[j-nsp] EX Series Firewall Filter Configuration
Stefan Fouant
sfouant at gmail.com
Tue Sep 16 11:27:37 EDT 2008
Folks,
I'm curious if anyone here can answer a question about firewall filter
implementation on the EX Series switches. For input packets
traversing through the switch, the switch process packets through the
Port-Based Firewall Filter (PACL), then the VLAN-Based Firewall Filter
(VACL), and finally the Router-Based Firewall Filter (RACL). However,
I am curious, if a either a PACL or an VACL has match conditions which
match the traffic AND has a terminating action of accept or
reject/discard, does the packet get processed by the ensuing VACLs
and/or RACLs, or is it immediately allowed through without further
processing (a la normal FF behavior)?
Thanks in advance.
Stefan
--
Stefan Fouant
Principal Network Engineer
NeuStar, Inc. - http://www.neustar.biz
GPG Key ID: 0xB5E3803D
More information about the juniper-nsp
mailing list