It’s been over a year since the last post detailing my experience with QoS and TCAM utilization on the Nexus 9k. I’ve recently been working on the replacement of HP 6120xg blade switches with Cisco B22HP Fabric Extenders and am revising our QoS policies.
The initial configuration was completed rapidly to support a greenfield deployment at a new corporate headquarters. After a year of production, it’s time to re-evaluate how our traffic is classified, marked, and queued. This has been a great opportunity to review the Cisco Nexus 9000 Series NX-OS Quality of Service Configuration Guide and learn where mistakes were made in the form of unsupported configuration.
First on the list is FEX queuing. I had originally applied policy maps to the FEX HIF ports which performed classification and marking based on ACLs and DSCP values. This is not supported – reviewing the matrix in the FEX QoS Configuration section of the Cisco guide, it’s clear that the FEX supports the following at the system level only:
- Classification of traffic via ‘match cos’
- Setting the qos-group based on the CoS classification
- Input and output queuing (bandwidth, bandwidth remaining, and priority level 1)
Also note the follwing conditions:
- “When configuring end to end queuing from the HIF to the front panel port, the QoS classification policy needs to be applied to both system and HIF. This allows the FEX to queue on ingress appropriately (system) and allows the egress front panel port to queue appropriately (HIF).“
- “For VLAN-tagged packets, priority is assigned based on the 802.1p field in the VLAN tag and takes precedence over the assigned internal priority (qos-group). DSCP or IP access-list classification cannot be performed on VLAN-tagged frames.“
OK, good to know. The policy maps which were performing classification and marking based on … well, anything … were basically doing nothing. Time to get the house in order!