[j-nsp] Filter-Based Forwarding issue
Gniewko
gniewko at man.szczecin.pl
Thu Mar 29 04:06:21 EST 2007
Hello There,
I've exprienced weird behaviour of FBF - it doesn't work at all :).
Suppose there is a very simple filter:
# show firewall family inet filter FILTER_INSTANCE_TO
term C {
from {
source-prefix-list {
PLIST_C;
}
}
then {
count ccount;
routing-instance INSTANCE_C;
}
}
term D {
from {
source-prefix-list {
PLIST_D;
}
}
then {
count dcount;
routing-instance INSTANCE_D;
}
}
term DEFAULT {
then {
count defaultcount;
accept;
}
}
# show interfaces ge-1/3/0 unit 24
vlan-id 24;
family inet {
no-redirects;
filter {
input FILTER_INSTANCE_TO;
}
# run show firewall filter FILTER_INSTANCE_TO
Filter: FILTER_INSTANCE_TO
Counters:
Name Bytes
Packets
defaultcount 0
0
ccount 0
0
dcount 0
0
Everything is routed based on inet.0 only, but it's not becaue of the
filter ('defaultcount' counter value). PLIST_C and PLIST_D are fine,
cause are being used many times in other statements.
Perhaps there is something obvious what i'm missing, so would be more
than thankful for any hint.
TIA,
--
Gniewko
More information about the juniper-nsp
mailing list