Solved

Confirm DSCP markings are passing end to end

Posted on 2009-05-14
5
761 Views
Last Modified: 2013-11-16
We're using AT&T MIS routers connected to Juniper SSG Firewalls.  The sites are connected using IPSEC tunnels so AT&T has no visibility into the DSCP markings on the packets in the VPN.  

Are there any utilities that I can use to monitor if the DSCP markings are traveling from end to end?
0
Comment
Question by:hh_techservices
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 3

Accepted Solution

by:
johnpitt earned 500 total points
ID: 24386605
You should be able to connect a sniffer on each end and compare the packets.
I would recommend using ATT MPLS as an alternative to doing your own encryption. They have COS built in.
Just my opinion on that.

For a sniffer, I use STD.
0
 
LVL 3

Expert Comment

by:johnpitt
ID: 24386622
Sorry, I meant to say I use Ethereal on the STD boot CD.
0
 
LVL 1

Author Closing Comment

by:hh_techservices
ID: 31581543
I think having AT&T manage the internal network might have been a better idea... at this point, we're just using MIS and our Juniper devices are handling the encryption between the sites, but since the traffic is encapsulated in a IPSEC VPN, AT&T has no visibility into the packets, so essentially all the DSCP markings we send out (in the VPN tunnel) are useless.

Thanks for your suggestion on Ethereal.... I've been using that with mixed results so far.

0
 
LVL 3

Expert Comment

by:johnpitt
ID: 24394590
I ran into the same thing. There was no way of making ATT prioritize traffic since they could not see any of the QOS stuff on my packets. I had poor VOIP quality to say the least. I dropped the Cisco encryption and allowed ATT to manage the QOS and all works really well now.
Good luck.
0
 
LVL 1

Author Comment

by:hh_techservices
ID: 24395248
Thanks for the advice, we'll look into that route.  
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question