[j-nsp] Strange no memory issue on 10.0R3.10
Chris Kawchuk
juniperdude at gmail.com
Wed Sep 22 18:06:34 EDT 2010
If you use the router template, the Security requirements (i.e. needing policies between zones) is removed, however the device still operates in "flow mode"; unless you also specifically state that family inet is in "packet mode"; as well as using firewall filters on every interface and matching all transiting traffic with action "packet-mode".
See: http://www.juniper.net/techpubs/software/junos-security/junos-security96/junos-security-admin-guide/config-selective-stateless-chap.html
Traffic to/from the RE still needs to be in flow mode for the device to operate properly (i.e. BGP sessions, SSH etc...)
- Chris.
On 2010-09-22, at 12:48 PM, Joe Goldberg wrote:
>
>
> Ah, I guess it would have been important for me to mention that I am running
> in router mode with all that flow stuff disabled. I started with the
> routermode template on the box.
>
> Sorry for any confusion.
>
> Joe
More information about the juniper-nsp
mailing list