[j-nsp] Question about filter input in lo0

luis barrios labarriosdl at gmail.com
Fri Sep 3 19:57:13 EDT 2010


Hello,
When in a Juniper i apply an input filter in the lo0 interface this
protection apply for the routing-instance too ??
For example ..
In the filter ... named protectRE i have one term to protect the bgp session
, the term looks like this:

term bgp {
    from {
        source-prefix-list {
            neighbor.bgp;
        }
        protocol tcp;
        port bgp;
    }
    then accept;


so ..  in the list "neighbor.bgp"  are all the ip prefix  that the router
will accept for establish a bgp session.
My question is, if i have a routing-instance  (type vrf ) and i want to
configure a bgp session in this vrf to the peer a.b.c.d ,  do i need to add
in the "neighbor.bgp" list  the addreess of this peer a.b.c.d  ???

the filter protectRE is applied in the lo0

interfaces lo0
unit 0 {
    family inet {
        filter {
            input protectRE;
        }
        address x
        address y
    }
}


thanks  for  your help ..


More information about the juniper-nsp mailing list