SRX Services Gateway
Highlighted
SRX Services Gateway

Internet line bandwidth control for some internal source IP subnets in SRX345

‎02-02-2020 07:06 PM

Hi, Guys,

 

I want to set up a policy hence some internal source IP subnets can only use sum up to 50Mbps (both incoming = outoging traffic, max bandwidth consumption = 50Mbps )  i.e. max internet line bandwidth consumption by some internal IP subnets ?

 

Assumed:

The internet line is configured as a logical interface, such as reth3.200 in SRX345

 

 

 

Many thanks in advance.

 

 

1 REPLY 1
Highlighted
SRX Services Gateway

Re: Internet line bandwidth control for some internal source IP subnets in SRX345

‎02-03-2020 12:51 AM

Hello,

 

You have 2 options with SRX product:

1/ use firewall filters with policers - advantage is You can use the same policer in both directions and it will rate-limit the sum of incoming and outgoing traffic. If You want to be granular/per-application rate-limiting then You have to specify IP addresses and TCP/UDP ports  for each application You want to rate-limit separately.

2/ Use AppQos wil rate-limiters - You can be very granular with applications (i.e. it could differentiate FB from Youtube even if they both use tcp/443) but You'd need to set rate-limiters per direction (1 outgoing and 1 incoming rate-limiter)

https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/class-of-...

HTH

Thx

Alex

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !