[j-nsp] FBF and fragmented UDP packets
Paul Goyette
pgoyette at juniper.net
Thu Feb 26 22:34:25 EST 2004
Given that fragments other than the first do not contain the
UDP port number to identify DNS, I don't think you can do
what you're trying to do.
-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net
[mailto:juniper-nsp-bounces at puck.nether.net]On Behalf Of
peter at devries.tv
Sent: Thursday, February 26, 2004 7:30 PM
To: juniper-nsp at puck.nether.net
Subject: [j-nsp] FBF and fragmented UDP packets
Kind of a tough problem here. We're strictly using FBF and static
routes (routing instances) to route packets through a M20 (M40 in
production) the issue that we have is that we need to send fragmented
UDP packets to the same routing instance as their initial packet, but
only fragmented UDP packets that are DNS without catching every other
fragmented UDP packet.
So far we're sending the first DNS UDP packet to the right routing
instance and if we put in
<snip>
from {
protocol UDP;
is-fragment;
}
<snip>
we can get all fragments to go to the routing instance. Obviously not
what we're looking for. So any suggestions out there? We're open to
anything that might do it and we can play with the specifics.
We're currently running JunOS 5.7R3.4.
Thanks,
Peter
More information about the juniper-nsp
mailing list