[j-nsp] Tracking traffic after policers?
Alex
alex.arseniev at gmail.com
Mon May 4 13:33:59 EDT 2009
Chris,
One way to do it is to mark in-contract traffic with
forwarding-class+"next-term" action, then match on this forwarding-class in
following FW filter term, count and accept.
You won't be able to do it on M10i with original CFEB, new I-chip based CFEB
is required.
Rgds
Alex
----- Original Message -----
From: "Chris Adams" <cmadams at hiwaay.net>
To: <juniper-nsp at puck.nether.net>
Sent: Monday, May 04, 2009 5:13 PM
Subject: [j-nsp] Tracking traffic after policers?
>I have an ethernet with a bunch of customer VLANs on an M10i. The
> customers are limited to the bandwidth they pay for with policers. I
> collect the traffic stats for graphing via SNMP, but the stats (from the
> standard interface MIB) reflect the traffic before policing.
>
> Is there a way to collect statistics _after_ policing (e.g. graph only
> the traffic that is passed)? I see the JUNIPER-FIREWALL-MIB variable
> jnxFWCounterByteCount, but it is always 0 for policers (only the packets
> are counted, which isn't very useful for traffic stats).
>
> I'm of course looking to do this with as simple a config as possible;
> right now I can set a logical interface's rate with "set policer input
> 4meg output 4meg", with the 4meg policer only defined once.
> --
> Chris Adams <cmadams at hiwaay.net>
> Systems and Network Administrator - HiWAAY Internet Services
> I don't speak for anybody but myself - that's enough trouble.
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list