How to mark DSCP values on inbound packets on a Brocade Fastiron SX running Layer 3 Code

How to mark DSCP values on inbound packets on a Brocade Fastiron SX running Layer 3 Code

Layer 3 code requires you to apply the ACL to the VE instead of the physical interface. If you have a VE configured, it will not allow the ACL to be applied to the interface, but will allow it to be applied if there is NOT.

Global Config

vlan 5
router-interface ve 5
untagged eth 1/1

enable acl-per-port-per-vlan ==> Requires a reboot

traffic-policy count

ip access-list 101 bridged-routed ==>> You must add this command or it will not work!!!!
ip access-list extended 101
remark RTP-ACL
permit udp 192.168.1.0 0.0.0.255 192.168.1.0 0.0.0.255 range 16384 32767 dscp-marking dscp-cos-mapping traffic-policy QOS
remark VOICE-CONTROL-ACL
permit tcp 192.168.1.0 0.0.0.255 192.168.1.0 0.0.0.255 range 2000 2002 dscp-marking dscp-cos-mapping traffic-policy QOS
remark EVERYTHING-ELSE
permit ip any any dscp-marking 0 dscp-cos-mapping traffic-policy QOS

interface VE 5
ip access-group 101 IN

***You will need to write an ACL that works for your network and your needs. Make sure you have permit ip any any at the end***

dscp-marking = Mark the packet with the DSCP Value
dscp-cos-mapping = Use the internal mappings to map DSCP to COS values
traffic-policy = Allows you to see some counters on the ACL (Not very helpfull)

**Please let me know if this has helped you!!!

This entry was posted in Brocade by Scape. Bookmark the permalink.

About Scape

Over 10 Years in the networking field. Have worked in the Service provider and Enterprise environments. I have worked with Cisco, Foundry/Brocade, F5, Riverbed, Scientific Atlanta, Routers, Switches, Firewalls, Load Balancers, WAN Accelerators, DWDM, SONET, Multicast etc...

Leave a Reply