Hi,
I have a little problem with policer (rate limit) configuration.
There are interface VLAN that should be with PBR and rate limit.
When I'm creating firewall filter with PBR and policer in the same term and configuring interface VLAN for input filter, I have lost connectivity to the server in this VLAN.
I'm also tried to use only policer in the term, without PBR, same problem no connectivity to server. The PBR works properly in the same term, without the policer.
What I'm doing wrong?
Attached configuration (the IP's was changed)
root@NY1RT1e# show firewall family inet filter test
term test {
from {
source-address {
2192.168.1.194/32;
}
}
then {
policer qos-test;
routing-instance Outband-AMetro_PPlead-R900;
}
}
term default {
then accept;
}
root@NY1RT1e# show firewall policer qos-test
if-exceeding {
bandwidth-limit 1m;
burst-size-limit 1;
}
then discard;
root@NY1RT1e# show routing-instances
Outband-AMetro_PPlead-R900 {
instance-type forwarding;
routing-options {
static {
route 0.0.0.0/0 next-hop 10.10.10.1;
}
}
}
root@NY1RT1e# show interfaces vlan.666
family inet {
filter {
input test;
}
address 192.168.1.193/29;
}