FYI - Cisco Live 2015
advertisement
End-to-End QoS Implementation and
Operation with Cisco Nexus
Rohan Grover
@mountainviewer
Technical Marketing Manager
Session Objectives
•
Provide a refresh of QoS and Queuing Basics
•
Understand the basic hardware architecture for the Nexus Platforms
•
Provide a detailed understanding of QoS on Nexus platforms
•
Examine real-world configuration examples
Session Non-Objectives
•
Data Center QoS Methodology
•
Nexus hardware architecture deep-dive
•
Application Centric Infrastructure (ACI) QOS
Related Sessions
Session Id
Session Name
BRKARC-3470
Cisco Nexus 7000/7700 Switch Architecture
BRKARC-3452
Cisco Nexus 5600 and 6000 Architecture
BRKDCT-1980
Advanced Analytics in Nexus Switches
BRKRST-2509
Mastering Data Center QoS
Agenda
•
Introduction
•
QoS and Queuing Basics
•
QoS Implementation on Nexus
•
Nexus 7000/7700 QoS
•
Nexus 5600/6000 QoS
•
Nexus 2000 QoS
•
Real World Configuration Examples
•
Conclusion
Introduction
Wikipedia.org
Margaret Rouse
Whatis.com
Congestion Happens Everyday!
Why QoS in the Data Center?
Assign
Color to Traffic
Manage
Congestion
Maximize
Throughput
Maximize Throughput and Manage Congestion!
11
Agenda
•
Introduction
•
QoS and Queuing Basics
•
QoS Implementation on Nexus
•
Nexus 7000/7700 QoS
•
Nexus 5600/6000 QoS
•
Nexus 2000 QoS
•
Real World Configuration Examples
•
Conclusion
QoS and Queuing Basics
22nd Anniversary
The QoS Toolset
Classification
Policing
Identify and
Split Traffic
into Different
Classes
Discard
Misbehaving
Traffic to Maintain
Network Integrity
Marking
Queuing &
Scheduling
Mark Traffic
Prioritize,
According to Protect and
Behavior and Isolate Traffic
Business
Based on
Policies
Markings
Shaping
Control
Bursts and
Conform
Traffic
14
Traffic Management Tools
•
Classification
•
•
Marking
•
•
Traffic Categorization
Traffic Re-categorization
Policing
•
Limit misbehaving flows
Classification and Marking – Two sides of a coin
•
Identify traffic
•
DSCP
• CoS
• ACLs
• IP PREC
•
Before:
Uncontrolled Bandwidth
lync
mgmt
Videop2p
VoIP
HTTP
email
App1
vmotion
backup
Remap Traffic
•
Like to Like (i.e CoS to CoS)
• Like to Unlike (i.e DSCP to COS)
•
•
Needs mapping tables
Also called Mutation
VoIP/Lync
After:
Controlled Bandwidth
Email/HTTP
SAP
Backup
Mad Max (1979)
16
Policing – limit misbehaving traffic
•
Single rate Two Color Policer
•
Conform Action (permit)
• Exceed Action (drop)
Tokens
Burst
Limit
• Two rate Three Color Policer
• Conform Action (permit)
• Exceed Action (markdown)
• Violate Action (drop)
Conforming
Traffic
Excess Traffic
Mad Max (1979)
17
Congestion Management Tools
•
Buffering
•
•
Queuing
•
•
Buffering packets according to traffic class
Scheduling
•
•
Storing packets in memory
Order of transmission of buffered packets
Shaping
•
Smooth bursty traffic
Buffering – Why do we need it?
•
Many to One Conversations
•
Client to Server
• Server to Storage
• Aggregation Points
10 GE
•
Speed Mismatch
•
Client to WAN to Server
10 GE
1 GE
1 GE
1 GE
1 GE
19
Scheduling – Who goes first
•
Defines Order of transmission
•
The Priority-Queue always serviced first
•
Normal Queues serviced only after Priority Queue empty
•
Different Scheduling algorithms for normal queues
20
Common Scheduling Algorithms
•
Round Robin (RR)
•
Simple and Easy to implement
• Starvation-free
•
Weighted Round Robin (WRR)
•
Serves n packets per non-empty
queue
• Assumes a mean packet size
• Deficit Weighted Round Robin
– Variable sized packets
– Uses a deficit counter
• Shaped Round Robin
– More even distributed ordering
– Weighted interleaving of flows
4 Class Queuing Model example
Class
CoS
Queues
Priority
5-7
PQ
No-Drop
3, 4
Q2
2
Q1
0, 1
Default-Q
Better than Best-Effort
Best-Effort
Congestion Avoidance Tools
•
Tail Drop (TD)
•
Drop packets at tail of the queue
• Single threshold per queue
•
Weighted Random Early Drop (WRED)
•
One or more thresholds per queue
• Threshold associated with DSCP or COS
Putting it all together!
1
2
Packet is placed in the Egress
Queue according to CoS/DSCP
value.
Priority Queue
always served first
COS
Queue
5, 6, 7
PQ1
3, 4
Q3
2
Q2
0, 1
Q-Default
Egress Port
Normal Queue
Drop Threshold 4
PQ1
Drop Threshold 3
4
Normal Queues have
Threshold and drop
packet accordingly
Drop Threshold 2
data
L3
DSCP [24]
L2
CoS [3]
Q3
Scheduler
DWRR
Q2
Drop Threshold 1
3
Normal Queues
served after PQ is
empty according to
Scheduler
Q-Default
25
Congestion could result in…..
Head
of
Line
Blocking
26
Head of Line Blocking
What is the Problem?
Red Cars
blocked!
No Congestion
27
Head of Line Blocking
Solution – Create Separate Lanes but…
Stadium
Full
Cars turned
back
28
Head of Line Blocking
Stadium
Full
Solution – Have an arbiter
Supermarket
Not Full
29
Head of Line Blocking
What is the Problem?
Ingress Module
Egress Module
buffer
Ingress Module
Ingress Module
Crossbar
Fabric
Egress Module
Egress Module
30
Virtual Output Queues
Avoid Head of Line Blocking
Ingress
VOQ
Ingress Module
Ingress Module
Ingress Module
Egress Module
Crossbar
Fabric
Egress Module
Egress Module
31
Virtual Output Queues
Avoid Head of Line Blocking
Ingress
VOQ
Ingress Module
Egress Module
buffer
Ingress Module
Ingress Module
Crossbar
Fabric
Egress Module
Egress Module
32
Agenda
•
Introduction
•
QoS and Queuing Basics
•
QoS Implementation on Nexus
•
Nexus 7000/7700 QoS
•
Nexus 5600/6000 QoS
•
Nexus 2000 QoS
•
Real World Configuration Examples
•
Conclusion
QoS Implementation on Nexus
Nexus uses Modular QOS CLI (MQC)
3 Block Construct
Class-Map
•
•
•
•
What Traffic do we care about?
DSCP
CoS
IPPREC
ACLs
Policy-Map
What action do I take on these
classes?
•
Policing
•
Marking
•
Scheduling
Service-Policy
Where do I apply this policy?
