Ethernet Switching
Highlighted
Ethernet Switching

QOS ingress dscp marking on EX

‎03-30-2017 08:37 AM

     Iam using Multifield classifier using firewall filter to classify the incoming packets based on the source address and trying to mark the dscp for that packet. Iam using set dscp xx and applying the firewall filter to input of the interface, but when i try to sniff the packet from the outgoing interface i dont see the marked dscp values. I know we can use the rewrite rules at the egress to re-mark the packet, was wondering why set dscp is not working.

 

Any information on this greatly appreciated.

 

8 REPLIES 8
Highlighted
Ethernet Switching

Re: QOS ingress dscp marking on EX

‎03-30-2017 09:03 AM

according to

http://www.juniper.net/us/en/local/pdf/implementation-guides/8010073-en.pdf

 

you can change the dscp only in the following ways:

 

Remarking:
Remarking involves changing the QoS priority markings (802.1p or DSCP) for the next hop to act on.
  • -Interface specific rewrite: Binding a rewrite rule to the interface.
  • -Multifield remarking: Using egress firewall filters to remark specific traffic bases. This can only be applied to an L2/L3 physical or logical interface. Multifield remarking firewall filter cannot be bound to a VLAN.

Unfortunately for you ingress MF is not mentioned here

 

regards

 

alexander

Highlighted
Ethernet Switching

Re: QOS ingress dscp marking on EX

‎03-30-2017 10:08 AM

Thanks Alexander for the quick response.

 

Do you know why using dscp in the action field of filter doesnt work. When i commit, i dont see any warning/error message.

Highlighted
Ethernet Switching

Re: QOS ingress dscp marking on EX

‎03-30-2017 08:00 PM

HI

 

Could you try the below 

 

set class-of-service rewrite-rules dscp VOICE-DSCP-REWRITE import default
set class-of-service rewrite-rules dscp VOICE-DSCP-REWRITE forwarding-class VOICE-EF-CLASS loss-priority low code-point ef
set class-of-service rewrite-rules dscp VOICE-DSCP-REWRITE forwarding-class assured-forwarding loss-priority low code-point af32
set class-of-service rewrite-rules dscp VOICE-DSCP-REWRITE forwarding-class assured-forwarding loss-priority high code-point af32
set class-of-service rewrite-rules dscp VOICE-DSCP-REWRITE forwarding-class network-control loss-priority low code-point cs7
set class-of-service rewrite-rules dscp VOICE-DSCP-REWRITE forwarding-class network-control loss-priority high code-point cs6
set class-of-service rewrite-rules dscp VOICE-DSCP-REWRITE forwarding-class best-effort loss-priority low code-point be

set class-of-service interfaces ge-* unit 0 rewrite-rules dscp VOICE-DSCP-REWRITE

 

Thanks

Partha 

Highlighted
Ethernet Switching

Re: QOS ingress dscp marking on EX

‎03-31-2017 06:52 AM

I have the rewrite dscp working as it is marking the desired dscp values on the outgoing interface, Iam trying to change the dscp values of the packet in the incoming interface using firewall filter. We have an option on the action modifier to set dscp values,here is what i have and trying to understand why this is not working.

 

set firewall family inet filter test term t1 from source-address 1.1.1.1/32

set firewall family inet filter test term t1 then dscp ef

set firewall family inet filter test term t1 then accept

 

set interfaces ge-0/0/0 unit 0 family inet filter input test

 

When i analyze the packet capture on the output interface, i dont see the dscp ef on the packets.

 

Thanks

Highlighted
Ethernet Switching

Re: QOS ingress dscp marking on EX

‎04-03-2017 06:56 PM

HI Velu

 

Are you saying you are just configuring MF without any COS profile?

 

Did you check this example

 

http://www.juniper.net/techpubs/en_US/junos/topics/example/firewall-filter-stateless-example-act-on-...


Thanks

Partha

Highlighted
Ethernet Switching

Re: QOS ingress dscp marking on EX

‎04-04-2017 01:22 AM

Multified classifier only classifies the traffic it does not manipulate the packet header You should check to see if it is being classified. You have not aded the following: 

forwarding-class class-name;
The rewrite rule as you have noticed will change the packet header
[KUDOS PLEASE! If you think I earned it!
If this solution worked for you please flag my post as an "Accepted Solution" so others can benefit..]
Highlighted
Ethernet Switching

Re: QOS ingress dscp marking on EX

‎04-04-2017 10:42 AM

I have added the forwarding class and loss priority on the MF and could see the packets being classified.  so the purpose of setting dscp action modifier on the firewall filter is only used for the classification ?

 

 so, if we need to mark the packets header then it has to be done using the re-write dscp at the egress interface.

 

 

Highlighted
Ethernet Switching

Re: QOS ingress dscp marking on EX

‎11-19-2019 03:50 AM

Yes