Hello Nicolas
It is possible to classify traffic by subnet only with ACLs. However, there are a few implications and caveats that you must keep in mind when you do this:
First, concerning the underlay network, if your congestion management strategy does not account for the specific needs of routing protocol traffic (like OSPF, MPLS, MP-BGP), there is a risk that this critical traffic could be deprioritized or dropped in congested scenarios. Routing protocol traffic is essential for the stability and efficiency of your network. If it’s impacted, it could lead to routing inefficiencies or even outages.
Secondly, by classifying traffic solely based on subnets, you may not fully distinguish between different types of traffic within the same subnet. You may not have voice traffic, but there are other traffic types that you may want to ensure will not be affected by congestion. This could result in a prioritized subnet being treated equally, regardless of its actual importance or requirements.
While classifying traffic by subnet-only with ACLs is a valid approach, it’s generally beneficial to incorporate DSCP markings for more nuanced and effective traffic management, especially for ensuring the priority of mission-critical traffic and the integrity of your routing protocol traffic (regardless of the subnet from which they originate). So I would say that you can go ahead and use an implementation that prioritizes based on the subnet, but you should also include some QoS mechanisms for other important traffic as well. So a combined approach would help mitigate the risks of network instability and ensure efficient utilization of network resources. Does that make sense?
I hope this has been helpful!
Laz