[j-nsp] JUNOS POLICER
Derick Winkworth
dwinkworth at att.net
Thu Sep 2 14:45:08 EDT 2010
You need to put it all in the same term.
________________________________
From: Giuliano Cardozo Medalha <giulianocm at uol.com.br>
To: juniper-nsp at puck.nether.net
Sent: Thu, September 2, 2010 11:07:08 AM
Subject: [j-nsp] JUNOS POLICER
People,
We are trying to configure policers to logical interfaces created under IQ2E
PIC.
All policers are using firewall filters.
One of them is a different situation ... we cannot rate all interface but only 3
IPs that pass thought the interface.
But the policer is not worlink correctly:
set firewall policer teste if-exceeding bandwidth limit 10m burst size 1000
set firewall policer teste then discar
set firewall family inet filter policer term 10 from source-address
192.168.10.35/32
set firewall family inet filter policer term 10 then accept
set firewall family inet filter policer term 10 then policer teste
set firewall family inet filter policer term 20 from source-address
192.168.10.36/32
set firewall family inet filter policer term 20 then accept
set firewall family inet filter policer term 20 then policer teste
set firewall family inet filter policer term 30 from source-address
192.168.10.37/32
set firewall family inet filter policer term 30 then accept
set firewall family inet filter policer term 30 then policer teste
set firewall family inet filter policer term 40 then accept
set interface ge-0/0/0 unit 100 vlan-id 100 family inet filter input policer
The problem is ... the 3 chosen IPs are exceeding 10m. Sometimes 12, sometimes
18 Mbps.
We need to use some special command for it ? Like - logical interface under
policer ?
What is the correct manner to use it ?
Or we need to put it all in the same term ?
Thanks a lot,
Giuliano
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list