This document describes the TOS/DiffServe feature. It has the following sections:
Introducing TOS/DiffServe
How DiffServe Works
DiffServe Configuration Tips
Example DiffServe Configuration
Steps to Implement Example DiffServe Policy
New and Modified IP Filter Commands
Introducing TOS/DiffServe
The purpose of TOS/DiffServe is to provide a means for IP routers and hosts to differentiate among various classes of IP traffic in order to control Quality of Service (QOS) characteristics such as latency, bandwidth, and packet dropping strategies. QOS lets you provide different service levels for different types of traffic.
The term TOS/DiffServe refers to the definition and interpretation of the field in the IP header originally called Type of Service (TOS) and more recently redefined as the DiffServe Code Point (DSCP) field.
DiffServe RFC Compliance
OpenROUTE software provides a useful set of features that conform to the DiffServe RFCs for the purpose of providing multiple levels of service quality to data arriving at and exiting the router.
OpenROUTE software supports the differentiated services that the following RFCs require.
[ARCH] An Architecture for Differentiated Services, RFC 2475, December 1998.
[DSFIELD] Definition of the Differentiated Services Field (DS Field), RFC 2474, December 1998.
How OpenROUTE QOS Features Differ from RFC Recommendations
OpenROUTE software currently does not fully implement the Assured Forwarding classes defined in RFC 2597. However, you can configure OpenROUTE software for similar service. OpenROUTE supports the reserved bandwidth, but not the reserved buffer allocation that Assured Forwarding requires.
Terminology and Acronyms
This document uses the following terms and acronyms
How DiffServe Works
The IP Dynamic Filters (IPDF), Bandwidth Reservation System (BRS), and Ethernet Quality of Service (Ethernet QOS) features support the DiffServe concept.
IPDF can detect and rewrite the TOS/DiffServe field in the IP header. IPDF provides syntax for treating the old-style, 3-bit Precedence field (PREC), as well as syntax for treating the 6-bit DiffServe field (DSCP). The Precedence field is also called the Class Selector (CS).
BRS lets you allocate the bandwidth of an interface among a number of user-defined classes. BRS uses these classes to apply preferred treatment to some packets over others. BRS can use buffer tags assigned in IPDF to assign packets to its traffic classes.
Ethernet QOS lets you add user priority information from the DSCP field to frames carried on media access control (MAC) bridges, and to add user priority information from MAC frames to the DSCP field. This makes it possible to send priority information over bridges that have no ability to signal priority information at the MAC protocol level.
Using IPDF to Classify Packets
IPDF is designed to be a packet classifier. Its principal intent is to provide filtering rules for implementing IP firewall policies. By extending the IPDF set of classifying rules to include the DSCP/PREC field, IPDF also can act as a DiffServe packet classifier.
The IPDF Tag facility allows a packet buffer to remember a classification that IPDF makes. An IPDF rule can set a buffer's tag. As the buffer moves through the router, this tag is preserved and the BRS feature can detect the tag.
IPDF Profiles
IPDF rule sets, called profiles, are associated with a router interface. Each interface may have any number of profiles and each profile may encompass any number of rules. IPDF profiles can examine and act on both incoming and outgoing traffic. IPDF rules can classify a packet by any combination of the following:
DIR: Direction (inbound, outbound, or both)
PROTOCOL: Protocol (TCP, UDP, ICMP, etc.)
PTYPE: Recognizes some specific TCP and ICMP packet types.
SA or SOURCE: Source IP address
DA or DESTINATION: Destination IP address
SPORT: Source port number
DPORT: Destination port number
isPREC: Precedence value (Class Selector)
isDSCP: DSCP value, also called Codepoint
isTAG: recognizes packets the IPDF previously Tagged
DSCP: rewrite 6-bit DSCP (codepoint) value
PREC: rewrite 3-bit Precedence value (the Class Selector subset of DSCP)
Marking inbound packets is appropriate for interfaces where the peer sending the packet is not trusted, and the DSCP field needs to be rendered consistent with the router's operational policy. It is also useful when the peer is sending priority information in a MAC frame, and the priority needs to be conveyed as a DSCP value with the packet through the router.
Marking outbound packets is useful when the router is at the border of a network and must alter the DSCP field to meet the policies of the targeted peer in another DiffServe domain.
IP Dynamic Filters (IPDF)
IPDF allows these actions:
Pass—Pass inbound packets to the routing engine and outbound packets to the transmitting interface. Does not compare the packet to any other filters.
