[j-nsp] Policer question
Paul Leet
pleet@juniper.net
Thu, 03 Oct 2002 10:38:45 -0600
At 03:08 AM 10/3/2002, Guy Davies wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>It is applied independently (i.e. 100Mbps per interface). Similarly,
>if you apply it to the input and output of an interface, it is
>applied independently there, too (i.e. 100Mbps in each direction).
>
>Guy
Make sure you use the keyword "interface-specific" in the firewall
filter. This creates a different instance for each policer bound in a
direction. Otherwise one instance is created in a direction and the
policer considers all traffic from those interfaces and contributes them
to the policer.
lab@aurora# show firewall filter foo
interface-specific;
policer foo1 {
if-exceeding {
bandwidth-limit 100m;
burst-size-limit 2m;
}
then discard;
}
-Paul
_____________________________________________________
Paul Leet // Field Support Engineer // Juniper Networks
AIM: pleetnet1 // ICQ:104190994 // Pager mailto:page-pleet@juniper.net
Office: 1-719-687-2587 // Cell: 719-439-9077
_____________________________________________________