Hi everyone!
We have 2 MX960s, one working as BRAS and one as Internet Core router.I tried to apply a policer to limit the traffic coming from the core router to the BNG. I observed the graphs and incoming traffic on the interface was around 2.4 Gbps. I wanted to limit it to 1.5 Gbps. I defined the policer as follows:
shahbaz@ISB-BNG-MX96-1-re0# show firewall policer LIMIT_UPLINK
if-exceeding {
bandwidth-limit 1500m;
burst-size-limit 250m;
}
then discard;
And applied on the interface
shahbaz@ISB-BNG-MX96-1-re0# show interfaces xe-1/2/0
description wd-MX960-Router;
unit 0 {
family inet {
policer {
input LIMIT_UPLINK;
}
service {
input {
service-set sp000;
}
output {
service-set sp000;
}
}
address 10.30.9.2/30;
}
}
Yet there was no change on the graphs. I am confused. This should have worked. Then I defined a filter at [edit firewall family inet] level with just a single term with no from and then policer and then accept. Applied the filter in place of the policer but the speed was still not limited.
Any ideas about why this is not working?Looking forward to your guidance.
Thanks
P.S. I tried using the formula in Juniper documentation for computing burst size limit but the value that came out seemed too small so I just set a random value for the burst size limit.
Also, I have no idea what the burst size limit should be considering we are talking speeds of Gbps order.
------------------------------
SHAHBAZ KHAN
------------------------------