The way you have done it, bandwidth will be shared among multiple
interfaces. Adding filter-specific knob to the policer will make them
unique. Further, use the "interface-specific" command in the firewall
filter, In this case you can use the same filter in multiple interfaces
without having shared bandwidth.
firewall {
policer 10m {
filter-specific;------------ this will make all policer unique.
if-exceeding {
bandwidth-limit 10m;
burst-size-limit 100k;
}
then discard;
Create a filter instead of applying filter directly on an interface and
use filter-specific under [edit firewall family family-name filter
filter-name]
Regards,
Masood
Blog: http://weblogs.com.pk/jahil/
-----Original Message-----
From: juniper-nsp-boun...@puck.nether.net
[mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Brendan Mannella
Sent: Tuesday, May 19, 2009 7:36 PM
To: juniper-nsp@puck.nether.net
Subject: [j-nsp] Ex Series Bandwidth Policer
Hi,
I was wondering what the best way to limit bandwidth per customer port on
a EX3200 would be.
Lets say i have customer A on port 3 and customer B on port 4 and would
like to give each one 10 mbits per sec up and down. Something like this...
ge-0/0/3 {
description Customer A;
unit 0 {
family ethernet-switching {
port-mode access;
vlan {
members 43;
ge-0/0/4 {
description Customer B;
unit 0 {
family ethernet-switching {
port-mode access;
vlan {
members 44 ;
firewall {
policer 10m {
if-exceeding {
bandwidth-limit 10m;
burst-size-limit 100k;
}
then discard;
Then i would just apply the 10m policer to both interfaces for both input
and output?
Any clarification on this would be helpful.
Thanks,
Brendan
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