• System Wide
• Vlan
• Interface (in/out)
• Port-channels
35
New QoS Capabilities
Priority Flow Control (802.1Qbb)
•
Enables Lossless Ethernet using per
COS pause
•
During congestion, no-drop COS is
paused
•
Primarily for FCoE (COS 3)
36
New QoS Capabilities
•
DCBXP (802.1Qaz)
•
LLDP with new TLV Values
• Negotiates capabilities (like PFC) with other
devices
•
ECN (Explicit Congestion Notification)
•
Congestion Notification without dropping
packets
• Uses two LSB bits in DiffServ field in IP header
DiffServ Field Values
0x00 – Non ECN Capable
0x10 – ECN Capable Transport (0)
0x01 – ECN Capable Transport (1)
0x11- Congestion Encountered
37
Network-QoS Policy
•
Should be consistent across all switches in network
•
Supported on F-cards on Nexus 7x00 and Nexus 5x00,6000,9000
•
Applied on the system-qos target in admin (or default) vdc
•
Configures the following
•
Pause Behavior (PFC)
• MTU (per VL)
• Congestion Control (TD or WRED)
Nexus(config)# system qos
Nexus(config-sys-qos)# service-policy type networkqos my_template
38
Three Different Types
Class-map
QoS
•CoS
•DSCP
•PREC
•ACLs
Queuing
•CoS
•DSCP
Network-QoS
•CoS
•Protocol (fcoe)
Policy-map
QoS
•Marking
•Policing
•Mutation
Queuing
•Buffering
•Queuing
•Scheduling
Network-QoS
•Congestion-Control
•Pause / MTU per VL
Service-policy
QoS
•Interfaces
•Vlans
•Port-channel
•System-qos
Queuing
•Interfaces
•Port-channels
•System-qos
Network-QoS
•System-qos
39
To Trust or Not To Trust?
•
Data Centre architecture provides a new
set of trust boundaries
•
Virtual Switch extends the trust
boundary into the Hypervisor
•
Nexus Switches always trust CoS and
DSCP
43
Agenda
•
Introduction
•
QoS and Queuing Basics
•
QoS Implementation on Nexus
•
Nexus 7000/7700 QoS
•
Nexus 5600/6000 QoS
•
Nexus 2000 QoS
•
Real World Configuration Examples
•
Conclusion
Nexus 7000/7700 QoS
Nexus 7000 / 7700 I/O Module Families
M2 10G / 40G / 100G
M1 1G and 10G
F1 10G
F3 40G
F2E 10G
F2 10G
F2E 10G
F3 10G / 40G / 100G
M2 I/O Module Architecture
EOBC
To Fabric Modules
To Central Arbiters
Arbitration
Aggregator
…
Fabric 2 ASIC
LC
CPU
VOQs
VOQs
Forwarding
Engine
Replication
Engine
Forwarding
Engine
VOQs
Replication
Engine
Replication
Engine
Replication
Engine
12 X 10G MAC / LinkSec
1
2
3
4
5
VOQs
6
7
8
9
12 X 10G MAC / LinkSec
10 BRKARC-3470
11 12
13 14 15 16 17 18 19 20 21 22 23 24
Cisco Nexus 7000
/ 7700
Switch Architecture
Front
Panel Ports
47
M2 I/O QoS Packet-Flow (10G)
1
CoS to Queue-Mapping
>Policy Type “queuing”
(Scheduling, Buffering)
3
>Policy Type “qos”
(Mutation, Classification,
Marking, Policing)
5
8
Credit Grant for
Fabric Access
Return Credit
to Pool
Arbiter
9
CoS to Queue-Mapping
>Policy Type “queuing”
(Scheduling, Buffering)
Forwarding
Engine
data
L3
DSCP [24]
L2
CoS [2]
Ingress Module
4
VoQ gets assigned
based on Dest +
CoS value
1 2 3 4 5 6 7 88
Crossbar
Fabric
Egress Module
L3
DSCP [24]
L2
CoS [2]
7 Traffic gets
Received on
Egress VoQ
6 Traffic gets
forwarded over
Fabric
Ingress
data
1 2 3 4 5 6 7 8
8q2t
1 2 33 4
Ingress port-ASIC
VOQ
2
1p3q1t
Default CoS-to-Queue map:
CoS [2] to Default-Q (8)
Ingress VoQ-ASIC
Egress
1p7q4t
11
Egress
FIFO
Egress VoQ-ASIC
10
Egress port-ASIC
Default CoS-to-Queue map:
CoS [2] to Default-Q (8)
48
Nexus 7700 F3 48-Port 1G/10G Module Architecture
To Fabric Modules
EOBC
6 X 110Gbps
FSA
CPU
To Central Arbiters
6 X 110Gbps
Arbitration
Aggregator
…
x6
1G per SOC
Fabric ASIC
LC Inband
Fabric ASIC
55Gbps
55Gbps
to LC
CPU
8 X 10G
SoC 1
1
3
2
8 X 10G
SoC 2
5
4
7
6
9
8
11
10 12
8 X 10G
SoC 3
13 15
14 16
17 19
8 X 10G
SoC 4
21 23
25 27
8 X 10G
SoC 5
29 31
18 20
22 24
26 28
30 32
Front Panel Ports (SFP/SFP+)
33 35
34 36
8 X 10G
SoC 6
37 39
38 40
41 43
45 47
42 44
46 48
LinkSec-capable
F3 SoC Architecture
To Central
Arbiter
To Local
Fabric
From Local
Fabric
Decision Engine
Egress Parser
Virtual
Queuing
Ingress
Buffer
Layer 2 Lookups
Layer 3 Lookups
Classification
Marking / Policing
Egress Buffer
Ingress Parser
Port Logic
F3 SoC
Front Panel Ports
8x10G
2x40G
1x100G
Supervisor Engine
Buffer credit
granted
Credit Central
F2E/F3 QoS Packet Walk
Transmit
to fabric
Request buffer
credit for dest +
priority
Arbiter
Fabric Module 1
Fabric Module 2
Fabric Module 3
Fabric Module 4
Fabric Module 5
Fabric ASIC
Fabric ASIC
Fabric ASIC
Fabric ASIC
Fabric ASIC
Fabric ASIC
Check
VQ drop
thresholds
Return buffer credit
(dest + priority)
Fabric ASIC
Final lookup result:
destination + priority
Req
Decision Engine
PKT
e2/1
Virtual
Queuing
HDR
e1/1
Queue packet
descriptor in VOQ
(dest + priority)
Ingress
Buffer
Payload queued in
port buffer based on
COS / DSCP
CL TCAM
Layer 2 Lookups
Layer 3 Lookups
Classification
Marking / Policing
Ingress
Parser
PKT HDR
Receive
from fabric
CL TCAM contains
QoS classification
rules
All L2 + L3 lookups /
Ingress + egress QoS classification /
Ingress + egress marking and policing
SP
Packet headers
sent to DE
Buffer on egress
based on dest+ priority
Port Logic
Module 1
DWRR
e2/1
Egress Buffer
Port Logic
F2E/F3 SoC
Receive packet
from wire
Credit
Ingress packet
parsing
Schedule
and transmit
on wire
F2E/ F3 SoC
Module 2
PKT HDR
e1/1
e2/1
Ingress Queuing – Logical View
8e Template
8e-4q4q Template
7e Template
6e Template
CoS 5-7
CoS 5-7
CoS 5-7
CoS 5-7
(Q1)
(Q1)
(Q1)
(Q1)
4e Template
CoS 5-7
(Q1)
CoS 0
(Q-Default)
CoS 3-4
CoS 2,4
CoS 0-2
(Q3)
(Q3)
(Q-Default)
CoS 4
(Q3)
CoS 0-4
CoS 2
CoS 0,1
CoS 4
(Q-Default)
(Q4)
(Q-Default)
(Q3)
CoS 0-1
CoS 3
CoS 3
(Q-Default)
(Q4)
(Q4)
High (Pause)
Threshold
CoS 1-3
(Q4)
Low (Resume)
Threshold
60
Egress Queuing – Logical View
PQ2. PQ3 PQ1 Q-Def.
(4)
(3) (5,6,7) (0-2)
PQ1 Q-Def. PQ2 Q3
(5,6,7) (0)
(4) (1,2,3)
DWRR
DWRR
Prio
50%
50%
Q2
Prio
100%
Prio
DWRR
DWRR
PQ2 (H)
Q-Def
33%
Q3
Q-Def
33%
PQ1
Q3
33%
Egress Port
Q2
33%
PQ1
Q-Def
33%
Egress Port
Q3
33%
Prio
DWRR
DWRR
Q2
PQ1
Egress Port
DWRR
Priority
100%
DWRR
Q3
Priority
Egress Port
Priority
PQ2 (L)
DWRR
Q-Def
PQ1 Q3 Q-Def.
