[j-nsp] Rate limiting?
Akella Vardhana Srikant
Akella_Srikant at infosys.com
Fri Jan 21 01:14:04 EST 2005
You can do something of this type under the VLAN FE Sub interface to
restrict the traffic to 10mbps in and 10mbps out.
*********This config under the FE sub interface**************
family inet {
filter {
input testinputfilter;
output testoutputfilter;
}
address 10.0.0.5/30;
}
****************end********************
user at gimlit# show firewall policer testpolicer
if-exceeding {
bandwidth-limit 10000000;
burst-size-limit 3750000;
}
then discard;
[edit]
user at gimlit#
filter testoutputfilter {
interface-specific;
term a {
from {
source-address {
172.16.0.0/12;
}
destination-address {
192.160.0.0/12;
}
}
then policer testpolicer;
}
}
}
filter testinputfilter {
term a {
from {
source-address {
192.160.0.0/12;
}
destination-address {
172.16.0.0/12;
}
}
then policer testpolicer;
}
}
}
}
Regards,
Srikant
-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net
[mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of joe mcguckin
Sent: Friday, January 21, 2005 11:30 AM
To: juniper-nsp at puck.nether.net
Subject: [j-nsp] Rate limiting?
Can someone provide a quick example of limiting bandwidth on a FE dot1q
interface to 10Mb in and out.
How should you set the burst size?
Do policers and using counters in filters cause the CPU % on the SCB to
increase? Is there a limit to how many policers you can have before it
impacts router performance?
Thanks,
Joe
--
Joe McGuckin
ViaNet Communications
994 San Antonio Road
Palo Alto, CA 94303
Phone: 650-213-1302
Cell: 650-207-0372
Fax: 650-969-2124
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
http://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list