SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  Juniper SRX 240b/h limit the bandwidth

    Posted 04-23-2013 01:40

    Hello i hope it is the right forum,

     

    I am trying to limit the bandwith on my srx 240 ( only a range og IPs 10.1.x.x/16).

     

    I have read a lot about it - i think - and what i have come up with is, i can do it on upload/sent packages but not 

    download/receive packes, every time i try to limit the download i stop the connection

    the the internet.. 🙂

     

    I someone can direct me in the right direction it would be great.. 🙂

     

    \\Gert



  • 2.  RE: Juniper SRX 240b/h limit the bandwidth

    Posted 04-25-2013 00:03

    So you have confiured a policer in a firwall filter I presume. Have you tried applying as an input filter on the interface facing the Internet?



  • 3.  RE: Juniper SRX 240b/h limit the bandwidth

    Posted 04-25-2013 00:57

    Actually i have done it as a scheduler map.

     

    I have a virtual router, and i read somewhere that that was the way to go.

     

    but can you supply me with an small example of an inputfilter, or an url.. ?

     

    Kind regards

    Gert



  • 4.  RE: Juniper SRX 240b/h limit the bandwidth
    Best Answer

    Posted 04-25-2013 04:48

    It is done via firewall filters:

     

    set firewall policer shape if-exceeding bandwidth-limit 3m
    set firewall policer shape if-exceeding burst-size-limit 300k
    set firewall policer shape then discard
    set firewall filter limit_download term shaping from destination-address 10.1.0.0/16
    set firewall filter limit_download term shaping then policer shape
    set firewall filter limit_download term shaping then accept
    set firewall filter limit_download term all_other_traffic then accept
    set firewall filter limit_upload term shaping from source-address 10.1.0.0/16
    set firewall filter limit_upload term shaping then policer shape
    set firewall filter limit_upload term shaping then accept
    set firewall filter limit_upload term all_other_traffic then accept

    set interfaces <lan interface> unit 0 family inet filter input limit_upload

    set interfaces <lan interface> unit 0 family inet filter output limit_download

     

    you can use different policers for upload and download.

     

    Also you can use these filters on external interface only then you need to swap input and output.

     

    Hope this will help for you:)

     



  • 5.  RE: Juniper SRX 240b/h limit the bandwidth

    Posted 04-25-2013 05:18

    Great thankyou very much..

     

    I will try that tomorrow... 😮

     

    Kind regards

    Gert Jensen



  • 6.  RE: Juniper SRX 240b/h limit the bandwidth

    Posted 07-07-2013 22:23

    The firewall policer filters only appear to allow discarding of over bandwidth packets.

    Can the SRX 240 do true shaping so as to avoid packet loss?