Ignore—Does not make a decision about passing or blocking the packet. The software continues to compare the packet to other filters in the profile.
Block—Drops the packet and does not compare the packet to any other filters.
The router applies BRS policies immediately before sending the packet to the outbound interface for transmission. BRS implements its own set of filters for recognizing packets. Most of these filters are redundant with those of IPDF. The exception is the BRS buffer tag recognizer. BRS can use buffer tags assigned in IPDF to assign packets to its traffic classes.
Two classes of service are mandatory: LOCAL and DEFAULT.
The LOCAL class is for packets the router itself generates. Its purpose is the reservation of bandwidth for routing protocols and other administrative traffic that originates on the router. It permits the router to do its job even in the face of overloaded interfaces.
The DEFAULT class is the classic "best effort" service. Any packet not assigned to a user-defined class or the LOCAL class is assigned to the DEFAULT class.
Ethernet Quality of Service (QOS)
Ethernet QOS implements mapping between MAC user_priority values and DSCP or Precedence values over virtual LANs to implement interoperability with switches that support IEEE 802.1 standards. In combination with an IP filter policy and bandwidth reservation system, the DSCP value can determine the priority of Ethernet traffic in the network.
For inbound traffic, the router can map an incoming MAC packet user_priority (or range of user_priorities) to an IP DSCP value, and Ethernet QOS applies the new IP DSCP value to the IP header. When the packet reaches IP Filters, a filter can test the header for a match to an IP DSCP value and apply a tag to the buffer. Based in the tag, BRS can assign the packet to a bandwidth class.
For outbound traffic, IP Filter can test the IP packet for a match to an outgoing filter that assigns a DSCP value to the packet. When the packet reaches the MAC layer, the router can map the DSCP value (or range of DSCP values) to a MAC user_priority value. Ethernet QOS applies the new MAC user_priority to the MAC header.
You can enable and disable inbound and outbound mapping separately on a per interface basis. This is useful in the case where a DSCP value is already assigned to the IP header, and you wish to disable MAC user_priority to DSCP mapping for inbound traffic. You can still enable outbound mapping for the interface to translate the DSCP priority to a user priority for the MAC header.
DiffServe Configuration Tips
Using IPDF for DiffServe and Firewall
Since you can use the IPDF feature both as a Firewall and a DiffServe classifier and marker, we advise careful planning of your IPDF profiles and filter structure. Organizing IPDF filter rules into profiles by general functional classes is a good idea. It lets you treat profiles as a library of filters that you can apply as needed to various interfaces. The following examples use this approach.
IPDF rules for classifying, marking, and remarking packets usually use the Ignore action, which causes IPDF to continue the analysis of the packet with the next rule. This allows single profiles that can classify, mark, and then tag packets by applying a series of filters.
Using DiffServe with IPSEC Tunnels
IPSec packets arriving at the router consist of an outer IP header and an inner, possibly encrypted, IP packet payload.
When the router is an IPSec tunnel endpoint, it decrypts, authenticates, and decompresses the inner IP packet and then presents it to the routing engine as though it had arrived on an ordinary physical interface.
The important thing to note is that since the packet may have originated in a router on a network with different DiffServe policies than the local router, the packets must be treated as though they are arriving at a border router, even if the local router is not physically at the border of its DiffServe domain.
IPSec profiles has an option that causes the IPDF filters on the interface upon which the IPSec packet arrived to be applied to the inner IP packet after decapsulation. By this means, the DiffServe policy may be applied to tunnelled packets.
If you do set up IPSec to apply IP filters to a peer, the router applies filters to the application IP header, which is the inner IP header, and not to IPSec headers. IPSec and IP filters work together in this way,
For inbound traffic, IPSec processes the traffic first so that filters are applied to the inner IP packet after IPSec encapsulation is removed.
For outbound traffic, IP filters are applied to a packet before IPSec processes the packet. Thus, IPSec protection is wrapped around packets.
The purpose of the DiffServe policy is to provide preferred treatment to Voice over IP (VoIP) traffic. The example has two domains. The two domains communicate via PPP over the WAN link.
Domain One uses DiffServe. It has a 3000 Series router that has an Ethernet interface (0), a WAN interface (1) and a built-in Voice module (2). In this example, we will configure the 3000 Series router in Domain One.
Domain Two is a neighbor network that uses the older, TOS IP Precedence scheme.
