QoS Design

QoS Scheduling Policy Design for Wired Networks

The basic principle of traditional QoS design for wired networks is to mark or re-mark packets at boundaries of different DiffServ domains and perform bandwidth control. Devices in the same DiffServ domain only need to schedule packets in queues based on the priorities marked on boundary nodes. Typically, service deployment involves traffic identification at the access layer, DiffServ model deployment at the aggregation or core layer, and bandwidth control on egress firewalls.

• Traffic identification at the access layer

  Access switches function as boundary switches. The switches identify, classify, and mark data flows at the user side. In actual deployments, different interfaces on access switches are connected to different terminals. Different priorities can be allocated to different services on access switches. Then traffic of the services can be scheduled based on the priorities.

• DiffServ model deployment at the aggregation or core layer

  Interfaces on aggregation and core switches are configured to trust DSCP or 802.1p priorities and enforce QoS policies based on priorities marked at the access layer, to ensure that high-priority services are scheduled first. A switch interface trusts 802.1p priorities by default.

• Bandwidth control on egress devices

  Egress devices are also located in the DiffServ domain and are configured to trust DSCP or 802.1p priorities of packets and implement QoS policies. Due to egress bandwidth limits, you need to consider differences when setting bandwidth parameters for WAN interfaces of egress devices. Additionally, QoS policies of egress devices vary according to the enterprise WAN construction mode.

  • WAN QoS policies can be managed by an enterprise itself in the following scenarios: enterprise-built WAN, private line construction using leased fibers, and customized enterprise QoS policies applied to the carrier WAN. In this case, egress or PE devices on the campus network do not need to re-mark traffic.
  • The WAN QoS policies are not controlled by an enterprise itself. The enterprise leases the private line network of a carrier, and the carrier does not trust the packet marking on the enterprise network or the two parties have different definitions of the same packet marking. Thus, egress devices on the campus network need to re-mark traffic.

QoS Scheduling Policy Design for WLANs

The network efficiency of WLANs is lower than that of wired networks, and STAs are more sensitive to user experience. Therefore, you are advised to consider the following aspects when designing the QoS policies for STAs:

• The maximum bandwidth of a single user can be limited based on service requirements. If multiple SSIDs are planned, the total bandwidth of non-critical SSIDs can be limited.
• In high-density scenarios, many users preempt channel resources. As a result, the Internet access quality of each user deteriorates. You are advised to enable the following functions:
  • The call admission control (CAC) function is used to control STA access based on the radio channel utilization and number or signal-to-noise ratio (SNR) of online STAs to ensure the Internet access quality of online STAs.
  • The dynamic enhanced distributed channel access (EDCA) parameter adjustment function allows APs to adjust EDCA parameters flexibly by detecting the number of STAs to reduce the possibility of collisions, improve the throughput, and enhance user experience.
• To enable STAs (especially sticky STAs) to re-associate or roam to APs with better signals, enable the function of quickly disconnecting STAs to force low-SNR or low-rate STAs to go offline.
• In scenarios requiring high multicast service experience, you are advised to enable the multicast-to-unicast conversion function to improve multicast service experience (for example, HD video on demand) to prevent the impact of low-rate STAs on multicast services.
• In scenarios where VIP user experience needs to be guaranteed, you are advised to enable preferential access of VIP users to ensure preferential access, scheduling, and bandwidth guarantee for VIP users.

In WLAN QoS design, you need to consider priority mapping between wired and wireless network packets. For example, 802.11 packets sent by WLAN clients carry user priorities or DSCP priorities, VLAN packets on wired networks carry 802.1p priorities, and IP packets carry DSCP priorities. To ensure consistent QoS scheduling of packets on wired and wireless networks, you need to configure priority mapping on network devices.

Only 802.11ax (Wi-Fi 6) APs support bandwidth guarantee.

