[j-nsp] Rate Shaping on a J2350

Thu Oct 21 19:26:33 EDT 2010

I did a similar exercise a while ago on T-series and it works, I would 
expect it to work the same way on J-series.
Some tips:
1/ if you want to limit two or more customers to, say, 10Mbps each, don't 
configure a "filter-specific" policer, configure a regular 10Mbps policer.
By default, a regular policer is term-specific and two or more customers can 
be separately rate-limited by the different instances of the same regular 
policer in different FW filter terms.
2/ "filter-specific" policer would come into play when you want to give a 
shared (sub)bandwidth to two or more customers. If a policer is referenced 
only once inside the FW filter, there is no difference between 
filter-specific and default (term-specific) policer.
3/ with your example config, it is not possible to discriminate between 
customers sharing 50Mbps bandwith - e.g. 1st customer could be clogging the 
pipe up to own policer limit and all others will be forced to use what's 
left of bandwidth delta (50Mbps less 1st customer policer limit). 
Shaping+scheduling could be a better approach.
Rgds
Alex

----- Original Message ----- 
From: "TiM" <tim at muppetz.com>
To: <juniper-nsp at puck.nether.net>
Sent: Thursday, October 21, 2010 11:07 PM
Subject: [j-nsp] Rate Shaping on a J2350

> Quick question about policing.
>
> Basically I'd like to know if this config will work.  I'm pretty sure it
> will and the Juniper docs seems to agree with me, but the collective
> wisdom of JNSP would be appreciated.
>
> Router in question is a Juniper J2350.
>
> Basically I want to say:
>
> 192.168.0.0/24 is in total allowed 50Mb/s of bandwidth.  This is the
> global limit that shouldn't be exceeded, regardless of what individual
> customers are doing.
>
> Then, under that, individiual customers (allocated a /30) are given a
> "maximum" limit.  That is, they can move traffic up to the rate they've
> purchased, assuming the /24 still has capacity.
>
> This is the config I have.  The key bit of my question involves the use of
> the "term next" statement:
>
> term Global-Shape{
>    from {
>        destination-address {
>            192.168.0.0/24;
>        }
>    }
>    then {
>        policer rl-50;
>        next term;  <<-----  Valid? Will this work as intended?
>    }
> }
> term Customer1 {
>    from {
>        destination-address {
>            192.168.0.0/30;
>        }
>    }
>    then {
>        policer rl-10; <<---- This customer gets 10Mb/s total.
>        count Customer1;
>    }
> }
> term Customer2 {
>    from {
>        destination-address {
>            192.168.0.4/30;
>        }
>    }
>    then {
>        policer rl-20; <<---- This customer gets 20Mb/s total.
>        count Customer2;
>    }
> }
>
> Assume there's another 20 customers all configured the same.
>
> Basically: If the sum of the /30's policers is say, 150Mb/s will the above
> config limit the /24 to 50Mb/s?
>
> Thanks for any pointers you can provide.
>
> Kind Regards,
>
> Tim H
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
> 