On (2011-09-02 10:24 -0400), Jesse McGraw wrote:
I've recently run into a hard-to-troubleshoot issue where, somewhere out in the greater Internet, someone was silently dropping packets from my company that happened to be marked with DSCP AF21. I'd fully expect others to either ignore these markings or zero them out but just silently dropping them seems unnecessary.
So, how do you guys treat marked packets that come into/through your networks?
There really are three options. 1. Zero them out (or mark what ever value you handle as 'public internet' 2. Leave them alone, and never use them (either you don't have QoS deployed, or you trust MPLS EXP or comparable marking in other layer than IP, which is explictly coloured to reflect 'public internet' 3. Have mutual trust between both parties how traffic market and trusted, this will never work for IP transit. Seems in this instance someone has deployed QoS and is trusting markings from Internet, which is just broken, as they cannot anymore guarantee that customer video/voice etc works during congestion, so the QoS product is broken. -- ++ytti