Differentiated services
View on Wikipedia
Differentiated services or DiffServ is a computer networking architecture that specifies a mechanism for classifying and managing network traffic and providing quality of service (QoS) on modern IP networks. DiffServ can, for example, be used to provide low latency to critical network traffic such as voice or streaming media while providing best-effort service to non-critical services such as web traffic or file transfers.
DiffServ uses a 6-bit differentiated services code point (DSCP) in the 6-bit differentiated services field (DS field) in the IP header for packet classification purposes. The DS field, together with the ECN field, replaces the outdated IPv4 TOS field.[1]
Background
[edit]Modern data networks carry many different types of services, including voice, video, streaming music, web pages and email. Many of the proposed QoS mechanisms that allowed these services to co-exist were both complex and failed to scale to meet the demands of the public Internet. In December 1998, the IETF replaced the TOS and IP precedence fields in the IPv4 header with the DS field, which was later split to refer to only the top 6 bits with the ECN field in the bottom two bits.[2][3] In the IPv6 header the DS field is part of the Traffic Class field where it occupies the 6 most significant bits.[2]
In the DS field, a range of eight values (class selectors) is used for backward compatibility with the former IPv4 IP precedence field. Today, DiffServ has largely supplanted TOS and other layer-3 QoS mechanisms, such as integrated services (IntServ), as the primary architecture routers use to provide QoS.
Traffic management mechanisms
[edit]DiffServ is a coarse-grained, class-based mechanism for traffic management. In contrast, IntServ is a fine-grained, flow-based mechanism. DiffServ relies on a mechanism to classify and mark packets as belonging to a specific class. DiffServ-aware routers implement per-hop behaviors (PHBs), which define the packet-forwarding properties associated with a class of traffic. Different PHBs may be defined to offer, for example, low-loss or low-latency service.
Rather than differentiating network traffic based on the requirements of an individual flow, DiffServ operates on the principle of traffic classification, placing each data packet into one of a limited number of traffic classes. Each router on the network is then configured to differentiate traffic based on its class. Each traffic class can be managed differently, ensuring preferential treatment for higher-priority traffic on the network. The premise of Diffserv is that complicated functions such as packet classification and policing can be carried out at the edge of the network by edge routers. Since no classification and policing is required in the core routers, functionality there can then be kept simple. Core routers simply apply PHB treatment to packets based on their markings. PHB treatment is achieved by core routers using a combination of scheduling policy and queue management policy.
A group of routers that implement common, administratively defined DiffServ policies are referred to as a DiffServ domain.[4]
While DiffServ does recommend a standardized set of traffic classes,[5] the DiffServ architecture does not incorporate predetermined judgments of what types of traffic should be given priority treatment. DiffServ simply provides a framework to allow classification and differentiated treatment. The standard traffic classes (discussed below) serve to simplify interoperability between different networks and different vendors' equipment.
Classification and marking
[edit]Network traffic entering a DiffServ domain is subjected to classification and conditioning. A traffic classifier may inspect many different parameters in incoming packets, such as source address, destination address or traffic type and assign individual packets to a specific traffic class. Traffic classifiers may honor any DiffServ markings in received packets or may elect to ignore or override those markings. For tight control over volumes and type of traffic in a given class, a network operator may choose not to honor markings at the ingress to the DiffServ domain. Traffic in each class may be further conditioned by subjecting the traffic to rate limiters, traffic policers or shapers.[6]: §3
The per-hop behavior is determined by the DS and ECN fields in the IP header. The DS field contains the 6-bit DSCP value.[2] Explicit Congestion Notification (ECN) occupies the least-significant 2 bits of the IPv4 TOS field and IPv6 traffic class (TC) field.[7][8][9]
In theory, a network could have up to 64 different traffic classes using the 64 available DSCP values. The DiffServ RFCs recommend, but do not require, certain encodings. This gives a network operator great flexibility in defining traffic classes. In practice, however, most networks use the following commonly defined per-hop behaviors:
- Default Forwarding (DF) PHB — which is typically best-effort traffic
- Expedited Forwarding (EF) PHB — dedicated to low-loss, low-latency traffic
- Assured Forwarding (AF) PHB — gives assurance of delivery under prescribed conditions
- Class Selector PHBs — which maintain backward compatibility with the IP precedence field.
Default Forwarding
[edit]A default forwarding (DF) PHB is the only required behavior. Essentially, any traffic that does not meet the requirements of any of the other defined classes uses DF. Typically, DF has best-effort forwarding characteristics. The recommended DSCP for DF is 0.[5]
Expedited Forwarding
[edit]The IETF defines Expedited Forwarding (EF) behavior in RFC 3246. The EF PHB has the characteristics of low delay, low loss and low jitter. These characteristics are suitable for voice, video and other realtime services. EF traffic is often given strict priority queuing above all other traffic classes. Because an overload of EF traffic will cause queuing delays and affect the jitter and delay tolerances within the class, admission control, traffic policing and other mechanisms may be applied to EF traffic. The recommended DSCP for EF is 101110B (46 or 2EH).
Voice Admit
[edit]The IETF defines Voice Admit behavior in RFC 5865. The Voice Admit PHB has identical characteristics to the Expedited Forwarding PHB. However, Voice Admit traffic is also admitted by the network using a Call Admission Control (CAC) procedure. The recommended DSCP for voice admit is 101100B (44 or 2CH).
Assured Forwarding
[edit]The IETF defines the Assured Forwarding (AF) behavior in RFC 2597 and RFC 3260. Assured forwarding allows the operator to provide assurance of delivery as long as the traffic does not exceed some subscribed rate. Traffic that exceeds the subscription rate faces a higher probability of being dropped if congestion occurs.
The AF behavior group defines four separate AF classes with all traffic within one class having the same priority. Within each class, packets are given a drop precedence (high, medium or low, where higher precedence means more dropping). The combination of classes and drop precedence yields twelve separate DSCP encodings from AF11 through AF43 (see table).
| Drop probability |
Class 1 | Class 2 | Class 3 | Class 4 |
|---|---|---|---|---|
| Low | AF11 (DSCP 10) 001010 | AF21 (DSCP 18) 010010 | AF31 (DSCP 26) 011010 | AF41 (DSCP 34) 100010 |
| Medium | AF12 (DSCP 12) 001100 | AF22 (DSCP 20) 010100 | AF32 (DSCP 28) 011100 | AF42 (DSCP 36) 100100 |
| High | AF13 (DSCP 14) 001110 | AF23 (DSCP 22) 010110 | AF33 (DSCP 30) 011110 | AF43 (DSCP 38) 100110 |
Some measure of priority and proportional fairness is defined between traffic in different classes. Should congestion occur between classes, the traffic in the higher class is given priority. Rather than using strict priority queuing, more balanced queue servicing algorithms such as fair queuing or weighted fair queuing are likely to be used. If congestion occurs within a class, the packets with the higher drop precedence are discarded first. Re-marking a packet is sometimes used to increase its drop precedence if a stream's bandwidth exceeds a certain threshold. For example, a stream whose rate is above the Committed Information Rate (CIR) as defined in RFC 2697 causes the stream to be marked with a higher AF drop precedence. This allows the decision as to when to shape the stream to devices further downstream if they encounter congestion. To prevent issues associated with tail drop, more sophisticated drop selection algorithms such as random early detection are often used.
Class Selector
[edit]| Service class | DSCP Name | DSCP Value | IP precedence | Examples of application |
|---|---|---|---|---|
| Standard | CS0 (DF) | 0 | 0 (000) | NTP[11] |
| Low-priority data | CS1 | 8 | 1 (001) | File transfer (FTP, SMB) |
| Network operations, administration and management (OAM) | CS2 | 16 | 2 (010) | SNMP, SSH, Ping, Telnet, syslog |
| Broadcast video | CS3 | 24 | 3 (011) |
|
| Real-time interactive | CS4 | 32 | 4 (100) | Gaming, low priority video conferencing |
| Signaling | CS5 | 40 | 5 (101) | Peer-to-peer (SIP, H.323), client-server IP telephony signaling (H.248, MEGACO, MGCP, SCCP) |
| Network control | CS6 | 48 | 6 (110) | Routing protocols (OSPF, BGP, IS-IS, RIP) |
| Reserved for future use | CS7 | 56 | 7 (111) |
DF= Default Forwarding
Prior to DiffServ, IPv4 networks could use the IP precedence field in the TOS byte of the IPv4 header to mark priority traffic. The TOS octet and IP precedence were not widely used. The IETF agreed to reuse the TOS octet as the DS field for DiffServ networks, later splitting it into the DS field and ECN field. In order to maintain backward compatibility with network devices that still use the Precedence field, DiffServ defines the Class Selector PHB.
The Class Selector code points are of the binary form 'xxx000'. The first three bits are the former IP precedence bits. Each IP precedence value can be mapped into a DiffServ class. IP precedence 0 maps to CS0, IP precedence 1 to CS1, and so on. If a packet is received from a non-DiffServ-aware router that used IP precedence markings, the DiffServ router can still understand the encoding as a Class Selector code point.
Specific recommendations for use of Class Selector code points are given in RFC 4594.
Configuration guidelines
[edit]RFC 4594 offers detailed and specific recommendations for the use and configuration of code points. Other RFCs such as RFC 8622 have updated these recommendations. A full list is provided in the IETF DSCP code point registry.[12]
| Service class | DSCP Name | DSCP Value | Conditioning at DS edge | PHB | Queuing | AQM | RFC 5127 Treatment Aggregate |
|---|---|---|---|---|---|---|---|
| Network control | CS6 | 48 | See section 3.1 | RFC 2474 | Rate | Yes | Network control |
| Telephony | EF | 46 | Police using sr+bs | RFC 3246 | Priority | No | Realtime (EF) |
| Telephony, Capacity-Admitted | VOICE-ADMIT | 44 | Police using sr+bs | RFC 5865 | Priority | No | |
| Signaling | CS5 | 40 | Police using sr+bs | RFC 2474 | Rate | No | |
| Multimedia conferencing | AF41, AF42, AF43 | 34, 36, 38 | Using two-rate, three-color marker (such as RFC 2698) | RFC 2597 | Rate | Yes per DSCP | |
| Real-time interactive | CS4 | 32 | Police using sr+bs | RFC 2474 | Rate | No | |
| Broadcast video | CS3 | 24 | Police using sr+bs | RFC 2474 | Rate | No | |
| OAM | CS2 | 16 | Police using sr+bs | RFC 2474 | Rate | Yes | Assured elastic (AF3) |
| Multimedia streaming | AF31, AF32, AF33 | 26, 28, 30 | Using two-rate, three-color marker (such as RFC 2698) | RFC 2597 | Rate | Yes per DSCP | |
| Low-latency data | AF21, AF22, AF23 | 18, 20, 22 | Using single-rate, three-color marker (such as RFC 2697) | RFC 2597 | Rate | Yes per DSCP | Assured elastic (AF2) |
| High-throughput data | AF11, AF12, AF13 | 10, 12, 14 | Using two-rate, three-color marker (such as RFC 2698) | RFC 2597 | Rate | Yes per DSCP | Assured elastic (AF1) |
| Standard | DF | 0 | Not applicable | RFC 2474 | Rate | Yes | Elastic (DF) |
| Non-Queue-Building | NQB | 45 | With separate queue and traffic protection | draft-ietf-tsvwg-nqb | NQB | N/A | |
| Lower-effort | LE | 1 | Not applicable | RFC 8622 | Priority | Yes | Elastic (DF) lower priority |
| CS1 (legacy) | 8 | RFC 3662 |
sr+bs = single rate with burst size control (such as a token bucket).
Design considerations
[edit]Under DiffServ, all the policing and classifying are done at the boundaries between DiffServ domains. This means that in the core of the Internet, routers are unhindered by the complexities of collecting payment or enforcing agreements. That is, in contrast to IntServ, DiffServ requires no advance setup, no reservation, and no time-consuming end-to-end negotiation for each flow.
