Cisco Gigabit Ethernet Switch Module for HP p-Class BladeSystem Software Configuration Guide
1-8
Cisco Gigabit Ethernet Switch Module for HP p-Class BladeSystem Software Configuration Guide
380261-003
Chapter 1 Overview
Features
• Kerberos security system to authenticate requests for network resources by using a trusted third
party (requires the cryptographic version of the software)
• Secure Socket Layer (SSL) Version 3.0 support for the HTTP 1.1 server authentication, encryption,
and message integrity and HTTP client authentication to allow secure HTTP communications
(requires the cryptographic version of the software)
QoS and CoS Features
These are the QoS and CoS features:
• Automatic QoS (auto-QoS) to simplify the deployment of existing QoS features by classifying
traffic and configuring egress queues
• Classification
–
IP type-of-service/Differentiated Services Code Point (IP ToS/DSCP) and IEEE 802.1p CoS
marking priorities on a per-port basis for protecting the performance of mission-critical
applications
–
IP ToS/DSCP and IEEE 802.1p CoS marking based on flow-based packet classification
(classification based on information in the MAC, IP, and TCP/UDP headers) for
high-performance quality of service at the network edge, allowing for differentiated service
levels for different types of network traffic and for prioritizing mission-critical traffic in the
network
–
Trusted port states (CoS, DSCP, and IP precedence) within a QoS domain and with a port
bordering another QoS domain
–
Trusted boundary for detecting the presence of a Cisco IP Phone, trusting the CoS value
received, and ensuring port security
• Policing
–
Traffic-policing policies on the switch port for managing how much of the port bandwidth
should be allocated to a specific traffic flow
–
In Cisco IOS Release 12.2(25)SED and later, if you configure multiple class maps for a
hierarchical policy map, each class map can be associated with its own port-level (second-level)
policy map. Each second-level policy map can have a different policer.
–
Aggregate policing for policing traffic flows in aggregate to restrict specific applications or
traffic flows to metered, predefined rates
• Out-of-Profile
–
Out-of-profile markdown for packets that exceed bandwidth utilization limits
• Ingress queueing and scheduling
–
Two configurable ingress queues for user traffic (one queue can be the priority queue)
–
Weighted tail drop (WTD) as the congestion-avoidance mechanism for managing the queue
lengths and providing drop precedences for different traffic classifications
–
Shaped round robin (SRR) as the scheduling service for specifying the rate at which packets are
sent to the ring (sharing is the only supported mode on ingress queues)