SRX Services Gateway
Blogs
Discussion Forums
Programs & Events
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
juniper-mike
Visitor
juniper-mike
Posts: 7
Registered: ‎08-13-2011
0

SRX240 802.1p CoS classifier help please, i just need to mark not police.

Options

‎10-03-2011 12:15 PM

Hi

 

I need to mark some packets not police leaving the SRX on a phsyical interface ge-0/0/15 to telco kit on a 1q trunk

 

The Telco device upstream will police depending on the tagging that i mark.

 

The interface is a trunk and has VLAN id in it i capture with wireshark and a hub.

 

How do i  mark certain frames based on source IP leaving the interface towards the telco device?

 

 

Do i just need to do the following to mark the outgoing 1.q tagged taffic from the 10.10.10.0/24 network?

 

firewall {
    filter mf_class {
        term fromVOICE {
            from {
                address {
                    10.10.10.0/24;
                }
            }
            then {
                loss-priority low;
                forwarding-class expedited-forwarding;
                accept;
            }
        }
    }
}


ge-0/0/15 {
        vlan-tagging;
        unit 100 {
            vlan-id 100;
            family inet {
                filter {
                    output mf_class;
                }
                address 1.1.1.3/28;
            }
        }
    }
}

 thanks for looking



 


 

Message 1 of 6 (235 Views)
 
Reply
Distinguished Expert
Distinguished Expert
pk
Posts: 676
Registered: ‎10-09-2008
0

Re: SRX240 802.1p CoS classifier help please, i just need to mark not police.

Options

‎10-03-2011 12:19 PM

Hi

 

You will also need to configure rewrite-rules. See for example this thread

 

http://forums.juniper.net/t5/SRX-Services-Gateway/How-to-set-802-1p-Cos/m-p/110554

 

please tell me if this works for you.

Best Regards,
Peter (PK)

Juniper Ambassador, Juniper Networks Certified Instructor,
JNCIE-SEC, JNCIP-(M,ENT) JNCIS-(SA,AC,FWV) JNCIA-(IDP,WX)
[Juniper Authorized Education & Support in Russia]
Message 2 of 6 (232 Views)
 
Reply
juniper-mike
Visitor
juniper-mike
Posts: 7
Registered: ‎08-13-2011
0

Re: SRX240 802.1p CoS classifier help please, i just need to mark not police.

Options

‎10-03-2011 12:56 PM

thankyou pk , im looking forward to getting back into work tomorrow to test it out.

(i wish i'd of brought the kit home)

Message 3 of 6 (226 Views)
 
Reply
juniper-mike
Visitor
juniper-mike
Posts: 7
Registered: ‎08-13-2011
0

Re: SRX240 802.1p CoS classifier help please, i just need to mark not police.

Options

‎10-04-2011 01:24 PM

i've managed to get DSCP rewrite working, but the 802.1p doesnt work, never changes from 000

 

i need 802.1p   not DSCP though.

 

Message 4 of 6 (209 Views)
 
Reply
juniper-mike
Visitor
juniper-mike
Posts: 7
Registered: ‎08-13-2011
0

Re: SRX240 802.1p CoS classifier help please, i just need to mark not police.

[ Edited ]
Options

‎10-06-2011 02:55 PM - edited ‎10-06-2011 02:56 PM

sorted, i had to use a hub to be able to see the priority level in the 802.1q tag :smileyhappy:   it was working all along my monitoring was flawed. i'll post up my configs for others at the weekend.

Message 5 of 6 (195 Views)
 
Reply
Distinguished Expert
Distinguished Expert
pk
Posts: 676
Registered: ‎10-09-2008
0

Re: SRX240 802.1p CoS classifier help please, i just need to mark not police.

Options

‎10-06-2011 11:35 PM

Glad that it is working now. Please also post your software version.

Best Regards,
Peter (PK)

Juniper Ambassador, Juniper Networks Certified Instructor,
JNCIE-SEC, JNCIP-(M,ENT) JNCIS-(SA,AC,FWV) JNCIA-(IDP,WX)
[Juniper Authorized Education & Support in Russia]
Message 6 of 6 (185 Views)
 
Reply
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.