physical-interface-filter
Syntax
Hierarchy Level
Release Information
Statement introduced in Junos OS Release 9.6.
Support for PTX series routers with third-generation FPCs added in Junos OS Release 18.3R1.
Description
Configure a physical interface filter. Use this statement to reference a physical interface policer for the specified protocol family.
For PTX series routers running Junos OS Release 18.3R1 or later, you can use this command to configure separate firewall filters for different family address types (IPv4 and IPv6) that share the same interface, and configure the same policer as an action for the filter.
To use the aggregate policer, configure the firewall policer you want as physical-interface-policer. In addition, at the firewall family family-name filter filter-name hierarchy level where you will reference the policer, make the policer a physical-interface-specific firewall filter action. This creates a unique instance of the filter on the physical interface.
The sample configuration shows the settings and relationship between them.
firewall {
policer Shared_Policer {
physical-interface-policer;
if-exceeding {
bandwidth-limit 100m;
burst-size-limit 500k;
}
then {
discard;
}
}
}
firewall {
filter Filter_Name {
physical-interface-specific;
term term_name {
then {
policer Shared_Policer;
count cinet;
}
}
}
}family inet {
filter filter_name {
physical-interface-filter;
term term_name {
then {
policer Shared_Policer;
count cinet;
}
}
}
}
Required Privilege Level
interface—To view this statement in the configuration.
interface-control—To add this statement to the configuration.