Filter
Top Products
Cisco EtherSwitch Service Modules Feature Guide
Information About the Cisco EtherSwitch Service Modules
10
Cisco IOS Release 12.2(25)SEC
• Kerberos security system to authenticate requests for network resources by using a trusted third
party (requires the cryptographic versions of the Cisco EtherSwitch service module software image)
• 802.1Q tunneling to allow customers with users at remote sites across a service provider network to
keep VLANs segregated from other customers, and Layer 2 protocol tunneling to ensure that the
customer network has complete STP, CDP, and VTP information about all users (available on the
Cisco EtherSwitch service module but not on the integrated services router [ISR])
QoS and CoS Features
• Automatic QoS (auto-QoS) to simplify the deployment of existing QoS features by classifying
traffic and configuring egress queues (voice over IP only).
• Cross-stack QoS for configuring QoS features on Cisco EtherSwitch service modules in a switch
stack rather than on an individual Cisco EtherSwitch service module basis.
• Classification
–
Classification on a physical interface or on a per-port per-VLAN basis.
–
IP type-of-service/differentiated services code point (IP ToS/DSCP) and 802.1p CoS marking
priorities on a per-port basis for protecting the performance of mission-critical applications.
–
IP ToS/DSCP and 802.1p CoS marking based on flow-based packet classification (classification
based on information in the MAC, IP, and TCP/UDP headers) for high-performance quality of
service at the network edge, allowing for differentiated service levels for different types of
network traffic and for prioritizing mission-critical traffic in the network.
–
Trusted port states (CoS, DSCP, and IP precedence) within a QoS domain and with a port
bordering another QoS domain.
–
Trusted boundary for detecting the presence of a Cisco IP phone, trusting the CoS value
received, and ensuring port security.
• Policing
–
Policing on a physical interface or on a per-port per-VLAN basis.
–
Traffic-policing policies on the Cisco EtherSwitch service module port for managing how much
of the port bandwidth should be allocated to a specific traffic flow.
–
Aggregate policing for policing traffic flows in aggregate to restrict specific applications or
traffic flows to metered, predefined rates.
• Out-of-profile markdown for packets that exceed bandwidth utilization limits
• Ingress queueing and scheduling
–
Two configurable ingress queues for user traffic (one queue can be the priority queue).
–
Weighted tail drop (WTD) as the congestion-avoidance mechanism for managing the queue
lengths and providing drop precedences for different traffic classifications.
–
Shaped round robin (SRR) as the scheduling service for specifying the rate at which packets are
dequeued to the stack internal ring (sharing is the only supported mode on ingress queues).