Juniper GRE tunnel example

juniper@R1> show configuration interfaces
ge-0/0/0 {
unit 0 {
family inet {
address 1.1.1.1/24;
}
}
}
gre {
unit 0 {
tunnel {
source 1.1.1.1;
destination 1.1.1.2;
}
family inet {
address 12.12.12.1/24;
}
}
}

juniper@R2> show configuration interfaces | display set
set interfaces ge-0/0/0 unit 0 family inet address 1.1.1.2/24
set interfaces gre unit 0 tunnel source 1.1.1.2
set interfaces gre unit 0 tunnel destination 1.1.1.1
set interfaces gre unit 0 family inet address 12.12.12.2/24

Advertisements

QoS pre-classify

Configuration Command Under Which the Command ‘qos pre-classify’ Is Configured

interface tunnel – GRE and IPIP
interface virtual-template – L2F and L2TP
crypto map – IPSEC

Makes a copy of the IP packet when it enters the Ingress Interface and allows the router to view that copy to make QoS classify decision on the Egress Interface, on all the fields in the IP packet other than just the ToS field that was copied by default…

Can see this by creating class-map on TELNET packets and apply on the phyisal interface after encryption…

crypto-map
qos pre-classify
(check ‘show policy-map inteface’ and see classify on telnet packets)
crypto-map
no qos pre-classify
(router cannot see copy of original packet header and will not be able to classify on telnet packets, just the original IP ToS field)