Fundamentals of Quality of Service (QoS) (Notes):

Thanks to all time best Cisco instructor Kevin Willis for sharing his video on Youtube! I watched his video to revist QoS fundamentals and re-consolidate previous knowledge. KW, you’re a Legend!


 “Quality of Service is a managed unfairness.”


  1. Learn QoS Mechanisms
  • QoS is like a tool box with various number of tools, not just one thing
  1. Understand QoS Markings
  • how do we mark different traffics
  1. Demystify Weighted RED
  • Weighted Random Early Detection
  1. Select Appropriate Queuing
  • g.) LAN is running 1GB but WAN network is only 10mb, how does the router handle the 100:1 speed ratio,
  • High priority traffic such as Real-time streaming video or voice vs download/gaming traffic?
  1. Explain the ‘Token bucket’
  2. Configure QoS using MQC


Fundamentals of Quality of Service (QoS):

 “Quality of Service is a managed unfairness.”

  1. Learn QoS Mechanisms

If you have all different application fighting for the same bandwidth, you have to decide based on the characteristics of each traffic. Know what the applications are and what the business needs are.


10Gb links everywhere, no big deal to have a QoS.

Even within LAN, on high speed network the aggregation point becomes a bottleneck.



IntServ =  RSVP (Resource Reservation Protocol). Sometimes called “hard-QoS”. Bandwidth is pinned-up (reserved) so a certain traffic can use on demand. These days, we rarely see IntServ in use due to inflexible nation of this QoS mechanism.

DiffServ = Differentiated Service. Router will differentiate different traffic types. Put different traffic types for different class. Create no more than 11 different traffic (if everyone is special, nobody is special) <<<Cisco recommendation.

Best effort = FIFO, first in firs served. No QoS enabled.


Common QoS Mechanisms – QoS is not a single tool that you just activate. QoS is a collection of tools.

  1. Classification and Marking

e.g.) Boarding pass for an airline – priority marking on boarding pass

Cisco tells us to classify your traffic into no more than 11 network traffic types. Classify and mark the traffic as early as possible on your network, changing bits on the header. Routers and switches can look at the header information and quickly decide whether to forward/drop packets, so the decision becomes really fast. Use access lists (NBAR) to do this. Once the traffic is classified, put the marking on it. However, classification and marking alone does not do anything.


  1. Queuing

E.g.) 1GB or 10GB Switch network traffics coming into router network with 10MB link out. If we had FIFO. We only have a limited amount of memory to queue all traffics, once the queue buckets fill-up, the excess traffics will start dropping overflowing from the single bucket. So to make this more efficient based on different traffic’s characteristics, this bucket can be sub-divided into a few smaller buckets, then different traffic can fill-up and use different buckets with varying priorities.

Mark the traffics and it can be put into different buckets. e.g.) VoIP goes into different bucket vs Best effort traffic. Typically VoIP traffic gets DSCP 46 (Differentiated Services Code Point). If VoIP is marked with a DSCP of 46, then put this traffic into one bucket. Everybody else can go into the other bucket. This is called queue separation. Even though the Best Effort buckets gets full and start dropping packets, the VoIP bucket will fill up occasionally and will not get full and impacted by the Best Effort bucket’s performance.


Cisco has many tools to help us on how to manage queues and dictate emptying these queues. Different Queue mechanisms supported on Cisco IOS?  Weighted Fair Queuing, Class-based weighted Queuing, Low Latency Queuing, Priority queuing, Custom Queuing, In the real world scenario, Class-based weighted Queuing and Low Latency Queuing are most often used.

The beauty of queuing is that it can protect certain traffic just simply separating different traffics into different buckets.


  1. Congestion Avoidance

RED – Random Early Detection, drop random traffic for the good of many.


  1. Policing and Shaping

Traffic conditioners

Policing – sets speed limit, if some packet is trying to transmit more than allowed, policing drops any exceeding traffic packet and these traffics must be retransmitted if they are TCP packets. If this is UDP packets, there is no retransmission.

Shaping – also sets speed limit, but softer, not enough bandwidth, buffer (delay) the packets and then send them off.


  1. Link Efficiency

Not as important as it used to be as we have higher WAN links these days.

  1. Link Fragmentation and Interleaving (LFI) = Sometime on the network on a slow speed link (56kbps link), there is a 1500byte data packet queued up and tiny voice packet has been queued up behind this packet. 214ms to send 1500bytes through 56kbps link.


Voice packet speed requirement:

<150ms transmission speed is OK.

>150ms = will start to get bad

>200ms = really get bad


E.g.) Analogy, metaphor – Caught at Traffic light and three trailer truck (Data packet) is in front of your sports car (voice packet). Fragment the 3 trailers and send them, but the sports car can swivel through them and get passed through. One issue: due to fragmentation, now you have three headers on each of the trailer, so increased header size. @768kbps (WAN link), if you are sending voice over IP, if less than 768kbps speed, use of LFI will help. If 768kbps or more, do not use LFI, it will hurt the network more than helping.


  1. Compression – sending the same amount of data using less bandwidth

The main use on today’s network is ‘RTP header compression’

RTP (Real Time Protocol) is a L4 protocol, depending on what sort of codec we use, the size of the payload could be 20 bytes, add L3 IP header + L4 UDP header + L4 RTP header = 40 bytes of header alone. Your header is 2 times the size of your payload. The payload to header ratio is 1:2. Turn on RTP header compression on the router interface. The routers looks at the voice packets arriving on its interface and see the commonalities between every packets in the same communication, it seems like every packet has the same destination IP address, same source and destination port IDs, why are we sending the same information multiple times? On each end routers, keep the copy of this information and send much smaller header (either 2 bytes or 4 bytes. 4 bytes have checksum. Generally on Cisco devices, it will use 2 bytes). The 2 bytes header contains the session context identifier (CID) which differentiates one voice conversation with another voice conversation. At the far end router, the router uses CID to identify the voice traffic and put the cached header copies onto the coming in traffic and send out to the LAN network.


 2. Understand QoS Markings


L2 marking = Class of Service (CoS)

ISL = not used

IEEE802.1Q = 4 bits added, (3 bits = 8 values (0-7) bits.)


6 and 7 bits = reserved for network use

cos 5 = voice traffic

DSCP Values:

CS (Class Selector)

Issue: Only layer 2 marking, if it goes out through a Router, it gets written over.  So, this has to be rewritten at L4 header using Type of Service (TOS) Bytes.


We can use three left bits; we can use IP Precedence (CoS matching only gives 6 classes of traffic as we cannot use 6 & 7 bits as in CoS). IP Precedence is not scalable. We now use DSCP using 6 bits in ToS byte – 0-63 DSCP values can be used. The 64 values gave too many options, so ITF decided to define commonly used DSCP values to set up certain standards.


ITF preselected 21 names Per Hop Behaviours (PHB), we can use the number or names that corresponds to ITF names.



 DSCP/PHB Value for Enterprise traffics.

사용자 지정 20


  1. Demystify Weighted RED

 Random Early Detection (RED)

사용자 지정 16

When we get to certain level (Min. threshold), start introducing the possibility of dropping. As it moves up and hit the Max Threshold, the chances of dropping packets get bigger.

 사용자 지정 17

 MPD = Mark Probability Denominator

 Cisco IOS already has MPD values, but this can be manipulated. The following is WRED profiles suggested by Cisco.

 사용자 지정 18


Explicit Congestion Notification (ECN)

Uses the 7th bit in ToS Byte for ECT and 8th bit for CE.

The receding router can mark the ECT and CE bits to binary 1’s and ask the other router to slow down. Otherwise, the packets gets dropped and then the TCP slow-start will kick-in (TCP windowing concept, where the window size is doubled continuously until it reaches threshold value and it drops down and TCP slow-start kicks in.)

 사용자 지정 19



  1. Select Appropriate Queuing


사용자 지정 25

Cisco recommends us to use no more than 11 traffic classes, but one class already is created by default, “class-default”.  Catch-all traffic class, so we can use 12 classes of traffic.