Classes of Service
The following illustration shows the classes of service provided to the two domains in this example.
Classes of Service in Policy Domain One
Domain One uses DiffServe to classify and prioritize traffic. This policy shall have two classes of service:
Real-time traffic, including Voice over IP (VoIP) traffic, is authorized to use the EF codepoint.
Classes of Service in Policy Domain Two
Domain Two uses the older, TOS IP Precedence scheme to classify and prioritize traffic. This policy shall have two classes of service:
IP Precedence of 5 is assigned to voice traffic to provide preferred treatment to that traffic.
Default IP Precedence of zero (0) is assigned to all other traffic.
| Profile Name | Description |
|---|---|
| mark_local | Change incoming packets' DSCP values to be consistent with local policy. |
| mark_foreign | Translate foreign network's policy into our own. |
| classifier | Apply buffer tags to packets based on DSCP and other values. |
| firewall | Block or pass packets as determined by the security policy. |
| trace | Generate ELS messages to trace traffic flow, DSCP, and tag changes. |
The following illustration shows how these profiles are applied to the router interfaces in Domain One.
This profile resides on the Voice module interface and on the LAN interface. It examines incoming packets and ensures that they conform with the local DiffServe policy, which means the profile marks voice traffic with a DSCP
of 46.
Note that all time-critical traffic to and from the Voice module is in UDP packets, which are the only significant use of UDP packets the Voice
module has.
The mark_local profile has the following filters:
Profile mark_foreign
The mark_foreign profile resides on the PPP WAN link. It is used to translate our neighbor network's TOS-based scheme into our own DiffServe scheme. Note that on outbound rules, if the packet has DSCP of zero, its PREC is already zero, as PREC is just the first 3 bits of DSCP.
The mark_foreign profile has the following filters:
Profile classifier
The classifier profile resides on all interfaces. It appears after the mark_local and mark_foreign profiles have marked packets' DSCP.
The classifier profile assigns buffer tags to packets. Buffer tags have only local meaning within the OpenROUTE software. The BRS feature uses the tags to assign packets to BRS traffic classes which, in turn, provide the differential treatment required by DiffServe. Receiving interfaces automatically untag buffers.
The filters in this profile tag all default traffic with tag 1 and tag all EF traffic with tag 10.
The classifier profile has the following filters:
Profile trace
The trace profile contains a filter that causes the Event Logging System (ELS) to generate messages. It resides on all router interfaces, and it appears after the marking and classifying profiles.
You can use trace to log the flow of packets through the system and to observe changes in DSCP and tag values. This is useful for debugging and verification operations.
Since trace can potentially generate vast amounts of ELS messages, it is usually useful only under controlled conditions. Its definition is included here to demonstrate the tracing of DSCP and tag values using ELS. You can disable these messages in IPDF without removing the filter from the active configuration. To do so, use the set filter trace.dump els = off command.
The trace profile has the following filters:
Profile firewall
The firewall profile is the place to put any rules that block or pass traffic according to a security policy.
For our example, the security policy admits all traffic. It resides on all router interfaces and it is the last profile attached to each interface. It is necessary because the default behavior for a profile is to Block (discard) packets that do not match a filter that has the action Pass.
The firewall profile's rules are to pass all inbound packets on to the router's forwarder, and pass all outbound packets on to the router's transmitters.
The firewall profile has the following filters:
Assigning Profiles to Interfaces
This section shows how to attach the profiles in the previous section to each interface.
To Interface 0, the local LAN interface, assign profiles in this order:
BRS on Interface 0 (Ethernet)
By default, BRS gives traffic in the LOCAL class 10% of the bandwidth using NORMAL priority. Configure the remainder of the bandwidth as follows:
Assign 40% bandwidth to the DEFAULT class with NORMAL priority. Untagged traffic is queued in the DEFAULT class.
Add a class called EF and assign the remaining 50% bandwidth to the EF class.
Assign TAG10 to the EF class and assign a HIGH priority to the class, thus giving the traffic tagged with buffer tag 10 the preferential treatment our policy requires.
BRS on Interface 2 (Voice Module)
The link to the internal Voice module is a Frame Relay link with all data run over a single PVC with the DLCI 16. BRS over Frame Relay configuration is a little more complicated than BRS over PPP or Ethernet. The reason is that you need to define BRS parameters at both the top, aggregate level and on the individual DLCIs.
