On Wed, 9 Mar 2022 at 19:48, Gert Doering via juniper-nsp <[email protected]> wrote:
> We use different classes for UDP/123, UDP/53 (exclude well-known > recursives), fragments, ... and are currently using between 20 and 100 > mbit/s for these classes. What is the right number for you depends > on "how much can your customers stomach?" and "how much do you see > under normal conditions?". We do the same, but we classify protocols to two classes 'important' and 'unimportant',. Unimportant being protocols we deem not to be used in reality for anything but abuse, and important to be dual-use. 'unimportant' gets policed on port-level out-right and 'important' gets 2coloured on port level, that exceeding traffic gets downgraded below BE. Answering 'what rate is right' is difficult without understanding better how you are policing, where and what your access ports usually look like. Do remember that JNPR policers are per NPU level by default, unlike CSCO which are per interface level and per-NPU level is not even a configurable option. -- ++ytti _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