  • class-default uses FIFO.
  • CB-WFQ – during the time of congestion when QoS kicks in, give minimum of x Mbps of bandwidth, but give more if more bandwidth is available.
  • LLQ (priority) queue – during the time of congestion, give up to 3Mbps of bandwidth, but nor more that 3Mbps.

E.g.) Car pool lane or bus lane – if you have more passengers, you have rights to use the special lane, but still needs to keep the speed-limit.


  1. Explain the ‘Token bucket’

Using Frame-relay network, speed of 128kbps.

How do you send data at the half the rate of the line speed? of if the full line speed is 128kbps, send at 64kbps speed. Use the analogy of car traveling at 100km/h to reach 50kms in 0.5 hours.

Send & stop, send & stop, this is how the policing and shaping does its magic.

 사용자 지정 26


  1. Configure QoS using MQC

고정된 영역 1

고정된 영역 2

고정된 영역 3


고정된 영역 4




MQC Demo

QoS configuration is a 3 steps process:


Step 1: Create Class-maps


R1#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

R1(config)#class-map ?

WORD       class-map name

match-all  Logical-AND all matching statements under this classmap

match-any  Logical-OR all matching statements under this classmap

type       Configure CPL Class Map


R1(config)#class-map match-any EMAIL

R1(config-cmap)#match protocol pop3

R1(config-cmap)#match protocol imap

R1(config-cmap)#match protocol exchange

R1(config-cmap)#match protocol smtp



R1(config)#class-map VOICE

R1(config-cmap)#match protocol rtp ?

audio             Match voice packets

in-app-hierarchy  Match protocol in transport hierarchy

payload-type      Match an explicit PT

potentially       Match protocol, and all potentiall traffic

video             Match video packets


R1(config-cmap)#match protocol rtp audio





R1(config)#class-map match-any WEB

R1(config-cmap)#match protocol http

R1(config-cmap)#match protocol secure-http



R1(config)#class-map SCAVENGER

R1(config-cmap)#match protocol bitt

R1(config-cmap)#match protocol bittorrent



R1#show class-map

Class Map match-any class-default (id 0)

Match any


Class Map match-any EMAIL (id 1)

Match protocol pop3

Match protocol imap

Match protocol exchange

Match protocol smtp


Class Map match-any WEB (id 3)

Match protocol http

Match protocol secure-http


Class Map match-all VOICE (id 2)

Match protocol rtp audio


Class Map match-all SCAVENGER (id 4)

Match protocol bittorrent



Step 2: Create Policy-maps

R1(config)#policy-map QOS-LAB1


Policy-map configuration commands:

class        policy criteria

description  Policy-Map description

exit         Exit from policy-map configuration mode

no           Negate or set default values of a command

R1(config-pmap)#class EMAIL


Policy-map class configuration commands:

admit            Admit the request for

bandwidth        Bandwidth

compression      Activate Compression

drop             Drop all packets

exit             Exit from class action configuration mode

fair-queue       Enable Flow-based Fair Queuing in this Class

flow             Flow subcommands

log              Log IPv4 and ARP packets

measure          Measure

netflow-sampler  NetFlow action

no               Negate or set default values of a command

police           Police

priority         Strict Scheduling Priority for this Class

queue-limit      Queue Max Threshold for Tail Drop

random-detect    Enable Random Early Detection as drop policy

service-policy   Configure QoS Service Policy

set              Set QoS values

shape            Traffic Shaping


R1(config-pmap-c)#set dscp af13

R1(config-pmap-c)#bandwidth 512 <<<give this command first before giving ‘random-detect’ command


R1(config-pmap-c)#random-detect ?

atm-clp-based                   Enable atm-clp-based WRED as drop policy

clp                             parameters for each clp value

cos                             parameters for each cos value

cos-based                       Enable cos-class-based WRED as drop policy

discard-class                   parameters for each discard-class value

discard-class-based             Enable discard-class-based WRED as drop


dscp                            parameters for each dscp value

dscp-based                      Enable dscp-based WRED as drop policy

ecn                             explicit congestion notification

exponential-weighting-constant  weight for mean queue depth calculation

precedence                      parameters for each precedence value

precedence-based                Enable precedence-based WRED as drop policy



R1(config-pmap-c)#random-detect dscp-based <<<default is using cos, this command enables dscp based WRED

R1(config-pmap-c)#random-detect ecn <<<turns on ECN


R1(config-pmap)#class VOICE

R1(config-pmap-c)#priority 256 <<<Enabled LLQ, go first

R1(config-pmap-c)#random-detect dscp-based <<<Since voice traffic is RTP encapsulated in UDP, TCP slow-start will not help us. So, no need to use ECN bits. No need to use WRED.

Must deconfigure priority in this class before issuing this command


R1(config-pmap)#class WEB

R1(config-pmap-c)#bandwidth 768


R1(config-pmap)#class SCAVENGER

R1(config-pmap-c)#police 128000 <<<Set the maximum bandwidth using Policing. This is in bps (bits) not Bps (Bytes).




R1#show policy-map

Policy Map QOS-LAB1


set dscp af13

bandwidth 512 (kbps)


priority 256 (kbps)

Class WEB

bandwidth 768 (kbps)


police cir 128000 bc 4000

conform-action transmit

exceed-action drop


#Marking only can be done on the inbound traffic.

#Shaping can only be applied to outbound traffic.

#Policing can be applied to either directions.


R1#conf t

R1(config)#int gi0/0

R1(config-if)#service-policy output QOS-LAB1 <<<Apply configuration to outgoing traffic



R1#show policy-map interface gi0/0



Service-policy output: QOS-LAB1


queue stats for all priority classes:


queue limit 64 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0


Class-map: EMAIL (match-any)

0 packets, 0 bytes

5 minute offered rate 0000 bps, drop rate 0000 bps

Match: protocol pop3

0 packets, 0 bytes

5 minute rate 0 bps

Match: protocol imap

0 packets, 0 bytes

5 minute rate 0 bps

Match: protocol exchange

0 packets, 0 bytes

5 minute rate 0 bps

Match: protocol smtp

0 packets, 0 bytes

5 minute rate 0 bps


queue limit 64 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

QoS Set

dscp af13

Packets marked 0

bandwidth 512 kbps


Class-map: VOICE (match-all)

0 packets, 0 bytes

5 minute offered rate 0000 bps, drop rate 0000 bps

Match: protocol rtp audio

Priority: 256 kbps, burst bytes 6400, b/w exceed drops: 0



Class-map: WEB (match-any)

0 packets, 0 bytes

5 minute offered rate 0000 bps, drop rate 0000 bps

Match: protocol http

0 packets, 0 bytes

5 minute rate 0 bps

Match: protocol secure-http

0 packets, 0 bytes

5 minute rate 0 bps


queue limit 64 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

bandwidth 768 kbps


Class-map: SCAVENGER (match-all)

0 packets, 0 bytes

5 minute offered rate 0000 bps, drop rate 0000 bps

Match: protocol bittorrent


cir 128000 bps, bc 4000 bytes

conformed 0 packets, 0 bytes; actions:


exceeded 0 packets, 0 bytes; actions:


conformed 0000 bps, exceeded 0000 bps


Class-map: class-default (match-any)

3 packets, 180 bytes

5 minute offered rate 0000 bps, drop rate 0000 bps

Match: any


queue limit 64 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 3/180



Microsoft – File Checksum Integrity Verifier

Why run this tool?

Answer: Check the integrity of the file before apply to a system/servers/devices so you can avoid a big headache later

Step 1: Download the MD5 checksum program from Microsoft Site:

Step 2: Extract the file into your known folder


Step 3: Run the tool in Command Line.


E.G.) I am running a checksum of Cisco IP Phone firmware before an upgrade.

C:\Users\bchoi\Documents\fciv.exemd5 D:\Patch\cmterm-devicepack8.6.2.26159-3.cop.sgn
// File Checksum Integrity Verifier version 2.05.
f3aa5d2d5a12e1d57aeacdaa43ff1b4d d:\patch\cmterm-devicepack8.6.2.26159-3.cop.sgn

Step 4: Confirm the checksum value on the vendor’s download page and the value that you have received from the tool.


Cisco Collaboration 101-5: CUCM Mobile Connect (a.k.a CUCM Single Number Reach) configuration, make your deskphone and your Mobile (Cell) phone to ring at the same time


1. Configure Cisco Mobile Connect feature on a user phone

2. Any incoming calls to the user’s deskphone should ring simultaneously on the user deskphone as well as on his Mobile phone (0 + 0414024726) <<<This is an Australian mobile, just an example

3. Mobility softkey should be displayed on the user phone during the call and on-hook status

Step 1: Create a user on CUCM

Go to ‘User Management’ >’ End User’ > ‘Add New’

*If you already have an LDAP integration, simply use existing user and modify the settings for Cisco Mobile Connect

*Presuming that a user is an existing user with an IP Phone configured.

*The CUCM version used is version 10.5

Create a new user

Associate the user’s phone

Tick ‘Enable Mobility’ & ‘Enable Mobile Voice Access’

Click on ‘Save’ to save the changes

Step 2: Go to the user’s device (phone)

Go to ‘Device’ > ‘Phone’

Find the user’s phone

On Device settings, update the ‘Owner User ID’ filed with the user’s profile

Click on ‘Save’ to save the changes

On the same page, under ‘Related Links’, select ‘Copy to Remote Destination Profile’ and click on ‘GO’ button

Configure ‘Remote Destination Profile’, confirm that the information in the red boxes are correctly configured for your CUCM environment. Then click on ‘Save’ to save the changes

Under ‘Associated Remote Destinations”, click on ‘Add a New Remote Destination’

Configure ‘Remote Destination Configuration’, make sure that you place the leading ‘9’ or ‘0’ for calls going out. If the destination is an external number, then you MUST place the outgoing leading ‘9’ or ‘0’. If this is for an internal number, you can simply enter an internal extension.

*Note on above setup, the deskphone will ring for first 4 seconds, then followed by the ringing of the user’s mobile (cell) phone. Adjust the settings per client’s request.

Check ‘Line Association’ box and click on ‘Save’ button.

Go to ‘Device’ > ‘Device Settings’ > ‘Remote Destination Profile’

Click on the user’s extension

On the line settings, scroll down all the way, until you find ‘Multiple Call/Call Waiting Settins on Device rdp_mobile_brchoi and change the “Maximum Number of Calls’ from 2 to 1. Click on ‘Save’ button.

Step 3: Make a softkey for the phone

Go to ‘Device’ > ‘Device Settings’ > ‘Softkey Template’

Locate ‘Standard User’ softkey and copy

Rename it as ‘Standard User-Mobility’ and then, on ‘Related Links’, select ‘Configure Softkey Layout’ and click on ‘Go’ button.

Select when the phone is ‘On-Hook’, add ‘Mobility’ key and place the key as you like.

Select ‘Connected’ option, add ‘Mobility’ softkey and move it up or down as you like. Don’t forget to click on the Save button.

Go to ‘Device’ > ‘Phone’

Locate the same user phone and update the ‘Softkey Template’ to the template which has been created in previous task.

Don’t forget to click on the ‘Save’ button

Click on ‘Apply Config’

Click on ‘Reset’ button to make the change take place on the phone.


  • Make a call to the user’s deskphone extension, the phone will ring for 4 seconds, then the user’s Mobile/Cell phone will start ring.
  • As soon as the call is answered on either the deskphone or Mobile/Cell phone, the other phone will start ringing. Now you have a single number reach on this user’s phone.

Cisco Collaboration 101-3: download MoH file from CUCM TFTP server

When you administrate Cisco CUCM, often there is a situation where you have to locate a file and download the file from CUCM server, particularly from the CUCM TFTP and MOH servers.

OK, first, here is an example of ‘file get’ command to download an xml file from a CUCM TFTP server.

admin:file get tftp /WLANDefault.xml
Please wait while the system is gathering files info …done.
Sub-directories were not t*raversed.
Number of files affected: 1
Total size in Bytes: 21768
Total size in Kbytes: 21.257812
Would you like to proceed [y/n]? y
SFTP server IP:
SFTP server port [22]:
User ID: administrator
Password: ********

Download directory: /

The authenticity of host ‘192168.46.2 (192168.46.2 )’ can’t be established.
RSA key fingerprint is 08:39:1b:80:c5:e4:c1:60:de:5c:5b:3a:7d:be:8a:ae.
Are you sure you want to continue connecting (yes/no)? yes
Transfer completed.


