The way you have done it, bandwidth will be shared among multiple interfaces. Adding filter-specific knob to the policer will make them unique. Further, use the "interface-specific" command in the firewall filter, In this case you can use the same filter in multiple interfaces without having shared bandwidth.
firewall { policer 10m { filter-specific;------------ this will make all policer unique. if-exceeding { bandwidth-limit 10m; burst-size-limit 100k; } then discard; Create a filter instead of applying filter directly on an interface and use filter-specific under [edit firewall family family-name filter filter-name] Regards, Masood Blog: http://weblogs.com.pk/jahil/ -----Original Message----- From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Brendan Mannella Sent: Tuesday, May 19, 2009 7:36 PM To: juniper-nsp@puck.nether.net Subject: [j-nsp] Ex Series Bandwidth Policer Hi, I was wondering what the best way to limit bandwidth per customer port on a EX3200 would be. Lets say i have customer A on port 3 and customer B on port 4 and would like to give each one 10 mbits per sec up and down. Something like this... ge-0/0/3 { description Customer A; unit 0 { family ethernet-switching { port-mode access; vlan { members 43; ge-0/0/4 { description Customer B; unit 0 { family ethernet-switching { port-mode access; vlan { members 44 ; firewall { policer 10m { if-exceeding { bandwidth-limit 10m; burst-size-limit 100k; } then discard; Then i would just apply the 10m policer to both interfaces for both input and output? Any clarification on this would be helpful. Thanks, Brendan _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp