[j-nsp] JunOS versions, MX and lots of policers
Pekka Savola
pekkas at netcore.fi
Mon Feb 15 03:37:03 EST 2010
On Fri, 12 Feb 2010, OBrien, Will wrote:
> This behaves pretty well, but requires that the policer be applied on every /24 that I want.
> With two /16s and some /26s in there, this makes for a pretty long config.
It depends on what you want. If your /16's are contiguous, you could
generate automatically policers for each one of them separately. E.g.
specify sourfce-prefix-length 16, subnet-prefix-length 32 -- that
would generate 64K host-specific policers, or if you're fine with
subnet granularity, you could use e.g. subnet-prefix-length 24, that
would result in 256 policers.
Not sure what's the MX capacity for the number of policers, but if you
implemented host-specific policers for all of your IP space, that
would be some 130K policers. Sounds a bit on the high side to me, but
unfortunately I can't recall the tested scaling numbers..
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
More information about the juniper-nsp
mailing list