[Fwd: RE: [c-nsp] MPLS EXP label imposition]

David Freedman david.freedman at uk.clara.net
Mon Sep 12 05:15:07 EDT 2005

/me forwards this on.

Does anybody else have a strategy for dealing with this?

I can't say that the default cisco behaviour of copying QoS information 
from IP to MPLS automatically is a good thing for us at the moment....


-------- Original Message --------
Subject: RE: [c-nsp] MPLS EXP label imposition
Date: Mon, 12 Sep 2005 08:33:11 +0200
From: Oliver Boehmer (oboehmer) <oboehmer at cisco.com>
To: David Freedman <david.freedman at uk.clara.net>

David Freedman <mailto:david.freedman at uk.clara.net> wrote on Friday,
September 09, 2005 12:39 PM:

>  >> If it is the default behaviour whether there is a global
>  configuration >> to prevent this from happening.
>  >> Or, if the only way to prevent this from happening is to manually
>  >> rewrite all precedence bits to 0.
>  >
> Following on from Merlin's Question, We're currently looking at a way
> of avoiding having to do this on all entrypoints.
> The problem is, whereas its simple to imply on connections external to
> the network (such as peering and transit), its not so simple when it
> comes down to implying it on Gateway / PE routers, of which we have
> lots in multiple countries with literally thousands of
> interfaces/subinterfaces. 

I don't know anything about your network, but if it resembles most other
ISP networks, I don't think there is much you can do other than applying
a generic policy-map on all customer interfaces. Since you can use the
same policy-map on all interfaces where you want to re-mark the pkts to
dscp default, this process should be script'able.

> We are mainly concerned, therefore in securing PE routers.
> I experimented with QPPB for this, on the PE->P interfaces, with a map
> that set precedence to zero , such as:

I don't think QPPB will do what you want as it will, as you say, not
differentiate between customers allowed to mark their pkts and those who

> Does anybody else have any ideas?

you sent this email unicast to me ;-)


More information about the cisco-nsp mailing list