What is a “slow link”?

Cisco’s slightly-outdated QoS SRND (http://www.cisco.com/univercd/cc/td/doc/solution/esm/qossrnd.pdf) refers to slow, medium, and fast-speed links.

What’s the distinction? Why is anything less than 768kbps considered “slow”?

Well, one of the large ones is serialization delay.  This is somewhat covered in the SRND, but I wanted to highlight some of the key reasonings behind the distinction, as they’re applicable regardless of how you define “slow.”

Slow links suck, on that everyone can agree, but for real-time traffic –voice and interactive-video, for example–  they suck even more than only being able to torrent at 80 KB/s.

First, a few constants, some of which influence the “slow” characterization moreso than others, and are specified for informational purposes only:

Well-designed VoIP expects a one-way delay — mouth of speaker to ear of receiver — of approx 150ms.  This is largely going to be a function of processing and propagation delays along the link; as link speeds increase, the effects of serialization delay on the total delay budget are reduced.

Second, standard G.729 codec specifies 10ms of voice per frame.  Cisco IP phones pack two G.729 frames into each VoIP packet, for a total of 20ms of voice carried per packet; I’m focusing exclusively on the G.729 codec as it is the de-facto standard for VoIP over the WAN, due to its compression algorithm producing an 8kbps voice stream –before IP overhead is taken into account– compared to the 64kbps of G.711.

G.729 codecs can compensate for approx. 30ms of lost voice.  Given that a single VoIP packet contains 20ms, a loss of two consecutive VoIP packets (40ms worth of voice) will be noticed by the receiver.  Naturally you want to avoid losses, but moreso in a real-time voice environment than any other.  This is what Low-Latency Queuing is for, but it will not be the focus of this note.

Third, IP phones expect a relatively constant stream of voice packets.  Non-constant delays experienced along the path produce jitter; if one packet takes 160ms to get to the receiver, and the following packet takes 170ms, the stream has experienced 10ms of jitter.  DSPs in IP phones can compensate for approx 40ms of jitter by buffering received packets and replaying them to the receiver at a constant rate.  For this reason, you always want to have packets falling in the window of the jitter buffer (20ms to 50ms is a decent target for the IP phones I’ve read about).

So, given the above, what makes a 768kbps link slow?

Well, you want to stay within the jitter-buffer window, which means approx 30ms of jitter.  Cisco’s speed characterization is based on the assumption of 10ms of jitter per hop.

If we take one extreme, a link that carries a single voice call experiences very low jitter, as there is extremely low delay between voice packets :

———-[voice][voice][voice] ———–>

But what happens when you throw a large data, unfragmented data packet into the mix?

———-[voice][------Data Payload-----][voice] ———–>

If that data packet is 1500 bytes, and the line speed is 768kbbps, it takes 15ms to clock that packet onto the physical line (warning: math!):

(1500*8) = 12000 bits/data-packet

12kb / 768kbps = 15.625ms

Thus, the 2nd voice packet in the stream experiences over 15ms of jitter.  This is fine if you have a site-to-site WAN link, but less fine if your voice path transits multiple routers, as it significantly impacts your jitter and delay budget.

Remember, these numbers are based on Cisco’s assumptions.  If you can get within ~30ms jitter while going through a single slow link and multiple extremely fast links (with very little serialization delay), then the number of routers you transit becomes less of a concern; whereas Cisco’s numbers are based on a three-hop path experiencing 10ms of jitter per hop.

The important thing to take away is that you want to stay within the window, and that at low speeds, serialization delays profoundly impact your jitter budget.  See the following spreadsheet for reference:

	Packet Size
Bandwidth	20	40	80	128	256	512	1024	1200	1500
56	2.86	5.71	11.43	18.29	36.57	73.14	146.29	171.43	214.29
128	1.25	2.50	5.00	8.00	16.00	32.00	64.00	75.00	93.75
256	0.63	1.25	2.50	4.00	8.00	16.00	32.00	37.50	46.88
512	0.31	0.63	1.25	2.00	4.00	8.00	16.00	18.75	23.44
768	0.21	0.42	0.83	1.33	2.67	5.33	10.67	12.50	15.63
1024	0.16	0.31	0.63	1.00	2.00	4.00	8.00	9.38	11.72
1544	0.10	0.21	0.41	0.66	1.33	2.65	5.31	6.22	7.77
4632	0.03	0.07	0.14	0.22	0.44	0.88	1.77	2.07	2.59
10000	0.02	0.03	0.06	0.10	0.20	0.41	0.82	0.96	1.20
100000	0.00	0.00	0.01	0.01	0.02	0.04	0.08	0.10	0.12
1000000	0.00	0.00	0.00	0.00	0.00	0.00	0.01	0.01	0.01
10000000	0.00	0.00	0.00	0.00	0.00	0.00	0.00	0.00	0.00

