1
00:00:00,320 --> 00:00:07,140
Now before traffic policies can be applied to packets the packets need to be put into a class so as

2
00:00:07,140 --> 00:00:13,590
an example before you're allowed to take a first class seat someone checks your ticket to ensure that

3
00:00:13,590 --> 00:00:16,250
you are a first class passenger.

4
00:00:16,260 --> 00:00:22,050
So in other words before quality of service is applied to your packet the rod or switch needs to determine

5
00:00:22,050 --> 00:00:23,640
which class you belong to.

6
00:00:23,760 --> 00:00:29,130
If you belong to the platinum class you will get a platinum service but if you belong to the economy

7
00:00:29,130 --> 00:00:32,040
class you'll only get an economy service.

8
00:00:32,040 --> 00:00:37,410
But before the service is applied the Rado switch needs to determine which class you belong to and it

9
00:00:37,410 --> 00:00:43,800
can do that as an example by looking at the marking a FedEx sorting depot will sort packets based on

10
00:00:43,800 --> 00:00:51,090
the marking on a package packages with next day delivery or high importance will be processed differently

11
00:00:51,300 --> 00:00:56,060
to packages that have standard delivery markings on them.

12
00:00:56,160 --> 00:01:02,020
Best practices state that you should classify and Mark as close to the edge of the network as possible.

13
00:01:02,160 --> 00:01:08,460
So as an example IP phones will mark their traffic as it leaves the IP phone for other traffic types

14
00:01:08,460 --> 00:01:15,250
you want to try and do your classification and marking on your age switches so marking takes place on

15
00:01:15,250 --> 00:01:16,020
the edge.

16
00:01:16,030 --> 00:01:22,240
But every device along the path uses classification to determine what quality of service that traffic

17
00:01:22,300 --> 00:01:22,990
gets.

18
00:01:23,110 --> 00:01:29,260
It can do the classification based on three criteria either by looking at the marking in a header such

19
00:01:29,260 --> 00:01:31,500
as the costs or DSP value.

20
00:01:31,510 --> 00:01:38,170
It could also look at IP addressing such as the destination IP subnet that you're going to or source

21
00:01:38,170 --> 00:01:44,040
IP address or layer to MAC address or some other addressing criteria.

22
00:01:44,080 --> 00:01:47,620
So as an example it could look at destination port number.

23
00:01:47,740 --> 00:01:54,220
Are you going to a specific IP address and specific port number or are you going to something like Cisco

24
00:01:54,220 --> 00:01:57,360
dot com vs. Facebook dot com.

25
00:01:57,400 --> 00:02:05,320
So a domain address in addition routers can support deeper payload inspections by using application

26
00:02:05,320 --> 00:02:06,310
signatures.

27
00:02:06,310 --> 00:02:12,760
So by using network based application recognition or Anbar a writer can look deep into a package to

28
00:02:12,760 --> 00:02:15,010
determine how important that traffic is.

29
00:02:15,010 --> 00:02:19,670
So Inbar uses layers 47 for deep packet inspection.

30
00:02:19,810 --> 00:02:25,990
It is more CPA intensive and therefore you generally only do it at the edge of your network.

31
00:02:25,990 --> 00:02:32,410
Most applications can be identified using Layer 3 will layer for criteria such as IP addresses or well-known

32
00:02:32,410 --> 00:02:36,390
port numbers but other applications require deeper packet inspection.

33
00:02:36,790 --> 00:02:39,820
As an example HDP uses port 80.

34
00:02:39,970 --> 00:02:44,740
You don't want your riders classifying traffic going to Cisco dot com in the same way as Facebook dot

35
00:02:44,740 --> 00:02:45,550
com.

36
00:02:45,580 --> 00:02:52,930
Both of them could be using port EDI or port FL for 3 h GDP s so you may need to look deeper into the

37
00:02:52,930 --> 00:02:55,920
packet to determine where it's going.

38
00:02:55,940 --> 00:03:01,510
So as an example look at the domain name and then do your quality of service based on their destination

39
00:03:01,510 --> 00:03:02,510
domain name.

40
00:03:02,630 --> 00:03:09,820
Inbar supports two modes of operation we have passive mode and active mode passive mode provides real

41
00:03:09,820 --> 00:03:16,060
time statistics on applications per protocol per interface and gives bi directional statistics such

42
00:03:16,060 --> 00:03:18,970
as bitrate packet and byte counts.

43
00:03:18,970 --> 00:03:26,060
Active mode classifies applications for traffic marking so that quality of service policies can be applied.

44
00:03:26,140 --> 00:03:30,030
So are we actively looking at traffic types and then applying quality of service.

45
00:03:30,040 --> 00:03:37,690
Or are we just reviewing statistics of traffic going through a network so passive mode provides statistics

46
00:03:37,720 --> 00:03:44,110
but doesn't do marketing active mode allows you to do markings and apply quality of service policies.