Traffic Params

This scenario demonstrates how to set some parameters like ToS or marks in BGP traffic.

../../../../_images/params.svg

Test Params In BGP Traffic

Description

In this scenario, a traffic policy was configured to drop unmarked traffic. In order to bypass this restriction, a new option has been configured in the BGP configuration to set the traffic mark/ToS.

Scenario

Example 1

Step 1: Set the following configuration in DUT0 :

set interfaces dummy dum0 address 1.1.1.1/24
set interfaces ethernet eth0 address 192.168.100.20/24
set interfaces ethernet eth0 traffic policy out ACCEPT_MARKED
set protocols bgp 20 parameters mark 10
set protocols bgp 20 peer-group overlay listen range 192.168.100.0/24
set protocols bgp 20 peer-group overlay remote-as 20
set protocols bgp 20 redistribute connected route-map PERMIT
set protocols route-map PERMIT rule 1 action permit
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set traffic policy ACCEPT_MARKED rule 1 action accept
set traffic policy ACCEPT_MARKED rule 1 selector SEL_MARKED
set traffic policy ACCEPT_MARKED rule 2 action drop
set traffic selector SEL_MARKED rule 1 mark 10

Step 2: Set the following configuration in DUT1 :

set interfaces ethernet eth0 address 192.168.100.10/24
set protocols bgp 20 neighbor peer remote-address 192.168.100.20
set protocols bgp 20 neighbor peer remote-as 20
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 3: Ping IP address 192.168.100.10 from DUT0:

admin@DUT0$ ping 192.168.100.10 tos 32 mark 10 count 3 size 56 timeout 1
Show output
PING 192.168.100.10 (192.168.100.10) 56(84) bytes of data.
64 bytes from 192.168.100.10: icmp_seq=1 ttl=64 time=0.357 ms
64 bytes from 192.168.100.10: icmp_seq=2 ttl=64 time=0.260 ms
64 bytes from 192.168.100.10: icmp_seq=3 ttl=64 time=0.253 ms

--- 192.168.100.10 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2050ms
rtt min/avg/max/mdev = 0.253/0.290/0.357/0.047 ms

Step 4: Run command protocols bgp show ip summary at DUT1 and check if output matches the following regular expressions:

192.168.100.20.*Established
Show output
IPv4 Unicast Summary:
BGP router identifier 192.168.100.10, local AS number 20 VRF default vrf-id 0
BGP table version 2
RIB entries 3, using 384 bytes of memory
Peers 1, using 24 KiB of memory

Neighbor        LocalAddr       V         AS   MsgRcvd   MsgSent   TblVer  InQ OutQ  Up/Down        State   PfxRcd   PfxSnt Desc
192.168.100.20  -               4         20         5         3        2    0    0 00:00:02  Established        2        0 FRRouting/10.4.1

Total number of neighbors 1

Step 5: Run command protocols bgp show ip at DUT1 and check if output matches the following regular expressions:

1.1.1.0/24
Show output
BGP table version is 2, local router ID is 192.168.100.10, vrf id 0
Default local pref 100, local AS 20
local address -
Status codes:  s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath,
               i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes:  i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *ui 1.1.1.0/24       192.168.100.20           0    100      0 ?
 *ui 192.168.100.0/24 192.168.100.20           0    100      0 ?

Displayed 2 routes and 2 total paths

Example 2

Step 1: Set the following configuration in DUT0 :

set interfaces dummy dum0 address 1.1.1.1/24
set interfaces ethernet eth0 address 192.168.100.20/24
set interfaces ethernet eth0 traffic policy out ACCEPT_MARKED
set protocols bgp 20 parameters tos 32
set protocols bgp 20 peer-group overlay listen range 192.168.100.0/24
set protocols bgp 20 peer-group overlay remote-as 20
set protocols bgp 20 redistribute connected route-map PERMIT
set protocols route-map PERMIT rule 1 action permit
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set traffic policy ACCEPT_MARKED rule 1 action accept
set traffic policy ACCEPT_MARKED rule 1 selector SEL_MARKED
set traffic policy ACCEPT_MARKED rule 2 action drop
set traffic selector SEL_MARKED rule 1 dscp 8

Step 2: Set the following configuration in DUT1 :

set interfaces ethernet eth0 address 192.168.100.10/24
set protocols bgp 20 neighbor peer remote-address 192.168.100.20
set protocols bgp 20 neighbor peer remote-as 20
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 3: Ping IP address 192.168.100.10 from DUT0:

admin@DUT0$ ping 192.168.100.10 tos 32 mark 10 count 3 size 56 timeout 1
Show output
PING 192.168.100.10 (192.168.100.10) 56(84) bytes of data.
64 bytes from 192.168.100.10: icmp_seq=1 ttl=64 time=0.323 ms
64 bytes from 192.168.100.10: icmp_seq=2 ttl=64 time=0.284 ms
64 bytes from 192.168.100.10: icmp_seq=3 ttl=64 time=0.251 ms

--- 192.168.100.10 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2048ms
rtt min/avg/max/mdev = 0.251/0.286/0.323/0.029 ms

Step 4: Run command protocols bgp show ip summary at DUT1 and check if output matches the following regular expressions:

192.168.100.20.*Established
Show output
IPv4 Unicast Summary:
BGP router identifier 192.168.100.10, local AS number 20 VRF default vrf-id 0
BGP table version 2
RIB entries 3, using 384 bytes of memory
Peers 1, using 24 KiB of memory

Neighbor        LocalAddr       V         AS   MsgRcvd   MsgSent   TblVer  InQ OutQ  Up/Down        State   PfxRcd   PfxSnt Desc
192.168.100.20  -               4         20         5         3        2    0    0 00:00:01  Established        2        0 FRRouting/10.4.1

Total number of neighbors 1

Step 5: Run command protocols bgp show ip at DUT1 and check if output matches the following regular expressions:

1.1.1.0/24
Show output
BGP table version is 2, local router ID is 192.168.100.10, vrf id 0
Default local pref 100, local AS 20
local address -
Status codes:  s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath,
               i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes:  i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *ui 1.1.1.0/24       192.168.100.20           0    100      0 ?
 *ui 192.168.100.0/24 192.168.100.20           0    100      0 ?

Displayed 2 routes and 2 total paths