How To: CBQoS Class Maps and Traffic Policies using NBar2

Version 1

    What is CBQoS?

         Cisco Based Quality of Service utilizes Cisco Class Maps, and Traffic Policies Visually showing how all Protocols traverse a given link. CBQoS shows traffic before and after Traffic Policies have been applied showing how much traffic was also dropped based on Traffic Policy Rules.

     

    What is a Class Map?

         The grouping of Protocols or Applications for the ability to then apply the group to a Traffic Policy.

         This is the most Granular and what each item is listed as in the image.

     

    What is a Traffic Policy?

         A collection of one or multiple Class Maps with basic grouping, or going one step further to Packet Police and Packet Prioritization.

         Traffic Policies must be applied to an interface

         Policy is applied to an Interface with a direction of input or output to show the Direction shown under CBQoS Details.

     

    PURPOSE OF THIS GUIDE: Showing how CBQoS and Traffic Shaping. Visually showing the traffic per protocol to ensure that any link does not become easily saturated when a user chooses to move lots of data. The configuration shown is an example on getting data shown.

     

    PREREQUISITE: NBar2 for the Protocol List. How To: Setup Cisco NBar2 to see what sites are accessed.

     

    The Flow process: Create Class Maps, assign Class Map to a Policy Map, then use the Policy map name on the Interface and direction of the Interface.

     

    The Result of this setup:

     

     

    Example Configuration:

    CAUTION: Do not just take this example and implement. This configuration example is included to show how to segment traffic based on Protocols into different Class Map buckets; your network will most definitively will be different. If the network link is a WISP with less than 10Mbps, then this is perfect starter.

     

     

    Create Class Maps:

    Cisco IOS Quality of Service Solutions Command Reference - Class-Maps  - Cisco

    Go into Configuration Terminal

    Start Creating and assigning Class Maps. I have created the following as an example:

    Note: works for NBar2 protocol-pack pp-adv-isrg2-155-3.M2-23-27.0.0.pack

     

    class-map match-any Drop

      description Network should not send this data to the outside

    match protocol active-directory

    match protocol cifs

    match protocol iscsi

    match protocol nfs

    match protocol netbios

    match protocol adcash

    match protocol aol-protocol

    match protocol cnet

    match protocol gotomypc

    match protocol logmein

    match protocol pcanywhere

    match protocol rtelnet

    match protocol showmypc

    match protocol teamviewer

    match protocol vnc

    match protocol vnc-http

    match protocol wifi-calling

    class-map match-any Business-Mail

    match protocol secure-smtp

    match protocol secure-imap

    match protocol secure-pop3

    match protocol outlook-web-service

    match protocol gmail

    match protocol smtp

    match protocol mapi

    match protocol imap

    match protocol pop3

    match protocol activesync

    class-map match-any CrowdSource-FlightAware

      description Traffic to FlightAware Flight Data Servers

    match protocol wunderground-com

    class-map match-any Config

    match protocol telnet

    match protocol ssh

    match protocol tftp

    class-map match-any Social-Stream-Gaming

    match protocol xbox-web-portal

    match protocol doom

    match protocol teamspeak

    match protocol ventrilo

    match protocol hamachi

    match protocol twitch-tv

    match protocol call-of-duty

    match protocol playstation-store

    match protocol playstation-web-portal

    class-map match-any Social-Stream-Video-Limited

    match protocol espn-video

    match protocol flash-video

    match protocol appleqtc

    match protocol directv-catlg

    match protocol directv-soft

    match protocol directv-tick

    match protocol directv-web

    match protocol facebook-video

    match protocol facebook-media

    match protocol facebook-audio

    match protocol icloud

    match protocol itunes-video

    match protocol itunes-media

    match protocol itunes-audio

    match protocol ms-streaming

    class-map match-any Social-Downloader

    match protocol bittorrent

    match protocol bittorrent-networking

    match protocol nntp

    match protocol encrypted-bittorrent

    match protocol encrypted-emule

    match protocol ftp

    match protocol ftp-data

    match protocol ftps-data

    match protocol xdtp

    match protocol edonkey

    match protocol fasttrack

    match protocol gnutella

    match protocol gopher

    match protocol secure-nntp

    match protocol kazaa2

    match protocol novadigm

    class-map match-any Social-Stream-Video-Standard

    match protocol google-services-video

    match protocol google-services-media

    match protocol google-services-audio

    match protocol netflix

    match protocol amazon-web-services

    match protocol youtube

    match protocol internet-video-streaming

    match protocol amazon-instant-video

    class-map match-any Business-Social-Mix

    match protocol google-earth

    class-map match-any Updates

    match protocol ms-update

    match protocol windows-store

    match protocol apple-ios-updates

    match protocol apple-tv-updates

    match protocol google-play

    match protocol samsung

    class-map match-any Critical-Protocols

      description Needed to connect

    match protocol dns

    match protocol dhcp

    match protocol dhcpv6-client

    class-map match-any Business-Streaming-Priority

    match protocol webex-app-sharing

    match protocol webex-media

    match protocol webex-meeting

    match protocol adobe-connect

    match protocol ms-lync

    match protocol ms-lync-audio

    match protocol ms-lync-control

    match protocol ms-lync-video

    class-map match-any Social-Sites

    match protocol facebook

    match protocol linkedin

    match protocol http

    match protocol secure-http

    match protocol https

    class-map match-any NMS

    match protocol snmp

    match protocol icmp

    match protocol cdp

    class-map match-any Social-Press

    match protocol abc-news

    match protocol accuweather

    match protocol blaze-news

    match protocol buzzfeed

    match protocol business-insider

    match protocol cbs

    match protocol cnbc

    match protocol engadget

    match protocol fox-news

    match protocol nbc-news

    class-map match-any Cloud-Services

    match protocol crashplan

    match protocol dropbox

    match protocol ms-ocs-file-transfer

    match protocol skydrive

    class-map match-any Business-Streaming

    match protocol cisco-phone

    match protocol cisco-jabber-video

    match protocol cisco-jabber-audio

    match protocol cisco-phone-audio

    match protocol cisco-phone-media

    match protocol cisco-phone-video

    match protocol cisco-spark-audio

    match protocol cisco-spark-media

    match protocol cisco-spark-video

    match protocol skype

    match protocol jabber

    match protocol jabber-audio

    match protocol jabber-video

    match protocol gtalk-voip

    match protocol gtalk-video

    match protocol dameware-mrc

    match protocol citrix

    class-map match-any Business-Messenger

    match protocol cisco-jabber-control

    match protocol cisco-jabber-im

    match protocol icq

    match protocol secure-irc

    match protocol ip-messenger

    match protocol xmpp-client

     

     

    Create Policy Map:

    Cisco IOS Quality of Service Solutions Command Reference - Policy-Map - Cisco

    Policy Maps allow you to set Packet Prioritization, Police to limit how much it can use then set a priority, or drop traffic as some of the few examples. The link above will go far more into detail.

     

    In Configuration Terminal under the (Config) Area, create a Policy Map. Use the Name of the Class Map as Class <Class Map Name>

    policy-map Outside-Output

    description Traffic on Outside Interface Leaving Network

    class NMS

      set dscp default

    class Config

      set dscp default

    class Drop-Dead

      drop

    class Critical-Protocols

      priority 30

    class Business-Mail

      priority 10

    class Business-Messenger

      priority 10

    class Business-Social-Mix

    class Cloud-Services

    class Business-Streaming-Priority

      priority 40

    class Social-Downloader

    Class Social-Sites

    class Social-Press

    class Social-Stream-Gaming

    class Social-Stream-Video-Standard

    class Social-Stream-Video-Limited

    class Updates

     

     

    Assign Policy Map to Interface

    Configuration Terminal

    interface <InterfaceName>

    service-policy <Input/output> <Policy Map Name>

     

     

    (Required Step to see in NetFlow) Enable CBQoS in SolarWinds NetFlow:

         Go into Settings> NTA Settings> Manually manage NetFlow sources and CBQoS Polling

         Expand out the device, select the Checkbox under CBQoS for the Interface you Enabled

         CBQoS data is polled using SNMP. Wait about 10-30 minutes for a good chunk of data to roll in.