[c-nsp] Problem with dscp packets marking on 76th platform.
Thomas Habets
thomas at habets.pp.se
Thu Nov 26 14:11:28 EST 2009
On Thu, 26 Nov 2009, selamat pagi wrote:
> When you did your first test, CE-PE1-P-PE2 where there still vrf's
> configured. That would explain why you did not see DSCP-values, you would
> have seen EXP-values. You still would have 1 label (vpn-label).
No, I had multiple P routers in a row where I matched on EXP and saw this.
And I think this was also an issue outgoing from the egress PE when there
is no label (only DSCP) and I matched on DSCP.
Really, the show-policy-map-interface counters don't work unless you set
something in the matching class on 6500/7600.
Yes. Really.
> To prove this, could you change your policy to match EXP 4 instead of DSCP
> 39 ?
That's what I did. Since as you say, only the outer label is popped by
PHP.
Like I said: sniff the traffic if you think things aren't being tagged.
They may well be tagged properly. Also you can try traceroute through the
network with a traceroute that understands EXP in the TTL expired messages
(where the traceroute probes ought to be tagged). Doesn't work all that
well if you have no-propagate-ttl though.
---------
typedef struct me_s {
char name[] = { "Thomas Habets" };
char email[] = { "thomas at habets.pp.se" };
char kernel[] = { "Linux" };
char *pgpKey[] = { "http://www.habets.pp.se/pubkey.txt" };
char pgp[] = { "A8A3 D1DD 4AE0 8467 7FDE 0945 286A E90A AD48 E854" };
char coolcmd[] = { "echo '. ./_&. ./_'>_;. ./_" };
} me_t;
More information about the cisco-nsp
mailing list