Recommended Scheduling Policy Suggestions

The definition of important data services varies with enterprises. For a portal website, Internet access and gaming traffic is important; for the financial services industry, real-time transaction is more important than voice services and Internet access and gaming traffic is unwanted. Therefore, the QoS policy solution must be designed and deployed based on actual service types and QoS requirements of each enterprise. Table 2-69 lists the typical QoS policy solutions formulated based on engineers' experiences, which provide references for design personnel.

VIP User-Level Application Planning

To implement application planning for VIP users, the network administrator needs to complete the following tasks:

• Identify user terminals whose traffic needs to be preferentially guaranteed and record VIP user information on iMaster NCE-Campus. The VIP attributes of user terminals are automatically synchronized to network devices through the authentication and authorization process.
• Analyze service traffic of VIP users, identify mission-critical and non-critical services, and classify key service traffic based on indicators such as the packet loss rate, latency, and jitter.

The following table describes an example plan for VIP users, providing a reference for network administrators.

This example defines two VIP users (VIP1 and VIP2) and analyzes indicators of mission-critical applications of the VIP users, including the packet loss rate, latency, jitter, and bandwidth requirements. For details about traffic classification, see Traffic Classification Design.

The VIP users and applications in the preceding table are for reference only, and used to demonstrate the planning and design methods and logic. Therefore, the indicator data cannot be recommended in actual deployments.

Design of Customized Applications

After planning for VIP users and analyzing service traffic, you need to design rules for defining applications. Applications on a campus network fall into predefined applications and customized ones.

• Predefined applications are those predefined in the Huawei Smart Application Control (SAC) signature database. SAC-capable network devices can automatically identify such applications. Administrators only need to select applications from the SAC signature database and add them to an application scheduling template. After an application scheduling policy is delivered to a network device, the network device can use the SAC function to identify applications. For details about the Huawei SAC signature database, visit https://isecurity.huawei.com/sec/web/freesignature.do.
• Customized applications are not present in the SAC signature database. The intelligent HQoS solution supports application customization by specifying URLs or combinations of service IP addresses and ports. The following table lists an example of designing customized applications.

You are advised to customize applications using the preceding two methods. After customizing applications on iMaster NCE-Campus as an administrator, you can add the customized applications to an application scheduling template.

When the intelligent HQoS solution is used, only standalone WACs support SAC-based application identification, whereas switches do not support this application identification method.

Design of Application Scheduling Templates

After completing the design of application identification for VIP users, you need to design application scheduling templates. In the intelligent HQoS solution, differentiated application scheduling templates are authorized to VIP users to implement differentiated traffic scheduling policies. This ensures that key service traffic of VIP users can be forwarded properly. After designing application scheduling templates, you need to complete the following tasks:

• Define the priorities of mission-critical services based on the analysis results of VIP users.
• It is recommended that a shaping bandwidth be configured for applications that may have burst traffic. For example, if the average bandwidth of a video application is less than 10 Mbit/s and the peak bandwidth is 100 Mbit/s, the shaping bandwidth can be set to 10 Mbit/s.
• A maximum of 31 application scheduling templates can be defined through iMaster NCE-Campus. Table 2-71 describes the configuration logic for reference.
• Application scheduling templates cannot be defined for common users. Application traffic of common users can only be scheduled based on the default configuration of network devices, requiring no additional configuration.

Since the service traffic models of VIP users VIP1, VIP3, and VIP5 are similar, the same application scheduling template is defined for the three VIP users. After the application scheduling templates of all VIP users are designed, you can authorize these templates to respective VIP users on the controller. Scheduling policies will be automatically delivered to network devices.

Design Precautions

• To avoid excessive resource competition among VIP users, it is recommended that the proportion of VIP users be within 10% of the total number of users.
• The network administrator can configure a maximum of 31 application scheduling templates on iMaster NCE-Campus.
• To configure application scheduling templates through the WAC, the network administrator needs to switch to the WAC's web system from iMaster NCE-Campus.