Configuration for DSCP Preserve Global
Topology
The topology above illustrates the DSCP Preserve Global feature, with PE1 and PE2 serving as the edge routers for L3VPN services, and the P node acting as a transit router between them. Traffic received on PE1 with a user-defined DSCP value, which can be preserved or modified depending on the configuration applied to the ingress PE router.
Figure 69. DSCP Preserve Global
Configure DSCP Preserve and L3VPN Services on PE1 Router
| 1. | Enable QoS Globally: This command enables global QoS functionality, allowing configuration of any QoS-related settings. It is mandatory to enable this feature for any QoS configurations to be effective. |
Copy
PE1(config)#qos enable
PE1(config)#commit| 2. | Configure DSCP Preserve Globally: This command enables preserving the customer's DSCP values across the network. |
Copy
PE1(config)#mpls lsp-encap-dscp-preserve| 3. | Configure QoS profiles or class-map profiles for remarking the incoming customer defined DSCP value to customized DSCP value. |
| • | Method 1: QoS Profile (dscp-to-queue): Use a QoS profile to remap the incoming DSCP value to a user-defined queue and DSCP value. |
Copy
PE1(config)#qos profile dscp-to-queue dscp_profile1
PE1(config-ingress-dscp-map)#dscp 24 queue 3 dscp 32
PE1(config-ingress-dscp-map)#commit
PE1(config-ingress-dscp-map)#exit
PE1(config)#Interface xe0.100
PE1(config-if)#qos map-profile dscp-to-queue dscp_profile1
PE1(config-if)#commit
PE1(config-if)#exit| • | Method 2: Class-Map and Policy-Map: Use class-map and policy-map to match the incoming DSCP value and set a new DSCP value. |
Copy
PE1(config)#class-map type qos match-any class1
PE1(config-qos-match-any)#match dscp 24
PE1(config-qos-match-any)#commit
PE1(config-qos-match-any)#exit
PE1(config)#policy-map type qos pmap1
PE1(config-pmap-qos)#class type qos class1
PE1(config-pmap-qos)#set dscp 32
PE1(config-pmap-qos)#commit
PE1(config-pmap-qos)#exit
PE1(config)#Interface xe0.100
PE1(config-if)#service-policy type qos input pmap1
PE1(config-if)#commit| 4. | Configure EXP Encapsulation on the Egress Interface: Modify the incoming EXP value to a user-defined EXP value for MPLS traffic. |
| • | Example config on Qumran 1: |
Copy
PE1(config)#qos profile exp-encap exp_profile1
PE1(config-egress-exp-encap-map)#l3 dscp 32 exp 5
PE1(config-egress-exp-encap-map)#commit
PE1(config-egress-exp-encap-map)#exit
PE1(config)#interface ce46/3
PE1(config-if)#label-switching
PE1(config-if)#qos map-profile exp-encap exp_profile1
PE1(config-if)#commit
PE1(config-if)#exit| • | Example config on Qumran 2: |
Copy
PE1(config)#qos profile queue-to-exp exp_profile1
PE1(config-egress-queue-exp-map)#queue 3 color all exp 5
PE1(config-egress-queue-exp-map)#commit
PE1(config-egress-queue-exp-map)#exit
PE1(config)#interface ce46/3
PE1(config-if)#label-switching
PE1(config-if)#qos map-profile queue-to-exp exp_profile1
| 5. | Define an IP VRF: Create a VRF with Route Distinguisher (RD) and Route Target (RT) to isolate customer routing information. |
Copy
PE1(config)# ip vrf vrf100
PE1(config-vrf)# rd 1.1.1.1:100
PE1(config-vrf)# route-target both 100:100
PE1(config-vrf)#commit| 6. | Associate Interfaces with VRF: Bind interfaces to the VRF to ensure that the VRF receives the necessary routes. |
Copy
PE1(config)#interface xe0
PE1(config-if)#ip vrf forwarding vrf100
PE1(config-if)#ip address 100.100.100.1/24
PE1(config-if)#exit
PE1(config)#commit| 7. | Configure CE Neighbor for VPN with BGP: Establish a BGP session between the PE router and the CE device, and configure it to advertise routes within the VRF. |
Copy
PE1(config)#router bgp 100
PE1(config-router)# bgp router-id 1.1.1.1
PE1(config-router)#neighbor 3.3.3.3 remote-as 100
PE1(config-router)#neighbor 3.3.3.3 update-source lo
PE1(config-router)#neighbor 3.3.3.3 advertisement-interval 0
PE1(config-router)#address-family ipv4 unicast
PE1(config-router-af)# network 1.1.1.1/32
PE1(config-router-af)#exit-address-family
PE1(config-router)#address-family vpnv4 unicast
PE1(config-router-af)# neighbor 3.3.3.3 activate
PE1(config-router-af)#exit-address-family
PE1(config-router)#address-family ipv4 vrf vrf100
PE1(config-router-af)#redistribute connected
PE1(config-router-af)#neighbor 100.100.100.2 remote-as 100
PE1(config-router-af)#neighbor 100.100.100.2 activate
PE1(config-router-af)#exit-address-family
PE1(config-router)#commitRunning Configuration on PE1 Router is as follows:
Copy
PE1#show running-config
!
