[j-nsp] How to calculate "burst-size-limit" in JUNOS Firewall Policer
Stefan Fouant
sfouant at shortestpathfirst.net
Thu Mar 8 08:05:48 EST 2012
It should be 5ms of the interface speed, not 5ms of the CIR
Stefan Fouant
GPG Key ID: 0xB4C956EC
Sent from my HTC EVO.
----- Reply message -----
From: "Arun Kumar" <narain.arun at gmail.com>
Date: Thu, Mar 8, 2012 6:24 am
Subject: [j-nsp] How to calculate "burst-size-limit" in JUNOS Firewall Policer
To: <juniper-nsp at puck.nether.net>
Hi All,
I am facing some issues in calculating the right burst size limit for
Firewall policer in Junos. As per the document, the burst size limit is
calculated like below:
1. The minimum value allowed is 1500 bytes.
2. The minimum value should be 10 times of interface MTU.
3. Burst size limit is calculated for 5ms for data burst. Burst size limit
= (bandwdith limit *0.005)/8
That is for CIR=2048000 (bandwidth limit 2048000 bps), burst size limit is
2048000 * 0.005 / 8 = 1480 bytes. Since this violates point no 2, I set
burst-size-limit to 15180 bytes (interface Gigabit MTU is 1518 bytes). When
I set this, I am not able to pass traffic more than 200kbps. Only I
increase the burst-size-limit to higher random value policer works as
expected.
user at host# show firewall policer TEST
if-exceeding {
bandwidth-limit 2048000;
burst-size-limit 15180;
}
then discard;
How to calculate the correct burst-size-limit for Junos Firewall Policer?
thanks
Arun
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list