[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Configuring CoS Components with a Configuration Editor

To configure the device as a node in a network supporting CoS, read the section Before You Begin, determine your needs, and select the tasks you need to perform from the following list. For information about using the J-Web and CLI configuration editors, see the the J-Web Interface User Guide and the JUNOS CLI User Guide.

Configuring a Policer for a Firewall Filter

You configure a policer to detect packets that exceed the limits established for expedited forwarding. The packets that exceed these limits are given a higher loss priority than packets within the bandwidth and burst size limits.

The following example shows how to configure a policer called ef-policer that identifies for likely discard expedited forwarding packets with a burst size greater than 2000 bytes and a bandwidth greater than 10 percent.

For more information about firewall filters, see Configuring Stateless Firewall Filters (ACLs) and the JUNOS Policy Framework Configuration Guide.

To configure an expedited forwarding policer for a firewall filter for the Services Router:

Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
Perform the configuration tasks described in Table 257.
Go on to Configuring and Applying a Firewall Filter for a Multifield Classifier.

Table 257: Configuring a Policer for a Firewall Filter

Task	J-Web Configuration Editor	CLI Configuration Editor
Navigate to the Firewall level in the configuration hierarchy.	In the J-Web interface, select Configuration>View and Edit>Edit Configuration. Next to Firewall, click Configure or Edit.	From the [edit] hierarchy level, enter edit firewall
Create the policer for expedited forwarding, and give the policer a name—for example, ef-policer.	Click Add new entry next to Policer. In the Policer name box, type ef-policer.	Enter edit policer ef-policer
Set the burst limit for the policer—for example, 2k. Set the bandwidth limit or percentage for the bandwidth allowed for this type of traffic—for example, use a bandwidth percent of 10.	Click Configure next to If exceeding. In the Burst size limit box, type a limit for the burst size allowed—for example, 2k. From the Bandwidth list, select bandwidth-percent. In the Bandwidth percent box, type 10. Click OK.	Enter set if-exceeding burst-limit-size 2k set if-exceeding bandwidth-percent 10
Enter the loss priority for packets exceeding the limits established by the policer—for example, high.	Click Configure next to Then. From the Loss priority list, select high. Click OK.	Enter set then loss-priority high

Configuring and Applying a Firewall Filter for a Multifield Classifier

You configure a multifield (MF) classifier to detect packets of interest to CoS and assign the packet to the proper forwarding class independently of the DiffServ code point (DSCP). To configure a multifield classifier on a customer-facing or host-facing link, configure a firewall filter to classify traffic. Packets are classified as they arrive on an interface.

One common way to detect packets of CoS interest is by source or destination address. The destination address is used in this example, but many other matching criteria for packet detection are available to firewall filters.

This example shows how to configure the firewall filter mf-classifier and apply it to the Services Router's Gigabit Ethernet interface ge-0/0/0. The firewall filter consists of the rules (terms) listed in Table 258.

Table 258: Sample mf-classifier Firewall Filter Terms

Rule (Term)	Purpose	Contents
assured forwarding	Detects packets destined for 192.168.44.55, assigns them to an assured forwarding class, and gives them a low likelihood of being dropped.	Match condition: destination address 192.168.44.55 Forwarding class: af-class Loss priority: low
expedited-forwarding	Detects packets destined for 192.168.66.77, assigns them to an expedited forwarding class, and subjects them to the EF policer configured in Configuring a Policer for a Firewall Filter.	Match condition: destination address 192.168.66.77 Forwarding class: ef-class Policer: ef-policer
network control	Detects packets with a network control precedence and forwards them to the network control class.	Match condition: precedence net-control Forwarding class: nc-class
best-effort-data	Detects all other packets and assigns them to the best effort class.	Forwarding class: be-class

For more information about firewalls filters see Configuring Stateless Firewall Filters (ACLs) and the JUNOS Policy Framework Configuration Guide.

To configure a firewall filter for a multifield classifier for the Services Router:

Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
Perform the configuration tasks described in Table 259.
Go on to Assigning Forwarding Classes to Output Queues.

Table 259: Configuring and Applying a Firewall Filter for a Multifield Classifier

Task	J-Web Configuration Editor	CLI Configuration Editor
Navigate to the Firewall level in the configuration hierarchy.	In the J-Web interface, select Configuration>View and Edit>Edit Configuration. Next to Firewall, click Configure or Edit.	From the [edit] hierarchy level, enter edit firewall
Create the multifield classifier filter and name it—for example, mf-classifier.	Click Add new entry next to Filter. In the Filter name box, type mf-classifier. Select the check box next to Interface specific.	Enter edit filter mf-classifier set interface-specific
Create the term for the assured forwarding traffic class, and give it a name—for example, assured-forwarding.	Click Add new entry next to Term. In the Rule name box, type assured-forwarding.	Enter edit term assured-forwarding
Create the match condition for the assured forwarding traffic class. Use the destination address for assured forwarding traffic—for example, 192.168.44.55.	Click Configure next to From. Click Add new entry next to Destination address. In the Address box, type 192.168.44.55. Click OK twice.	Enter set from destination-address 192.168.44.55
Create the forwarding class for assured forwarding DiffServ traffic—for example, af-class. Set the loss priority for the assured forwarding traffic class—for example, low.	Click Configure next to Then. In the Forwarding class box, type af-class. From the Loss priority list, select low. Click OK twice.	Enter set then forwarding-class af-class set then loss-priority low
Create the term for the expedited forwarding traffic class, and give it a name—for example, expedited-forwarding.	Click Add new entry next to Term. In the Rule name box, type expedited-forwarding.	From the [edit firewall filter mf-classifer] hierarchy level, enter edit term expedited-forwarding
Create the match condition for the expedited forwarding traffic class. Use the destination address for expedited forwarding traffic—for example, 192.168.66.77.	Click Configure next to From. Click Add new entry next to Destination address. In the Address box, type 192.168.66.77. Click OK twice.	Enter set from destination-address 192.168.66.77
Create the forwarding class for expedited forwarding DiffServ traffic—for example, ef-class. Apply the policer for the expedited forwarding traffic class. Use the EF policer previously configured for expedited forwarding DiffServ traffic—ef-policer. (See Configuring a Policer for a Firewall Filter.)	Click Configure next to Then. In the Forwarding class box, type ef-class. From the Policer choice list, select Policer. In the Policer box, type ef-policer. Click OK twice.	Enter set then forwarding-class ef-class set then policer ef-policer
Create the term for the network control traffic class, and give it a name—for example, network-control.	Click Add new entry next to Term. In the Rule name box, type network-control.	From the [edit firewall filter mf-classifer] hierarchy level, enter edit term network-control
Create the match condition for the network control traffic class.	Click Configure next to From. From the Precedence choice list, select Precedence. Click Add new entry next to Precedence. From the Value keyword list, select net-control. Click OK twice.	Enter set from precedence net-control
Create the forwarding class for the network control traffic class, and give it a name—for example, nc-class.	Click Configure next to Then. In the Forwarding class box, type nc-class. Click OK twice.	Enter set then forwarding-class nc-class
Create the term for the best-effort traffic class, and give it a name—for example, best-effort-data.	Click Add new entry next to Term. In the Rule name box, type best-effort-data.	From the [edit firewall filter mf-classifer] hierarchy level, enter edit term best-effort-data
Create the forwarding class for the best-effort traffic class, and give it a name—for example, be-class. (Because this is the last term in the filter, it has no match condition.)	Click Configure next to Then. In the Forwarding class box, type be-class. Click OK four times.	Enter set then forwarding-class be-class
Navigate to the Interfaces level in the configuration hierarchy.	On the main Configuration page next to Interfaces, click Configure or Edit.	From the [edit] hierarchy level, enter edit interfaces
Apply the multifield classifier firewall filter mf-classifier as an input filter on each customer-facing or host-facing interface that needs the filter—for example, on ge-0/0/0, unit 0.	Click the Interface ge-0/0/0 and Unit 0. Click Configure next to Inet. Click Configure next to Filter. From the Input choice list, select Input. In the Input box, type mf-classifier. Click OK.	Enter set ge-0/0/0 unit 0 family inet filter input mf-classifier

