[j-nsp] Junos CoS - ingress hierarchical policer
Marcin Kurek
md.kurek at gmail.com
Thu May 18 08:01:11 EDT 2017
Hi Alan,
Yes I did, this was a part of my original plan :) However, this isn't
working as expected and I wasn't able to figure it out so far.
It looks like that despite I have MF classifier configured, default
implicit BA classifier kicks in and EF traffic that should be marked as
"premium" is policed as "aggregate".
xe-5/2/0 {
description TO-CPE;
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
unit 3001 {
description L3VPN;
vlan-id 3001;
family inet {
filter {
input MF-CLASSIFIER;
}
input-hierarchical-policer HP-IN;
address 172.30.1.1/24;
}
family inet6 {
address 2001:172:30:1::1/64;
}
forwarding-classes {
class FC0-BEST-EFFORT queue-num 0 priority low
policing-priority normal;
class FC1-SCAVENGER queue-num 1 priority low policing-priority
normal;
class FC2-CRITICAL-2 queue-num 2 priority low policing-priority
normal;
class FC3-CRITICAL-1 queue-num 3 priority low policing-priority
normal;
class FC4-VIDEO queue-num 4 priority low policing-priority normal;
class FC5-RT queue-num 5 priority high policing-priority premium;
class FC6-NC queue-num 6 priority low policing-priority normal;
}
filter MF-CLASSIFIER {
interface-specific;
term VOICE {
from {
dscp ef;
}
then {
count FC5-RT;
forwarding-class FC5-RT;
accept;
}
}
term DATA-1 {
from {
dscp af31;
}
then {
policer POLICER-3M;
forwarding-class FC3-CRITICAL-1;
accept;
}
}
term DATA-2 {
from {
dscp af21;
}
then {
policer POLICER-3M;
forwarding-class FC2-CRITICAL-2;
accept;
}
}
term BEST-EFFORT {
from {
dscp be;
}
then {
forwarding-class FC0-BEST-EFFORT;
accept;
}
}
policer POLICER-3M {
if-exceeding {
bandwidth-limit 3m;
burst-size-limit 100k;
}
then forwarding-class FC0-BEST-EFFORT;
hierarchical-policer HP-IN {
aggregate {
if-exceeding {
bandwidth-limit 10m;
burst-size-limit 100k;
}
then {
discard;
}
}
premium {
if-exceeding {
bandwidth-limit 2m;
burst-size-limit 50k;
}
then {
discard;
}
}
}
Thanks,
Marcin
W dniu 2017-05-18 o 13:49, Alan Gravett pisze:
> Hi Marcin,
>
> Have you looked into the Hierarchical Policer option?
>
> https://www.juniper.net/documentation/en_US/junos/topics/topic-map/policer-hierarchical.html
>
> This may help...
>
> Regards,
>
> Alan
>
> On Thu, May 18, 2017 at 1:22 PM, Marcin Kurek <md.kurek at gmail.com
> <mailto:md.kurek at gmail.com>> wrote:
>
> Right, sorry for not being precise enough, I meant MPC2-3D, so
> it's not "Q" card.
>
>
> W dniu 2017-05-18 o 13:05, sthaug at nethelp.no
> <mailto:sthaug at nethelp.no> pisze:
>
> Actually problem is that I have MX480 boxes with older
> MPC2 cards, so I
> think there are certain limitations in terms of number of
> queues,
> similar to -TR and -SE in case of ASR9k.
>
> The most important difference here is whether you have MPC2 cards
> which support per-VLAN queueing (e.g. MX-MPC2E-3D-Q) or just
> per-port
> queuing (e.g. MX-MPC2-3D). "show chassis hardware models" will
> tell
> you what you need to know.
>
> Steinar Haug, Nethelp consulting, sthaug at nethelp.no
> <mailto:sthaug at nethelp.no>
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> <mailto:juniper-nsp at puck.nether.net>
> https://puck.nether.net/mailman/listinfo/juniper-nsp
> <https://puck.nether.net/mailman/listinfo/juniper-nsp>
>
>
More information about the juniper-nsp
mailing list