Hi All,
i have the below filter config:
-re0# show firewall family inet filter GOOGLE-TEST
term FROM-GOOGLE {
from {
source-prefix-list {
GOOGLE;
}
}
then policer 30MB-POLICER;
}
term OTHER-TRAFFIC {
then {
policer 15MB-POLICER;
accept;
}
}
re0# show firewall policer 30MB-POLICER
if-exceeding {
bandwidth-limit 30m;
burst-size-limit 512k;
}
then discard;
re0# show firewall policer 15MB-POLICER
if-exceeding {
bandwidth-limit 15m;
burst-size-limit 512k;
}
then discard;
filter applied in output direction:
-re0# show interfaces ge-1/0/1.1001
vlan-id 1001;
family inet {
mtu 1500;
filter {
output GOOGLE-TEST;
}
address XX.XX.XX.34/29;
}
>>> (prefix list contains google routes received over BGP, i porpulated the list manually).
with the above config, clients seems to be comapllaining about internet service. they say some sites dont open and mails (especialy outlook ) dont flow. what could be wrong with this setup? is it suboptimal ??
if we apply this filter on all the logical interfaces on the MX. what is the effect interms of Routing engine/PFE resources like CPU and memory?
the idea is to give the clients two different bandwidth packages. like 30mbps to youtube and 15mbps upstream.
we trying to open up the youtube pipe since we recently connected to the google cache locally.
Regards,
Sheeel.