! Software version: UFI_S9600-56DX-OcNOS-SP-PLUS-6.5.3.80-Alpha 10/07/2024 14:38:44
!
! Last configuration change at 02:55:39 UTC Tue Oct 15 2024 by root
!
feature netconf-ssh vrf management
feature netconf-tls vrf management
no feature netconf-ssh
no feature netconf-tls
service password-encryption
!
snmp-server enable traps link linkDown
snmp-server enable traps link linkUp
!
hardware-profile filter qos-ext enable
hardware-profile statistics voq-full-color enable
hardware-profile statistics cfm-ccm disable
hardware-profile port-config mode3
!
qos enable
!
qos profile dscp-to-queue dscp_profile1
dscp 24 queue 3 dscp 32
qos profile queue-to-exp exp_profile1
queue 3 color all exp 5
!
mpls lsp-encap-dscp-preserve
!
hostname PE1
port ce46 breakout 4X10g
no ip domain-lookup
ip domain-lookup vrf management
tfo Disable
errdisable cause stp-bpdu-guard
no feature telnet vrf management
no feature telnet
feature ssh vrf management
no feature ssh
feature dns relay
ip dns relay
ipv6 dns relay
feature ntp vrf management
ntp enable vrf management
!
ip vrf management
!
ip vrf vrf100
rd 1.1.1.1:100
route-target both 100:100
!
router ldp
targeted-peer ipv4 3.3.3.3
exit-targeted-peer-mode
transport-address ipv4 1.1.1.1
!
router rsvp
!
interface ce46/3
load-interval 30
ip address 10.10.10.1/24
mtu 9216
label-switching
enable-ldp ipv4
enable-rsvp
!
interface eth0
ip vrf forwarding management
ip address dhcp
!
interface lo
ip address 127.0.0.1/8
ip address 1.1.1.1/32 secondary
ipv6 address ::1/128
!
interface lo.management
ip vrf forwarding management
ip address 127.0.0.1/8
ipv6 address ::1/128
!
exit
!
router ospf 100
ospf router-id 1.1.1.1
network 1.1.1.1/32 area 0.0.0.0
network 10.10.10.0/24 area 0.0.0.0
!
router bgp 100
bgp router-id 1.1.1.1
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo
neighbor 3.3.3.3 advertisement-interval 0
!
address-family ipv4 unicast
network 1.1.1.1/32
exit-address-family
!
address-family vpnv4 unicast
neighbor 3.3.3.3 activate
exit-address-family
!
address-family ipv4 vrf vrf100
redistribute connected
neighbor 100.100.100.2 remote-as 100
neighbor 100.100.100.2 activate
exit-address-family
!
exit
!
line console 0
exec-timeout 0
!
!
end
PE1# Running Configuration on P Router is as follows:
Copy
P#show running-config
!
! Software version: EC_AS5912-54X-OcNOS-SP-MPLS-6.6.0.104-Alpha 10/13/2024 21:38:49
!
