CINXE.COM

Quality of Service (Network) - Wikitech

<!DOCTYPE html> <html class="client-nojs vector-feature-language-in-header-enabled vector-feature-language-in-main-page-header-disabled vector-feature-page-tools-pinned-disabled vector-feature-toc-pinned-clientpref-1 vector-feature-main-menu-pinned-disabled vector-feature-limited-width-clientpref-1 vector-feature-limited-width-content-enabled vector-feature-custom-font-size-clientpref-1 vector-feature-appearance-pinned-clientpref-1 vector-feature-night-mode-disabled skin-theme-clientpref-day vector-sticky-header-enabled vector-toc-available" lang="en" dir="ltr"> <head> <meta charset="UTF-8"> <title>Quality of Service (Network) - Wikitech</title> <script>(function(){var className="client-js vector-feature-language-in-header-enabled vector-feature-language-in-main-page-header-disabled vector-feature-page-tools-pinned-disabled vector-feature-toc-pinned-clientpref-1 vector-feature-main-menu-pinned-disabled vector-feature-limited-width-clientpref-1 vector-feature-limited-width-content-enabled vector-feature-custom-font-size-clientpref-1 vector-feature-appearance-pinned-clientpref-1 vector-feature-night-mode-disabled skin-theme-clientpref-day vector-sticky-header-enabled vector-toc-available";var cookie=document.cookie.match(/(?:^|; )labswikimwclientpreferences=([^;]+)/);if(cookie){cookie[1].split('%2C').forEach(function(pref){className=className.replace(new RegExp('(^| )'+pref.replace(/-clientpref-\w+$|[^\w-]+/g,'')+'-clientpref-\\w+( |$)'),'$1'+pref+'$2');});}document.documentElement.className=className;}());RLCONF={"wgBreakFrames":false,"wgSeparatorTransformTable":["",""],"wgDigitTransformTable":["",""],"wgDefaultDateFormat":"dmy", "wgMonthNames":["","January","February","March","April","May","June","July","August","September","October","November","December"],"wgRequestId":"855de5f1-c6af-46cb-bc04-3d2c19a9e568","wgCanonicalNamespace":"","wgCanonicalSpecialPageName":false,"wgNamespaceNumber":0,"wgPageName":"Quality_of_Service_(Network)","wgTitle":"Quality of Service (Network)","wgCurRevisionId":2258873,"wgRevisionId":2086915,"wgArticleId":451605,"wgIsArticle":true,"wgIsRedirect":false,"wgAction":"view","wgUserName":null,"wgUserGroups":["*"],"wgCategories":[],"wgPageViewLanguage":"en","wgPageContentLanguage":"en","wgPageContentModel":"wikitext","wgRelevantPageName":"Quality_of_Service_(Network)","wgRelevantArticleId":451605,"wgIsProbablyEditable":false,"wgRelevantPageIsProbablyEditable":false,"wgRestrictionEdit":[],"wgRestrictionMove":[],"wgNoticeProject":"wikitech","wgCiteReferencePreviewsActive":true,"wgMediaViewerOnClick":true,"wgMediaViewerEnabledByDefault":true,"wgVisualEditor":{"pageLanguageCode":"en", "pageLanguageDir":"ltr","pageVariantFallbacks":"en"},"wgMFDisplayWikibaseDescriptions":{"search":true,"watchlist":true,"tagline":false,"nearby":true},"wgWMESchemaEditAttemptStepOversample":false,"wgWMEPageLength":30000,"wgEditSubmitButtonLabelPublish":true,"wgDiscussionToolsFeaturesEnabled":{"replytool":true,"newtopictool":true,"sourcemodetoolbar":true,"topicsubscription":false,"autotopicsub":false,"visualenhancements":false,"visualenhancements_reply":false,"visualenhancements_pageframe":false},"wgDiscussionToolsFallbackEditMode":"visual","wgULSPosition":"personal","wgULSisCompactLinksEnabled":false,"wgVector2022LanguageInHeader":true,"wgULSisLanguageSelectorEmpty":false,"wgCheckUserClientHintsHeadersJsApi":["brands","architecture","bitness","fullVersionList","mobile","model","platform","platformVersion"]};RLSTATE={"ext.globalCssJs.user.styles":"ready","site.styles":"ready","user.styles":"ready","ext.globalCssJs.user":"ready","user":"ready","user.options":"loading", "mediawiki.action.styles":"ready","mediawiki.interface.helpers.styles":"ready","mediawiki.codex.messagebox.styles":"ready","ext.discussionTools.init.styles":"ready","oojs-ui-core.styles":"ready","oojs-ui.styles.indicators":"ready","mediawiki.widgets.styles":"ready","oojs-ui-core.icons":"ready","skins.vector.search.codex.styles":"ready","skins.vector.styles":"ready","skins.vector.icons":"ready","ext.wikimediamessages.styles":"ready","ext.visualEditor.desktopArticleTarget.noscript":"ready","ext.uls.pt":"ready"};RLPAGEMODULES=["site","mediawiki.page.ready","mediawiki.toc","skins.vector.js","ext.centralNotice.geoIP","ext.centralNotice.startUp","ext.gadget.site","ext.urlShortener.toolbar","ext.centralauth.centralautologin","ext.visualEditor.desktopArticleTarget.init","ext.visualEditor.targetLoader","ext.echo.centralauth","ext.discussionTools.init","ext.eventLogging","ext.wikimediaEvents","ext.uls.interface","ext.checkUser.clientHints"];</script> <script>(RLQ=window.RLQ||[]).push(function(){mw.loader.impl(function(){return["user.options@12s5i",function($,jQuery,require,module){mw.user.tokens.set({"patrolToken":"+\\","watchToken":"+\\","csrfToken":"+\\"}); }];});});</script> <link rel="stylesheet" href="/w/load.php?lang=en&amp;modules=ext.discussionTools.init.styles%7Cext.uls.pt%7Cext.visualEditor.desktopArticleTarget.noscript%7Cext.wikimediamessages.styles%7Cmediawiki.action.styles%7Cmediawiki.codex.messagebox.styles%7Cmediawiki.interface.helpers.styles%7Cmediawiki.widgets.styles%7Coojs-ui-core.icons%2Cstyles%7Coojs-ui.styles.indicators%7Cskins.vector.icons%2Cstyles%7Cskins.vector.search.codex.styles&amp;only=styles&amp;skin=vector-2022"> <script async="" src="/w/load.php?lang=en&amp;modules=startup&amp;only=scripts&amp;raw=1&amp;skin=vector-2022"></script> <meta name="ResourceLoaderDynamicStyles" content=""> <link rel="stylesheet" href="/w/load.php?lang=en&amp;modules=site.styles&amp;only=styles&amp;skin=vector-2022"> <meta name="generator" content="MediaWiki 1.44.0-wmf.18"> <meta name="referrer" content="origin"> <meta name="referrer" content="origin-when-cross-origin"> <meta name="robots" content="noindex,nofollow,max-image-preview:standard"> <meta name="format-detection" content="telephone=no"> <meta name="viewport" content="width=1120"> <meta property="og:title" content="Quality of Service (Network) - Wikitech"> <meta property="og:type" content="website"> <link rel="icon" href="/static/favicon/wikitech.ico"> <link rel="search" type="application/opensearchdescription+xml" href="/w/rest.php/v1/search" title="Wikitech (en)"> <link rel="EditURI" type="application/rsd+xml" href="//wikitech.wikimedia.org/w/api.php?action=rsd"> <link rel="canonical" href="https://wikitech.wikimedia.org/wiki/Quality_of_Service_(Network)"> <link rel="license" href="https://creativecommons.org/licenses/by-sa/4.0/"> <link rel="alternate" type="application/atom+xml" title="Wikitech Atom feed" href="/w/index.php?title=Special:RecentChanges&amp;feed=atom"> <link rel="dns-prefetch" href="//meta.wikimedia.org" /> <link rel="dns-prefetch" href="login.wikimedia.org"> </head> <body class="ext-discussiontools-replytool-enabled ext-discussiontools-newtopictool-enabled ext-discussiontools-sourcemodetoolbar-enabled skin--responsive skin-vector skin-vector-search-vue mediawiki ltr sitedir-ltr mw-hide-empty-elt ns-0 ns-subject page-Quality_of_Service_Network rootpage-Quality_of_Service_Network skin-vector-2022 action-view"><a class="mw-jump-link" href="#bodyContent">Jump to content</a> <div class="vector-header-container"> <header class="vector-header mw-header"> <div class="vector-header-start"> <nav class="vector-main-menu-landmark" aria-label="Site"> <div id="vector-main-menu-dropdown" class="vector-dropdown vector-main-menu-dropdown vector-button-flush-left vector-button-flush-right" title="Main menu" > <input type="checkbox" id="vector-main-menu-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-main-menu-dropdown" class="vector-dropdown-checkbox " aria-label="Main menu" > <label id="vector-main-menu-dropdown-label" for="vector-main-menu-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-menu mw-ui-icon-wikimedia-menu"></span> <span class="vector-dropdown-label-text">Main menu</span> </label> <div class="vector-dropdown-content"> <div id="vector-main-menu-unpinned-container" class="vector-unpinned-container"> <div id="vector-main-menu" class="vector-main-menu vector-pinnable-element"> <div class="vector-pinnable-header vector-main-menu-pinnable-header vector-pinnable-header-unpinned" data-feature-name="main-menu-pinned" data-pinnable-element-id="vector-main-menu" data-pinned-container-id="vector-main-menu-pinned-container" data-unpinned-container-id="vector-main-menu-unpinned-container" > <div class="vector-pinnable-header-label">Main menu</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-main-menu.