From f3ee4f1670ae8ed886566dda0e7a76c2b571d775 Mon Sep 17 00:00:00 2001 From: ptimmons Date: Tue, 19 May 2020 14:04:51 -0400 Subject: [PATCH 1/4] DOCS-91 Initial draft #time 6h --- docs/bcp_att_avpn_configuration.md | 375 +++++++++++++++++++++++++++++ 1 file changed, 375 insertions(+) create mode 100644 docs/bcp_att_avpn_configuration.md diff --git a/docs/bcp_att_avpn_configuration.md b/docs/bcp_att_avpn_configuration.md new file mode 100644 index 0000000000..3f79562756 --- /dev/null +++ b/docs/bcp_att_avpn_configuration.md @@ -0,0 +1,375 @@ +# AT&T AVPN Configuration + +This guide is for network engineers and architects using their 128T Session Smart router to connect to AT&T’s MPLS VPN (AVPN) service. It will cover: +- Service class definitions for the various COS queues on the AT&T MPLS network +- Strategies for mapping `service` configuration to the COS queues using `service-policy` elements +- Guidelines for setting your `traffic-engineering` properties, to match the circuit profile of your AT&T MPLS link + +This document is intended to be a companion guide to the *AT&T Network-Based Class of Service Customer Router Configuration Guide*. At the time of this writing, the latest version is Release 4.0, December 2016. + +## AT&T Service Classes + +The AT&T AVPN MPLS network uses six distinct classes of service for carrying customer traffic, as well as a seventh “control” queue for communication between the CE and PE router. This section describes each of the classes of service and provides 128T configuration fragments to illustrate how to configure your 128T Session Smart router to interact with the AVPN network. + +:::note +This document assumes the use of a 6COS circuit profile. The 4COS circuit does not use the COS2V nor COS5 classes of service. Otherwise, the recommendations made in this document apply. +::: + +:::caution +In each of the `service-class` configuration excerpts below, you will see it has been assigned a `traffic-class`. The 128T Session Smart router has four traffic classes, in order of priority: high, medium, low, best-effort. This is different from other network equipment, which may order the priorities as high, medium, best-effort, low. +::: + +All of the `service-class` elements in this section are provided as an appendix to this document, to facilitate their import (or copy/paste) into your existing 128T configuration. + +### COS1: Real-time + +The COS1 class is treated differently than the other classes on AVPN; any packets received that are marked as COS1 exceed the configured bandwidth, they are explicitly dropped ("hard policed"). Packets are identified as COS1 through the use of the "EF" DSCP marking (decimal 46). + +COS1 is typically reserved for Voice over IP (VoIP) traffic. + +Configuration: + +``` +admin@AAPCDCVACON0A.AAPCONPOD0# show config run auth service-class ATT-COS1 + +config + + authority + + service-class ATT-COS1 + name ATT-COS1 + description "Real-time applications (EF)" + dscp 46 + traffic-class high + exit + exit +exit +``` + +### COS2V: Delay-sensitive applications + +The COS2V queue, identified through the use of the DSCP value AF41 (decimal 34), is typically reserved for video conferencing traffic. + +#### Configuration + +``` +admin@AAPCDCVACON0A.AAPCONPOD0# show config run auth service-class ATT-COS2V + +config + + authority + + service-class ATT-COS2V + name ATT-COS2V + description "Delay-sensitive applications (AF41)" + dscp 34 + traffic-class medium + exit + exit +exit +``` + +### COS2: Time-critical applications + +The COS2 queue, identified through the use of DSCP AF31 (decimal 26), is to be used for time-sensitive, mission-critical, low bandwidth applications. This is the recommended class VoIP signaling (e.g., SIP, H.323, SCCP), as it is low-bandwidth (typically a small number of kilobits per second) but extremely time-sensitive. + +#### Configuration + +``` +admin@AAPCDCVACON0A.AAPCONPOD0# show config run auth service-class ATT-COS2 + +config + + authority + + service-class ATT-COS2 + name ATT-COS2 + description "Time-sensitive mission-critical low-bandwidth applications (AF31)" + dscp 26 + traffic-class medium + exit + exit +exit +``` + +### COS3: Time-sensitive applications + +This class of service should include all mission-critical applications that are *interactive* in nature; that is, they correspond to applications that are transactional in nature. In enterprises this may be a CRM system, an ERP system, or other important client/server applications. + +COS3 is distinguishable by its DSCP value of AF21 (decimal 18). + +#### Configuration + +``` +admin@AAPCDCVACON0A.AAPCONPOD0# show config run auth service-class ATT-COS3 + +config + + authority + + service-class ATT-COS3 + name ATT-COS3 + description "Time-sensitive mission-critical applications (AF21)" + dscp 18 + traffic-class low + exit + exit +exit +``` + +### COS4: Best Effort + +The "best effort" class is the one that should be used by the majority of network traffic. + +There is no DSCP value associated with best effort traffic (decimal 0). + +#### Configuration + +``` +admin@AAPCDCVACON0A.AAPCONPOD0# show config run auth service-class ATT-COS4 + +config + + authority + + service-class ATT-COS4 + name ATT-COS4 + description "Best effort (default)" + dscp 0 + traffic-class best-effort + exit + exit +exit +``` + +### COS5: Scavenger + +The last class of service for customer traffic is COS5, or scavenger. This is for all non business-oriented traffic. This typically gets the lowest allocation when assigning traffic engineering percentages, and thus will experience congestion first. + +Scavenger traffic is identified as COS5 through the use of the AF11 DSCP value (decimal 10). + +#### Configuration + +``` +admin@AAPCDCVACON0A.AAPCONPOD0# show config run auth service-class ATT-COS5 + +config + + authority + + service-class ATT-COS5 + name ATT-COS5 + description "Scavenger (AF11)" + dscp 10 + traffic-class best-effort + exit + exit +exit +``` + +### Control Queue + +The control queue is used for communicating between the CE and PE router, and should typically be limited to BGP and BFD only. This is an extremely low bandwidth queue. + +:::warning +In many deployments the 128T does not BGP peer with the PE router, and in no deployments will the 128T send BFD to the PE router. Do not mark BFD or BGP with DSCP CS6/decimal 48. This is only presented for completeness, or when BGP peering with the PE router. +::: + +#### Configuration + +``` +admin@AAPCDCVACON0A.AAPCONPOD0# show config run auth service-class ATT-control + +config + + authority + + service-class ATT-control + name ATT-control + description "Control traffic only (CS6)" + dscp 48 + traffic-class high + exit + exit +exit +``` + +## Service Policies + +The 128T will use `service-policy` to indicate which sessions need to get marked and treated with the `session-type` configurations. Each `service` should have a corresponding `service-policy`, to ensure that the markings are applied and the correct `traffic-class` is used for traffic engineering. + +The base class `service-policy` configurations presented here are derived from the [BCP on Service Policy](bcp_service-policy_defaults). + +| Base `service-policy` | AVPN `service-class` | +| --- | :-: | +| `voip-audio` | ATT-COS1 | +| `voip-video` | ATT-COS2V | +| `video-streaming` | ATT-COS2V | +| `voip-signaling` | ATT-COS2 | +| `data-mission-critical` | ATT-COS2 | +| `remote-desktop` | ATT-COS2 | +| `management-interactive` | ATT-COS3 | +| `management-m2m` | ATT-COS3 | +| `data-interactive` | ATT-COS3 | +| `data-best-effort` | ATT-COS4 | +| `data-scavenger` | ATT-COS5 | +| `video-streaming-scavenger` | ATT-COS5 | + +## Traffic Engineering Strategies + +The 128T router uses four traffic engineering queues for prioritizing egress traffic during times of congestion or link contention. The general practice of mapping the `traffic-class` assignments (high, medium, low, best-effort) into the various 6COS queues is shown below. + +```mermaid +graph LR +voip-audio --> ATT-COS1 +id1(BFD, BGP) -.-> ATT-control +voip-video --> ATT-COS2V +voip-streaming --> ATT-COS2V +voip-signaling --> ATT-COS2 +data-mission-critical --> ATT-COS2 +remote-desktop --> ATT-COS2 +management-interactive --> ATT-COS3 +management-m2m --> ATT-COS3 +data-interactive --> ATT-COS3 +data-best-effort --> ATT-COS4 +data-scavenger --> ATT-COS5 +video-streaming-scavenger --> ATT-COS5 +subgraph best-effort +ATT-COS5 +end +subgraph low +ATT-COS4 +end +subgraph medium +ATT-COS2V +ATT-COS2 +ATT-COS3 +end +subgraph high +ATT-COS1 +ATT-control +end +``` + +Each AT&T AVPN circuit has a *profile* associated with it (referred to as a "COS Package"), that maps to bandwidth allocations for the various COS queues. These in turn need to be mapped to the four egress traffic engineering queues on the 128T. The COS Package from AT&T is expressed as a set of six numbers (corresponding to the queues), where the first number is the percentage of the circuit bandwidth allocated for COS1, and the remaining five numbers (which sum to 100%) represent the amount of *bandwidth remaining* from the bandwidth not used by COS1. + +:::warning +Math involved. +::: + +### Sizing the Traffic Engineering Policy + +| Traffic Class | Value | +| :-----------: | -------------------------------- | +| high | COS1 percentage from COS Profile | +| medium | (sum of COS2V + COS2 + COS3) * (100% - COS1 bandwidth) | +| low | COS4 * (100% - COS1 bandwidth) | +| best-effort | COS5 * (100% - COS1 bandwidth) | + +Example (simple COS profile for a 6COS model): + +| COS1 | COS2V | COS2 | COS3 | COS4 | COS5 | +| :--: | :---: | :--: | :--: | :--: | :--: | +| 5% | 20% | 20% | 20% | 20% | 20% | + +In this case, the `high` percentage is `5`. The `medium` class gets 60% (20% + 20% + 20%) of the remaining 95%, which is `57`. The `low` class gets 20% of the remaining 95%, which is `19`. And `best-effort` also gets 20%, which is `19`. + +The `traffic-profile` would therefore look like this: + + ``` +*admin@labsystem1.fiedler# show config candidate authority traffic-profile 6COS-simple + +config + + authority + + traffic-profile 6COS-simple + name 6COS-simple + + high + distribution 5 + exit + + medium + distribution 57 + exit + + low + distribution 19 + exit + + best-effort + distribution 19 + exit + exit + exit +exit + ``` + +This `traffic-profile` is applied to a `device-interface`: + +``` +*admin@labsystem1.fiedler# show config candidate authority router newton node labsystem2 device eno4 traffic-engineering + +config + + authority + + router newton + name newton + + node labsystem2 + name labsystem2 + + device-interface eno4 + name eno4 + + traffic-engineering + transmit-cap 100000000 + traffic-profile 6COS-simple + exit + exit + exit + exit + exit +exit +``` + +## Appendix: Service Class Configuration + +The following configuration output is presented here to facilitate copy/paste into your 128T conductor. + +:::note +Because the `dscp` value is a key field for the `service-class` object, no two `service-class` configurations can share the same value. This will likely require you to delete existing `service-class` configuration, as the 128T ships with *factory default* `service-class` elements that