Assigning Forwarding Classes to Output Queues

You must assign the forwarding classes established by the mf-classifier multifield classifier to output queues. This example assigns output queues as shown in Table 260.

Table 260: Sample Output Queue Assignments for mf-classifier Forwarding Queues

mf-classifier Forwarding Class	For Traffic Type	Output Queue
be-class	Best-effort traffic	Queue 0
ef-class	Expedited forwarding traffic	Queue 1
af-class	Assured forwarding traffic	Queue 2
nc-class	Network control traffic	Queue 3

For multifield classifier details, see Configuring and Applying a Firewall Filter for a Multifield Classifier.

To assign forwarding classes to output queues:

Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
Perform the configuration tasks described in Table 261.
Go on to Configuring and Applying Rewrite Rules.

Table 261: Assigning Forwarding Classes to Output Queues

Task	J-Web Configuration Editor	CLI Configuration Editor
Navigate to the Class of service level in the configuration hierarchy.	In the J-Web interface, select Configuration>View and Edit>Edit Configuration. Next to Class of service, click Configure or Edit.	From the [edit] hierarchy level, enter edit class-of-service
Assign best-effort traffic to queue 0.	Click Configure next to Forwarding classes. Click Add new entry next to Queue. In the Queue num box, type 0. In the Class name box, type the previously configured name of the best-effort class—be-class. Click OK.	Enter set forwarding-classes queue 0 be-class
Assign expedited forwarding traffic to queue 1.	Click Add new entry next to Queue. In the Queue num box, type 1. In the Class name box, type the previously configured name of the expedited forwarding class—ef-class. Click OK.	Enter set forwarding-classes queue 1 ef-class
Assign assured forwarding traffic to queue 2.	Click Add new entry next to Queue. In the Queue num box, type 2. In the Class name box, type the previously configured name of the assured forwarding class—af-class. Click OK.	Enter set forwarding-classes queue 2 af-class
Assign network control traffic to queue 3.	Click Add new entry next to Queue. In the Queue num box, type 3. In the Class name box, type the previously configured name of the network control forwarding class—nc-class. Click OK.	Enter set forwarding-classes queue 3 nc-class

Configuring Forwarding Classes

To configure CoS forwarding classes on an SRX-series device, include the following statements at the [edit class-of-service] hierarchy level of the configuration:


            
               [edit class-of-service]
               forwarding-classes {
               class class-name queue-num queue-number priority (high | low);
               
               queue queue-number class-name priority (high | low);
               
               }
               interfaces {
               
                  
                     interface-name {
                     
                     
                        
                           unit logical-unit-number {
                           
                           forwarding-class class-name;
                           
                           }
                        
                     
                     }
                  
               
               }
               restricted-queues {
                forwarding-class class-name queue-number;
               
               }

You cannot commit a configuration that assigns the same forwarding class to two different queues.

Assigning a Forwarding Class to an Interface

On an SRX-series device, you can configure fixed classification on a logical interface by specifying a forwarding class to be applied to all packets received by the logical interface, regardless of the packet contents.

To assign a forwarding class configuration to the input logical interface, include the forwarding-class statement at the [edit class-of-service interfaces interface-name unit logical-unit-number] hierarchy level:


            
               [edit class-of-service interfaces interface-name unit logical-unit-number]
               
                forwarding-class class-name;

You can include interface wildcards for interface-name and logical-unit-number.

In the following example, all packets coming into the device from the ge-3/0/0.0 interface are assigned to the assured-forwarding forwarding class:


            
               [edit class-of-service]
               interfaces {
               
                  
                     ge-3/0/0 {
                     
                        
                           unit 0 {
                           forwarding-class assured-forwarding;
                           }
                        
                     
                     }
                  
               
               }

Example: Configuring Up to Eight Forwarding Classes

By default on all platforms, four output queues are mapped to four forwarding classes as shown in Table 243. On J-series Services Routers or SRX-series devices, you can configure up to eight forwarding classes and eight queues once the eight-queue mode has been enabled. For more information on enabling up to eight queues, see Forwarding Classes.

Note: The new setting takes place only after the FPC is restarted.

To configure up to eight forwarding classes, include the queue statement at the [edit class-of-service forwarding-classes] hierarchy level:


            
               [edit class-of-service forwarding-classes]
               queue queue-number class-name;

The output queue number can be from 0 through 7, and you must map the forwarding classes one-to-one with the output queues. The default scheduler transmission rate and buffer size percentages for queues 0 through 7 are 95, 0, 0, 5, 0, 0, 0, and 0 percent.

For example, to configure a one-to-one mapping between eight forwarding classes and eight queues: you would use the following configuration:


            
               [edit class-of-service]
               forwarding-classes {
               queue 0 be;
               queue 1 ef;
               queue 2 af;
               queue 3 nc;
               queue 4 ef1;
               queue 5 ef2;
               queue 6 af1;
               queue 7 nc1;
               }

Defining Eight Classifiers


            
               [edit class-of-service]
               classifiers {
               
                  
                     dscp dscp-table {
                     
                        
                           forwarding-class ef {
                           loss-priority low code-points [101000, 101001];
                           loss-priority high code-points [101010, 101011];
                           }
                        
                     
                     
                        
                           forwarding-class af {
                           loss-priority low code-points [010000, 010001];
                           loss-priority high code-points [010010, 010011];
                           }
                        
                     
                     
                        
                           forwarding-class be {
                           loss-priority low code-points [000000];
                           }
                        
                     
                     
                        
                           forwarding-class nc {
                           loss-priority low code-points [111000];
                           }
                        
                     
                     
                        
                           forwarding-class ef1 {
                           loss-priority low code-points [101100, 101101];
                           loss-priority high code-points [101110];
                           }
                        
