Complete Software Guide for Junos
Results
2820
®
OS for EX Series Ethernet Switches, Release 10.4
user@switch# show policer p1 |display set
set firewall policer p1 if-exceeding bandwidth-limit 1m
set firewall policer p1 if-exceeding burst-size-limit 1k
set firewall policer p1 then discard
Configure a firewall filter to count packets from each user and a policer that limits
3.
the traffic rate. As each new user is authenticated on the multiple supplicant
interface, this filter term will be included in the dynamically created term for the
user:
[edit firewall family ethernet-switching]
user@switch# set filter filter1 term term1 from destination-address 192.0.2.16/28
user@switch# set filter filter1 term term1 then count counter1
user@switch# set filter filter1 term term2 then policer p1
Check the results of the configuration:
user@switch> show configuration
firewall {
family ethernet-switching {
filter filter1 {
term term1 {
from {
destination-address {
192.0.2.16/28;
}
}
then count counter1;
term term2 {
from {
destination-address {
192.0.2.16/28;
}
}
then policer p1;
}
}
}
policer p1 {
if-exceeding {
bandwidth-limit 1m;
burst-size-limit 1k;
}
then discard;
}
}
protocols {
dot1x {
authenticator
interface ge-0/0/2 {
supplicant multiple;
}
}
}
Copyright © 2010, Juniper Networks, Inc.