will conflict with the ones presented below. +::: + +``` +config authority service-class ATT-COS1 name ATT-COS1 +config authority service-class ATT-COS1 description "Real-time applications (EF)" +config authority service-class ATT-COS1 dscp 46 +config authority service-class ATT-COS1 traffic-class high +config authority service-class ATT-COS2V name ATT-COS2V +config authority service-class ATT-COS2V description "Delay-sensitive applications (AF41)" +config authority service-class ATT-COS2V dscp 34 +config authority service-class ATT-COS2V traffic-class medium +config authority service-class ATT-COS2 name ATT-COS2 +config authority service-class ATT-COS2 description "Time-sensitive mission-critical low-bandwidth applications (AF31)" +config authority service-class ATT-COS2 dscp 26 +config authority service-class ATT-COS2 traffic-class medium +config authority service-class ATT-COS3 name ATT-COS3 +config authority service-class ATT-COS3 description "Time-sensitive mission-critical applications (AF21)" +config authority service-class ATT-COS3 dscp 18 +config authority service-class ATT-COS3 traffic-class low +config authority service-class ATT-COS4 name ATT-COS4 +config authority service-class ATT-COS4 description "Best effort (default)" +config authority service-class ATT-COS4 dscp 0 +config authority service-class ATT-COS4 traffic-class best-effort +config authority service-class ATT-COS5 name ATT-COS5 +config authority service-class ATT-COS5 description "Scavenger (AF11)" +config authority service-class ATT-COS5 dscp 10 +config authority service-class ATT-COS5 traffic-class best-effort +config authority service-class ATT-control name ATT-control +config authority service-class ATT-control description "Control traffic only (CS6)" +config authority service-class ATT-control dscp 48 +config authority service-class ATT-control traffic-class high +``` \ No newline at end of file From c7e0fb7eaa818eed3b63b25514643579121e6daf Mon Sep 17 00:00:00 2001 From: ptimmons Date: Tue, 19 May 2020 18:05:30 -0400 Subject: [PATCH 2/4] DOCS-91 Addressed review comments #time 10m --- docs/bcp_att_avpn_configuration.md | 73 +++++++++++++++++------------- 1 file changed, 42 insertions(+), 31 deletions(-) diff --git a/docs/bcp_att_avpn_configuration.md b/docs/bcp_att_avpn_configuration.md index 3f79562756..58ab1be0fe 100644 --- a/docs/bcp_att_avpn_configuration.md +++ b/docs/bcp_att_avpn_configuration.md @@ -1,10 +1,17 @@ -# AT&T AVPN Configuration +--- +title: AT&T AVPN Configuration +sidebar_label: AT&T AVPN Configuration +--- This guide is for network engineers and architects using their 128T Session Smart router to connect to AT&T’s MPLS VPN (AVPN) service. It will cover: - Service class definitions for the various COS queues on the AT&T MPLS network - Strategies for mapping `service` configuration to the COS queues using `service-policy` elements - Guidelines for setting your `traffic-engineering` properties, to match the circuit profile of your AT&T MPLS link +:::note +While the techniques described here apply to any MPLS connection, they will be most valuable when engineering branch office (i.e., smaller) MPLS links, due to the higher likelihood of congestion. +::: + This document is intended to be a companion guide to the *AT&T Network-Based Class of Service Customer Router Configuration Guide*. At the time of this writing, the latest version is Release 4.0, December 2016. ## AT&T Service Classes @@ -111,7 +118,7 @@ config name ATT-COS3 description "Time-sensitive mission-critical applications (AF21)" dscp 18 - traffic-class low + traffic-class medium exit exit exit @@ -221,34 +228,34 @@ The 128T router uses four traffic engineering queues for prioritizing egress tra ```mermaid graph LR -voip-audio --> ATT-COS1 -id1(BFD, BGP) -.