Thanks Marce for your advice!  Can QoS  traffic shaping applied on MPLS PE egress interface (leading to P routers) control the traffics based on dscp values? I check MPLS qos , the docs mention EXP bit, what is it? Look forward to your advice, thanks. 

 - EXP (Experimental) bit is a 3-bit field in the MPLS header that can be used for Quality of Service (QoS) purposes, such as traffic prioritization and shaping. The EXP field allows up to 8 different levels of priority to be assigned to MPLS packets. In Cisco's implementation of MPLS, the EXP field is also referred to as the Class of Service (CoS) field. When a packet enters a Cisco MPLS network, the EXP field can be mapped to the Differentiated Services Code Point (DSCP) field in the IP header, which can then be used by QoS mechanisms such as traffic shaping, policing, and queuing to provide differentiated treatment to different types of traffic. When configuring traffic shaping on a Cisco MPLS PE router, you can specify the maximum rate at which traffic is allowed to be sent out of an interface and also specify the priority of traffic based on the EXP (CoS) field value. This allows you to control the flow of traffic and ensure that higher-priority traffic is given precedence over lower-priority traffic.

  M.

Hello @Herman2018,

In MPLS networks, the EXP bits are used to mark packets with a priority value, which is used by the MPLS network to determine the forwarding treatment of the packet. The EXP bits are located in the MPLS header and are equivalent to the IP DSCP values.

When packets are sent across the MPLS network, the MPLS switches (or P routers) can be configured to perform QoS based on the EXP values. The MPLS switches can map the EXP values to different QoS policies, such as priority queuing, bandwidth allocation, or traffic shaping.

To summarize, you can use DSCP values to mark and classify traffic at the edge of the network, and then use EXP values to provide QoS treatment within the MPLS network. This allows you to maintain end-to-end QoS treatment for your traffic across the MPLS network.

Thanks M02@rt37 @marce1000 ! we can only apply QoS to egress interfaces (to P routers) of PE router because direct user VRF is configured on the VLAN interface on the PE router. Like this, can still classify the packets based on dscp values and service ports? the traffics are not encrypted , right? Please advise ,thanks a lot. 

Hello @Herman2018,

QoS can be applied to both ingress and egress interfaces of a PE router. However, when applying QoS on a PE router that is serving multiple VRFs, it is generally recommended to apply QoS policies on egress interfaces towards the P routers to ensure that the QoS policies are applied uniformly across all VRFs.

When packets are classified based on DSCP values and service ports, the QoS policies will still work even if the traffic is not encrypted. QoS policies operate at the network layer and are independent of the data being carried by the packets.

However, if the traffic is encrypted, it may not be possible to classify the packets based on the contents of the packets, including DSCP values and service ports. In such cases, QoS policies may have to be based on the source or destination IP address, or other header fields that are not encrypted.