@Route-Champ wrote:
Traffic that is not exceeding either committed-information-rate (1500) or committed-burst-size 20k is green traffic and implicitly allowed. Traffic that is exceeding committed-burst-size 20k but not the excess-burst-size 20K is yellow and marked with medium-high loss priority then transmitted. Packet that is exceeding excess-burst-size 20k is marked as red (action loss priority high and then dropped).
1st Issue:- All traffic initiated from your laptop will be marked as yellow because it will defiantly cross 1500 limit , remember default packet size for ethernet (1538 bytes including preamble, inter frame gap and delimiter)
2nd Issue:- 2nd issue , committed-burst-size 20k and excess-burst-size 20K are of same value , which is not technically correct. Because all traffic exceeding CBS 20K will be marked as yellow and same time it will also increase EBS and will be marked to red and subject to drop action.
3rd Issue:- Does traffic really exceeding 20k , dont think that only ICMP traffic is passing through interface. Try command monition traffic interface ge-0/0/X you will see traffic for many protocol e.g. ARP , LLDP if enabled , spanning tree BPDUs etc. Now you just need to confirm that all these traffic is exceeding 20K , use show interface ge-0/0/x extensive | match "Traffic statistics" . This will give you idea about traffic statistics for further analysis
Hi Route-Champ
I reconfigure some paratemer on TEST-THREE-COLOR like these
set firewall three-color-policer TEST-THREE-COLOR action loss-priority high then discard
set firewall three-color-policer TEST-THREE-COLOR single-rate committed-information-rate 15k
set firewall three-color-policer TEST-THREE-COLOR single-rate committed-burst-size 20k
set firewall three-color-policer TEST-THREE-COLOR single-rate excess-burst-size 50k
set firewall family ethernet-switching filter PHANLOAI term 1A from protocol icmp
set firewall family ethernet-switching filter PHANLOAI term 1A then log
set firewall family ethernet-switching filter PHANLOAI term 1A then count PING
set firewall family ethernet-switching filter PHANLOAI term 1A then three-color-policer single-rate TEST-THREE-COLOR
And here is ping result
Reply from 10.15.242.172: bytes=1400 time=2ms TTL=126
Reply from 10.15.242.172: bytes=1400 time=2ms TTL=126
Reply from 10.15.242.172: bytes=1400 time=2ms TTL=126
Reply from 10.15.242.172: bytes=1400 time=2ms TTL=126
Request timed out.
Reply from 10.15.242.172: bytes=1400 time=2ms TTL=125
Request timed out.
Reply from 10.15.242.172: bytes=1400 time=2ms TTL=125
Reply from 10.15.242.172: bytes=1400 time=2ms TTL=125
I add more term for other traffic
set firewall family ethernet-switching filter PHANLOAI term 3A then accept
set firewall family ethernet-switching filter PHANLOAI term 3A then log
set firewall family ethernet-switching filter PHANLOAI term 3A then count OTHER
So, Ping result is ok without being dropped. Would you please help me to exlain it ? And committed-burst-size 20k, as your explaination, I understand this is total size of all packets have allowed to transmit (all packets that are marked green), and if this number is larger than 20K, traffic will be mark yellow. That right ?