Applying QoS on EoIP/MPLS-VPLS

Posted: Thu Aug 19, 2010 7:08 am
by trouble
Applying QoS for EoIP and MPLS/VPLS traffic

I have two different scenarios , I would appreciate if any body can provide guidance with sample configuration- I insist on sample configuration :-) , I have tried with multiple ways but still no success.

Scenario 1. Prioritizing the EoIP tunnels

Multiple EoIP tunnels are going from one router to another router , each EoIP tunnel carries different vlans and having different p-bit set , how we can mark and then queue the EoIP tunnel packet so one should have priority than other either by dscp or p-bit marking. I can mark traffic inside the tunnel but not successful to mark the particular tunnel packets for queuing, if there is one tunnel then it is possible ( by marking with protocol=gre) but in case of multiple tunnels how we can set different priorities for each tunnel.

Scenario 2 -Prioritize the VPLS or MPLS packet carried by VLAN

having same scenario but with VPLS over MPLS backbone , when I mark the traffic inside the VPLS tunnel with p-bit then same p-bit get copied in the outer MPLS label/VLAN header , that p-bit is assigned to mpls/vpls packet carrying vlan as tag priority and same as exp bit in mpls header but when I try to mark that traffic for queuing -then no success. The setup is as follows


With Wireshark/port mirroring - it shows vpls as malformed packet

I am using Routerboard RB800 with 4.9

Thanks in advance.

Re: Applying QoS on EoIP/MPLS-VPLS

Posted: Fri Aug 20, 2010 1:07 pm
by FIPTech
"if there is one tunnel then it is possible ( by marking with protocol=gre) but in case of multiple tunnels how we can set different priorities for each tunnel."

I have the same problem when i want to mark different EoIP or PPTP tunnels for Policy Routing. In Short this is not possible actually.

It is not possible to route different tunnels to the same destination IP using different gateway.

This is a poor situation, because tunnels should be able to go where we want through the gateway we want. This is in the nature of a tunnel to be able to go through the road we want, not always under the default road.

I tried to use source mac address filtering, using the EoIP tunnel mac address, but source mac filtering is not permitted inside Output Mangle rules.

I got this error : "Couldn't add New Mangle Rule - source Mac filtering not possible in output and postrouting chains (6)".

I've reported this problem to Mikrotik and we exchanged mails, but they reply there is no solution.

Using a level 7 filter seems possible but creating a reliable filter is not an easy task and anyway this type of filter is ressource hungry.

The true solution is to add in Router OS the possibility to Mark each tunnel (EoIP or PPP based), so that we can apply QOS or routing marks selectively for each tunnel.

For EoIP this is quite simple, as each tunnel have an ID. This ID could be used for this usage. Another approach would be to use the name of the Interface in a new firewall filter field named for example "Source Tunnel". This seems a better solution because this should allow to filter as well PPP based tunnels and other kind or interfaces originating their trafic in the router himself.

In the meantime, there is no other solution than using a different destination IP for each Tunnel, so that we can mark trafic according to destination IP. But this is not always possible if there is a limited set of IP addresses on the destination network.
This is the solution i'm using actually. But i hope this will change in the near futur because this problem has serious implications for routing and QOS.

Mikrotik please add a new field inside mangle output filter, so that we can mark according to source tunnel interface name.

Re: Applying QoS on EoIP/MPLS-VPLS

Posted: Fri Aug 20, 2010 4:06 pm
by fewi
Another option would be what Cisco and Juniper do: offer a tunnel option that does QoS marking before tunneling on the tunnel interface, which effectively forces the DSCP value of the encapsulated packet on the encapsulating packets. I think that would be a worthwhile addition even if they implement your solution as it would ensure you can make network policies with mixed infrastructure.

Re: Applying QoS on EoIP/MPLS-VPLS

Posted: Sun Aug 22, 2010 7:18 pm
by FIPTech
If this is only QOS marking directly on the tunnel interface, this seems limited to QOS management.

My proposed solution is not limited to QOS management, but does allow route marking for policy routing, or all things we can do with marking inside mangle.

The routing adjustment at the end of the output chain should allow for policy routing on tunnel interfaces.

So we would have a better tunnel management than Cisco / Juniper does (at a lower cost).

Actually it is not possible to correctly manage QOS and routing on tunnel interfaces. And IPv6 is not implemented enough in Router OS to replace IPv4 tunnels by IPv6 IPsec direct access. (IPv6 IPsec is not implemented at all presently, regardless it is a native IPv6 function).