(5,6,7) (2,4) (0,1)
PQ1 (H)
Q2
(3)
Egress Port
Q3 Q-Def.
(2) (0,1)
PQ1
PQ1 Q2
(5,6,7) (3,4)
default-4q-4e-out-policy
PQ3 (L)
PQ1 Q2 Q3 Q-Def.
(5,6,7) (3,4) (2) (0,1)
default-4q-6e-out-policy
Q-Def
default-4q-8e-out-policy default-4q4q-8e-out-policy default-4q-7e-out-policy
100%
red indicates no-drop
61
CoS or DSCP to Queue Mapping
•
Default CoS to Queue Mapping for Nexus 7000/7700 (F- and M-Series I/O
Module)
•
Ingress: CoS to Queue
• Egress: CoS to Queue
•
DSCP to Queue Mapping for Nexus 7000/7700 (F- and M-Series I/O Module)
•
Ingress: DSCP to Queue
• Egress: CoS to Queue
•
Global Configuration (Admin/Default VDC) required to enable DSCP to Queue
Mapping:
N7k(config)# hardware qos dscp-to-queue ingress module type {all | f-series | m-series}
64
Changing the Default Trust
routed/bridged
802.1q Trunk
802.1q Trunk /
Access Port
L3
DSCP [24]
L2
CoS [2]
Egress
Queues
CoS
data
CoS
Ingress
Queues
q-n
q-1
q-default
Set CoS 0
(will only set CoS to 0)
data
L3
L3
L2
Set DSCP 0
(will set DSCP + CoS to 0)
data
L3
DSCP [0]
L2
CoS [0]
DSCP
DSCP
[24]
[0]
CoS [0]
Note: CoS is used for egress
queue selection, even if the
egress interface does NOT
carry CoS in the frame
65
Nexus 7000 QoS Golden Rules
•
QoS is enabled by default and cannot be disabled
•
CoS and DSCP are TRUSTED by default
•
Default Queuing and QoS policies are applied to all physical interfaces across
all VDCs
•
For bridged traffic, CoS is preserved, DSCP is unmodified
•
For routed traffic, DSCP is copied to CoS (first 3 bits)
•
Ex: DSCP 40 (b101000) becomes CoS 5 (b101)
Agenda
•
Introduction
•
QoS and Queuing Basics
•
QoS Implementation on Nexus
•
Nexus 7000/7700 QoS
•
Nexus 5600/6000 QoS
•
Nexus 2000 QoS
•
Real World Configuration Examples
•
Conclusion
Nexus 5600/6000 QoS
Cisco Nexus 5600/6000 Overview
High Performance
High Scalability
Feature-Rich
• Line rate L2 and L3
• 1-us port-to-port
latency
• 25-MB buffer per port
ASIC
• 10 GE and true 40 GE
• L2 and L3 features
• Up to 224,000 MAC
• vPC and FabricPath
• Up to 128,000 ARP
• FC and FCOE
• VXLAN Bridging and
Routing
Visibility and Analytics
• Line-rate SPAN
• Sampled NetFlow
• Micro-burst monitoring
• Latency monitoring
71
Ingress Buffering Model
Nexus 5600/6000 compared to Nexus 7000 F-Series I/O Module
Ingress
VOQ buffer
Ingress
VOQ buffer
Egress
VOQ buffer
Egress
VOQ buffer
Ingress Module
Nexus 7000
F-Series
I/O Module
Crossbar
Ingress Module
Egress Module
Fabric
Ingress Module
Ingress VOQ buffer – Manages congestion toward egress destinations
Egress VOQ buffer – Receives frames from fabric; also buffers multi-destination frames
72
Key Concepts – Common Points
Nexus 7000 compared to Nexus 5000/6000 QoS
•
Nexus 5000/6000 & Nexus 7000 F-Series I/O Modules share the Ingress Buffer
Model
•
Ingress buffering and queuing occur at VOQ of each ingress port
•
Egress scheduling enforced by egress port
•
No Egress QOS Policies
73
Cisco Nexus 5600/6000 QoS Features
•
Traffic classification
‒ DSCP, CoS, IP Precedence and ACL
•
Packet marking
‒ DSCP, CoS, and ECN
•
Strict Priority Queuing and DWRR
‒ Priority Flow Control
‒ DCBX 802.1Qaz
•
Ingress policing (No egress policing)
‒ 4096 policers per ASIC
•
Flexible buffer management
Nexus 5672UP Architecture Overview
Fabric
Supervisor
UPC 1
UPC 2
UPC 3
UPC 4
24xSFP+
24xSFP+
Slot 1
Unified Ports
UPC 5
UPC 6
6xQSFP+
Slot 2
UPC-0
CPU
Packet Buffering
• 25MB packet buffer is shared by every three 40 GE ports or twelve 10 GE ports.
• Buffer is 16MB at ingress and 9MB at egress.
Ingress
UPC
16MB
Multicast VOQ Unicast VOQ
• Unicast packet can be buffered at both ingress and egress.
Egress UPC
224
Gbps
Unified
Crossbar
Fabric
448
Gbps
9MB
Nexus 5600 QoS Packet Walk
Ingress UPC
Trust CoS/DSCP and
Match on COS/DSCP/ACL
MAC
Traffic
Classification
Ingress
Cos/DSCP
Marking
If Buffer Usage Crosses Threshold:
• Tail drop for drop class
• Assert Pause for no-drop COS
Ingress
Policing
Forwarding
Per-class
Buffer Usage
Monitoring
Ingress Buffer
Egress Queues
MAC
Egress UPC
WRED/ECN
Marking
Strict Priority +
DWRR Scheduling
Egress
Scheduling
Egress Buffer
Crossbar
Fabric
Make a forwarding decision
VoQs
(8 per egress port)
Flexible Buffer Management
Ingress Buffer
•
•
Shared buffer is good for burst
absorption.
UPC Ingress Buffer (16MB)
Dedicated buffer is good for predictable
performance for each port.
•
On by default, no configuration needed
•
Long-distance FCoE, video editing (i.e.,
AVID), Big Data, and distributed storage
SPAN
Control
Shared Packet Buffer
Port 1
Dedicated
Port 2
Dedicated
Port 3
Dedicated
WRED/ ECN Configuration
•
ECN parameters are configurable only at system level.
•
ECN is enabled by default along with WRED
•
Packet Threshold below minimum – Transmit
•
Packet Threshold between minimum and maximum – Mark ECN bits
•
Packet Threshold above maximum – Drop
switch(config)# hardware random-detect min-thresh 10g 10g-min-threshold 40g 40g-minthreshold max-thresh 10g 10g-max-threshold 40g 40g-max-threshold ecn qos-group qosgroup-number
Nexus 5600/6000 QoS Configuration Model
•
Uses QOS-Groups to tie together QoS, Queuing
and Network-QoS policies
•
QoS-Group has no direct relation with CoS value
•
QoS-Groups defined (set) in policy-map type
qos.
•
QoS-groups referenced (match) in policy type
queuing and policy-map type networkqos
Putting it all together
Create class-map
type qos and
match on
cos/dscp/acls
Attach policy-map
queuing to
interface
Create policy-map
type qos and set
qos-group and/or
add policing rule
Create policy-map
type queuing and
create actions
Attach policy-map
type qos as input to
an interface
Create class-map
type queuing and
match on qosgroup
class-map type qos class_foo
match cos 3-4
policy-map type qos pm1
class type qos class_foo
set qos-group 1
police cir 20 mbytes conform transmit violate drop
class type qos class-default
set qos-group 0
interface ethernet 1/1
service-policy type qos input pm1
class-map type queuing class-foo
match qos-group 1
policy-map type queuing policy-foo
class type queuing class-foo
bandwidth percent 20
class type queuing class-default
bandwidth percent 80
interface ethernet 1/3
service-policy type queuing input policy-foo
Nexus 5600/6000 QoS Golden Rules
•
ECN/WRED is enabled by default and cannot be disabled
•
CoS and DSCP are TRUSTED by default
•
Use QoS-Groups to tie policies together
•
No Egress QOS policies
Agenda
•
Introduction
•
QoS and Queuing Basics
•
QoS Implementation on Nexus
•
Nexus 7000/7700 QoS
•
Nexus 5600/6000 QoS
•
Nexus 2000 QoS
•
Real World Configuration Examples
•
Conclusion
Nexus 2000 QoS
FEX Overview
•
Scalable and Extensible Fabric
•
Single point of management
•
Homogeneous and consistent policies
Cisco Nexus 2000 QoS Features
•
Traffic classification
‒ DSCP, CoS
‒ ACL classification (FEX offload) –only on 5600/6000
•
Strict Priority Queuing and DWRR
‒ Priority Flow Control
•
Queue-limit Carving
FEX QoS Policies
•
Support for ingress port-based QoS policies on FEX HIF ports
•
Support for ingress/egress VLAN-based QoS policies on FEX VLANs
•
FEX QoS policies applied at ingress module of parent switch
•
No support for remarking, policing policies
Ingress portbased QoS
policy
Ingress/egress
VLAN-based QoS
policy
Nexus Parent
FEX
Ingress FEX
Module
/Port
Ingress Module
Module
/Port
Egress Module
FEX
Egress FEX
FEX QoS Packet Flow Example (CoS2Q)
Ingress queue /
egress schedule
based on COS 0
Egress schedule
based on COS 0
Ingress queue at
input port based on
COS 0
Ingress queue /
egress schedule
based on COS 0
Nexus Parent
PKT
DSCP 0
1Q trunk
COS 0
FEX
Ingress FEX
(FEX 101)
Module
Ingress Module
Fabric
Module
Egress Module
FEX
Egress FEX
FEX QoS Packet Flow Example (DSCP2Q)
Ingress queue /
egress schedule
based on DSCP 0
Egress schedule
based on COS 0
Ingress queue at
input port based on
DSCP 0
Ingress queue /
egress schedule
based on DSCP 0
Nexus Parent
PKT
DSCP 0
COS 0
FEX
Ingress FEX
(FEX 101)
Module
Ingress Module
Fabric
Module
Egress Module
FEX
Egress FEX
FEX QoS Packet Flow Example (With Ingress Marking Policy and DSCPto-Queue)
Ingress QoS policy:
policy-map type qos marker
class ClassA
set dscp cs3
!
interface ethernet 101/1/1
service-policy type qos input marker
Ingress queue /
egress schedule
based on DSCP 0
Egress schedule
based on COS 3
Ingress queue at
input port based on
DSCP 0
Ingress queue /
egress schedule
based on DSCP CS3
Nexus 7000
PKT
DSCP 0
COS 0
FEX
Ingress FEX
(FEX 101)
PKT
DSCP CS3
Module
COS 3
Fabric
Ingress Module
Classify and remark to
DSCP CS3/COS 3 at
ingress Decision Engine
Module
Egress Module
FEX
Egress FEX
FEX QoS Packet Flow Example (With Ingress Marking Policy and DSCPto-Queue)
Ingress QoS policy:
policy-map type qos marker
class ClassA
set dscp cs3
!
interface ethernet 101/1/1
service-policy type qos input marker
Ingress queue /
egress schedule
based on DSCP 0
Egress schedule
based on COS 3
Ingress queue at
input port based on
DSCP 0
Ingress queue /
egress schedule
based on DSCP CS3
Nexus 7000
PKT
DSCP 0
COS 0
FEX
Ingress FEX
(FEX 101)
PKT
DSCP CS3
Module
COS 3
Fabric
Ingress Module
Classify and remark to
DSCP CS3/COS 3 at
ingress Decision Engine
Module
Egress Module
FEX
Egress FEX
FEX Policy Offload (Nexus 5600/6000 only)
•
TCAM resources on a FEX to perform ACL-based classification
•
The feature is disabled by default
•
By default, a FEX classifies packets on CoS value
•
Both system level and interface level policies are offloaded to the FEX
switch# configure terminal
fex chassis_ID
hardware card-type qos-policy-offload
FEX Queuing Policies
•
FEX queuing driven implicitly by parent switch queuing configuration
•
Network QoS template drives:
•
Number of queues
• MTU
•
Ingress queuing class-maps drive:
•
•
BOTH ingress and egress COS/DSCP-to-queue mapping
On Nexus 7000 with FEX + M-Series parent modules, network-qos and F-series
ingress queuing class-maps still drive FEX queuing configuration
DSCP-to-Queue on FEX
•
Enabling DSCP-to-queue on parent switch enables DSCP-to-queue on FEX
•
Currently active DSCP mappings pushed to FEX when enabled
•
DSCP-to-queue only active in the HIF→NIF direction
•
NIF→HIF direction always uses COS-to-queue mapping, based on COS transmitted by
parent switch to FEX
FEX Queue-Limit
•
Provides FEX queue-limit configuration option
•
Manages buffer thresholds on FEX based on platform capabilities
•
Default has queue-limit disabled
•
Configuration applied per-VDC (on Nexus 7000/7700)
•
Different FEX models have different capabilities
Nexus 2000 QoS Golden Rules
•
FEX QOS classification on COS or DSCP unless FEX offload enabled
•
FEX queuing driven implicitly by parent switch queuing configuration
•
No support for per-queue shaping, policing or marking
•
Drop thresholds are tail-drop only, no WRED support
Agenda
•
Introduction
•
QoS and Queuing Basics
•
QoS Implementation on Nexus
•
Nexus 7000/7700 QoS
•
Nexus 5600/6000 QoS
•
Nexus 2000 QoS
•
Real World Configuration Examples
•
Conclusion
Real World Configuration
Examples
What do we want to achieve?
Company Foobar’s Business Goals
•
Make sure no disruption in network services
• Put control traffic in priority queue
•
Video/voice hosting also an business objective
• Put voice traffic in priority queue
• Dedicated bandwidth to video traffic
•
Flexibility in moving applications across servers
• Dedicated bandwidth to vmotion/mobility
• Everything else best-effort
102
Translating to the language of QoS
Application
CoS
Queuing
(Scheduling)
Queue-Limit
(Buffer)
Character
Best Effort
0, 1
BW remaining
50%
60%
High Volume /
Less Important
vMotion / Live
Migration
2
BW remaining
20%
10%
Medium Volume /
Important
Multimedia
3, 4
BW remaining
30%
20%
Medium Volume
Very Important
Strict Priority
5
Priority Queue
Network Control
6,7
10%
Low Volume /
Important /
Delay Sensitive
Low Volume /
Very important
103
Topology
Core
M2 cards facing
core and F2/F3
cards facing
access
Nexus 7000
Nexus 7000
vpc peer-link
VPC from
access to
aggregation
Nexus 5000
Straight-through
FEX, No VPC
Nexus 5000
vpc peer-linkNexus 5000
vpc peer-link Nexus 5000
Host VPC,
Straight-through
FEX
Nexus 2000
Nexus 2000
Nexus 2000
Nexus 5000
vpc peer-link Nexus 5000
Enhanced VPC
(evPC)
Nexus 2000
Nexus 2000
Nexus 2000
104
Classification, Marking & Trust onCore
Nexus 5000/7000
Mark Traffic from
Core
(policy-map type qos)
or just TRUST
(default)
vpc peer-link
vpc peer-link
Between the
different Tiers,
all ports are
TRUSTED
vpc peer-link
vpc peer-link
Mark Traffic
from Servers
(policy-map
type qos)
or just TRUST
(default)
105
Classification & Marking: Nexus 7000
ip access-list ACL_QOS_LOWPRIO
10 permit …
ip access-list ACL_QOS_VMOTION
10 permit …
ip access-list ACL_QOS_MULTIMEDIA
10 permit …
ip access-list ACL_QOS_SCRICTPRIO
10 permit …
!
