Knowledge Search


How to rate limit traffic to a Routed VLAN Interface (RVI) on an EX Series Switch

  [KB14250] Show KB Properties

  [KB14250] Hide KB Properties

Knowledge Base ID: KB14250
Last Updated: 19 Aug 2009
Version: 1.0

Rate limiting traffic on an EX Series Switch Routed VLAN Interface (RVI) can be accomplished using a policer and firewall filter.  This allows you to limit the traffic across specific vlans if required.

Problem or Goal:



  • EX Switch with VLAN A and VLAN B
  • Each VLAN on the EX Switch has a Routed VLAN Interface (RVI) configured to perform inter-VLAN routing within the switch (This can also be referred to as Integrated Routing Bridging Interface (IRB))


  • Write the policer to rate limit traffic and firewall filter to apply it:

policer icmp {
       if-exceeding {
             bandwidth-limit 100k;
             burst-size-limit 100;
       then discard;
family inet {
        filter icmp_protect {
            term test {
                  from {
                          destination-address {
                         protocol icmp;
                    then {
                             policer icmp;
                             count icmp_packet;
               term default {
                          then accept;

Apply the firewall filter to the "input" RVI of VLAN A or VLAN B:

  • prompt# set interface vlan.10 family inet filter input icmp_protect


Related Links:

Copyright© 1999-2012 Juniper Networks, Inc. All rights reserved.