[j-nsp] Viewing Prefix-Specific Action statistics

[John Ou]

Cheeyong,
The correct syntax should be
> run show firewall prefix-action-stats filter inbound-acl prefix-action
police-per-prefix-shape
You need append the term name to the prefix-acton with "-" in order to view
the policer counters for that term. Let me know if it works. Thanks.
--John
-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net
[mailto:juniper-nsp-bounces at puck.nether.net]On Behalf Of Tay Chee Yong
Sent: Thursday, February 27, 2003 7:48 AM
To: juniper-nsp at puck.nether.net
Subject: [j-nsp] Viewing Prefix-Specific Action statistics


Hi People,

I had implemented the Prefix-Specific Action on our Juniper routers, and it
working well. However, I am unable to view the statistics of how many
packets/bytes had been policed/discard by the policer.

My configuration is as follows:

[edit firewall]
user at router# show
policer rate-256k {
    if-exceeding {
        bandwidth-limit 256k;
        burst-size-limit 32k;
    }
    then discard;
}
family inet {
    prefix-action police-per-prefix {
        policer rate-256k;
        count;
        subnet-prefix-length 21;
        destination-prefix-length 32;
    }
}

[edit firewall filter <inbound-acl>]
user at router# show

term shape {
    from {
        destination-address {
            192.168.0.0/21;
        }
        protocol tcp;
    }
    then {
        sample;
        prefix-action police-per-prefix;
    }
}

However, using the command "show firewall prefix-action-stats" is unable to
produce any statistics.

user at router# run show firewall prefix-action-stats filter inbound-acl
prefix-action police-per-prefix
Filter: inbound-acl

Could someone please enlighten me? Thanks.

Regards,
Cheeyong
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
http://puck.nether.net/mailman/listinfo/juniper-nsp