[j-nsp] Filter-Based Forwarding issue
Jared Gull
jmgull at yahoo.com
Thu Mar 29 09:49:08 EST 2007
Could you provide the configuration snippets for the
routing-options, routing-instances, and a 'show route
summary' output.
--- Gniewko <gniewko at man.szczecin.pl> wrote:
> Hello There,
>
> I've exprienced weird behaviour of FBF - it doesn't
> work at all :).
> Suppose there is a very simple filter:
>
> # show firewall family inet filter
> FILTER_INSTANCE_TO
>
> term C {
> from {
> source-prefix-list {
> PLIST_C;
> }
> }
> then {
> count ccount;
> routing-instance INSTANCE_C;
> }
> }
>
> term D {
> from {
> source-prefix-list {
> PLIST_D;
> }
> }
> then {
> count dcount;
> routing-instance INSTANCE_D;
> }
> }
>
> term DEFAULT {
> then {
> count defaultcount;
> accept;
> }
> }
>
>
> # show interfaces ge-1/3/0 unit 24
> vlan-id 24;
> family inet {
> no-redirects;
> filter {
> input FILTER_INSTANCE_TO;
> }
>
>
> # run show firewall filter FILTER_INSTANCE_TO
> Filter: FILTER_INSTANCE_TO
> Counters:
> Name
> Bytes
> Packets
> defaultcount
> 0
> 0
> ccount
> 0
> 0
> dcount
> 0
> 0
>
> Everything is routed based on inet.0 only, but it's
> not becaue of the
> filter ('defaultcount' counter value). PLIST_C and
> PLIST_D are fine,
> cause are being used many times in other statements.
>
> Perhaps there is something obvious what i'm missing,
> so would be more
> than thankful for any hint.
>
> TIA,
>
> --
> Gniewko
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
____________________________________________________________________________________
Bored stiff? Loosen up...
Download and play hundreds of games for free on Yahoo! Games.
http://games.yahoo.com/games/front
More information about the juniper-nsp
mailing list