subject:"\[j\-nsp\] MX ping \- ToS overrided"

[j-nsp] MX ping - ToS overrided

2014-01-22 Thread Arash Alizadeh

Hi,
 
I'm experiencing issues when initating ToS ping from MX devices. The specified 
ToS argument just seems to be overrided to dec 192 when leaving the interface.
 
I verified this with the traffic monitor on the egress interface:
 
user@node ping 8.8.8.8 tos 96 
64 bytes from 8.8.8.8: icmp_seq=0 ttl=246 time=15.675 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=246 time=15.385 ms
 
user@node monitor traffic interface xe-0/0/0.0 extensive matching icmp 
PFE proto 2 (ipv4): (tos 0xc0, ttl 255, id 16332, offset 0, flags [none], 
proto: ICMP (1), length: 84) x.x.x.x  8.8.8.8: ICMP echo reply, id 47826, seq 
0, length 64
14:06:58.721197 Out 
 
I've tried this on 11.4R6.6 and 12.3R4-S2 (ppc and 64-bit) boxes with the same 
result.
 
Did anyone else ran into this issue? 
Any input is appriciated. 
 
Regards,
Arash
  
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] MX ping - ToS overrided

2014-01-22 Thread david.roy

Not the case with 12.3R4 for me :

ping 8.8.8.8 tos 96 

15:37:03.950763 Out IP (tos 0x60, ttl  64, id 64980, offset 0, flags [none], 
proto: ICMP (1), length: 84) X.X.X.X  8.8.8.8: ICMP echo request, id 34658, 
seq 3, length 64

Do you have host-inbound-traffic knob or Output FWF on lo0 that rewrites 
control plane ? 


 
David Roy 
IP/MPLS NOC engineer - Orange France
Ph. : +33 2 99 87 64 72
Mob. : +33 6 85 52 22 13
SkypeID : davidroy.35
david@orange.com
 
JNCIE x3 (SP #703 ; ENT #305 ; SEC #143)



-Message d'origine-
De : juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] De la part de 
Arash Alizadeh
Envoyé : mercredi 22 janvier 2014 15:22
À : juniper-nsp@puck.nether.net
Objet : [j-nsp] MX ping - ToS overrided

Hi,
 
I'm experiencing issues when initating ToS ping from MX devices. The specified 
ToS argument just seems to be overrided to dec 192 when leaving the interface.
 
I verified this with the traffic monitor on the egress interface:
 
user@node ping 8.8.8.8 tos 96
64 bytes from 8.8.8.8: icmp_seq=0 ttl=246 time=15.675 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=246 time=15.385 ms
 
user@node monitor traffic interface xe-0/0/0.0 extensive matching icmp PFE 
proto 2 (ipv4): (tos 0xc0, ttl 255, id 16332, offset 0, flags [none], proto: 
ICMP (1), length: 84) x.x.x.x  8.8.8.8: ICMP echo reply, id 47826, seq 0, 
length 64
14:06:58.721197 Out 
 
I've tried this on 11.4R6.6 and 12.3R4-S2 (ppc and 64-bit) boxes with the same 
result.
 
Did anyone else ran into this issue? 
Any input is appriciated. 
 
Regards,
Arash
  
___
juniper-nsp mailing list juniper-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/juniper-nsp

_

Ce message et ses pieces jointes peuvent contenir des informations 
confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce 
message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages 
electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou 
falsifie. Merci.

This message and its attachments may contain confidential or privileged 
information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete 
this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been 
modified, changed or falsified.
Thank you.


___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] MX ping - ToS overrided

2014-01-22 Thread david.roy

I meant host-outbound-traffic ;) 

 
David Roy 
IP/MPLS NOC engineer - Orange France
Ph. : +33 2 99 87 64 72
Mob. : +33 6 85 52 22 13
SkypeID : davidroy.35
david@orange.com
 
JNCIE x3 (SP #703 ; ENT #305 ; SEC #143)



-Message d'origine-
De : juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] De la part de 
david@orange.com
Envoyé : mercredi 22 janvier 2014 15:39
À : 'Arash Alizadeh'; juniper-nsp@puck.nether.net
Objet : Re: [j-nsp] MX ping - ToS overrided

Not the case with 12.3R4 for me :

ping 8.8.8.8 tos 96 

15:37:03.950763 Out IP (tos 0x60, ttl  64, id 64980, offset 0, flags [none], 
proto: ICMP (1), length: 84) X.X.X.X  8.8.8.8: ICMP echo request, id 34658, 
seq 3, length 64

Do you have host-inbound-traffic knob or Output FWF on lo0 that rewrites 
control plane ? 


 
David Roy
IP/MPLS NOC engineer - Orange France
Ph. : +33 2 99 87 64 72
Mob. : +33 6 85 52 22 13
SkypeID : davidroy.35
david@orange.com
 
JNCIE x3 (SP #703 ; ENT #305 ; SEC #143)



-Message d'origine-
De : juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] De la part de 
Arash Alizadeh Envoyé : mercredi 22 janvier 2014 15:22 À : 
juniper-nsp@puck.nether.net Objet : [j-nsp] MX ping - ToS overrided

Hi,
 
I'm experiencing issues when initating ToS ping from MX devices. The specified 
ToS argument just seems to be overrided to dec 192 when leaving the interface.
 
I verified this with the traffic monitor on the egress interface:
 
user@node ping 8.8.8.8 tos 96
64 bytes from 8.8.8.8: icmp_seq=0 ttl=246 time=15.675 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=246 time=15.385 ms
 
user@node monitor traffic interface xe-0/0/0.0 extensive matching icmp PFE 
proto 2 (ipv4): (tos 0xc0, ttl 255, id 16332, offset 0, flags [none], proto: 
ICMP (1), length: 84) x.x.x.x  8.8.8.8: ICMP echo reply, id 47826, seq 0, 
length 64
14:06:58.721197 Out 
 
I've tried this on 11.4R6.6 and 12.3R4-S2 (ppc and 64-bit) boxes with the same 
result.
 
Did anyone else ran into this issue? 
Any input is appriciated. 
 
Regards,
Arash
  
___
juniper-nsp mailing list juniper-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/juniper-nsp

_

Ce message et ses pieces jointes peuvent contenir des informations 
confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites 
ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez 
le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les 
messages electroniques etant susceptibles d'alteration, Orange decline toute 
responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged 
information that may be protected by law; they should not be distributed, used 
or copied without authorisation.
If you have received this email in error, please notify the sender and delete 
this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been 
modified, changed or falsified.
Thank you.


___
juniper-nsp mailing list juniper-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/juniper-nsp

_

Ce message et ses pieces jointes peuvent contenir des informations 
confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce 
message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages 
electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou 
falsifie. Merci.

This message and its attachments may contain confidential or privileged 
information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete 
this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been 
modified, changed or falsified.
Thank you.


___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] MX ping - ToS overrided

2014-01-22 Thread Arash Alizadeh

Hi David,
 
Thank's for this input.
Appears that host-outbound-traffic is active in the boxes which causes the 
rewrite. One could argue if this is reasonable to use, but it is infact the 
case at the moment.
 
Thanks again.
 
Regards,
Arash
 
 From: david@orange.com
 To: david@orange.com; aras...@hotmail.se; juniper-nsp@puck.nether.net
 Date: Wed, 22 Jan 2014 15:40:50 +0100
 Subject: RE: [j-nsp] MX ping - ToS overrided
 
 I meant host-outbound-traffic ;) 
 
  
 David Roy 
 IP/MPLS NOC engineer - Orange France
 Ph. : +33 2 99 87 64 72
 Mob. : +33 6 85 52 22 13
 SkypeID : davidroy.35
 david@orange.com
  
 JNCIE x3 (SP #703 ; ENT #305 ; SEC #143)
 
 
 
 -Message d'origine-
 De : juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] De la part de 
 david@orange.com
 Envoyé : mercredi 22 janvier 2014 15:39
 À : 'Arash Alizadeh'; juniper-nsp@puck.nether.net
 Objet : Re: [j-nsp] MX ping - ToS overrided
 
 Not the case with 12.3R4 for me :
 
 ping 8.8.8.8 tos 96 
 
 15:37:03.950763 Out IP (tos 0x60, ttl  64, id 64980, offset 0, flags [none], 
 proto: ICMP (1), length: 84) X.X.X.X  8.8.8.8: ICMP echo request, id 34658, 
 seq 3, length 64
 
 Do you have host-inbound-traffic knob or Output FWF on lo0 that rewrites 
 control plane ? 
 
 
  
 David Roy
 IP/MPLS NOC engineer - Orange France
 Ph. : +33 2 99 87 64 72
 Mob. : +33 6 85 52 22 13
 SkypeID : davidroy.35
 david@orange.com
  
 JNCIE x3 (SP #703 ; ENT #305 ; SEC #143)
 
 
 
 -Message d'origine-
 De : juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] De la part de 
 Arash Alizadeh Envoyé : mercredi 22 janvier 2014 15:22 À : 
 juniper-nsp@puck.nether.net Objet : [j-nsp] MX ping - ToS overrided
 
 Hi,
  
 I'm experiencing issues when initating ToS ping from MX devices. The 
 specified ToS argument just seems to be overrided to dec 192 when leaving the 
 interface.
  
 I verified this with the traffic monitor on the egress interface:
  
 user@node ping 8.8.8.8 tos 96
 64 bytes from 8.8.8.8: icmp_seq=0 ttl=246 time=15.675 ms
 64 bytes from 8.8.8.8: icmp_seq=1 ttl=246 time=15.385 ms
  
 user@node monitor traffic interface xe-0/0/0.0 extensive matching icmp PFE 
 proto 2 (ipv4): (tos 0xc0, ttl 255, id 16332, offset 0, flags [none], proto: 
 ICMP (1), length: 84) x.x.x.x  8.8.8.8: ICMP echo reply, id 47826, seq 0, 
 length 64
 14:06:58.721197 Out 
  
 I've tried this on 11.4R6.6 and 12.3R4-S2 (ppc and 64-bit) boxes with the 
 same result.
  
