Hi everyone.
Please consider the folowing example:
SRX1--F0/0/3 -35.35.35.1----->Network
Both NTP and PIM traffic egresses fe0/0/3
Please ignore nay typo in the command as I typed these commands not copy and paste from the device.
All NTP and PIM must be marked with DSCP 38, and placed in NETWORK CONTROL CLASS on eggress fe-0/0/3.
NTP set up:
set system ntp server 35.35.35.3
set protocol pim interface fe-0/0/3.0 mode dense
set firewall family inet filter NTP term NTP from protocol udp
set firewall family inet filter NTP term NTP from port 123
set firewall family inet filter NTP term NTP then forwarding-class NETWORK
set firewall family inet filter NTP term NTP then accept
set firewall famiy inet filter NTP term ALL-ELSE then accept
set interface lo0.0 family inet filter output NTP
Forwarding class--NETWORK--Q7
Classifier TOM
DSCP 111000<--> Forwarding class NETWORK
Rewrite rule TOM NETWORK CLASS--> DSCPX38
interface fe-0/0/3 .0 rewrite rule TOM
I can see NTP DSCP is modified in capture and also NTP traffic queued in right Network Class Queue on fe-0/0/3
But when I do the same thing for PIM , the default value are not changed.
For example:
set firewall family inet filter PIM term PIM from protocol pim
set firewall family inet filter PIM term NTP then forwarding-class NETWORK
set firewall family inet filter PIM term NTP then accept
set firewall famiy inet filter PIM term ALL-ELSE then accept
set interface lo0.0 family inet filter output PIM
When I look at capture, I do not see DSCP modified to x38 , it uses default x30.
I also tried Outbound filter on fe0/0/3 to send traffic PIM into NETWORK class, but it did not work.
Is there some bug associated with this? because I can not understand ntp traffic DSCP modified as desired but same can not be done for PIM.
Thanks