Traffic that enters and exits a Services Router running JUNOS software with enhanced services is
processed according to features you configure, such as security policies,
packet filters, and screens. For example the software can determine:
Whether the packet is allowed into the router
Which class of service (CoS) to apply to the packet, if
any
Which firewall screens to apply to the packet
Whether to send the packet through an IPsec tunnel
Whether the packet requires an Application Layer Gateway
(ALG)
Whether to apply Network Address Translation (NAT) to
translate the packet's address
The route the
packet takes to reach its destination.
Packets that enter and exit a Services Router running JUNOS software with enhanced services undergo
both packet-based and flow-based processing.
Flow-based, or stateful,
packet processing treats related packets, or a stream of packets,
in the same way. Packet treatment depends on characteristics that
were established for the first packet of the packet stream, which
is referred to as a flow.
Packet-based, or stateless, packet processing treats packets
discretely. Each packet is assessed individually for treatment.
The software implements flow-based security and
services, with packet-based application of filters, policers, traffic
shapers, and other classification features.
