In this series of posts, I’ve covered the QoS strategy and the creation of policies used at the system level as well as FEX HIF and trunk ports. There are still policies which need to be defined and applied to access and routed (L3) interfaces – this post will cover creation of these. I’ve decided to keep all the information together instead of breaking it up which makes for a lot of reading, so it’s probably a good time to grab some refreshments before continuing this journey…
Thinking more about the types of traffic that will be in the datacenter, the follow guidelines apply:
- Traffic coming in via L3 links from the campus core to the datacenter will have already been marked at ingress. The only incoming traffic from the campus which may need different treatment will be voice, which will be marked DSCP 46 (EF). Everything else will be treated as best-effort. A policy will be created for these uplinks.
- Traffic between devices connected to the Nexus front-panel ports and between the Nexus switches themselves will use the same policies. Per our strategy, almost everything will be treated as best-effort except for Voice, iSCSI, and vMotion. However, there are some types of traffic which may be destined for networks outside the datacenter networks and which will be marked for upstream QoS. Most of these additional markings will be for OAM (Ops/Admin/Management) traffic, but there are a couple other traffic classes being marked as well.
In the past, I’ve created ACLs which match all traffic for a particular class. While this approach has worked as expected, I’ve recently begun giving more thought to simplifying configuration readability. If some small changes result in faster comprehension of the device configuration for other members of the network team, I believe that it’s worth a few more lines. As a result, I’ll create multiple smaller ACLs for traffic classification. Of course, this may all change after the next config review process…
Without further ado, let’s create some ACLs for the class-maps: