[j-nsp] (Again) Rewriting IP precedence

Rafal Szarecki (WA/EPO) rafal.szarecki at ericsson.com
Tue Jan 10 09:20:45 EST 2006 

Sorin,

If your rewrite rule is is applied on R2 interfaces, then system works as designed.

On Router 2, for traffic going to host_B, the lookup_key (notification cell) do not contain DS.-field/ToS. Also egress I/O manager is not able to rewrite filds in IP header. As you notice you can rewrite EXP. But then R4 has to do DS.-field/ToS rewrite, becouse only this router has access to IP header at egress B-chip. And note that default rewrite rule for IPv4 is " do nothing".

The reason why traffic going to Host_C is fine, is obvoius if your networ is going to implement PHP/explicit null label (default) or if you know that implicit null label is stripped by ingess B-chip. (and create somthing like logical interface.) Thus, from IP II and egress B-chip point of view traffic to Host_C is regular IP traffic. 

Rafał Szarecki JNCIE

skype me <callto://Rafal_Szarecki/> 

 

> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net 
> [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of 
> Sorin CONSTANTINESCU
> Sent: Tuesday, January 10, 2006 1:52 PM
> To: juniper-nsp at puck.nether.net
> Subject: [j-nsp] (Again) Rewriting IP precedence
> 
> Hi,
> 
> It's not the first time i run into this problem, but i hope 
> this time i'll be able to explain the problem better to you 
> and get some help :)
> 
> - R1 -
> Hardware: Juniper M5
> Software:  7.3R1.6
> 
> I have the following topology:
> 
> _Host_A_ ---> R1 -> R2 -> R3 -> R4 ---> _Host_B_
>                                 |
>                           _Host_C_
> 
> The network is configured to run MPLS.
> 
> On the ingress interface (dot1q gigabit subinterface), i have 
> a firewall filter that changes the default forwarding-class
> (best-effort) to assured-forwarding with plp low.
> 
> Under [class-of-service], i've defined a rewrite rule for 
> inet-precedence:
> 
> === cut here ===
> rewrite-rules {
>     inet-precedence clear-inet-precedence {
>         forwarding-class assured-forwarding {
>             loss-priority low code-point 000;
>         }
>     }
> }
> === and here ===
> 
> If i ping Host C from Host A, the precedence is correctly 
> rewriten to 000. If i ping Host B from Host A, the precedence 
> is not cleared.
> 
> The difference is that traffic from A to B is label-switched, 
> and from A to C is not.
> 
> I've also configured a rewrite-rule to clear exp precedence , 
> but the precedence of the IPV4 packet inside is not cleared to 0x00.
> 
> Thanks,
> --
> Sorin CONSTANTINESCU
> JNCIS-M, CCNP
> consta at gmail.com
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net 
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>

More information about the juniper-nsp mailing list