date:20090703

Re: [j-nsp] Add vlan to multiple interfaces on EX series

2009-07-03 Thread Dan Farrell

I'm not sure that this is always a good idea, anyway.

Let's say you reach a point where you want to prune your interface 
membership... you just want, let's say, to remove one interface from the 
"range."

Would that action of deleting the line and re-submitting it without the 
interface you want remove reset the membership of the others? It's not 
unreasonable to think that action would take place.

IMHO in these instances I've always just dealt with it and added each one by 
hand, knowing I can prune any of the individually in the future with no 
possible effect on the remaining interfaces.

Also, the worst it's going to get would be 42 interfaces... 

Dan

-Original Message-
From: juniper-nsp-boun...@puck.nether.net 
[mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Matt Stevens
Sent: Thursday, July 02, 2009 9:19 PM
To: Matt Stevens; juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Add vlan to multiple interfaces on EX series

Sigh...from everyone's answers it appears the short answer to this question
is no.

I guess I'll take this up with my account team.

Thanks everyone!
-- 
matt

On 7/2/09 12:25 PM, "Matt Stevens"  wrote:

> Is there an easy way to add a new VLAN to multiple interfaces on the EX
> series switches? I'd like to be able to use a port range for both adding
> vlans to trunk ports and putting access ports into a specific vlan.
> 
> Both seem to only allow actions to be performed on a single port at a time.

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] firewall policer

2009-07-03 Thread Sean Clarke


On 7/3/09 4:30 PM, Bit Gossip wrote:

Unfortunately I have tested it but the result is that the policer
operates independently on the 2 interfaces with the result that the
total out of the 2 GE is 2000k and not 1000k.

Any idea way and how I can get it to work in aggregate fashion.
   

don't include the knob then it will do the aggregate ..

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] firewall policer

2009-07-03 Thread Krasimir Avramski

Hi,

Apply the same filter to both IFLs.

"Filter-specific" policer shares bandwidth if you use it multiple times in
the same filter (for example a policer referenced under multiple filter
terms)


If you use a filter applied to multiple IFLs and filter is NOT explicitly
defined as "interface-specific" (which is default) then policer is shared on
all filter instances where applied.

And hey, this will work only if IFLs where the filter applied are under the
same I-chip(PFE) group. There is no way to share policer instance between
different PFEs.

HTH,
Krasi

> -Original Message-
> From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-
> boun...@puck.nether.net] On Behalf Of Bit Gossip
> Sent: 03.07.2009 5:30 PM
> To: Sean Clarke
> Cc: juniper-nsp
> Subject: Re: [j-nsp] firewall policer
> 
> Unfortunately I have tested it but the result is that the policer
> operates independently on the 2 interfaces with the result that the
> total out of the 2 GE is 2000k and not 1000k.
> 
> Any idea way and how I can get it to work in aggregate fashion.
> 
> Thanks,
> bit.
> 
> On Wed, 2009-04-15 at 13:53 +0200, Sean Clarke wrote:
> > The way you have done it, the bandwidth will be shared
> >
> >
> > Adding filter-specific knob to the policer will make them unique ...
> i.e.
> >
> > policer P {
> >  filter-specific;<
> >  if-exceeding {
> >  bandwidth-limit 1000k;
> >  burst-size-limit 15k;
> >  }
> >  then discard;
> > }
> >
> >
> >
> > On 4/15/09 1:33 PM, Bit Gossip wrote:
> > > platform MX480 junos 9.3
> > >
> > > in the following config the same policer is appllied to 2 different
> > > interfaces via 2 different firewall filters.
> > >
> > > Will the policer police at 1 mbps the aggregate traffic of the 2
> > > interfaces; or it will police independent at 1 mbps the 2 differrent
> > > interfaces?
> > >
> > >   ge-5/2/1 {
> > >  unit 0 {
> > >  filter {
> > >  output F1;
> > >  }
> > >  }
> > >  }
> > > ge-5/2/2 {
> > >  unit 0 {
> > >  filter {
> > >  output F2;
> > >  }
> > >  }
> > >  }
> > >
> > > policer P {
> > >  if-exceeding {
> > >  bandwidth-limit 1000k;
> > >  burst-size-limit 15k;
> > >  }
> > >  then discard;
> > > }
> > >
> > > filter F1 {
> > >  term NATIONAL {
> > >  from {
> > >  source-class C1;
> > >  }
> > >  then {
> > >  policer P;
> > >  count C1;
> > >  accept;
> > >  }
> > >  }
> > >  term REMAINING {
> > >  then {
> > >  count REMAINING;
> > >  accept;
> > >  }
> > >  }
> > > }
> > > filter F2 {
> > >  term NATIONAL {
> > >  from {
> > >  source-class C2;
> > >  }
> > >  then {
> > >  policer P;
> > >  count C2;
> > >  accept;
> > >  }
> > >  }
> > >  term REMAINING {
> > >  then {
> > >  count REMAINING;
> > >  accept;
> > >  }
> > >  }
> > > }
> > >
> > >
> > > ___
> > > juniper-nsp mailing list juniper-nsp@puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/juniper-nsp
> > >
> > >
> >
> 
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] firewall policer

2009-07-03 Thread Bit Gossip

Unfortunately I have tested it but the result is that the policer
operates independently on the 2 interfaces with the result that the
total out of the 2 GE is 2000k and not 1000k.

Any idea way and how I can get it to work in aggregate fashion.

Thanks,
bit.

On Wed, 2009-04-15 at 13:53 +0200, Sean Clarke wrote:
> The way you have done it, the bandwidth will be shared
> 
> 
> Adding filter-specific knob to the policer will make them unique ... i.e.
> 
> policer P {
>  filter-specific;<
>  if-exceeding {
>  bandwidth-limit 1000k;
>  burst-size-limit 15k;
>  }
>  then discard;
> }
> 
> 
> 
> On 4/15/09 1:33 PM, Bit Gossip wrote:
> > platform MX480 junos 9.3
> >
> > in the following config the same policer is appllied to 2 different
> > interfaces via 2 different firewall filters.
> >
> > Will the policer police at 1 mbps the aggregate traffic of the 2
> > interfaces; or it will police independent at 1 mbps the 2 differrent
> > interfaces?
> >
> >   ge-5/2/1 {
> >  unit 0 {
> >  filter {
> >  output F1;
> >  }
> >  }
> >  }
> > ge-5/2/2 {
> >  unit 0 {
> >  filter {
> >  output F2;
> >  }
> >  }
> >  }
> >
> > policer P {
> >  if-exceeding {
> >  bandwidth-limit 1000k;
> >  burst-size-limit 15k;
> >  }
> >  then discard;
> > }
> >
> > filter F1 {
> >  term NATIONAL {
> >  from {
> >  source-class C1;
> >  }
> >  then {
> >  policer P;
> >  count C1;
> >  accept;
> >  }
> >  }
> >  term REMAINING {
> >  then {
> >  count REMAINING;
> >  accept;
> >  }
> >  }
> > }
> > filter F2 {
> >  term NATIONAL {
> >  from {
> >  source-class C2;
> >  }
> >  then {
> >  policer P;
> >  count C2;
> >  accept;
> >  }
> >  }
> >  term REMAINING {
> >  then {
> >  count REMAINING;
> >  accept;
> >  }
> >  }
> > }
> >
> >
> > ___
> > juniper-nsp mailing list juniper-nsp@puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
> >
> >
> 

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Add vlan to multiple interfaces on EX series

Re: [j-nsp] firewall policer

Re: [j-nsp] firewall policer

Re: [j-nsp] firewall policer

4 matches

Site Navigation

Mail list logo

Footer information