QoS marking on CPU sourced packets
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎12-29-2015 10:06 AM
Here's a scenario where I can't quite work out if what I'm trying to do is even possible, let alone how to do it...
Imagine you have two switches (in this exact instance, I have an X460 at both ends) that are used to terminate a fibre link between two locations on a network. This link carries most of its traffic at layer 3 - so it is basically a /30 point-to-point subnet. There are a couple of L2 VLANs, but ignore those for the purposes of this question.
Now throw in a routing protocol (I'm using BGP, but OSPF or IS-IS would have the same problem) to announce routes in both directions.
If there is a large flood of traffic - imagine a bit of a DoS against a server at the far end of the link - I want to ensure that the routing protocol packets are prioritized, so the routing doesn't fall over and everything stops.
Now here's the tricky part - the BGP/OSPF/IS-IS/RIP(!) packets are originated from the CPU, so I can't just whack an ingress ACL on a port to match them and set a higher qosprofile for those packets. Is there any way to set the qos profile (or alternatively, set the DSCP bits and then use diffserv replacement) in this instance?
Or am in in a situation where the only way to do this is to stick a router at each end, so there is an ingress port to put the ACL on?
Thanks
Paul.
Imagine you have two switches (in this exact instance, I have an X460 at both ends) that are used to terminate a fibre link between two locations on a network. This link carries most of its traffic at layer 3 - so it is basically a /30 point-to-point subnet. There are a couple of L2 VLANs, but ignore those for the purposes of this question.
Now throw in a routing protocol (I'm using BGP, but OSPF or IS-IS would have the same problem) to announce routes in both directions.
If there is a large flood of traffic - imagine a bit of a DoS against a server at the far end of the link - I want to ensure that the routing protocol packets are prioritized, so the routing doesn't fall over and everything stops.
Now here's the tricky part - the BGP/OSPF/IS-IS/RIP(!) packets are originated from the CPU, so I can't just whack an ingress ACL on a port to match them and set a higher qosprofile for those packets. Is there any way to set the qos profile (or alternatively, set the DSCP bits and then use diffserv replacement) in this instance?
Or am in in a situation where the only way to do this is to stick a router at each end, so there is an ingress port to put the ACL on?
Thanks
Paul.
3 REPLIES 3
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-05-2016 09:13 AM
That's excellent news, thank you very much.
I'll stop worrying about this now.
Paul.
I'll stop worrying about this now.
Paul.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-05-2016 05:30 AM
Hi,
Sorry for the late response.
By default CPU originated protocol packets are mapped to qp8 at egress hardware port with dscp value marked as 48 .So control packets never get drop due to congestion at egress port provided scheduling algorithm used is strict priority for qp8 on that egress port.
Regards,
Prabhakar MV
Sorry for the late response.
By default CPU originated protocol packets are mapped to qp8 at egress hardware port with dscp value marked as 48 .So control packets never get drop due to congestion at egress port provided scheduling algorithm used is strict priority for qp8 on that egress port.
Regards,
Prabhakar MV
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-04-2016 10:31 AM
Obviously we're all very quite over Christmas and the New Year 🙂
Anyone have any ideas?
Paul.
Anyone have any ideas?
Paul.
