It seems that if you read enough technical stuff, you are bound to find things you either disagree with, or know to be untrue. At least I think they are untrue until I validate my thoughts with the applicable standard or bounce my thoughts off of others within the IT community. I understand that it is VERY difficult to write books, white papers, articles, etc with a technical focus and have them turn out well. A lot of editing has to take place. The target audience has to be considered as well. In short, it is a lot different than writing a fiction novel or short story as when it comes to technical stuff, there’s a bunch of people out there second guessing every sentence you write and diagram you create. With fiction writing, the entire story is in someone’s head and accuracy is not a factor. Let me also state that I have tremendous respect for most technical authors.
I have been doing a lot of reading on switching lately. I’m lazily making my way to the CCIE R/S lab attempt so I have been reading the 3560 command reference guide. It’s the Good Will Hunting approach. In addition to that, I decided to supplement my lunch today with some reading of End-to-End QoS Network Design. So, now that I am thinking about switching and QoS, I came home after work and started in on my so far unused copy of Cisco LAN Switching Configuration Handbook. There’s a QoS chapter. Hooray! The best of both worlds.
I get to the end of the third page in the chapter and run into a problem. That’s page 223 if you have the printed version handy. I came across this tidbit:
Classes 1 through 4 are termed the Assured Forwarding (AF) service levels. Higher class numbers indicate higher-priority traffic. Each class or AF service level has three drop precedence categories:
* Low (1)
* Medium (2)
* High (3)
Traffic in the AF classes can be dropped, with the most likelihood of dropping in the Low category and the least in the High category. In other words, service level AF class 4 with drop precedence 3 is delivered before AF class 4 with drop precedence 1, which is delivered before AF class 3 with drop precedence 3, and so on.
Did you spot any errors? At first, I thought I was reading it all wrong. Maybe I misinterpreted what the authors were saying. AF classes have different priority levels? Hmmmm. I thought they were the same. Then of course, there’s the issue of the book stating that the higher the drop precedence, the less likely it will get dropped. In other words, the book is saying that AF43 will get dropped less than AF41 along with a repeat of the logic stated earlier that AF41 comes before AF33 in terms of priority. At this point, I am really starting to get confused. That can’t be right. I’ve never heard anything like that before.
Maybe it was an error that was fixed in the errata that Cisco Press usually posts on their site. I checked, and there were no corrections issued for that particular book on the Cisco Press site. I also went over to Amazon and read through the reviews people had written. A lot of times, people will list errors in their book reviews, so it is a good source of information when determining whether or not to buy the book. There was nothing there that alluded to this potential error.
The next step was to check the RFC along with the End-to-End QoS book I am reading as well. RFC 2597 is entitled Assured Forwarding PHB Group. Or, AF per hop behavior group. Remember that in a DiffServ environment, QoS is done on a per class basis. There is no end to end guarantee for an individual flow so to speak. That’s what IntServ is for. One might even say that a per hop behavior is indicative of each hop being able to do whatever they want to traffic based on the class it is in. The router could care less about the entire flow. It looks at DSCP markings and makes a decision based on that. Maybe that’s being too generic, but that is the way that I understand DSCP, PHB, etc. The RFC said the following:
Section 1 Paragraph 3
Within each AF class IP packets are marked (again by the customer or
the provider DS domain) with one of three possible drop precedence
values. In case of congestion, the drop precedence of a packet
determines the relative importance of the packet within the AF class.
A congested DS node tries to protect packets with a lower drop
precedence value from being lost by preferably discarding packets
with a higher drop precedence value.
Section 2 Paragraphs 1 and 2
Assured Forwarding (AF) PHB group provides forwarding of IP packets
in N independent AF classes. Within each AF class, an IP packet is
assigned one of M different levels of drop precedence. An IP packet
that belongs to an AF class i and has drop precedence j is marked
with the AF codepoint AFij, where 1 <= i <= N and 1 <= j <= M.
Currently, four classes (N=4) with three levels of drop precedence in
each class (M=3) are defined for general use. More AF classes or
levels of drop precedence MAY be defined for local use.
A DS node SHOULD implement all four general use AF classes. Packets
in one AF class MUST be forwarded independently from packets in
another AF class, i.e., a DS node MUST NOT aggregate two or more AF
Okay, so the RFC is fairly clear that the lower the drop precedence, the safer the traffic should be. Routers and switches should drop AFx3 before AFx2, and drop AFx2 before AFx1. Additionally, we learn that the 4 AF classes are general use. There is no hierarchy. AF4x is no different than AF2x. We may give AF4x more bandwidth in a given QoS policy during periods of congestion, but we can also do the same for AF3x, AF2x, or AF1x traffic if we want to.
Looking for the same type of information in the End-to-End QoS book yields the following taken from chapter 3, Classification and Marking Tools, in the “Marking Tools” section:
DSCP values can be expressed in numeric form or by special keyword names, called per-hop behaviors (PHB). Three defined classes of DSCP PHBs exist: Best-Effort (BE or DSCP 0), Assured Forwarding (AFxy), and Expedited Forwarding (EF). In addition to these three defined PHBs, Class-Selector (CSx) codepoints have been defined to be backward compatible with IP Precedence (in other words, CS1 through CS7 are identical to IP Precedence values 1 through 7). The RFCs describing these PHBs are 2547, 2597, and 3246.
