[j-nsp] Policer based on community
Harry Reynolds
harry at juniper.net
Wed Oct 11 12:35:59 EDT 2006
Yes, scu/dcu can simply count packets.....
filter police {
> >>>
> >>> term one {
> >>>
> >>> from {
> >>>
> >>> destination-class one;
> >>>
> >>> }
> >>>
> >>> then {
> >>>
> >>> count counter_name; <<<<<<
> >>>
> >>> accept;
> >>>
> >>> }
> >>>
> >>> }
> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net
> [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Ian
> MacKinnon
> Sent: Wednesday, October 11, 2006 9:03 AM
> To: juniper-nsp at puck.nether.net
> Subject: Re: [j-nsp] Policer based on community
>
> Could you use this to see how much traffic a given peer is being sent?
> Rather than rate limit just a count of some kind?
>
>
> Tommy J wrote:
> > Awesome Man
> >
> > This is soooo cool.
> >
> > Tommy
> >
> > --- Leigh Porter <leigh.porter at ukbroadband.com> wrote:
> >
> >> Bloody clever them Junipers.
> >>
> >> Andrew Ramsey wrote:
> >>> You can do this with destination classes. Please
> >> see config below:
> >>> policer police_one {
> >>>
> >>> if-exceeding {
> >>>
> >>> bandwidth-limit 1m;
> >>>
> >>> burst-size-limit 4500;
> >>>
> >>> }
> >>>
> >>> then discard;
> >>>
> >>> }
> >>>
> >>> policer police_two {
> >>>
> >>> if-exceeding {
> >>>
> >>> bandwidth-limit 2m;
> >>>
> >>> burst-size-limit 5500;
> >>>
> >>> }
> >>>
> >>> }
> >>>
> >>>
> >>>
> >>> filter police {
> >>>
> >>> term one {
> >>>
> >>> from {
> >>>
> >>> destination-class one;
> >>>
> >>> }
> >>>
> >>> then {
> >>>
> >>> policer police_one;
> >>>
> >>> accept;
> >>>
> >>> }
> >>>
> >>> }
> >>>
> >>> term two {
> >>>
> >>> from {
> >>>
> >>> destination-class two;
> >>>
> >>> }
> >>>
> >>> then {
> >>>
> >>> policer police_2;
> >>>
> >>> accept;
> >>>
> >>> }
> >>>
> >>> }
> >>>
> >>> term three {
> >>>
> >>> then accept;
> >>>
> >>> }
> >>>
> >>> }
> >>>
> >>>
> >>>
> >>> t1-0/3/0 {
> >>>
> >>> unit 0 {
> >>>
> >>> family inet {
> >>>
> >>> filter {
> >>>
> >>> output police;
> >>>
> >>> }
> >>>
> >>> address 10.42.114.2/30;
> >>>
> >>> }
> >>>
> >>> }
> >>>
> >>> }
> >>>
> >>>
> >>>
> >>> policy-statement police_destinations {
> >>>
> >>> term one {
> >>>
> >>> from community 100;
> >>>
> >>> then destination-class one;
> >>>
> >>> }
> >>>
> >>> term two {
> >>>
> >>> from community 200;
> >>>
> >>> then destination-class two;
> >>>
> >>> }
> >>>
> >>> }
> >>>
> >>>
> >>>
> >>> routing-options {
> >>> forwarding-table {
> >>> export police_destinations;
> >>> }
> >>> }
> >>>
> >>>
> >>>> -----Original Message-----
> >>>> From: juniper-nsp-bounces at puck.nether.net
> >> [mailto:juniper-nsp-
> >>>> bounces at puck.nether.net] On Behalf Of Tommy J
> >>>> Sent: Tuesday, October 10, 2006 6:26 PM
> >>>> To: juniper-nsp at puck.nether.net
> >>>> Subject: [j-nsp] Policer based on community
> >>>>
> >>>> Can we police the traffic (rate limiting) based
> >> on bgp
> >>>> community ? I am trying to cap a customer whose
> >> access
> >>>> to certain peers is reduced to X amount of
> >> bandwidth.
> >>>> ~Tom
> >>>>
> >>>>
> >> __________________________________________________
> >>>> Do You Yahoo!?
> >>>> Tired of spam? Yahoo! Mail has the best spam
> >> protection around
> >>>> http://mail.yahoo.com
> >>>> _______________________________________________
> >>>> juniper-nsp mailing list
> >> juniper-nsp at puck.nether.net
> >> https://puck.nether.net/mailman/listinfo/juniper-nsp
> >>>>
> >>> _______________________________________________
> >>> juniper-nsp mailing list
> >> juniper-nsp at puck.nether.net
> >> https://puck.nether.net/mailman/listinfo/juniper-nsp
> >>>
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Tired of spam? Yahoo! Mail has the best spam protection around
> > http://mail.yahoo.com
> _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
> --
> Ian MacKinnon
> Lumison
> t: 0845 1199 900
> d: 0131 514 4055
> --
>
> This email and any files transmitted with it are confidential
> and intended solely for the use of the individual or entity
> to whom they are addressed.
> If you have received this email in error please notify the
> sender. Any offers or quotation of service are subject to
> formal specification.
> Errors and omissions excepted. Please note that any views or
> opinions presented in this email are solely those of the
> author and do not necessarily represent those of Lumison,
> nplusone or lightershade ltd.
> Finally, the recipient should check this email and any
> attachments for the presence of viruses. Lumison, nplusone
> and lightershade ltd accepts no liability for any damage
> caused by any virus transmitted by this email.
>
> --
> --
> Virus scanned by Lumison.
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list