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-main-menu.unpin">hide</button> </div> <div id="p-navigation" class="vector-menu mw-portlet mw-portlet-navigation" > <div class="vector-menu-heading"> Navigation </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-mainpage-description" class="mw-list-item"><a href="/wiki/Main_Page" title="Visit the main page [z]" accesskey="z"><span>Main page</span></a></li><li id="n-recentchanges" class="mw-list-item"><a href="/wiki/Special:RecentChanges" title="A list of recent changes in the wiki [r]" accesskey="r"><span>Recent changes</span></a></li><li id="n-Server-admin-log:-Prod" class="mw-list-item"><a href="/wiki/Server_Admin_Log"><span>Server admin log: Prod</span></a></li><li id="n-Admin-log:-RelEng" class="mw-list-item"><a href="/wiki/Release_Engineering/SAL"><span>Admin log: RelEng</span></a></li><li id="n-Incident-status" class="mw-list-item"><a href="/wiki/Incident_status"><span>Incident status</span></a></li><li id="n-Deployments" class="mw-list-item"><a href="/wiki/Deployments"><span>Deployments</span></a></li><li id="n-SRE-Team-Help" class="mw-list-item"><a href="/wiki/SRE/SRE_Team_requests"><span>SRE Team Help</span></a></li><li id="n-specialpages" class="mw-list-item"><a href="/wiki/Special:SpecialPages"><span>Special pages</span></a></li> </ul> </div> </div> <div id="p-Cloud_VPS_&amp;_Toolforge" class="vector-menu mw-portlet mw-portlet-Cloud_VPS_Toolforge" > <div class="vector-menu-heading"> Cloud VPS &amp; Toolforge </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-Cloud-VPS-portal" class="mw-list-item"><a href="/wiki/Portal:Cloud_VPS"><span>Cloud VPS portal</span></a></li><li id="n-Toolforge-portal" class="mw-list-item"><a href="/wiki/Portal:Toolforge"><span>Toolforge portal</span></a></li><li id="n-Request-VPS-project" class="mw-list-item"><a href="https://phabricator.wikimedia.org/project/view/2875/"><span>Request VPS project</span></a></li><li id="n-Admin-log:-Cloud-VPS" class="mw-list-item"><a href="/wiki/Cloud_VPS_Server_Admin_Log"><span>Admin log: Cloud VPS</span></a></li> </ul> </div> </div> </div> </div> </div> </div> </nav> <a href="/wiki/Main_Page" class="mw-logo"> <img class="mw-logo-icon" src="/static/images/icons/wikitech.svg" alt="" aria-hidden="true" height="50" width="50"> <span class="mw-logo-container skin-invert"> <img class="mw-logo-wordmark" alt="Wikitech" src="/static/images/mobile/copyright/wikitech-wordmark.svg" style="width: 8.75em; height: 1.6875em;"> </span> </a> </div> <div class="vector-header-end"> <div id="p-search" role="search" class="vector-search-box-vue vector-search-box-collapses vector-search-box-show-thumbnail vector-search-box-auto-expand-width vector-search-box"> <a href="/wiki/Special:Search" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only search-toggle" title="Search Wikitech [f]" accesskey="f"><span class="vector-icon mw-ui-icon-search mw-ui-icon-wikimedia-search"></span> <span>Search</span> </a> <div class="vector-typeahead-search-container"> <div class="cdx-typeahead-search cdx-typeahead-search--show-thumbnail cdx-typeahead-search--auto-expand-width"> <form action="/w/index.php" id="searchform" class="cdx-search-input cdx-search-input--has-end-button"> <div id="simpleSearch" class="cdx-search-input__input-wrapper" data-search-loc="header-moved"> <div class="cdx-text-input cdx-text-input--has-start-icon"> <input class="cdx-text-input__input" type="search" name="search" placeholder="Search Wikitech" aria-label="Search Wikitech" autocapitalize="sentences" title="Search Wikitech [f]" accesskey="f" id="searchInput" > <span class="cdx-text-input__icon cdx-text-input__start-icon"></span> </div> <input type="hidden" name="title" value="Special:Search"> </div> <button class="cdx-button cdx-search-input__end-button">Search</button> </form> </div> </div> </div> <nav class="vector-user-links vector-user-links-wide" aria-label="Personal tools"> <div class="vector-user-links-main"> <div id="p-vector-user-menu-preferences" class="vector-menu mw-portlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-uls" class="mw-list-item active user-links-collapsible-item"><a data-mw="interface" href="#" class="uls-trigger cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet"><span class="vector-icon mw-ui-icon-wikimedia-language mw-ui-icon-wikimedia-wikimedia-language"></span> <span>English</span></a> </li> </ul> </div> </div> <div id="p-vector-user-menu-userpage" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <nav class="vector-appearance-landmark" aria-label="Appearance"> <div id="vector-appearance-dropdown" class="vector-dropdown " title="Change the appearance of the page&#039;s font size, width, and color" > <input type="checkbox" id="vector-appearance-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-appearance-dropdown" class="vector-dropdown-checkbox " aria-label="Appearance" > <label id="vector-appearance-dropdown-label" for="vector-appearance-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-appearance mw-ui-icon-wikimedia-appearance"></span> <span class="vector-dropdown-label-text">Appearance</span> </label> <div class="vector-dropdown-content"> <div id="vector-appearance-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <div id="p-vector-user-menu-notifications" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <div id="p-vector-user-menu-overflow" class="vector-menu mw-portlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-sitesupport-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="https://donate.wikimedia.org/?wmf_source=donate&amp;wmf_medium=sidebar&amp;wmf_campaign=wikitech.wikimedia.org&amp;uselang=en" class=""><span>Donate</span></a> </li> <li id="pt-createaccount-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="/w/index.php?title=Special:CreateAccount&amp;returnto=Quality+of+Service+%28Network%29&amp;returntoquery=oldid%3D2086915" title="You are encouraged to create an account and log in; however, it is not mandatory" class=""><span>Create account</span></a> </li> <li id="pt-login-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="/w/index.php?title=Special:UserLogin&amp;returnto=Quality+of+Service+%28Network%29&amp;returntoquery=oldid%3D2086915" title="You are encouraged to log in; however, it is not mandatory [o]" accesskey="o" class=""><span>Log in</span></a> </li> </ul> </div> </div> </div> <div id="vector-user-links-dropdown" class="vector-dropdown vector-user-menu vector-button-flush-right vector-user-menu-logged-out user-links-collapsible-item" title="More options" > <input type="checkbox" id="vector-user-links-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-user-links-dropdown" class="vector-dropdown-checkbox " aria-label="Personal tools" > <label id="vector-user-links-dropdown-label" for="vector-user-links-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-ellipsis mw-ui-icon-wikimedia-ellipsis"></span> <span class="vector-dropdown-label-text">Personal tools</span> </label> <div class="vector-dropdown-content"> <div id="p-personal" class="vector-menu mw-portlet mw-portlet-personal user-links-collapsible-item" title="User menu" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-sitesupport" class="user-links-collapsible-item mw-list-item"><a href="https://donate.wikimedia.org/?wmf_source=donate&amp;wmf_medium=sidebar&amp;wmf_campaign=wikitech.wikimedia.org&amp;uselang=en"><span>Donate</span></a></li><li id="pt-createaccount" class="user-links-collapsible-item mw-list-item"><a href="/w/index.php?title=Special:CreateAccount&amp;returnto=Quality+of+Service+%28Network%29&amp;returntoquery=oldid%3D2086915" title="You are encouraged to create an account and log in; however, it is not mandatory"><span class="vector-icon mw-ui-icon-userAdd mw-ui-icon-wikimedia-userAdd"></span> <span>Create account</span></a></li><li id="pt-login" class="user-links-collapsible-item mw-list-item"><a href="/w/index.php?title=Special:UserLogin&amp;returnto=Quality+of+Service+%28Network%29&amp;returntoquery=oldid%3D2086915" title="You are encouraged to log in; however, it is not mandatory [o]" accesskey="o"><span class="vector-icon mw-ui-icon-logIn mw-ui-icon-wikimedia-logIn"></span> <span>Log in</span></a></li> </ul> </div> </div> </div> </div> </nav> </div> </header> </div> <div class="mw-page-container"> <div class="mw-page-container-inner"> <div class="vector-sitenotice-container"> <div id="siteNotice"><!-- CentralNotice --></div> </div> <div class="vector-column-start"> <div class="vector-main-menu-container"> <div id="mw-navigation"> <nav id="mw-panel" class="vector-main-menu-landmark" aria-label="Site"> <div id="vector-main-menu-pinned-container" class="vector-pinned-container"> </div> </nav> </div> </div> <div class="vector-sticky-pinned-container"> <nav id="mw-panel-toc" aria-label="Contents" data-event-name="ui.sidebar-toc" class="mw-table-of-contents-container vector-toc-landmark"> <div id="vector-toc-pinned-container" class="vector-pinned-container"> <div id="vector-toc" class="vector-toc vector-pinnable-element"> <div class="vector-pinnable-header vector-toc-pinnable-header vector-pinnable-header-pinned" data-feature-name="toc-pinned" data-pinnable-element-id="vector-toc" > <h2 class="vector-pinnable-header-label">Contents</h2> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-toc.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-toc.unpin">hide</button> </div> <ul class="vector-toc-contents" id="mw-panel-toc-list"> <li id="toc-mw-content-text" class="vector-toc-list-item vector-toc-level-1"> <a href="#" class="vector-toc-link"> <div class="vector-toc-text">Beginning</div> </a> </li> <li id="toc-Network_QoS" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Network_QoS"> <div class="vector-toc-text"> <span class="vector-toc-numb">1</span> <span>Network QoS</span> </div> </a> <ul id="toc-Network_QoS-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-QoS_in_Wikimedia" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#QoS_in_Wikimedia"> <div class="vector-toc-text"> <span class="vector-toc-numb">2</span> <span>QoS in Wikimedia</span> </div> </a> <ul id="toc-QoS_in_Wikimedia-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-QoS_Classes" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#QoS_Classes"> <div class="vector-toc-text"> <span class="vector-toc-numb">3</span> <span>QoS Classes</span> </div> </a> <button aria-controls="toc-QoS_Classes-sublist" class="cdx-button cdx-button--weight-quiet cdx-button--icon-only vector-toc-toggle"> <span class="vector-icon mw-ui-icon-wikimedia-expand"></span> <span>Toggle QoS Classes subsection</span> </button> <ul id="toc-QoS_Classes-sublist" class="vector-toc-list"> <li id="toc-Scheduling_Bandwidth" class="vector-toc-list-item vector-toc-level-2"> <a class="vector-toc-link" href="#Scheduling_Bandwidth"> <div class="vector-toc-text"> <span class="vector-toc-numb">3.1</span> <span>Scheduling Bandwidth</span> </div> </a> <ul id="toc-Scheduling_Bandwidth-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-DSCP_Marking" class="vector-toc-list-item vector-toc-level-2"> <a class="vector-toc-link" href="#DSCP_Marking"> <div class="vector-toc-text"> <span class="vector-toc-numb">3.2</span> <span>DSCP Marking</span> </div> </a> <ul id="toc-DSCP_Marking-sublist" class="vector-toc-list"> <li id="toc-Trusted_vs_Untrusted_Interfaces" class="vector-toc-list-item vector-toc-level-3"> <a class="vector-toc-link" href="#Trusted_vs_Untrusted_Interfaces"> <div class="vector-toc-text"> <span class="vector-toc-numb">3.2.1</span> <span>Trusted vs Untrusted Interfaces</span> </div> </a> <ul id="toc-Trusted_vs_Untrusted_Interfaces-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-DSCP_Marking_2" class="vector-toc-list-item vector-toc-level-3"> <a class="vector-toc-link" href="#DSCP_Marking_2"> <div class="vector-toc-text"> <span class="vector-toc-numb">3.2.2</span> <span>DSCP Marking</span> </div> </a> <ul id="toc-DSCP_Marking_2-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Traffic_Classes" class="vector-toc-list-item vector-toc-level-3"> <a class="vector-toc-link" href="#Traffic_Classes"> <div class="vector-toc-text"> <span class="vector-toc-numb">3.2.3</span> <span>Traffic Classes</span> </div> </a> <ul id="toc-Traffic_Classes-sublist" class="vector-toc-list"> <li id="toc-Management_&amp;_Control" class="vector-toc-list-item vector-toc-level-4"> <a class="vector-toc-link" href="#Management_&amp;_Control"> <div class="vector-toc-text"> <span class="vector-toc-numb">3.2.3.1</span> <span>Management &amp; Control</span> </div> </a> <ul id="toc-Management_&amp;_Control-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-High_Priority" class="vector-toc-list-item vector-toc-level-4"> <a class="vector-toc-link" href="#High_Priority"> <div class="vector-toc-text"> <span class="vector-toc-numb">3.2.3.2</span> <span>High Priority</span> </div> </a> <ul id="toc-High_Priority-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Normal_Priority" class="vector-toc-list-item vector-toc-level-4"> <a class="vector-toc-link" href="#Normal_Priority"> <div class="vector-toc-text"> <span class="vector-toc-numb">3.2.3.3</span> <span>Normal Priority</span> </div> </a> <ul id="toc-Normal_Priority-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Low_Priority" class="vector-toc-list-item vector-toc-level-4"> <a class="vector-toc-link" href="#Low_Priority"> <div class="vector-toc-text"> <span class="vector-toc-numb">3.2.3.4</span> <span>Low Priority</span> </div> </a> <ul id="toc-Low_Priority-sublist" class="vector-toc-list"> </ul> </li> </ul> </li> <li id="toc-Puppet" class="vector-toc-list-item vector-toc-level-3"> <a class="vector-toc-link" href="#Puppet"> <div class="vector-toc-text"> <span class="vector-toc-numb">3.2.4</span> <span>Puppet</span> </div> </a> <ul id="toc-Puppet-sublist" class="vector-toc-list"> <li id="toc-More_Complex_Configurations" class="vector-toc-list-item vector-toc-level-4"> <a class="vector-toc-link" href="#More_Complex_Configurations"> <div class="vector-toc-text"> <span class="vector-toc-numb">3.2.4.1</span> <span>More Complex Configurations</span> </div> </a> <ul id="toc-More_Complex_Configurations-sublist" class="vector-toc-list"> </ul> </li> </ul> </li> <li id="toc-Guidelines" class="vector-toc-list-item vector-toc-level-3"> <a class="vector-toc-link" href="#Guidelines"> <div class="vector-toc-text"> <span class="vector-toc-numb">3.2.5</span> <span>Guidelines</span> </div> </a> <ul id="toc-Guidelines-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Juniper_Config" class="vector-toc-list-item vector-toc-level-3"> <a class="vector-toc-link" href="#Juniper_Config"> <div class="vector-toc-text"> <span class="vector-toc-numb">3.2.6</span> <span>Juniper Config</span> </div> </a> <ul id="toc-Juniper_Config-sublist" class="vector-toc-list"> </ul> </li> </ul> </li> </ul> </li> </ul> </div> </div> </nav> </div> </div> <div class="mw-content-container"> <main id="content" class="mw-body"> <header class="mw-body-header vector-page-titlebar"> <nav aria-label="Contents" class="vector-toc-landmark"> <div id="vector-page-titlebar-toc" class="vector-dropdown vector-page-titlebar-toc vector-button-flush-left" title="Table of Contents" > <input type="checkbox" id="vector-page-titlebar-toc-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-page-titlebar-toc" class="vector-dropdown-checkbox " aria-label="Toggle the table of contents" > <label id="vector-page-titlebar-toc-label" for="vector-page-titlebar-toc-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-listBullet mw-ui-icon-wikimedia-listBullet"></span> <span class="vector-dropdown-label-text">Toggle the table of contents</span> </label> <div class="vector-dropdown-content"> <div id="vector-page-titlebar-toc-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <h1 id="firstHeading" class="firstHeading mw-first-heading"><span class="mw-page-title-main">Quality