JunOS Bandwidth Rate Limiting

I work for a medium sized ISP and we are currently in the process of switching over to Juniper from Brocade.

We currently use Ciena for most of our layer 2 devices at the customer premise, and rate limiting is fairly straight forward.

For some locations, such as multi tenant buildings, we plan on using Juniper QFX switches.

​

I have been asked to come up with a configuration to set/limit the bandwidth to the speed in which the customer pays.

​

I came up with creating a policer, then using that policer in the firewall filter, applied to the virtual interface in which the customer will connect to.

This seems to do the job when applied in inbound & outbound directions on the virtual interface, but I was told that using a policer is not the correct way of doing it.

Any Help or suggestions on the correct way to limit bandwidth would be greatly appreciated. Everything I find online says to do it using a policer.

​

​

firewall {

}

policer RateLimit_100Mb {

if-exceeding {

bandwidth-limit 105m;

burst-size-limit 2m;

}

then discard;

​

​

filter PrivateBlock100Mb {

interface-specific;

​

}

term Policer {

---OUTPUT OMITTED----

then {

policer RateLimit_100Mb;

accept;

}

}

term default {

then accept;

}

​

​

​

unit 0 {

family inet {

filter {

input PrivateBlock250Mb;

output PrivateBlock250Mb;

}

address xxx.xxx.xxx.xxx/30;

}

}

​

​

​

​