class-map type qos match-any CM_QOS_LOWPRIO_COS1
match access-group name ACL_QOS_LOWPRIO
!
class-map type qos match-any CM_QOS_VMOTION_COS2
match access-group name ACL_QOS_VMOTION
!
class-map type qos match-any CM_QOS_MULTIMEDIA_COS4
match access-group name ACL_QOS_MULTIMEDIA
!
class-map type qos match-any CM_QOS_STRICTPRIO_COS5
match access-group name ACL_QOS_STRICTPRIO
policy-map type qos PM_QOS_MARK_COS_IN
class CM_QOS_STRICTPRIO_COS5
set cos 5
class CM_QOS_MULTIMEDIA_COS4
set cos 4
class CM_QOS_VMOTION_COS2
set cos 2
class CM_QOS_LOWPRIO_COS1
set cos 1
!
interface Ethernet1/1
service-policy type qos input PM_QOS_MARK_COS_IN
!
vlan configuration 100
service-policy input PM_QOS_MARK_COS_IN
106
Classification & Marking: Nexus 5600/6000 (1)
ip access-list ACL_QOS_LOWPRIO
10 permit …
ip access-list ACL_QOS_VMOTION
10 permit …
ip access-list ACL_QOS_MULTIMEDIA
10 permit …
!
class-map type qos match-any CM_QOS_LOWPRIO_COS1
match access-group name ACL_QOS_LOWPRIO
!
class-map type qos match-any CM_QOS_VMOTION_COS2
match access-group name ACL_QOS_VMOTION
!
class-map type qos match-any CM_QOS_MULTIMEDIA_COS4
match access-group name ACL_QOS_MULTIMEDIA
!
class-map type qos match-any CM_QOS_STRICTPRIO_COS5
match cos 5
policy-map type qos PM_QOS_MARK_COS_IN
class CM_QOS_STRICTPRIO_COS5
set qos-group 5
class CM_QOS_MULTIMEDIA_COS4
set qos-group 4
class CM_QOS_VMOTION_COS2
set qos-group 3
class CM_QOS_LOWPRIO_COS1
set qos-group 2
!
system qos
service-policy type qos input PM_QOS_MARK_COS_IN
QoS-Group # is mapping between Slide 1 & Slide 2
107
Classification & Marking: Nexus 5500/6000 (2)
class-map type network-qos
match qos-group 2
class-map type network-qos
match qos-group 3
class-map type network-qos
match qos-group 4
class-map type network-qos
match qos-group 5
CM_N-QOS_MATCH_QG2_COS1
CM_N-QOS_MATCH_QG3_COS2
CM_N-QOS_MATCH_QG4_COS4
CM_N-QOS_MATCH_QG5_COS5
policy-map type network-qos PM_N-QOS_SYSTEM
class type network-qos CM_N-QOS_MATCH_QG2_COS1
set cos 1
class type network-qos CM_N-QOS_MATCH_QG3_COS2
set cos 2
class type network-qos CM_N-QOS_MATCH_QG4_COS4
set cos 4
class type network-qos CM_N-QOS_MATCH_QG5_COS5
set cos 5
queue-limit 20480 bytes
!
system qos
service-policy type network-qos PM_N-QOS_SYSTEM
QoS-Group # is mapping between Slide 1 & Slide 2
108
Classification & Marking (Nexus
2000)
Core
vpc peer-link
vpc peer-link
vpc peer-link
vpc peer-link
Traffic
Classification
based on CoS
happens here!
Traffic
Classification
based on ACL
happens here!
109
Queuing (M2-cards)
Core
vpc peer-link
Assign a egress policymap to each interface
with priority, bandwidth
and queue-limit to alter
default queuing policy
vpc peer-link
Modify CoS to
Queue mapping
in Admin/Default-VDC
Assign ingress
policy-map to each
interface with
bandwidth and
queue-limit
vpc peer-link
vpc peer-link
110
CoS to Queue Mapping – M2 I/O Module
Example
Application
CoS
Queuing
(Scheduling)
Queue-Limit
(Buffer)
Queue
(8q2t / 1p7q4t)
Character
Best Effort
0, 1
BW remaining
50%
60%
8q2t-in-q-default /
1p7q4t-out-q-default
High Volume /
Less Important
vMotion / Live
Migration
2
BW remaining
20%
10%
8q2t-in-q6 /
1p7q4t-out-q6
Medium Volume /
Important
Multimedia
3, 4
BW remaining
30%
20%
8q2t-in-q2 /
1p7q4t-out-q2
Medium Volume
Very Important
Strict Priority
5
Priority Queue
Network Control
6,7
10%
8q2t-in-q1 /
1p7q4t-out-pq1
Low Volume /
Important /
Delay Sensitive
Low Volume /
Very important
111
CoS to Queue Mapping (on M2 cards)
Exmple (Admin- / Default-VDC)
class-map type queuing
match cos 5-7
class-map type queuing
match cos 3-4
class-map type queuing
match cos 2
class-map type queuing
match cos 0-1
!
class-map type queuing
match cos 5-7
class-map type queuing
match cos 3-4
class-map type queuing
match cos 2
class-map type queuing
match cos 0-1
Core
match-any 8q2t-in-q1
match-any 8q2t-in-q2
match-any 8q2t-in-q6
AdminVDC
AdminVDC
match-any 8q2t-in-q-default
match-any 1p7q4t-out-pq1
match-any 1p7q4t-out-q2
match-any 1p7q4t-out-q6
match-any 1p7q4t-out-q-default
Changes apply to ALL ports of specified type in ALL VDCs
Changes are traffic disruptive for ports of specified type
112
Ingress Queuing Configuration on M2 cards
Example (Payload-VDC)
policy-map type queuing PM_QUEUE_10G-40G-100G_IN
class type queuing 8q2t-in-q1
queue-limit 10
bandwidth remaining percent 10
class type queuing 8q2t-in-q2
queue-limit 20
bandwidth remaining percent 30
class type queuing 8q2t-in-q6
queue-limit 10
bandwidth remaining percent 10
class type queuing 8q2t-in-q-default
queue-limit percent 50
bandwidth percent 50
!
interface Ethernet1/1
service-policy type queuing input PM_QUEUE_10G-40G-100G_IN
Core
All Policy-Map and Service-Policy are done in relevant Payload-VDC and
only affect the interface to which they get applied
113
Egress Queuing Configuration on M2 cards
Example (Payload-VDC)
policy-map type queuing PM_QUEUE_10G-40G-100G_OUT
class type queuing 1p7q4t-out-pq1
priority level 1
queue-limit percent 10
class type queuing 1p7q4t-out-q2
queue-limit percent 20
bandwidth remaining percent 30
class type queuing 1p7q4t-out-q6
queue-limit percent 10
bandwidth remaining percent 20
class type queuing 1p7q4t-out-q-default
queue-limit percent 50
bandwidth remaining percent 40
!