of Service (Network)</span></h1> </header> <div class="vector-page-toolbar"> <div class="vector-page-toolbar-container"> <div id="left-navigation"> <nav aria-label="Namespaces"> <div id="p-associated-pages" class="vector-menu vector-menu-tabs mw-portlet mw-portlet-associated-pages" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-nstab-main" class="selected vector-tab-noicon mw-list-item"><a href="/wiki/Quality_of_Service_(Network)" title="View the content page [c]" accesskey="c"><span>Page</span></a></li><li id="ca-talk" class="new vector-tab-noicon mw-list-item"><a href="/w/index.php?title=Talk:Quality_of_Service_(Network)&amp;action=edit&amp;redlink=1" rel="discussion" class="new" title="Discussion about the content page (page does not exist) [t]" accesskey="t"><span>Discussion</span></a></li> </ul> </div> </div> <div id="vector-variants-dropdown" class="vector-dropdown emptyPortlet" > <input type="checkbox" id="vector-variants-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-variants-dropdown" class="vector-dropdown-checkbox " aria-label="Change language variant" > <label id="vector-variants-dropdown-label" for="vector-variants-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet" aria-hidden="true" ><span class="vector-dropdown-label-text">English</span> </label> <div class="vector-dropdown-content"> <div id="p-variants" class="vector-menu mw-portlet mw-portlet-variants emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> </div> </div> </nav> </div> <div id="right-navigation" class="vector-collapsible"> <nav aria-label="Views"> <div id="p-views" class="vector-menu vector-menu-tabs mw-portlet mw-portlet-views" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-view" class="selected vector-tab-noicon mw-list-item"><a href="/wiki/Quality_of_Service_(Network)"><span>Read</span></a></li><li id="ca-viewsource" class="vector-tab-noicon mw-list-item"><a href="/w/index.php?title=Quality_of_Service_(Network)&amp;action=edit&amp;oldid=2086915" title="This page is protected.&#10;You can view its source [e]" accesskey="e"><span>View source</span></a></li><li id="ca-history" class="vector-tab-noicon mw-list-item"><a href="/w/index.php?title=Quality_of_Service_(Network)&amp;action=history" title="Past revisions of this page [h]" accesskey="h"><span>View history</span></a></li> </ul> </div> </div> </nav> <nav class="vector-page-tools-landmark" aria-label="Page tools"> <div id="vector-page-tools-dropdown" class="vector-dropdown vector-page-tools-dropdown" > <input type="checkbox" id="vector-page-tools-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-page-tools-dropdown" class="vector-dropdown-checkbox " aria-label="Tools" > <label id="vector-page-tools-dropdown-label" for="vector-page-tools-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet" aria-hidden="true" ><span class="vector-dropdown-label-text">Tools</span> </label> <div class="vector-dropdown-content"> <div id="vector-page-tools-unpinned-container" class="vector-unpinned-container"> <div id="vector-page-tools" class="vector-page-tools vector-pinnable-element"> <div class="vector-pinnable-header vector-page-tools-pinnable-header vector-pinnable-header-unpinned" data-feature-name="page-tools-pinned" data-pinnable-element-id="vector-page-tools" data-pinned-container-id="vector-page-tools-pinned-container" data-unpinned-container-id="vector-page-tools-unpinned-container" > <div class="vector-pinnable-header-label">Tools</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-page-tools.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-page-tools.unpin">hide</button> </div> <div id="p-cactions" class="vector-menu mw-portlet mw-portlet-cactions emptyPortlet vector-has-collapsible-items" title="More options" > <div class="vector-menu-heading"> Actions </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-more-view" class="selected vector-more-collapsible-item mw-list-item"><a href="/wiki/Quality_of_Service_(Network)"><span>Read</span></a></li><li id="ca-more-viewsource" class="vector-more-collapsible-item mw-list-item"><a href="/w/index.php?title=Quality_of_Service_(Network)&amp;action=edit&amp;oldid=2086915"><span>View source</span></a></li><li id="ca-more-history" class="vector-more-collapsible-item mw-list-item"><a href="/w/index.php?title=Quality_of_Service_(Network)&amp;action=history"><span>View history</span></a></li> </ul> </div> </div> <div id="p-tb" class="vector-menu mw-portlet mw-portlet-tb" > <div class="vector-menu-heading"> General </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="t-whatlinkshere" class="mw-list-item"><a href="/wiki/Special:WhatLinksHere/Quality_of_Service_(Network)" title="A list of all wiki pages that link here [j]" accesskey="j"><span>What links here</span></a></li><li id="t-recentchangeslinked" class="mw-list-item"><a href="/wiki/Special:RecentChangesLinked/Quality_of_Service_(Network)" rel="nofollow" title="Recent changes in pages linked from this page [k]" accesskey="k"><span>Related changes</span></a></li><li id="t-permalink" class="mw-list-item"><a href="/w/index.php?title=Quality_of_Service_(Network)&amp;oldid=2086915" title="Permanent link to this revision of this page"><span>Permanent link</span></a></li><li id="t-info" class="mw-list-item"><a href="/w/index.php?title=Quality_of_Service_(Network)&amp;action=info" title="More information about this page"><span>Page information</span></a></li><li id="t-cite" class="mw-list-item"><a href="/w/index.php?title=Special:CiteThisPage&amp;page=Quality_of_Service_%28Network%29&amp;id=2086915&amp;wpFormIdentifier=titleform" title="Information on how to cite this page"><span>Cite this page</span></a></li><li id="t-urlshortener" class="mw-list-item"><a href="/w/index.php?title=Special:UrlShortener&amp;url=https%3A%2F%2Fwikitech.wikimedia.org%2Fw%2Findex.php%3Ftitle%3DQuality_of_Service_%28Network%29%26oldid%3D2086915"><span>Get shortened URL</span></a></li><li id="t-urlshortener-qrcode" class="mw-list-item"><a href="/w/index.php?title=Special:QrCode&amp;url=https%3A%2F%2Fwikitech.wikimedia.org%2Fw%2Findex.php%3Ftitle%3DQuality_of_Service_%28Network%29%26oldid%3D2086915"><span>Download QR code</span></a></li> </ul> </div> </div> <div id="p-coll-print_export" class="vector-menu mw-portlet mw-portlet-coll-print_export" > <div class="vector-menu-heading"> Print/export </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="coll-create_a_book" class="mw-list-item"><a href="/w/index.php?title=Special:Book&amp;bookcmd=book_creator&amp;referer=Quality+of+Service+%28Network%29"><span>Create a book</span></a></li><li id="t-print" class="mw-list-item"><a href="/w/index.php?title=Quality_of_Service_(Network)&amp;printable=yes" title="Printable version of this page [p]" accesskey="p"><span>Printable version</span></a></li> </ul> </div> </div> </div> </div> </div> </div> </nav> </div> </div> </div> <div class="vector-column-end"> <div class="vector-sticky-pinned-container"> <nav class="vector-page-tools-landmark" aria-label="Page tools"> <div id="vector-page-tools-pinned-container" class="vector-pinned-container"> </div> </nav> <nav class="vector-appearance-landmark" aria-label="Appearance"> <div id="vector-appearance-pinned-container" class="vector-pinned-container"> <div id="vector-appearance" class="vector-appearance vector-pinnable-element"> <div class="vector-pinnable-header vector-appearance-pinnable-header vector-pinnable-header-pinned" data-feature-name="appearance-pinned" data-pinnable-element-id="vector-appearance" data-pinned-container-id="vector-appearance-pinned-container" data-unpinned-container-id="vector-appearance-unpinned-container" > <div class="vector-pinnable-header-label">Appearance</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-appearance.