Screen OS

Dear All,

I have SSG5 Router deployed in the production environment, now what I need to do is :

I want to limit the bandwidth on internet interface (ethernet 0/0) to some limit say 150 Kbps. So I need to be sure that it will not allow the traffic more then that limit on that interface. Whether it is possible with SSG5 or not.

If yes then please let me know the step by step information.And also let me know how to test the above point.

Thanks and Regards

Atul Sharma

Hi

http://kb.juniper.net/index?page=content&id=KB6409&actp=search&searchid=1240212108881

http://kb.juniper.net/index?page=content&id=KB5606&actp=search&searchid=1240212108881

http://www.juniper.net/techpubs/software/screenos/screenos6.2.0/ce_v2.pdf

Control maximum bandwidth allowed to go through the NetScreen

To limit the rate of all traffic based on the bandwidth settings of the interface, without having to enable traffic shaping on the policies, the interface bandwidth needs to be configured with the maximum bandwidth desired through an interface.  Additionally, traffic-shaping mode function needs to be enabled.  There will be no prioritization done, and all it would do is make sure the maximum bandwidth specified on the interface is not exceeded.

Example:

Assume the maximum bandwidth desired through either the trust or untrust interface is 5 MB.  From the command line interface (CLI):

set interface trust bandwidth 5000 [Enter]
set interface untrust bandwidth 5000 [Enter]
set traffic-shaping mode on [Enter]

This would ensure nothing greater than 5000 kbits/sec gets passed across the interface, regardless of what is configured on the policy.

Here is the problem or goal:

• Control maximum bandwidth allowed to go through the NetScreen
• Limit bandwidth across the NetScreen
• Control maximum throughput across the NetScreen