BRKEWN-2009 Qos

#CiscoLive
Demystifying Wireless QoS

for the Catalyst 9800
Subtitle goes here
Simone Arena, Principal TME

@siarena71
BRKEWN-2009
#CiscoLive
Agenda
• Wi-Fi QoS fundamentals
• Catalyst 9800 QoS
• Deploying Catalyst 9800 QoS
• Design and Best Practices
• Key takeaways
#CiscoLive BRKEWN-2009 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Quality of Service (QoS)
• Quality of Service (QoS) is the measurement of network quality and service usability
• The following factors determine QoS: Bandwidth, Packet loss, Delay, Jitter
• Your network QoS is as strong as your weakest link:
Access Enterprise Network

Network
Shift from full-duplex to half-duplex media

Shift from a dedicated media to a shared media
Typical downshift in speed (and throughput)
Wi-Fi (802.11)
QoS fundamentals
Wi-Fi QoS
802.11 networks use CSMA/CA* as access method:
Hello?
§ “Listen before talk” Are you there?
§ Wireless networks have no way to detect a collision
§ Every frame must be acknowledged
§ QoS focuses on reducing the probability of a collision for
high priority traffic
§ Uses a system of fixed and random wait timers to ensure
everyone gets a chance to send
(*) CSMA/CA : Carrier Sense Multiple Access / Collision Avoidance
Wi-Fi Media Access
Listen & Wait Listen & Wait

Contention based
Sending
Half-duplex
Access Point
(Listen & Wait) Listen
& Wait
Listen Listen
& Wait & Wait
Wi-Fi Media Access
Listen & Wait

Contention based Listen & Wait
Sending
Half-duplex Listen
Access Point & Wait
(Listen & Wait)
Congestion
Listen Listen
& Wait & Wait
Quiz
Who gets the higher Transmission Priority?
1. Access Point
2. Wireless Client
3. They all get equal access
Wi-Fi QoS
• 802.11e was tasked with bringing QoS to Wi-Fi
• Enhanced Distributed Channel Access (EDCA) was introduced
by IEEE 802.11e in 2005
• EDCA has been adopted by the Wi-Fi Alliance as Wireless
Multimedia (WMM)
• WMM is now a mandatory part of modern Wi-Fi networks
• 802.11a/b/g are based on DCF (no QoS)
• 802.11n/ac/ax are based on EDCA (QoS is supported)
• Continual improvements, including 802.11-2016 and 802.11-

2020 revisions
Wi-Fi QoS – the UP value
When wireless frames are transmitted, a 3-bits
QoS value known as User Priority (UP) is written
into the 802.11 frame:
Wi-Fi QoS – the UP value
When wireless frames are transmitted, a 3-bits
QoS value known as User Priority (UP) is written
into the 802.11 frame:
Wi-Fi QoS - Access Categories (ACs)
• Access Categories act like transmit queues
• Mapped to Metal QoS (Bronze, Silver, Gold, Platinum) Client traffic
Access
Network
UP values: 1, 2 0, 3 4, 5 6, 7
Background Best Effort Video Voice

(AC_BK) AC_BE (AC_VI) (AC_VO)
Network QoS – Differentiated Service Model
• Differentiated Service Model or DiffServ for short
• End-to-end QoS architecture, defined in RFC2474 and RFC2475
Differentiated Service Code Point Traffic Classes:

(DSCP) in Type of Service (ToS) field in
IPv4 (Traffic Class field in IPv6). Expedite Forwarding (EF) — low-loss, low-latency traffic
Assured Forwarding (AF) — different classes
Default Forwarding (DF) — typically best-effort traffic
Wi-Fi QoS - How to map DSCP to UP?
• RFC 8325: Reconciles “Configuration
Guidelines for DiffServ Service Classes” (RFC
4594) with IEEE 802.11
• Industry consensus on DSCP-to-UP mapping
• Advocates DSCP-trust in the upstream
direction (vs. UP-to-DSCP mapping)
• Few mappings are implemented differently
from the RFC and in accordance with Cisco
Best practices
Wi-Fi QoS – Consistency is key
• Most vendors have adopted
RFC 8325 > but you have to
turn it on the device:
• Windows > Group policies
• Apple > Cisco Fastlane
• Samsung > Native
• Still some client may mark UP

value differently
• Trust DSCP is recommended
Wi-Fi QoS - DSCP ßà UP Mapping
Access
IETF DiffServ Service Class DSCP name DSCP value UP
Category
Network Control CS6 48 0 AC_BE
Voice EF 4 46 6 AC_VO
Signaling CS5 40 5 AC_VI
Multimedia Conferencing AF41,AF42, AF43 34, 36, 38 4 AC_VI
Real-Time Interactive CS4 32 5 AC_VI
Multimedia Streaming AF31, AF32, AF33 26, 28, 30 4 AC_VI
Broadcast Video CS3 24 4 AC_VI
Low-Latency Data AF21, AF22, AF23 18, 20, 22 3 AC_BE
OAM CS2 16 0 AC_BE
High-Throughput Data AF11, AF12, AF13 10, 12, 14 2 AC_BK

DF (default
Standard 0 0 AC_BE
forwarding)
Low-Priority Data CS1 8 1 AC_BK
What if the DSCP <> UP is not in the table?
The UP values for the other DSCPs not in the table are derived from the 3 most
significant bits of the DSCP value and mapped to the correspondent access category:
Wi-Fi QoS - What about these?
Automatic Power Save
Delivery (APSD)
EDCA parameters
Call Admission Control
(CAC)
Transmission Opportunity
CWmin and CWmax values (TXOP)
Arbitration Interframe
Transmission Specification Spacing (AIFS)
(TSpec)
Are these still relevant? Absolutely! But nothing changes from AireOS
Catalyst 9800 QoS
Catalyst 9800 Wireless QoS – Policy targets
Port Policy (only priority queuing with Auto-QoS)
Physical port
Service Level
SSID Based Policy
BK
Guest
Client Based Policy
BUSINESS
DEFAULT
VOICE
Corp BUSINESS
DEFAULT
Access
Network
Catalyst 9800 Wireless QoS – Policy targets
• A target is the entity where policy is applied. C9800 supports #3 targets: SSID, client and port.
• Wireless QoS policies are applied in the upstream and (or) downstream direction.
• Downstream: The flow of traffic from a wired source to a wireless destination
• Upstream: The flow of traffic from a wireless source to a wired destination
• SSID Policies: You can create QoS policies on SSID in both the ingress (upstream) and egress
(downstream) directions. The policy is applicable per AP per SSID. You can configure policing
and marking policies on SSID.
• Client Policies: applicable both the ingress (upstream) and egress (downstream) directions. You
can configure policing and marking policies on clients. AAA override is also supported.
Upstream/Ingress
Access
Network
Downstream/Egress
Catalyst 9800 Wireless QoS – Modular QoS
Classification ACL
• Catalyst QoS model is based on Modular ip access-list extended AutoQos-4.0-Output-Acl-CAPWAP-C
QoS CLI (MQC) 10 permit udp any eq 5246 16666 any
• In IOS-XE, MQC is used to implement the Class-map definition

class-map match-any AutoQos-4.0-Output-CAPWAP-C-Class
Differentiated Service model QoS match access-group name AutoQos-4.0-Output-Acl-CAPWAP-C
class-map match-any AutoQos-4.0-Output-Voice-Class
• The main MQC constructs: match dscp ef
• Class-map: to classify traffic Policy-map definition

policy-map AutoQos-4.0-wlan-Port-Output-Policy
• Policy-map: to bind traffic class to actions class AutoQos-4.0-Output-CAPWAP-C-Class
priority level 1
• Service-policy: to attach policy-map to class AutoQos-4.0-Output-Voice-Class
target/direction priority level 2
class class-default
Service-policy attachment
interface TenGigabitEthernet0/0/0
service-policy output AutoQos-4.0-wlan-Port-Output-Policy
Catalyst 9800 QoS model: Trust DSCP
Q: What does it mean that “DSCP trust” is the QoS model supported by C9800?
A: it means that both the AP and WLC use the DSCP value in the in the client packet
or in the CAPWAP header to process and apply QoS policy
Downstream/Egress
CAPWAP Encapsulated
UP DSCP Payload DSCP
802.11 DSCP Payload
CAPWAP
Wired
Network
CAPWAP Encapsulated
UP DSCP Payload DSCP
802.11 DSCP Payload
Upstream/Ingress
Note: in the picture above, the DSCP is simply copied as there is the assumption that no other QOS policy is applied
Downstream QoS Model
CAPWAP Encapsulated CAPWAP Encapsulated
DSCP 802.1q DSCP 802.11 DSCP Payload 802.1q DSCP Payload
802.11 DSCP Payload
1
AP WLC
CAPWAP
Wired
802.1Q Trunk Network
The client packet is received over an 802.1q trunk by the WLC. The WLC uses the DSCP value of the
1
original IP packet and maps it to the outer DSCP of the CAPWAP tunnel (assuming no ceiling value is
applied via Metal QoS at the WLC)
Note: dot1p CoS tagging is not supported in 9800 (supported but not recommended in AireOS)
Downstream QoS Model
CAPWAP Encapsulated CAPWAP Encapsulated
DSCP 802.1q DSCP 802.11 DSCP Payload 802.1q DSCP Payload
UP DSCP Payload 802.11 DSCP Payload
2 1
CAPWAP
Wired
The client packet is received over an 802.1q trunk by the WLC. The WLC uses the DSCP value of the
1
original IP packet and maps it to the outer DSCP of the CAPWAP tunnel (assuming no ceiling value is
applied via Metal QoS at the WLC)
The AP leverages the the DSCP value from CAPWAP header for internal QoS processing and queuing
2
The DSCP value is mapped to the 802.11e UP value in the egress wireless frame to the client
Upstream QoS Model
The client 802.11e frame is received by the AP. The AP utilizes the DSCP value in the original
1
3 packet for internal QoS processing and then maps it to the outer CAPWAP IP header, (assuming no
ceiling value is applied via Metal QoS at the WLC)(*)
CAPWAP
Wired
1
3 2
UP DSCP Payload CAPWAP Encapsulated CAPWAP Encapsulated

DSCP 802.1p DSCP
802.1q 802.1q DSCP Payload
802.11 DSCP Payload 802.11 DSCP Payload
Trust DSCP
2 This allow preservation of the DSCP value from the client all the way through the network, emerging
untouched from the WLC (assuming no Metal QoS or AVC policy is applied to remark DSCP)
(*) Before release 17.4, you need to explicitly configure “qos-map trust-dscp-upstream” under the AP join profile. If this setting is not there,
the AP will use the UP value in the received frame to derive the outer DSCP value of the CAPWAP header
Downstream QoS Model - Flex Local Switching
UP DSCP Payload 802.1q DSCP Payload

1
CAPWAP control
802.1Q Trunk
Wired
Network
1 Once the Ethernet frame is received, the AP takes the DSCP value of the IP packet, process any
QoS policy (e.g., AVC policy), maps it to the 802.11e UP value on the wireless frame and queue
the frame accordingly. The frame is then sent to the client.
Upstream QoS Model – Flex Local Switching
The client 802.11e frame is received by the AP. The AP looks at the original packet DSCP to
1
3
apply any QoS policy before sending the packet on the wire
CAPWAP control
802.1Q Trunk
Wired
Network
802.1p
UP DSCP Payload 802.1q DSCP Payload
1
Trust DSCP
Downstream QoS Model – SDA (Fabric)
IP VXLAN Encapsulated VXLAN Encapsulated

DSCP IP DSCP DSCP Payload IP DSCP Payload
UP DSCP Payload IP DSCP Payload IP
2 1
VXLAN
SDA
Fabric Edge Fabric Border
The IP packet is received at the Border. The Border uses the DSCP value of the original IP packet
1
and maps it to the outer DSCP of the VXLAN tunnel. The Fabric Edge does the same operation
The AP takes the DSCP value in VXLAN header for internal QoS processing (e.g. Metal QoS) and
2
queuing. The DSCP value is then mapped to the 802.11e UP in the egress wireless frame to the client
Upstream QoS Model - SDA (Fabric)
The client 802.11e frame is received by the AP. The AP utilizes the DSCP value in the original
1
3
packet for internal QoS processing and then maps it to the outer VXLAN header(*)
This allow preservation of the DSCP value from the client all the way through the network, emerging
2
untouched from the Border (assuming no Metal QoS or AVC policy is applied to remark DSCP)
VXLAN
SDA
Fabric Edge Fabric Border

1
3 2
IP VXLAN Encapsulated VXLAN Encapsulated

UP DSCP Payload DSCP 802.1p
IP DSCP IP DSCP Payload
IP DSCP Payload IP DSCP Payload
Trust DSCP
(*) Before release 17.4, you need to explicitly configure “qos-map trust-dscp-upstream” under the AP join profile. If this setting is not there,
the AP will use the UP value in the received frame to derive the outer DSCP value of the VXLAN header
Deploying
Catalyst 9800 QoS
QoS Workflow
• Step 1: Navigate to Services > QoS and Add a new policy
QoS Workflow
• Step 2: Name your policy, add applications (Class-maps)
QoS Workflow
• Step 3: Add applications and assign a policy
You can also choose User

Defined and match on DSCP
Select “AVC” Mode values or ACL
Assign a policy
Choose Protocol
Select the
application/s
QoS Workflow
• Step 4: Choose a default action
• Class Default will match all the

traffic not matched by the other
defined class-maps
• You can define an action for this
Class or leave it to default which
is “no action”
QoS Workflow
• Step 5: Select a policy profile to attach the QoS policy to Ingress/Egress traffic
As this is considered at AP:
§ Egress: from AP to Client >

(a.k.a. Downstream)
§ Ingress: from client to AP >

(a.k.a. Upstream)
QoS Workflow
• Step 6: You can apply the QoS policy with Auto-QoS, add a Platinum/Gold/Silver
/Bronze profile at the SSID level, or apply a custom policy at the SSID or client level
QoS Workflow
QoS Policy can be applied at multiple level:
• Auto QoS: this is a set of predefined policies
automatically applied at the SSID, radio and
controller port level
• SSID: it gets applied per AP to the aggregate
traffic for all clients on that SSID
• Client level: it’s per client policy
• Both SSID and client: client policy is applied
first and then the SSID policy
• Custom or Metal QoS policy can be applied
per client via “aaa override”
QoS Workflow – AAA override
• QoS Policy override is available per user
policies not per SSID
• Return the policy name in cisco av-pair
• cisco-av-pair = ip:sub-qos-policy-in=MyPolicy
• cisco-av-pair = ip:sub-qos-policy-out=MyPolicy
• Can also return a Metal policy

• Supported for Local and Flex/Fabric APs
QoS Workflow
• Step 7: Create a policy tag (attach your policy to one or more WLANs)
QoS Workflow - Applying Tags to APs
• Step 8: Apply your tags to APs. Go to Wireless Setup > Advanced and click start
Now. Then click on Tag APs and select multiple APs and desired tags
C9800 QOS example
• Configure QoS Bidirectional Rate Limiting (BDRL) on Catalyst 9800 Wireless
Controllers with AAA override. Both Local and Flex mode are supported:
• Step by step configuration of

QoS Bi-Directional Rate Limiting
(BDRL) policy with AAA override
• Please go to: http://cs.co/BDRL-
QoS-example
Catalyst 9800 QoS
General restrictions:
• SSID and client targets can be configured only with marking and
policing policies
• One policy per target per direction is supported
• Class maps in a policy map can have different types of filters. However,
only one set action per class is supported.
AP side restrictions:
• For FlexConnect local switching and Fabric, the QoS policies are
applied at the AP and “police” actions are only enforced at a per flow
(5-tuple) level (e.g., rate limiting is per flow)
Design and Best
Practices
Metal QoS
Catalyst 9800 QoS – Metal QoS
• There are four QoS profiles: Platinum, Gold, Silver and Bronze
• The main purpose of the QoS profile is to limit the maximum DSCP allowed on a
wireless network and thus limit the 802.11 UP value
• Example with Bronze profile: max DSCP allowed = 8 <> UP = 1
8
1 34
CAPWAP Encapsulated
Downstream
DSCP Payload DSCP
UP 802.11 DSCP Payload 802.3 DSCP Payload
AC_BK
CAPWAP
Access
Network
Wi-Fi DiffServ domain
• AP changes the outer CAPWAP header. The inner DSCP is remarked at the C9800
• This is different from AireOS where the inner packet is untouched
• Metal QoS in C9800 is a ceiling value + DSCP remarking Policy
8
34 8
CAPWAP Encapsulated
DSCP Payload DSCP
UP 802.11 DSCP Payload 802.3 DSCP Payload
Upstream
CAPWAP
Access
Network
FlexConnect and Fabric
• For Flex local switching and Fabric mode the Metal Policies are applied at the AP
• Downstream: the AP remarks the DSCP value according to the Metal policy and maps
it to UP value. DSCP is taken from received packet or the VXLAN header (SDA)
1 8 34
Downstream
AC_BK
Access
Network
FlexConnect and Fabric
• For Flex local switching and Fabric mode the Metal Policies are applied at the AP
• Upstream: the AP remarks the received client DSCP value according to the Metal
policy. Additionally, in SDA AP marks also the DSCP of the VXLAN header (SDA)
34 8

Upstream
Access
Network
Catalyst 9800 – Metal QoS Profiles
• QoS Metal Profiles in C9800:
• The inner DSCP value may also be re-written
• For C9800 you can apply Metal QOS on Egress and
Ingress direction separately
• On the GUI, you can only set the Metal QoS per SSID.
On CLI you can also configure it on client target
• For each profile, there is a max DCSP setting that will be
used to remark traffic:
Qos Profile Max DSCP
Bronze 8
Silver 0
Gold 34
Platinum 46
Catalyst 9800 – Metal QoS Profiles
• C9800 QoS Metal Profiles are not configurable
• AireOS allows setting the maximum for non-WMM traffic (frames without an 11e UP value).
• In 9800 the non-matching traffic goes in the default class
• Per-user and SSID bandwidth contract are configurable via QoS policies and not directly on the Metal QoS
00
98
t in
ren
ffe
Di
DSCP-to-UP Mapping & DSCP Trust
• On C9800 the default Trust is based on DSCP for both upstream and downstream
• AireOS supports trusting the UP value and configure the UP to DSCP mapping. This
is not available in C9800 and the mapping is static as per QoS RFC 8325
Note: in 17.3 there is a DSCP to

UP settings. This mapping only
applies to WLAN configured for
hotspot2.0 feature.
0
980
in
ent
r
ffe
Di
Catalyst 9800 Auto QoS
Catalyst 9800 Auto QoS
• Auto QoS is a set of predefined policies that
apply to different QoS targets (SSID, port, etc)
• C9800 supports the following auto QoS profiles:
• Voice
• Guest
• Enterprise
• Fastlane
• The Auto QoS profiles are set under the Policy

Profile
Catalyst 9800 Auto QoS Configuration
Mode BSSID Ingress BSSID Egress Port Egress Radio
AutoQos-4.0-
Voice platinum-up platinum wlan-Port-Output- ACM on
Policy
AutoQos-4.0- AutoQoS-4.0- Auto-QoS-4.0-

Guest wlan-GT-SSID- wlan-GT-SSID- wlan-Port-Output- N/A
Input-Policy Output-Policy Policy
AutoQos-4.0-
Fastlane N/A N/A wlan-Port-Output- Fastlane EDCA
Policy
AutoQoS-4.0- AutoQoS-4.0- Auto-QoS-4.0-

Enterprise wlan-ET-SSID- wlan-ET-SSID- wlan-Port-Output- N/A
Input-AVC-Policy Output-Policy Policy
Application Visibility &
Control (AVC)
Application Visibility & Control (AVC)
• Central switching: AVC policy is applied at the WLC for downstream and upstream
• AVC can be applied in a specific direction (upstream or downstream or both)
• The “C” in AVC may modify the inner DSCP value, thus influencing the CAPWAP
DSCP and wireless UP values; it can also drop or rate limit traffic
CAPWAP
Access
Network
Local mode or FlexConnect Central switching
Application Visibility & Control (AVC)
• Local switching: AVC policy is applied at the AP for downstream and upstream
• AVC can be applied in a specific direction (upstream or downstream or both)
• The “C” in AVC may modify the inner DSCP value, thus influencing the CAPWAP
DSCP and wireless UP values; it can also drop or rate limit traffic
Access
Network (SDA)
FlexConnect local switching or Fabric
Custom AVC (cool new feature!)
• New custom apps and attributes can be defined by the user
Custom IP, Port, DSCP Custom HTTP Host and URL
Example:
C9800(config)#ip nbar custom my_app transport udp C9800(config)#ip nbar custom my_http http url “latest/whatsnew.html”
C9800(config-custom)# ip address 9.9.71.50 9.9.71.11 9.9.71.14
C9800(config)#ip nbar custom my_http http host “www.anydomain.com”
C9800(config-custom)# port 1111
C9800(config)#ip nbar custom my_http http url “latest/whatsnew” host “www.anydomain.com”
C9800(config-custom)# dscp 0
C9800(config-custom)# direction any The URL or host specification strings can take the form of a regular expressions
Best Practices
Best Practices
• It’s a good practise to tune EDCA parameters to
optimize your RF environment. Remember that EDCA
is set for the whole 5Ghz or 2.4 GHz network
• For SSID with voice traffic, the recommended settings:

• Client QoS policy = Platinum
• auto-qos profile = “Fastlane”
BSSID BSSID
Mode Port Egress Radio
Ingress Egress
AutoQos-4.0-wlan-
Fastlane N/A N/A Fastlane EDCA
Port-Output-Policy
Best Practice
• Trust DCSP > by default on 17.4.1 and higher. For previous releases turn it on under
Join Profile:
• Metal QoS policies were designed for SSID with one type of traffic (e.g., voice or
video); Leverage the flexibility of IOS-XE and MQC to create your QOS Policy using
AVC/NBAR, policy maps, Auto QoS, etc.
• Understand the differences with AireOS implementation (e.g., Metal QoS)
Key takeaways
Your network QoS is as strong as your weakest link:
Access Enterprise Network

Network
A lot can be done to improve the “wireless” link

Catalyst 9800 gives you a lot of tools for QoS
It’s not that complicated, right? J
Thank you
#CiscoLive
#CiscoLive
Additional
material
Catalyst 9800 QoS – FlexConnect
The following features are not supported for FlexConnect local switching:
• Policy stats on Wave 2 11ac and 11ax APs
• SIP Snooping /CAC
• AVC custom attributes
Note: Same limitations would apply to Fabric mode as well as the data
plane is at the AP
Verifying the QoS settings
• The main command is:
sh policy-map interface wireless ssid/client profile-name <WLAN> radio type <2.4/5GHz> ap
name <name> input/output
• To verify the client policy
show wireless client mac <> service-policy input/output
• To verify the EDCA parameters:

sh controllers dot11Radio (0 or1) | begin EDCA
Catalyst 9800
Auto QoS sample
Configuration
Catalyst 9800 Auto QoS – explained
• Voice: sets the recommended QoS policy to correctly mark and prioritize voice at
the SSSI level and enables CAC.
• Guest: sets the recommended QoS policy at SSID level to mark to Best Effort
• Enterprise: sets the recommended QoS policy at SSID level to mark VoIP Data, and
Signaling, Multimedia, Transaction, Bulk-Data and scavenger traffic
• Fastlane: sets the specific EDCA parameters
• All profiles: queuing is configured on the uplink port, egress direction, to prioritize
voice (DSCP = 46) and CAPWAP traffic
• Once Auto-QoS profile is applied on the policy Profile, you can view the policies via
the “show policy map” command and show the configuration via “show run”
Auto QoS – Enterprise profile configuration
Ingress Policy
Class-map definitions
class-map match-any AutoQos-4.0-wlan-Voip-Data-Class class-map match-any AutoQos-4.0-wlan-Scavanger-Class
match dscp ef match protocol netflix
class-map match-any AutoQos-4.0-wlan-Voip-Signal-Class match protocol youtube
match protocol skinny match protocol skype
match protocol cisco-jabber-control match protocol bittorrent
match protocol sip
match protocol sip-tls Policy-map definition
class-map match-any AutoQos-4.0-wlan-Multimedia-Conf-Class
match protocol cisco-phone-video policy-map AutoQos-4.0-wlan-ET-SSID-Input-AVC-Policy
match protocol cisco-jabber-video class AutoQos-4.0-wlan-Voip-Data-Class
match protocol ms-lync-video set dscp ef
match protocol webex-media class AutoQos-4.0-wlan-Voip-Signal-Class
class-map match-any AutoQos-4.0-wlan-Transaction-Class set dscp cs3
match protocol cisco-jabber-im class AutoQos-4.0-wlan-Multimedia-Conf-Class
match protocol ms-office-web-apps set dscp af41
match protocol salesforce class AutoQos-4.0-wlan-Transaction-Class
match protocol sap set dscp af21
class-map match-any AutoQos-4.0-wlan-Bulk-Data-Class class AutoQos-4.0-wlan-Bulk-Data-Class
match protocol ftp set dscp af11
match protocol ftp-data class AutoQos-4.0-wlan-Scavanger-Class
match protocol ftps-data set dscp cs1
match protocol cifs class class-default
set dscp default
#CiscoLive © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 72
Egress Policy
Class-map definitions Policy-map definition

class-map match-any AutoQos-4.0-RT1-Class policy-map AutoQos-4.0-wlan-ET-SSID-Output-Policy
match dscp ef class AutoQos-4.0-RT1-Class
match dscp cs6 set dscp ef
class-map match-any AutoQos-4.0-RT2-Class class AutoQos-4.0-RT2-Class
match dscp cs4 set dscp af31
match dscp cs3 class class-default
match dscp af41
Wireless Policy
Wireless policy profile definition

wireless profile policy default-policy-profile
autoqos mode enterprise-avc
description "default policy profile"
service-policy input AutoQos-4.0-wlan-ET-SSID-Input-AVC-Policy
Ingress and egress service-policies applied to
service-policy output AutoQos-4.0-wlan-ET-SSID-Output-Policy the wireless default-policy-profile.
no shutdown
Egress port-level queueing policy
ACL definition Class-map definitions

ip access-list extended AutoQos-4.0-Output-Acl-CAPWAP-C class-map match-any AutoQos-4.0-Output-CAPWAP-C-Class
10 permit udp any eq 5246 16666 any match access-group name AutoQos-4.0-Output-Acl-CAPWAP-C
class-map match-any AutoQos-4.0-Output-Voice-Class
match dscp ef
Interface definition
Policy-map definition
interface TenGigabitEthernet0/0/0
service-policy output AutoQos-4.0-wlan-Port-Output-Policy policy-map AutoQos-4.0-wlan-Port-Output-Policy
class AutoQos-4.0-Output-CAPWAP-C-Class
priority level 1
class AutoQos-4.0-Output-Voice-Class
priority level 2
class class-default
Wireless Ingress & Egress Policy
Ingress policy-map definition

