if-exceeding-pps (Hierarchical Policer)
Syntax
if-exceeding-pps {
pps-limit pps;
packet-burst packets;
}
Hierarchy Level
[edit dynamic-profiles profile-name firewall hierarchical-policer hierarchical-policer-name aggregate], [edit dynamic-profiles profile-name firewall hierarchical-policer hierarchical-policer-name premium], [edit firewall hierarchical-policer hierarchical-policer-name aggregate], [edit firewall hierarchical-policer hierarchical-policer-name premium]
Description
For MX Series routers , if-exceeding-pps allows you to configure a packets-per-second (pps)-based trigger
for a premium or aggregate component of a hierarchical policer. When
applied to the loopback interface (lo0), this kind of trigger can
help protect the Routing Engine from DDoS attacks. When applied in
other areas, to either transit or control traffic, it is a more fine-grained
monitor.
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
firewall—To view this statement in the configuration.
firewall-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 15.2.