Creating an Exception Rule within a Policy Classifier Group

To create the exception rule within an IP policy classifier group to specify the client application for the destination of packets rather than forwarding them by the forwarding controller (FC), use the exception http-redirect command.Doing this allows the application to then perform an application-dependent action on the content of the packet. The exception rule applies to input and secondary-input policies.

Note: The exception http-redirect command is not supported for the ES2 10G LM or the ES2 10G Uplink LM.

An exception rule in the input policy only takes effect if neither the input policy nor the secondary policy drops the packet. Packets dropped by input or secondary policies are not exceptioned to the SRP module. HTTP redirect is the only application that is available as a destination of the exception rule.

Because classifier groups can contain multiple actions, the following list describes how each rule interacts with the exception rule:

• color—Packets are colored and the exception rule is applied.
• filter—Packets are filtered and the exception rule is not applied. When the filter rule is present, other rules are not applied.
• forward—Forward rule is ignored and the exception rule is applied to packets.
• log—Packets are logged and the exception rule is applied.
• mark—Packets are marked and the exception rule is applied.
• next-hop—Next-hop rule is ignored and the exception rule is applied to packets.
• next-interface—Next-interface rule is ignored and the exception rule is applied to packets.
• rate-limit-profile—Rate limit is applied and the exception rule is applied to packets.
• traffic-class—Traffic class is set and the exception rule is applied to packets.
• user-packet-class—User packet class is set and the exception rule is applied to packets.
• exception—Exception rule is applied to packets.

Related Topics

• exception http-redirect

Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice.