[Contents] [Prev] [Next] [Index] [Report an Error]

Configuring a Tricolor Marking Policer

A tricolor marking policer polices traffic on the basis of metering, including the committed information rate (CIR), the peak information rate (PIR), and their associated burst sizes.

To configure a tricolor marking policer, include the three-color-policer statement at the [edit firewall] hierarchy level:

[edit firewall]
three-color-policer (Configuring) name {
single-rate {
(color-aware | color-blind);
committed-information-rate bps;
committed-burst-size bytes;
excess-burst-size bytes;
}
two-rate {
(color-aware | color-blind);
committed-information-rate bps;
committed-burst-size bytes;
peak-information-rate bps;
peak-burst-size bytes;
}
}

When you configure this type of policer, you can set up to three loss priorities: low, medium-high, and high.

Note: To configure a policer that marks packets so that they have medium-low loss priority, you must configure a policer at the [edit firewall policer policer-name] hierarchy level.

For example:

[edit firewall]
policer 4PLP {
if-exceeding {
bandwidth-limit 40k;
burst-size-limit 4k;
}
then loss-priority medium-low;
}

Apply this policer at one or both of the following hierarchy levels:

  • [edit firewall family family filter filter-name term rule-name then policer policer-name]
  • [edit interfaces interface-name unit logical-unit-number family family filter]

Specify the single-rate statement to configure marking based on CIR. If a packet exceeds the CIR in a single-rate policer, it is evaluated by the CBS. Specify the committed-burst-size option value to configure the maximum number of bytes allowed for incoming packets to burst above the CIR, but still be marked green. Specify the excess-burst-size option value to configure the maximum number of bytes allowed for incoming packets to burst above the CIR, but be marked red.

Specify the two-rate statement to configure marking based on CIR and PIR. If a packet exceeds the CIR in a two-rate policer, it is evaluated by the PIR. Specify the committed-information-rate option value to configure the guaranteed bandwidth under normal line conditions, and the rate up to which packets are marked green. Specify the committed-burst-size option value to configure the maximum number of bytes allowed for incoming packets to burst above the CIR, but still be marked green.

Specify the peak-information-rate option value to configure the maximum achievable rate. Packets that exceed the CIR, but are below the PIR, are marked yellow. Packets that exceed the PIR are marked red. Specify the peak-burst-size option value to configure the maximum number of bytes allowed for incoming packets to burst above the PIR, but still be marked yellow.

For both the single-rate statement and the two-rate statement, specify the color-aware option value to configure metering by preclassification. Metering can increase a PLP, but cannot decrease it. Specify the color-blind option value to ignore any preclassification.

For more information about tricolor marking, see the JUNOS Class of Service Configuration Guide.

Example: Configuring a Tricolor Marking Policer

Configure a tricolor policer:

[edit firewall]
three-color-policer trtcm1 {
two-rate {
color-blind;
committed-information-rate 1048576;
committed-burst-size 65536;
peak-information-rate 10485760;
peak-burst-size 131072;
}
}

Apply the tricolor policer to a firewall filter.

[edit firewall]
filter fil {
term default {
then {
three-color-policer {
two-rate trtcm1;
}
}
}
}
[Contents] [Prev] [Next] [Index] [Report an Error]

Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice.