I am trying to implement per port rate-limiting on a SRX210H used as a layer 2 switch. I am aware that it is a requirement to use ‘family bridge’ to implement filters as filters are not permitted with ‘family Ethernet-switching’ with an SRX. When I implement them they do not appear to have any effect. Can anyone see what I am doing wrong? I am running Junos 11.4R7.5.
Re: Layer 2 filters do not work using 'family bridge'
Thanks for the link. Unfortunately it does not appear to be a solution in this case. I get the following response when trying to add 'logical-interface-policer' to the policer.
[edit firewall] email@example.com# commit check [edit firewall family bridge filter filter-25M term all then policer] 'policer police-25M' Filter policer 'police-25M' cannot be configured as logical-interface-policers on this platform error: configuration check-out failed
Also the 'layer2-policer' option is not available:
[edit interfaces fe-0/0/2 unit 0] firstname.lastname@example.org# set l? No valid completions
It claims to be available since Junos 8.2, so I guess it is not on the SRX. Please let me know if you have any other ideas.