RFC 2597 defines four Assured Forwarding classes, denoted by the letters AF followed by two digits. The first digit denotes the AF class and can range from 1 through 4. (Incidentally, these values correspond to the three most significant bits of the codepoint, or the IPP value that the codepoint falls under.) The second digit refers to the level of drop preference within each AF class and can range from 1 (lowest drop preference) to 3 (highest drop preference). For example, during periods of congestion (on an RFC 2597–compliant node), AF33 would be dropped more often (statistically) than AF32, which, in turn, would be dropped more often (statistically) than AF31. Figure 3-7 shows the Assured Forwarding PHB encoding scheme.
More validation that I was correct in my initial hunch. Even though I was fairly certain the LAN Switching Configuration Guide book was wrong, I wanted to double-check with perhaps one of the greatest tools available. Twitter. I got responses from 3 different people, which is saying something considering it was about 10PM CST. Thanks to Steve Shaw, Steve Rossen, and Andrew vonNagy for their assistance in validating my assumptions. Steve Shaw pointed me to the exact paragraph in RFC 2597 and Andrew mentioned 1 of the 3 new QoS videos that Kevin Wallace created and posted on YouTube which discuss the AF class and drop precedence. Check it out. It’s a fantastic video.
Now, you might be wondering why I am making such a big deal out of this. Is it really important? In this case, yes. Understanding the AF class and drop precedence is vital to one’s understanding of DSCP as a whole. If you get this wrong, it could bite you down the road when designing a QoS policy for a large network. It can bite you when troubleshooting a QoS problem. Some things have to be right every single time they are put in print. QoS is not some super-easy technology that can be mastered in a half-day. Auto-QoS is a great functionality on hardware. I used it this past weekend when configuring 3750 POE switches for use with Cisco phones. However, typing a command and understanding what the ramifications are of that command are 2 different things.
Thank goodness for multiple sources!
Think about something you know a fair amount about. It can be anything in the realm of networking. Now imagine yourself explaining it to someone. Not just anyone. Someone who has a decent grasp on it, but maybe not all of the particulars. Can you explain it to them on the fly without stammering and stuttering your way through it?
I am a Twitter addict. I use it primarily for IT related stuff. There are plenty of valuable links and comments that show up on a given day. Amazing things. Things I never thought about. Comments that come from people who’s books I have read. Comments that come from 4 and 5 time CCIE’s. Comments that come from people who’s podcasts I listen to every week driving to and from work. In short, it is almost as if you know them on some weird Internet non-stalker type level.
Today I saw and even somewhat participated in a discussion about EIGRP. That got me thinking. I like EIGRP. I think it’s neat as far as routing protocols go. It doesn’t have the whole “standards” thing going for it like OSPF or IS-IS. It doesn’t run the Internet like BGP. There aren’t very many books written about it. The CLI options are a lot smaller when compared to OSPF and BGP. The list goes on and on. The more I thought about it, the more I realized I don’t have the complete understanding of it that I wish I did.
Replace EIGRP with about 20 or 30 other networking technologies/protocols and I can make the same argument. I may know all the little acronyms or terms that go along with that technology or protocol, but can I break it down and explain it to someone who sort of understands it and just needs the finer points? Isn’t that what separates the really good engineers from the average ones?
Back to EIGRP though. I understand metric calculation. I understand K values. I understand several other things about EIGRP that go beyond the CCNP level and possibly approaching, maybe even exceeding, CCIE level. I am not bragging. I’ve just put in the hours from an “academic” standpoint, which translates to reading a lot of books, design guides, whitepapers, etc about EIGRP. However, I find myself struggling to come up with all of the arguments for why EIGRP is a hybrid routing protocol compared to a distance vector protocol and vice versa. There are people out there who swear it is one or the other. That should be a relatively simple thing to discern. It makes me think I really don’t understand EIGRP as well as I think I do. Granted, you can NEVER know it all about anything in the IT field, but we still have to try. We read questions on forums from people just starting out with something like EIGRP and think: “How could you not know that? Everyone knows that K1 is bandwidth and K3 is delay.” Maybe we pass by a CCNA book at the bookstore and chuckle at how trivial the description is of EIGRP. “What? You don’t even mention stub routers or how to avoid SIA conditions?” Admit it. You do it. If you don’t, then you are truly the example of a good engineer.
What to do about this? Well, I should study more. I should study and lab so much that when a CCIE walks up to me and says: “How does EIGRP do this?”, I can answer them in a fair amount of detail and even break out the whiteboard and draw it out. Or, crank out a config in a few minutes. Imagine if you knew the protocol or technology so well that you could just spew forth tons of factual information about it? Imagine if you could sit down with a blank piece of paper and fill it up on both sides with information about something like DWDM, 802.11n, PPP, or HSRP. What would that be like? Not just know from an academic standpoint, but be able to apply it to real world scenarios. There is tremendous value in that.
Just something to think about. Imagine having to teach cooking to Emeril. Or martial arts to Chuck Norris. Or basketball to Michael Jordan. Would you want to know your stuff? You betcha. Think about the things you deal with in the networking world and apply the same philosophy to it.
When I begin to understand something well enough to teach it to people that understand it as well and not have them laugh me out of the room, I will be at the level I want to be at. Impossible to do with all things network related, but definitely achievable to do with a dozen or so things. Perhaps the hardest part of it is dedicating the time to achieve that level of proficiency.
I’m going to revisit EIGRP over the next couple of weeks and try to increase my level of understanding even more. Then, I will read someone’s blog post or Twitter comment and realize how little I actually know and go back and do it all over again. Frustrating? Sure, but I will take that any day over a job where you can learn it all in a couple of months. Happy learning!