SRX Services Gateway
SRX Services Gateway

SRX240 802.1p CoS classifier help please, i just need to mark not police.

10.03.11   |  
‎10-03-2011 12:15 PM

Hi

 

I need to mark some packets not police leaving the SRX on a phsyical interface ge-0/0/15 to telco kit on a 1q trunk

 

The Telco device upstream will police depending on the tagging that i mark.

 

The interface is a trunk and has VLAN id in it i capture with wireshark and a hub.

 

How do i  mark certain frames based on source IP leaving the interface towards the telco device?

 

 

Do i just need to do the following to mark the outgoing 1.q tagged taffic from the 10.10.10.0/24 network?

 

firewall {
    filter mf_class {
        term fromVOICE {
            from {
                address {
                    10.10.10.0/24;
                }
            }
            then {
                loss-priority low;
                forwarding-class expedited-forwarding;
                accept;
            }
        }
    }
}


ge-0/0/15 {
        vlan-tagging;
        unit 100 {
            vlan-id 100;
            family inet {
                filter {
                    output mf_class;
                }
                address 1.1.1.3/28;
            }
        }
    }
}

 thanks for looking

 


 

5 REPLIES
SRX Services Gateway

Re: SRX240 802.1p CoS classifier help please, i just need to mark not police.

10.03.11   |  
‎10-03-2011 12:19 PM

Hi

 

You will also need to configure rewrite-rules. See for example this thread

 

http://forums.juniper.net/t5/SRX-Services-Gateway/How-to-set-802-1p-Cos/m-p/110554

 

please tell me if this works for you.

Best Regards,
PK

Juniper Ambassador, Juniper Networks Certified Instructor,
JNCIE-SEC #98, JNCIE-ENT #393, JNCIE-SP #2253
[Juniper Authorized Education & Support in Russia]
SRX Services Gateway

Re: SRX240 802.1p CoS classifier help please, i just need to mark not police.

10.03.11   |  
‎10-03-2011 12:56 PM

thankyou pk , im looking forward to getting back into work tomorrow to test it out.

(i wish i'd of brought the kit home)

SRX Services Gateway

Re: SRX240 802.1p CoS classifier help please, i just need to mark not police.

10.04.11   |  
‎10-04-2011 01:24 PM

i've managed to get DSCP rewrite working, but the 802.1p doesnt work, never changes from 000

 

i need 802.1p   not DSCP though.

 

SRX Services Gateway

Re: SRX240 802.1p CoS classifier help please, i just need to mark not police.

[ Edited ]
10.06.11   |  
‎10-06-2011 02:55 PM

sorted, i had to use a hub to be able to see the priority level in the 802.1q tag Smiley Happy   it was working all along my monitoring was flawed. i'll post up my configs for others at the weekend.

SRX Services Gateway

Re: SRX240 802.1p CoS classifier help please, i just need to mark not police.

10.06.11   |  
‎10-06-2011 11:35 PM

Glad that it is working now. Please also post your software version.

Best Regards,
PK

Juniper Ambassador, Juniper Networks Certified Instructor,
JNCIE-SEC #98, JNCIE-ENT #393, JNCIE-SP #2253
[Juniper Authorized Education & Support in Russia]