interface Ethernet1/1
service-policy type queuing output PM_QUEUE_10G-40G-100G_OUT
Core
All Policy-Map and Service-Policy are done in relevant Payload-VDC and
only affect the interface to which they get applied
114
Network-QoS Configuration on F2/F3-Series
Core
vpc peer-link
vpc peer-link
vpc peer-link
Use the networkqos policy for 8e4q4q i.e 4 ingress
queues
vpc peer-link
115
Network-QoS Configuration –F2/F3 cards
Example (Admin- / Default-VDC)
Core
system qos
service-policy type network-qos default-nq-8e-4q4q-policy
policy-map type network-qos default-nq-8e-4q4q-policy template 8e-4q4q
class type network-qos c-nq-8e-4q4q
match cos 0-7
congestion-control tail-drop
mtu 1500
AdminVDC
AdminVDC
Changes apply to ALL ports of specified type in ALL VDCs
Changes are traffic disruptive for ports of specified type
116
Queuing (F2/F3 cards)
Core
Assign a egress policy-map
to each interface with
priority, bandwidth and
queue-limit to alter default
queuing policy
vpc peer-link
Modify CoS to Queue
mapping in Admin/Default-VDC
vpc peer-link
Assign a ingress policy-map
for buffer allocation, no ingress
scheduling
vpc peer-link
vpc peer-link
117
CoS to Queue Mapping – F2/F3 I/O Module
Example
Application
Best Effort
CoS
0,1
Queuing
(Scheduling)egress
Queue-Limit
(Buffer)-ingress
Queue
(Ingress/Egress)
Character
BW remaining
50%
50%
4q1t-8e-4q4q-in-q-default /
1p3q1t-8e-4q4q-out-q-default
High Volume /
Less Important
vMotion / Live
Migration
2
BW remaining
20%
10%
4q1t-8e-4q4q-in-q4 /
1p3q1t-8e-4q4q-out-q3
Medium Volume /
Important
Multimedia
3, 4
BW remaining
30%
30%
4q1t-8e-4q4q-in-q3 /
1p3q1t-8e-4q4q-out-q2
Medium Volume
Very Important
Strict Priority
5
Priority Queue
Network Control
6/7
10%
4q1t-8e-4q4q-in-q1 /
1p3q1t-8e-4q4q-out-pq1
Low Volume /
Important /
Delay Sensitive
Low Volume /
Very important
118
CoS to Queue Configuration –F2/F3 slides
Example (Admin- / Default-VDC)
class-map type queuing
match cos 5-7
class-map type queuing
match cos 0-1
class-map type queuing
match cos 3-4
class-map type queuing
match cos 2
class-map type queuing
match cos 5-7
class-map type queuing
match cos 3-4
class-map type queuing
match cos 2
class-map type queuing
match cos 0-1
Core
match-any 4q1t-8e-4q4q-in-q1
match-any 4q1t-8e-4q4q-in-q-default
match-any 4q1t-8e-4q4q-in-q3
AdminVDC
AdminVDC
match-any 4q1t-8e-4q4q-in-q4
match-any 1p3q1t-8e-4q4q-out-pq1
match-any 1p3q1t-8e-4q4q-out-q2
match-any 1p3q1t-8e-4q4q-out-q3
match-any 1p3q1t-8e-4q4q-out-q-default
Changes apply to ALL ports of specified type in ALL VDCs
Changes are traffic disruptive for ports of specified type
119
Ingress Queuing Configuration for F2/F3 cards
Example (Payload-VDC)
qos copy policy-map type queuing default-8e-4q4q-in-policy prefix
Custom-
Core
policy-map type queuing Custom-8e-4q4q-in
class type queuing 4q1t-8e-4q4q-in-q1
queue-limit percent 10
bandwidth percent 25
class type queuing 4q1t-8e-4q4q-in-q-default
queue-limit percent 50
bandwidth percent 25
class type queuing 4q1t-8e-4q4q-in-q3
queue-limit percent 30
bandwidth percent 25
class type queuing 4q1t-8e-4q4q-in-q4
queue-limit percent 10
bandwidth percent 25
interface Ethernet1/1
service-policy type queuing input Custom-8e-4q4q-in
All Policy-Map and Service-Policy are done in relevant Payload-VDC and
only affect the interface to which they get applied
120
Egress Queuing Configuration for F2/F3 cards
Example (Payload-VDC)
Core
qos copy policy-map type queuing default-8e-4q4q-out-policy prefix
Custompolicy-map type queuing Custom-8e-4q4q-out
class type queuing 1p3q1t-8e-4q4q-out-pq1
priority level 1
class type queuing 1p3q1t-8e-4q4q-out-q2
bandwidth remaining percent 30
class type queuing 1p3q1t-8e-4q4q-out-q3
bandwidth remaining percent 20
class type queuing 1p3q1t-8e-4q4q-out-q-default
bandwidth remaining percent 50
!
interface Ethernet1/1
service-policy type queuing output Custom-8e-4q4q-out
All Policy-Map and Service-Policy are done in relevant Payload-VDC and
only affect the interface to which they get applied
121
CoS to Queue Mapping - Nexus 5600/6000
Example
Application
CoS
Queuing
(Scheduling)
Queue-Limit
(Buffer)
Queue
(6q1t / 1p6q0t)
Character
Best Effort
0,1
BW percent
40%
remaining
(226kByte)
qos-group 0 (default)
High Volume /
Less Important
vMotion / Live
Migration
2,3
BW percent
20%
41kByte
qos-group 3
Medium Volume /
Important
Multimedia
4
BW percent
30%
41kByte
qos-group 4
Medium Volume
Very Important
Strict Priority
5
Network Control
6,7
BW percent
10%
20kByte
(min)
qos-group5 / priority
Low Volume /
Important /
Delay Sensitive
Low Volume /
Very important
122
Egress Queuing Configuration: Nexus5600
Example
class-map type queuing CM_Q_MATCH_QG3_COS2
match qos-group 3
class-map type queuing CM_Q_MATCH_QG4_COS4
match qos-group 4
class-map type queuing CM_Q_MATCH_QG5_COS5
match qos-group 5
!
policy-map type queuing PM_QUEUING_SYSTEM_OUT
class type queuing CM_Q_MATCH_QG3_COS2
bandwidth percent 20
class type queuing CM_Q_MATCH_QG4_COS4
bandwidth percent 30
class type queuing CM_Q_MATCH_QG5_COS5
priority
bandwidth percent 10
class type queuing class-default
bandwidth percent 40
Core
123
Queue-Limit (Buffer) Configuration
Example
policy-map type network-qos PM_N-QOS_SYSTEM
class type network-qos CM_N-QOS_MATCH_QG3_COS2
set cos 2
queue-limit 40960 bytes
class type network-qos CM_N-QOS_MATCH_QG4_COS4
set cos 4
queue-limit 40960 bytes
class type network-qos CM_N-QOS_MATCH_QG5_COS5
set cos 5
queue-limit 20480 bytes
class type network-qos class-default
Core
system qos
service-policy type network-qos PM_N-QOS_SYSTEM
124
Queuing: Nexus 2000
Core
vpc peer-link
vpc peer-link
vpc peer-link
vpc peer-link
Queuing on NIF (multiple
no-drop queues) only
available with CoS based
marking on HIF
Queuing on NIF
controlled by Fabric
Interface INPUT policy
125
Queuing Configuration (Nexus 2000)
Example
class-map type queuing CM_Q_MATCH_QG3_COS2
match qos-group 3
class-map type queuing CM_Q_MATCH_QG4_COS4
match qos-group 4
class-map type queuing CM_Q_MATCH_QG5_COS5
match qos-group 5
!
policy-map type queuing PM_QUEUING_SYSTEM_N2K
class type queuing CM_Q_MATCH_QG3_COS2
bandwidth percent 20
class type queuing CM_Q_MATCH_QG4_COS4
bandwidth percent 30
class type queuing CM_Q_MATCH_QG5_COS5
priority
bandwidth percent 10
class type queuing class-default
bandwidth percent 40
Core
Amount of Queues depend on FEX (Nexus 2000) Model
126
Agenda
•
Introduction
•
QoS and Queuing Basics
•
QoS Implementation on Nexus
•
Nexus 7000/7700 QoS
•
Nexus 5600/6000 QoS
•
Nexus 2000 QoS
•
Real World Configuration Examples
•
Conclusion
Conclusion
Why QoS in the Data Center?
