[j-nsp] destination nat, 8 rule limit

Johan Borch johan.borch at gmail.com
Sat Nov 7 05:37:18 EST 2009


Alexander Shikoff <minotaur <at> crete.org.ua> writes:

>
> On Wed, Nov 04, 2009 at 04:01:40AM +0200, Alexander Shikoff wrote:
> > On Tue, Nov 03, 2009 at 06:32:05PM -0700, Brandon Bennett wrote:
> > > 08/17/09 05:21:01 I am not sure of the exact time, but I know that It
should
> > > > be in version
> > > > 10 of Junos.
> > >
> > >
> > > Did they mention  what it would be increased to?
> >
> > IIRC 256 rules per one rule-set.
>
> I've just tested dst nat in 10.0R1.8.
> The same:
> minotaur# commit
> error: Destination NAT rule-set rs-Nat and rs-Nat1 have same context.
> [edit security nat destination]
>   'rule-set rs-Nat1'
>     Destination NAT rule-set(rs-Nat1) sanity check failed.
> error: configuration check-out failed
>
> [edit security nat destination rule-set rs-Nat1]
>
> ... and only 8 rules per rule set.
>

Do this limitation only apply to dst/src nat or is it static nat to?

Regards
Johan


More information about the juniper-nsp mailing list