I did a similar exercise a while ago on T-series and it works, I would
expect it to work the same way on J-series.
Some tips:
1/ if you want to limit two or more customers to, say, 10Mbps each, don't
configure a "filter-specific" policer, configure a regular 10Mbps policer.
By default, a regular policer is term-specific and two or more customers can
be separately rate-limited by the different instances of the same regular
policer in different FW filter terms.
2/ "filter-specific" policer would come into play when you want to give a
shared (sub)bandwidth to two or more customers. If a policer is referenced
only once inside the FW filter, there is no difference between
filter-specific and default (term-specific) policer.
3/ with your example config, it is not possible to discriminate between
customers sharing 50Mbps bandwith - e.g. 1st customer could be clogging the
pipe up to own policer limit and all others will be forced to use what's
left of bandwidth delta (50Mbps less 1st customer policer limit).
Shaping+scheduling could be a better approach.
Rgds
Alex
----- Original Message -----
From: "TiM" <[email protected]>
To: <[email protected]>
Sent: Thursday, October 21, 2010 11:07 PM
Subject: [j-nsp] Rate Shaping on a J2350
Quick question about policing.
Basically I'd like to know if this config will work. I'm pretty sure it
will and the Juniper docs seems to agree with me, but the collective
wisdom of JNSP would be appreciated.
Router in question is a Juniper J2350.
Basically I want to say:
192.168.0.0/24 is in total allowed 50Mb/s of bandwidth. This is the
global limit that shouldn't be exceeded, regardless of what individual
customers are doing.
Then, under that, individiual customers (allocated a /30) are given a
"maximum" limit. That is, they can move traffic up to the rate they've
purchased, assuming the /24 still has capacity.
This is the config I have. The key bit of my question involves the use of
the "term next" statement:
term Global-Shape{
from {
destination-address {
192.168.0.0/24;
}
}
then {
policer rl-50;
next term; <<----- Valid? Will this work as intended?
}
}
term Customer1 {
from {
destination-address {
192.168.0.0/30;
}
}
then {
policer rl-10; <<---- This customer gets 10Mb/s total.
count Customer1;
}
}
term Customer2 {
from {
destination-address {
192.168.0.4/30;
}
}
then {
policer rl-20; <<---- This customer gets 20Mb/s total.
count Customer2;
}
}
Assume there's another 20 customers all configured the same.
Basically: If the sum of the /30's policers is say, 150Mb/s will the above
config limit the /24 to 50Mb/s?
Thanks for any pointers you can provide.
Kind Regards,
Tim H
_______________________________________________
juniper-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/juniper-nsp
