------+
| Queue/Class-map | Q-Size | Tx pkts | Tx bytes | Dropped pkts | Dropped bytes |
+--------------------+--------+-----------------+-------------------+-----------------+-------------------+
q0 (E) 12517376 0 0 0 0
q1 (E) 12517376 0 0 0 0
q2 (E) 12517376 0 0 0 0
q3 (E) 12517376 205284588 188040683524 0 0
q4 (E) 12517376 0 0 0 0
q5 (E) 12517376 0 0 0 0
q6 (E) 12517376 0 0 0 0
q7 (E) 12517376 7518 1007412 0 0
 
VTEP1#sh int xe15 count queue-stats
E - Egress, I - Ingress, Q-Size is in bytes
+--------------------+--------+-----------------+-------------------+-----------------+-------------------+
| Queue/Class-map | Q-Size | Tx pkts | Tx bytes | Dropped pkts | Dropped bytes |
+--------------------+--------+-----------------+-------------------+-----------------+-------------------+
q0 (E) 12517376 0 0 0 0
q1 (E) 12517376 0 0 0 0
q2 (E) 12517376 0 0 0 0
q3 (E) 12517376 205624494 188352040168 0 0
q4 (E) 12517376 0 0 0 0
q5 (E) 12517376 0 0 0 0
q6 (E) 12517376 0 0 0 0
q7 (E) 12517376 9006 1136741 0 0
 
VTEP1#
VTEP1#show nvo vxlan
VxLAN Information
=================
Codes: NW - Network Port
AC - Access Port
(u) - Untagged
 
VNID VNI-Name VNI-Type Type Interface ESI VLAN DF-Status Src-Addr Dst-Addr
_______________________________________________________________________________________________________________________________
1 ---- L2 NW ---- ---- ---- ---- 1.1.1.1 6.6.6.6
1 ---- AC po2 --- Single Homed port --- 1001 ---- ---- ----
 
Total number of entries are 3
VTEP1#show nvo vxlan mac-table
=====================================================================================================================================================
VxLAN MAC Entries
=====================================================================================================================================================
VNID Interface VlanId Inner-VlanId Mac-Addr VTEP-Ip/ESI Type Status AccessPortDesc
_____________________________________________________________________________________________________________________________________________________
 
1 po2 1001 ---- 0000.2000.9991 1.1.1.1 Dynamic Local ------- -------
 
Total number of entries are : 1
 
VTEP1#show nvo vxlan tunnel
VxLAN Network tunnel Entries
Source Destination Status Up/Down Update
====================================================================================
1.1.1.1 6.6.6.6 Installed 00:11:29 00:11:29
 
Total number of entries are 2
VTEP1#
RTR3/VTEP3
VTEP3#show run nvo vxlan
!
nvo vxlan enable
!
nvo vxlan vtep-ip-global 6.6.6.6
!
nvo vxlan tunnel qos-map-mode cos-dscp ingress DSCP-QUE
!
nvo vxlan id 1 ingress-replication inner-vid-disabled
vxlan host-reachability-protocol evpn-bgp vrf1
!
nvo vxlan access-if port-vlan xe15 1000
map vnid 1
map qos-profile queue-color-to-cos QUE-COS
!
!
VTEP3#sh run qos
qos enable
qos statistics
!
qos profile queue-color-to-cos QUE-COS
queue 4 color all cos 5
!
qos profile dscp-to-queue DSCP-QUE
dscp 16 queue 4
!
VTEP3#show nvo vxlan mac-table
 
=====================================================================================================================================================
VxLAN MAC Entries
=====================================================================================================================================================
VNID Interface VlanId Inner-VlanId Mac-Addr VTEP-Ip/ESI Type Status AccessPortDesc
_____________________________________________________________________________________________________________________________________________________
 
1 ---- ---- ---- 0000.2000.9991 1.1.1.1 Dynamic Remote ------- -------
 
Total number of entries are : 1
 
VTEP3#show nvo vxlan tunnel
VxLAN Network tunnel Entries
Source Destination Status Up/Down Update
====================================================================================
6.6.6.6 1.1.1.1 Installed 00:09:39 00:09:39
 
Total number of entries are 2
VTEP3#sh nvo vxlan
VxLAN Information
=================
Codes: NW - Network Port
AC - Access Port
(u) - Untagged
 
VNID VNI-Name VNI-Type Type Interface ESI VLAN DF-Status Src-Addr Dst-Addr
_______________________________________________________________________________________________________________________________
1 ---- L2 NW ---- ---- ---- ---- 6.6.6.6 1.1.1.1
1 ---- AC xe15 --- Single Homed port --- 1000 ---- ---- ----
 
Total number of entries are 3
VTEP3#
 
VTEP3#show int xe15 count queue-stats
E - Egress, I - Ingress, Q-Size is in bytes
+--------------------+--------+-----------------+-------------------+-----------------+-------------------+
| Queue/Class-map | Q-Size | Tx pkts | Tx bytes | Dropped pkts | Dropped bytes |
+--------------------+--------+-----------------+-------------------+-----------------+-------------------+
q0 (E) 12517376 0 0 0 0
q1 (E) 12517376 0 0 0 0
q2 (E) 12517376 0 0 0 0
q3 (E) 12517376 0 0 0 0
q4 (E) 12517376 37895872 36455829826 0 0
q5 (E) 12517376 0 0 0 0
q6 (E) 12517376 0 0 0 0
q7 (E) 12517376 0 0 0 0
 
VTEP3#