                     
                     
                        
                           forwarding-class af1 {
                           loss-priority high code-points [101110];
                           }
                        
                     
                     
                        
                           forwarding-class ef2 {
                           loss-priority low code-points [101111];
                           }
                        
                     
                     
                        
                           forwarding-class af2 {
                           loss-priority low code-points [010000];
                           }
                        
                     
                     
                        
                           forwarding-class nc1 {
                           loss-priority low code-points [111001];
                           }
                        
                     
                     }
                  
               
               }

Adding Eight Schedulers to a Scheduler Map

Configure a custom scheduler map that applies globally to all interfaces, except those that are restricted to four queues:


            
               [edit class-of-service]
               scheduler-maps {
               
                  
                     sched {
                     forwarding-class be scheduler Q0;
                     forwarding-class ef scheduler Q1;
                     forwarding-class af scheduler Q2;
                     forwarding-class nc scheduler Q3;
                     forwarding-class ef1 scheduler Q4;
                     forwarding-class ef2 scheduler Q5;
                     forwarding-class af1 scheduler Q6;
                     forwarding-class nc1 scheduler Q7;
                     }
                  
               
               }
               schedulers {
               
                  
                     Q0 {
                     transmit-rate percent 25;
                     buffer-size percent 25;
                     priority low;
                     drop-profile-map loss-priority any protocol both drop-default;
                     }
                  
               
               
                  
                     Q1 {
                     buffer-size temporal 2000;
                     priority strict-high;
                     drop-profile-map loss-priority any protocol both drop-ef;
                     }
                  
               
               
                  
                     Q2 {
                     transmit-rate percent 35;
                     buffer-size percent 35;
                     priority low;
                     drop-profile-map loss-priority any protocol both drop-default;
                     }
                  
               
               
                  
                     Q3 {
                     transmit-rate percent 5;
                     buffer-size percent 5;
                     drop-profile-map loss-priority any protocol both drop-default;
                     }
                  
               
               
                  
                     Q4 {
                     transmit-rate percent 5;
                     priority high;
                     drop-profile-map loss-priority any protocol both drop-ef;
                     }
                  
               
               
                  
                     Q5 {
                     transmit-rate percent 10;
                     priority high;
                     drop-profile-map loss-priority any protocol both drop-ef;
                     }
                  
               
               
                  
                     Q6 {
                     transmit-rate remainder;
                     priority low;
                     drop-profile-map loss-priority any protocol both drop-default;
                     }
                  
               
               
                  
                     Q7 {
                     transmit-rate percent 5;
                     priority high;
                     drop-profile-map loss-priority any protocol both drop-default;
                     }
                  
               
               }

Configuring an IP Precedence Classifier and Rewrite Tables


            
               [edit class-of-service]
               classifiers {
               
                  
                     inet-precedence inet-classifier {
                     
                        
                           forwarding-class be {
                           loss-priority low code-points 000;
                           }
                        
                     
                     
                        
                           forwarding-class af11 {
                           loss-priority high code-points 001;
                           }
                        
                     
                     
                        
                           forwarding-class ef {
                           loss-priority low code-points 010;
                           }
                        
                     
                     
                        
                           forwarding-class nc1 {
                           loss-priority high code-points 011;
                           }
                        
                     
                     
                        
                           forwarding-class {
                           loss-priority low code-points 100;
                           }
                        
                     
                     
                        
                           forwarding-class af12 {
                           loss-priority high code-points 101;
                           }
                        
                     
                     
                        
                           forwarding-class ef1 {
                           loss-priority low code-points 110;
                           }
                        
                     
                     
                        
                           forwarding-class nc2 {
                           loss-priority high code-points 111;
                           }
                        
                     
                     }
                  
               
               }
               exp exp-rw-table {
               
                  
                     forwarding-class be {
                     loss-priority low code-point 000;
                     }
                  
               
               
                  
                     forwarding-class af11 {
                     loss-priority high code-point 001;
                     }
                  
               
               
                  
                     forwarding-class ef {
                     loss-priority low code-point 010;
                     }
                  
               
               
                  
                     forwarding-class nc1 {
                     loss-priority high code-point 111;
                     }
                  
               
               
                  
                     forwarding-class be1 {
                     loss-priority low code-point 100;
                     }
                  
               
               
                  
                     forwarding-class af12 {
                     loss-priority high code-point 101;
                     }
                  
               
               
                  
                     forwarding-class ef1 {
                     loss-priority low code-point 110;
                     }
                  
               
               
                  
                     forwarding-class nc2 {
                     loss-priority low code-point 111;
                     }
                  
               
               }
               inet-precedence inet-rw-table {
               
                  
                     forwarding-class be {
                     loss-priority low code-point 000;
                     }
                  
               
               
                  
                     forwarding-class af11 {
                     loss-priority high code-point 001;
                     }
                  
               
               
                  
                     forwarding-class ef1 {
                     loss-priority low code-point 010;
                     }
                  
               
               
                  
                     forwarding-class nc1 {
                     loss-priority low code-point 111;
                     }
                  
               
               
                  
                     forwarding-class be1 {
                     loss-priority low code-point 100;
                     }
                  
               
               
                  
                     forwarding-class af12 {
                     loss-priority high code-point 101;
                     }
                  
               
               
                  
                     forwarding-class ef1 {
                     loss-priority low code-point 111;
                     }
                  
               
               
                  
                     forwarding-class nc2 {
                     loss-priority low code-point 110;
                     }
                  
               
               }

Configuring and Applying Rewrite Rules

You can configure rewrite rules to replace DiffServ code points (DSCPs) on packets received from the customer or host with the values expected by other devices. You do not have to configure rewrite rules if the received packets already contain valid DSCPs. Rewrite rules apply the forwarding class information and packet loss priority used internally by the device to establish the DSCP on outbound packets. Once configured, you must apply the rewrite rules to the correct interfaces.

The following example shows how to create the rewrite rules rewrite-dscps and apply them to the device's Gibabit Ethernet interface ge-0/0/0. The rewrite rules replace the DSCPs on packets in the four forwarding classes, as shown in Table 262.

Table 262: Sample rewrite-dscps Rewrite Rules to Replace DSCPs

mf-classifier Forwarding Class	For CoS Traffic Type	rewrite-dscps Rewrite Rules
be-class	Best-effort traffic	Low-priority code point: 000000 High-priority code point: 000001
ef-class	Expedited forwarding traffic	Low-priority code point: 101110 High-priority code point: 101111
af-class	Assured forwarding traffic	Low-priority code point: 001010 High-priority code point: 001100
nc-class	Network control traffic	Low-priority code point: 110000 High-priority code point: 110001

To configure and apply rewrite rules for the device:

Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
Perform the configuration tasks described in Table 263.
Go on to Configuring and Applying Behavior Aggregate Classifiers .

