[j-nsp] Cisco microflow equivalent on Juniper

Pekka Savola pekkas at netcore.fi
Wed Oct 18 13:13:59 EDT 2006 

On Wed, 18 Oct 2006, Piotr Marecki wrote:
> Kristian,
>
> take a look at "help topic firewall prefix-action"

Unfortunately, that only works for contiguous prefix lengths (e.g., a 
/24, /21, /16, etc.).

If you'd want to apply it to say, 16 separate /24's, you'll need to 
set up separate prefix-specific policers for each separate prefix 
length.

The current solution is probably good enough for hosting or 
residential customer LANs but not more complex interfaces.

> ----- Original Message -----
> From: "Kristian Larsson" <kristian at spritelink.se>
> To: <juniper-nsp at puck.nether.net>
> Sent: Wednesday, October 18, 2006 6:39 PM
> Subject: [j-nsp] Cisco microflow equivalent on Juniper
>
>
>> Hi,
>>
>> I'm curious to whether Juniper has something along
>> the lines of what Cisco calls user based microflow
>> policing, ie setup a policy to limit say ingress
>> speed on an interface per IP adress and not have
>> to specify a policy for each IP adress
>> individually.
>>
>> I'm looking at broadband ethernet aggregation,
>> 5000-10000 customers and limit each and every
>> customers upstream speed to X Mbps.
>> Of course the perfect solution would be to limit
>> at the edge but unfortunately the switches are
>> already in place and won't be replaced for another
>> few years so I'm stuck with doing something else.
>>
>> Any input is appreciated.
>>
>> Regards,
>>  kristian.
>>
>> --
>> Kristian Larsson                                   KLL-RIPE
>> Network Engineer                      Net at Once [AS35706]
>> +46 704 910401      kristian at spritelink.se
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

More information about the juniper-nsp mailing list