Hi!
I have a srx 240 cluster and want to limit the download speed to one of my server.
Here's how I wanted to do this:
#Policer 50Mbit/s
set firewall policer policer-50mbit if-exceeding bandwidth-limit 50m
set firewall policer policer-50mbit if-exceeding burst-size-limit 128k
set firewall policer policer-50mbit then discard
#Filter
set firewall family inet filter download-limit term wsus-server from source-address 192.168.0.1/32
set firewall family inet filter download-limit term wsus-server then policer policer-50mbit
set firewall family inet filter download-limit term wsus-server then accept
#Configuring policer on the interface the server 192.168.0.1 is connected to
set interfaces reth5.10 family inet filter input download-limit
When this configuration is active, the whole 192.168.0.0/24 subnet is limited to 50Mbit/s. Why`s that?
The WAN interface is reth0.1 configured with interface NAT.
Kind regards
Andy