The RUCKUS ICX P router must be configured to enforce a Quality-of-Service (QoS) policy in accordance with the QoS GIG Technical Profile.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-273603 | RCKS-RTR-000360 | SV-273603r1110895_rule | Low |
| Description |
| Different applications have unique requirements and toleration levels for delay, jitter, bandwidth, packet loss, and availability. To manage the multitude of applications and services, a network requires a QoS framework to differentiate traffic and provide a method to manage network congestion. The Differentiated Services Model (DiffServ) is based on per-hop behavior by categorizing traffic into different classes and enabling each node to enforce a forwarding treatment to each packet as dictated by a policy. Packet markings such as IP Precedence and its successor, Differentiated Services Code Points (DSCP), were defined along with specific per-hop behaviors for key traffic types to enable a scalable QoS solution. DiffServ QoS categorizes network traffic, prioritizes it according to its relative importance, and provides priority treatment based on the classification. It is imperative that end-to-end QoS is implemented within the IP core network to provide preferred treatment for mission-critical applications. |
| STIG | Date |
| RUCKUS ICX Router Security Technical Implementation Guide | 2025-06-03 |
Details
| Check Text (C-77694r1109829_chk) |
| Review the QoS-ToS mapping of the P router. If the DSCP mapping to priority queues does not comply with the GiG Technical Profile, this is a finding. |
| Fix Text (F-77599r1109830_fix) |
| Configure DSCP mapping: ICX(config)# qos-tos map dscp-priority 8 to 0 ICX(config)# qos-tos map dscp-priority 0 1 2 3 4 5 6 7 to 1 ICX(config)# qos-tos map dscp-priority 42 44 50 52 53 54 55 56 to 1 ICX(config)# qos-tos map dscp-priority 57 58 59 60 61 62 63 to 1 ICX(config)# qos-tos map dscp-priority 9 10 11 12 13 14 15 25 to 2 ICX(config)# qos-tos map dscp-priority 26 27 29 31 to 2 ICX(config)# qos-tos map dscp-priority 34 36 38 46 to 3 ICX(config)# qos-tos map dscp-priority 40 41 43 45 47 49 51 to 4 ICX(config)# qos-tos map dscp-priority 48 to 5 |