[j-nsp] SRX-3600 Rate limit
atif naeem
col.atif at gmail.com
Wed Dec 1 00:58:20 EST 2010
Hi Ben,
I configured as per given configuration but i am getting message this is not
supported on SRX-3600.
policer rate-limit-1mb {
if-exceeding {
bandwidth-limit 1m;
burst-size-limit 124k;
}
then discard;
}
filter test {
term 1 {
from {
source-address {
0.0.0.0/0;
}
}
then {
##
## Warning: statement ignored: unsupported platform (srx3600)
##
policer rate-limit-1mb;
accept;
}
}
}
BR
Atif Naeem
On Wed, Dec 1, 2010 at 2:46 AM, DeathPacket <deathpacket at gmail.com> wrote:
> Atif,
>
> I put this together to limit itunes traffic to 1mb.
>
> Use a firewall filter to police the traffic (I did specify www.apple.combut it resolved the address automatically, this may be an issue when round
> robin DNS happens). You can more specific (i.e. Port 80 etc..) but I was
> just checking base functionality.
>
>
> firewall {
> policer Apple {
> if-exceeding {
> bandwidth-limit 1m;
> burst-size-limit 50k;
> }
> then discard;
> }
> filter Apple-Rate-Limit {
> term 1 {
> from {
> destination-address {
> 184.85.45.15/32;
> }
> }
> then {
> policer Apple;
> accept;
> }
> }
> term 2 {
> then accept;
> }
> }
> }
>
>
> Then add the filter to an interface: (this is my trust interface)
>
>
> fe-0/0/7 {
> unit 0 {
> family inet {
> filter {
> input-list Apple-Rate-Limit;
> }
> address 192.168.200.238/24;
> }
> }
> }
>
> --Ben
>
> On Tue, Nov 30, 2010 at 10:11 AM, atif naeem <col.atif at gmail.com> wrote:
>
>> Hi folks ,
>> Can any one tell me how to implement rate limit on SRX-3600 .I have junos
>> version 10.0R2.10 . i want to restrict user on 1mb.
>>
>> BR
>> Atif Naeem
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>>
>
>
More information about the juniper-nsp
mailing list