What is the problem with 802.1p?


With 802.1q and 802.1p (see the introduction for background), we have a means to color traffic on Ethernet. Hopefully, there’s a network element (such as a switch) that can use this information to prioritize our traffic appropriately. So what can go wrong? In an ideal world, you’d think that, at worst, the middle network elements don’t do prioritization. You’d assume they would ignore the tag. Sadly, it’s more complex. Gabe wrote about this before but I want to delve more into the topic.


Your NIC is responsible for adding the 802.1q tag to the outgoing packet. When Windows gives a packet to the driver, it tells it which 802.1p value to use for the packet. A few options:



  1. Your NIC doesn’t know about 802.1p. If so, your packet goes out without an 802.1q tag.
  2. Your NIC knows about 802.1p but it’s not configured to add the tags to outgoing packets. Before Vista, this was the default for most NICs that support 802.1q. To enable 802.1q tagging, you’ll need to check the adapter properties. For example, to do so on XP:

    1. Open the control panel then open Network Connections.
    2. Right click on your adapter then select Properties.
    3. Click on Configure. This is one of a many ways to reach the NIC device’s properties.
    4. Look under the Advanced tab. You’re looking for something that says QoS, tagging or priority. The exact name used for this property varies per NIC vendor. For example, for my Intel NIC, the name is 802.1p QoS Packet Tagging.
    5. Some NICs will reset themselves if you change this property. Therefore, you may lose whatever network connections you have going. Enable it, at your own risk.

  3. Your NIC knows about 802.1q and is enabled by default to tag (if appropriate). You’ll see more and more NICs and drivers with this behavior in Vista.

But when is it appropriate to tag? The NDIS documentation for device writers is very clear. If the user priority is 0, a tag should not be added. 0 is the default priority. It signifies best effort. Traffic tagged with this value is treated the same way as traffic without a tag. Unfortunately, in the past, some drivers misbehaved and would always tag.


What’s wrong with always tagging? It assumes that 802.1q is supported by all destinations and network elements on the source’s subnet. That’s an invalid assumption. Many devices already on the market — for example NICs and Internet Gateway Devices (IGD) — don’t know about 802.1q. Typically, this manifests itself in one of a few ways:



  1. The device crashes.
  2. The device discards any packets with an 802.1q tag. It doesn’t ignore the tag or remove it, it drops the packet! Imagine if that was the switch at your first hop. Suddenly, the host has lost all connectivity.
  3. The device does basic packet validation and discards 802.1q tagged packets based on rules for packets without 802.1q tags. For example:

    1. Remember, 802.1q tagged packets are 4 bytes longer than non tagged packets. Those are 4 bytes for the tag, not for the IP payload.
    2. Therefore, the maximum packet length is 4 bytes longer.
    3. As a result, the path MTU has changed. This surprises many Audio/Video (AV) applications that assume that they can send IPv4 packets with 1472 bytes of data.

And this weird behavior varies per destination!!!


At home, I use a widely available brand-name IGD. If I turn on the adapter property on my main computer’s NIC (that shall remain nameless), I suddenly can’t talk to one of my other computers. I also can’t talk to the internet anymore. While the 4 port switch in my IGD doesn’t mind 802.1q tag, the routing part for the NAT for the WAN port does. Luckily, I can still talk to my XBoX 360. What a mess though.


Since there are good reasons to use 802.1p, as Gabe mentioned in The Necessity for End-to-End QoS Experiments, it is a mess we are trying to clean-up in Vista.


Mathias


Comments (9)

  1. Arne Lovius says:

    maybe I’m nissing something, but…

    802.1p and 802.1q are completely different beasts. I use VLAN tagging (also called VLAN trunking) on a server connected to a switch that has a VLAN trunk port connected to the server, and port based VLANS for conecting to each of the other devices, its kind of liek a multiplexer for subnets…

    If you have a VLAN tagged frame on ‘the wire’ then anyhthing that doesn’t know about VLAN tagging will ignore it, this is correct behavior.

    QOS tags on the other hand are rather different, you can either ‘honour’ the tag, or just not understand it, but if you don’t understand it then the packet is processed as normal.

  2. wndpteam says:

    As I described in the previous post, 802.1q is the container, the tag. It’s used to carry both VLAN IDs and 802.1p. However, you can certainly deploy VLAN or 802.1p prioritization in your network without the other. Thus, you’re correct, I can create VLANs in my enterprise yet have my switches ignore the 802.1p part of the tag. Conversely, I can configure such enterprise switches to do prioritization (using the 802.1p part of the 802.1q tag) without configuring VLANs.

    All this tends to work wonderfully in enterprise networks. The reason is probably the type of hardware you’ve installed in your enterprise.

    Sadly, that’s not true of home network equipment.

    For starters, I’ve yet to see an IGD (from Linksys, netgear or DLink for example) with which to create VLANs. The home consummer and SOHO markets don’t want/need that feature.