At the top level, assign DLCI 16 to the DEFAULT class and give DEFAULT 90% of the aggregate bandwidth.
At the CIRCUIT 16 level, configure BRS as for Interface 0 and Interface 1.
Configuring Event Logging
Turning on ELS messages and observing the router's behavior is the way to tell whether things are working correctly. Filters in IPDF can generate very useful ELS information. ELS messages in BRS can confirm that packets are being queued in the proper classes with the proper priority.
The IPDF ELS=<n> keyword, as used in the trace profile described above, produces ELS messages denoted "FLT.<10+n> for 1 <= n <= 10."
Be sure to configure ELS to display these messages if you want to see them. See Turning on ELS Messages.
Entering Commands
It is wise to save a backup of the configuration in either the router's local memory or on an external TFTP server before you change your configuration. You can do so at the Boot configuration prompt.
Config>boot
TFTP Boot/dump configuration
Boot config>
Config> prompts so that service is not interrupted while you are entering the new configuration. Your new configuration does not take affect until you restart the router.
Using the Monitor Prompts
You can also enter the Filter and ELS commands at the Monitor> prompts, but each change takes effect immediately, possibly affecting the operation of the router adversely. Once a configuration is up and running, using the MONITR process to make minor alterations is useful.
If you do enter commands at the Monitor> prompts, be sure to save each subsystem's changes before restarting the router, or they will be lost. If you are working in the Monitor process, you can revert to your saved configuration using the revert command or by restarting the router without first saving your changes.
Steps to Implement Example DiffServe Policy
The following sections show how to implement the policy described in the preceding sections. Specifically, it covers the following tasks:
0) Ethernet LAN, 1) PPP WAN to the neighbor network, and 2) Internal Voice module. The Voice module in this example uses IP address 192.168.1.10. Creating IPDF Profiles and Filters
Display the IP Filter configuration prompt.
*config
Config>PROTOCOL ip
Internet protocol user configuration
IP config>filters
IP Filters Config>
IP Filters Config>add profile mark_local
IP Filters Config>add filter mark_local.dscp dir=in isdscp = 0-45,47-63 dscp=0 action=ignore
IP Filters Config>add filter mark_local.from_voice dir = in
sa = 192.168.1.10 protocol = udp dscp = 46 action = Ignore
IP Filters Config>add filter mark_local.to_voice dir = in
da = 192.168.1.10 protocol = udp dscp = 46 action = Ignore
IP Filters Config>add profile mark_foreign
IP Filters Config>add filter mark_foreign.from_prec5 dir=in isprec=5 dscp=46 action=Ignore
IP Filters Config>add filter mark_foreign.not_ef dir=in isprec=0-4,6-7 dscp=0 action=ignore
IP Filters Config>add profile classifier
IP Filters Config>add filter classifier.default dir=out tag=1 action=Ignore
IP Filters Config>add filter classifier.ef dir=out isdscp=46 tag=10 action=Ignore
IP Filters Config>add profile firewall
IP Filters Config>add filter firewall.null dir=both action=pass
IP Filters Config>add profile trace
IP Filters Config>add filter trace.dump dir=both els=1 action=ignore elstext="DUMP: %i-%d %:a --> %:A TAG=%g DS=%C"
IP Filters Config>set interface 0 profiles = mark_local,classifier,trace,firewall
IP Filters Config>set interface 1 profiles =mark_foreign,classifier,trace,firewall
IP Filters Config>set interface 2 profiles = mark_local,classifier,trace,firewall
*config
Gateway user configuration
Config>network 0
Ethernet interface configuration
ETH config>brs
Bandwidth Reservation User Configuration
BRS Config <Ethernet1> enable
Please restart router for this command to take effect.
BRS Config <Ethernet1> exit
ETH config>exit
Config>
Config>NETWORK 1
Circuit Configuration
Circuit Config <NET-1> brs
Bandwidth Reservation User Configuration
BRS Config <WAN1> enable
Please restart router for this command to take effect.
BRS Config <WAN1> exit
Circuit Config <NET-1> exit
Config>
Config>NETWORK 2
Circuit Configuration
Circuit Config <NET-2> brs
Bandwidth Reservation User Configuration
BRS Config <NET-2> enable
Please restart router for this command to take effect.
BRS Config <WAN2> circuit
Circuit to reserve bandwidth [16]?
BRS Config <dlci 16>enable
Please restart router for this command to take effect.
