[j-nsp] Junos CoS - ingress hierarchical policer

Dragan Jovicic draganj84 at gmail.com
Thu May 18 09:53:43 EDT 2017 

You can do ingress shaping and Q-ing, but it will require both Q-ing chip
and changing default egress-only Q-ing to both ingress-and-egress (on MX at
least).
Something usually not done on egde router (I guess, depends on your 'edge').

Instead for such customers we prefer to install CPE at their premise where
such qos is done (marking+policing+egress shaping/Q-ing).

You should not use policers to chop packets from same flow to different
forwarding classes as this introduces reordering (e.g. if < 3M then
FC-CRITICAL, else FC-BE).
If using soft policing only try to remark loss priority or drop.



BR,

+Dragan

On Thu, May 18, 2017 at 2:01 PM, Marcin Kurek <md.kurek at gmail.com> wrote:

> Hi Alan,
>
> Yes I did, this was a part of my original plan :) However, this isn't
> working as expected and I wasn't able to figure it out so far.
> It looks like that despite I have MF classifier configured, default
> implicit BA classifier kicks in and EF traffic that should be marked as
> "premium" is policed as "aggregate".
>
> xe-5/2/0 {
>         description TO-CPE;
>         flexible-vlan-tagging;
>         encapsulation flexible-ethernet-services;
>         unit 3001 {
>             description L3VPN;
>             vlan-id 3001;
>             family inet {
>                 filter {
>                     input MF-CLASSIFIER;
>                 }
>                 input-hierarchical-policer HP-IN;
>                 address 172.30.1.1/24;
>             }
>             family inet6 {
>                 address 2001:172:30:1::1/64;
>             }
>
> forwarding-classes {
>         class FC0-BEST-EFFORT queue-num 0 priority low policing-priority
> normal;
>         class FC1-SCAVENGER queue-num 1 priority low policing-priority
> normal;
>         class FC2-CRITICAL-2 queue-num 2 priority low policing-priority
> normal;
>         class FC3-CRITICAL-1 queue-num 3 priority low policing-priority
> normal;
>         class FC4-VIDEO queue-num 4 priority low policing-priority normal;
>         class FC5-RT queue-num 5 priority high policing-priority premium;
>         class FC6-NC queue-num 6 priority low policing-priority normal;
>     }
>
>  filter MF-CLASSIFIER {
>             interface-specific;
>             term VOICE {
>                 from {
>                     dscp ef;
>                 }
>                 then {
>                     count FC5-RT;
>                     forwarding-class FC5-RT;
>                     accept;
>                 }
>             }
>             term DATA-1 {
>                 from {
>                     dscp af31;
>                 }
>                 then {
>                     policer POLICER-3M;
>                     forwarding-class FC3-CRITICAL-1;
>                     accept;
>                 }
>             }
>             term DATA-2 {
>                 from {
>                     dscp af21;
>                 }
>                 then {
>                     policer POLICER-3M;
>                     forwarding-class FC2-CRITICAL-2;
>                     accept;
>                 }
>             }
>             term BEST-EFFORT {
>                 from {
>                     dscp be;
>                 }
>                 then {
>                     forwarding-class FC0-BEST-EFFORT;
>                     accept;
>                 }
>             }
>
>     policer POLICER-3M {
>         if-exceeding {
>             bandwidth-limit 3m;
>             burst-size-limit 100k;
>         }
>         then forwarding-class FC0-BEST-EFFORT;
>
> hierarchical-policer HP-IN {
>         aggregate {
>             if-exceeding {
>                 bandwidth-limit 10m;
>                 burst-size-limit 100k;
>             }
>             then {
>                 discard;
>             }
>         }
>         premium {
>             if-exceeding {
>                 bandwidth-limit 2m;
>                 burst-size-limit 50k;
>             }
>             then {
>                 discard;
>             }
>         }
>     }
>
> Thanks,
>
> Marcin
>
>
> W dniu 2017-05-18 o 13:49, Alan Gravett pisze:
>
>> Hi Marcin,
>>
>> Have you looked into the Hierarchical Policer option?
>>
>> https://www.juniper.net/documentation/en_US/junos/topics/
>> topic-map/policer-hierarchical.html
>>
>> This may help...
>>
>> Regards,
>>
>> Alan
>>
>> On Thu, May 18, 2017 at 1:22 PM, Marcin Kurek <md.kurek at gmail.com
>> <mailto:md.kurek at gmail.com>> wrote:
>>
>>     Right, sorry for not being precise enough, I meant MPC2-3D, so
>>     it's not "Q" card.
>>
>>
>>     W dniu 2017-05-18 o 13:05, sthaug at nethelp.no
>>     <mailto:sthaug at nethelp.no> pisze:
>>
>>             Actually problem is that I have MX480 boxes with older
>>             MPC2 cards, so I
>>             think there are certain limitations in terms of number of
>>             queues,
>>             similar to -TR and -SE in case of ASR9k.
>>
>>         The most important difference here is whether you have MPC2 cards
>>         which support per-VLAN queueing (e.g. MX-MPC2E-3D-Q) or just
>>         per-port
>>         queuing (e.g. MX-MPC2-3D). "show chassis hardware models" will
>>         tell
>>         you what you need to know.
>>
>>         Steinar Haug, Nethelp consulting, sthaug at nethelp.no
>>         <mailto:sthaug at nethelp.no>
>>
>>
>>     _______________________________________________
>>     juniper-nsp mailing list juniper-nsp at puck.nether.net
>>     <mailto:juniper-nsp at puck.nether.net>
>>     https://puck.nether.net/mailman/listinfo/juniper-nsp
>>     <https://puck.nether.net/mailman/listinfo/juniper-nsp>
>>
>>
>>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>

More information about the juniper-nsp mailing list