Hi all,
There seems to be a bug with this feature. http://www.juniper.net/techpubs/en_US/junos10.0/information-products/topic-collections/config-guide-cos/cos-assigning-fc-dscp-to-re-pkts.html Once I apply the Firewall Filter with QoS term on loopback interface, it does not seem to change the default behaviour. I tried host-outbound-traffic feature, which assign a forwarding class, and I can set DSCP for all traffic generated by RE, which works as it says, but I want a finer control. Here's the config I have: [edit firewall family inet] lab@MX5# show filter RE-Protection-And-CoS { term OSPF { from { protocol ospf; } then { forwarding-class Network-Control; dscp cs7; } } term TELNET { from { protocol tcp; port telnet; } /* Demonstration purpose - Put on another queue */ then { forwarding-class Gold; dscp cs3; } } /* Keep default behaviour */ term OTHERS { then accept; } } [edit interfaces lo0] lab@MX5# show unit 0 { family inet { filter { output RE-Protection-And-CoS; } } } /* Forwarding class definition, etc are not shown */ lab@MX5# commit *This does not seem to do anything. CoS marking is the same as the default behaviour.* lab@MX5> monitor traffic interface ge-1/0/0 no-resolve detail *OSPF* 11:18:53.217416 In IP (*tos 0xc0*, ttl 1, id 55089, offset 0, flags [none], proto: OSPF (89), length: 80) 10.1.1.2 > 224.0.0.5: OSPFv2, Hello, length 60 [len 48] Router-ID 10.1.1.2, Backbone Area, Authentication Type: none (0) Options [External, LLS] Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.0, Priority 128 Designated Router 10.1.1.1, Backup Designated Router 10.1.1.2 Neighbor List: 10.1.1.1 LLS: checksum: 0xfff6, length: 3 Extended Options (1), length: 4 Options: 0x00000001 [LSDB resync] 11:18:53.968184 Out IP (*tos 0xc0*, ttl 1, id 55102, offset 0, flags [none], proto: OSPF (89), length: 80) 10.1.1.1 > 224.0.0.5: OSPFv2, Hello, length 60 [len 48] Router-ID 10.1.1.1, Backbone Area, Authentication Type: none (0) Options [External, LLS] Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.0, Priority 128 Designated Router 10.1.1.1, Backup Designated Router 10.1.1.2 Neighbor List: 10.1.1.2 LLS: checksum: 0xfff6, length: 3 Extended Options (1), length: 4 Options: 0x00000001 [LSDB resync] *PING* 11:21:39.110220 Out IP (*tos 0x0*, ttl 64, id 57119, offset 0, flags [none], proto: ICMP (1), length: 84) 10.1.1.1 > 10.1.1.2: ICMP echo request, id 19937, seq 0, length 64 11:21:39.110684 In IP (*tos 0x0*, ttl 64, id 57122, offset 0, flags [none], proto: ICMP (1), length: 84) 10.1.1.2 > 10.1.1.1: ICMP echo reply, id 19937, seq 0, length 64 *TELNET* 11:41:10.988010 In IP (tos 0x10, ttl 64, id 8376, offset 0, flags [DF], proto: TCP (6), length: 54) 10.1.1.2.61468 > 10.1.1.1.telnet: P 3181355086:3181355088(2) ack 436609309 win 33304 <nop,nop,timestamp 976623188 976594278> 11:41:10.988944 Out IP (tos 0x10, ttl 64, id 8379, offset 0, flags [DF], proto: TCP (6), length: 56) 10.1.1.1.telnet > 10.1.1.2.61468: P 1:5(4) ack 2 win 33304 <nop,nop,timestamp 976623190 976623188> 11:41:11.067600 In IP (tos 0x10, ttl 64, id 8383, offset 0, flags [DF], proto: TCP (6), length: 54) 10.1.1.2.61468 > 10.1.1.1.telnet: P 2:4(2) ack 5 win 33304 <nop,nop,timestamp 976623268 976623190> 11:41:11.067635 Out IP (tos 0x10, ttl 64, id 8386, offset 0, flags [DF], proto: TCP (6), length: 63) 10.1.1.1.telnet > 10.1.1.2.61468: P 5:16(11) ack 4 win 33303 <nop,nop,timestamp 976623268 976623268> *This behaviour is not what I expected. Does anyone experience the same issue, please?* _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