Note that above 768kbps, the influence of serialization delays on the links can only get better than 15ms, regardless of packet size; at these speeds, serialization delays become less of a concern.

There are a few things you can do to overcome the serialization limitations imposed by slow-speed links, and there are good reason why [some of] these same techniques should NOT be employed on high-speed links; these will be covered in a future note.

Right now, I’ve got a buddy’s 30th birthday to attend and I plan on getting drunk enough to forget most of this.

Add a little flash (to your IOS router)

Can’t believe I’ve never played with these before, they’re brilliant.   12.4T Advanced IP Services images are over 32MB in size and it’s not possible to store two different images on the same stock flash drive, which introduces a risk when remote upgrades are required.  If an upgrade goes bad, there are some sites where I can count on remote hands capable of solid support; others, I’m not so fortunate.  So all the remote sites are getting USB keys, now, which will do more for my ability to keep my sites consistent and stable than any other measure implemented in my three years in this position.

 The ISR routers come with a USB port.  Insert USB stick, router recognizes it immediately. 

 Do a “format usbflash0” and it was ready to go.  TFTP’d an image, and set it to boot from the USB stick with “boot system usbflash0:[imagename]”, rebooted, and came back up on an upgraded image.  Removed the memory key, rebooted, and it ignored the “boot system” specification and booted back into the old image from flash.

 Copied the old image from flash onto the USB stick (“copy flash:[oldimage] usbflash0:”), deleted the old image from flash, copied the new image to flash, and done.  Known working image in flash, and both old and new images stored on the USB stick.  In my case, an 1841 recognized a 4GB USB key, which provides 16x more image storage capacity over the default 64MB of Flash that ships with the ISR bundles I order. 

 No need to worry about a reboot leaving you high-and-dry mid-upgrade after you’ve removed an old image to make room for the new one; which should remove any reticence to keeping IOS images current.  Just copy to USB and boot from the stick, first (caveat: takes about 220 seconds to load a 36MB image from USB into RAM on an 1841; takes about 120 seconds to load the same image from flash).  Worst case, you fall back to a known good image in flash.

 For the security conscious, yes, this opens up the ability to have someone stick their own file onto the USB key and somehow get your router to load it; but if they have the physical access to permit them to do this in the first place, it’s simpler for them to just reboot into password recovery mode and do whatever they like.

 Caveats: Cisco will sell you their own USB keys, but they’re about $300 after discount to add 256MB (part number: MEMUSB-64/128/256FT);   I’d rather pay $10 to add 4GB.  I’ve only tested this with a Kingston DataTraveller stick; YMMV.  I also move the “new” image to Flash once I’m ready to go into production with it; the risk being that if you find yourself having to work through a TAC case and they notice that you’re booting from a non-Cisco flash, they may tell you to suck rocks — which is a risk I’m willing to take in order to be able to test and upgrade on my own terms

Eponymous.

I’m currently studying/practicing for the Cisco 642-642 QoS exam, and I’ve gotta say, it’s opened up an entirely new toolset for me.  I’m but a mere enterprise admin, but I’ve seen a lot of routers and switches in my day, and it’s rare that I’ve seen anything (configuration-wise) that’s truly difficult.  We’ve all got our own little configuration quirks (given a device with a legacy configuration at $dayJob, I can likely tell you who configured it within a 95% confidence interval*) that we’ve either picked up from our peers — or on our own and thought “neat, I’m going to try that everywhere!” — but this is the first “feature” I’ve seen that requires some truly in-depth planning; I’ve no doubt this perceived difficulty contributes to my lack of having never seen it in production, so I’ll likely spend some time in an upcoming post ruminating over some of the reasons for or against QoS deployment in enterprise networks.** 

But first up, a quick note on what actually constitutes a “small link,” as far as Cisco documentation is concerned.  I say Cisco doc, but there is math involved and I believe the concepts to be vendor-independent.