Now here is a list of ‘file list’ command sets.

admin:file list
file list activelog
file list inactivelog
file list install
file list license
file list partBsalog
file list salog
file list tftp

We have to snoop around to locate where our hidden MoH files are and it is under “activelog /mohprep” folder:

admin:file list activelog /*
<dir> audit
<dir> car_db
<dir> ccm_db
<dir> cm
<dir> core
<dir> dp_db
<dir> installed_options
<dir> mgetty
<dir> mohprep
<dir> patches
<dir> platform
<dir> sa
<dir> syslog
<dir> tomcat
dir count = 14, file count = 0
admin:file list activelog mohprep /*
CiscoMOHSourceReport.xml SampleAudioSource.alaw.wav
SampleAudioSource.g729.wav SampleAudioSource.ulaw.wav
SampleAudioSource.wb.wav SampleAudioSource.xml
SilenceAudioSource.alaw.wav SilenceAudioSource.g729.wav
SilenceAudioSource.ulaw.wav SilenceAudioSource.wb.wav
dir count = 0, file count = 11
admin:file list activelog syslog ?
file list activelog file-spec [options]
file-spec mandatory file to view
options optional page|detail|reverse|[date|size]

Let’s also look at what is under active syslog folder:

admin:file list activelog syslog /*
AlternateSyslog CiscoSyslog
CiscoSyslog.1 CiscoSyslog.2
CiscoSyslog.3 CiscoSyslog.4
boot.log boot.log.ori
cron cron.1
cron.2 maillog
messages messages.1
messages.2 messages.3
messages.4 messages.ori ntpd.log
sd_ntp.log secure
secure.1 secure.2
secure.3 secure.4
dir count = 0, file count = 3


Now if you found what you are looking for in an active MoH folder, go ahead and run “file get activelog /mohprep/[name of your MoH file]”:

admin:file get activelog /mohprep/ECM-MOH-Bunnings-Aug-2015.ulaw.wav
Please wait while the system is gathering files info …done.
Sub-directories were not traversed.
Number of files affected: 1
Total size in Bytes: 1728822
Total size in Kbytes: 1688.3027
Would you like to proceed [y/n]? y
SFTP server IP:
SFTP server port [22]:
User ID: cisco
Password: *********

Download directory: /

Transfer completed.

admin:file list activelog /mohprep/SampleAudioSource-test.ulaw.wav
dir count = 0, file count = 1
admin:file get activelog /mohprep/SampleAudioSource-test.ulaw.wav
Please wait while the system is gathering files info …done.
Sub-directories were not traversed.
Number of files affected: 1
Total size in Bytes: 2702728
Total size in Kbytes: 2639.3828
Would you like to proceed [y/n]? n
Files transfer cancelled.
admin:file get activelog /mohprep/SampleAudioSource -test.ulaw.wav
Invalid command, a dash character must be preceded by an alphanumeric character

admin:file get activelog /mohprep/SampleAudioSource test.ulaw.wav
Missing file-spec or invalid command option specified.
Valid options: [reltime|abstime][match][compress]

The issue with the space seems to match defect CSCsr43052:

Cisco Unified Communications Manager (CallManager) License backup

Hope this helps anyone who also manage Cisco Unified Communications Manager on day-to-day basis:

Task: to export license files from a Cisco Cisco Unified Communications Manager (a.k.a CallManager) ver. 5 – 10
– Reconcile all licenses in production server
– Verify the PAK key inside each license file

Option 1: Log into CUCM OS CLI
Use the following commands to list, view and get the license files:
file list license
file view license
file get license
file get license *
*Option 2: Just grab a copy from your DRS back-up

If you are running DRS backups regularly, the licsense files can be found in the following path:
Copy the backed-up tar file and extract it using 7-zip or Winrar.

E.G.) 2015-07-07-01-00-00_CMPUB_CCM_PLATFORM.tar


CCM license file location