[j-nsp] Re-write rule for GRE interface

Shiva Shankar shankarks at gmail.com
Tue Jan 18 05:04:59 EST 2011 

Hi All, Thanks for the reply...

Dale,

I'm classifying packet on the ingress interface by matching all the packets
and associating it with forwarding-class EF and loss-priority low. When I do
a packet capture I can see the inner-most IP packet and upper label are
carrying appropiate DSCP and EXP values....When this MPLS packet is
encapsulated in a GRE packet, that is when TOS byte is to 00..

Diogo,

Yes, copy-tos-to-outer-ip-header doesn't work as the header following the
GRE header is a MPLS packet...I had tired simple output-firewall filters
too, but it didn't work either..I would try your suggestion of matching  GRE
packets + ipsrc + ipdst in the output filter..

output-forwading-class-map seems to be an option for M320/T series routers,
here its M7i...

Cheers

On Tue, Jan 18, 2011 at 2:16 AM, Diogo Montagner
<diogo.montagner at gmail.com>wrote:

> Hi,
>
> You can also try to apply an output firewall filter in the gre
> interface to rewrite the DSCP of the packet.
>
> I think the option copy-tos-to-outer-ip-header will not work because
> your inner packet is not an IP packet and this option only works for
> inner IP packet.
>
> If this does not work, you can apply an outbound firewall filter in
> the output direction of your interfaces matching GRE packets + ipsrc +
> ipdst of your tunnel and then applying the right dscp values.
>
> Another option you can give it a try is the output-forwarding-class-map:
>
> http://www.juniper.net/techpubs/en_US/junos9.6/information-products/topic-collections/config-guide-cos/cos-classifying-packets-by-egress-interface.html
>
> HTH
> ./diogo -montagner
>
>
>
> On Tue, Jan 18, 2011 at 4:59 AM, Dale Shaw <dale.shaw+j-nsp at gmail.com<dale.shaw%2Bj-nsp at gmail.com>>
> wrote:
> > Hi Shiva,
> >
> > On Monday, January 17, 2011, Shiva Shankar <shankarks at gmail.com> wrote:
> >> Hi All, Thanks for the reply. Platform is M7i, and the junos is 9.3
> >>
> > [...]
> >
> > How are you classifying traffic into the forwarding classes in the
> > first place? The rewrite-rule assumes traffic has been classified
> > already. For example, for the 'ef' rewrite-rule to work, you must have
> > already mapped your voice RTP traffic into the 'ef' forwarding-class.
> >
> > You need a Behaviour Aggregate (BA) classifier, Multi-Field (MF)
> > classifier or static classifier applied on the ingress interface(s)
> > under the class-of-service stanza.
> >
> > Cheers,
> > Dale
>  > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
> >
>

More information about the juniper-nsp mailing list