 Did anyone else ran into this issue? 
 Any input is appriciated. 
  
 Regards,
 Arash
 
 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net 
 https://puck.nether.net/mailman/listinfo/juniper-nsp
 
 _
 
 Ce message et ses pieces jointes peuvent contenir des informations 
 confidentielles ou privilegiees et ne doivent donc pas etre diffuses, 
 exploites ou copies sans autorisation. Si vous avez recu ce message par 
 erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les 
 pieces jointes. Les messages electroniques etant susceptibles d'alteration, 
 Orange decline toute responsabilite si ce message a ete altere, deforme ou 
 falsifie. Merci.
 
 This message and its attachments may contain confidential or privileged 
 information that may be protected by law; they should not be distributed, 
 used or copied without authorisation.
 If you have received this email in error, please notify the sender and delete 
 this message and its attachments.
 As emails may be altered, Orange is not liable for messages that have been 
 modified, changed or falsified.
 Thank you.
 
 
 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net 
 https://puck.nether.net/mailman/listinfo/juniper-nsp
 
 _
 
 Ce message et ses pieces jointes peuvent contenir des informations 
 confidentielles ou privilegiees et ne doivent donc
 pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu 
 ce message par erreur, veuillez le signaler
 a l'expediteur et le detruire ainsi que les pieces jointes. Les messages 
 electroniques etant susceptibles d'alteration,
 Orange decline toute responsabilite si ce message a ete altere, deforme ou 
 falsifie. Merci.
 
 This message and its attachments may contain confidential or privileged 
 information that may be protected by law;
 they should not be distributed, used or copied without authorisation.
 If you have received this email in error, please notify the sender and delete 
 this message and its attachments.
 As emails may be altered, Orange is not liable for messages that have been 
 modified, changed or falsified.
 Thank you

Re: [j-nsp] MX ping - ToS overrided

2014-01-22 Thread Alex Arseniev


You are monitoring ToS in ICMP ECHO REPLY, not request.
And that can be set/overridden anywhere by QoS policies, i.e.
- on Google DNS server 8.8.8.8 itself
- on any transit network
HTH
Thanks
Alex

On 22/01/2014 14:21, Arash Alizadeh wrote:

Hi,
  
I'm experiencing issues when initating ToS ping from MX devices. The specified ToS argument just seems to be overrided to dec 192 when leaving the interface.
  
I verified this with the traffic monitor on the egress interface:
  
user@node ping 8.8.8.8 tos 96

64 bytes from 8.8.8.8: icmp_seq=0 ttl=246 time=15.675 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=246 time=15.385 ms
  
user@node monitor traffic interface xe-0/0/0.0 extensive matching icmp

PFE proto 2 (ipv4): (tos 0xc0, ttl 255, id 16332, offset 0, flags [none], proto: 
ICMP (1), length: 84) x.x.x.x  8.8.8.8: ICMP echo reply, id 47826, seq 0, 
length 64
14:06:58.721197 Out
  
I've tried this on 11.4R6.6 and 12.3R4-S2 (ppc and 64-bit) boxes with the same result.
  
Did anyone else ran into this issue?

Any input is appriciated.
  
Regards,

Arash

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp


___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] MX ping - ToS overrided

2014-01-22 Thread Serge Vautour

If you're capturing your outbound ping packet, why does the capture show echo 
reply? Shouldn't you be capturing the echo request?

Serge





 From: Arash Alizadeh aras...@hotmail.se
To: juniper-nsp@puck.nether.net juniper-nsp@puck.nether.net 
Sent: Wednesday, January 22, 2014 10:21:44 AM
Subject: [j-nsp] MX ping - ToS overrided
 

Hi,

I'm experiencing issues when initating ToS ping from MX devices. The specified 
ToS argument just seems to be overrided to dec 192 when leaving the interface.

I verified this with the traffic monitor on the egress interface:

user@node ping 8.8.8.8 tos 96 
64 bytes from 8.8.8.8: icmp_seq=0 ttl=246 time=15.675 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=246 time=15.385 ms

user@node monitor traffic interface xe-0/0/0.0 extensive matching icmp 
PFE proto 2 (ipv4): (tos 0xc0, ttl 255, id 16332, offset 0, flags [none], 
proto: ICMP (1), length: 84) x.x.x.x  8.8.8.8: ICMP echo reply, id 47826, seq 
0, length 64
14:06:58.721197 Out 

I've tried this on 11.4R6.6 and 12.3R4-S2 (ppc and 64-bit) boxes with the same 
result.

Did anyone else ran into this issue? 
Any input is appriciated. 

Regards,
Arash
                          
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] MX ping - ToS overrided

Re: [j-nsp] MX ping - ToS overrided

Re: [j-nsp] MX ping - ToS overrided

Re: [j-nsp] MX ping - ToS overrided

Re: [j-nsp] MX ping - ToS overrided

Re: [j-nsp] MX ping - ToS overrided

6 matches

Site Navigation

Mail list logo

Footer information