Juniper EX9200 Features Manual page 110
Traffic policers feature guide ex series
Hide thumbs
Also See for EX9200:
- Features manual (448 pages) ,
- Manual (118 pages) ,
- Overview manual (72 pages)
Table of Contents
Advertisement
Traffic Policers Feature Guide for EX9200 Switches
Verification
Purpose
Action
Meaning
Purpose
Action
92
Confirm that the configuration is working properly.
NOTE:
To verify the TCP policer, you can use a packet generation tool. This
task is not shown here.
Displaying Stateless Firewall Filter That Are in Effect on page 92
Using telnet to Verify the tcp-established Condition in the TCP Firewall Filter on page 92
Using telnet to Verify the Trusted Prefixes Condition in the TCP Firewall Filter on page 93
Using OSPF to Verify the TCP Firewall Filter on page 94
Verifying the ICMP Firewall Filter on page 95
Displaying Stateless Firewall Filter That Are in Effect
Verify the configuration of the firewall filter.
From operational mode, enter the
show firewall
user@R2>
Filter: protect-RE
Counters:
Name
icmp-counter
Policers:
Name
icmp-policer
tcp-connection-policer
The output shows the filter, the counter, and the policers that are in effect on Device R2.
Using telnet to Verify the tcp-established Condition in the TCP Firewall Filter
Make sure that telnet traffic works as expected.
Verify that the device can establish only TCP sessions with hosts that meet the
condition.
tcp-established
From Device R2, make sure that the BGP session with Device R1 is established.
1.
user@R2> show bgp summary | match down
Groups: 1 Peers: 1 Down peers: 0
From Device R2, telnet to Device R1.
2.
user@R2> telnet 192.168.0.1
Trying 192.168.0.1...
Connected to R1.example.net.
Escape character is '^]'.
R1 (ttyp4)
show firewall
command.
Bytes
Bytes
Copyright © 2016, Juniper Networks, Inc.
Packets
0
0
Packets
0
0
from
Advertisement
Table of Contents
