ON THIS PAGE
Example: Configuring CoS on SRX5000 Firewalls with an MPC
This example shows how to configure CoS on an SRX5000 line firewall with an MPC.
Requirements
This example uses the following hardware and software components:
SRX5600 with an SRX5K-MPC
Junos OS Release 12.1X46-D10 or later for SRX Series
Before you begin:
Understand CoS. See Understanding Class of Service.
Understand chassis cluster configuration. See Example: Configuring an Active/Passive Chassis Cluster on SRX5800 Devices.
Understand chassis cluster redundant interface configuration. See Example: Configuring Chassis Cluster Redundant Ethernet Interfaces.
No special configuration beyond device initialization is required before configuring this feature.
Overview
In this example, you create a behavior aggregate (BA) classifier to classify traffic based on the IEEE 802.1p value of the packet and assign forwarding-class priority queue to the traffic. You then configure the scheduler map and set the priority for the traffic.
By default, the SRX5K-MPC supports eight queues. In this example, you are configuring eight queues.
You apply the BA classifier to the input interface and apply the scheduler map to the output interface.
Table 1 and Table 2 show forwarding class details with priority, assigned queue numbers, and allocated queue buffers used in this example.
Forwarding Class |
Queue Number |
---|---|
BE |
0 |
SIG |
1 |
AF |
2 |
Bronze-class |
3 |
Silver-class |
4 |
Gold-class |
5 |
Control |
6 |
VOIP |
7 |
Scheduler |
For CoS Traffic Type |
Assigned Priority |
Allocated Portion of Queue Buffer (Transmit Rate) |
---|---|---|---|
s-be |
0 |
low |
15 |
s-sig |
1 |
low |
15 |
s-af |
2 |
medium-low |
20 |
s-bronze |
3 |
medium-low |
20 |
s-silver |
4 |
medium-high |
10 |
s-gold |
5 |
medium-high |
10 |
s-nc |
6 |
high |
5 |
s-voip |
7 |
high |
5 |
Configuration
Procedure
CLI Quick Configuration
To quickly configure this example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, copy and paste the commands into the CLI at the [edit]
hierarchy level, and then enter commit
from configuration mode.
set class-of-service classifiers ieee-802.1 c802 forwarding-class BE loss-priority low code-points 000 set class-of-service classifiers ieee-802.1 c802 forwarding-class SIG loss-priority low code-points 001 set class-of-service classifiers ieee-802.1 c802 forwarding-class AF loss-priority low code-points 010 set class-of-service classifiers ieee-802.1 c802 forwarding-class Bronze-Class loss-priority low code-points 011 set class-of-service classifiers ieee-802.1 c802 forwarding-class Silver-Class loss-priority low code-points 100 set class-of-service classifiers ieee-802.1 c802 forwarding-class Gold-Class loss-priority low code-points 101 set class-of-service classifiers ieee-802.1 c802 forwarding-class Central loss-priority low code-points 110 set class-of-service classifiers ieee-802.1 c802 forwarding-class VOIP loss-priority low code-points 111 set class-of-service forwarding-classes class BE queue-num 0 set class-of-service forwarding-classes class SIG queue-num 1 set class-of-service forwarding-classes class AF queue-num 2 set class-of-service forwarding-classes class Bronze-Class queue-num 3 set class-of-service forwarding-classes class Silver-Class queue-num 4 set class-of-service forwarding-classes class Gold-Class queue-num 5 set class-of-service forwarding-classes class Control queue-num 6 set class-of-service forwarding-classes class VOIP queue-num 7 set class-of-service scheduler-maps test forwarding-class BE scheduler s-be set class-of-service scheduler-maps test forwarding-class SIG scheduler s-sig set class-of-service scheduler-maps test forwarding-class AF scheduler s-af set class-of-service scheduler-maps test forwarding-class Bronze-Class scheduler s-bronze set class-of-service scheduler-maps test forwarding-class Silver-Class scheduler s-silver set class-of-service scheduler-maps test forwarding-class Gold-Class scheduler s-gold set class-of-service scheduler-maps test forwarding-class Control scheduler s-nc set class-of-service scheduler-maps test forwarding-class VOIP scheduler s-voip set class-of-service rewrite-rules ieee-802.1 rw802 forwarding-class BE loss-priority low code-point 000 set class-of-service rewrite-rules ieee-802.1 rw802 forwarding-class SIG loss-priority low code-point 001 set class-of-service rewrite-rules ieee-802.1 rw802 forwarding-class AF loss-priority low code-point 010 set class-of-service rewrite-rules ieee-802.1 rw802 forwarding-class Bronze-Class loss-priority low code-point 011 set class-of-service rewrite-rules ieee-802.1 rw802 forwarding-class Silver-Class loss-priority low code-point 100 set class-of-service rewrite-rules ieee-802.1 rw802 forwarding-class Gold-Class loss-priority low code-point 101 set class-of-service rewrite-rules ieee-802.1 rw802 forwarding-class Control loss-priority low code-point 110 set class-of-service rewrite-rules ieee-802.1 rw802 forwarding-class VOIP loss-priority low code-point 111 set class-of-service schedulers s-be transmit-rate percent 15 set class-of-service schedulers s-be priority low set class-of-service schedulers s-sig transmit-rate percent 15 set class-of-service schedulers s-sig priority low set class-of-service schedulers s-af transmit-rate percent 20 set class-of-service schedulers s-af priority medium-low set class-of-service schedulers s-bronze transmit-rate percent 20 set class-of-service schedulers s-bronze priority medium-low set class-of-service schedulers s-silver transmit-rate percent 10 set class-of-service schedulers s-silver priority medium-high set class-of-service schedulers s-gold transmit-rate percent 10 set class-of-service schedulers s-gold priority medium-high set class-of-service schedulers s-nc transmit-rate percent 5 set class-of-service schedulers s-nc priority high set class-of-service schedulers s-voip transmit-rate percent 5 set class-of-service schedulers s-voip priority high set class-of-service interfaces reth0 unit 0 classifiers ieee-802.1 c802 set class-of-service interfaces reth0 unit 0 rewrite-rules ieee-802.1 rw802 set class-of-service interfaces reth0 scheduler-map test set class-of-service interfaces reth0 shaping-rate 1g
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For instructions on how to do that, see Using the CLI Editor in Configuration Mode in the Junos OS CLI User Guide.
To configure forwarding classes:
Configure a classifier.
[edit class-of-service] user@host# set classifiers ieee-802.1 c802 forwarding-class BE loss-priority low code-points 000 user@host# set classifiers ieee-802.1 c802 forwarding-class SIG loss-priority low code-points 001 user@host# set classifiers ieee-802.1 c802 forwarding-class AF loss-priority low code-points 010 user@host# set classifiers ieee-802.1 c802 forwarding-class Bronze-Class loss-priority low code-points 011 user@host# set classifiers ieee-802.1 c802 forwarding-class Silver-Class loss-priority low code-points 100 user@host# set classifiers ieee-802.1 c802 forwarding-class Gold-Class loss-priority low code-points 101 user@host# set classifiers ieee-802.1 c802 forwarding-class Central loss-priority low code-points 110 user@host# set classifiers ieee-802.1 c802 forwarding-class VOIP loss-priority low code-points 111
Assign best-effort traffic to queue.
[edit class-of-service forwarding-classes class] user@host# set BE queue-num 0 user@host# set SIG queue-num 1 user@host# set AF queue-num 2 user@host# set Bronze-Class queue-num 3 user@host# set Silver-Class queue-num 4 user@host# set Gold-Class queue-num 5 user@host# set Control queue-num 6 user@host# set VOIP queue-num 7
Define mapping of forwarding classes to packet schedulers.
[edit class-of-service] user@host# set scheduler-maps test forwarding-class BE scheduler s-be user@host# set scheduler-maps test forwarding-class SIG scheduler s-sig user@host# set scheduler-maps test forwarding-class AF scheduler s-af user@host# set scheduler-maps test forwarding-class Bronze-Class scheduler s-bronze user@host# set scheduler-maps test forwarding-class Silver-Class scheduler s-silver user@host# set scheduler-maps test forwarding-class Gold-Class scheduler s-gold user@host# set scheduler-maps test forwarding-class Control scheduler s-nc user@host# set scheduler-maps test forwarding-class VOIP scheduler s-voip
Configure the CoS rewrite rules to map the forwarding class to the desired value for the 802.1p field.
[edit class-of-service] user@host# set rewrite-rules ieee-802.1 rw802 forwarding-class BE loss-priority low code-point 000 user@host# set rewrite-rules ieee-802.1 rw802 forwarding-class SIG loss-priority low code-point 001 user@host# set rewrite-rules ieee-802.1 rw802 forwarding-class AF loss-priority low code-point 010 user@host# set rewrite-rules ieee-802.1 rw802 forwarding-class Bronze-Class loss-priority low code-point 011 user@host# set rewrite-rules ieee-802.1 rw802 forwarding-class Silver-Class loss-priority low code-point 100 user@host# set rewrite-rules ieee-802.1 rw802 forwarding-class Gold-Class loss-priority low code-point 101 user@host# set rewrite-rules ieee-802.1 rw802 forwarding-class Control loss-priority low code-point 110 user@host# set rewrite-rules ieee-802.1 rw802 forwarding-class VOIP loss-priority low code-point 111
Configure eight packet schedulers with scheduling priority and transmission rates.
[edit class-of-service] user@host# set schedulers s-be transmit-rate percent 15 user@host# set schedulers s-be priority low user@host# set schedulers s-sig transmit-rate percent 15 user@host# set schedulers s-sig priority low user@host# set schedulers s-af transmit-rate percent 20 user@host# set schedulers s-af priority medium-low user@host# set schedulers s-bronze transmit-rate percent 20 user@host# set schedulers s-bronze priority medium-low user@host# set schedulers s-silver transmit-rate percent 10 user@host# set schedulers s-silver priority medium-high user@host# set schedulers s-gold transmit-rate percent 10 user@host# set schedulers s-gold priority medium-high user@host# set schedulers s-nc transmit-rate percent 5 user@host# set schedulers s-nc priority high user@host# set schedulers s-voip transmit-rate percent 5 user@host# set schedulers s-voip priority high
Apply the classifier and rewrite rules to interfaces.
[edit class-of-service] user@host# set interfaces reth0 unit 0 classifiers ieee-802.1 c802 user@host# set interfaces reth1 unit 0 rewrite-rules ieee-802.1 rw802
Apply the scheduler-map “test” to an interface.
[edit class-of-service] user@host# set interfaces reth0 scheduler-map test
Apply the shaping rates to control the maximum rate of traffic transmitted on an interface.
[edit class-of-service] user@host# set interfaces reth0 shaping-rate 1g
Results
From configuration mode, confirm your configuration by entering the show xxx
command. If the output does not display the intended configuration, repeat the configuration instructions in this example to correct it.
classifiers { ieee-802.1 c802 { forwarding-class BE { loss-priority low code-points 000; } forwarding-class SIG { loss-priority low code-points 001; } forwarding-class AF { loss-priority low code-points 010; } forwarding-class Bronze-Class { loss-priority low code-points 011; } forwarding-class Silver-Class { loss-priority low code-points 100; } forwarding-class Gold-Class { loss-priority low code-points 101; } forwarding-class Control { loss-priority low code-points 110; } forwarding-class VOIP { loss-priority low code-points 111; } } } forwarding-classes { class BE queue-num 0; class SIG queue-num 1; class VOIP queue-num 7; class AF queue-num 2; class Bronze-Class queue-num 3; class Silver-Class queue-num 4; class Gold-Class queue-num 5; class Control queue-num 6; } interfaces { reth0 { shaping-rate 1g; unit 0 { scheduler-map test; } } reth0 { shaping-rate 1g; unit 0 { classifiers { ieee-802.1 c802; } rewrite-rules { ieee-802.1 rw802; } } } } rewrite-rules { ieee-802.1 rw802 { forwarding-class BE { loss-priority low code-point 000; } forwarding-class SIG { loss-priority low code-point 001; } forwarding-class AF { loss-priority low code-point 010; } forwarding-class Bronze-Class { loss-priority low code-point 011; } forwarding-class Silver-Class { loss-priority low code-point 100; } forwarding-class Gold-Class { loss-priority low code-point 101; } forwarding-class Control { loss-priority low code-point 110; } forwarding-class VOIP { loss-priority low code-point 111; } } } scheduler-maps { test { forwarding-class BE scheduler s-be; forwarding-class VOIP scheduler s-voip; forwarding-class Gold-Class scheduler s-gold; forwarding-class SIG scheduler s-sig; forwarding-class AF scheduler s-af; forwarding-class Bronze-Class scheduler s-bronze; forwarding-class Silver-Class scheduler s-silver; forwarding-class Control scheduler s-nc; } } schedulers { s-be { transmit-rate percent 15; priority low; } s-nc { transmit-rate percent 5; priority high; } s-gold { transmit-rate percent 10; priority medium-high; } s-sig { transmit-rate percent 15; priority low; } s-af { transmit-rate percent 20; priority medium-low; } s-bronze { transmit-rate percent 20; priority medium-low; } s-silver { transmit-rate percent 10; priority medium-high; } s-voip { transmit-rate percent 5; priority high; } }
If you are done configuring the device, enter commit
from configuration mode.
Verification
Confirm that the configuration is working properly.
- Verifying Class-of-Service Configuration
- Verifying the Number of Dedicated Queues Configured on MPC Interfaces
Verifying Class-of-Service Configuration
Purpose
Verify that CoS is configured.
Action
From operational mode, enter the show class-of-service classifier
command.
user@host> show class-of-service classifier type ieee-802.1
Forwarding class ID Queue Restricted queue Fabric priority Policing priority SPU priority
BE 0 0 0 low normal low
SIG 1 1 1 low normal low
AF 2 2 2 low normal low
Bronze-Class 3 3 3 low normal low
Silver-Class 4 4 0 low normal low
Gold-Class 5 5 1 low normal low
Control 6 6 2 low normal low
VOIP 7 7 3 low normal low
Verifying the Number of Dedicated Queues Configured on MPC Interfaces
Purpose
Display the number of dedicated queue resources that are configured for the interfaces on a port.
Action
From operational mode, enter the show class-of-service interface
command.
user@host> show class-of-service interface reth0
Physical interface: reth0, Index: 129
Queues supported: 8, Queues in use: 4
Scheduler map: <default>, Index: 2
Congestion-notification: Disabled
Logical interface: reth0.0, Index: 71
Object Name Type Index
Classifier dscp-ipv6-compatibility dscp-ipv6 9
Classifier ipprec-compatibility ip 13
Logical interface: reth1.32767, Index: 70