RE: [j-nsp] DSCP marking for packets not leaving router

From: Jane Chen (zchen@juniper.net)
Date: Thu Apr 04 2002 - 11:23:33 EST

Next message: Damumnoc: "[j-nsp] Is Olive still available"
Previous message: Jane Chen: "RE: [j-nsp] DSCP marking for packets not leaving router"
Maybe in reply to: Blaz Zupan: "[j-nsp] DSCP marking for packets not leaving router"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

Another way to do it, is that you don't need to use interface group or
input firewall filter in the upstream1 port, just use this:

[edit]

class-of-service {
        interfaces {
                upstream1-port {
                                unit 0 {

                                        forwarding-class internet;
                                        }
                                }
                        }
        }

> -----Original Message-----
> From: Jane Chen
> Sent: Thursday, April 04, 2002 10:59 AM
> To: Josef Buchsteiner; Blaz Zupan; Ben Eater
> Cc: juniper-nsp@puck.nether.net
> Subject: RE: [j-nsp] DSCP marking for packets not leaving router
>
>
>
> upstream1 peering upstream2
> \ | /
> \ | /
> \ | /
> juniper m5 ---- c7206vxr
> / | | \
> / | | \
> customer customer customer customer
>
> filter upstream1 {
> term one {
> from interface group 1;
> then {
> forwarding-class internet;
> accept;
> }
> }
> term two {
> then accept;
> }
> }
>
> filter upstream2 {
> term one {
> from {
> dscp af23;
> }
> then {
> forwarding-class internet;
> accept;
> }
> }
> term two {
> then accept;
> }
> }
>
> [edit interfaces]
> interfaces upstream1 {
> unit logical-unit-number {
> family inet {
> filter {
> group 1 ;
> input upstream1 ;
> }
> }
> }
> }
> interfaces m5-to-cisco {
> unit logical-unit-number {
> family inet {
> filter {
> input upstream2 ;
> }
> }
> }
> }
>
> class-of-service {
> forwarding-classes {
> queue 2 internet;
>
> }
> interfaces {
> juniper-to-junipercustomer {
> scheduler-map foo;
> }
> }
> scheduler-maps {
> foo {
> forwarding-class internet scheduler internet;
> }
> }
> schedulers {
> internet {
> transmit-rate 2m exact; <= if you want the minimum
> guarantee 2M, but if no other traffic from other customers or
> from your
> internet peer, you don't need to put "exact" here, so the
> whole port can
> be used for transmitting the international traffic from
> upstream1 and 2.
> }
> }
>
> Jane
> > -----Original Message-----
> > From: Josef Buchsteiner
> > Sent: Thursday, April 04, 2002 8:32 AM
> > To: Blaz Zupan; Ben Eater
> > Cc: juniper-nsp@puck.nether.net
> > Subject: RE: [j-nsp] DSCP marking for packets not leaving router
> >
> >
> > At 05:54 PM 4/3/2002, Blaz Zupan wrote:
> > > > I think it sounds like you want to use interface-groups.
> > Assign the
> > > > interface to the upstream provider to an interface group:
> > >
> > >Hey, that looks like it might be the solution. The only
> > problem is, that I
> > >would like to also limit packets that are marked with a
> > certain DSCP by the
> > >Cisco (see the ASCII art of the real situation in the reply
> > I sent to Eduard).
> > >
> > >What would something like this do:
> > >
> > >filter foo {
> > > term one {
> > > from interface-group 1;
> > > then policer bar;
> > > }
> > > term two {
> > > from dscp af43;
> > > then policer bar;
> > > }
> > > term three {
> > > then accept;
> > > }
> > >}
> > >
> > >Let's say bar limits packets to 2Mbps. Would the above limit
> > packets comming
> > >from interface group to 2Mbps and packets comming in with
> > DSCP af43 to 2Mbps?
> > >Thus, the aggregate usage could be up to 4Mbps?
> >
> > correct
> >
> > > (Which is not what I would
> > >like).
> > >
> > >In pseudo-code, what I would like to achieve is something
> like this:
> > >
> > >
> > >filter foo {
> > > term one {
> > > from <packet comming from interface-group 1 *or* marked
> > with dscp af43>;
> > > then policer bar;
> > > }
> > > term two {
> > > then accept;
> > > }
> > >}
> > >
> > > >From the options I have, I don't seem to be able to
> > achieve the above.
> >
> > what about the following ?
> >
> > term 1 {
> > from {
> > interface-group 1;
> > }
> > then {
> > forwarding-class internet;
> > accept;
> > }
> > }
> > term 2 {
> > from {
> > dscp af23;
> > }
> > then {
> > forwarding-class internet;
> > accept;
> > }
> > }
> > term 3 {
> > then {
> > accept;
> > }
> > }
> > }
> >
> >
> > You assign this filter to the interface going to your internet peer
> > and now you define you class-of-service scheduler for this interface
> >
> >
> > <-- keep in mind this is very limited configuration and you
> > may want to
> > <-- set the proper defined the other queues like queue 3 for
> > network-control
> > <-- but this is just a simplified way to show how you can accomplish
> > <-- this
> >
> > class-of-service {
> > forwarding-classes {
> > queue 2 internet;
> >
> > }
> > interfaces {
> > so-0/0/3 {
> > scheduler-map foo;
> > }
> > }
> > scheduler-maps {
> > foo {
> > forwarding-class internet scheduler internet;
> > }
> > }
> > schedulers {
> > internet {
> > transmit-rate 2m exact;
> > }
> > }
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
>
>

Next message: Damumnoc: "[j-nsp] Is Olive still available"
Previous message: Jane Chen: "RE: [j-nsp] DSCP marking for packets not leaving router"
Maybe in reply to: Blaz Zupan: "[j-nsp] DSCP marking for packets not leaving router"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Mon Aug 05 2002 - 10:42:35 EDT