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-appearance.unpin">hide</button> </div> </div> </div> </nav> </div> </div> <div id="bodyContent" class="vector-body" aria-labelledby="firstHeading" data-mw-ve-target-container> <div class="vector-body-before-content"> <div class="mw-indicators"> </div> <div id="siteSub" class="noprint">From Wikitech</div> </div> <div id="contentSub"><div id="mw-content-subtitle"><div class="cdx-message cdx-message--block cdx-message--warning mw-revision"><span class="cdx-message__icon"></span><div class="cdx-message__content"><div id="mw-revision-info">Revision as of 19:33, 20 June 2023 by <a href="/wiki/User:CMooney_(WMF)" class="mw-userlink" title="User:CMooney (WMF)" data-mw-revid="2086915"><bdi>CMooney (WMF)</bdi></a> <span class="mw-usertoollinks">(<a href="/wiki/User_talk:CMooney_(WMF)" class="mw-usertoollinks-talk" title="User talk:CMooney (WMF)">talk</a> | <a href="/wiki/Special:Contributions/CMooney_(WMF)" class="mw-usertoollinks-contribs" title="Special:Contributions/CMooney (WMF)">contribs</a>)</span> <span class="comment">(<span class="autocomment"><a href="#High_Priority">→<bdi dir="ltr">High Priority</bdi></a></span>)</span></div><div id="mw-revision-nav">(<a href="/w/index.php?title=Quality_of_Service_(Network)&amp;diff=prev&amp;oldid=2086915" title="Quality of Service (Network)">diff</a>) <a href="/w/index.php?title=Quality_of_Service_(Network)&amp;direction=prev&amp;oldid=2086915" title="Quality of Service (Network)">← Older revision</a> | <a href="/wiki/Quality_of_Service_(Network)" title="Quality of Service (Network)">Latest revision</a> (<a href="/w/index.php?title=Quality_of_Service_(Network)&amp;diff=cur&amp;oldid=2086915" title="Quality of Service (Network)">diff</a>) | <a href="/w/index.php?title=Quality_of_Service_(Network)&amp;direction=next&amp;oldid=2086915" title="Quality of Service (Network)">Newer revision →</a> (<a href="/w/index.php?title=Quality_of_Service_(Network)&amp;diff=next&amp;oldid=2086915" title="Quality of Service (Network)">diff</a>)</div></div></div></div></div> <div id="mw-content-text" class="mw-body-content"><div class="mw-content-ltr mw-parser-output" lang="en" dir="ltr"><meta property="mw:PageProp/toc" /> <div class="mw-heading mw-heading1"><h1 id="Network_QoS" data-mw-thread-id="h-Network_QoS"><span data-mw-comment-start="" id="h-Network_QoS"></span>Network QoS<span data-mw-comment-end="h-Network_QoS"></span></h1></div> <p>Quality of Service is a term in networking which refers to a number of techniques that can be used to profile and, in some circumstances, prioritize particular traffic flows over others. </p><p>As communications systems moved to packet-switching, and ultimately all-IP networks carrying multiple types of traffic, that at once stage would have each had their own dedicated physical components (i.e. voice, video, storage, control), it has become and important consideration for network operators. </p><p>QoS functions in network devices define how packets should be queued in internal buffer structures, and scheduled for transmission on the wire. It is important to note that for the most part QoS rules do nothing. They only get used when a device or link is under strain, and lacks sufficient bandwidth for all the data that wants to use it. A good way to think about QoS configuration is telling routers "what traffic to drop" when it *has* to drop something. Viewed in this way it's clear that the better solution is to build and operate networks that don't drop any packets. The simpler (and usually cheaper) option to deal with congestion is to provision more bandwidth. </p><p>Configuring QoS still makes sense, however, to deal with exceptional circumstances that might arise from time to time. That could be due to irregular traffic flows (sudden changes in application behavior, fault scenarios that reduce capacity, or potentially even denial-of-service attacks). In such scenarios where packet loss cannot be avoided, it helps if the network can make intelligent decisions about what traffic is least important. </p> <div class="mw-heading mw-heading1"><h1 id="QoS_in_Wikimedia" data-mw-thread-id="h-QoS_in_Wikimedia"><span data-mw-comment-start="" id="h-QoS_in_Wikimedia"></span>QoS in Wikimedia<span data-mw-comment-end="h-QoS_in_Wikimedia"></span></h1></div> <p>Traditionally, WMF network devices have no specific QoS configuration applied. All traffic is considered "best effort", and during congestion all traffic flows are equally liable to suffer from drops. By and large this has worked well (TCP and other higher layer protocols help to balance flows). One element that has helped is the relatively low speed that servers are connected at (typically 1G), which acts as a natural limit to how much traffic a single (greedy/malfunctioning) server can send. As we are now connecting more servers at 10G and even 25G, there is increased potential for a handful of servers to generate traffic flows that swamp the core network. </p><p>As discussed, the best way to accommodate such flows is to make sure we have sufficient bandwidth throughout the network. But there is something of a chicken-and-egg element here. It doesn't make sense to deploy a lot of additional bandwidth <i>in case</i> applications come along that require it. Likewise it represents a risk to deploy a lot of high-bandwidth servers, with potential to generate a lot of traffic, knowing that there are bottlenecks and high contention in certain areas of the network. </p><p>To address this gap SRE is rolling our QoS configuration to our network devices. The goal is to allow us to connect servers at higher speeds, supporting continued growth and consolidation of compute and storage, while remaining confident that mission-critical services won't be starved of bandwidth. </p> <div class="mw-heading mw-heading1"><h1 id="QoS_Classes" data-mw-thread-id="h-QoS_Classes"><span data-mw-comment-start="" id="h-QoS_Classes"></span>QoS Classes<span data-mw-comment-end="h-QoS_Classes"></span></h1></div> <p>The first requirement when implementing a QoS framework is deciding how many traffic classes should be created. Obviously the more classes one has the more finely-grained policies about what to do can be, however it comes at the cost of complexity. Netops are of the opinion that a relatively simple approach, with just a few classes, is the best option. </p><p>As such the following classes will be defined on network devices: </p> <table class="wikitable" style="text-align:left"> <tbody><tr> <th>Class name</th> <th>DSCP Marking</th> <th>Scheduling BW%</th> <th>Description </th></tr> <tr> <td>Management &amp; Control</td> <td>CS6 (48)</td> <td>5%</td> <td>Network control traffic (i.e. routing protocols), and management (SSH, SNMP etc) </td></tr> <tr> <td>High</td> <td>AF21 (18)</td> <td>35%</td> <td>High priority traffic </td></tr> <tr> <td>Normal</td> <td>DE (0)</td> <td>50%</td> <td>Default priority - same as existing single class </td></tr> <tr> <td>Low</td> <td>AF41 (34)</td> <td>10%</td> <td>Low priority traffic </td></tr></tbody></table> <ul><li>Code-points AF11 is reserved for possible future use if a 'higher than high' traffic priority is deemed necessary.</li></ul> <div class="mw-heading mw-heading2 ext-discussiontools-init-section"><h2 id="Scheduling_Bandwidth" data-mw-thread-id="h-Scheduling_Bandwidth-QoS_Classes"><span data-mw-comment-start="" id="h-Scheduling_Bandwidth-QoS_Classes"></span>Scheduling Bandwidth<span data-mw-comment-end="h-Scheduling_Bandwidth-QoS_Classes"></span></h2><!--__DTELLIPSISBUTTON__{"threadItem":{"headingLevel":2,"name":"h-","type":"heading","level":0,"id":"h-Scheduling_Bandwidth-QoS_Classes","replies":[]}}--></div> <p>The "scheduling bandwidth" represents the minimum percentage of available link bandwidth that will be dedicated to that class when a link is under saturation. In our setup the "high priority" queue will get 35% of available bandwidth in such a scenario, despite the fact that only a small minority of all application flows will be mapped to it. The majority of our traffic will remain classified as "normal", and contend for the 50% of bandwidth available to it. Finally the "low" priority class gets the remaining 10%, to keep some data flowing within it, but it will suffer most due to the congestion. </p><p>All classes will be served by a weighted round-robin scheduler based on their defined scheduling bandwidth. No "expedited" (priority/strict) class is defined, meaning no queue will be configured such that it will be served immediately if any packets arrive on it. Such priority queuing is commonly used for real-time voice and video applications, where absolutely lowest latency and jitter (std. deviation) is required. While we may have high-priority flows, they are data flows and not real-time communications, so standard, non-expedited queuing is preferable. </p><p>It is also worth noting that the percentages simply reflect the scheduling priority. When links are not saturated, any class, including 'low', can use 100% of the available bandwidth. </p> <div class="mw-heading mw-heading2 ext-discussiontools-init-section"><h2 id="DSCP_Marking" data-mw-thread-id="h-DSCP_Marking-QoS_Classes"><span data-mw-comment-start="" id="h-DSCP_Marking-QoS_Classes"></span>DSCP Marking<span data-mw-comment-end="h-DSCP_Marking-QoS_Classes"></span></h2><!