On Tuesday, January 14, 2014 12:39:34 AM John Neiberger wrote: > It doesn't have a forwarding class named VOIP-BEARER at > all. So, how in the world does matching on a forwarding > class in a firewall filter work? How does the filter > know which forwarding class is being referenced if you > match on a forwarding class? And in my case, the egress > interface does not have a forwarding class with that > name in the classifier associated with the interface, so > what is the firewall filter even matching?
Junos classifiers (BA behaviour classification) are an ingress feature. They look at the TC and assign that traffic to a forwarding class based on the TC value. On egress, the schedulers then de-queue traffic based on the scheduler. The scheduler takes its information from properties configured for a forwarding class. My suggestion, rather than match on forwarding class, why don't you match on TC value, e.g., "from dscp" or "from exp" or "from learn-vlan-1p-priority"? > Junos class of service is the bane of my existence. Once > in a while I think I have it figured out how all these > pieces fit together, but then something like this comes > up and ruins my fantasy. :-) You and me both. I have to admit that hardware constraints aside (which applies to all vendors anyway), I still find Cisco's flexibility with MQC better. That said, things are happening on the Juniper side. I hope to give more details in the near future. Cheers, Mark.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp