SRX Services Gateway
Highlighted
SRX Services Gateway

srx 1400 bandwidth allocation

‎12-31-2013 11:56 PM

i want to allocate 25mb bandwidth to my mail traffic and remaining bandwidth to all other traffic. how i will configure the filter and apply it on trust interface. 

 

what about URL filtering. do i need a license for that

 

 

5 REPLIES 5
Highlighted
SRX Services Gateway

Re: srx 1400 bandwidth allocation

[ Edited ]
‎01-01-2014 03:51 AM

If you would have included your topology and complete scenario then it is easy to suggest a solution that fits your requirements. However i assume your topology is as under:-

 

clients-----------------(untrust zone) SRX (trust zone)----------------(server farm including mail server)

 

 You can configure a policer and apply it to trust zone interface through a firewall filiter

root@fw-1# show
family inet {
    filter 25-M {
        term 25-M {
            from {
                source-address {
                    192.168.10.1/32;
                }
            }
            then policer 25-M;
        }
        term other-tfc {
            then accept;
        }
    }
}
policer 25-M {
    if-exceeding {
        bandwidth-limit 25m;
        burst-size-limit 62k;
    }
    then discard   | forwarding-class | loss-priority | out-of-profile
}

[edit interfaces ge-0/0/1]
vlan-tagging;
unit 0 {
    vlan-id 200;
    family inet {
        filter {
            input 25-M;
        }
        address 192.168.10.254/24;

 

Please mark this as accepted solution if it works for you

A kudos is a good way of appreciation

 

Kashif Nawaz

JNCIP-Sec ,JNCIP-Ent

JNCIS-Ent, JNCIS-Sec

JNCIA-Junos

Please mark this as accepted solution if it works for you

A kudos is a good way of appreciation



Kashif Nawaz


JNCIE-Sec #170, JNCIE-SP#2492

JNCSP Ent/ Sec
https://packet-expert.org
Highlighted
SRX Services Gateway

Re: srx 1400 bandwidth allocation

‎01-01-2014 03:59 AM

Hi 

 

I think you need to configure policer , please check this link 

 

http://www.juniper.net/techpubs/en_US/junos12.3/topics/topic-map/policer-single-rate-two-color-bandw...

 

for URL filtering , if you want to use surf-control-integrated and websense-redirect , you need a license , but local black and white lists can be used  without license.

 

Regards

Red1 


if this worked for you, kindly help other visitors/members of our community by tagging this post as "Accepted Solution".
Kudos are good way of appreciation.
-------------
Red1
JNCIE-SEC #158, JNCIP-SP, JNCIS- ( FWV, SA, AC )

Highlighted
SRX Services Gateway

Re: srx 1400 bandwidth allocation

‎08-24-2015 04:05 AM

HI

I Dont See police Command in firewall fillter on my SRX 1400.

Highlighted
SRX Services Gateway

Re: srx 1400 bandwidth allocation

‎08-28-2015 07:11 AM

what version of junos are you runnig ?

Highlighted
SRX Services Gateway

Re: srx 1400 bandwidth allocation

‎08-28-2015 01:51 PM

 

Hi,

 

You need to use a simple filter to police on HE SRX. See this link;

 

https://kb.juniper.net/InfoCenter/index?page=content&id=KB22712&smlogin=true

 

Tim

Feedback