Juniper EX9200 Features Manual page 181
Traffic policers feature guide ex series
Hide thumbs
Also See for EX9200:
- Features manual (448 pages) ,
- Manual (118 pages) ,
- Overview manual (72 pages)
Table of Contents
Advertisement
Configuration
CLI Quick
Configuration
Copyright © 2016, Juniper Networks, Inc.
traffic, packets are implicitly set with a loss-priority value of
If the policer configuration includes the optional
high then discard
), then packets in a red flow are discarded instead.
You can apply a three-color policer to Layer 3 traffic as a firewall filter policer only. You
reference the policer from a stateless firewall filter term, and then you apply the filter to
the input or output of a logical interface at the protocol level.
Topology
In this example, you apply a color-aware, two-rate three-color policer to the input IPv4
traffic at logical interface
fe-0/1/1.0
policer does not apply any packet-filtering. The filter is used only to apply the three-color
policer to the interface.
You configure the policer to rate-limit traffic to a bandwidth limit of 40 Mbps and a
burst-size limit of 100 KB for green traffic, and you configure the policer to also allow a
peak bandwidth limit of 60 Mbps and a peak burst-size limit of 200 KB for yellow traffic.
Only nonconforming traffic that exceeds the peak traffic limits is categorized as red. In
this example, you configure the three-color policer action
which overrides the implicit marking of red traffic to a
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode.
To configure this example, perform the following tasks:
Configuring a Two-Rate Three-Color Policer on page 164
Configuring an IPv4 Stateless Firewall Filter That References the Policer on page 165
Applying the Filter to a Logical Interface at the Protocol Family Level on page 166
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, copy and then paste the commands into the CLI at the
level, and then enter
commit
set firewall three-color-policer trTCM1-ca two-rate color-aware
set firewall three-color-policer trTCM1-ca two-rate committed-information-rate 40m
set firewall three-color-policer trTCM1-ca two-rate committed-burst-size 100k
set firewall three-color-policer trTCM1-ca two-rate peak-information-rate 60m
set firewall three-color-policer trTCM1-ca two-rate peak-burst-size 200k
set firewall three-color-policer trTCM1-ca action loss-priority high then discard
set firewall family inet filter filter-trtcm1ca-all term 1 then three-color-policer two-rate
trTCM1-ca
set interfaces ge-2/0/5 unit 0 family inet address 10.10.10.1/30
set interfaces ge-2/0/5 unit 0 family inet filter input filter-trtcm1ca-all
set class-of-service interfaces ge-2/0/5 forwarding-class af
Chapter 15: Basic Two-Rate Three-Color Policers
action
. The IPv4 firewall filter term that references the
high
from configuration mode.
and then transmitted.
high
statement (
action
loss-priority
loss-priority high then discard
loss priority.
[edit]
hierarchy
,
163
Advertisement
Table of Contents
