[j-nsp] J series packet mode

Tom Storey tom at snnap.net
Thu Dec 19 09:25:05 EST 2013


Hi everyone.

Whats the general consensus about using a J series entirely in packet mode?

Are there any gotchyas to be wary of, like missing features,
performance hit? It looks like you can configure 3 address families
for packet mode (iso, inet6, mpls) but not inet4. But, from what Im
reading, enabling MPLS packet mode forces the whole box in to packet
mode, including inet4.

Source: http://www.juniper.net/us/en/local/pdf/app-notes/3500192-en.pdf page 6

Quote: "When MPLS is configured, there is no way of knowing if an IP
packet entering the services gateway will require MPLS encapsulation
until the packet is processed, so enabling MPLS can be used to force
an SrX Series or J Series device to forward all IPv4 traffic in packet
mode."

FWIW the situation I am picturing would not require NAT or IPSEC or
other services like that, just packet shifting with ACLs, some routing
protocols (IS-IS/BGP), and something like VRRP for gateway redundancy.

Im interested in using it more like a router than a firewall, just
good old fashion packets and ACLs!

As I understand it the J series were originally a packet mode box
until Juniper switched the default behaviour to flow based. Has there
been any major architecture changes that would rule out packet mode
operation?

Thanks.


More information about the juniper-nsp mailing list