Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Announcement: Our new, consolidated Junos CLI Reference is now available.

close
external-header-nav
keyboard_arrow_up
close
keyboard_arrow_left
list Table of Contents
file_download PDF
keyboard_arrow_right

Using Multifield Classifiers to Set Packet Loss Priority

date_range 13-Jan-21

This topic describes how to use and configure multifield classifiers to set the loss priority of incoming or outgoing packets.

Multifield classifiers take action on incoming or outgoing packets, depending on whether the firewall rule is applied as an input filter or an output filter. When tricolor marking (TCM) is enabled, Juniper Networks M320 Multiservice Edge Routers and T Series Core Routers support four multifield classifier packet loss priority (PLP) designations: low, medium-low, medium-high, and high.

To configure the PLP for a multifield classifier, include the loss-priority statement in a policer or firewall filter that you configure at the at the [edit firewall] hierarchy level:

The inputs (match conditions) for a multifield classifier are one or more of the six packet header fields: destination address, source address, IP protocol, source port, destination port, and DSCP. The outputs for a multifield classifier are the forwarding class and the loss priority (PLP). A multifield classifier sets the forwarding class and the PLP for each packet entering or exiting the interface with a specific destination address, source address, IP protocol, source port, destination port, or DSCP.

In the following sample procedure, the forwarding class expedited-forwarding and PLP medium-high are assigned to all IPv4 packets with the 10.1.1.0/24 or 10.1.2.0/24 source address.

To use the classifier in this sample procedure, you must configure the settings for the expedited-forwarding forwarding class at the [edit class-of-service forwarding-classes queue queue-number expedited-forwarding] hierarchy level. For more information, see Understanding How Forwarding Classes Assign Classes to Output Queues.

  1. Under the firewall statement, specify the protocol family as IPv4 (inet) and specify a name for the filter.
    content_copy zoom_out_map
    edit
    user@host# edit firewall family inet filter classify-customers
    
  2. Specify the term name and match criteria you want to look for in incoming packets.
    content_copy zoom_out_map
    [edit firewall family inet filter classify-customers]
    user@host# set term isp1-customers from source-address 10.1.1.0/24
    user@host# set term isp1-customers from source-address 10.1.2.0/24
    
  3. Specify the action you want to take when a packet matches the conditions.
    content_copy zoom_out_map
    [edit firewall family inet filter classify-customers]
    user@host# set term isp1-customers then loss-priority medium-high
    user@host# set term isp1-customers then forwarding-class medium-high
    
  4. Verify your configuration.
    content_copy zoom_out_map
    [edit firewall]
    user@host# show
    
    content_copy zoom_out_map
     filter classify-customers {
            term isp1-customers {
                from {
                    source-address {
                        10.1.1.0/24;
                        10.1.2.0/24;
                    }
                }
                then {
                    loss-priority medium-low;
                    forwarding-class assured-forwarding;
                }
            }
        }
    
  5. Save your configuration.
    content_copy zoom_out_map
    [edit firewall]
    user@host# commit
    
external-footer-nav