From: Aidan Marks (aidan@cisco.com)
Date: Wed Dec 10 2003 - 05:46:27 GMT-3
At 06:38 PM 10/12/2003, Michael Snyder wrote:
>One of the first things that came up after I learned the relationship
>between (Precedence TOS) and DSCP, was Scott Morris asking me what I
>would use it for. After thinking about it, I came up with a lab
>requirement that has a real world use!
A side note - EF could not be used for real world control plane traffic
(but play with it all you like in the lab) as precedence 6 or 7 must be
used or you will break SPD.
Aidan
>Requirement - Router originated telnet traffic should have a dscp of EF.
>
>Kicker - Do this without using any interface commands.
>
>Solution -
>
>R7
>
>ip local policy route-map setdscp
>!
>access-list 100 permit tcp any any eq telnet
>
>route-map setdscp permit 10
> description EF bit pattern 101 110 = P5 T12
> match ip address 100
> set ip precedence critical
> set ip tos 12
>
>Proof of Working Solution
>
>R8 (with dscp acl I have posted at end of email.)
>
>interface Serial0
> ip address 150.50.101.2 255.255.255.252
> ip access-group 110 in
> ip router isis
> encapsulation ppp
> no peer neighbor-route
> no fair-queue
> service-module 56k clock source internal
>
>
>R8#clear access-list counters
>
>R8#show access-lists
>Extended IP access list 110
> permit ip any any dscp default
> permit ip any any dscp 1
> permit ip any any dscp 2
> permit ip any any dscp 3
> permit ip any any dscp 4
> permit ip any any dscp 5
> permit ip any any dscp 6
> permit ip any any dscp 7
> permit ip any any dscp cs1
> permit ip any any dscp 9
> permit ip any any dscp af11
> permit ip any any dscp 11
> permit ip any any dscp af12
> permit ip any any dscp 13
> permit ip any any dscp af13
> permit ip any any dscp 15
> permit ip any any dscp cs2
> permit ip any any dscp 17
> permit ip any any dscp af21
> permit ip any any dscp 19
> permit ip any any dscp af22
> permit ip any any dscp 21
> permit ip any any dscp af23
> permit ip any any dscp 23
> permit ip any any dscp cs3
> permit ip any any dscp 25
> permit ip any any dscp af31
> permit ip any any dscp 27
> permit ip any any dscp af32
> permit ip any any dscp 29
> permit ip any any dscp af33
> permit ip any any dscp 31
> permit ip any any dscp cs4
> permit ip any any dscp 33
> permit ip any any dscp af41
> permit ip any any dscp 35
> permit ip any any dscp af42
> permit ip any any dscp 37
> permit ip any any dscp af43
> permit ip any any dscp 39
> permit ip any any dscp cs5
> permit ip any any dscp 41
> permit ip any any dscp 42
> permit ip any any dscp 43
> permit ip any any dscp 44
> permit ip any any dscp 45
> permit ip any any dscp ef (42 matches)
> permit ip any any dscp 47
> permit ip any any dscp cs6
> permit ip any any dscp 49
> permit ip any any dscp 50
> permit ip any any dscp 51
> permit ip any any dscp 52
> permit ip any any dscp 53
> permit ip any any dscp 54
> permit ip any any dscp 55
> permit ip any any dscp cs7
> permit ip any any dscp 57
> permit ip any any dscp 58
> permit ip any any dscp 59
> permit ip any any dscp 60
> permit ip any any dscp 61
> permit ip any any dscp 62
> permit ip any any dscp 63
>R8#
>
>
>So using a route-map with the ip local policy, we can set any dcsp for
>router traffic as we wish. VPN, Voice, Rip, Ping all comes to mind.
>Not sure all those protocols have DSCP bits, but if they do, we can set
>them.
>
>What is the relation ship between DSCP and Precedence-TOS?
>
>Well, dscp is a 6 bit value, to covert it we need to pad it with a
>leading zero and ending zero to the value. I'll do it step by step.
>
>1) ef expedited forwarding bit pattern 101110
>
>Prepend and append a zero to bring it to eight bits.
>
>2) 0101 1100
>
>Now read the first four bits in hex, that's the Precedence.
>Read the second four bits in hex, that is the TOS.
>
>3) 0x5= decimal 5, 0xC= decimal 12
>
>Now just plug them into the route-map
>
>R7(config)#route-map setdscp permit 10
>R7(config-route-map)#set ip pr
>R7(config-route-map)#set ip precedence 5
>R7(config-route-map)#set ip tos 12
>R7(config-route-map)#
>
>Show run
>route-map setdscp permit 10
> set ip precedence critical
> set ip tos 12
>
>
>
>That's it. It's a very simple relationship; if you can read hex. If
>you can't read hex, I've posted the basic table at the end of this
>email. Anybody that tells you that you can't set dscp in a route-map is
>mistaken. It can be done, and there's some places where's it's the only
>choice (such as in `ip local policy`).
>
>BTW, thanks Scott for pointing me in the right direction.
>
>
>
>From: Scott Morris [mailto:swm@emanon.com]
>Sent: Sunday, November 16, 2003 1:59 PM
>To: 'Michael Snyder'; ccielab@groupstudy.com
>Subject: RE: routemap to set dcsp
>
>Ok, that would likely to something there, but why not just set ip dscp?
>You can't do this in a route-map, but in the policy-map you could do
>that.
>
>But otherwise, yet... 101 and 1100 would suffice to set the appropriate
>bits.
>
>For others wondering where the heck that all came from, RFC 1349 breaks
>things down a little differently for the 8-bit ToS field where the first
>three bits are still IP Precedence, then the next four bits are called
>tos bits and the last bit is called MBZ (Must Be Zero). Who ever said
>engineers didn't have a sense of humor? :)
>
>As for viewing them, not really... Other than setting up an access-list
>that permits things with a dscp value of EF and looking at the number of
>matches.
>
>Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713,
>CISSP, JNCIS, et al. IPExpert CCIE Program Manager IPExpert Sr.
>Technical Instructor swm@emanon.com/smorris@ipexpert.net
>http://www.ipexpert.net
>
>
>
>access-list 110 permit ip any any dscp default
>access-list 110 permit ip any any dscp 1
>access-list 110 permit ip any any dscp 2
>access-list 110 permit ip any any dscp 3
>access-list 110 permit ip any any dscp 4
>access-list 110 permit ip any any dscp 5
>access-list 110 permit ip any any dscp 6
>access-list 110 permit ip any any dscp 7
>access-list 110 permit ip any any dscp cs1
>access-list 110 permit ip any any dscp 9
>access-list 110 permit ip any any dscp af11
>access-list 110 permit ip any any dscp 11
>access-list 110 permit ip any any dscp af12
>access-list 110 permit ip any any dscp 13
>access-list 110 permit ip any any dscp af13
>access-list 110 permit ip any any dscp 15
>access-list 110 permit ip any any dscp cs2
>access-list 110 permit ip any any dscp 17
>access-list 110 permit ip any any dscp af21
>access-list 110 permit ip any any dscp 19
>access-list 110 permit ip any any dscp af22
>access-list 110 permit ip any any dscp 21
>access-list 110 permit ip any any dscp af23
>access-list 110 permit ip any any dscp 23
>access-list 110 permit ip any any dscp cs3
>access-list 110 permit ip any any dscp 25
>access-list 110 permit ip any any dscp af31
>access-list 110 permit ip any any dscp 27
>access-list 110 permit ip any any dscp af32
>access-list 110 permit ip any any dscp 29
>access-list 110 permit ip any any dscp af33
>access-list 110 permit ip any any dscp 31
>access-list 110 permit ip any any dscp cs4
>access-list 110 permit ip any any dscp 33
>access-list 110 permit ip any any dscp af41
>access-list 110 permit ip any any dscp 35
>access-list 110 permit ip any any dscp af42
>access-list 110 permit ip any any dscp 37
>access-list 110 permit ip any any dscp af43
>access-list 110 permit ip any any dscp 39
>access-list 110 permit ip any any dscp cs5
>access-list 110 permit ip any any dscp 41
>access-list 110 permit ip any any dscp 42
>access-list 110 permit ip any any dscp 43
>access-list 110 permit ip any any dscp 44
>access-list 110 permit ip any any dscp 45
>access-list 110 permit ip any any dscp ef
>access-list 110 permit ip any any dscp 47
>access-list 110 permit ip any any dscp cs6
>access-list 110 permit ip any any dscp 49
>access-list 110 permit ip any any dscp 50
>access-list 110 permit ip any any dscp 51
>access-list 110 permit ip any any dscp 52
>access-list 110 permit ip any any dscp 53
>access-list 110 permit ip any any dscp 54
>access-list 110 permit ip any any dscp 55
>access-list 110 permit ip any any dscp cs7
>access-list 110 permit ip any any dscp 57
>access-list 110 permit ip any any dscp 58
>access-list 110 permit ip any any dscp 59
>access-list 110 permit ip any any dscp 60
>access-list 110 permit ip any any dscp 61
>access-list 110 permit ip any any dscp 62
>access-list 110 permit ip any any dscp 63
>
>
>
> af11 assured forwarding (af11) bit pattern 001 010 = P1 T4
> af12 assured forwarding (af12) bit pattern 001 100 = P1 T8
> af13 assured forwarding (af13) bit pattern 001 110 = P1 T12
>
> af21 assured forwarding (af21) bit pattern 010 010 = P2 T4
> af22 assured forwarding (af22) bit pattern 010 100 = P2 T8
> af23 assured forwarding (af23) bit pattern 010 110 = P2 T12
>
> af31 assured forwarding (af31) bit pattern 011 010 = P3 T4
> af32 assured forwarding (af32) bit pattern 011 100 = P3 T8
> af33 assured forwarding (af33) bit pattern 011 110 = P3 T12
>
> af41 assured forwarding (af41) bit pattern 100 010 = P4 T4
> af42 assured forwarding (af42) bit pattern 100 100 = P4 T8
> af43 assured forwarding (af43) bit pattern 100 110 = P4 T12
>
> cs1 class selector codepoint 1 (precedence 1) 001 = P1 T0
> cs2 class selector codepoint 2 (precedence 2) 010 = P2 T0
> cs3 class selector codepoint 3 (precedence 3) 011 = P3 T0
> cs4 class selector codepoint 4 (precedence 4) 100 = P4 T0
> cs5 class selector codepoint 5 (precedence 5) 101 = P5 T0
> cs6 class selector codepoint 6 (precedence 6) 110 = P6 T0
> cs7 class selector codepoint 7 (precedence 7) 111 = P7 T0
>
> ef expedited forwarding bit pattern 101 110 = P 5 T 12
>
>_______________________________________________________________________
>Please help support GroupStudy by purchasing your study materials from:
>http://shop.groupstudy.com
>
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Jan 03 2004 - 08:25:38 GMT-3