[j-nsp] Firewall filters getting reordered?
Brian W. Gemberling
bwgember at ptptech.com
Mon Oct 24 16:32:45 EDT 2005
Yes, we've been using insert on the term etc. I guess that's what caused
this. Is there a work around?
On Mon, 24 Oct 2005, Hannes Gredler wrote:
> my guess is that brian was observing a reordering
> of the config (not actually the reordering of the
> compiled/optimized instruction set that PR28108
> describes);
>
> i have a question:
>
> id you do some insert before/after or
> load patch operations /
>
> /hannes
>
> Pekka Savola wrote:
>> On Mon, 24 Oct 2005, Brian W. Gemberling wrote:
>>
>>> We had a router that rebooted tonight. When the box came back up
>>> some
>>> of the firewall filters had terms that were out of order (in turn
>>> filtering out
>>> OSPF in this case). Has anyone seen this before? Running 7.0R2.7. Also
>>> it looks like policies were out of order as well.
>>
>>
>> Have you checked out whether you're hitting:
>>
>> PSN-2003-05-006 Firewall terms might not be evaluated sequentially
>>
>> That's tracked by PR28108 and has not been fixed.
>>
>
More information about the juniper-nsp
mailing list