--__DTELLIPSISBUTTON__{"threadItem":{"headingLevel":2,"name":"h-","type":"heading","level":0,"id":"h-DSCP_Marking-QoS_Classes","replies":["h-Trusted_vs_Untrusted_Interfaces-DSCP_Marking","h-DSCP_Marking_2-DSCP_Marking","h-Traffic_Classes-DSCP_Marking","h-Puppet-DSCP_Marking","h-Guidelines-DSCP_Marking","h-Juniper_Config-DSCP_Marking"]}}--></div> <div class="mw-heading mw-heading3"><h3 id="Trusted_vs_Untrusted_Interfaces" data-mw-thread-id="h-Trusted_vs_Untrusted_Interfaces-DSCP_Marking"><span data-mw-comment-start="" id="h-Trusted_vs_Untrusted_Interfaces-DSCP_Marking"></span>Trusted vs Untrusted Interfaces<span data-mw-comment-end="h-Trusted_vs_Untrusted_Interfaces-DSCP_Marking"></span></h3></div> <p>Any QoS design is a network-wide undertaking. A key concept involved is the idea of "trusted" and "untrusted" interfaces. </p><p>The basic idea here is that where traffic arrives in from an external source you can't "trust" the TOS/<a rel="nofollow" class="external text" href="https://datatracker.ietf.org/doc/html/rfc2474">DSCP</a> marking in the IP header. On these interfaces you need to: </p> <ul><li>Map traffic to forwarding classes based on some criteria other than the DSCP bits in the header.</li> <li>Write the DSCP bits in the header to those you are using elsewhere on the network to represent that traffic class.</li></ul> <p>In the Wikimedia setup external internet-facing interfaces are clearly "untrusted" based on that. Server-facing interfaces on our switches are on the other hand considered "trusted" as we are going to control and set DSCP bits egress from our servers using netfilter. Extending the metaphor slightly we don't "trust" any DSCP bits third-party software might set "out of the box" on our servers. Unless we explicitly set the DSCP in a given packet to one of our defined codepoints we therefore need to mark packets leaving our servers as BE/CS0, to map it into the 'normal priority' forwarding class on the network. </p> <div class="mw-heading mw-heading3"><h3 id="DSCP_Marking_2" data-mw-thread-id="h-DSCP_Marking_2-DSCP_Marking"><span data-mw-comment-start="" id="h-DSCP_Marking_2-DSCP_Marking"></span>DSCP Marking<span data-mw-comment-end="h-DSCP_Marking_2-DSCP_Marking"></span></h3></div> <p>The plan in Wikimedia is to set DSCP values on end servers, leveraging our existing iptables (Ferm) / nftables configuration frameworks. The network devices will be configured to trust the incoming values set on servers, and queue packets accordingly. Puppet will be used to drive the end-host configuration for packet marking. </p><p>Various schemes have been proposed for the use of the TOS/DSCP fields over the years, but ultimately there is no universal standard and these markings are generally ignored or rewritten across the internet. This means they only have significance internally for any organization, and merely serve to identify traffic classes based on local policy. As such any markings work as good as any other, as long as all devices are configured the same. Adherence to any particular scheme is not required. For the most part the code points defined in <a rel="nofollow" class="external text" href="https://www.rfc-editor.org/rfc/rfc2597.html">RFC2597</a> are used here, but the categories they represent are those we define internally, and don't necessarily correspond to how they are defined in the RFC or by any specific network vendors. </p> <div class="mw-heading mw-heading3"><h3 id="Traffic_Classes" data-mw-thread-id="h-Traffic_Classes-DSCP_Marking"><span data-mw-comment-start="" id="h-Traffic_Classes-DSCP_Marking"></span>Traffic Classes<span data-mw-comment-end="h-Traffic_Classes-DSCP_Marking"></span></h3></div> <p>As shown in the table 4 classes of traffic are defined, which are detailed further below. </p> <div class="mw-heading mw-heading5"><h5 id="Management_&amp;_Control" data-mw-thread-id="h-Management_&amp;_Control-Traffic_Classes"><span id="Management_.26_Control"></span><span data-mw-comment-start="" id="h-Management_&amp;_Control-Traffic_Classes"></span>Management &amp; Control<span data-mw-comment-end="h-Management_&amp;_Control-Traffic_Classes"></span></h5></div> <p>This class is used for management and control plane traffic. It is vital, in the presence of congestion, that such traffic is prioritized to ensure that devices remain reachable via SSH, monitoring continues to work, and router to router control plane (i.e. OSPF, BGP etc.) traffic is served. This ensures that engineers and other systems can continue to work in such a situation, allowing the root cause to be identified and addressed. </p> <div class="mw-heading mw-heading5"><h5 id="High_Priority" data-mw-thread-id="h-High_Priority-Traffic_Classes"><span data-mw-comment-start="" id="h-High_Priority-Traffic_Classes"></span>High Priority<span data-mw-comment-end="h-High_Priority-Traffic_Classes"></span></h5></div> <p>This class will be used for high-priority application flows as required. It has less scheduling bandwidth than the 'normal' class, but much fewer traffic flows are expected to be mapped into it, giving them a relatively higher weighting. Exactly what traffic should be mapped into it needs to be carefully considered, and discussed with the SRE teams responsible for the relevant applications. Typically only low-throughput, sensitive traffic flows should be mapped to this class. High-throughput bulk data transfers should not be mapped to this class. </p><p>While it might look attractive for any given flow to be declared 'high priority', it is easy to negate the usefulness of the category if too much many things are mapped to it (i.e. if everything is important, nothing is). </p> <div class="mw-heading mw-heading5"><h5 id="Normal_Priority" data-mw-thread-id="h-Normal_Priority-Traffic_Classes"><span data-mw-comment-start="" id="h-Normal_Priority-Traffic_Classes"></span>Normal Priority<span data-mw-comment-end="h-Normal_Priority-Traffic_Classes"></span></h5></div> <p>This is the standard class into which all normal application flows are mapped. It can be thought of as the equivalent of our existing, single traffic class across the network. With the possible exception of some management/control traffic, the base server configuration will map all traffic into this class. </p> <div class="mw-heading mw-heading5"><h5 id="Low_Priority" data-mw-thread-id="h-Low_Priority-Traffic_Classes"><span data-mw-comment-start="" id="h-Low_Priority-Traffic_Classes"></span>Low Priority<span data-mw-comment-end="h-Low_Priority-Traffic_Classes"></span></h5></div> <p>This is a "lower than normal" class that can be used to map flows that we know are not high priority. Similar to the 'high priority' class we need to carefully consider what should be mapped into it. Unlike the 'high priority' class there is no real danger (on the network side), of marking too much traffic as low priority. So we can be a little more trusting of packets marked like this. </p><p>Teams are as unlikely to declare their applications are low priority as it is likely for them to say they are high priority. But it may serve an important function. As an example if it were possible we might mark bulk traffic responses, to say cloud providers who are scraping the wiki's, into this class. But leave regular (human) user traffic in the 'normal' class. How