[j-nsp] DSCP field not matched

Sun May 31 15:43:10 EDT 2020

Dear experts

I’ve two EX4300 (17.3R3-S3.3) connecting a WAN link and running macsec over
the WAN link, behind these EX4300 and on top to this link we’ve MX104
running MPLS traffic which pass through.

Since I’d like to run QoS on this WAN link, I see that EX4300 do not
matches dscp nor ip-precedence field.

Does anybody experience this kind of issue ?

Here the config of the fw filter applied in ingress:

set firewall family ethernet-switching filter QOS term PRIO from dscp cs4

set firewall family ethernet-switching filter QOS term PRIO then accept

set firewall family ethernet-switching filter QOS term PRIO then
forwarding-class prio

set firewall family ethernet-switching filter QOS term PRIO then count
COS-PRIO

set firewall family ethernet-switching filter QOS term VOICE from dscp ef

set firewall family ethernet-switching filter QOS term VOICE then accept

set firewall family ethernet-switching filter QOS term VOICE then
forwarding-class voice

set firewall family ethernet-switching filter QOS term VOICE then count
COS-VOICE

set firewall family ethernet-switching filter QOS term VIDEO from dscp af41

set firewall family ethernet-switching filter QOS term VIDEO from dscp af42

set firewall family ethernet-switching filter QOS term VIDEO from dscp af43

set firewall family ethernet-switching filter QOS term VIDEO then accept

set firewall family ethernet-switching filter QOS term VIDEO then
forwarding-class video

set firewall family ethernet-switching filter QOS term VIDEO then count
COS-VIDEO

set firewall family ethernet-switching filter QOS term NETWORK-CONTROL from
dscp cs6

set firewall family ethernet-switching filter QOS term NETWORK-CONTROL then
accept

set firewall family ethernet-switching filter QOS term NETWORK-CONTROL then
forwarding-class network-control

set firewall family ethernet-switching filter QOS term NETWORK-CONTROL then
count COS-NETWORK-CONTROL

set firewall family ethernet-switching filter QOS term LOW from dscp cs1

set firewall family ethernet-switching filter QOS term LOW from dscp af11

set firewall family ethernet-switching filter QOS term LOW from dscp af12

set firewall family ethernet-switching filter QOS term LOW from dscp af13

set firewall family ethernet-switching filter QOS term LOW then accept

set firewall family ethernet-switching filter QOS term LOW then
forwarding-class low

set firewall family ethernet-switching filter QOS term LOW then count
COS-LOW

set firewall family ethernet-switching filter QOS term BULK from dscp cs2

set firewall family ethernet-switching filter QOS term BULK from dscp af21

set firewall family ethernet-switching filter QOS term BULK from dscp af22

set firewall family ethernet-switching filter QOS term BULK from dscp af23

set firewall family ethernet-switching filter QOS term BULK then accept

set firewall family ethernet-switching filter QOS term BULK then
forwarding-class bulk

set firewall family ethernet-switching filter QOS term BULK then count
COS-BULK

set firewall family ethernet-switching filter QOS term BE then accept

set firewall family ethernet-switching filter QOS term BE then
forwarding-class best-effort

set firewall family ethernet-switching filter QOS term BE then count COS-BE

Here what is matching:

Name                                                Bytes
Packets

COS-BE                                          635191150
2341894

COS-PRIO                                          0                    0

COS-NETWORK-CONTROL                               1970176
24149

COS-LOW                                           0                    0

COS-BULK                                          0                    0

COS-VIDEO
0                    0

COS-VOICE                                               0
                   0

Basically only BE matches and Network control since on MX is running OSPF
and BGP (not family MPLS).

It seems EX4300 is not able to intercept family MPLS dscp field.

Any idea ?

Cheers

James