Mappage des commandes de filtre du pare-feu OpenConfig à la configuration Junos
Consultez la rubrique Version du modèle de données OpenConfig pour comprendre la version prise en charge des modèles de données et sa version Junos OS ou Junos Evolved du système d’exploitation pour Juniper Networks ACX Series, MX Series et PTX Series.
Les tableaux suivants montrent le mappage des commandes de filtre de pare-feu OpenConfig avec la configuration appropriée dans Junos OS :
- Tableau 1 : configuration du filtre DSCP (Differentiated Services Code Point)
- Tableau 2 : configuration de Google Discovery Protocol (GDP) et de Traceroute
-
Tableau 3 : configuration du filtre MPLS.
- Tableau 4 : configuration du filtre IPv4
- Tableau 5 : configuration du filtre IPv6
- Tableau 6 : configuration des liaisons
- Tableau 7 : configuration du filtrage des instances réseau IPv6
- Tableau 8 : configuration du filtrage des actions d’instance réseau
- Tableau 9 : configuration de liaison d’instance réseau
| Nom de la commande |
Configuration d’OpenConfig |
Junos Configuration |
|---|---|---|
| Filtre |
network-instances {
network-instance n1 {
policy-forwarding {
policies {
policy dscp-steer {
config {
policy-id dscp-steer;
}
rules {
rule 1 {
config {
sequence-id 1;
}
ipv4 {
config {
dscp <>;
}
}
ipv6 {
config {
dscp <>;
}
}
action {
config {
network-instance <>;
}
}
}
}
}
}
}
}
|
firewall {
family inet {
filter dscp-steer-ipv4-n1 {
term 1 {
from {
interface et-1/0/0.0;
dscp <>;
}
then {
routing-instance <>;
}
}
term 2 {
then accept;
}
}
}
family inet6 {
filter dscp-steer-ipv6-n1 {
term 1 {
from {
interface et-1/0/0.0;
traffic-class <>;
}
then {
routing-instance <>;
}
}
term 2 {
then accept;
}
}
}
}
|
| Contraignant |
network-instances {
network-instance n1 {
policy-forwarding {
interfaces {
interface et-1/0/0.0 {
config {
apply-forwarding-policy dscp_steer;
}
interface-ref {
config {
interface et-1/0/0;
subinterface 0;
}
}
}
}
}
}
}
|
routing-instances {
n1 {
forwarding-options {
family inet {
filter {
input dscp-steer-ipv4-n1;
}
}
family inet6 {
filter {
input dscp-steer-ipv6-n1;
}
}
}
}
}
In case of binding to ‘default’ routing instance then following will be the junos config
forwarding-options {
family inet {
filter {
input dscp-steer-ipv4-n1;
}
}
family inet6 {
filter {
input dscp-steer-ipv6-n1;
}
}
}
|
| Cette configuration OpenConfig DSCP est destinée à filtrer le trafic acheminé vers un port spécifique en fonction de l’ensemble de critères d’entrée suivants spécifiés dans la configuration de l’équipement :
S’il n’y a pas de correspondance, les paquets sont filtrés vers un contexte VRF par défaut où ils sont acheminés en fonction de l’en-tête exposé. |
||
| Nom de la commande |
Configuration d’OpenConfig |
Junos Configuration |
|---|---|---|
| Filtre |
acl-sets {
acl-set gdp-trace-route-filter ACL_MIXED {
config {
name gdp-trace-route-filter;
type ACL_MIXED;
}
acl-entries {
acl-entry 1 {
config {
sequence-id 1;
}
l2 {
config {
ethertype 0x6007;
}
}
actions {
config {
jnx-redirect <>;
}
}
acl-entry 2 {
config {
sequence-id 2;
}
ipv4 {
config {
hop-limit 0;
}
}
actions {
config {
jnx-redirect <>;
}
}
acl-entry 3 {
config {
sequence-id 3;
}
ipv4 {
config {
hop-limit 1;
}
}
actions {
config {
jnx-redirect <>;
}
}
acl-entry 4 {
config {
sequence-id 4;
}
ipv6 {
config {
hop-limit 0;
}
}
actions {
config {
jnx-redirect <>;
}
}
acl-entry 5 {
config {
sequence-id 5;
}
ipv6 {
config {
hop-limit 1;
}
}
actions {
config {
jnx-redirect <>;
}
}
}
acl-entry 6 {
config {
sequence-id 6;
}
actions {
config {
forwarding-action ACCEPT;
}
}
}
}
}
}
}
|
firewall {
family any {
filter gdp-trace-route-filter {
term 1 {
from {
ether-type 0x6007;
}
then redirect <>;
}
term 2 {
from {
ip-version {
ipv4 {
ttl 0;
}
}
}
then redirect <>;
}
term 3 {
from {
ip-version {
ipv4 {
ttl 1;
}
}
}
then redirect <>;
}
term 4 {
from {
ip-version {
ipv6 {
hop-limit 0;
}
}
}
then redirect <>;
}
term 5 {
from {
ip-version {
ipv6 {
hop-limit 1;
}
}
}
then redirect <>;
}
term 6 {
then accept;
}
}
}
}
services {
inline-monitoring {
instance {
<> {
controller p4;
}
}
}
}
|
| L’instruction Junos |
||
| Contraignant |
interfaces {
interface et-0/0/1 {
config {
id et-0/0/1;
}
interface-ref {
config {
interface et-0/0/1;
subinterface 4000;
}
}
ingress-acl-sets {
ingress-acl-set gdp-trace-route-filter ACL_MIXED {
config {
set-name gdp-trace-route-filter;
type ACL_MIXED;
}
}
}
}
}
|
/* gdp-trace-route-filter binding */
interfaces {
et-0/0/1 {
unit 4000 {
filter {
input gdp-trace-route-filter;
}
}
}
}
|
| Nom de la commande |
Configuration d’OpenConfig |
Junos Configuration |
|---|---|---|
| Classe de trafic |
acl-sets {
acl-set <> ACL_MPLS {
acl-entries {
acl-entry 1 {
mpls {
config {
traffic-class <>;
}
}
}
}
}
} |
family mpls {
filter <> {
term <> {
from {
exp0 <>;
}
}
}
} |
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/mpls/config/traffic-class |
||
| Valeur de l’étiquette de départ |
acl-sets {
acl-set <> ACL_MPLS {
acl-entries {
acl-entry 1 {
mpls {
config {
start-label-value <>;
}
}
}
}
}
} |
family mpls {
filter <> {
term <> {
from {
label 0 <>;
}
}
}
} |
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/mpls/config/start-label-value |
||
| Valeur de l’étiquette de fin |
acl-sets {
acl-set <> ACL_MPLS {
acl-entries {
acl-entry 1 {
mpls {
config {
end-label-value <>;
}
}
}
}
}
} |
family mpls {
filter <> {
term <> {
from {
label 0 <>;
}
}
}
} |
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/mpls/config/end-label-value |
||
| Nom de la commande |
Configuration d’OpenConfig |
Junos Configuration |
|---|---|---|
| Adresse de destination |
acl-sets {
acl-set <> ACL_IPV4 {
acl-entries {
acl-entry <> {
ipv4 {
config {
destination-address <>;
}
}
}
}
}
}
|
firewall {
family inet {
filter <> {
term <> {
from {
destination-address {
<>;
}
}
}
}
}
} |
| Chemin OpenConfig : acl/acl-sets/acl-set/acl-entries/acl-entry/ipv4/config/destination-address |
||
| DSCP |
acl-sets {
acl-set <> ACL_IPV4 {
acl-entries {
acl-entry <> {
ipv4 {
config {
dscp <>;
}
}
}
}
}
}
|
Firewall {
family inet {
filter <> {
term <> {
from {
dscp <>;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : acl/acl-sets/acl-set/acl-entries/acl-entry/ipv4/config/dscp |
||
| Limite de saut |
acl-sets {
acl-set <> ACL_IPV4 {
acl-entries {
acl-entry <> {
ipv4 {
config {
hop-limit <>;
}
}
}
}
}
}
|
firewall {
family inet {
filter <> {
term <> {
from {
ttl <>;
}
}
}
}
}
|
| Chemin OpenConfig : acl/acl-sets/acl-set/acl-entries/acl-entry/ipv4/config/hop-limit |
||
| Protocole |
acl-sets {
acl-set <> ACL_IPV4 {
acl-entries {
acl-entry <> {
ipv4 {
config {
protocol <>;
}
}
}
}
}
}
|
firewall {
family inet {
filter <> {
term <> {
from {
protocol <>;
}
}
}
}
}
|
| Chemin OpenConfig : acl/acl-sets/acl-set/acl-entries/acl-entry/ipv4/config/protocol |
||
| Adresse source |
acl-sets {
acl-set <> ACL_IPV4 {
acl-entries {
acl-entry <> {
ipv4 {
config {
source-address <>;
}
}
}
}
}
}
|
firewall {
family inet {
filter <> {
term <> {
from {
source-address {
<>;
}
}
}
}
}
}
|
| Chemin OpenConfig : acl/acl-sets/acl-set/acl-entries/acl-entry/ipv4/config/source-address |
||
| Port de destination |
acl-sets {
acl-set <> ACL_IPV4 {
acl-entries {
acl-entry <> {
transport {
config {
destination-port <>;
}
}
}
}
}
} |
firewall {
family inet {
filter <> {
term <> {
from {
destination-port <>;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/transport/config/destination-port |
||
| port source |
acl-sets {
acl-set <> ACL_IPV4 {
acl-entries {
acl-entry <> {
transport {
config {
source-port <>;
}
}
}
}
}
} |
firewall {
family inet {
filter <> {
term <> {
from {
source-port <>;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/transport/config/source-port |
||
| Indicateurs TCP |
acl-sets {
acl-set <> ACL_IPV4 {
acl-entries {
acl-entry <> {
transport {
config {
tcp-flags <>;
}
}
}
}
}
} |
firewall {
family inet {
filter <> {
term <> {
from {
tcp-flags <>;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/transport/config/tcp-flags |
||
| Interface |
acl-sets {
acl-set <> ACL_IPV4 {
acl-entries {
acl-entry <> {
input-interface {
interface-ref {
config {
interface <>;
subinterface <>;
}
}
}
}
}
}
} |
firewall {
family inet {
filter <> {
term <> {
from {
interface <>;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/input-interface/interface-ref/config/interface-subinterface |
||
| action de transfert ACCEPT |
acl-sets {
acl-set <> ACL_IPV4 {
