[c-nsp] Sup720 & Sup32 ingress TOS/EXP marking

Ran Liebermann ranmails at gmail.com
Mon Jan 16 05:44:49 EST 2006 

Hi Onder,

I think you were referring to the case were the packet travels from
Laptop1 to Laptop2.  I was talking about the way from Laptop2 to
Laptop1, but any of those is equally well.

If we're talking about a packet travelling from Laptop1 to Laptop2
then I'd want the marking to be done on interface #2, on the ingress
to the Sup32.
In the situation in the diagram, the lab environment, I will only face
MPLS-to-MPLS packets there, but in real world it's a little more
difficult.

On the live network the Sup32 will be replaced by a Sup720-3BXL, and
the traffic isn't only VPN'ed, a large portion of it enters the
so-called-PE router as plain IP into the global routing table.
Therefore the packets entering interface #2 can be either IP-to-IP,
MPLS-to-MPLS, or MPLS-to-IP (I don't think we should expect IP-to-MPLS
packets at all).
So I'm looking for a way to mark traffic on the ingress, where the
packets can be divided to any one of the three options mentioned. 
There's no problem if the marking is done, as you mentioned, only to
the outer layer (as calculated to be on the egress interface) as I
will make sure that when disposition occurs in other places in the
network the experimental value will be mapped to the TOS byte.

Thanks!
--
Ran.


On 16/01/06, Önder Ergün (Probil-İstanbul) <onder.ergun at probil.com.tr> wrote:
> You can only set the mpls exp bit of an mpls packet not the precedence field of the ip header.
>
> I am not sure about Sup32 but Sup720 has strange behaviours with MPLS QoS which are documented also.
>
> From http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/122sx/swcg/mplsqos.htm
>
> "During IP-to-MPLS imposition, IP ToS marking is not supported. If you configure a policy to mark IP ToS, the PFC3BXL or PFC3B marks the EXP value. "
>
> So, in your test bed you can mark the ip precedence of packets on 7401 PE-CE interface, or mark the MPLS EXP bit on Sup32 but if you want to preserve the ToS byte you should use another policy on the PHP router(7200) to copy the EXP bit to precedence.
>
>
> Onder
>
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Ran Liebermann
> Sent: Sunday, January 15, 2006 10:53 AM
> To: Asbjorn Hojmark - Lists
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] Sup720 & Sup32 ingress TOS/EXP marking
>
> Hi,
>
> The topology of the test with the Sup32 is as following:
>
> Device type: Laptop1     7401       Sup32         7200       7200      Laptop2
> P/PE/CE    : ( CE ) --- ( PE ) --- (  P  ) ----  ( P ) ---- ( PE ) --- ( CE )
> Interface #:            1    2     3     4       5   6      7    8
>
> In the test we try to ping from Laptop2 to Laptop1, setting the packets with TOS=0x00.  The policy in question is deployed on interface #4 (on the Sup32).
>
> The configuration of the Sup32 is the following:
> -------------------- [Start Quote] -------------------- no mls flow ip no mls flow ipv6 mls qos no mls acl tcam share-global mls cef error action freeze !
> class-map match-all TEST
>  match mpls experimental topmost 0
> !
> policy-map TEST
>  class TEST
>   set precedence 3
> !
> interface GigabitEthernet5/8     ! i.e Interface #3 - Output interface
>  ip address x.x.31.129 255.255.255.252
>  ip router isis
>  speed nonegotiate
>  tag-switching ip
> !
> interface GigabitEthernet5/9     ! i.e. Interface #4 - Input interface
>  ip address x.x.31.2 255.255.255.128
>  ip router isis
>  mpls label protocol ldp
>  tag-switching ip
>  clns mtu 1000
>  service-policy input TEST
> -------------------- [ End Quote ] --------------------
>
> Show mpls forwarding-table command to the destination laptop from the 7200 P router:
>
> -------------------- [Start Quote] -------------------- 7200-P#show mpls forwarding-table x.x.31.134
> Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop
> tag    tag or VC   or Tunnel Id      switched   interface
> 199    16          x.x.31.132/30     97787460   Gi0/1.24   x.x.31.2
> 7200-P#
> -------------------- [ End Quote ] --------------------
>
> And the same command from the Sup32:
>
> -------------------- [Start Quote] -------------------- SUP32#show mpl for x.x.31.134
> Local  Outgoing    Prefix              Bytes tag  Outgoing   Next Hop
> tag    tag or VC   or Tunnel Id        switched   interface
> 16     Pop tag     x.x.31.132/30       93575410   Gi5/8      x.x.31.130
> SUP32#
> -------------------- [ End Quote ] --------------------
>
> And the packets are received with TOS=0x00 in Laptop1.
>
> Thanks!
> --
> Ran.
>
>
> On 14/01/06, Asbjorn Hojmark - Lists <Lists at hojmark.org> wrote:
> > > We've been trying to do TOS marking with both a Sup720-3BXL and a
> > > Sup32 at the ingress, but with no success.
> >
> > A little bit of config would be helpful...
> >
> > Are you trying to do that with trust? That's not supported on 1q4t
> > ports (except GE) like those on the 6348.
> >
> > How are you trying to mark the traffic? With 'set ip prec' in a policy
> > map for a service-policy on the ingress interface?
> >
> > -A
> >
> >
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list