! Last configuration change at 02:00:52 UTC Tue Oct 15 2024 by root
!
feature netconf-ssh vrf management
feature netconf-tls vrf management
no feature netconf-ssh
no feature netconf-tls
service password-encryption
!
snmp-server enable traps link linkDown
snmp-server enable traps link linkUp
!
hardware-profile statistics ingress-acl enable
!
qos enable
!
hostname P
no ip domain-lookup
ip domain-lookup vrf management
tfo Disable
errdisable cause stp-bpdu-guard
no feature telnet vrf management
no feature telnet
feature ssh vrf management
no feature ssh
feature dns relay
ip dns relay
ipv6 dns relay
feature ntp vrf management
ntp enable vrf management
!
ip vrf management
!
router ldp
transport-address ipv4 2.2.2.2
!
router rsvp
!
interface eth0
ip vrf forwarding management
ip address dhcp
!
interface lo
ip address 127.0.0.1/8
ip address 2.2.2.2/32 secondary
ipv6 address ::1/128
!
interface lo.management
ip vrf forwarding management
ip address 127.0.0.1/8
ipv6 address ::1/128
!
interface xe1
load-interval 30
ip address 10.10.10.2/24
mtu 9216
label-switching
enable-ldp ipv4
enable-rsvp
!
interface xe9
load-interval 30
ip address 20.20.20.2/24
mtu 9216
label-switching
enable-ldp ipv4
enable-rsvp
!
exit
!
router ospf 100
ospf router-id 2.2.2.2
network 2.2.2.2/32 area 0.0.0.0
network 10.10.10.0/24 area 0.0.0.0
network 20.20.20.0/24 area 0.0.0.0
!
line console 0
exec-timeout 0
!
!
end
P#Running Configuration on PE2 Router is as follows:
Copy
PE2#show running-config
!
! Software version: EC_AS7316-26XB-OcNOS-CSR-6.5.3.81-Alpha 10/08/2024 14:39:39
!
! Last configuration change at 07:33:31 UTC Tue Oct 15 2024 by root
!
feature netconf-ssh vrf management
feature netconf-tls vrf management
no feature netconf-ssh
no feature netconf-tls
service password-encryption
!
snmp-server enable traps link linkDown
snmp-server enable traps link linkUp
!
hardware-profile statistics ingress-acl enable
!
qos enable
!
hostname PE2
no ip domain-lookup
ip domain-lookup vrf management
tfo Disable
errdisable cause stp-bpdu-guard
no feature telnet vrf management
no feature telnet
feature ssh vrf management
no feature ssh
feature dns relay
ip dns relay
ipv6 dns relay
feature ntp vrf management
ntp enable vrf management
!
ip vrf management
!
ip vrf vrf100
rd 3.3.3.3:100
route-target both 100:100
!
router ldp
!
router rsvp
!
interface ce0
!
interface ce1
!
interface eth0
ip vrf forwarding management
ip address dhcp
!
interface lo
ip address 127.0.0.1/8
ip address 3.3.3.3/32 secondary
ipv6 address ::1/128
!
interface lo.management
ip vrf forwarding management
ip address 127.0.0.1/8
ipv6 address ::1/128
!
interface xe4.100
encapsulation dot1q 100
load-interval 30
ip vrf forwarding vrf100
ip address 200.200.200.1/24
mtu 9216
!
interface xe9
load-interval 30
ip address 20.20.20.1/24
mtu 9216
label-switching
enable-ldp ipv4
!
exit
!
router ospf 100
ospf router-id 3.3.3.3
network 3.3.3.3/32 area 0.0.0.0
network 20.20.20.0/24 area 0.0.0.0
!
router bgp 100
bgp router-id 3.3.3.3
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source lo
neighbor 1.1.1.1 advertisement-interval 0
!
address-family ipv4 unicast
network 3.3.3.3/32
exit-address-family
!
address-family vpnv4 unicast
neighbor 1.1.1.1 activate
exit-address-family
!
address-family ipv4 vrf vrf100
redistribute connected
neighbor 200.200.200.2 remote-as 100
neighbor 200.200.200.2 activate
exit-address-family
!
exit
!
line console 0
exec-timeout 0
!
!
end
PE2#