How to Classify Inbound Traffic Using CoS on Junos Routers
If your router is going to examine packets to figure out whether they’re first-class passengers or regular economy-class passengers, you have to know where in the packet this information is stored. There are two fundamental ways to classify traffic, depending on how you set up your network:
Assume that all CoS settings in a packet are correctly set to conform to your network’s CoS implementation, in which case you need only look at the CoS values in the packet’s header.
Assume that the packet’s CoS settings aren’t set in accordance with your network’s CoS implementation, in which case you need another way to determine what type of traffic the packet is carrying.
For example, imagine a typical edge-core network for a couple of different areas of primary concern when it comes to CoS.
At your network’s core, traffic is passed from routers you control to other routers you control. In this case, you can be fairly certain that the configuration on those boxes will conform to whatever CoS rules you’ve established. So when you classify traffic, you basically need to look only at CoS values that you’ve set within a packet’s headers. This type of classification is known as behavior aggregate (BA) classification.
At the edge of your network, traffic is coming to your routers from devices that you don’t control. It’s anybody’s guess how the CoS values are set. Although it would be nice to imagine a world where everyone classified traffic the same way, the reality is that this uniformity is seldom the case.
In this scenario, you’ll want to classify traffic based on where it came from, not solely on the CoS values in a packet’s headers. You need to look at more than just the CoS field; you need to look at the source and destination address of the packet, or maybe the source and destination ports. This type of classification requires looking at multiple fields within the packet header, so it has been labeled multifield (MF) classification.