It is recommended that the minimum first step when deploying QoS techniques to protect a network against
DoS attacks should be to explicitly protect core routing, infrastructure devices, and mission-critical data traffic.
Traffic classification is a method used to partition traffic into groups or classes of service (CoS) dividing network
traffic into different categories. Traffic classification is followed by traffic marking, which is a method of
identifying certain traffic types for unique handling and allowing the marking (that is, set or change) of a value
(attribute) for the traffic belonging to a specific class. Traffic classification and traffic marking are closely related
and can be used together. Traffic marking can be viewed as an additional action, specified in a policy map, to be
taken on a traffic class.
As mentioned earlier, various QoS techniques are available for traffic classification and marking. Examples of
classification and marking techniques include Class-Based Weighted Fair Queuing (CBWFQ), Committed Access
Rate (CAR), Modular QoS CLI (MQC), and Network-Based Application Recognition (NBAR). These QoS
mechanisms can also be effectively used in combination. For example, MQC and NBAR with policing techniques
can be used in combination to give more granular control while regulating normal traffic flows.
Pages:
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373