[j-nsp] SRX firewall virtualization
james list
jameslist72 at gmail.com
Fri Oct 2 05:22:53 EDT 2015
Well indeed with SRX you can also associate zones+policies to the interface
in the specific routing table
I guess it's something more from my point of view....
and I see also some benefit against lsys, I understand that SRX high end
for example supoprt a few number of lsys...
isn,'t it ?
2015-10-02 10:56 GMT+02:00 Chris Jones <ipv6freely at gmail.com>:
> VR is multiple routing tables.
>
> Lsys is logical systems... basically one step deeper in logical
> segmentation. Essentially multiple full routers in each box.
>
> On Fri, Oct 2, 2015 at 9:08 AM, james list <jameslist72 at gmail.com> wrote:
>
>> Dear experts,
>>
>> I’d like to know your opinion about firewall virtualization inside SRX
>> boxes (high-end).
>>
>>
>> As far as I understand there are a couple of way: Logical Systems (LSys)
>> and Virtual routers (VR).
>>
>>
>>
>> From your point of view:
>>
>>
>> 1) Which are the main differences among Lsys and VR ?
>>
>> 2) Which are pro and cons of LSys and VR ?
>>
>> 3) If I need to put in communication two LSys in the same box which
>> is
>> the maximum throughtput I can get ? Should I use lt- interface ?
>>
>> 4) If I need to put in communication two VR in the same boz which is
>> the maximum throughtput I can get ? Should I use import/export ?
>>
>>
>>
>> If inside the feedbacks you can provide any reference URL it will be
>> appreciated.
>>
>>
>>
>> Cheers
>>
>> James
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
>
>
> --
> Chris Jones
> JNCIE-ENT #272
> CCIE# 25655 (R&S)
>
More information about the juniper-nsp
mailing list