-> ATT-control -voip-video --> ATT-COS2V -voip-streaming --> ATT-COS2V -voip-signaling --> ATT-COS2 -data-mission-critical --> ATT-COS2 -remote-desktop --> ATT-COS2 -management-interactive --> ATT-COS3 -management-m2m --> ATT-COS3 -data-interactive --> ATT-COS3 -data-best-effort --> ATT-COS4 -data-scavenger --> ATT-COS5 -video-streaming-scavenger --> ATT-COS5 -subgraph best-effort -ATT-COS5 -end -subgraph low -ATT-COS4 -end -subgraph medium -ATT-COS2V -ATT-COS2 -ATT-COS3 -end -subgraph high -ATT-COS1 -ATT-control -end + voip-audio --> ATT-COS1 + id1(BFD, BGP) -.-> ATT-control + voip-video --> ATT-COS2V + voip-streaming --> ATT-COS2V + voip-signaling --> ATT-COS2 + data-mission-critical --> ATT-COS2 + remote-desktop --> ATT-COS2 + management-interactive --> ATT-COS3 + management-m2m --> ATT-COS3 + data-interactive --> ATT-COS3 + data-best-effort --> ATT-COS4 + data-scavenger --> ATT-COS5 + video-streaming-scavenger --> ATT-COS5 + subgraph best-effort + ATT-COS5 + end + subgraph low + ATT-COS4 + end + subgraph medium + ATT-COS2V + ATT-COS2 + ATT-COS3 + end + subgraph high + ATT-COS1 + ATT-control + end ``` Each AT&T AVPN circuit has a *profile* associated with it (referred to as a "COS Package"), that maps to bandwidth allocations for the various COS queues. These in turn need to be mapped to the four egress traffic engineering queues on the 128T. The COS Package from AT&T is expressed as a set of six numbers (corresponding to the queues), where the first number is the percentage of the circuit bandwidth allocated for COS1, and the remaining five numbers (which sum to 100%) represent the amount of *bandwidth remaining* from the bandwidth not used by COS1. @@ -274,6 +281,10 @@ Example (simple COS profile for a 6COS model): In this case, the `high` percentage is `5`. The `medium` class gets 60% (20% + 20% + 20%) of the remaining 95%, which is `57`. The `low` class gets 20% of the remaining 95%, which is `19`. And `best-effort` also gets 20%, which is `19`. +:::note +These values are merely starting points that should line up to the COS Profile of the AT&T AVPN circuit. Further tuning is left to the discretion of the network engineer. +::: + The `traffic-profile` would therefore look like this: ``` @@ -359,7 +370,7 @@ config authority service-class ATT-COS2 traffic-class medium config authority service-class ATT-COS3 name ATT-COS3 config authority service-class ATT-COS3 description "Time-sensitive mission-critical applications (AF21)" config authority service-class ATT-COS3 dscp 18 -config authority service-class ATT-COS3 traffic-class low +config authority service-class ATT-COS3 traffic-class medium config authority service-class ATT-COS4 name ATT-COS4 config authority service-class ATT-COS4 description "Best effort (default)" config authority service-class ATT-COS4 dscp 0 From 943a3c0532d5843a341b182756bb840c4fbd7245 Mon Sep 17 00:00:00 2001 From: Michael Baj Date: Tue, 19 May 2020 19:48:24 -0400 Subject: [PATCH 3/4] Corrected Mermaid traffic engineering strategy diagram Added BCP document to sidebars.js so that it appears in the nav --- docs/bcp_att_avpn_configuration.md | 65 ++++++++++++++++-------------- sidebars.js | 1 + 2 files changed, 35 insertions(+), 31 deletions(-) diff --git a/docs/bcp_att_avpn_configuration.md b/docs/bcp_att_avpn_configuration.md index 58ab1be0fe..642f5b49dc 100644 --- a/docs/bcp_att_avpn_configuration.md +++ b/docs/bcp_att_avpn_configuration.md @@ -3,6 +3,8 @@ title: AT&T AVPN Configuration sidebar_label: AT&T AVPN Configuration --- +import Mermaid from '@theme/Mermaid'; + This guide is for network engineers and architects using their 128T Session Smart router to connect to AT&T’s MPLS VPN (AVPN) service. It will