physical-interface-filter
Syntax
physical-interface-filter;
Hierarchy Level
[edit firewall family family-name filter filter-name], [edit logical-systems logical-system-name firewall family family-name filter filter-name], [edit routing-instances routing-instance-name firewall family family-name filter filter-name], [edit logical-systems logical-system-name routing-instances routing-instance-name firewall family family-name filter filter-name]
Description
Configure a physical interface filter. Use this statement to reference a physical interface policer for the specified protocol family.
For PTX series routers running Junos OS Release 18.3R1 or later, you can use this command to configure separate firewall filters for different family address types (IPv4 and IPv6) that share the same interface, and configure the same policer as an action for the filter.
To use the aggregate policer, configure the firewall policer you want as
physical-interface-policer
. In addition, at the
firewall family family-name filter
filter-name
hierarchy level where you will
reference the policer, make the policer a
physical-interface-filter
firewall filter action. This creates a unique instance of the filter on the physical
interface.
The sample configuration shows the settings and relationship between them.
firewall { policer Shared_Policer { physical-interface-policer; if-exceeding { bandwidth-limit 100m; burst-size-limit 500k; } then { discard; } } }
firewall { filter Filter_Name { physical-interface-filter; term term_name { then { policer Shared_Policer; count cinet; } } } }
family inet { filter filter_name { physical-interface-filter; term term_name { then { policer Shared_Policer; count cinet; } } } }
Required Privilege Level
interface—To view this statement in the configuration.
interface-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 9.6.
Support for PTX series routers with third-generation FPCs added in Junos OS Release 18.3R1.