Two-Color And Three-Color Physical Interface Policers; Physical Interface Policer Overview - Juniper EX9200 Features Manual

CHAPTER 17
Two-Color and Three-Color Physical
Interface Policers

Physical Interface Policer Overview

Copyright © 2016, Juniper Networks, Inc.
Physical Interface Policer Overview on page 185
Example: Configuring a Physical Interface Policer for Aggregate Traffic at a Physical
Interface on page 187
A physical interface policer is a two-color or three-color policer that defines traffic rate
limiting that you can apply to input or output traffic for all the logical interfaces and
protocol families configured on a physical interface, even if the logical interfaces belong
to different routing instances. This feature is useful when you want to perform aggregate
policing for different protocol families and different logical interfaces on the same physical
interface.
For example, suppose that a provider edge (PE) router has numerous logical interfaces,
each corresponding to a different customer, configured on the same link to a customer
edge (CE) device. Now suppose that a customer wants to apply one set of rate limits
aggregately for certain types of traffic on a single physical interface. To accomplish this,
you could apply a single physical interface policer to the physical interface, which
rate-limits all the logical interfaces configured on the interface and all the routing
instances to which those interfaces belong.
To configure a single-rate two-color physical interface policer, include the
physical-interface-policer statement at one of the following hierarchy levels:
[edit firewall policer policer-name]
[edit logical-system logical-system-name firewall
[edit routing-instances routing-instance-name firewall
[edit logical-systems logical-system-name routing-instances routing-instance-name
firewall policer policer-name]
policer policer-name]
policer policer-name]
185