[j-nsp] CoS value of return traffic

wojtas at wizja.net.pl wojtas at wizja.net.pl
Thu Oct 20 03:29:56 EDT 2011


Currently I'm running 11.1R1.14 . I will update You as soon as  
possible with the results.
Best

-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net  
[mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of ext Danny  
Vernals
Sent: Wednesday, October 19, 2011 11:42 AM
Cc: juniper-nsp at puck.nether.net
Subject: Re: [j-nsp] CoS value of return traffic

2011/10/19  <wojtas at wizja.net.pl>:
> So, asumming Your guess and the fact that router is preserving DSCP values
> in reflected packets one could do something like this:
>
> Set firewall family inet filter FILTER1 term T1 from dscp XYZ;
> Set firewall family inet filter FILTER1 term T1 then dscp XYZ;
> Set firewall family inet filter FILTER1 term T2 then accept;
>
> And this could set 802.1p bits to 3 most significant bits from DSCP XYZ.

It's certainly worth testing although if DSCP is preserved as you say,
you would think 802.1p would inherit the values like when they are
explicitly set in my example.  Let me know how you get on as if it
doesn't work, it might indicate a difference in 960 vs 80 or code
specific behavior.  What JunOS version are you running by the way?

> Please correct me if I am wrong.
> Thanks
>
> Wojtek
>
> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net
> [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of ext Danny Vernals
> Sent: Wednesday, October 19, 2011 10:02 AM
> Cc: Juniper-Nsp
> Subject: Re: [j-nsp] CoS value of return traffic
>
> On Tue, Oct 18, 2011 at 11:14 PM, Ben Dale <bdale at comlinx.com.au> wrote:
>>
>> Hi there,
>>
>> We are experiencing an issue caused by exactly this behaviour (Control
>> traffic from the RE being automatically marked as CoS 6), and I think the
>> current answer regarding changing the value is no.  We are currently getting
>> around it by looping traffic back into the MX80 (using physical ports) in
>> order to strip 802.1p off transit traffic, which is an expensive hack to say
>> the least.
>>
>
> I haven't tested this on an MX80 but on a MX960 (both DPC + MPC,
> running 10.4 irrc) if you use an egress lo0 firewall filter with a
> term with "then dscp #": 802.1p will inherit the value of the 3 most
> significant bits of the DSCP you have set.
>
>> When I get some more time in the lab I'll try using lt interfaces to do
>> the same.
>>
>> Cheers,
>>
>> Ben
>>
>> On 18/10/2011, at 9:40 PM, wojtas at wizja.net.pl wrote:
>>
>>> Hello,
>>> Is there a possibility to set the CoS (802.1p) value of return traffic
>>> from RE ?
>>> I know that You can do it for, at least , DSCP using:
>>> set class-of-service host-outbound traffic
>>> <dscp-code-point|forwarding-class)
>
> I couldn't say definitively but if I had to guess I'd say this would
> have the same effect as setting DSCP via egress firewall filter, i.e.
> 802.1p would inherit MSB values.
>
>>> Each time I send UDP echo probes to MX80 with different CoS values , the
>>> router responds with the same pattern 100(binary). The best workaround in
>>> this case would be to set CoS values according to the particular  
>>> DSCP (which
>>> is preserved in this case).
>>> Thanks in advance for Your help!
>>>
>>>
>>> _______________________________________________
>>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>>>
>>
>>
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
>

_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp




More information about the juniper-nsp mailing list