But before that, there’s a hockey game on. ^_^

*We still have some routers that are explictly denying IP protocols 53, 55, 77, 103 ingress on all interfaces, for anyone with memories stretching back a few years: http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml

**I make the distinction because those with service provider backgrounds have the luxury of bandwidth; bandwidth can solve any QoS-related problem, but I think there’s still a home for the concepts in MPLS VPN networks.

1841 Modules.

I’m putting this here for my own reference.  I forget this all the time.  Stemmed from an argument with another admin who insisted that his Cisco SE told him that an 1841 supported FXS/FXO and E&M modules.

FAQ: http://www.cisco.com/en/US/prod/collateral/routers/ps5853/prod_qas0900aecd80181208.html

Module support: http://www.cisco.com/en/US/prod/collateral/routers/ps5853/product_data_sheet0900aecd8016a59b.html (bottom of page)

Long story short: supports wireless and every WAN under the sun (DSL/Cable/T1/E1/ISDN/Serial); no support for voice cards.

Voice can transit it like any other data packet, but the router itself cannot terminate voice circuits.

If the above is untrue, then Cisco’s documentation is woefully out of date.

IPv6

Y’know, I really wanted to throw myself into IPv6 this year; then I went and got distracted by a large-scale VMware deployment (hence the lack of posting over the last…three months).  We’re a three-person shop at $dayJob these days, supporting 700+ users across 20+ different countries, and that’s regrettably meant that the things that aren’t required RIGHT NOW get pushed off to the side.

Now that I’m finally finishing that up and comfortable enough with my giant NetApp storage array that I can go without looking at it for a few days, I’m starting to look back into IPv6 again.

I’ve some familiarity with the way the header looks and some basic deployment scenarios — but mostly just those acquired from my CCNP studies of old. Having gone through months of NANOG archives and found disagreement all over the ISP community with respect to the best way(s) to deploy IPv6, I’m even more intimidated.

(That said, I’ve done a paint-by-numbers deployment of IPv6 over MPLS VPN with some Cisco 3800-series routers we snagged from a decommissioned branch to bring some of my BGP/MPLS studies together; that was a ton of fun)

I’ve been prepping for it for a while, though, in terms of all my new hardware acquisitions. Anyone pushing something that wasn’t v6-aware right NOW has been shown the door since 2007, so I’m just about ready to go dual-stack across the enterprise (though few if any of my ISP’s are ready to support this deployment). Going to be one of those things where I’ll just have to take the documentation and start pushing it out and breaking it to see what works and what doesn’t.

But the most frightening thing of all is the sheer size of the address space. Jesus Christ, it’s big. Like, really big. Big enough that I completely forgot how subnetting worked in the first place. 32-bit dotted-decimal was easy to wrap one’s head around; hard to find anyone who’s been doing this for a while who doesn’t have a few hundred critical infrastructure/server addresses committed to memory — safe to say those days are gone.

Think of all the pages wasted on teaching those new to networking how to properly subnet in order to efficiently provision what was once a scarce resource, and how those practices are still being taught without a really big caveat: “Oh by the way, you don’t really have to know this anymore; the value of these pages is going to plummet in the next five years, and here’s why…”

For a lot of people, it’s going to be the first large technical revolution they’ve had to face.  IP hasn’t changed in over three decades; new features were merely layered on top of a fully functional protocol on demand.  But now everything that uses that fundamental protocol has to change; the magnitude of this project is enormous and IT departments who haven’t yet begun planning are years behind the curve (and this is a lot of IT departments, by my anecdotal measure).

I look around at the people who’ve been doing this stuff for years; they’d probably hoped to not have to face this before retirement, but that’s not going to be the case. How does one best go about convincing them that not only is a an IPv6 /64 a completely valid way to address a point-to-point link^[1], but a way that’s encouraged over the old practice of allocating an IPv4 /30 (or in the case of IPv6, a /127)?

There’s going to be a lot of money to be had in the IPv6-migration consulting business.

[1]: http://tools.ietf.org/html/draft-palet-v6ops-point2point-01