[j-nsp] CoS on Junos5.3

Josef Buchsteiner josefb@juniper.net
Mon, 25 Nov 2002 09:10:58 +0100


At 07:38 AM 11/25/2002, Sonny wrote:
>Hi all,
>
>Recently I started on configuring CoS on Junos5.3R3.4 using the new
>syntax.
>
>The goal is to tag the IP-precedence bits (not DSCP) coming in from our
>WAN interface to 001, while maintaining other traffic untouched.
>
>On the incoming WAN interface, I have added the following firewall filter:
>
>[firewall filter acl-wan-in]
>
>term permit-any-any {
>     then {
>         count permit-any-any;
>         loss-priority high;
>         forwarding-class class-0;
>         accept;
>     }
>}
>
>On other interfaces, The loss-priority bit of incoming packets is
>untouched.
>
>Then I configured a rewrite policy on the CoS, following sample config on
>the Junos docs:
>
>forwarding-classes {
>     queue 0 class-0;
>     queue 1 class-1;
>     queue 2 class-2;
>     queue 3 class-3;
>}
>interfaces {
>     fe-0/2/0 {
>         unit 0 {
>             rewrite-rules {
>                 inet-precedence tag-traffic;
>             }
>         }
>     }
>}
>rewrite-rules {
>     inet-precedence tag-traffic {
>         forwarding-class class-0 {
>             loss-priority low code-point 000;
>             loss-priority high code-point 001;
>         }
>     }
>}
>
>Interface fe-0/2/0.0 is the FE interface facing our internal network. Thus
>the tagging is done when the packet leaves the router.
>
>The peculiar thing observed is that, the first time when the interface and
>rewrite-rules are "commit"-ed at the same time, the TOS bits were not
>rewritten.

Sonny,
         can you send me the message log which contains the time-frame
where you performed the commit initially and also send me the show version
and show chassis hardware. Just to confirm you message. You can not
reproduce the symptom again as it did only happen the first time, correct ?

thanks
Josef




>  Only when I de-activate the interface under CoS hierarchy (then
>commit) and then re-activate the inteface (then commit again) that the TOS
>bits were rewritten. I verified the TOS bits by sniffing the fe-0/2/0.0
>using tcpdump.
>
>Is this the expected behaviour, or have I missed anything out?
>
>Many thanks for any help rendered.
>
>regards,
>sonny
>
>_______________________________________________
>juniper-nsp mailing list juniper-nsp@puck.nether.net
>http://puck.nether.net/mailman/listinfo/juniper-nsp