cover: - Service class definitions for the various COS queues on the AT&T MPLS network - Strategies for mapping `service` configuration to the COS queues using `service-policy` elements @@ -226,37 +228,38 @@ The base class `service-policy` configurations presented here are derived from t The 128T router uses four traffic engineering queues for prioritizing egress traffic during times of congestion or link contention. The general practice of mapping the `traffic-class` assignments (high, medium, low, best-effort) into the various 6COS queues is shown below. -```mermaid -graph LR - voip-audio --> ATT-COS1 - id1(BFD, BGP) -.-> ATT-control - voip-video --> ATT-COS2V - voip-streaming --> ATT-COS2V - voip-signaling --> ATT-COS2 - data-mission-critical --> ATT-COS2 - remote-desktop --> ATT-COS2 - management-interactive --> ATT-COS3 - management-m2m --> ATT-COS3 - data-interactive --> ATT-COS3 - data-best-effort --> ATT-COS4 - data-scavenger --> ATT-COS5 - video-streaming-scavenger --> ATT-COS5 - subgraph best-effort - ATT-COS5 - end - subgraph low - ATT-COS4 - end - subgraph medium - ATT-COS2V - ATT-COS2 - ATT-COS3 - end - subgraph high - ATT-COS1 - ATT-control - end -``` + + ATT-COS1 + id1(BFD, BGP) -.-> ATT-control + voip-video --> ATT-COS2V + voip-streaming --> ATT-COS2V + voip-signaling --> ATT-COS2 + data-mission-critical --> ATT-COS2 + remote-desktop --> ATT-COS2 + management-interactive --> ATT-COS3 + management-m2m --> ATT-COS3 + data-interactive --> ATT-COS3 + data-best-effort --> ATT-COS4 + data-scavenger --> ATT-COS5 + video-streaming-scavenger --> ATT-COS5 + subgraph best-effort + ATT-COS5 + end + subgraph low + ATT-COS4 + end + subgraph medium + ATT-COS2V + ATT-COS2 + ATT-COS3 + end + subgraph high + ATT-COS1 + ATT-control + end +`}/> Each AT&T AVPN circuit has a *profile* associated with it (referred to as a "COS Package"), that maps to bandwidth allocations for the various COS queues. These in turn need to be mapped to the four egress traffic engineering queues on the 128T. The COS Package from AT&T is expressed as a set of six numbers (corresponding to the queues), where the first number is the percentage of the circuit bandwidth allocated for COS1, and the remaining five numbers (which sum to 100%) represent the amount of *bandwidth remaining* from the bandwidth not used by COS1. diff --git a/sidebars.js b/sidebars.js index e6cadc8817..32f799ce53 100644 --- a/sidebars.js +++ b/sidebars.js @@ -90,6 +90,7 @@ module.exports = { "events_events", ], "Best Practices": [ + "bcp_att_avpn_configuration", "bcp_conductor_deployment", "bcp_lte_peering", "bcp_monitoring_headends", From 3fd7d517d8a7de8a55cac407497cd5b9766b5abc Mon Sep 17 00:00:00 2001 From: Michael Baj Date: Tue, 19 May 2020 19:56:48 -0400 Subject: [PATCH 4/4] Corrected broken internal link --- docs/bcp_att_avpn_configuration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/bcp_att_avpn_configuration.md b/docs/bcp_att_avpn_configuration.md index 642f5b49dc..dd9557c753 100644 --- a/docs/bcp_att_avpn_configuration.md +++ b/docs/bcp_att_avpn_configuration.md @@ -207,7 +207,7 @@ exit The 128T will use `service-policy` to indicate which sessions need to get marked and treated with the `session-type` configurations. Each `service` should have a corresponding `service-policy`, to ensure that the markings are applied and the correct `traffic-class` is used for traffic engineering. -The base class `service-policy` configurations presented here are derived from the [BCP on Service Policy](bcp_service-policy_defaults). +The base class `service-policy` configurations presented here are derived from the [BCP on Service Policy](bcp_service-policy_defaults.md). | Base `service-policy` | AVPN `service-class` | | --- | :-: |