Example: Service and User Rate-Limit Hierarchy Overlap Hierarchical Policy
Configuration
Copyright © 2010, Juniper Networks, Inc.
host1(config-interface)#exit
host1(config)#interface ip 3/0.2.2
host1(config-interface)#ip policy-parameter hierarchical A 2
host1(config-interface)#ip policy input IP_POL2 statistics enable
host1(config-interface)#exit
In the service and user rate-limit hierarchy overlap configuration example:
The service provider has to enforce a bandwidth limit on a video service over a VLAN
and wants to limit the maximum bandwidth of each user's total traffic.
There are two terminated sessions and their corresponding IP interfaces are I1 and I2.
Each session contains a video flow classified by C1 and all other traffic is classified by
an asterisk (*).
All video flows over the VLAN are rate-limited to a common rate of 1Mbps.
Each session is individually rate-limited by 2 Mbps.
You can attach policies at interface I1-I2.
Figure 16: Interface Stack for Service and User Rate-Limit Hierarchy
Overlap
This example uses the following:
At I1 and I2:
USER_RATE, Committed Rate: 2 Mbps
Peak Rate: 0 Mbps
Committed Action: transmit final
Conformed Action: drop
Exceeded Action: drop
Both C1 and C2 feed into a single policer with the following configuration:
AGG_VIDEO, Committed Rate: 1 Mbps
Peak Rate: 0 Mbps
Committed Action: transmit conditional
Chapter 7: Creating Hierarchical Policies for Interface Groups
143