[j-nsp] WAN input prioritization on MX

Harry Reynolds harry at juniper.net
Sat Oct 13 01:48:46 EDT 2012 

Doug raises some good points.

Also, for testing, perhaps add some counters to the terms to aid in confirming matches. You may also want to show config | display detail/inheritance to see if the prefix list is expanding as you expect.

Regards



-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Doug Hanks
Sent: Friday, October 12, 2012 9:36 PM
To: Gustavo Santos; juniper-nsp at puck.nether.net
Subject: Re: [j-nsp] WAN input prioritization on MX

I'm sure it's working just fine. Are you checking the egress interface to see if the traffic is being marked and queued properly? A common mistake is to check the ingress interface queues.


If this doesn't work, we would need to see your entire class-of-service configuration.

On 10/12/12 6:04 PM, "Gustavo Santos" <gustkiller at gmail.com> wrote:

>Hi,
>
>I'm new on Juniper class of service / shaping. I'm reading some tech 
>docs from Juniper and a Juniper's  MX book, but it's kind tricky.
>Today I get asked to do a pretty simple configuration, but I tried some 
>settings but none of then worked. Any of you guys can help me with that?
>
>What I want to achieve is pretty (conceptualy speaking) simple.  I have 
>a Gig interface and want to rate limit the interface at 500Mbits , mark 
>a destination subnet with expedited forwarding class, mark anything 
>else with best effort. I tried the config below but it's not working.  
>The rate-limit works but the prioritization isn't.
>
>
>
>
>gustavo at MX5-1> show configuration firewall family inet filter 
>wan-control physical-interface-filter; term high-priority {
>    from {
>        destination-prefix-list {
>            high-priority-dst;
>        }
>    }
>    then {
>        policer limit500;
>        loss-priority low;
>        forwarding-class expedited-forwarding;
>        }
>}
>term else {
>    then {
>        policer limit500;
>        loss-priority high;
>        forwarding-class best-effort
>       }
>
>
>( policer limit500)
>physical-interface-policer;
>if-exceeding {
>    bandwidth-limit 480m;   (set the value lower to check policer
>working..
>but it wasn't as desired)
>    burst-size-limit 625k;
>}
>then discard;
>
>then the filter was applied on the interface family inet filter input 
>wan-control
>
>Gustavo Santos
>Analista de Redes
>CCNA , MTCNA , MTCRE, MTCINE, JUNCIA-ER 
>_______________________________________________
>juniper-nsp mailing list juniper-nsp at puck.nether.net 
>https://puck.nether.net/mailman/listinfo/juniper-nsp
>



_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list