[j-nsp] firewall filter

[rendo]

Hi Damien,
I am using M7i with JunOS 6.3

I put the filter on the interface section, and yes, i am having several VRF
and connected to other sites using mpls with rsvp signaling.

-rendo-


On 3/1/07, Damien Holloway <holloway at juniper.net> wrote:
>
> Mpls packets are switched through without inspecting the content in a vpn
> environment.
> There are a couple of solutions depending on your hardware and software
> and configuration.
> What hardwarw do you have ?
> What software version?
> Are you deploying vpn's? And doing this within a vrf?
>
> Regards
>
> Damien
>
> ___________________________
> Damien Holloway
> Senior Instructor / Proctor
> Juniper Networks Hong Kong
> ICBC Tower
> Citibank Plaza, 3 Garden Road
> SUITES 2507-11, 25/F
> Central Hong Kong
> +852 6793 0450 mobile
> +852 2574 7803 fax
> damienh at juniper.net
> www.juniper.net
> ___________________________
>
>
>
> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net <
> juniper-nsp-bounces at puck.nether.net>
> To: juniper-nsp at puck.nether.net <juniper-nsp at puck.nether.net>
> Sent: Thu Mar 01 11:37:14 2007
> Subject: [j-nsp] firewall filter
>
> Hi,
>
> I have a problem with firewall filter and MPLS.
>
> My target is to block specific source traffic towards the host on the
> other
> end of ATM interface, so I put an output filter in an ATM interface.
>
> what i got about any specific packet that i want to discard are:
> - any packet from another ATM interface as well as any other external
> traffic is filtered
> but
> - packet coming from mpls is NOT filtered at all
>
> Since i run mpls also in the same router, Is it a normal behaviour? do i
> need to put the filter in forwarding table to filter the traffic from
> mpls?
>
> thanks.
>
> -rendo-
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>