If bit rate of traffic passing through policer is less as compare to configured bandwidth-limit "call it out flow" then bytes will simply pass
If bit rate of traffic passing through policer is greater then as compared to configured bandwidth-limit then how traffic would be treated ???? Should bytes be dropped as it is crossing the bandwidth-limit. Answer is "no" bytes should have "pocket (burst-size-limit)" where there could stay for a while if "out flow" is too narrow to give them chance before drop out. If out flow is still too narrow to handle incoming bits and "pocket" is already filled then next byte will be dropped.
Now question is size of "pocket or burst-size-limit"
- A burst-size limit should not be set lower than 10 times the maximum transmission unit (MTU) of the traffic on the interface to be policed.
- The amount of time to allow a burst of traffic at the full line rate of a policed interface should not be lower than 5 milliseconds.
Now suppose if your interface has line rate of 1Gbps what should be bandiwdth-limit (it should be decided by you) burst-size-limit must be enough to hold burst of traffice at line rate (1Gbps) for at least 5ms.
burst-size-limit= interface line rate * .005
burst-size-limit (for 1Gbps interface) =1000000000 * .005
burst-size-limit (for 1Gbps interface)= 5000000 Bits
burst-size-limit (for 1Gbps interface)= 5000000 / 8 = 625000 Byts
burst-size-limit (for 1Gbps interface)=625000 / 10000 = 625 kilo Byts
Reference link
http://www.juniper.net/techpubs/en_US/junos11.3/topics/reference/general/policer-guidelines-burst-size-calculating.html
Please mark this as accepted solution if it works for you
A kudos is a good way of appreciation
Kashif Nawaz
JNCIP-Sec ,JNCIP-Ent
JNCIS-Ent, JNCIS-Sec
JNCIA-Junos