[j-nsp] A conceptual advice on QoS is needed

Saku Ytti saku at ytti.fi
Wed Mar 2 12:52:35 EST 2016


On 2 March 2016 at 19:01, Aaron <aaron1 at gvtc.com> wrote:

Hey,

> 1 - And if you are having volumetric-type ddos attacks filling your pipes,
> then that would mean that you would/could need qos everywhere if you were
> going to want "good" traffic to get through during attacks... right ?

Yes configure QoS on all links which might ever be congested.

> 2 - if you have links that are regularly experiencing congestion, I mean
> like daily/nightly and sustained congestion for an hour or more, then is qos
> really the "fix" for that ?  sounds like that's a bandwidth issue.

Whole premise of QoS is that not all traffic is created equal, if that
is not the case, if all traffic is equal, there is no point
configuring QoS. If some traffic is less important, then you'll just
drop more of that traffic, in effort avoid dropping the more important
traffic.

For Juniper you could use DCU to provide different qos class depending
on say BGP community. So perhaps you want to protect your high-margin
enterprise customers during congestion, and just drop more of your
residential DSL. Unfortunately realistically you cannot extend this
discrimination outside your network, so if your network border itself
is congested due to incoming traffic, there is nothing you can usually
do.

Some may think this is net neutrality issue, so you may need to be
careful how you market it.
-- 
  ++ytti


More information about the juniper-nsp mailing list