Junos Policer (bandwidth-limit)

First we’ve to configure bandwidth-limit 

set firewall policer VLANtrust_output if-exceeding bandwidth-limit 50m

set firewall policer VLANtrust_output if-exceeding burst-size-limit 1m

set firewall policer VLANtrust_output then discard

set firewall policer VLANtrust_input if-exceeding bandwidth-limit 10m

set firewall policer VLANtrust_input if-exceeding burst-size-limit 1m

set firewall policer VLANtrust_input then discard

Now we need to configure the filter:

**Upload configuration**

set firewall family inet filter VLANtrust_input term 0 from source-address 192.168.1.0/24

set firewall family inet filter VLANtrust_input term 0 then policer VLANtrust_input

set firewall family inet filter VLANtrust_input term 0 then accept

**download configuration**

set firewall family inet filter VLANtrust_input term 1 from source-address 0.0.0.0/0

set firewall family inet filter VLANtrust_input term 1 then policer VLANtrust_output

set firewall family inet filter VLANtrust_input term 1 then accept

Assigning the filter to interface:

set interfaces vlan unit 1 family inet filter input VLANtrust_input

set interfaces vlan unit 1 family inet filter output VLANtrust_input

Note: If you want caculate burst limit, and you don’t want to work with exact (M-megabyte) , you can download the rate limit caculator from this website or directly from this link.

Good Luck 🙂

By: Abed AL-R. Bishara

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s