BRS Config <dlci 16>exit
BRS Config <WAN2> exit
Circuit Config <NET-2> exit
Config>
Config> <
CTRL-P>*restart
Are you sure you want to restart the gateway? (Yes or [No]): yes
Note:
Class names are case sensitive.
Config>NETWORK 0
Ethernet interface configuration
ETH config>brs
Bandwidth Reservation User Configuration
BRS Config <Ethernet1> add-class EF 50
BRS Config <Ethernet1> assign TAG10 EF high
BRS Config <Ethernet1> change-class DEFAULT 40
BRS Config <Ethernet1> default-class DEFAULT normal
BRS Config <Ethernet1> exit
ETH config>exit
Config>
Config>NETWORK 1
Ethernet interface configuration
ETH config>brs
Bandwidth Reservation User Configuration
BRS Config <Ethernet2> add-class EF 50
BRS Config <Ethernet2> assign TAG10 EF high
BRS Config <Ethernet2> change-class DEFAULT 40
BRS Config <Ethernet2> default-class DEFAULT normal
BRS Config <Ethernet2> exit
ETH config>exit
Config>
Config>NETWORK 2
Circuit Configuration
Circuit Config <NET-2> brs
Bandwidth Reservation User Configuration
BRS Config <WAN2> assign-circuit 16 DEFAULT
BRS Config <WAN2> change-circuit-class DEFAULT 90
BRS Config <WAN2> circuit
Circuit to reserve bandwidth [16]?
BRS Config <dlci 16>add-class EF 50
BRS Config <dlci 16>assign TAG10 EF high
BRS Config <dlci 16>change-class DEFAULT 40
BRS Config <dlci 16>default-class DEFAULT normal
BRS Config <dlci 16>exit
BRS Config <WAN2> exit
Circuit Config <NET-2> exit
Config>
Config>event
Event Logging System user configuration
ELS config>display event flt.11
ELS config> display subsystem flt all
ELS config> display subsystem brs all
Restarting the Router
To get your new configuration to take effect in the running router, you need to restart the router.
*restartConfig> <CTRL-P>
Are you sure you want to restart the gateway? (Yes or [No]): yes
Displaying Your IP Filter Configuration
Once you have restarted the router, you can display your IP filters as follows:
*config
Config>PROTOCOL ip
Internet protocol user configuration
IP config>filters
IP Filters Config>list interface
Listing Interface Information
Interface Attached Profiles
--------------------------------
0 mark_local
classifier
trace
firewall
1 mark_foreign
classifier
trace
firewall
2 mark_local
classifier
trace
firewall
Listing Filters Attached to Interface 0
Name Dir Address Port Protocol Idle
Action
-----------------------------------------------------------------------
mark_local.dscp In isDscp=0-45 Any dscp=0 Off
isDscp=47-63 Ignore
mark_local.voice In sa=192.168.1.10 UDP dscp=46
da=192.168.1.10 Ignore Off
classifier.default Out Any Tag=1 Off
Ignore
classifier.ef Out isDscp=46 Any Tag=10 Off
Ignore
trace.dump Both Any Ignore Off
ELS Event=1
ELS Text="Dump: %i-%d %:a --> %:A TAG=%g DS=%C"
firewall.null Both Any Pass Off
Listing Filters Attached to Interface 1
Name Dir Address Port Protocol Idle
Action
-----------------------------------------------------------------------
mark_foreign.from_prec5 In isPrec=ExpressFwd(5) Any dscp=46
Ignore Off
mark_foreign.not_ef In isPrec=0-4 Any dscp=0 Off
isPrec=6-7 Ignore
mark_foreign.to_prec5 Out isDscp=46 Any Prec=Express
Fwd(5) Ignore Off
classifier.default Out Any Tag=1 Off
Ignore
classifier.ef Out isDscp=46 Any Tag=10 Off
Ignore
trace.dump Both Any Ignore Off
ELS Event=1
ELS Text="Dump: %i-%d %:a --> %:A TAG=%g DS=%C"
firewall.null Both Any Pass Off
Listing Filters Attached to Interface 2
Name Dir Address Port Protocol Idle
Action
-----------------------------------------------------------------------
mark_local.dscp In isDscp=0-45 Any dscp=0 Off
isDscp=47-63 Ignore
mark_local.from_voice In sa=192.168.1.10 UDP dscp=46
Ignore Off
mark_local.to_voice In da=192.168.1.10 UDP dscp=46
Ignore Off
classifier.default Out Any Tag=1 Off
Ignore
classifier.ef Out isDscp=46 Any Tag=10 Off
Ignore
trace.dump Both Any Ignore Off
ELS Event=1
ELS Text="Dump: %i-%d %:a --> %:A TAG=%g DS=%C"
firewall.null Both Any Pass Off
BRS Config <Ethernet1> list
BANDWIDTH RESERVATION listing from SRAM
bandwidth reservation is enabled
interface number 0
maximum queue length 10 minimum queue length 3
total bandwidth allocated 100%
total classes defined (counting one local and one default) 3
class LOCAL has 10% bandwidth allocated
protocols and filters cannot be assigned to this class.