Assign
Color to Traffic
Manage
Congestion
Maximize
Throughput
129
Maximize Throughput and Manage Congestion!
Participate in the “My Favorite Speaker” Contest
Promote Your Favorite Speaker and You Could Be a Winner
•
Promote your favorite speaker through Twitter and you could win $200 of Cisco
Press products (@CiscoPress)
•
Send a tweet and include
Your favorite speaker’s Twitter handle <Speaker—enter your Twitter handle here>
• Two hashtags: #CLUS #MyFavoriteSpeaker
•
•
You can submit an entry for more than one of your “favorite” speakers
•
Don’t forget to follow @CiscoLive and @CiscoPress
•
View the official rules at http://bit.ly/CLUSwin
Complete Your Online Session Evaluation
•
Give us your feedback to be
entered into a Daily Survey
Drawing. A daily winner
will receive a $750 Amazon
gift card.
•
Complete your session surveys
though the Cisco Live mobile
app or your computer on
Cisco Live Connect.
Don’t forget: Cisco Live sessions will be available
for viewing on-demand after the event at
CiscoLive.com/Online
Continue Your Education
•
Demos in the Cisco campus
•
Walk-in Self-Paced Labs
•
Table Topics
•
Meet the Engineer 1:1 meetings
•
Related sessions
Thank you
Internet of Things (IoT) Cisco Education Offerings
Course
Description
Cisco Certification
NEW! CCNA Industrial
An associate level instructor led training course designed to prepare you
for the CCNA Industrial certification
CCNA® Industrial
Managing Industrial Networks with
Cisco Networking Technologies (IMINS)
This curriculum addresses foundational skills needed to manage and
administer networked industrial control systems. It provides plant
administrators, control system engineers and traditional network engineers
with an understanding of the networking technologies needed in today's
connected plants and enterprises
Cisco Industrial
Networking Specialist
Control Systems Fundamentals
for Industrial Networking (ICINS)
For IT and Network Engineers, covers basic concepts in Industrial Control
systems including an introduction to automation industry verticals,
automation environment and an overview of industrial control networks
Networking Fundamentals
for Industrial Control Systems (INICS)
For Industrial Engineers and Control System Technicians, covers basic IP
and networking concepts, and introductory overview of Automation
industry Protocols.
For more details, please visit: http://learningnetwork.cisco.com
Questions? Visit the Learning@Cisco Booth or contact ask-edu-pm-dcv@cisco.com
Business Transformation Cisco Education Offerings
Course
Description
Cisco Certification
For IT and Network Professionals:
Building Business Specialist Skills
•
Builds non-technical skills key to ensure business impact and influence.
Topics include: business analysis, finance, technology adoption and
effective communications.
•
Bridges IT and business impacts of mature and emerging solutions
including cloud plus Internet of Everything
Cisco Enterprise IT
Business Specialist
For Technology Sellers:
Applying Cisco Specialized Business Value
Analysis Skills
Builds skills to discover and address technology needs using a businessfocused, consultative sales approach
Cisco Business Value Specialist
Executing Advanced Cisco Business Value
Analysis and Design Techniques
Enables customer transformation through business architecture and
solution selling expertise
Cisco Certified Business
Value Practitioner
Performing Cisco Business-Focused
Transformative Architecture Engagements
Provides skills and an approach to build a strategic roadmap of IT
initiatives, aligned to business priorities
Cisco Transformative
Architecture Specialist
For more details, please visit: http://learningnetwork.cisco.com
Questions? Visit the Learning@Cisco Booth or contact ask-edu-pm-dcv@cisco.com
Security Cisco Education Offerings
Course
Implementing Cisco IOS Network Security (IINS)
Implementing Cisco Edge Network Security Solutions
(SENSS)
Description
Focuses on the design, implementation, and monitoring of a comprehensive
security policy, using Cisco IOS security features
Cisco Certification
CCNA® Security
Configure Cisco perimeter edge security solutions utilizing Cisco Switches, Cisco
Routers, and Cisco Adaptive Security Appliance (ASA) Firewalls
Implementing Cisco Threat Control Solutions (SITCS)
Implementing Cisco Secure Access Solutions (SISAS)
Implementing Cisco Secure Mobility Solutions
(SIMOS)
Deploy Cisco’s Next Generation Firewall (NGFW) as well as Web Security, Email
Security and Cloud Web Security
Deploy Cisco’s Identity Services Engine and 802.1X secure network access
Protect data traversing a public or shared infrastructure such as the Internet by
implementing and maintaining Cisco VPN solutions
Securing Cisco Networks with Threat Detection and
Analysis (SCYBER)
Designed for professional security analysts, the course covers essential areas of
competency including event monitoring, security event/alarm/traffic analysis, and
incident response
Network Security Product and Solutions Training
For official product training on Cisco’s latest security products, including Adaptive
Security Appliances, NGIPS, Advanced Malware Protection, Identity Services
Engine, Email and Web Security Appliances see
www.cisco.com/go/securitytraining
For more details, please visit: http://learningnetwork.cisco.com
Questions? Visit the Learning@Cisco Booth or contact ask-edu-pm-dcv@cisco.com
Cisco Cybersecurity Specialist
R&S Related Cisco Education Offerings
Course
Description
Cisco Certification
CCIE R&S Advanced Workshops (CIERS-1 &
CIERS-2) plus
Self Assessments, Workbooks & Labs
Expert level trainings including: instructor led workshops, self
assessments, practice labs and CCIE Lab Builder to prepare candidates
for the CCIE R&S practical exam.
CCIE® Routing & Switching
• Implementing Cisco IP Routing v2.0
• Implementing Cisco IP Switched
Networks V2.0
• Troubleshooting and Maintaining
Cisco IP Networks v2.0
Professional level instructor led trainings to prepare candidates for the
CCNP R&S exams (ROUTE, SWITCH and TSHOOT). Also available in
self study eLearning formats with Cisco Learning Labs.
CCNP® Routing & Switching
Interconnecting Cisco Networking Devices:
Part 2 (or combined)
Configure, implement and troubleshoot local and wide-area IPv4 and IPv6
networks. Also available in self study eLearning format with Cisco Learning
Lab.
CCNA® Routing & Switching
Interconnecting Cisco Networking Devices:
Part 1
Installation, configuration, and basic support of a branch network. Also
available in self study eLearning format with Cisco Learning Lab.
CCENT® Routing & Switching
For more details, please visit: http://learningnetwork.cisco.com
Questions? Visit the Learning@Cisco Booth or contact ask-edu-pm-dcv@cisco.com
Wireless Cisco Education Offerings
Course
Description
• Conducting Cisco Unified Wireless Site Survey
• Implementing Cisco Unified Wireless Voice
Networks
• Implementing Cisco Unified Wireless Mobility
Services
• Implementing Cisco Unified Wireless Security
Services
Professional level instructor led trainings to prepare candidates to conduct
site surveys, implement, configure and support APs and controllers in
converged Enterprise networks. Focused on 802.11 and related
technologies to deploy voice networks, mobility services, and wireless
security.
CCNP® Wireless
Implementing Cisco Unified Wireless Network
Essential
Prepares candidates to design, install, configure, monitor and conduct
basic troubleshooting tasks of a Cisco WLAN in Enterprise installations.
CCNA® Wireless
For more details, please visit: http://learningnetwork.cisco.com
Questions? Visit the Learning@Cisco Booth or contact ask-edu-pm-dcv@cisco.com
Cisco Certification
Design Cisco Education Offerings
Course
Description
Cisco Certification
Designing Cisco Network Service Architectures
(ARCH)
Provides learner with the ability to perform conceptual, intermediate, and
detailed design of a network infrastructure that supports desired capacity,
performance, availability required for converged Enterprise network
services and applications.
CCDP® (Design Professional)
Designing for Cisco Internetwork Solutions
(DESGN)
Instructor led training focused on fundamental design methodologies used
to determine requirements for network performance, security, voice, and
wireless solutions. Prepares candidates for the CCDA certification exam.