The details of how individual routers deal with the DS field are configuration specific, therefore it is difficult to predict end-to-end behavior. This is complicated further if a packet crosses two or more DiffServ domains before reaching its destination. From a commercial viewpoint, this means that it is impossible to sell different classes of end-to-end connectivity to end users, as one provider's Gold packet may be another's Bronze. DiffServ or any other IP-based QoS marking does not ensure the quality of the service or a specified service-level agreement (SLA). By marking the packets, the sender indicates that it wants the packets to be treated as a specific service, but there is no guarantee this happens. It is up to all the service providers and their routers in the path to ensure that their policies will take care of the packets in an appropriate fashion.
Bandwidth broker
[edit]A Bandwidth Broker in the framework of DiffServ is an agent that has some knowledge of an organization's priorities and policies and allocates bandwidth with respect to those policies.[13] In order to achieve an end-to-end allocation of resources across separate domains, the Bandwidth Broker managing a domain will have to communicate with its adjacent peers, which allows end-to-end services to be constructed out of purely bilateral agreements.
DiffServ RFCs
[edit]- RFC 2474 — Definition of the differentiated services field (DS field) in the IPv4 and IPv6 headers. Note that the DS field of 8 bits (the bottom two unused) in [2] was later split into the current 6-bit DS field and a separate 2-bit ECN field.[3]
- RFC 2475 — An architecture for differentiated services.
- RFC 2597 — Assured forwarding PHB group.
- RFC 2983 — Differentiated services and tunnels.
- RFC 3086 — Definition of differentiated services per-domain behaviors and rules for their specification.
- RFC 3140 — Per hop behavior identification codes. (Obsoletes RFC 2836.
- RFC 3246 — An expedited forwarding PHB. (Obsoletes RFC 2598.)
- RFC 3247 — Supplemental information for the new definition of the EF PHB (expedited forwarding per-hop behavior).
- RFC 3260 — New Terminology and Clarifications for Diffserv. (Updates RFC 2474, RFC 2475 and RFC 2597.)
- RFC 4594 — Configuration Guidelines for DiffServ Service Classes.
- RFC 5865 — A differentiated services code point (DSCP) for capacity-admitted traffic. (Updates RFC 4542 and RFC 4594.)
- RFC 8622 — A Lower-Effort Per-Hop Behavior (LE PHB) for Differentiated Services. (Updates RFC 4594 and RFC 8325, obsoletes RFC 3662.)
DiffServ Management RFCs
[edit]See also
[edit]References
[edit]- ^ D. Grossman (April 2002). New Terminology and Clarifications for DiffServ. doi:10.17487/RFC3260. RFC 3260. Informational. Updates RFC 2474, 2475 and 2597.
- ^ a b c d K. Nichols; S. Blake; F. Baker; D. Black (December 1998). Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers. Network Working Group. doi:10.17487/RFC2474. RFC 2474. Proposed Standard. Obsoletes RFC 1455 and 1349. Updated by RFC 3168, 3260 and 8436.
- ^ a b K. Ramakrishnan; S. Floyd; D. Black (September 2001). The Addition of Explicit Congestion Notification (ECN) to IP. Network Working Group. doi:10.17487/RFC3168. RFC 3168. Proposed Standard. Obsoletes RFC 2481. Updates RFC 2474, 2401 and 793. Updated by RFC 4301, 6040 and 8311.
- ^ S3700HI Ethernet Switches Configuration Guide - QoS, Huawei, p. 7, retrieved 2016-10-07,
A DiffServ domain is composed of a group of interconnected DiffServ nodes that use the same service policy and PHBs.
- ^ a b J. Babiarz; K. Chan; F. Baker (August 2006). Configuration Guidelines for DiffServ Service Classes. Network Working Group. doi:10.17487/RFC4594. RFC 4594. Informational. Updated by RFC 5865 and 8622.
- ^ J. Heinanen; F. Baker; W. Weiss; J. Wroclawski (June 1999). Assured Forwarding PHB Group. Network Working Group. doi:10.17487/RFC2597. RFC 2597. Proposed Standard. Updated by RFC 3260.
- ^ G. Tsirtsis; G. Giaretta; H. Soliman; N. Montavont (January 2011). Traffic Selectors for Flow Bindings. Internet Engineering Task Force. doi:10.17487/RFC6088. ISSN 2070-1721. RFC 6088. Proposed Standard.
- ^ Worldwide. "Implementing Quality of Service Policies with DSCP". Cisco. Retrieved 2010-10-16.
- ^ Filtering DSCP Archived July 29, 2016, at the Wayback Machine
- ^ Class Selector. sec. 1.5.4. doi:10.17487/RFC4594. RFC 4594.
- ^ Mapping for NTP. sec. 5.2. doi:10.17487/RFC4594. RFC 4594. suggests (emphasis added):
- When NTP is used for providing high-accuracy timing within an administrator's (carrier's) network or to end users/clients, the Telephony service class should be used, and NTP packets should be marked with EF DSCP value.
- For applications that require "wall clock" timing accuracy, the Standard service class should be used, and packets should be marked with DF DSCP.
- ^ "Differentiated Services Field Codepoints (DSCP)". www.iana.org.
- ^ K. Nichols; V. Jacobson; L. Zhang (July 1999). A Two-bit Differentiated Services Architecture for the Internet. IETF. doi:10.17487/RFC2638. RFC 2638.
Further reading
[edit]- John Evans; Clarence Filsfils (2007). Deploying IP and MPLS QoS for Multiservice Networks: Theory and Practice. Morgan Kaufmann. ISBN 978-0-12-370549-5.
- Kalevi Kilkki (1999). Differentiated services for the Internet. Macmillan Technical Publishing. ISBN 1-57870-132-5.
External links
[edit]- IETF DiffServ Working Group page
- Cisco Whitepaper — DiffServ-The Scalable End-to-End Quality of Service Model
- ACM SIGCOMM'09 paper-Modeling and Understanding End-to-End Class of Service Policies in Operational Networks: proposes a practical model for extracting DiffServ policies
- Cisco: Implementing Quality of Service Policies with DSCP
- Differentiated Services Field Codepoints registry at Internet Assigned Numbers Authority
Differentiated services
View on GrokipediaBackground and Principles
Historical Development
The development of Differentiated Services (DiffServ) emerged in the late 1990s as a response to the scalability limitations of earlier Quality of Service (QoS) approaches in IP networks. Initial concepts for simple packet marking to enable differentiated router behavior were proposed by David Clark and Van Jacobson in the IRTF's End-to-End Research Group, building on the need for service differentiation beyond the best-effort model of the Internet.[3] A pivotal "birds of a feather" (BOF) session titled "Future Directions for Differential Services" at the IETF meeting in April 1997 highlighted demands from major network users for scalable QoS mechanisms, leading to the formation of the IETF DiffServ Working Group shortly thereafter, co-chaired by Brian Carpenter and Kathleen Nichols.[3] Key milestones in DiffServ's evolution included early proposals in 1997, such as a two-bit architecture framework submitted as an Internet-Draft in November of that year, which outlined basic service differentiation using aggregate traffic classes.[4] This laid the groundwork for the core architecture, formalized in RFC 2475 ("An Architecture for Differentiated Services") published in December 1998, which defined the framework for scalable service differentiation without per-flow state.[5] Accompanying RFC 2474 specified the use of the six-bit Differentiated Services (DS) field in the IP header to replace the older Type of Service octet, enabling packet marking for behavior aggregation. The primary motivations for DiffServ stemmed from the scalability challenges of the Integrated Services (IntServ) model, outlined in RFC 1633, which relied on resource reservation protocols like RSVP to maintain per-flow state across networks, rendering it impractical for large-scale Internet deployment. In contrast, DiffServ emphasized simplicity and scalability by treating traffic in aggregates and applying per-hop behaviors (PHBs) at routers, avoiding the state explosion of RSVP while providing relative service differentiation compatible with the existing best-effort infrastructure.[3] Early adoption of DiffServ faced challenges in integrating with the predominantly best-effort Internet, including the need for bilateral agreements between domains for consistent service levels and limited router support for PHB implementations in the initial years following standardization.[3] Deployment began incrementally in enterprise and service provider backbones around the early 2000s, often as an edge-to-edge enhancement rather than end-to-end, to mitigate disruptions to legacy traffic.[5]Core Concepts and Objectives
