Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Confirm DSCP markings are passing end to end

Posted on 2009-05-14
5
Medium Priority
?
768 Views
Last Modified: 2013-11-16
We're using AT&T MIS routers connected to Juniper SSG Firewalls.  The sites are connected using IPSEC tunnels so AT&T has no visibility into the DSCP markings on the packets in the VPN.  

Are there any utilities that I can use to monitor if the DSCP markings are traveling from end to end?
0
Comment
Question by:hh_techservices
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 3

Accepted Solution

by:
johnpitt earned 2000 total points
ID: 24386605
You should be able to connect a sniffer on each end and compare the packets.
I would recommend using ATT MPLS as an alternative to doing your own encryption. They have COS built in.
Just my opinion on that.

For a sniffer, I use STD.
0
 
LVL 3

Expert Comment

by:johnpitt
ID: 24386622
Sorry, I meant to say I use Ethereal on the STD boot CD.
0
 
LVL 1

Author Closing Comment

by:hh_techservices
ID: 31581543
I think having AT&T manage the internal network might have been a better idea... at this point, we're just using MIS and our Juniper devices are handling the encryption between the sites, but since the traffic is encapsulated in a IPSEC VPN, AT&T has no visibility into the packets, so essentially all the DSCP markings we send out (in the VPN tunnel) are useless.

Thanks for your suggestion on Ethereal.... I've been using that with mixed results so far.

0
 
LVL 3

Expert Comment

by:johnpitt
ID: 24394590
I ran into the same thing. There was no way of making ATT prioritize traffic since they could not see any of the QOS stuff on my packets. I had poor VOIP quality to say the least. I dropped the Cisco encryption and allowed ATT to manage the QOS and all works really well now.
Good luck.
0
 
LVL 1

Author Comment

by:hh_techservices
ID: 24395248
Thanks for the advice, we'll look into that route.  
0

Featured Post

Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question