Header Only - DO NOT REMOVE - Extreme Networks

QoS marking on CPU sourced packets


Userlevel 3
Here's a scenario where I can't quite work out if what I'm trying to do is even possible, let alone how to do it...

Imagine you have two switches (in this exact instance, I have an X460 at both ends) that are used to terminate a fibre link between two locations on a network. This link carries most of its traffic at layer 3 - so it is basically a /30 point-to-point subnet. There are a couple of L2 VLANs, but ignore those for the purposes of this question.

Now throw in a routing protocol (I'm using BGP, but OSPF or IS-IS would have the same problem) to announce routes in both directions.

If there is a large flood of traffic - imagine a bit of a DoS against a server at the far end of the link - I want to ensure that the routing protocol packets are prioritized, so the routing doesn't fall over and everything stops.

Now here's the tricky part - the BGP/OSPF/IS-IS/RIP(!) packets are originated from the CPU, so I can't just whack an ingress ACL on a port to match them and set a higher qosprofile for those packets. Is there any way to set the qos profile (or alternatively, set the DSCP bits and then use diffserv replacement) in this instance?

Or am in in a situation where the only way to do this is to stick a router at each end, so there is an ingress port to put the ACL on?

Thanks

Paul.

5 replies

Userlevel 3
Obviously we're all very quite over Christmas and the New Year 🙂

Anyone have any ideas?

Paul.
Hi,



Sorry for the late response.



By default CPU originated protocol packets are mapped to qp8 at egress hardware port with dscp value marked as 48 .So control packets never get drop due to congestion at egress port provided scheduling algorithm used is strict priority for qp8 on that egress port.



Regards,

Prabhakar MV
You can also include don grosser he can provide more details on this
Userlevel 3
That's excellent news, thank you very much.

I'll stop worrying about this now.

Paul.
Also please cross check this from developer owner Don grosser

Reply