Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Example: Configuring VPLS Policers


This example shows how to configure VPLS policers.


Before you begin:


This example describes how to configure policing and apply it on the interface for VPLS.


MPLS is disabled by default on SRX Series devices. You must explicitly configure your device to allow MPLS traffic. However, when MPLS is enabled, all flow-based security features are deactivated and the device performs packet-based processing. Flow-based services such as security policies, zones, NAT, ALGs, chassis clustering, screens, firewall authentication, and IPsec VPNs are unavailable on the device.


CLI Quick Configuration

To quickly configure VPLS policers, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, copy and paste the commands into the CLI at the [edit] hierarchy level, and then enter commit from configuration mode.

Step-by-Step Procedure

To configure filters for VPLS:

  1. Configure bandwidth percentage.
  2. Configure the burst size limit.
  3. Configure the terminal action on the packet.
  4. Apply the policer to the interface.
  5. If you are done configuring the device, commit the configuration.


To verify the configuration is working properly, enter the show firewall command.