[j-nsp] JunOS QPPB
Elian Scrosoppi
escrosoppi at ifxcorp.com
Tue Jan 3 22:05:54 EST 2006
Dave,
In order to force a routing-lookup before applying the firewall filter, i have test the following configuration but results were unsuccesful:
(I'm ommiting some parts of the configuration because its too long, but all is working)
--
escrosoppi at ..> show configuration firewall filter CUSTOMER-IN
term 1 {
then routing-instance A;
}
escrosoppi at ..> show configuration routing-instances A
instance-type vrf;
static {
route 0.0.0.0/0 next-table B.inet.0;
}
resolution;
}
escrosoppi at ..> show configuration routing-instances B
instance-type vrf;
static {
route 0.0.0.0/0 next-table inet.0;
}
forwarding-options {
family inet {
filter {
input CUSTOMER-IN2;
}
}
}
}
escrosoppi at ..> show configuration firewall filter CUSTOMER-IN2
term 1 {
from {
destination-class NAP-OUTPUT;
}
then {
policer 256Kbps;
count customer_output;
accept;
}
I think i can force the famous recursive routing-lookup in that way, but for now i cant do it. Any suggestion without changing the configuration of my egress interfaces?
Thanks,
Elian.
-----Mensaje original-----
De: Dave McGaugh [mailto:dmcgaugh at cac.washington.edu]
Enviado el: Mar 03/01/2006 05:38 p.m.
Para: Elian Scrosoppi
CC: juniper-nsp at puck.nether.net
Asunto: Re: [j-nsp] JunOS QPPB
More information about the juniper-nsp
mailing list