Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

hierarchical-policer

Syntax (Bandwidth-Based)

Syntax (Packets-Per-Second (pps)-Based)

Hierarchy Level

Description

Use a hierarchical policer to rate-limit ingress Layer 2 traffic at a physical or logical interface and apply different policing actions based on whether the packets are classified as premium for expedited forwarding (EF) or aggregate for a lower priority. The two policers defined within the hierarchical policer are aggregate and premium.

Note:

  • The if-exceeding-pps statement is only supported on MX Series routers with MPCs.

  • The if-exceeding and if-exceeding-pps statements are mutually exclusive and, therefore, cannot be applied at the same time.

You can configure the policer in static firewall filters or dynamic firewall filters in a dynamic client profile or a dynamic service profile.

Options

hierarchical-policer-name—Name that identifies the policer. The name can contain letters, numbers, and hyphens (-), and can be up to 255 characters long. To include spaces in the name, enclose the name in quotation marks (“ ”).

uid—When you configure a hierarchical policer at the [edit dynamic-profiles profile name firewall] hierarchy level, you must assign a variable UID as the policer name.

The remaining statements are explained separately. Search for a statement in CLI Explorer or click a linked statement in the Syntax section for details.

Required Privilege Level

firewall—To view this statement in the configuration.

firewall-control—To add this statement to the configuration.