Table 263: Configuring and Applying Rewrite Rules

Task	J-Web Configuration Editor	CLI Configuration Editor
Navigate to the Class of service level in the configuration hierarchy.	In the J-Web interface, select Configuration>View and Edit>Edit Configuration. Next to Class of service, click Configure or Edit.	From the [edit] hierarchy level, enter edit class-of-service
Configure rewrite rules for DiffServ CoS.	Click Configure next to Rewrite rules. Click Add new entry next to Dscp. In the Name box, type the name of the rewrite rules—for example, rewrite-dscps.	Enter edit rewrite-rules dscp rewrite-dscps
Configure best-effort forwarding class rewrite rules.	Click Add new entry next to Forwarding class. In the Class name box, type the name of the previously configured best-effort forwarding class—be-class. Click Add new entry next to Loss priority. From the Loss val list, select low. In the Code point box, type the value of the low-priority code point for best-effort traffic—for example, 000000. Click OK. Click Add new entry next to Loss priority. From the Loss val list, select high. In the Code point box, type the value of the high-priority code point for best-effort traffic—for example, 000001. Click OK twice.	Enter set forwarding-class be-class loss-priority low code-point 000000 set forwarding-class be-class loss-priority high code-point 000001
Configure expedited forwarding class rewrite rules.	Click Add new entry next to Forwarding class. In the Class name box, type the name of the previously configured expedited forwarding class—ef-class. Click Add new entry next to Loss priority. From the Loss val list, select low. In the Code point box, type the value of the low-priority code point for expedited forwarding traffic—for example, 101110. Click OK. Click Add new entry next to Loss priority. From the Loss val list, select high. In the Code point box, type the value of the high-priority code point for expedited forwarding traffic—for example, 101111. Click OK twice.	Enter set forwarding-class ef-class loss-priority low code-point 101110 set forwarding-class ef-class loss-priority high code-point 101111
Configure assured forwarding class rewrite rules.	Click Add new entry next to Forwarding class. In the Class name box, type the name of the previously configured assured forwarding class—af-class. Click Add new entry next to Loss priority. From the Loss val list, select low. In the Code point box, type the value of the low-priority code point for assured forwarding traffic—for example, 001010. Click OK. Click Add new entry next to Loss priority. From the Loss val list, select high. In the Code point box, type the value of the high-priority code point for assured forwarding traffic—for example, 001100. Click OK twice.	Enter set forwarding-class af-class loss-priority low code-point 001010 set forwarding-class af-class loss-priority high code-point 001100
Configure network control class rewrite rules.	Click Add new entry next to Forwarding class. In the Class name box, type the name of the previously configured network control forwarding class—nc-class. Click Add new entry next to Loss priority. From the Loss val list, select low. In the Code point box, type the value of the low-priority code point for network control traffic—for example, 110000. Click OK. Click Add new entry next to Loss priority. From the Loss val list, select high. In the Code point box, type the value of the high-priority code point for network control traffic—for example, 110001. Click OK four times.	Enter set forwarding-class nc-class loss-priority low code-point 110000 set forwarding-class nc-class loss-priority high code-point 110001
Apply rewrite rules to an interface. (See the interface naming conventions in Network Interface Naming.)	Click Add new entry next to Interfaces In the Interface name box, type the name of the interface—for example, ge-0/0/0. Click Add new entry next to Unit. In the Unit number box, type the logical interface unit number—0. Click Configure next to Rewrite rules. In the Rewrite rules name box, under Dscp, type the name of the previously configured rewrite rules—rewrite-dscps. Click OK.	From the [edit class of service] hierarchy level, enter set interfaces ge-0/0/0 unit 0 rewrite-rules dscp rewrite-dscps

Configuring and Applying Behavior Aggregate Classifiers

You configure behavior aggregate classifiers to classify packets that contain valid DSCPs to appropriate queues. Once configured, you must apply the behavior aggregate classifier to the correct interfaces.

The following example shows how to configure the DSCP behavior aggregate classifier ba-classifier as the default DSCP map, and apply it to the device's Gigabit Ethernet interface ge-0/0/0. The behavior aggregate classifier assigns loss priorities, as shown in Table 264, to incoming packets in the four forwarding classes.

Table 264: Sample ba-classifier Loss Priority Assignments

mf-classifier Forwarding Class	For CoS Traffic Type	ba-classifier Assignments
be-class	Best-effort traffic	High-priority code point: 000001
ef-class	Expedited forwarding traffic	High-priority code point: 101111
af-class	Assured forwarding traffic	High-priority code point: 001100
nc-class	Network control traffic	High-priority code point: 110001

To configure and apply behavior aggregate classifiers for the device:

Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
Perform the configuration tasks described in Table 265.
Go on to Configuring RED Drop Profiles for Congestion Control .

Table 265: Configuring and Applying Behavior Aggregate Classifiers

Task	J-Web Configuration Editor	CLI Configuration Editor
Navigate to the Class of service level in the configuration hierarchy.	In the J-Web interface, select Configuration>View and Edit>Edit Configuration. Next to Class of service, click Configure or Edit.	From the [edit] hierarchy level, enter edit class-of-service
Configure behavior aggregate classifiers for DiffServ CoS.	Click Configure next to Classifiers. Click Add new entry next to Dscp. In the Name box, type the name of the behavior aggregate classifier—for example, ba-classifier. In the Import box, type the name of the default DSCP map, default.	Enter edit classifiers dscp ba-classifier set import default
Configure a best-effort forwarding class classifier.	Click Add new entry next to Forwarding class. In the Class name box, type the name of the previously configured best-effort forwarding class—be-class. Click Add new entry next to Loss priority. From the Loss val list, select high. Click Add new entry next to Code points. In the Value box, type the value of the high-priority code point for best-effort traffic—for example, 00001. Click OK three times.	Enter set forwarding-class be-class loss-priority high code-points 000001
Configure an expedited forwarding class classifier.	Click Add new entry next to Forwarding class. In the Class name box, type the name of the previously configured expedited forwarding class—ef-class. Click Add new entry next to Loss priority. From the Loss val list, select high. Click Add new entry next to Code points. In the Value box, type the value of the high-priority code point for expedited forwarding traffic—for example, 101111. Click OK three times.	Enter set forwarding-class ef-class loss-priority high code-points 101111
Configure an assured forwarding class classifier.	Click Add new entry next to Forwarding class. In the Class name box, type the name of the previously configured assured forwarding class—af-class. Click Add new entry next to Loss priority. From the Loss val list, select high. Click Add new entry next to Code points. In the Value box, type the value of the high-priority code point for assured forwarding traffic—for example, 001100. Click OK three times.	Enter set forwarding-class af-class loss-priority high code-points 001100
Configure a network control class classifier.	Click Add new entry next to Forwarding class. In the Class name box, type the name of the previously configured network control forwarding class—nc-class. Click Add new entry next to Loss priority. From the Loss val list, select high. Click Add new entry next to Code points. In the Value box, type the value of the high-priority code point for network control traffic—for example, 110001. Click OK five times.	Enter set forwarding-class nc-class loss-priority high code-points 110001
Apply the behavior aggregate classifier to an interface. (See the interface naming conventions in Network Interface Naming.)	Click Add new entry next to Interfaces. In the Interface name box, type the name of the interface—for example, ge-0/0/0. Click Add new entry next to Unit. In the Unit number box, type the logical interface unit number—0. Click Configure next to Classifiers. In the Classifiers box, under Dscp, type the name of the previously configured behavior aggregate classifier—ba-classifier. Click OK.	From the [edit class of service] hierarchy level, enter set interfaces ge-0/0/0 unit 0 classifiers dscp ba-classifier

Example: Defining Aliases for Bits

When you configure classes and define classifiers, you can refer to the markers by alias names. You can configure user-defined classifiers in terms of alias names. If the value of an alias changes, it alters the behavior of any classifier that references it.

To define a code-point alias on an SRX-series device, include the code-point-aliases statement at the [edit class-of-service] hierarchy level:


            
               [edit class-of-service]
               code-point-aliases {
               (dscp |exp | ieee-802.1 | inet-precedence) {
               alias-name bits;
               }
               }

The CoS marker types are as follows:

dscp—Handles incoming IPv4 packets.
exp—Handles MPLS packets using Layer 2 headers.
ieee-802.1—Handles Layer 2 CoS.
inet-precedence—Handles incoming IPv4 packets. IP precedence mapping requires only the upper three bits of the DSCP field.

For example, you can set up the following configuration:


            
               [edit class-of-service]
                code-point-aliases {
               
                  
                     dscp {
                     
                        
                           my1 110001;
                           my2 101110;
                        
                     
                     
                        
                           be 000001;
                           cs7 110000;
                        
                     
                  
               
               }
               }

The sample configuration produces this mapping:

user@host>show class-of-service code-point-aliases
                  dscp

Alias 	Bit pattern
ef/my2 	101110
af11 		001010
af12 		001100
af13 		001110
af21 		010010
af22 		010100
af23 		010110
af31 		011010
af32 		011100
af33 		011110
af41 		100010
af42 		100100
af43 		100110
be 		000001
cs1 		001000
cs2 		010000
cs3 		011000
cs4 		100000
cs5 		101000
nc1/cs6/cs7 110000
nc2 		111000
my1 		110001

The following notes explain certain results in the mapping:

my1 110001:
- 110001 was not mapped to anything before, and my1 is a new alias.
- Nothing in the default mapping table is changed by this statement.
my2 101110:
- 101110 is now mapped to my2 as well as ef.
be 000001:
- be is now mapped to 000001.
- The old value of be, 000000, is not associated with any alias. Packets with this DSCP value are now mapped to the default forwarding class.
cs7 110000:
- cs7 is now mapped to 110000, as well as nc1 and cs6.
- The old value of cs7, 111000, is still mapped to nc2.

Configuring RED Drop Profiles for Congestion Control

If the device must support assured forwarding, you can control congestion by configuring random early detection (RED) drop profiles. RED drop profiles use drop probabilities for different levels of buffer fullness to determine which scheduling queue on the device is likely to drop assured forwarding packets under congested conditions. The device can drop packets when the queue buffer becomes filled to the configured percentage.

Assured forwarding traffic with the PLP (packet loss priority) bit set is more likely to be discarded than traffic without the PLP bit set. This example shows how to configure a drop probability and a queue fill level for both PLP and non-PLP assured forwarding traffic. It is only one example of how to use RED drop profiles.

The example shows how to configure the RED drop profiles listed in Table 266.

Table 266: Sample RED Drop Profiles

Drop Profile	Drop Probability	Queue Fill Level
af-normal—For non-PLP (normal) assured forwarding traffic	Between 0 (never dropped) and 100 percent (always dropped)	Between 95 and 100 percent
af-with-plp—For PLP (aggressive packet dropping) assured forwarding traffic	Between 95 and 100 percent (always dropped)	Between 80 and 95 percent

To configure RED drop profiles for assured forwarding congestion control on the device:

Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
Perform the configuration tasks described in Table 267.
If you are finished configuring the device, commit the configuration.
Go on to one of the following tasks:
- To assign resources, priorities, and profiles to output queues, see Configuring Schedulers .
- To apply rules to logical interfaces, see Configuring and Applying Virtual Channels .
- To use adaptive shapers to limit bandwidth for Frame Relay, see Configuring Adaptive Shaping for Frame Relay.
- To check the configuration, see Verifying a CoS Configuration.

Table 267: Configuring RED Drop Profiles for Assured Forwarding Congestion Control

Task	J-Web Configuration Editor	CLI Configuration Editor
Navigate to the Class of service level in the configuration hierarchy.	In the J-Web interface, select Configuration>View and Edit>Edit Configuration. Next to Class of service, click Configure or Edit.	From the [edit] hierarchy level, enter edit class-of-service
Configure the lower drop probability for normal, non-PLP traffic.	Click Add new entry next to Drop profiles. In the Profile name box, type the name of the drop profile—for example, af-normal. Click Configure next to Interpolate. Click Add new entry next to Drop probability. In the Value box, type a number for the first drop point—for example, 0. Click OK. Click Add new entry next to Drop probability again. In the Value box, type a number for the next drop point—for example, 100. Click OK.	Enter edit drop-profiles af-normal interpolate set drop-probability 0 set drop-probability 100
Configure a queue fill level for the lower non-PLP drop probability.	Click Add new entry next to Fill level. In the Value box, type a number for the first fill level—for example, 95. Click OK. Click Add new entry next to Fill level. In the Value box, type a number for the next fill level—for example, 100. Click OK three times.	Enter set fill-level 95 set fill-level 100
Configure the higher drop probability for PLP traffic.	Click Add new entry next to Drop profiles. In the Profile name box, type the name of the drop profile—for example, af-with-plp. Click Configure next to Interpolate. Click Add new entry next to Drop probability. In the Value box, type a number for the first drop point—for example, 95. Click OK. Click Add new entry next to Drop probability. In the Value box, type a number for the next drop point—for example, 100. Click OK.	From the [edit class of service] hierarchy level, enter edit drop-profiles af-with-PLP interpolate set drop-probability 95 set drop-probability 100
Configure a queue fill level for the higher PLP drop probability.	Click Add new entry next to Fill level. In the Value box, type a number for the first fill level—for example, 80. Click OK. Click Add new entry next to Fill level. In the Value box, type a number for the next fill level—for example, 95. Click OK.	Enter set fill-level 80 set fill-level 95

Example: Configuring RED Drop Profiles

Create a segmented configuration and an interpolated configuration that correspond to the graphs in Figure 105. The values defined in the configuration are matched to represent the data points in the graph line. In this example, the drop probability is 25 percent when the queue is 50 percent full. The drop probability increases to 50 percent when the queue is 75 percent full.

