Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    DSCP leak from comcast Business class on Netgate SG5100

    Traffic Shaping
    1
    1
    65
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      Kerat last edited by Kerat

      I am building out a fleet of Netgate SG-3100/5100 Firewalls at 19 locations. We are going to have dual WAN connections and are have implemented at about half the sites. One connection is a MOE connection and we are allowed to pass DSCP tags without trouble. Our secondary connection is a mixture of Comcast Business Class Internet or fiber DIA connections. We are noticing that connection Zoom and Teams traffic from the Comcast Business Class Internet connect often have poor connectivity on wifi only (unifi). After further testing it seems that packets from the ingress seem to leak DSCP settings Comcasts network and WMM is reading these settings and categorizing the traffic to the endpoints as CS1 instead of EF. My thoughts on countermeasures are:

      1. see if there is a way to reset the DSCP tag to DF or AF on inbound traffic from the Comcast Business class connection.
      2. Reach out to Comcast and see if they can strip the DSCP tag coming into our network (I am not hopeful that their support number will understand what I am asking for).
      3. see if it is possible to set the wireless AP to ignore WMM.
        Has anyone else had this problem and been able to address it?
      1 Reply Last reply Reply Quote 0
      • First post
        Last post

      Products

      • Platform Overview
      • TNSR
      • pfSense Plus
      • Appliances

      Services

      • Training
      • Professional Services

      Support

      • Subscription Plans
      • Contact Support
      • Product Lifecycle
      • Documentation

      News

      • Media Coverage
      • Press
      • Events

      Resources

      • Blog
      • FAQ
      • Find a Partner
      • Resource Library
      • Security Information

      Company

      • About Us
      • Careers
      • Partners
      • Contact Us
      • Legal
      Our Mission

      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

      Subscribe to our Newsletter

      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

      © 2021 Rubicon Communications, LLC | Privacy Policy