SRX Services Gateway
Highlighted
SRX Services Gateway

Class of Service on SRX

‎11-26-2014 08:10 AM

Hi,

 

I need to prioritize some traffic on an SRX box. I have a simple configuration (only relevant parts included):

 

interfaces {
    fe-0/0/0 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ data ];
                }
                native-vlan-id 1;
            }
        }
    }
    vlan {
        unit 1 {
            family inet {
                address XXXX
            }
	}
    }
}

vlans {
    data {
        vlan-id 800;
    }
    default {
        vlan-id 1;
        l3-interface vlan.1;
    }
}

 

fe-0/0/0 is connected to the main network and is where all traffic is going in/out to the box. It has two vlans. The traffic on the ”data” vlan (800) is very sensitive for delays, so I need to give it as high priority as possible. The traffic on vlan 1 should probably have a very low priority.

 

I’ve read about CoS and I’ve made a few tests, but couldn’t get it to work. If I have a small live video stream running through the data vlan, and the same time download a few files over vlan 1, the video stream gets very, very choppy. If no traffic passes over vlan 1, the video stream is totally ok.

 

I’d really appreciate some initial help with this. 🙂

5 REPLIES 5
Highlighted
SRX Services Gateway

Re: Class of Service on SRX

‎11-26-2014 09:19 AM

 

Hi Joeld,

 

Following KB article explains about COS configuration on SRX.

 

http://kb.juniper.net/InfoCenter/index?page=content&id=KB25847&smlogin=true

 

it explains about prioriting TCP traffic but you can use ip address or video traffic accordingly.

 

Regards

 

rparthi

Please Mark My Solution Accepted if it Helped, Kudos are Appreciated Too

 

Highlighted
SRX Services Gateway

Re: Class of Service on SRX

‎11-26-2014 12:35 PM

Hi,

 

I've read it but I can't say it helped me all that much. Anyway, what I tried is to do it like this:

 

interfaces {
    fe-0/0/0 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ data ];
                }
                native-vlan-id 1;
            }
        }
    }
    vlan {
        per-unit-scheduler;
        unit 1 {
            family inet {
                filter {
                    input cos;
                    output cos;
                }
                address XXX;
            }
        }
    }
}
firewall {
    filter cos {
        term tcp-traffic {
            from {
                protocol tcp;
            }
            then {
                forwarding-class best-effort;
                accept;
            }
        }
        term udp-traffic {
            from {
                protocol udp;
            }
            then {
                forwarding-class best-effort;
                accept;
            }
        }
    }
}
vlans {
    data {
        vlan-id 800;
    }
    default {
        vlan-id 1;
        l3-interface vlan.1;
    }
}

 My idea was to lower the priority for all tcp/udp traffic passing vlan 1, but this doesn't seem to have any effect at all. As soon as just about any traffic passes over vlan 1, the video stream on vlan 800 becomes very choppy.

Highlighted
SRX Services Gateway

Re: Class of Service on SRX

‎11-26-2014 07:18 PM

Can you try using the filter as below, this is to give high priority to video traffic compared to other tcp/udp traffic. ( Please chnage the match condition on term video-traffic to either the IP address from where video traffic is originated/destined or use the DSCP value (af41, is just an example))

 

root@SRX240HM-15# show firewall
filter cos {
    term video-traffic {
        from {
            dscp af41;
        }
        then forwarding-class expedited-forwarding;
    }
    term tcp-traffic {
        from {
            protocol tcp;
        }
        then forwarding-class best-effort;
    }
    term udp-traffic {
        from {
            protocol udp;
        }
        then {
            loss-priority high;
            forwarding-class best-effort;
        }
    }
}

 

Thanks,

Suraj

Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too

Thanks,
Suraj
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too
Highlighted
SRX Services Gateway

Re: Class of Service on SRX

‎11-27-2014 12:09 AM

Um, I don't think I can apply a firewall filter on family ethernet-switching on the SRX platform. There is no such option.

Highlighted
SRX Services Gateway

Re: Class of Service on SRX

‎11-27-2014 12:36 AM

Class of service is not supported on l2 interfaces.

I suggested the firewall filter as I can see you have already applied it as below.

 

    vlan {
        per-unit-scheduler;
        unit 1 {
            family inet {
                filter {
                    input cos;
                    output cos;
                }
                address XXX;
            }
        }
    }

 

Thanks,

Suraj

Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too+

Thanks,
Suraj
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too
Feedback