Differentiated Services (DiffServ) is a class-based quality of service (QoS) architecture designed to provide scalable differentiation of network traffic in IP-based systems. It achieves this by utilizing the Differentiated Services Code Point (DSCP), a 6-bit field in the IP header, to mark packets and indicate the desired per-hop forwarding treatment at network nodes.[1] This marking replaces the previous Type of Service (TOS) octet, enabling a more structured approach to service classification without requiring modifications to the core IP protocol.[2] The core objectives of DiffServ emphasize scalability in large networks, where maintaining state for millions of flows would be impractical. By aggregating traffic into classes rather than managing individual flows, DiffServ avoids complex signaling mechanisms, reducing overhead and enhancing simplicity in deployment.[1] It supports a range of service levels, such as low-latency paths for real-time applications or assured bandwidth for critical data, allowing network operators to allocate resources based on business priorities while accommodating the Internet's explosive growth.[1] Central to DiffServ is its aggregation model, in which packets with the same DSCP value form a Behavior Aggregate (BA) at the network boundary. These aggregates are then forwarded through the core using uniform Per-Hop Behaviors (PHBs), which define consistent treatment like queuing or dropping priorities across routers, without the need for flow-specific state in the interior network.[1] This edge-to-core separation ensures efficient processing, as boundary nodes handle classification and conditioning, while core nodes apply simple, stateless rules. In comparison to alternatives, DiffServ addresses the limitations of Integrated Services (IntServ), which depends on per-flow reservations and protocols like RSVP, leading to scalability issues in expansive networks due to extensive state maintenance.[1][6] Unlike the Best Effort model of traditional IP, which offers no prioritization and equal treatment for all packets regardless of needs, DiffServ introduces coarse-grained differentiation to better support diverse traffic demands without per-flow overhead.[1] The architecture emerged from IETF efforts in the late 1990s to meet the demands of an expanding Internet requiring simple, effective QoS enhancements.[1]DiffServ Architecture
Packet Classification and Marking
Packet classification in Differentiated Services (DiffServ) involves categorizing incoming packets into behavior aggregates based on predefined rules to enable differentiated treatment across the network.[1] Classifiers, typically deployed at the boundaries of a DiffServ domain, select packets using either multi-field (MF) classifiers, which examine multiple header fields such as source and destination IP addresses, protocol identifiers, and TCP/UDP port numbers, or behavior aggregate (BA) classifiers, which rely solely on the Differentiated Services codepoint (DSCP) value in the IP header.[7] This process allows for the identification of traffic from specific applications or users, ensuring scalability by aggregating flows into a limited number of classes rather than handling individual flows.[1] Marking follows classification and entails setting the 6-bit DSCP field within the 8-bit Differentiated Services (DS) field of the IPv4 Type of Service (TOS) octet or IPv6 Traffic Class octet, replacing the earlier 3-bit IP Precedence bits while maintaining partial backward compatibility through specific codepoint patterns.[8] The DSCP value serves as an index to select the per-hop behavior (PHB) that the packet will receive at each node, with the remaining 2 bits of the DS field reserved for potential future use or currently unused (CU) by DiffServ-compliant nodes.[9] Marking is primarily performed by traffic conditioners at network boundaries to enforce service level agreements (SLAs), using rules derived from policies that map classified traffic to appropriate DSCP values.[10] In the DiffServ architecture, boundary routers—such as ingress and egress nodes at domain edges—handle the bulk of classification and marking responsibilities to simplify operations within the core.[11] These edge devices classify unmarked or externally marked packets, apply meters to check compliance with traffic profiles (e.g., using token bucket parameters for rate and burst limits), and then mark or re-mark the DSCP accordingly before forwarding into the domain.[12] In contrast, interior (core) routers within the domain do not perform complex classification; they directly use the DSCP value to determine forwarding treatment without altering the marking, thereby promoting efficiency and scalability.[13] This division ensures that resource-intensive policy decisions are confined to the edges, while core nodes focus on high-speed forwarding based on the established marks.[14] Practical examples of classification and marking include mapping real-time voice over IP (VoIP) traffic to a high-priority DSCP value using MF classifiers that identify UDP ports typically associated with VoIP protocols, such as those in the range 16384–32767, followed by marking to ensure low-latency treatment.[7] Similarly, bulk data transfer applications like FTP might be classified based on TCP port 21 and marked with a lower-priority DSCP to deprioritize non-urgent traffic, enforcing user or application-specific policies at the ingress point.[1] These mappings are configurable via administrative policies and help achieve the DiffServ goal of providing scalable quality of service without per-flow state in the network core.[15]Per-Hop Behaviors (PHBs)
