Classification Overview
Packet classification refers to the examination of an incoming packet, which associates the packet with a particular class-of-service (CoS) servicing level. Junos operating system (OS) supports these classifiers:
-
Behavior aggregate (BA) classifiers
-
Multifield (MF) classifiers
-
Default IP precedence classifiers
The total number of classifiers supported on a Services Processing Unit (SPU) is 79. Three classifiers are installed on the SPU as default classifiers in the Layer 3 mode, independent of any CoS configuration, which leaves 76 classifiers that can be configured using the CoS CLI commands. The default classifiers number can vary in future releases or in different modes.
Verify the number of default classifiers installed on the SPU to determine how many classifiers can be configured using the CoS CLI commands.
When both BA and MF classifications are performed on a packet, the MF classification has higher precedence.
In Junos OS, classifiers associate incoming packets with a forwarding class (FC) and packet loss priority (PLP), and, based on the associated FC, assign packets to output queues. A packet’s FC and PLP specify the behavior of a hop, within the system, to process the packet. The per-hop behavior (PHB) comprises packet forwarding, policing, scheduling, shaping, and marking. For example, a hop can put a packet in one of the priority queues according to its FC and then manage the queues by checking the packet's PLP. Junos OS supports up to eight FCs and four PLPs.
Behavior Aggregate Classifiers
A BA classifier operates on a packet as it enters the device. Using BA classifiers, the device aggregates different types of traffic into a single FC so that all the types of traffic will receive the same forwarding treatment. The CoS value in the packet header is the single field that determines the CoS settings applied to the packet. BA classifiers allow you to set a packet’s FC and PLP based on the Differentiated Services (DiffServ) code point (DSCP) value, DSCP IPv4 value, DSCP IPv6 value, IP precedence value, MPLS EXP bits, or IEEE 802.1p value. The default classifier is based on the IP precedence value. For more information, see Default IP Precedence Classifier.
Junos OS performs BA classification for a packet by examining its Layer 2, Layer 3, and related CoS parameters, as shown in Table 1.
Layer |
CoS Parameter |
---|---|
Layer 2 |
IEEE 802.1p value: User Priority |
Layer 3 |
IPv4 precedence IPv4 Differentiated Services code point (DSCP) value IPv6 DSCP value |
If you apply an IEEE 802.1 classifier to a logical interface, this classifier takes precedence over any other classifier type. Classifiers for IEEE 802.1, IP (DSCP or IP precedence), and MPLS (EXP) can coexist on a logical interface.
Multifield Classifiers
An MF classifier is a second means of classifying traffic flows. Unlike the BA classifier, an MF classifier can examine multiple fields in the packet—for example, the source and destination address of the packet, or the source and destination port numbers of the packet. With MF classifiers, you set the FC and PLP based on firewall filter rules.
For a specified interface, you can configure both an MF classifier and a BA classifier without conflicts. Because the classifiers are always applied in sequential order (the BA classifier followed by the MF classifier) any BA classification result is overridden by an MF classifier if they conflict.
Junos OS performs MF traffic classification by directly scrutinizing multiple fields of a packet to classify a packet. This avoids having to rely on the output of the previous BA traffic classification. Junos OS can simultaneously check a packet’s data for Layers 2, 3, 4, and 7, as shown in Table 2.
Layer |
CoS Parameter |
---|---|
Layer 2 |
IEEE 802.1Q: VLAN ID IEEE 802.1p: User priority |
Layer 3 |
IP precedence value DSCP or DSCP IPv6 value Source IP address Destination IP address Protocol ICMP: Code and type |
Layer 4 |
TCP/UDP: Source port TCP/UDP: Destination port TCP: Flags AH/ESP: SPI |
Layer 7 |
Not supported. |
Using Junos OS, you configure an MF classifier with a firewall filter and its associated match conditions. This enables you to use any filter match criterion to locate packets that require classification.
Default IP Precedence Classifier
With Junos OS, all logical interface are automatically assigned a default IP precedence classifier when the logical interface is configured. This default traffic classifier maps IP precedence values to an FC and a PLP as shown in Table 3. These mapping results are in effect for an ingress packet until the packet is further processed by another classification method.
IP Precedence CoS Values |
Forwarding Class |
Packet Loss Priority |
---|---|---|
000 |
best-effort |
low |
001 |
best-effort |
high |
010 |
best-effort |
low |
011 |
best-effort |
high |
100 |
best-effort |
low |
101 |
best-effort |
high |
110 |
network-control |
low |
111 |
network-control |
high |