Class of Service for VPNs

You can configure Junos class-of-service (CoS) features to provide multiple classes of service for VPNs. The CoS features are supported on Layer2 VPNs, Layer 3 VPNs, and VPLS. On the router, you can configure multiple forwarding classes for transmitting packets, define which packets are placed into each output queue, schedule the transmission service level for each queue, and manage congestion using a random early detection (RED) algorithm.

VPNs use the standard CoS configuration.

A marker reads the current forwarding class and loss priority information associated with a packet and finds the chosen code point from a table. It then writes the code point information into the packet header. Entries in a marker configuration represent the mapping of the current forwarding class into a new forwarding class, to be written into the header.

You define markers in the rewrite rules section of the class-of-service (CoS) configuration hierarchy and reference them in the logical interface configuration. You can configure different rewrite rules to handle VPN traffic and non-VPN traffic. The rewrite rule can be applied to MPLS and IPv4 packet headers simultaneously, making it possible to initialize MPLS experimental (EXP) and IP precedence bits at LSP ingress.

For a detailed example of how to configure rewrite rules for MPLS and IPv4 packets and for more information about how to configure statements at the [edit class-of-service] hierarchy level, see the Class of Service User Guide (Routers and EX9200 Switches).

You can use policing to control the amount of traffic flowing over the interfaces servicing a Layer 3 VPN. If policing is disabled on an interface, all the available bandwidth on a Layer 3 VPN tunnel can be used by a single CCC or TCC interface.

For more information about the policer statement, see the Routing Policies, Firewall Filters, and Traffic Policers User Guide.

To enable Layer 3 VPN policing on an interface, include the policer statement:

If you configure CCC encapsulation, you can include the policer statement at the following hierarchy levels:

• [edit interfaces interface-name unit logical-unit-number family ccc]

• [edit logical-systems logical-system-name interfaces interface-name unit logical-unit-number family ccc]

If you configure TCC encapsulation, you can include the policer statement at the following hierarchy levels:

• [edit interfaces interface-name unit logical-unit-number family tcc]

• [edit logical-systems logical-system-name interfaces interface-name unit logical-unit-number family tcc]

When you include the vrf-table-label statement in the configuration for a routing instance (as described in Filtering Packets in Layer 3 VPNs Based on IP Headers) but do not explicitly apply a classifier to the routing instance, the default MPLS EXP classifier is applied.

For PICs that are installed on Enhanced FPCs, you can apply a custom classifier to override the default MPLS EXP classifier for the routing instance. For detailed instructions, see the Class of Service User Guide (Routers and EX9200 Switches). The following instructions serve as a summary:

1. Filter traffic based on the IP header by including the vrf-table-label statement at the [edit routing-instances routing-instance-name] hierarchy level:

2. Configure a custom MPLS EXP classifier by including the appropriate statements at the [edit class-of-service] hierarchy level. For instructions, see the Class of Service User Guide (Routers and EX9200 Switches).

3. Configure the routing instance for CoS by including the routing-instances statement at the [edit class-of-service] hierarchy level:

4. Configure the routing instance to use the custom MPLS EXP classifier by including the classifiers statement at the [edit class-of-service routing-instances routing-instance-name] hierarchy level:

To display the MPLS EXP classifiers associated with all routing instances, issue the show class-of-service routing-instances command.