Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation

Supported Platforms

 

Related Documentation

 

policer (Configuring)

Syntax

policer policer-name {filter-specific;if-exceeding {bandwidth-limit bps;bandwidth-percent number;burst-size-limit bytes;}logical-bandwidth-policer;logical-interface-policer;physical-interface-policer;shared-bandwidth-policer;then {policer-action;}}

Hierarchy Level

[edit dynamic-profiles profile-name firewall],[edit firewall],[edit logical-systems logical-system-name firewall]

Release Information

Statement introduced before Junos OS Release 7.4.

The out-of-profile policer action added in Junos OS Release 8.1.

The logical-bandwidth-policer statement added in Junos OS Release 8.2.

Logical systems support introduced in Junos OS Release 9.3.

The physical-interface-policer statement introduced in Junos OS Release 9.6.

The shared-bandwidth-policer statement added in Junos OS Release 11.2

Support at the [edit dynamic-profiles ... firewall] hierarchy level introduced in Junos OS Release 11.4.

Statement introduced in Junos OS Release 12.3R2 for EX Series switches.

Description

Configure policer rate limits and actions. When included at the [edit firewall] hierarchy level, the policer statement creates a template, and you do not have to configure a policer individually for every firewall filter or interface. To activate a policer, you must include the policer-action modifier in the then statement in a firewall filter term or on an interface.

Options

policer-action

One or more actions to take:

  • discard—Discard traffic that exceeds the rate limits.
  • forwarding-class class-name—Specify the particular forwarding class.
  • loss-priority—Set the packet loss priority (PLP) to low, medium-low, medium-high, or high.
  • out-of-profile—On J Series routers with strict priority queuing, prevent starvation of other queues by rate limiting the data stream entering the strict priority queue, marking the packets that exceed the rate limit as out-of-profile, and dropping the out-of-profile packets if the physical interface is congested.
policer-name

Name that identifies the policer. The name can contain letters, numbers, and hyphens (-), and can be up to 255 characters long. To include spaces in the name, enclose it in quotation marks (“ ”). Policer names cannot begin with an underscore in the form __.*.

then

Actions to take on matching packets.

The remaining statements are explained separately.

Required Privilege Level

firewall—To view this statement in the configuration.

firewall-control—To add this statement to the configuration.

 

Related Documentation

 

Published: 2013-04-15

Supported Platforms

 

Related Documentation

 

Published: 2013-04-15

Previous Page Next Page