CCDA® (Design Associate)
For more details, please visit: http://learningnetwork.cisco.com
Questions? Visit the Learning@Cisco Booth or contact ask-edu-pm-dcv@cisco.com
Service Provider Cisco Education Offerings
Course
Deploying Cisco Service Provider Network Routing
(SPROUTE) & Advanced (SPADVROUTE)
Implementing Cisco Service Provider Next-Generation
Core Network Services (SPCORE)
Description
SPROUTE covers the implementation of routing protocols (OSPF, IS-IS, BGP),
route manipulations, and HA routing features; SPADVROUTE covers advanced
routing topics in BGP, multicast services including PIM-SM, and IPv6;
Cisco Certification
CCNP Service Provider®
SPCORE covers network services, including MPLS-LDP, MPLS traffic engineering,
QoS mechanisms, and transport technologies;
Edge Network Services (SPEDGE)
SPEDGE covers network services, including MPLS Layer 3 VPNs, Layer 2 VPNs,
and Carrier Ethernet services; all within SP IP NGN environments.
Building Cisco Service Provider Next-Generation
Networks, Part 1&2 (SPNGN1), (SPNGN2)
The two courses introduce networking technologies and solutions, including OSI
and TCP/IP models, IPv4/v6, switching, routing, transport types, security, network
management, and Cisco OS (IOS and IOS XR).
CCNA Service Provider®
Implementing Cisco Service Provider Mobility UMTS
Networks (SPUMTS);
Implementing Cisco Service Provider Mobility CDMA
Networks (SPCDMA);
Implementing Cisco Service Provider Mobility LTE
Networks (SPLTE)
The three courses (SPUMTS, SPCDMA, SPLTE) cover knowledge and skills
required to understand products, technologies, and architectures that are found in
Universal Mobile Telecommunications Systems (UMTS) and Code Division Multiple
Access (CDMA) packet core networks, plus their migration to Long-Term Evolution
(LTE) Evolved Packet Systems (EPS), including Evolved Packet Core (EPC) and
Radio Access Networks (RANs).
Cisco Service Provider Mobility
CDMA to LTE Specialist;
Cisco Service Provider Mobility UMTS
to LTE Specialist
Implementing and Maintaining Cisco Technologies
Using IOS XR (IMTXR)
Service Provider/Enterprise engineers to implement, verification-test, and optimize
core/edge technologies in a Cisco IOS XR environment.
Cisco IOS XR Specialist
For more details, please visit: http://learningnetwork.cisco.com
Questions? Visit the Learning@Cisco Booth or contact ask-edu-pm-dcv@cisco.com
Collaboration Cisco Education Offerings
Course
Description
Cisco Certification
CCIE Collaboration Advanced Workshop (CIEC)
Gain expert-level skills to integrate, configure, and troubleshoot complex
collaboration networks
CCIE® Collaboration
Implementing Cisco Collaboration Applications
(CAPPS)
Understand how to implement the full suite of Cisco collaboration
applications including Jabber, Cisco Unified IM and Presence, and Cisco
Unity Connection.
CCNP® Collaboration
Implementing Cisco IP Telephony and Video
Part 1 (CIPTV1)
Learn how to implement Cisco Unified Communications Manager, CUBE,
and audio and videoconferences in a single-site voice and video network.
CCNP® Collaboration
Implementing Cisco IP Telephony and Video
Part 2 (CIPTV2)
Obtain the skills to implement Cisco Unified Communications Manager in a
modern, multisite collaboration environment.
Troubleshooting Cisco IP Telephony and Video
(CTCOLLAB)
Troubleshoot complex integrated voice and video infrastructures
Implementing Cisco Collaboration Devices
(CICD)
Acquire a basic understanding of collaboration technologies like Cisco Call
Manager and Cisco Unified Communications Manager.
Implementing Cisco Video Network Devices
(CIVND)
Learn how to evaluate requirements for video deployments, and implement
Cisco Collaboration endpoints in converged Cisco infrastructures.
For more details, please visit: http://learningnetwork.cisco.com
Questions? Visit the Learning@Cisco Booth or contact ask-edu-pm-dcv@cisco.com
CCNA® Collaboration
Data Center / Virtualization Cisco Education Offerings
Course
Description
Cisco Certification
Cisco Data Center CCIE Unified Fabric
Workshop (DCXUF);
Cisco Data Center CCIE Unified Computing
Workshop (DCXUC)
Prepare for your CCIE Data Center practical exam with hands on lab
exercises running on a dedicated comprehensive topology
CCIE® Data Center
Implementing Cisco Data Center Unified Fabric
(DCUFI);
Implementing Cisco Data Center Unified
Computing (DCUCI)
Obtain the skills to deploy complex virtualized Data Center Fabric and
Computing environments with Nexus and Cisco UCS.
CCNP® Data Center
Introducing Cisco Data Center Networking
(DCICN); Introducing Cisco Data Center
Technologies (DCICT)
Learn basic data center technologies and how to build a data center
infrastructure.
CCNA® Data Center
Product Training Portfolio: DCAC9k, DCINX9k,
DCMDS, DCUCS, DCNX1K, DCNX5K, DCNX7K
Get a deep understanding of the Cisco data center product line including
the Cisco Nexus9K in ACI and NexusOS modes
For more details, please visit: http://learningnetwork.cisco.com
Questions? Visit the Learning@Cisco Booth or contact ask-edu-pm-dcv@cisco.com
Network Programmability Cisco Education Offerings
Course
Description
Cisco Certification
Integrating Business Applications with Network
Programmability (NIPBA);
Integrating Business Applications with Network
Programmability for Cisco ACI (NPIBAACI)
Learn networking concepts, and how to deploy and troubleshoot
programmable network architectures with these self-paced courses.
Cisco Business Application
Engineer Specialist Certification
Developing with Cisco Network Programmability
(NPDEV);
Developing with Cisco Network Programmability
for Cisco ACI (NPDEVACI)
Learn how to build applications for network environments and effectively
bridge the gap between IT professionals and software developers.
Cisco Network Programmability
Developer Specialist Certification
Designing with Cisco Network Programmability
(NPDES);
Designing with Cisco Network Programmability
for Cisco ACI (NPDESACI)
Learn how to expand your skill set from traditional IT infrastructure to
application integration through programmability.
Cisco Network Programmability
Design Specialist Certification
Implementing Cisco Network Programmability
(NPENG);
Implementing Cisco Network Programmability
for Cisco ACI (NPENGACI)
Learn how to implement and troubleshoot open IT infrastructure
technologies.
Cisco Network Programmability
Engineer Specialist Certification
For more details, please visit: http://learningnetwork.cisco.com
Questions? Visit the Learning@Cisco Booth or contact ask-edu-pm-dcv@cisco.com
Cloud Cisco Education Offerings
Course
Description
Designing the FlexPod Solution (FPDESIGN);
Implementing and Administering the FlexPod
Solution (FPIMPADM)
Learn how to design, implement and administer FlexPod solutions
UCS Director (UCSDF)
Learn how to manage physical and virtual infrastructure using
orchestration and automation functions of UCS Director.
Cisco Prime Service Catalog
Learn how to deliver data center, workplace, and application services in an
on-demand, automated, and repeatable method.
Cisco Intercloud Fabric
Learn how to implement end-to-end hybrid clouds with Intercloud Fabric
for Business and Intercloud Fabric for Providers.
Cisco Intelligent Automation for Cloud
Learn how to implement and manage cloud deployments with Cisco
Intelligent Automation for Cloud
For more details, please visit: http://learningnetwork.cisco.com
Questions? Visit the Learning@Cisco Booth or contact ask-edu-pm-dcv@cisco.com
Cisco Certification
FlexPod Design Specialist;
FlexPod Implementation &
Administration Specialist