Per-hop behaviors (PHBs) in Differentiated Services (DiffServ) architecture define the packet forwarding treatment that a DiffServ-compliant node applies to a behavior aggregate, based on the Differentiated Services Code Point (DSCP) value in the IP header.[1] A PHB specifies the externally observable forwarding characteristics, such as the allocation of buffer space, bandwidth, and processing resources to packets sharing the same DSCP, resulting in differentiated performance metrics like throughput, delay, and loss probability.[1] PHBs classify packets into distinct forwarding behaviors and outline the mechanisms for their treatment, including queueing, scheduling, and dropping strategies. For queueing and scheduling, PHBs may employ priority-based methods, where higher-priority traffic is serviced first, or weighted scheduling algorithms, such as weighted fair queuing (WFQ), to allocate bandwidth proportionally among aggregates.[16] Dropping mechanisms within PHBs, such as Random Early Detection (RED), probabilistically discard packets before queues overflow to prevent congestion and provide controlled loss differentiation.[16] These elements enable routers to handle traffic aggregates without requiring per-flow state, focusing instead on aggregate-level resource management.[1] The operation of PHBs is inherently hop-by-hop, meaning each router along the path independently examines the DSCP of incoming packets and applies the corresponding PHB treatment, without any end-to-end signaling or reservation protocols.[1] This decentralized approach relies on prior packet classification and marking at network edges or boundaries, which assign DSCPs to direct the PHB selection at core nodes.[1] PHBs serve as the foundational building blocks for service differentiation in DiffServ networks, grouping into sets that map to specific DSCP values to achieve varying levels of assurance and priority. For instance, the DSCP value of 46 (binary 101110) is standardized for the Expedited Forwarding (EF) PHB, providing low-latency treatment for delay-sensitive traffic.[17] Through such mappings, PHBs enable scalable QoS by allowing networks to offer multiple service classes without complex state maintenance.[1]Traffic Conditioning
Traffic conditioning refers to the set of mechanisms used at the boundaries of a Differentiated Services (DiffServ) domain to enforce the terms of a service agreement by ensuring that incoming traffic conforms to specified profiles before entering the network interior. This process is essential for preventing congestion and maintaining the quality of service assurances across the domain. The primary goal is to shape or police traffic streams so that they align with the agreed-upon parameters, thereby protecting the core network from overload while allowing differentiated treatment based on packet markings.[18] Central to traffic conditioning is the Traffic Conditioning Agreement (TCA), which constitutes a contract between a customer and the service provider outlining the expected traffic characteristics and the actions to be taken if they are violated. A TCA typically specifies classifier rules to identify traffic streams, traffic profiles defining allowable rates and bursts, and associated actions such as metering, marking, discarding, or shaping. These agreements are often derived from broader Service Level Agreements (SLAs) and are enforced by boundary nodes to ensure compliance without impacting the interior of the DiffServ domain. For instance, a TCA might stipulate that voice traffic must not exceed a certain burst size to guarantee low latency.[18] The core components of traffic conditioning include metering, marking, shaping, and policing, each serving a distinct role in managing traffic conformance. Metering measures the rate and volume of incoming packets against a predefined traffic profile, determining whether they are conforming or non-conforming; common metering algorithms use token bucket regulators, where tokens accumulate at a specified rate to allow packet transmission up to a burst limit. Marking involves setting or re-marking the Differentiated Services (DS) codepoint in the IP header based on the meter's output, assigning packets to appropriate Per-Hop Behaviors (PHBs) for differentiated forwarding. Shaping delays excess packets to smooth traffic and bring it into compliance with the profile, typically using a finite buffer to hold packets temporarily, while policing discards non-conforming packets outright to enforce strict limits, acting as a zero-buffer form of shaping. These components are often combined in a traffic conditioner at ingress or egress points.[18] A widely used metering tool in DiffServ is the token bucket algorithm, which models traffic with parameters such as the Committed Information Rate (CIR) and Peak Information Rate (PIR). In the Two Rate Three Color Marker (trTCM) scheme, two token buckets are employed: one for the CIR (with a Committed Burst Size, CBS) that marks packets green if they conform to this lower rate, and another for the PIR (with a Peak Burst Size, PBS) that allows yellow marking for packets exceeding CIR but within PIR, while red marking is applied to those exceeding PIR. This enables three levels of treatment—green for highest assurance, yellow for moderate, and red for discard-eligible—facilitating fine-grained control over traffic admission. The trTCM operates in color-blind or color-aware modes, making it suitable for boundary enforcement.[19] Traffic conditioners are predominantly deployed at the edges of the DiffServ domain, such as ingress nodes where customer traffic enters and egress nodes where it leaves, to isolate internal resources from external variability and avoid widespread congestion. This boundary placement ensures that only conditioned traffic propagates inward, where it can then receive the PHBs as per its marking. By concentrating conditioning here, the architecture scales efficiently for large networks without requiring per-flow state in the core.[18]PHB Categories
Expedited Forwarding (EF)
Expedited Forwarding (EF) is a per-hop behavior (PHB) in the Differentiated Services (DiffServ) architecture, defined to provide low delay, low loss, and low jitter for selected traffic aggregates by ensuring that the aggregate is forwarded at a configured rate exceeding its arrival rate.[20] This PHB serves as a foundational building block for premium services, where the EF-marked packets are treated with higher priority to minimize queuing delays and variations.[20] The EF PHB is typically associated with the Differentiated Services Code Point (DSCP) value of 46, represented in binary as 101110, which signals routers to apply the expedited treatment.[20] Implementation involves a dedicated, single queue per output interface, serviced in strict priority over other PHBs, with minimal buffering to reduce latency and jitter.[20] To prevent resource starvation for lower-priority traffic, EF aggregates must be policed at the network edge or ingress, limiting their rate to a provisioned value that avoids overwhelming the link.[20] In well-provisioned networks, the EF PHB provides low end-to-end delay, making it suitable for latency-sensitive applications such as Voice over IP (VoIP) and interactive video conferencing.[20] Unlike assured forwarding PHBs, which emphasize throughput guarantees across multiple classes, EF prioritizes delay bounds for a single, high-priority class.[20] Bandwidth allocation for EF traffic is constrained to ensure non-blocking service, typically following the guideline that the EF rate $ r_{EF} \leq C - o $, where $ C $ is the link capacity and $ o $ represents overhead for non-EF traffic and protocol headers.[20] This policing and scheduling combination enables EF to deliver assured bandwidth while maintaining the desired performance characteristics across DiffServ domains.[20]Assured Forwarding (AF)
The Assured Forwarding (AF) Per-Hop Behavior (PHB) group defines a mechanism within Differentiated Services (DiffServ) to offer varying levels of forwarding assurance for IP packets across multiple classes, ensuring that packets receive treatment based on their assigned class and drop precedence without reordering within the same class or microflow.[21] This PHB group supports four independently forwarded classes (AF1 through AF4), each allocated specific forwarding resources such as buffer space and bandwidth, with the level of assurance depending on the resources provided, the traffic load in the class, and the drop precedence.[21] Within each class, packets are marked with one of three drop precedences—low (1), medium (2), or high (3)—allowing for differentiated discarding during congestion, where higher-precedence packets are protected from drops at the expense of lower-precedence ones.[21] The AF PHB group utilizes 12 Differentiated Services Code Point (DSCP) values to encode the classes and drop precedences, as specified in RFC 2597. These values are binary-encoded in the six-bit DSCP field of the IP header, with the notation AFxy where x denotes the class (1-4) and y the drop precedence (1-3). The following table lists the DSCP values:| Class | Low Drop (1) | Medium Drop (2) | High Drop (3) |
|---|---|---|---|
| AF1 | 001010 (10) | 001100 (12) | 001110 (14) |
| AF2 | 010010 (18) | 010100 (20) | 010110 (22) |
| AF3 | 011010 (26) | 011100 (28) | 011110 (30) |
| AF4 | 100010 (34) | 100100 (36) | 100110 (38) |