> -----Original Message----- > From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp- > boun...@puck.nether.net] On Behalf Of Martin T > Sent: Monday, April 04, 2011 8:48 AM > To: Gabriel Blanchard > Cc: juniper-nsp@puck.nether.net > Subject: Re: [j-nsp] Juniper "firewall policer" inner workings > > Gabriel, > the question is, what does JUNOS "bandwidth-limit 10m" count into this > "10m". Only they application payload? L4 header as well? Or even the > IP header? If I send UDP traffic with 10Mbps and router policer > "bandwidth-limit 10m" drops ~2.5% of this traffic, then I don't find > this normal..
IIRC, the policer is applied to everything at Layer 3 and below, hence it's application at 'family inet'. I agree with Gabriel, a small amount of packet loss would be expected in this scenario, in your case I would deem it to be fairly negligible. Stefan Fouant, CISSP, JNCIEx2 www.shortestpathfirst.net GPG Key ID: 0xB4C956EC _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp