Doug,
Like this?
Interface
[edit interfaces ge-1/1/0]
gustavo@BRD01# show
description WAN;
unit 0 {
bandwidth 490m;
family inet {
filter {
input controle;
}
policer {
input gvt;
}
sampling {
input;
output;
}
address 177.99.164.126/30;
}
}
[edit interfaces ge-1/1/0]
Policer
[edit firewall policer wan]
gustavo@BRD01# show
if-exceeding {
bandwidth-limit 490m;
burst-size-limit 625k;
}
then discard;
[edit firewall policer wan]
Filter
gustavo@BRD01# show
term clientes {
from {
destination-address {
177.8.x.0/21;
177.x.x.0/22;
177.6x.x.0/22;
177.6x.xx0.0/24;
177.6x.xx1.0/24;
177.6x.xx3.0/24;
177.1x.1x.0/22;
177.1x.1x.0/24;
177.1x.2x.0/21;
177.1x.2x.0/22;
177.1x.2x.0/22;
}
}
then {
loss-priority low;
forwarding-class expedited-forwarding;
}
}
term resto {
then {
loss-priority high;
forwarding-class best-effort;
}
}
[edit firewall family inet filter controle]
Gustavo Santos
Analista de Redes
CCNA , MTCNA , MTCRE, MTCINE, JUNCIA-ER
2012/10/15 Doug Hanks <[email protected]>
> All you need in this scenario is a simple policer and a firewall filter
> than. Just match the different types of traffic as you described below into
> different terms of a firewall filter, then depending on what you want to do
> with the traffic, police it or discard it.
>
> From: Gustavo Santos <[email protected]>
> Date: Mon, 15 Oct 2012 10:40:41 -0300
> To: dhanks <[email protected]>
> Cc: "EXT - [email protected]" <[email protected]>, Serge
> Vautour <[email protected]>, Chris Evans <[email protected]>, "
> [email protected]" <[email protected]>
>
> Subject: Re: [j-nsp] WAN input prioritization on MX
>
> Hi, After reading your comments, I will try to explain better what I'm
> trying to achieve. I'm trying to do classification and queueing on an
> ingress interface.
>
> When the wan interface gets rate limit threshold (500mbits), all the
> traffic that is destinated to the high priority destination subnet gets
> precedence and no packet loss or lower packet loss, than the low priority.
>
> The egress traffic to these subnets goes to two different physical
> interfaces ( ge-1/0/5 and ge-1/0/5) So , from what I read from you, the
> ingress interface should "see" the rate limit of 500mbits gets congestion
> and then discard packets from wan that have destination (address) subnet
> that differs from the high priority subnet.
>
> For instance: If the current wan ingress traffic total is 450mbits and
> high priority traffic is 100mbits, and low priority is 350mbits = no packet
> discard, but if traffic towards high priority subnet is 300mbits and low
> priority is 300mbits, then the queuing / scheduler will drop the low
> priority traffic until the sources traffic gets shaped to 200mbits for the
> low priority and the high priority gets 300mbits.
>
> On Linux it's quite simple to achieve.
>
> Gustavo Santos
> Analista de Redes
> CCNA , MTCNA , MTCRE, MTCINE, JUNCIA-ER
>
>
>
> 2012/10/15 Doug Hanks <[email protected]>
>
>> >If you're having a hard time writing
>> >the proper code-points to a packet, I would assume the packets are
>> >classified correctly.
>>
>> s/correctly/incorrectly/
>>
>>
>>
>
_______________________________________________
juniper-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/juniper-nsp
