 |
Note: You cannot rate-limit based on bandwidth percentage for aggregate, tunnel, and software interfaces. The bandwidth percentage policer cannot be used for forwarding table filters. This can only be used for interface-specific filters. |
To specify the rate limiting part of a policer, include an if-exceeding statement at the [edit firewall policer policer-name] hierarchy level:
- [edit firewall policer]
-
if-exceeding {
- bandwidth-limit bps;
- bandwidth-percent number;
- burst-size-limit;
- }
You specify the bandwidth limit in bits per second (bps). You can specify the value as a complete decimal number or as a decimal number followed by the abbreviation k (1000), m (1,000,000), or g (1,000,000,000).Any value below 61,040 bps will result in an effective rate of 30,520 bps. Beginning with JUNOS Release 9.4, the minimum bandwith limit that you can configure on the MX-series, M120, and M320 routing platforms only is 8000 bps. The minimum bandwidth limit that you can configure for all other platforms remains 32,000 bps. The maximum bandwidth limit is 40 gigabits per second (Gbps).
You can rate-limit traffic based upon port speed. This port speed can be specified by a bandwidth percentage in a policer. You must specify the percentage as a complete decimal number between 1 and 100.
|
Note: You cannot rate-limit based on bandwidth percentage for aggregate, tunnel, and software interfaces. The bandwidth percentage policer cannot be used for forwarding table filters. This can only be used for interface-specific filters. |
The maximum burst size controls the amount of traffic bursting allowed. To determine the value for the burst-size limit, the preferred method is to multiply the bandwidth (bytes per second) of the interface on which you are applying the filter by the amount of time you allow a burst of traffic at that bandwidth to occur; for example, 5 milliseconds.
- burst size = bandwidth x allowable time for burst traffic
/ 8
If you do not know the interface bandwidth, you can multiply the maximum transmission unit (MTU) of the traffic on the interface by 10 to obtain a value. For example, the burst size for an MTU of 4700 would be 47,000 bytes. At minimum, burst size should be at least 10 interface MTUs. The maximum value for the burst-size limit is 100 megabits per second (Mbps).
For a sample filter configuration for rate limiting, see Examples: Configuring Policing.
 | Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |