[j-nsp] destination nat, 8 rule limit
Alexander Shikoff
minotaur at crete.org.ua
Fri Nov 6 13:41:16 EST 2009
On Fri, Nov 06, 2009 at 12:24:34PM -0600, Christopher Hobbs wrote:
> On Fri, Nov 6, 2009 at 12:20 PM, Brandon Bennett <bennetb at gmail.com> wrote:
>
> > Crap.
> >
> > 2009/11/6 Alexander Shikoff <minotaur at crete.org.ua>
> >
> > On Wed, Nov 04, 2009 at 04:01:40AM +0200, Alexander Shikoff wrote:
> >> > On Tue, Nov 03, 2009 at 06:32:05PM -0700, Brandon Bennett wrote:
> >> > > 08/17/09 05:21:01 I am not sure of the exact time, but I know that It
> >> should
> >> > > > be in version
> >> > > > 10 of Junos.
> >> > >
> >> > >
> >> > > Did they mention what it would be increased to?
> >> >
> >> > IIRC 256 rules per one rule-set.
> >>
> >> I've just tested dst nat in 10.0R1.8.
> >> The same:
> >> minotaur# commit
> >> error: Destination NAT rule-set rs-Nat and rs-Nat1 have same context.
> >> [edit security nat destination]
> >> 'rule-set rs-Nat1'
> >> Destination NAT rule-set(rs-Nat1) sanity check failed.
> >> error: configuration check-out failed
> >>
> >> [edit security nat destination rule-set rs-Nat1]
> >>
> >> ... and only 8 rules per rule set.
> >>
> >> --
> >> MINO-RIPE
> >>
> >
> >
> Seconded.
>
> Maybe a ticket with Juniper would get their attention? I'll take car of
> that when I get into work on Tuesday.
>
> Thanks for the assistance, folks.
Yep. I've reopened my ticket and already got a reply:
"11/06/09 09:04:32 This may be in the next 10 version of Junos. I apologize but I am not
sure when the developers expect this limitations to be fixed."
If you care about this issue you may open your one. More tickets - more
attention, though...
--
MINO-RIPE
More information about the juniper-nsp
mailing list