[j-nsp] Burst size for policing
Luca Salvatore
Luca at ninefold.com
Fri Jan 25 16:20:18 EST 2013
Hi Guys,
Got some issues with my policing configuation on a SRX650.
I have it configured to police inbound and outbound traffic to 40Mb.
The config to make this happen is:
configuration firewall policer police-customer | display set
set firewall policer police-customer if-exceeding bandwidth-limit 39m
set firewall policer police-customer if-exceeding burst-size-limit 1m
set firewall policer police-customer then discard
So this works really well for outbound traffic - speeds test show that it sits right on 40Mb.
However for my inbound traffic I see that speeds get well above 40Mb - around 65 to 70 actually.
The policier is applied to the customers interface in both the inbound and outbound direction.
I'm thinking the burst size could be too big perhaps?
Thanks.
Luca.
More information about the juniper-nsp
mailing list