[j-nsp] Why is this term working?
John Neiberger
jneiberger at gmail.com
Sun Jul 22 14:19:36 EDT 2012
Thanks! I thought that must be the case, but I was told by two other
Juniper engineers that it shouldn't be working because there was no
explicit accept. That didn't seem to make sense because the term is
clearly working. I wanted to check here to make sure I understood. I
appreciate the help!
John
On Sun, Jul 22, 2012 at 12:12 PM, Doug Hanks <dhanks at juniper.net> wrote:
> Action modifiers such as count, loss-priority, and forwarding-class
> implicitly imply a terminating action of accept.
>
> Thank you,
>
> --
> Doug Hanks - JNCIE-ENT #213, JNCIE-SP #875
> Solutions Architect EABU
> Juniper Networks
>
>
> On 7/22/12 10:34 AM, "John Neiberger" <jneiberger at gmail.com> wrote:
>
>>Forgive my Juniper noobiness once again. We have the following term in
>>a ingress firewall filter for marking:
>>
>>term netmgmt {
>> then {
>> count fec-cs2;
>> loss-priority high;
>> forwarding-class MNGMT;
>>
>>It seems to be working, but I don't know why. If there is no "accept",
>>shouldn't it be dropping the traffic? I know the default action is
>>accept, but once we use a "then" statement, don't we have to specify
>>the accept/reject/discard action? I'm wondering if the
>>"forwarding-class" statement has an implied accept or something like
>>that. I really have no idea.
>>
>>Thanks,
>>John
>>_______________________________________________
>>juniper-nsp mailing list juniper-nsp at puck.nether.net
>>https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list