[j-nsp] Burst size for policing
OBrien, Will
ObrienH at missouri.edu
Fri Jan 25 16:38:42 EST 2013
I usually use separate policers for in and out.
Will
On Jan 25, 2013, at 1:22 PM, "Luca Salvatore" <Luca at ninefold.com> wrote:
> Hi Guys,
>
> Got some issues with my policing configuation on a SRX650.
> I have it configured to police inbound and outbound traffic to 40Mb.
>
> The config to make this happen is:
>
> configuration firewall policer police-customer | display set
> set firewall policer police-customer if-exceeding bandwidth-limit 39m
> set firewall policer police-customer if-exceeding burst-size-limit 1m
> set firewall policer police-customer then discard
>
> So this works really well for outbound traffic - speeds test show that it sits right on 40Mb.
> However for my inbound traffic I see that speeds get well above 40Mb - around 65 to 70 actually.
>
> The policier is applied to the customers interface in both the inbound and outbound direction.
>
> I'm thinking the burst size could be too big perhaps?
>
> Thanks.
> Luca.
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list