rule (Advanced Policy-Based Routing)
[edit security advance-policy-based-routing profile profile-name]
Statement introduced in Junos OS Release 15.1X49-D60. The option category is introduced in Junos OS Release 18.3R1. Junos OS Release 19.3R1 supports the option dscp. Junos OS Release 20.1R1 supports the option any for dynamic-application.
Configure rules for the advanced policy-based routing (APBR) profile (application profile). Associate the rule with one or more than one dynamic applications or application groups or URL categories as follows:
For matching the dynamic applications, APBR consults the application identification (AppID) and application system cache (ASC) to get the application type. If the application matches any of the application or application groups of a rule in a profile, the application profile rule is considered to be a match, and the traffic is redirected to the defined routing instance for the route lookup.
You can use a DSCP value in an APBR rule as a matching criteria to perform advanced policy-based routing on the traffic with DSCP markings. You can use the DSCP value in addition to the dynamic applications in an APBR rule.
For matching the URL categories, APBR leverages category identification from the Enhanced Web Filtering (EWF) and local Web filtering results obtained from the unified threat management (UTM) module. Web filtering classifies websites into categories. If the traffic matches the URL categories specified in the rule of the APBR profile, it is redirected to the defined routing instance.
Required Privilege Level
services—To view this statement in the configuration.
services-control—To add this statement to the configuration.