JUNOS does a weird way of marking packets.. It is done on the egress of the box, not on ingress (there is an exception in a few newer modules that can do this). So it is probably working as the other poster mentioned. Make sure you take this methodology into consideration as it can hinder your granularity of CoS with marking vs passing through and you inadvertently remark traffic you didn't mean to.
On Sat, Oct 13, 2012 at 8:21 AM, Gustavo Santos <[email protected]>wrote: > Doug and Hanks @juniper. I had to left the office and leave configuration > as is. On monday I will update you after verify what you have pointed, > > What I can tell is that I didn't have made any modification on the systems > default class of service / mapping configuration. > > Thank you! > > Gustavo Santos > Analista de Redes > CCNA , MTCNA , MTCRE, MTCINE, JUNCIA-ER > > > > 2012/10/13 Harry Reynolds <[email protected]> > > > Doug raises some good points. > > > > Also, for testing, perhaps add some counters to the terms to aid in > > confirming matches. You may also want to show config | display > > detail/inheritance to see if the prefix list is expanding as you expect. > > > > Regards > > > > > > > > -----Original Message----- > > From: [email protected] [mailto: > > [email protected]] On Behalf Of Doug Hanks > > Sent: Friday, October 12, 2012 9:36 PM > > To: Gustavo Santos; [email protected] > > Subject: Re: [j-nsp] WAN input prioritization on MX > > > > I'm sure it's working just fine. Are you checking the egress interface to > > see if the traffic is being marked and queued properly? A common mistake > is > > to check the ingress interface queues. > > > > > > If this doesn't work, we would need to see your entire class-of-service > > configuration. > > > > On 10/12/12 6:04 PM, "Gustavo Santos" <[email protected]> wrote: > > > > >Hi, > > > > > >I'm new on Juniper class of service / shaping. I'm reading some tech > > >docs from Juniper and a Juniper's MX book, but it's kind tricky. > > >Today I get asked to do a pretty simple configuration, but I tried some > > >settings but none of then worked. Any of you guys can help me with that? > > > > > >What I want to achieve is pretty (conceptualy speaking) simple. I have > > >a Gig interface and want to rate limit the interface at 500Mbits , mark > > >a destination subnet with expedited forwarding class, mark anything > > >else with best effort. I tried the config below but it's not working. > > >The rate-limit works but the prioritization isn't. > > > > > > > > > > > > > > >gustavo@MX5-1> show configuration firewall family inet filter > > >wan-control physical-interface-filter; term high-priority { > > > from { > > > destination-prefix-list { > > > high-priority-dst; > > > } > > > } > > > then { > > > policer limit500; > > > loss-priority low; > > > forwarding-class expedited-forwarding; > > > } > > >} > > >term else { > > > then { > > > policer limit500; > > > loss-priority high; > > > forwarding-class best-effort > > > } > > > > > > > > >( policer limit500) > > >physical-interface-policer; > > >if-exceeding { > > > bandwidth-limit 480m; (set the value lower to check policer > > >working.. > > >but it wasn't as desired) > > > burst-size-limit 625k; > > >} > > >then discard; > > > > > >then the filter was applied on the interface family inet filter input > > >wan-control > > > > > >Gustavo Santos > > >Analista de Redes > > >CCNA , MTCNA , MTCRE, MTCINE, JUNCIA-ER > > >_______________________________________________ > > >juniper-nsp mailing list [email protected] > > >https://puck.nether.net/mailman/listinfo/juniper-nsp > > > > > > > > > > > _______________________________________________ > > juniper-nsp mailing list [email protected] > > https://puck.nether.net/mailman/listinfo/juniper-nsp > > > > > > > _______________________________________________ > juniper-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/juniper-nsp > _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
