<div dir="ltr">That's already been happening. OpenSSH pulled that stunt in 7.8.<div><br></div><div><a href="https://www.openssh.com/txt/release-7.8">https://www.openssh.com/txt/release-7.8</a><br></div><div><br></div><div><pre style="color:rgb(0,0,0);white-space:pre-wrap"> ssh(1)/sshd(8): the default IPQoS used by ssh/sshd has changed.
They will now use DSCP AF21 for interactive traffic and CS1 for
bulk. For a detailed rationale, please see the commit message:
<a href="https://cvsweb.openbsd.org/src/usr.bin/ssh/readconf.c#rev1.284">https://cvsweb.openbsd.org/src/usr.bin/ssh/readconf.c#rev1.284</a></pre><pre style="color:rgb(0,0,0);white-space:pre-wrap"><br></pre><pre style="color:rgb(0,0,0);white-space:pre-wrap"><br></pre></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Jul 9, 2019 at 10:50 AM Steve Mikulasik via NANOG <<a href="mailto:nanog@nanog.org">nanog@nanog.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Even if QoS on the Internet was possible it would be destroyed by everyone marking all their traffic with the highest priority to get the best performance. Tragedy of the commons. <br>
<br>
<br>
<br>
-----Original Message-----<br>
From: NANOG <<a href="mailto:nanog-bounces@nanog.org" target="_blank">nanog-bounces@nanog.org</a>> On Behalf Of Mark Tinka<br>
Sent: Monday, July 8, 2019 10:40 AM<br>
To: <a href="mailto:nanog@nanog.org" target="_blank">nanog@nanog.org</a><br>
Subject: Re: QoS for Office365<br>
<br>
<br>
<br>
On 2/Jul/19 23:18, Joe Yabuki wrote:<br>
<br>
> Hi all,<br>
><br>
> How do you deal with QoS for Office365, since the IPs are subject to <br>
> changes ?<br>
><br>
> How can we mark the trafic while keeping the security (I fear the <br>
> marking based on TCP/UDP Ports since they are not without an <br>
> additional risk coming from worms/virus using those ports for example, <br>
> and doing that directly on the PCs doesn't seem to be the best solution) ?<br>
<br>
Funny, I was just answering an internal question about this, last week.<br>
<br>
As with all things Internet, my stance is if you don't have end-to-end control, trying to do QoS is pointless.<br>
<br>
That said, I believe it should be possible to apply some kind of meaningful, end-to-end QoS together with Microsoft if you took up one of their Express Route services, given that is considered a private, premium service.<br>
<br>
Mark.<br>
<br>
</blockquote></div>