class DEFAULT has 40% bandwidth allocated
the following protocols and filters are assigned:
protocol IP with default priority
protocol ARP with default priority
class EF has 50% bandwidth allocated
the following protocols and filters are assigned:
filter TAG10 with priority HIGH
You can enter these commands at either the IP Filters Config> prompt or the IP Filters> prompt. Nx Networks recommends that you enter these commands at the configuration prompt. See Using the Configuration Prompts and Using the Monitor Prompts for more information.
elstext
This elstext option is enhanced to support variables related to DiffServe.
When you set up a filter to generate an ELS message, you can include text to describe the event.
You can use the following variables in the text. When the software generates an ELS message, it substitutes the variable with the actual information. Be sure to put double quotation marks around the text.
add filter external.in elsevent=8 elstext= "packet from %a
going to %A blocked"When this filter recognizes a packet, it generates a message similar to this:
FLT.018 IPDF-8 packet from 128.185.22.2 going to 162.1.1.8 blocked
Note: You cannot check and change the value of both the DSCP field and the Precedence field. If you are already using the isprec option in a filter, this option becomes disabled.
| Enter . . . | To . . . |
|---|---|
| isdscp= | Replace the existing isdscp setting. |
| isdscp+= | Add one or more values to the current setting. |
| isdscp-= | Remove one or more values from the current setting. |
add filter External.Client isdscp = 1-45,47-63| Entry | Description |
|---|---|
| number | One number. |
| number-number | A range of numbers. |
| list | A comma-separated list of numbers and/or ranges of numbers. |
dscp
Modifies the DSCP field of packets that match this filter.
The dscp option changes the value of the entire TOS/DiffServe field. To change
just the precedence field, which makes up the first three bits of the TOS/DiffServe
field, use the prec option.
Note: You cannot change the value of both the DSCP field and the Precedence field. If you turn on one option, the other option becomes disabled.
You can assign a DSCP from 0 (zero) to 63. Zero (0) is best effort. Example:add filter External.Client dscp=1
isprec
Matches the packet precedence value. You can enter a single number from 0 to 7, a range of numbers, a comma-separated list of numbers, or a well-known precedence name. To turn off matching the packet precedence, use the isprec-= option to remove your configured values.
Note: You cannot check and change the value of both the DSCP field and the Precedence field. If you are already using the dscp or isdscp option in a filter, this option becomes disabled.
| Enter . . . | To . . . |
|---|---|
| isprec= | Replace the existing isprec setting. |
| isprec+= | Add one or more precedence to the current setting. |
| isprec-= |
Remove one or more precedence from the current setting.
|
| Entry | Description |
|---|---|
| number | One precedence number. |
| number-number | A range of precedence numbers. |
| name | The name of a well-known precedence name. Below is a list of well-known names. |
| list | A list of precedence numbers, ranges of precedence numbers, and/or well-known precedence names in a comma-separated list. |
Example: set filter External.Client isprec = ExpressFwd(5)
Example: set filter External.Client isprec = 1-4,7
prec
Modifies the value of the packet precedence field with
the value you enter here. The precedence field makes up the first three bits of
the DiffServe field. To change the value of the entire TOS/DiffServe field, use
the dscp option.
Note: You cannot change the value of both the precedence field and the DSCP field. If you turn on one option, the other option becomes disabled.
| Enter . . . | To . . . |
|---|---|
| prec= | Replace the existing prec setting. |
| prec-= |
Remove the exiting precedence setting.
|
set filter External.Client prec = Class4(4) | Entry | Description |
|---|---|
| number | One precedence number. |
| name | The name of a well-known precedence name. Below is a list of well-known names. |