Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configuring CoS for GRE and IP-IP Tunnels

To configure CoS for GRE and IP-IP tunnels, perform the following configuration tasks:

  1. To configure CoS for an IP-IP tunnel, include the tunnel statement at the [edit interfaces ip-fpc/pic/port unit logical-unit-number] hierarchy level. To configure CoS for a GRE tunnel, include the tunnel statement at the [edit interfaces gr-fpc/pic/port unit logical-unit-number] hierarchy level.
  2. To rewrite traffic on the outbound interface, include the rewrite-rules statement at the [edit class-of-service] and [edit class-of-service interfaces interface-name unit logical-unit-number] hierarchy levels. For GRE and IP-IP tunnels, you can configure IP precedence and DSCP rewrite rules.
  3. To classify traffic on the inbound interface, you can configure a behavior aggregate (BA) classifier or a firewall filter. Include the loss-priority and forwarding-class statements at the [edit firewall filter filter-name term term-name then] hierarchy level, or the classifiers statement at the [edit class-of-service] hierarchy level.
    Note:

    You cannot configure BA classifiers on gr- interfaces. You must classify traffic on gr- interfaces using firewall filters (multifield classifiers).
  4. For a GRE tunnel, the default is to set the ToS bits in the outer IP header to all 0s. To copy the ToS bits from the inner IP header to the outer, include the copy-tos-to-outer-ip-header-transit statement at the [edit interfaces gr-fpc/pic/port unit logical-unit-number] hierarchy level. (This inner-to-outer ToS bits copying is already the default behavior for IP-IP tunnels.)

    To verify that this option is enabled at the interface level, use the show interfaces interface-name detail command.

    To set a static ToS/Traffic Class value in the outer IP header, include the traffic-class traffic-class-value statement at the [edit interfaces gr-fpc/pic/port unit logical-unit-number tunnel] hierarchy level. Setting this value overrides the copy-tos-to-outer-ip-header-transit statement. If rewrite rules are configured on the egress WAN interface, those rewrite rules will overwrite this setting. Therefore the traffic-class setting only makes sense when no rewrite rules are configured.

Related Documentation