Versions Compared

Old Version 7

changes.mady.by.user Jean-luc KRIKER

Saved on

compared with

New Version Current

changes.mady.by.user Jean-luc KRIKER

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

https://www.juniper.net/documentation/us/en/software/junos/cos/topics/example/policer-single-rate-two-color-mfc-example.html


discard

BW= 1M

Burst-size: 1500 bytes

Code Block
titlefirewall policer
set firewall policer discard if-exceeding bandwidth-limit 1m
set firewall policer discard if-exceeding burst-size-limit 1k1500
set firewall policer discard then discard


forwarding class

BE-data  > Q0
Premium-data > Q1
Voice > Q2
NC > Q3


Code Block
titleforwading-class
set class-of-service forwarding-classes class BE-data queue-num 0
set class-of-service forwarding-classes class Premium-data queue-num 1
set class-of-service forwarding-classes class Voice queue-num 2
set class-of-service forwarding-classes class NC queue-num 3


firewall filter

tcp/80 or http >   forwarding-class BE-data
tcp/12345      >   forwarding-class Voice
ping           >   forwarding-class Premium-data


Code Block
titlefirewall filter
set firewall family inet filter mf-classifier term BE-data from protocol tcp
set firewall family inet filter mf-classifier term BE-data from port http
set firewall family inet filter mf-classifier term BE-data then forwarding-class BE-data
set firewall family inet filter mf-classifier term BE-data then policer discard

set firewall family inet filter mf-classifier term Premium-data from protocol tcp
set firewall family inet filter mf-classifier term Premium-data from port 12345
set firewall family inet filter mf-classifier term Premium-data then forwarding-class Voice
set firewall family inet filter mf-classifier term Premium-data then policer discard

set firewall family inet filter mf-classifier term PremiumPing-data from protocol icmp
#set firewall family inet filter mf-classifier term PremiumPing-data from port 12345
set firewall family inet filter mf-classifier term PremiumPing-data then forwarding-class BE-data
set firewall family inet filter mf-classifier term PremiumPing-data then policer discard

set firewall family inet filter mf-classifier term acceptAccept then accept


Apply fw filter to interface


Code Block
titleapply fw filter to interface
set
#set interfaces ge-
2
0/0/
5
2 description to-Host
set
#set interfaces ge-
2
0/0/
5
2 unit 0 family inet address
172
1.
16
1.
70
1.
2
1/
30
24
set interfaces ge-
2
0/0/
5
2 unit 0 family inet filter input mf-classifier