Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Firewall Filters for Bridge Domains and VPLS Instances

    Juniper Networks MX Series 3D Universal Edge Routers support firewall filters for the bridge and vpls protocol families. You configure these firewall filters to control traffic within bridge domains and VPLS instances. This chapter explores some of the ways that filters can be used in a Layer 2 environment to control traffic.

    MX Series router firewall filters can be applied to:

    • Input interfaces
    • Output interfaces
    • Input to the Layer 2 forwarding table

    Note: Broadcast, unicast unknown, and multicast (BUM) traffic is not affected by input and output policies. BUM traffic can only be filtered by forwarding table policies.

    You use a firewall filter after taking the following two steps:

    1. You configure any policers and the firewall filter at the [edit firewall] hierarchy level.
    2. You apply the properly configured firewall filter to an interface.

    Note: You should deploy firewall filters carefully because it is easy to cause unforeseen side effects on all traffic, especially traffic that is not the intended target of the filter. For more information about configuring firewall filters, see the Routing Policy Configuration Guide.

    Note: If the chassis is running in Enhanced IP mode, a single shared filter instance is created for a filter applied across bridge domains. However, if the chassis is not running in Enhanced IP mode, then separate filter instances are created for each bridge domain that the filter is applied to.

     

    Related Documentation

     

    Published: 2013-02-13

    Previous Page Next Page