[j-nsp] Logical interface policer question

tim tiriche tim.tiriche at gmail.com
Tue Oct 11 20:29:13 EDT 2011


Hi,

I am preparing for JNCIP-SP exam and would like to understand what
logical interface policer statement does?
The documentation says it is an aggregate policer but it is not very
clear to me.

policer example:

[edit firewall]
+   policer policer-test {
+       logical-interface-policer;
+       if-exceeding {
+           bandwidth-limit 10m;
+           burst-size-limit 100k;
+       }
+       then discard;
+   }


[edit interfaces ge-2/0/0 unit 0]
+      family inet {
+          policer {
+              input policer-test;
+          }
+          address 1.1.1.1/30;
+      }
+      family inet6 {
+          policer {
+              input policer-test;
+          }
+          address abcd::1/64;
+      }
[edit interfaces ge-2/0/0 unit 1]
+      family inet {
+          policer {
+              input policer-test;
+          }
+          address 2.2.2.2/30;
+      }


[edit interfaces]
+   ge-2/0/1 {
+       unit 0 {
+           family inet {
+               policer {
+                   input policer-test;
+               }
+               address 121.1.1.1/30;
+           }
+       }
+   }

does this mean that a total of 10M will be shared among all the
interfaces and protocol families on a first come first serve basis?
or does each unit get 10M (i.e ge-2/0/0 (inet+inet6) = 10M, ge-2/0/0.1
= 10M, ge-2/0/1=10M?
or does each physical interface get 10M? (i.e ge-2/0/0 = 10M + ge-2/0/1 = 10M)

is there any way to check this on a jseries router on a m/t series, i
believe there was a PFE command on the FPC to see the value.

Thanks.


More information about the juniper-nsp mailing list