Figure 105: Segmented and Interpolated Drop Profiles

Image h1704.gif

Segmented


            
               class-of-service {
               
                  
                     drop-profiles {
                     
                        
                           segmented-style-profile {
                           fill-level 25 drop-probability 25;
                           fill-level 50 drop-probability 50;
                           fill-level 75 drop-probability 75;
                           fill-level 95 drop-probability 100;
                           }
                        
                     
                     }
                  
               
               }

To create the profile’s graph line, the software begins at the bottom-left corner, representing a 0 percent fill level and a 0 percent drop probability. This configuration draws a line directly to the right until it reaches the first defined fill level, 25 percent for this configuration. The software then continues the line vertically until the first drop probability is reached. This process is repeated for all of the defined levels and probabilities until the top-right corner of the graph is reached.

Create a smoother graph line by configuring the profile with the interpolate statement. This allows the software to automatically generate 64 data points on the graph beginning at (0, 0) and ending at (100, 100). Along the way, the graph line intersects specific data points, which you define as follows:

Interpolated


            
               class-of-service {
               
                  
                     drop-profiles {
                     
                        
                           interpolated-style-profile {
                           
                              
                                 interpolate {
                                 fill-level [ 50 75 ];
                                 drop-probability [ 25 50 ];
                                 }
                              
                           
                           }
                        
                     
                     }
                  
               
               }

Configuring Schedulers

You configure schedulers to assign resources, priorities, and drop profiles to output queues. By default, only queues 0 and 3 have resources assigned.

Note: SRX-series devices support hierarchical schedulers, including per-unit-schedulers. For more information, see Configuring CoS Hierarchical Schedulers.

This example creates the schedulers listed in Table 268.

Table 268: Sample Schedulers

Scheduler	For CoS Traffic Type	Assigned Priority	Allocated Portion of Queue Buffer	Assigned Bandwidth (Transmit Rate)
be-scheduler	Best-effort traffic	Low	40 percent	10 percent
ef-scheduler	Expedited forwarding traffic	High	10 percent	10 percent
af-scheduler	Assured forwarding traffic	High	45 percent	45 percent
nc-scheduler	Network control traffic	Low	5 percent	5 percent

To configure schedulers for the device:

Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
Perform the configuration tasks described in Table 269.
Go on to Configuring and Applying Scheduler Maps .

Table 269: Configuring Schedulers

Task	J-Web Configuration Editor	CLI Configuration Editor
Navigate to the Class of service level in the configuration hierarchy.	In the J-Web interface, select Configuration>View and Edit>Edit Configuration. Next to Class of service, click Configure or Edit.	From the [edit] hierarchy level, enter edit class-of-service
Configure a best-effort scheduler.	Click Add new entry next to Schedulers. In the Scheduler name box, type the name of the best-effort scheduler—for example, be-scheduler.	Enter edit schedulers be-scheduler
Configure a best-effort scheduler priority and buffer size.	In the Priority box, type low. Click Configure next to Buffer size. From the Buffer size choice list, select the basis for the buffer allocation method—for example, Percent. In the Percent box, type the percentage of the buffer to be used by the best-effort scheduler—for example, 40. Click OK.	Enter set priority low set buffer-size percent 40
Configure a best-effort scheduler transmit rate.	Click Configure next to Transmit rate. From the Transmit rate choice list, select the basis for the transmit rate method—for example, Percent. In the Percent box, type the percentage of the bandwidth to be used by the best-effort scheduler—for example, 10. Click OK twice.	Enter set transmit-rate percent 10
Configure an expedited forwarding scheduler.	Click Add new entry next to Schedulers. In the Scheduler name box, type the name of the expedited forwarding scheduler—for example, ef-scheduler.	From the [edit class of service] hierarchy level, enter edit schedulers ef-scheduler
Configure an expedited forwarding scheduler priority and buffer size.	In the Priority box, type high. Click Configure next to Buffer size. From the Buffer size choice list, select the basis for the buffer allocation method—for example, Percent. In the Percent box, type the percentage of the buffer to be used by the expedited forwarding scheduler—for example, 10. Click OK.	Enter set priority high set buffer-size percent 10
Configure an expedited forwarding scheduler transmit rate.	Click Configure next to Transmit rate. From the Transmit rate choice list, select the basis for the transmit rate method—for example, Percent. In the Percent box, type the percentage of the bandwidth to be used by the expedited forwarding scheduler—for example, 10. Click OK twice.	Enter set transmit-rate percent 10
Configure an assured forwarding scheduler.	Click Add new entry next to Schedulers. In the Scheduler name box, type the name of the assured forwarding scheduler—for example, af-scheduler.	From the [edit class of service] hierarchy level, enter edit schedulers af-scheduler
Configure an assured forwarding scheduler priority and buffer size.	In the Priority box, type high. Click Configure next to Buffer size. From the Buffer size choice list, select the basis for the buffer allocation method—for example, Percent. In the Percent box, type the percentage of the buffer to be used by the assured forwarding scheduler—for example, 45. Click OK.	Enter set priority high set buffer-size percent 45
Configure an assured forwarding scheduler transmit rate.	Click Configure next to Transmit rate. From the Transmit rate choice list, select the basis for the transmit rate method—for example, Percent. In the Percent box, type the percentage of the bandwidth to be used by the assured forwarding scheduler—for example, 45. Click OK.	Enter set transmit-rate percent 45
(Optional) Configure a drop profile map for assured forwarding low and high priority. (DiffServ can have a RED drop profile associated with assured forwarding.)	Click Add new entry next to Drop profile map. From the Loss priority box, select Low. From the Protocol box, select Any. In the Drop profile box, type the name of the drop profile—for example, af-normal. Click OK. Click Add new entry next to Drop profile map. From the Loss priority box, select High. From the Protocol box, select Any. In the Drop profile box, type the name of the drop profile—for example, af-with-PLP. Click OK twice.	Enter set drop-profile-map loss-priority low protocol any drop-profile af-normal set drop-profile-map loss-priority high protocol any drop-profile af-with-PLP
Configure a network control scheduler.	Click Add new entry next to Schedulers. In the Scheduler name box, type the name of the network control scheduler—for example, nc-scheduler.	From the [edit class of service] hierarchy level, enter edit schedulers nc-scheduler
Configure a network control scheduler priority and buffer size.	In the Priority box, type low. Click Configure next to Buffer size. From the Buffer size choice list, select the basis for the buffer allocation method—for example, Percent. In the Percent box, type the percentage of the buffer to be used by the network control scheduler—for example, 5. Click OK.	Enter set priority low set buffer-size percent 5
Configure a network control scheduler transmit rate.	Click Configure next to Transmit rate. From the Transmit rate choice list, select the basis for the transmit rate method—for example, Percent. In the Percent box, type the percentage of the bandwidth to be used by the network control scheduler—for example, 5. Click OK.	Enter set transmit-rate percent 5

Configuring and Applying Scheduler Maps

You configure a scheduler map to assign a forwarding class to a scheduler, then apply the scheduler map to any interface that must enforce DiffServ CoS.

The following example shows how to create the scheduler map diffserv-cos-map and apply it to the device's Ethernet interface ge-0/0/0. The map associates the mf-classifier forwarding classes configured in Configuring and Applying a Firewall Filter for a Multifield Classifier to the schedulers configured in Configuring Schedulers , as shown in Table 270.

Table 270: Sample diffserv-cos-map Scheduler Mapping

mf-classifier Forwarding Class	For CoS Traffic Type	diffserv-cos-map Scheduler
be-class	Best-effort traffic	be-scheduler
ef-class	Expedited forwarding traffic	ef-scheduler
af-class	Assured forwarding traffic	af-scheduler
nc-class	Network control traffic	nc-scheduler

To configure and apply scheduler maps:

Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
Perform the configuration tasks described in Table 271.
If you are finished configuring the device, commit the configuration.
Go on to one of the following tasks:
- To apply rules to logical interfaces, see Configuring and Applying Virtual Channels .
- To use adaptive shapers to limit bandwidth for Frame Relay, see Configuring Adaptive Shaping for Frame Relay.
- To check the configuration, see Verifying a CoS Configuration.

Table 271: Configuring Scheduler Maps

Task	J-Web Configuration Editor	CLI Configuration Editor
Navigate to the Class of service level in the configuration hierarchy.	In the J-Web interface, select Configuration>View and Edit>Edit Configuration. Next to Class of service, click Configure or Edit.	From the [edit] hierarchy level, enter edit class-of-service
Configure a scheduler map for DiffServ CoS.	Click Add new entry next to Scheduler maps. In the Map name box, type the name of the scheduler map—for example, diffserv-cos-map.	Enter edit scheduler-maps diffserv-cos-map
Configure a best-effort forwarding class and scheduler.	Click Add new entry next to Forwarding class. In the Class name box, type the name of the previously configured best-effort forwarding class—be-class. In the Scheduler box, type the name of the previously configured best-effort scheduler—be-scheduler. Click OK.	Enter set forwarding-class be-class scheduler be-scheduler
Configure an expedited forwarding class and scheduler.	Click Add new entry next to Forwarding class. In the Class name box, type the name of the previously configured expedited forwarding class—ef-class. In the Scheduler box, type the name of the previously configured expedited forwarding scheduler—ef-scheduler. Click OK.	Enter set forwarding-class ef-class scheduler ef-scheduler
Configure an assured forwarding class and scheduler.	Click Add new entry next to Forwarding class. In the Class name box, type the name of the previously configured assured forwarding class—af-class. In the Scheduler box, type the name of the previously configured assured forwarding scheduler—af-scheduler. Click OK.	Enter set forwarding-class af-class scheduler af-scheduler
Configure a network control class and scheduler.	Click Add new entry next to Forwarding class. In the Class name box, type the name of the previously configured network control class—nc-class. In the Scheduler box, type the name of the previously configured network control scheduler—nc-scheduler. Click OK twice.	Enter set forwarding-class nc-class scheduler nc-scheduler
Apply the scheduler map to an interface. (See the interface naming conventions in Network Interface Naming.)	Click Add new entry next to Interfaces. In the Interface name box, type the name of the interface—for example, ge-0/0/0. Click Add new entry next to Unit. In the Unit number box, type the logical interface unit number—0. In the Scheduler map box, type the name of the previously configured scheduler map—diffserv-cos-map. Click OK.	From the [edit class of service] hierarchy level, enter set interfaces ge-0/0/0 scheduler-map diffserv-cos-map

Scheduler Maps: Sample Configuration

Once you define a scheduler, you can include it in a scheduler map, which maps a specified forwarding class to a scheduler configuration. To do this, include the scheduler-maps statement at the [edit class-of-service] hierarchy level:


            
               [edit class-of-service]
               scheduler-maps {
               
                  
                     map-name {
                     
                     forwarding-class class-name scheduler scheduler-name;
                     
                     }
                  
               
               }

After you have defined the scheduler map, you can associate it with an output interface. To do this, include the scheduler-map statement at the [edit class-of-service interfaces interface-name] hierarchy level:


            
               [edit class-of-service interfaces interface-name]
               
               scheduler-map map-name;

Interface wildcards are supported.

Schedulers: Sample Configuration

You use schedulers to define the properties of output queues. These properties include the amount of interface bandwidth assigned to the queue, the size of the memory buffer allocated for storing packets, the priority of the queue, and the random early detection (RED) drop profiles associated with the queue.

You associate the schedulers with forwarding classes by means of scheduler maps. You can then associate each scheduler map with an interface, thereby configuring the hardware queues, packet schedulers, and RED processes that operate according to this mapping.

To configure class-of-service (CoS) schedulers, use the following sample configuration at the [edit class-of-service] hierarchy level:


            
               [edit class-of-service]
               interfaces {
               
                  
                     interface-name {
                     
                     scheduler-map map-name;
                     
                     scheduler-map-chassis map-name;
                     
                     schedulers number;
                     
                     shaping-rate rate;
                     
                     
                        
                           unit {
                           output-traffic-control-profile profile-name;
                           
                            scheduler-map map-name;
                           
                           shaping-rate rate;
                           
                           }
                        
                     
                     }
                  
               
               }
                fabric {
               
                  
                     scheduler-map {
                     priority (high | low) scheduler scheduler-name;
                     
                     }
                  
               
               }
               scheduler-maps {
               
                  
                     map-name {
                     
                     forwarding-class class-name scheduler scheduler-name;
                     
                     }
                  
               
               }
               schedulers {
               
                  
                     scheduler-name {
                     
                     buffer-size (percent percentage |
                        remainder | temporal microseconds 						);
                     
                     drop-profile-map loss-priority (any | low | medium-low
                        | medium-high | high) protocol (any | non-tcp | tcp) drop-profile profile-name;
                     
                     priority priority-level;
                     
                     transmit-rate (rate  | percent percentage remainder) <exact | rate-limit>;
                     
                     }
                  
               
               }
               traffic-control-profiles profile-name {
               
                delay-buffer-rate (percent percentage | rate);
               
                guaranteed-rate (percent percentage | rate);
               
                scheduler-map map-name;
               
               shaping-rate (percent percentage | rate);
               
               }

Configuring and Applying Virtual Channels

You configure a virtual channel to set up queuing, packet scheduling, and accounting rules to be applied to one or more logical interfaces. You then must apply the virtual channel to a particular logical interface. Virtual channels can be applied in different ways. For more information on virtual channels, see Configuring Virtual Channels. In the example here, an output firewall filter is used for directing traffic to a particular virtual channel.

The following example shows how to create the virtual channels branch1–vc, branch2–vc, and branch3–vc and apply them in the firewall filter choose-vc to the Services Router's T3 interface t3-1/0/0.