    However, that doesn’t mean you don’t want 802.1p prioritization in your network. At the minimum, you’d think these devices would ignore the 802.1q tag.

    Since that’s not the case, we thought it might be worth taking a few minutes to write this new post.

    Hope I’ve clarified why we have this post. If not, let me know where details I required and I’ll gladly fill in.

    -Mathias

  3. droid says:

    I had subtle but serious problems with my DLink and Vista but had no clue what could cause them. This might explain the problems.

    The issue was simply that while I could access the Internet, accessing the router configuration turned out to be quite difficult. For example, trying to telnet into the box resulted that my keystrokes were processed appropriately in the box, but I received nothing back. I confirmed this by logging in blind and trying PING – it worked but didn’t get a thing back in the telnet prompt.

  4. Gustavo says:

    I’m trying to add VLAN capacity to the network at work. So, we bought 2 Linksys SRW2024 switch with VLAN tagging. If the switch tag the port then the PC’s drops the frames. So, I checked the 30 pc’s network adapters to configure the 802.1q support, windows environment. You can imagine, a looooot of manufacturers: Realtek, Asus lan integrated, Dlink, 3Com…. and NO ONE support 802.1q!!!!

    So, as someone says "if you want tagged VLAN all devices must support tagging (network cards, switches, routers, all)".

    By now, we can use VLAN in the linksys switches but without tagging.

    (sorry for my poor english)

  5. Jeff J. says:

    QoS is even more important for Wi-Fi (802.11 wireless LAN) than it is for Ethernet, since the channel capacities are lower and unlicensed-band wireless is inherently a shared medium.

    The IEEE 801.11e standard defines QoS for 802.11 networks, and the Wi-Fi Alliance’s WMM standard provides a simplified interface that is getting better support than 11e, at least in the near future.

    WMM and 11e both define 4 QoS levels that are mapped to the 8 QoS levels in 802.1p priority and in the 802.1Q User Priority field. (The exact mapping is spelled out in Table 20.23 of P802.11e-13.)

    So, the question is: does Windows provide support for 11e/WMM QoS, or is that purely a radio-card driver issue? I am not a programmer, but I am trying to understand what I, as a manufacturer of Wi-Fi equipment, can tell our customers about creating QoS-enabled applications.

    Jeff J.

  6. obertin says:

    Hey, I bumped into this page by searching about enabling 802.1Q on my system so I could set the port on the swith as trunk and get my system to see systems on all VLANs / networks adding multiple IP addresses to it. I know it is not the subject at hand, but since it has some relation with it and probably at least one of you guys will be able to point me to the right link, I gave it a go. Thanks in advance.

  7. obertin says:

    Never mind I found the info (at least for intel pro cards) here is the link in case anyone else needs it:

    http://www.lanarchitect.net/Articles/VLANTrunking/Implementation/

  8. Some weeks ago I described 802.1p. It’s a way to color traffic on your local network segment. If you…

  9. Protekks says:

    All, I have to apologise but every comment in this thread has a little bit of the truth without understanding the gist of it. I will keep this high level……but 802.1Q is a way of encapsulating layer 2 ethernet so that you can get the frame to another part of the network. In plain terms it forms a “trunk” so that you can have vlans/subnets available in many different parts of a network. This occurs through vlan tagging. However, within that 802.1Q encapsulation is a 3 bit field we can use to provide Quality of Service (QOS) to a layer 2 frame. This is 802.1P, which uses a 3 bit field available in the 802.1q frame. What does this mean to you? On a PC nothing, because any properly configured netwok which runs QOS will never trust a QOS marking from a P.C. anyway. At home, 802.1p or Q will do nothing but mess your network devices around, most home devices are of such a pathetic specification they wouldnt understand 802.1q or p anyway, and if they did it would be pointless because this only has usability if you have two switches or plenty of machines and you need to segregate them…..my advice leave the NIC alone.

    Hi Protekks,

    I have to dissagree with your statement about PC trust. Let me clarify a few things:

    (1) 802.1Q is a tag (inserted field in Ethernet frame header) in the 802.3 frame which provides ancillary information (VLAN and priority); not an encapsulation scheme for Ethernet.

    (2) It is absolutely safe to trust 802.1p and DSCP from Windows Vista PCs; especially in a home network. 802.1p is an underlying principle for WiFi WMM which is now enabled by default on a majority of wireless home routers. Because of the wireless implications, rather than a fully wired network, 802.1p is important. We are; however, seeing a significant amount of layer-2 wireless devices implementing priority based on layer-3 DSCP. While on the surface this seems like a layering violation, it overcomes the problems you mention with 802.1p.

    (3) I agree that there are problems with 802.1p because many home network devices don’t implement it properly. Because of the problems with how 802.1p is implemented in many switches and NICs, Windows is intelligent about when to add a tag and when not to (which mitigates the problem). For example, if an interconnecting switch simply drops 802.1p tagged frames, Windows will discover that and not add a tag even if the application requests it.