[j-nsp] Cisco microflow equivalent on Juniper

[John Kristoff]

On Wed, 18 Oct 2006 20:25:36 +0200
Kristian Larsson <kristian at spritelink.se> wrote:

> > My recollection is that on some older systems, 32K is the
> > recommended maximum and with some newer ones 64K.  I'd say 10K
> > should be achievable.
> Ah, that would seem logical.

Yes, that is correct.  In a prior I worked on, as I recall, the details
are now a little fuzzy in my memory, I had an M5 with an older FEB and
was using a prefix specific action to rate limit /32's out of some block
of addresses.

We had something that looked like this:

        prefix-action psa-limit {
            policer 1Mbps;
            subnet-prefix-length 16;
            source-prefix-length 32;
        }

            term prefix-specific-threshold {
                from {
                    source-address {
                        192.0.2.0/16;
                    }
                }
                then {
                    prefix-action psa-limit;
                }
            }

The filter term was applied to the campus facing interface and will
limit each address to sending 1 Mb/s of traffic through the router.
We actually ended up doing some other things involving setting the
packet loss priority or only limiting dorm traffic.  Not long after
I left (sorry former colleagues :-) as more stuff was added to the
router config it was discovered that psa used some limited amount of
memory space and was interfering with other operations so it was
disabled.  Newer routers I suspect don't have this problem, but at
the time it was a very handy way to avoid having to write a filter
term for each individual address.

John