Good Afternoon
We have a layer 2 tail with our upstream provider. Our provider is dropping our traffic outbound with dscp value great then 15. How do I remark 15 and above as DSCP BE 00.
Thanks Steve
This is done in firewall mangle rules.
Unfortunately, the DSCP matcher only allows a single value, nothing like smaller or greater as.
So I would create a custom DSCP chain for all traffic which is not zero (last rule in my example) and then match rule by rule if it is smaller than 15 (first 15 rules in my example) and set it back to zero or whatever you want to (2nd last rule in my example - if a packet has come up to there, it must be greater than 15)
/ip firewall mangle
add chain=dscpcheck dscp=1 action=accept passthrough=no
add chain=dscpcheck dscp=2 action=accept passthrough=no
add chain=dscpcheck dscp=3 action=accept passthrough=no
add chain=dscpcheck dscp=4 action=accept passthrough=no
add chain=dscpcheck dscp=5 action=accept passthrough=no
add chain=dscpcheck dscp=6 action=accept passthrough=no
add chain=dscpcheck dscp=7 action=accept passthrough=no
add chain=dscpcheck dscp=8 action=accept passthrough=no
add chain=dscpcheck dscp=9 action=accept passthrough=no
add chain=dscpcheck dscp=10 action=accept passthrough=no
add chain=dscpcheck dscp=11 action=accept passthrough=no
add chain=dscpcheck dscp=12 action=accept passthrough=no
add chain=dscpcheck dscp=13 action=accept passthrough=no
add chain=dscpcheck dscp=14 action=accept passthrough=no
add chain=dscpcheck dscp=15 action=accept passthrough=no
add chain=dscpcheck dscp=!15 action=change-dscp new-dscp=0 passthrough=no
add chain=forward action=jump jump-target=dscpcheck dscp=!0 pasthrough=yes
This is untested, but it should be the way it works.
-Chris