Ethernet Switching
Highlighted
Ethernet Switching

Interface specifc filter for vlans

[ Edited ]
‎11-27-2018 06:41 AM

Why interface-specific doesn't work for vlans?

 

set firewall policer 50Mbps filter-specific
set firewall policer 50Mbps if-exceeding bandwidth-limit 50m
set firewall policer 50Mbps if-exceeding burst-size-limit 10m
set firewall policer 50Mbps then discard

set firewall family ethernet-switching filter 50mbps-in interface-specific
set firewall family ethernet-switching filter 50mbps-in term 1 then policer 50Mbps

set firewall family ethernet-switching filter 50mbps-out interface-specific
set firewall family ethernet-switching filter 50mbps-out term 1 then policer 50Mbps

set vlans V10 vlan-id 10
set vlans V10 l3-interface irb.10
set vlans V10 forwarding-options filter input 50mbps-in
set vlans V10 forwarding-options filter output 50mbps-out


set vlans V20 vlan-id 20
set vlans V20 l3-interface irb.20
set vlans V20 forwarding-options filter input 50mbps-in
set vlans V20 forwarding-options filter output 50mbps-out


Commit error:

'filter'
Interface specific filter 50mbps-in cannot be as an FTF

 

I can to create a filter without interface-specific:

 

set firewall family ethernet-switching filter 50mbps-in term 1 then policer 50Mbps

 

I can use the same filter for vlan 10/20. Since is not interface-specific the commit will work.

 

set vlans V10 forwarding-options filter input 50mbps-in
set vlans V20 forwarding-options filter input 50mbps-in

set vlans V10 forwarding-options filter input 50mbps-out
set vlans V20 forwarding-options filter input 50mbps-out

 

But in this case I think that the bandwith limits will be shared between the vlans.

 

So the vlans need independent bandwidth limits.

 

The configuration bellow will work if I use different names for the filters? Will be the bandwith limits all independent?

 

set firewall family ethernet-switching filter 50mbpsV10-in term 1 then policer 50Mbps
set firewall family ethernet-switching filter 50mbpsV10-out term 1 then policer 50Mbps

set firewall family ethernet-switching filter 50mbpsV20-in term 1 then policer 50Mbps
set firewall family ethernet-switching filter 50mbpsV20-out term 1 then policer 50Mbps


set vlans V10 forwarding-options filter input 50mbpsV10-in
set vlans V10 forwarding-options filter output 50mbpsV10-out

set vlans V20 forwarding-options filter input 50mbpsV20-in
set vlans V20 forwarding-options filter output 50mbpsV20-out

 

Feedback