Thanks for your input.
I will also follow your format.
>>Why? Do you not have reasonable Internet connectivity? ;) (it is 1:20am
>>in the UK)
Thanks for writing the response at such late hour.
The reason I mentioned this is because I firgured most of the participants
are in States.
Guess I was wrong. :-)
>>Never! Ever! Rely on QoS to prevent worms. How do you know what to
>>rate-limit? NBAR, when it works (and it has to be reconfigured) will only
>>work when we know the profile of a worm
I don't intend to, Dom.
My apologiies for not elaborating in my response.
I have Firewalls, router, access-lists, personal firewalls, antivirus
QoS is just another idea to add another layer to my security.
And yes, you are correct when you said we need to know the profile of the
However, traffic like icmp can be give a less priority,
and we can maybe dodge worms like Blaster.
There may be many worms like Blaster that utilizes icmp.
>>Are these "network admins/engineers" studying for something like a CCIE and
>>need to 'play' on a production network? Or are they trying to justify their
Out of good faith, I would like to think that they care about their netework,
and all others are secondary.
>>In the right place, QoS mechanisms can work wonders, DiffServ and CBWFQ has
>>got me out of many holes, but you need to profile your traffic and
>>applications before even thinking about QoS mechanisms. An remember, work
>>out where congestion is occurring. It may b on the edge, it may be
>>throughout you network - if it is, apply marking on ingress and appropriate
>>QoS mechanisms everywhere
Thanks for the tip.
Maybe you can elaborate a bit more on this? :-)
>>Still trying to write one. I'll send you a draft when it is ready!
From: Dom [mailto:dom@xxxxxxxxxxxxxxxxxx]
Sent: Thursday, March 25, 2004 10:25 AM
To: Kim, Sean (MGT)
Subject: RE: Qos Beginner [7:86262]
Visit our Website www.sysdom.org
Sean wrote -
>>Thank you all for your responses.
>>I supposed being in Japan makes it difficult to participate in discussions
Why? Do you not have reasonable Internet connectivity? ;) (it is 1:20am here
in the UK)
>>A lot of people raised up the question.
>>'Do I really need Qos?
>>I also thought about this question before I started reading.
>>And I decided to seriously consider implementing Qos, based on the below
>>1. I have VoIP traffic(Not so extensive yet, but will be growing), that I
feel that I should give priority to.
>>2. My company may start doing some e-learning, which will required
video/audio multicast traffic, in which case, Qos
>>will come in handy. (based on my shallow knowledge of Qos) 3. I also
figures Qos can decrease the damage of certain
>>For instance, I figured it can prevent worms like Blaster and SQL slammer
from completely and spontaneouwly knocking out
Never! Ever! Rely on QoS to prevent worms. How do you know what to
rate-limit? NBAR, when it works (and it has to be reconfigured) will only
work when we know the profile of a worm
>>Granted, my network is having no bandwidth or performance issues, (except
some WAN links of course) and it probably
>>won't for any foreseeable future.
>>However, and please correct me if I am wrong, but I seemed to see Qos
becoming more important with the growing traffic
>>in all levels of network, and I see many network admins/engineers
implementing Qos in their network.
Are these "network admins/engineers" studying for something like a CCIE and
need to 'play' on a production network? Or are they trying to justify their
>>One may say, I have been reading one too many Cisco documents, :-) but
this is the impression I get.
In the right place, QoS mechanisms can work wonders, DiffServ and CBWFQ has
got me out of many holes, but you need to profile your traffic and
applications before even thinking about QoS mechanisms. An remember, work
out where congestion is occurring. It may b on the edge, it may be
throughout you network - if it is, apply marking on ingress and appropriate
QoS mechanisms everywhere
>>What do you all think?
>>ps. BTW, I am still looking for a good Qos book/document. :-)
The information in this e-mail is confidential and may be legally
privileged. It is solely for the intended addressee. Access to this e-mail
by anyone else is unauthorized. If you are not the intended recipient, any
disclosure, copying, distribution or any action taken or omitted to be taken
in reliance on it is prohibited and may be unlawful. KPMG does not
guarantee, warrant or represent that this email or any attachments will be
error free, virus free, nor that the transmission will not be delayed,
intercepted or interfered.
Message Posted at:
**Please support GroupStudy by purchasing from the GroupStudy Store:
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html