[j-nsp] (Again) Rewriting IP precedence

Jack Parks jackwparks at gmail.com
Tue Jan 10 09:35:56 EST 2006 

This sounds like the correct behavior for Juniper.  Re-write rules are
the last thing in the order of operations for CoS in JunOS. 
Basically, you're classifying a IP packet into a 'internal" forwarding
class/queue, then a label is imposed on the packet (making it a MPLS
packet), and the re-write rules now apply to the MPLS label(since the
packet was converted from an IP packet before the IP rewrite could
take place.  You would need to make the packet run through the IP2
twice (AS PIC?).  This would allow the packet to be processed as an IP
packet, and then as a MPLS packet.  Your Juniper SE would be a good
contact on how to do this.

There are many default policies in JunOS concerning CoS.  You should
be able to see these by using the show commands. (like the default
classifiers and re-write policies).  QoS/CoS is always on in JunOS,
whether you use/know it or not.

CoS order of operations:  See Figure 46.
http://www.juniper.net/techpubs/software/junos/junos73/swconfig73-interfaces/html/cos-overview4.html

Label imposition is in-between the two policer statements in the above
linked diagram (ballpark guess).  I'm not an expert by any means, but
I have had to do something similar to your problem recently.

Jack

On 1/10/06, Sorin CONSTANTINESCU <consta at gmail.com> wrote:
> Hi,
>
> It's not the first time i run into this problem, but i hope this time
> i'll be able to explain the problem better to you and get some help :)
>
> - R1 -
> Hardware: Juniper M5
> Software:  7.3R1.6
>
> I have the following topology:
>
> _Host_A_ ---> R1 -> R2 -> R3 -> R4 ---> _Host_B_
>                                 |
>                           _Host_C_
>
> The network is configured to run MPLS.
>
> On the ingress interface (dot1q gigabit subinterface), i have a
> firewall filter that changes the default forwarding-class
> (best-effort) to assured-forwarding with plp low.
>
> Under [class-of-service], i've defined a rewrite rule for inet-precedence:
>
> === cut here ===
> rewrite-rules {
>     inet-precedence clear-inet-precedence {
>         forwarding-class assured-forwarding {
>             loss-priority low code-point 000;
>         }
>     }
> }
> === and here ===
>
> If i ping Host C from Host A, the precedence is correctly rewriten to
> 000. If i ping Host B from Host A, the precedence is not cleared.
>
> The difference is that traffic from A to B is label-switched, and from
> A to C is not.
>
> I've also configured a rewrite-rule to clear exp precedence , but the
> precedence of the IPV4 packet inside is not cleared to 0x00.
>
> Thanks,
> --
> Sorin CONSTANTINESCU
> JNCIS-M, CCNP
> consta at gmail.com
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>

More information about the juniper-nsp mailing list