To configure and apply virtual channels for the Services Router:

Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
Perform the configuration tasks described in Table 272.
If you are finished configuring the router, commit the configuration.
Go on to one of the following tasks:
- To assign resources, priorities, and profiles to output queues, see Configuring Schedulers .
- To use adaptive shapers to limit bandwidth for Frame Relay, see Configuring Adaptive Shaping for Frame Relay.
- To check the configuration, see Verifying a CoS Configuration.

Table 272: Configuring and Applying Virtual Channels

Task	J-Web Configuration Editor	CLI Configuration Editor
Navigate to the Class of service level in the configuration hierarchy.	In the J-Web interface, select Configuration>View and Edit>Edit Configuration. Next to Class of service, click Configure or Edit.	From the [edit] hierarchy level, enter edit class-of-service
Define the virtual channels branch1–vc, branch2–vc, branch3–vc, and the default virtual channel. You must specify a default virtual channel.	Click Add new entry next to Virtual channels. In the Channel name box, type the name of the virtual channel—for example, branch1–vc. Click OK. Create additional virtual channels for branch2–vc, branch3–vc, and default-vc.	Enter set virtual-channels branch1–vc Repeat this statement for branch2–vc, branch3–vc, and default-vc.
Define the virtual channel group wan-vc-group to include the four virtual channels, and assign each virtual channel the scheduler map bestscheduler.	Click Add new entry next to Virtual channel groups. In the Group name box, type the name of the virtual channel group—wan-vc-group. Click Add new entry next to Channel. In the Channel name box, type the name of the previously configured virtual channels—branch1–vc. In the Scheduler map box, type the name of the previously configured scheduler map—bestscheduler. Click OK. Add the virtual channels branch2–vc, branch3–vc, and default-vc. Select the Default box when adding the virtual channel default-vc.	Enter set virtual-channel-groups wan-vc-group branch1–vc scheduler-map bestscheduler Repeat this statement for branch2–vc, branch3–vc, and default-vc. Enter set virtual-channel-groups wan-vc-group default–vc default
Specify a shaping rate of 2 Mbps for each virtual channel within the virtual channel group.	Click branch1–vc in the list of virtual channels. Select the Shaping rate box. Click Configure. Select Absolute rate from the Rate choice box. In the Absolute rate box, type the shaping rate—2m. Add the shaping rate for the branch2–vc and branch3–vc virtual channels. Click OK three times.	Enter set virtual-channel-groups wan-vc-group branch1–vc shaping-rate 2m Repeat this statement for branch2–vc and branch3–vc.
Apply the virtual channel group to the logical interface t3–1/0/0.0. (See the interface naming conventions in Network Interface Naming.)	Click Add new entry next to Interfaces. In the Interface name box, type the name of the interface—t3–1/0/0. Click Add new entry next to Unit. In the Unit number box, type the logical interface unit number—0. In the Virtual channel group box, type the name of the previously configured virtual channel group—wan-vc-group. Click OK.	From the [edit class of service] hierarchy level, enter set interfaces t3–1/0/0 unit 0 virtual-channel-group wan-vc-group
Create the firewall filter choose-vc to select the traffic that is transmitted on a particular virtual channel.	On the main Configuration page next to Firewall, click Configure or Edit. Click Add new entry next to Filter. In the Filter name box, type the name of the firewall filter—choose-vc. Click Add new entry next to Term. In the Rule name box, type the name of the firewall term—branch1. Click Configure next to From. Click Add new entry next to Destination address. In the Address box, type the IP address of the destination host—192.168.10.0/24. Click OK twice. On the firewall term page, click Configure next to Then. Select Accept from the Designation box. In the Virtual channel box, type the name of the previously configured virtual channel—branch1–vc. Click OK. Repeat these steps for the virtual channels branch2–vc and branch3–vc.	From the [edit] hierarchy level, enter edit firewall Enter set family inet filter choose-vc term branch1 from destination 192.168.10.0/24 Enter set family inet filter choose-vc term branch1 then accept Enter set family inet filter choose-vc term branch1 then virtual-channel branch1–vc Repeat these steps for virtual channels branch2–vc and branch3–vc.
Apply the firewall filter choose-vc to output traffic on the t3–1/0/0.0 interface.	On the main Configuration page next to Interfaces, click Configure or Edit. Click t3–1/0/0 in the list of configured interfaces. Click 0 in the list of configured logical units for the interface. Click Edit next to Inet. Click Configure next to Filter. In the Output box, type the name of the previously configured firewall filter—choose–vc. Click OK.	From the [edit] hierarchy level, enter edit interfaces Enter set t3–1/0/0 unit 0 family inet filter output choose-vc

Configuring and Applying an Adaptive Shaper

You can use adaptive shaping to limit the bandwidth of traffic flowing on a Frame Relay logical interface. If you configure and apply adaptive shaping, the device checks the backward explicit congestion notification (BECN) bit within the last inbound (ingress) packet received on the interface. For more information on adaptive shaping, see Configuring Adaptive Shaping for Frame Relay.

Note: Adaptive shaping is not available on SRX 3400, SRX 3600, SRX 5600, and SRX 5800 devices.

The following example shows how to create an adaptive shaper fr-shaper and apply it to the device's T1 interface t1-0/0/2. The adapter shaper limits the transmit bandwidth on the interface to 64 Kbps.

To configure and apply an adaptive shaper for the device:

Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
Perform the configuration tasks described in Table 273.
If you are finished configuring the device, commit the configuration.
Go on to one of the following tasks:
- To assign resources, priorities, and profiles to output queues, see Configuring Schedulers .
- To apply rules to logical interfaces, see Configuring and Applying Virtual Channels .
- To check the configuration, see Verifying a CoS Configuration.

Table 273: Configuring and Applying an Adaptive Shaper

Task

J-Web Configuration Editor

CLI Configuration Editor

Navigate to the Class of service level in the configuration hierarchy.

In the J-Web interface, select Configuration>View and Edit>Edit Configuration.
Next to Class of service, click Configure or Edit.

From the [edit] hierarchy level, enter

edit class-of-service

Define the adaptive shaper name and maximum transmit rate.

Next to Adaptive Shapers, click Add new entry.
In the Adaptive shaper name box, type fr-shaper.
Next to Trigger, click Add new entry.
Next to Becn, select the check box.
Next to Shaping rate, select the check box and click Configure.
From the Rate choice list, select Absolute rate.
In the Absolute rate box, type 64k.
Click OK three times.

Enter

set adaptive-shapers fr-shaper trigger becn shaping-rate 64k

Apply the adaptive shaper to the logical interface t1-0/0/2.0.

(See the interface naming conventions in Network Interface Naming.)

Next to Interfaces, click Add new entry.
In the Interface name box, type the name of the interface—t1-0/0/2.
Next to Unit, click Add new entry.
In the Unit number box, type the logical interface unit number—0.
In the Adaptive shaper box, type the name of the adaptive shaper—fr-shaper.
Click OK.

Enter

set interfaces t1-0/0/2 unit 0 adaptive-shaper fr-shaper

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]