> You should be classifying on ingress.
> Classification is only for 'internal' treatment. Then you do rewrite on
> egress interface
Actually, You can apply multifield classifiers either at ingress or egress.
Either way works fine; unless the traffic itself is sourced from the RE (bug in
MX).
The config actually looks correct a first glance (filling in the missing pieces
in my mind, of the stanzas that I assume that are there, like a scheduler-map
against interface ae1 so you're not using the default 2-queues..), and assuming
this is transiting traffic.
Try doing a:
then {
loss-priority low;
forwarding-class FWDCLASS;
count matched-a-packet;
accept;
}
then "show firewall" to see if the counter increases (and hence you're actually
matching the correct source IP).
what does 'show interfaces ae1 extensive show' for forwarding class 5? (in
terms of byte counts). i.e. clear the counters first, then run some traffic
through it, and ensure the outgoing traffic gets queued up in fwding class 5.
Feel free to contact me offline as well.
- CK.
_______________________________________________
juniper-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/juniper-nsp