exactly we can leverage it remains to be seen but it is likely to prove useful, and requires less gatekeeping than requests to utilize the "high" priority class. </p> <div class="mw-heading mw-heading3"><h3 id="Puppet" data-mw-thread-id="h-Puppet-DSCP_Marking"><span data-mw-comment-start="" id="h-Puppet-DSCP_Marking"></span>Puppet<span data-mw-comment-end="h-Puppet-DSCP_Marking"></span></h3></div> <p>To enable us to place traffic into classes some elements have been added to puppet to allow definition of traffic flows that should be marked as high or low priority. By default the puppet firewall module will be modified to mark all traffic, without a specific rule elsewhere marking it up/down, as normal priority. A new puppet resource, ferm::qos, has been defined and made available to teams to set the priority for both servers (machines listening for connections from other devices) and clients (machines that connect out). Both of these typically need a rule defined to ensure that both sides of a connection are mapped into the same class. </p><p>Say we had a service running on TCP port 123 that we wanted to place into the 'low priority' category. We'd add a definition like this for the server side, typically in the same place we allow the traffic in already: </p> <pre> ferm::qos { 'rule to prioritise service X' direction =&gt; 'in', port =&gt; '123', protocol =&gt; 'tcp', qos =&gt; 'low, } </pre> <p>And for hosts on the client side that connect to this we'd add a similar rule in the 'out' direction: </p> <pre> ferm::qos { 'rule to prioritise service X' direction =&gt; 'out', port =&gt; '123', protocol =&gt; 'tcp', qos =&gt; 'low, } </pre> <p>It is generally advised SRE teams touch base with netops when they wish to add such rules, so that we are aware of plans and can also offer advice on how best to approach for a given set of expected traffic flows. </p> <div class="mw-heading mw-heading4"><h4 id="More_Complex_Configurations" data-mw-thread-id="h-More_Complex_Configurations-Puppet"><span data-mw-comment-start="" id="h-More_Complex_Configurations-Puppet"></span>More Complex Configurations<span data-mw-comment-end="h-More_Complex_Configurations-Puppet"></span></h4></div> <p>In some cases the above simple model won't be sufficient to classify a particular type of traffic. For instance if we need to match on more criteria than just the UDP/TCP ports of a service. In these cases we can use the existing, generic, `ferm::rule` syntax, which allows for a good deal of flexibility: </p> <pre> ferm::rule { 'dscp-icmp-mon': table =&gt; 'mangle', chain =&gt; 'OUTPUT', rule =&gt; "proto tcp DSCP icmp type echo-reply daddr (${monitoring_hosts_str}) DSCP set-dscp-class CS6; RETURN;", } </pre> <pre> ferm::rule { 'dscp-icmp-mon': table =&gt; 'mangle', chain =&gt; 'OUTPUT', rule =&gt; "proto tcp sport 123 mod dscp dscp-class CS6 DSCP set-dscp-class AF41; RETURN;", } </pre> <p>Again netops are available to work with teams on creating the most appropriate rules for a given service. </p><p>Because rules are defined in puppet alongside the services they apply to, if we remove those services rules should also be automatically removed from the hosts that ran them. So the approach should be relatively clean. </p> <div class="mw-heading mw-heading3"><h3 id="Guidelines" data-mw-thread-id="h-Guidelines-DSCP_Marking"><span data-mw-comment-start="" id="h-Guidelines-DSCP_Marking"></span>Guidelines<span data-mw-comment-end="h-Guidelines-DSCP_Marking"></span></h3></div> <p>In general the 'high' priority class should be used for low-bandwidth, latency sensitive, important traffic. So for instance keepalive traffic, or traffic that is essential to monitoring the status of a cluster of nodes. </p><p>High bandwidth, bulk traffic, such as file transfers, backups, bulk data sync etc. is not suitable for being marked as 'high priority'. This traffic is indeed important, but it is too voluminous to place into the high priority queue should we run into congestion. It needs to be remembered that the goal is never to hit congestion, and thus for these rules not to matter outside exceptional circumstances. In those circumstances we want to "keep the lights on", prioritize our own control traffic and a small amount of high priority application flows, but inevitably things break when the network is congested and dropping packets (with or without QoS). </p> <div class="mw-heading mw-heading3"><h3 id="Juniper_Config" data-mw-thread-id="h-Juniper_Config-DSCP_Marking"><span data-mw-comment-start="" id="h-Juniper_Config-DSCP_Marking"></span>Juniper Config<span data-mw-comment-end="h-Juniper_Config-DSCP_Marking"></span></h3></div> <p>BA Classifiers Firewall Policy for Transit Links Shaper for sub-rated transports </p> <!-- NewPP limit report Parsed by mw‐web.codfw.main‐64b5bb4b79‐54s7q Cached time: 20250301150229 Cache expiry: 2592000 Reduced expiry: false Complications: [show‐toc] DiscussionTools time usage: 0.011 seconds CPU time usage: 0.028 seconds Real time usage: 0.029 seconds Preprocessor visited node count: 47/1000000 Post‐expand include size: 0/2097152 bytes Template argument size: 0/2097152 bytes Highest expansion depth: 2/100 Expensive parser function count: 0/500 Unstrip recursion depth: 0/20 Unstrip post‐expand size: 0/5000000 bytes --> <!-- Transclusion expansion time report (%,ms,calls,template) 100.00% 0.000 1 -total --> <!-- Saved in RevisionOutputCache with key labswiki:rcache:2086915:dateformat=default and timestamp 20250301150229 and revision id 2086915. --> </div><!--esi <esi:include src="/esitest-fa8a495983347898/content" /> --><noscript><img src="https://login.wikimedia.org/wiki/Special:CentralAutoLogin/start?useformat=desktop&amp;type=1x1&amp;usesul3=0" alt="" width="1" height="1" style="border: none; position: absolute;"></noscript> <div class="printfooter" data-nosnippet="">Retrieved from "<a dir="ltr" href="https://wikitech.wikimedia.org/w/index.php?title=Quality_of_Service_(Network)&amp;oldid=2086915">https://wikitech.wikimedia.org/w/index.php?title=Quality_of_Service_(Network)&amp;oldid=2086915</a>"</div></div> <div id="catlinks" class="catlinks catlinks-allhidden" data-mw="interface"></div> </div> </main> </div> <div class="mw-footer-container"> <footer id="footer" class="mw-footer" > <ul id="footer-info"> <li id="footer-info-lastmod"> This page was last edited on 20 June 2023, at 19:33.</li> <li id="footer-info-copyright">Text is available under the <a rel="nofollow" class="external text" href="https://creativecommons.org/licenses/by-sa/4.0/">Creative Commons Attribution-ShareAlike License</a>; additional terms may apply. See <a class="external text" href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Terms_of_Use">Terms of Use</a> for details.</li> </ul> <ul id="footer-places"> <li id="footer-places-privacy"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Privacy_policy">Privacy policy</a></li> <li id="footer-places-about"><a href="/wiki/Main_Page">About Wikitech</a></li> <li id="footer-places-disclaimers"><a href="https://foundation.wikimedia.org/wiki/General_disclaimer">Disclaimers</a></li> <li id="footer-places-wm-codeofconduct"><a href="https://www.mediawiki.org/wiki/Special:MyLanguage/Code_of_Conduct">Code of Conduct</a></li> <li id="footer-places-developers"><a href="https://developer.wikimedia.org">Developers</a></li> <li id="footer-places-statslink"><a href="https://stats.wikimedia.org/#/wikitech.wikimedia.org">Statistics</a></li> <li id="footer-places-cookiestatement"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Cookie_statement">Cookie statement</a></li> <li id="footer-places-mobileview"><a href="//wikitech.wikimedia.org/w/index.php?title=Quality_of_Service_(Network)&amp;oldid=2086915&amp;mobileaction=toggle_view_mobile" class="noprint stopMobileRedirectToggle">Mobile view</a></li> </ul> <ul id="footer-icons" class="noprint"> <li id="footer-copyrightico"><a href="https://wikimediafoundation.org/" class="cdx-button cdx-button--fake-button cdx-button--size-large cdx-button--fake-button--enabled"><picture><source media="(min-width: 500px)" srcset="/static/images/footer/wikimedia-button.svg" width="84" height="29"><img src="/static/images/footer/wikimedia.svg" width="25" height="25" alt="Wikimedia Foundation" lang="en" loading="lazy"></picture></a></li> <li id="footer-poweredbyico"><a href="https://www.mediawiki.org/" class="cdx-button cdx-button--fake-button cdx-button--size-large cdx-button--fake-button--enabled"><picture><source media="(min-width: 500px)" srcset="/w/resources/assets/poweredby_mediawiki.svg" width="88" height="31"><img src="/w/resources/assets/mediawiki_compact.svg" alt="Powered by MediaWiki" lang="en" width="25" height="25" loading="lazy"></picture></a></li> </ul> </footer> </div> </div> </div> <div class="vector-header-container vector-sticky-header-container"> <div id="vector-sticky-header" class="vector-sticky-header"> <div class="vector-sticky-header-start"> <div class="vector-sticky-header-icon-start vector-button-flush-left vector-button-flush-right" aria-hidden="true"> <button class="cdx-button cdx-button--weight-quiet cdx-button--icon-only vector-sticky-header-search-toggle" tabindex="-1" data-event-name="ui.vector-sticky-search-form.icon"><span class="vector-icon mw-ui-icon-search mw-ui-icon-wikimedia-search"></span> <span>Search</span> </button> </div> <div role="search" class="vector-search-box-vue vector-search-box-show-thumbnail vector-search-box"> <div class="vector-typeahead-search-container"> <div class="cdx-typeahead-search cdx-typeahead-search--show-thumbnail"> <form action="/w/index.php" id="vector-sticky-search-form" class="cdx-search-input cdx-search-input--has-end-button"> <div class="cdx-search-input__input-wrapper" data-search-loc="header-moved"> <div class="cdx-text-input cdx-text-input--has-start-icon"> <input class="cdx-text-input__input" type="search" name="search" placeholder="Search Wikitech"> <span class="cdx-text-input__icon cdx-text-input__start-icon"></span> </div> <input type="hidden" name="title" value="Special:Search"> </div> <button class="cdx-button cdx-search-input__end-button">Search</button> </form> </div> </div> </div> <div class="vector-sticky-header-context-bar"> <nav aria-label="Contents" class="vector-toc-landmark"> <div id="vector-sticky-header-toc" class="vector-dropdown mw-portlet mw-portlet-sticky-header-toc vector-sticky-header-toc vector-button-flush-left" > <input type="checkbox" id="vector-sticky-header-toc-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-sticky-header-toc" class="vector-dropdown-checkbox " aria-label="Toggle the table of contents" > <label id="vector-sticky-header-toc-label" for="vector-sticky-header-toc-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-listBullet mw-ui-icon-wikimedia-listBullet"></span> <span class="vector-dropdown-label-text">Toggle the table of contents</span> </label> <div class="vector-dropdown-content"> <div id="vector-sticky-header-toc-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <div class="vector-sticky-header-context-bar-primary" aria-hidden="true" ><span class="mw-page-title-main">Quality of Service (Network)</span></div> </div> </div> <div class="vector-sticky-header-end" aria-hidden="true"> <div class="vector-sticky-header-icons"> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-talk-sticky-header" tabindex="-1" data-event-name="talk-sticky-header"><span class="vector-icon mw-ui-icon-speechBubbles mw-ui-icon-wikimedia-speechBubbles"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-subject-sticky-header" tabindex="-1" data-event-name="subject-sticky-header"><span class="vector-icon mw-ui-icon-article mw-ui-icon-wikimedia-article"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-history-sticky-header" tabindex="-1" data-event-name="history-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-history mw-ui-icon-wikimedia-wikimedia-history"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only mw-watchlink" id="ca-watchstar-sticky-header" tabindex="-1" data-event-name="watch-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-star mw-ui-icon-wikimedia-wikimedia-star"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-edit-sticky-header" tabindex="-1" data-event-name="wikitext-edit-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-wikiText mw-ui-icon-wikimedia-wikimedia-wikiText"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-ve-edit-sticky-header" tabindex="-1" data-event-name="ve-edit-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-edit mw-ui-icon-wikimedia-wikimedia-edit"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-viewsource-sticky-header" tabindex="-1" data-event-name="ve-edit-protected-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-editLock mw-ui-icon-wikimedia-wikimedia-editLock"></span> <span></span> </a> </div> <div class="vector-sticky-header-buttons"> <button class="cdx-button cdx-button--weight-quiet mw-interlanguage-selector" id="p-lang-btn-sticky-header" tabindex="-1" data-event-name="ui.dropdown-p-lang-btn-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-language mw-ui-icon-wikimedia-wikimedia-language"></span> <span>Add languages</span> </button> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--action-progressive" id="ca-addsection-sticky-header" tabindex="-1" data-event-name="addsection-sticky-header"><span class="vector-icon mw-ui-icon-speechBubbleAdd-progressive mw-ui-icon-wikimedia-speechBubbleAdd-progressive"></span> <span>Add topic</span> </a> </div> <div class="vector-sticky-header-icon-end"> <div class="vector-user-links"> </div> </div> </div> </div> </div> <div class="mw-portlet mw-portlet-dock-bottom emptyPortlet" id="p-dock-bottom"> <ul> </ul> </div> <script>(RLQ=window.RLQ||[]).push(function(){mw.config.set({"wgHostname":"mw-web.codfw.main-64b5bb4b79-54s7q","wgBackendResponseTime":175,"wgDiscussionToolsPageThreads":[{"headingLevel":1,"name":"h-","type":"heading","level":0,"id":"h-Network_QoS","replies":[]},{"headingLevel":1,"name":"h-","type":"heading","level":0,"id":"h-QoS_in_Wikimedia","replies":[]},{"headingLevel":1,"name":"h-","type":"heading","level":0,"id":"h-QoS_Classes","replies":[{"headingLevel":2,"name":"h-","type":"heading","level":0,"id":"h-Scheduling_Bandwidth-QoS_Classes","replies":[]},{"headingLevel":2,"name":"h-","type":"heading","level":0,"id":"h-DSCP_Marking-QoS_Classes","replies":[{"headingLevel":3,"name":"h-","type":"heading","level":0,"id":"h-Trusted_vs_Untrusted_Interfaces-DSCP_Marking","replies":[]},{"headingLevel":3,"name":"h-","type":"heading","level":0,"id":"h-DSCP_Marking_2-DSCP_Marking","replies":[]},{"headingLevel":3,"name":"h-","type":"heading","level":0,"id":"h-Traffic_Classes-DSCP_Marking","replies":[{"headingLevel":5,"name":"h-","type":"heading","level":0,"id":"h-Management_\u0026_Control-Traffic_Classes","replies":[]},{"headingLevel":5,"name":"h-","type":"heading","level":0,"id":"h-High_Priority-Traffic_Classes","replies":[]},{"headingLevel":5,"name":"h-","type":"heading","level":0,"id":"h-Normal_Priority-Traffic_Classes","replies":[]},{"headingLevel":5,"name":"h-","type":"heading","level":0,"id":"h-Low_Priority-Traffic_Classes","replies":[]}]},{"headingLevel":3,"name":"h-","type":"heading","level":0,"id":"h-Puppet-DSCP_Marking","replies":[{"headingLevel":4,"name":"h-","type":"heading","level":0,"id":"h-More_Complex_Configurations-Puppet","replies":[]}]},{"headingLevel":3,"name":"h-","type":"heading","level":0,"id":"h-Guidelines-DSCP_Marking","replies":[]},{"headingLevel":3,"name":"h-","type":"heading","level":0,"id":"h-Juniper_Config-DSCP_Marking","replies":[]}]}]}],"wgPageParseReport":{"discussiontools":{"limitreport-timeusage":"0.011"},"limitreport":{"cputime":"0.028","walltime":"0.029","ppvisitednodes":{"value":47,"limit":1000000},"postexpandincludesize":{"value":0,"limit":2097152},"templateargumentsize":{"value":0,"limit":2097152},"expansiondepth":{"value":2,"limit":100},"expensivefunctioncount":{"value":0,"limit":500},"unstrip-depth":{"value":0,"limit":20},"unstrip-size":{"value":0,"limit":5000000},"timingprofile":["100.00% 0.000 1 -total"]},"cachereport":{"origin":"mw-web.codfw.main-64b5bb4b79-54s7q","timestamp":"20250301150229","ttl":2592000,"transientcontent":false}}});});</script> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10