Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Example: Providing Tiered Internet Services with Policing

    In this scenario, the service provider offers three tiered Internet services to its subscribers:

    • Gold, which provides a bandwidth of up to 5 Mbps.
    • Silver, which provides a bandwidth of up to 1 Mbps.
    • Bronze, which provides a bandwidth of up to 64 Kbps.

    One of the tiered Internet services controls the traffic at a given time. Accounting data is collected for the tiered services.

    A default policy is needed to establish the context of the tiered service. The subscriber has an IP interface in the network; the access point has a default policy that prevents the subscriber from using a tiered Internet service until the service is activated.

    From the service provider’s perspective, the service provider’s network is on the inside, and the enterprise network is on the outside. Ingress traffic flows from the enterprise network to the service provider’s network. Egress traffic flows from the service provider’s network to the enterprise network.

    Types of Policies

    JunosE policies use the rate-limit action to control bandwidth, and Junos OS policies use the policer action to control bandwidth. You can also use QoS conditions and scheduler actions to provide tiered Internet services.

    Sample JunosE Rate-Limiting Policy

    The sample JunosE policy has a local parameter bw, which is used in the rate-limit action both on input and output directions.

    In this example, the committed action is forward, whereas the conformed and exceeded actions are set to filter.

    The following information shows the configuration details of the Internet tiered policy group for routers running JunosE Software.

    Local Parameter

    [edit policies folder sample folder common group internet-tiered local-parameters]
    user@host# show 
    parameter bw {
      default-value 5000000;
      type rate;
    }

    Policy List je-out

    [edit policies folder sample folder common group internet-tiered list je-out]
    user@host# show 
    role junose-ipv4;
    applicability output;
    rule the-limit {
      type junose-ipv4;
      precedence 600;
      accounting;
      rate-limit limit {
        committed-action { 
          forward {
          }
        }
        conformed-action {
          filter {
          }
        }
        exceed-action {
          filter {
          }
        }
        type two_rate;
        committed-rate bw;
        committed-burst 500000;
        peak-rate bw;
        peak-burst 500000;
      }
      traffic-condition any {
      }
    }

    Policy List je-in

    [edit policies folder sample folder common group internet-tiered list je-in]
    user@host# show 
    role junose-ipv4;
    applicability input;
    rule the-limit {
      type junose-ipv4;
      precedence 600;
      accounting;
      rate-limit limit {
        committed-action {
          forward {
          }
        }
        conformed-action {
          filter {
          }
        }
        exceed-action {
          filter {
          }
        }
        type two_rate;
        committed-rate bw;
        committed-burst 500000;
        peak-rate bw;
        peak-burst 500000;
      }
      traffic-condition any {
      }
    }

    Sample Junos OS Policer Policy

    The sample Junos OS policy has a local parameter bw, which is used in the policer action both on input and output directions.

    In this example, packets that exceed the bandwidth limit are filtered.

    The following information shows the configuration details of the Internet tiered policy group for routers running Junos OS.

    Local Parameter

    [edit policies folder sample folder common group internet-tiered local-parameters]
    user@host# show 
    parameter bw {
      default-value 5000000;
      type rate;
    }

    Policy List j-out

    [edit policies folder sample folder common group internet-tiered list j-out]
    user@host# show 
    role junos;
    applicability output;
    rule PR {
      type junos-filter;
      precedence 100;
      policer PA {
        packet-action packet0 {
          filter {
          }
        }
        bandwidth-limit bw;
        bandwidth-limit-unit bps;
        burst 15000;
      }
    }

    Policy List j-in

    [edit policies folder sample folder common group internet-tiered list j-in]
    user@host# show 
    role junos;
    applicability input;
    rule PR {
      type junos-filter;
      precedence 100;
      policer PA {
        packet-action packet0 {
          filter {
          }
        }
        bandwidth-limit bw;
        bandwidth-limit-unit bps;
        burst 15000;
      }
    }

    Defining the Tiered Internet Services

    You need to create three SAE services—Gold, Silver, and Bronze.

    Assign to the new service one of the Internet-tiered policy groups that we created in the last section.

    For each service, define a substitution value for the bw parameter. For the Gold service, the bw value is 5 Mbps; for the Silver service, the bw value is 1 Mbps; and for the Bronze service, the bw value is 64 Kbps.

    Internet-Gold Service

    [edit services global service Internet-Gold]
    user@host# show 
    description "Example for rate limited internet (requires matching default policies)";
    type normal;
    category Internet;
    policy-group /sample/common/internet-tiered;
    radius-class Internet-Gold;
    status active;
    parameter {
      substitution "bw = 5000000";
    }

    Internet-Silver Service

    [edit services global service Internet-Silver]
    user@host# show 
    description "Example for rate limited internet (requires matching default policies)";
    type normal;
    category Internet;
    policy-group /sample/common/internet-tiered;
    radius-class Internet-Silver;
    status active;
    parameter {
      substitution "bw = 1000000";
    }

    Internet-Bronze Service

    [edit services global service Internet-Bronze]
    user@host# show 
    description "Example for rate limited internet (requires matching default policies)";
    type normal;
    category Internet;
    policy-group /sample/common/internet-tiered;
    radius-class Internet-Bronze;
    status active;
    parameter {
      substitution "bw = 64000";
    }

    Published: 2014-06-06