Policy Framework Configuration Guide - Juniper Networks

Junos 10.4 Policy Framework Configuration Guide
}
}
}
If traffic arriving on the logical interface is within the average rate of 40 Mbps (based on
the token bucket formula) or within the committed burst size limit of 100 KB, the packets
are “green” and are marked with an implicit loss priority of low. If traffic arriving on the
logical interface is above the committed information rate and above the committed burst
size but still within the peak information rate of 60 Mbps (based on the second token
bucket), the packets are “yellow” and are marked with an implicit loss priority of
medium-high. If traffic arriving on the logical interface is above the peak information rate
of 60 Mbps, the packets are “red,” are marked with a loss priority of high, and are
discarded. In the “red” case, if you omit the action statement, the packets are still marked
with an implicit loss priority of high, but the packets are transmitted. As the traffic rate
slows and the newly arriving traffic conforms to the configured limits, Junos OS stops
marking packets with the medium-high and high loss priorities and stops dropping red
packets.
For two-rate, three-color policing, Junos OS uses two token buckets to manage bandwidth
based on the two rates of traffic. When the policer is color-aware, it takes into account
any preexisting markings that might be set for a packet by another traffic policer
configured at a previous network node. At the node where color-aware policing is
configured, these preexisting markings are then used in determining the appropriate
policing action for the packet. For example, two-rate policing might be configured on a
node upstream in the network. The two-rate policer has marked a packet as yellow (loss
priority medium-low). The color-aware policer takes this yellow marking into account
when determining the appropriate policing action. In color-aware policing, the yellow
packet would never receive the action associated with either the green packets or red
packets. This way, tokens for violating packets are never taken from the metering token
buckets at the color-aware policing node. If you configure a policer to be color-blind
instead of color-aware, the color-blind node ignores preexisting markings.
Configuring a Two-Rate Three-Color Policer
You can apply a two-rate three-color policer to the input or output interface.
To configure a two-rate three-color policer:
1. Configure the policer.
[edit firewall three-color-policer trTCM1-ca]
user@host# set two-rate color-aware
user@host# set two-rate committed-information-rate 40m
user@host# set two-rate committed-burst-size 100k
user@host# set two-rate peak-information-rate 60m
user@host# set two-rate peak-burst-size 200k
2. (Optional) Configure the policer action.
For three-color policers, the only configurable action is to discard red packets. Red
packets are packets that have been assigned high loss priority because they exceeded
the peak information rate (PIR) and the peak burst size (PBS).
[edit firewall three-color-policer trTCM1-ca]
290
Copyright © 2010, Juniper Networks, Inc.