Rate limiting is something that will only work for about 10% of the total bandwidth at maximum.
with that said here is a calculation.
10g * 10% = 1g
1g * 0.4 = 400,000,000
you need a bandwidth limit to go with this.
bandwidth-limit = 1g
burst-size-limit = 400000000
to get your 10% however...
10.485760g * 10% = 1.0485760g
1g * 0.4 = 0.4194304g = 419430000
a network engineer will say this is not precise, but it should be acurate.
------------------------------
Adrian Aguinaga
B.S.C.M. I.T.T. Tech
(Construction Management)
A.A.S. I.T.T. Tech
(Drafting & Design)
------------------------------
Original Message:
Sent: 10-19-2022 03:36
From: Unknown User
Subject: Input policer not limiting traffic
Hello Team,
We are trying to rate limit input traffic from our Upstream provider to 1.5G. we have created policer with 1.5G limit and applied as input but still there seem to be spikes of traffic going beyond 1.5G, not sure what we missing. this is applied to juniper MX 80 xe-x/x/x.x interface.
we have tried creating filter that references the policer and apply the filter as input to the interface, still traffic is not flat-lining on 1.5G as we want.
we have tried creating 1G policer and applied to the interface still traffic is going 1.8G and 2G some times.
show firewall policer 1.5G if-exceeding { bandwidth-limit 1500000000; burst-size-limit 10m;}then discard;ROUTER# show vlan-id 1006;family inet { policer { input 1.5G; } inactive: sampling { input; } address x.x.x.x/31;}family inet6 { address xxx:xxx:xxx:xx::xx/127;}
As per attached graph link seem to be doing 2G.
will appreciate if somebody could shed light on where we going wrong or how best to just do basic rate limit on input traffic on logical unit.
Regards,
lish.