Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX] How to configure the schedulers to prioritize specific traffic

0

0

Article ID: KB25847 KB Last Updated: 20 Dec 2013Version: 3.0
Summary:
This article provides information on how to configure the schedulers to prioritize specific traffic.
Symptoms:
TCP traffic has to be prioritized.
Cause:
 
Solution:
Assume that TCP traffic has to be prioritized over other traffic. To prioritize the TCP traffic, perform the following procedure:

  1. Configure the firewall filter to select the TCP traffic. The firewall filter has to filter the TCP traffic and forward it to a forwarding-class. A sample configuration is as follows:
    [edit]
    root@SRX# show firewall 
    filter jtac_cos {
        term tcp_traffic {
            from {
                protocol tcp;
            }
            then {
                forwarding-class tcp_class;
                accept;
            }
        }
        term other_traffic {
            then accept;
        }
    }
    
    Apply this firewall filter at input of ingress interface.
    [edit]
    root@SRX# show interfaces ge-0/0/1  
    unit 0 {
                family inet {
                    filter {
                        input jtac_cos;
                    }
                    address e.f.g.h/y;
                }
            }
        }
    
    
  2. Map the queues to the forwarding classes. By default, this is how the forwarding classes are mapped to the queues:
    Queue        Forwarding-class       
        0              best-effort  
        1     expedited-forwarding
        2       assured-forwarding   
        3          network-control
    It is very important to understand the order of importance for these queues. Queue 3 is treated with the utmost respect and priority, as all the network control traffic (BGP, OSPF neighborship adjancency) will be classified as Queue 3.

    After that, it is Queue 2 and goes on until Queue 0. Queue 0 has the host-bound traffic (SSH, telnet, ping, and so on; but not IKE/IPsec, which is in Queue 2). It is also not recommended to change Queue 3.

    If the TCP traffic has to be given more priority, it would be ideal to classify it under Queue 2:
    [edit]
    root@SRX# show class-of-service forwarding-classes    
    queue 2 tcp_class;
  3. Configure the scheduler that configures the priority of the TCP traffic:
    [edit]
    root@SRX# show class-of-service schedulers  
    tcp_class {
        transmit-rate percent 25;
        buffer-size percent 25;
        priority medium-high;
    }
  4. Now, map the scheduler with the forwarding class:
    [edit]
    root@SRX# show class-of-service scheduler-maps 
    test-scheduler-map {
        forwarding-class tcp_class scheduler tcp_class;
    }
  5. Define the interface to which the class-of-service needs to be applied:
    [edit]
    root@SRX# show class-of-service interfaces 
    ge-0/0/0 {
        unit 0 {
            scheduler-map test-scheduler-map;
        }
    }
    
    Enable per-unit-scheduling on the interface, so that all the units will be applied with the CoS configuration:
    [edit]
    root@SRX# show interfaces ge-0/0/0  
    per-unit-scheduler;
    unit 0 {
        family inet {
            address a.b.c.d/x;
        }
    } 
    When the configuration has been committed, you can verify the traffic in the forwarding classes via the following commands:
    root@SRX> show interfaces ge-0/0/0 extensive 
    
    root@SRX> show class-of-service
    
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search