policy-map AutoQos-4.0-wlan-GT-SSID-Input-Policy
class class-default
set dscp default
Wireless policy profile definition
wireless profile policy default-policy-profile
autoqos mode guest
All traffic set to best effort description "default policy profile"
service-policy input AutoQos-4.0-wlan-GT-SSID-Input-Policy
service-policy output AutoQos-4.0-wlan-GT-SSID-Output-Policy
no shutdown
Egress policy-map definition
policy-map AutoQos-4.0-wlan-GT-SSID-Output-Policy
class class-default
set dscp default
Ingress and egress service-policies applied to
the wireless default-policy-profile.

BRKEWN-2009 Qos

Uploaded by

Copyright:

Available Formats

BRKEWN-2009 Qos

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BRKEWN-2009 Qos

Uploaded by

Copyright:

Available Formats

#CiscoLive

Demystifying Wireless QoS

Simone Arena, Principal TME

Access Enterprise Network

Shift from full-duplex to half-duplex media

(*) CSMA/CA : Carrier Sense Multiple Access / Collision Avoidance

Listen & Wait Listen & Wait

Listen & Wait

Who gets the higher Transmission Priority?

3. They all get equal access

• Continual improvements, including 802.11-2016 and 802.11-

Background Best Effort Video Voice

• End-to-end QoS architecture, defined in RFC2474 and RFC2475

Differentiated Service Code Point Traffic Classes:

Assured Forwarding (AF) — different classes

Default Forwarding (DF) — typically best-effort traffic

• Still some client may mark UP

Signaling CS5 40 5 AC_VI

Multimedia Conferencing AF41,AF42, AF43 34, 36, 38 4 AC_VI

Real-Time Interactive CS4 32 5 AC_VI

Multimedia Streaming AF31, AF32, AF33 26, 28, 30 4 AC_VI

Broadcast Video CS3 24 4 AC_VI

Low-Latency Data AF21, AF22, AF23 18, 20, 22 3 AC_BE

OAM CS2 16 0 AC_BE

High-Throughput Data AF11, AF12, AF13 10, 12, 14 2 AC_BK

• In IOS-XE, MQC is used to implement the Class-map definition

• Class-map: to classify traffic Policy-map definition

UP DSCP Payload CAPWAP Encapsulated CAPWAP Encapsulated

UP DSCP Payload 802.1q DSCP Payload

IP VXLAN Encapsulated VXLAN Encapsulated

Fabric Edge Fabric Border

Fabric Edge Fabric Border

IP VXLAN Encapsulated VXLAN Encapsulated

You can also choose User

• Class Default will match all the

As this is considered at AP:

§ Egress: from AP to Client >

§ Ingress: from client to AP >

• Can also return a Metal policy

• Step by step configuration of

Wi-Fi DiffServ domain

Wi-Fi DiffServ domain

Wi-Fi DiffServ domain

UP DSCP Payload 802.3 DSCP Payload

Wi-Fi DiffServ domain

Note: in 17.3 there is a DSCP to

• The Auto QoS profiles are set under the Policy

AutoQos-4.0- AutoQoS-4.0- Auto-QoS-4.0-

AutoQoS-4.0- AutoQoS-4.0- Auto-QoS-4.0-

Local mode or FlexConnect Central switching

FlexConnect local switching or Fabric

• For SSID with voice traffic, the recommended settings:

Access Enterprise Network

A lot can be done to improve the “wireless” link

It’s not that complicated, right? J

• To verify the EDCA parameters:

Class-map definitions Policy-map definition

Wireless policy profile definition

ACL definition Class-map definitions