[j-nsp] CoS Marking/Rewrite Theory - Update!

Michel de Nostredame d.nostra at gmail.com
Wed Sep 1 18:44:23 EDT 2010


It looks like can only perform the TOS bit to TOS bit translation.
However the most useful function will need to leverage firewall filter to
perform the "TOS bit marking" on the ingress.

It is very difficult to perform all those sophisticated marking on the
egress interface
by only leverage lame rewrite function.

For example, depends on PIC we have today, there are only 4~8 forwarding-class
can be used. However, there are more TOS type we can mark onto a packet. By
leveraging the policy statement together with egress firewall filters,
we can control
the bandwidth consumptions; if under some criteria (ex, exceed usage), we can
"re-mark" this packet to another TOS (or drop it, or something else.)

What I requested to my Juniper SE is to make ingress firewall filter
able to "mark"
each packet TOS bit on the "then" section.

And on the egress firewall filter needs to perform policy based on the
TOS bit in
the "from" section, and able to "mark" TOS inside "then" section.

For those J series software router, it should be easy to roll out
these functions
compares to those hardware based box (theoretically...)

--
Michel~



On Wed, Sep 1, 2010 at 11:12 AM, Mark Tinka <mtinka at globaltransit.net> wrote:
>
> So this is a very old thread (from nearly two years back):
>
> http://www.mail-archive.com/juniper-
> nsp at puck.nether.net/msg04181.html
>
> Looks like Juniper now provide support for ingress ToS
> remarking/rewriting, much like Cisco do. This is as opposed
> to the regular way it's done in JUNOS, which is rewriting on
> egress.
>
> This capability is supported in the Translation tables
> mechanism:
>
> http://www.juniper.net/techpubs/en_US/junos10.1/information-
> products/topic-collections/config-guide-cos/topic-27854.html
>
> Big problem, however: this feature is only supported on IQ2,
> IQ2E and the Trio line cards (including the MX80). Sadly,
> not even the DPC-E-Q-R on the MX240/480/960 is supported.
> Beats my understanding, but...
>
> So we're pretty much there, especially if you're a new
> Juniper user :-).
>
> Cheers,
>
> Mark.
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp


More information about the juniper-nsp mailing list