 |
Note: The egress forwarding table filter will be applied on the ingress of the flexible PIC concentrator (FPC). If different packets to the same destination arrive on different FPCs, they may encounter different policers. |
A forwarding table filter allows you to filter data packets based on their components and perform an action on packets that match the filter. You can filter on the ingress or egress packets of a forwarding table.
To apply a forwarding table filter at the ingress of a forwarding table, include the filter input statement at the [edit forwarding-options family family-name] hierarchy level:
- [edit forwarding-options family family-name]
- filter {
- input filter-name;
- }
On the MX-series router only, to apply a forwarding table filter for a virtual switch, include the filter input statement at the [edit routing-instances routing-instance-name bridge-domains bridge-domain-name forwarding-options] hierarchy level:
- [edit routing-instances routing-instance-name {
-
- bridge-domains bridge-domain-name {
-
- forwarding-options {
-
- filter {
- input filter-name:
- }
- }
- }
For more information about how to configure a virtual switch, see the JUNOS MX-series Layer 2 Configuration Guide.
You can filter based upon destination-class information by configuring a firewall filter on the egress of the forwarding table. By applying firewall filters to packets that have been forwarded by a routing table, you can match based on certain parameters that are decided by the route lookup. For example, routes can be classified into specific destination and source classes. Firewall filters used for policing and mirroring are able to match based upon these classes.
To apply a firewall filter at the egress of a forwarding table, include the filter output statement at the [edit forwarding-options family family-name] hierarchy level:
- [edit forwarding-options family family-name]
- filter {
- output filter-name;
- }
|
Note: The egress forwarding table filter will be applied on the ingress of the flexible PIC concentrator (FPC). If different packets to the same destination arrive on different FPCs, they may encounter different policers. |
|
Note: You cannot configure both an egress forwarding table filter and the interface-group statement at the [edit interfaces family inet filter] hierarchy level. The egress forwarding table filter is applied to transit packets only. |
|
Note: The egress forwarding table filter is not supported for the J-series Services Routers. |
To apply a forwarding table filter to a flood table, include the flood input statement at the [edit forwarding-options family family-name] hierarchy level:
- [edit forwarding-options family family-name]
-
flood {
- input filter-name;
- }
|
Note: The flood statement is valid for the vpls address family only. |
 | Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |