policer (Configuring)
Syntax
policer policer-name { filter-specific; counter { counter-id counter-index;} if-exceeding { bandwidth-limit bps; bandwidth-percent number; burst-size-limit bytes; } logical-bandwidth-policer; logical-interface-policer; physical-interface-policer; shared-bandwidth-policer; then { policer-action; } }
Hierarchy Level
[edit dynamic-profiles profile-name firewall], [edit firewall], [edit logical-systems logical-system-name firewall]
Description
Configure policer rate limits and actions. When
included at the [edit firewall]
hierarchy level, the policer
statement creates a template, and you do not have to
configure a policer individually for every firewall filter or interface.
To activate a policer, you must include the policer-action
modifier in the then
statement in a firewall filter term
or on an interface.
You can configure the policer in static firewall filters or dynamic firewall filters in a dynamic client profile or a dynamic service profile.
Options
policer-action | One or more actions to take:
|
policer-name | Name that identifies the policer. The name can contain
letters, numbers, and hyphens (-), and can be up to 255 characters
long. To include spaces in the name, enclose it in quotation marks
(“ ”). Policer names cannot begin with an underscore
in the form |
then | Actions to take on matching packets. |
The remaining statements are explained separately. Search for a statement in CLI Explorer or click a linked statement in the Syntax section for details.
Required Privilege Level
firewall—To view this statement in the configuration.
firewall-control—To add this statement to the configuration.