[j-nsp] filter actions: policer and count - order of operations,
Harry Reynolds
harry at juniper.net
Wed Mar 4 11:33:09 EST 2015
Policer, then filter. The policer counter shows traffic that was deemed to be in excess and therefore policed. The filter will count only the accepted packets.
HTHs
-----Original Message-----
From: juniper-nsp [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Piotr
Sent: Wednesday, March 04, 2015 3:32 AM
To: juniper-nsp at puck.nether.net
Subject: [j-nsp] filter actions: policer and count - order of operations,
Hi,
What is order of operations in Junos (MX) policer vs count in two cases:
when packets will be droped by policer ( terminating actions) or passed by policer (nonterminating). Every packets will be counted in both cases ?
example:
term syn_xxx {
from {
tcp-initial;
}
then {
policer policer_syn_xxx;
count syn_xxx;
accept;
}
}
# show firewall policer policer_syn_xxx
if-exceeding {
bandwidth-limit 40k;
burst-size-limit 4k;
}
then discard;
Thanks for explanation.
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list