acl-entries {
acl-entry <> {
actions {
config {
forwarding-action ACCEPT;
}
}
}
}
}
} |
firewall {
family inet {
filter <> {
term <> {
then accept;
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/actions/config/forwarding-action |
||
| action de transfert DROP |
acl-sets {
acl-set <> ACL_IPV4 {
acl-entries {
acl-entry <> {
actions {
config {
forwarding-action DROP;
}
}
}
}
}
} |
firewall {
family inet {
filter <> {
term <> {
then {
discard;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/actions/config/forwarding-action |
||
| action de transfert REJECT |
acl-sets {
acl-set <> ACL_IPV4 {
acl-entries {
acl-entry <> {
actions {
config {
forwarding-action REJECT;
}
}
}
}
}
} |
firewall {
family inet {
filter <> {
term <> {
then {
reject;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/actions/config/forwarding-action |
||
| LOG_SYSLOG log-action |
acl-sets {
acl-set <> ACL_IPV4 {
acl-entries {
acl-entry <> {
actions {
config {
log-action LOG_SYSLOG;
}
}
}
}
}
} |
firewall {
family inet {
filter <> {
term <> {
then syslog;
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/actions/config/log-action |
||
| Nom de la commande |
Configuration d’OpenConfig |
Junos Configuration |
|---|---|---|
| Adresse de destination |
acl-sets {
acl-set <> ACL_IPV6 {
acl-entries {
acl-entry <> {
ipv6 {
config {
destination-address <>;
}
}
}
}
}
} |
firewall {
family inet6 {
filter <> {
term <> {
from {
destination-address {
<>;
}
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/ipv6/config/destination-address |
||
| Limite de saut |
acl-sets {
acl-set <> ACL_IPV6 {
acl-entries {
acl-entry <> {
ipv6 {
config {
hop-limit <>;
}
}
}
}
}
} |
firewall {
family inet6 {
filter <> {
term <> {
from {
hop-limit <>;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/ipv6/config/hop-limit |
||
| Protocole |
acl-sets {
acl-set <> ACL_IPV6 {
acl-entries {
acl-entry <> {
ipv6 {
config {
protocol <>;
}
}
}
}
}
} |
firewall {
family inet6 {
filter <> {
term <> {
from {
next-header <>;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/ipv6/config/protocol |
||
| Adresse source |
acl-sets {
acl-set <> ACL_IPV6 {
acl-entries {
acl-entry <> {
ipv6 {
config {
source-address <>;
}
}
}
}
}
} |
firewall {
family inet6 {
filter <> {
term <> {
from {
source-address {
<>;
}
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/ipv6/config/source-address |
||
| DSCP |
acl-sets {
acl-set <> ACL_IPV6 {
acl-entries {
acl-entry <> {
ipv6 {
config {
dscp <>;
}
}
}
}
}
} |
firewall {
family inet6 {
filter <> {
term <> {
from {
traffic-class <>;
}
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/ipv6/config/dscp |
||
| Port de destination |
acl-sets {
acl-set <> ACL_IPV6 {
acl-entries {
acl-entry <> {
transport {
config {
destination-port <>;
}
}
}
}
}
} |
firewall {
family inet6 {
filter <> {
term <> {
from {
destination-port <>;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/transport/config/destination-port |
||
| port source |
acl-sets {
acl-set <> ACL_IPV6 {
acl-entries {
acl-entry <> {
transport {
config {
source-port <>;
}
}
}
}
}
} |
firewall {
family inet6 {
filter <> {
term <> {
from {
source-port <>;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/transport/config/source-port |
||
| Indicateurs TCP |
acl-sets {
acl-set <> ACL_IPV6 {
acl-entries {
acl-entry <> {
transport {
config {
tcp-flags <>;
}
}
}
}
}
} |
firewall {
family inet6 {
filter <> {
term <> {
from {
tcp-flags <>;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/transport/config/tcp-flags |
||
| Interface |
acl-sets {
acl-set <> ACL_IPV6 {
acl-entries {
acl-entry <> {
input-interface {
interface-ref {
config {
interface <>;
subinterface <>;
}
}
}
}
}
}
} |
firewall {
family inet6 {
filter <> {
term <> {
from {
interface <>;
}
}
}
}
}
|
| Chemin OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/input-interface/interface-ref/config/interface |
||
| action de transfert ACCEPT |
acl-sets {
acl-set <> ACL_IPV6 {
acl-entries {
acl-entry <> {
actions {
config {
forwarding-action ACCEPT;
}
}
}
}
}
} |
firewall {
family inet6 {
filter <> {
term <> {
then accept;
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/actions/config/forwarding-action |
||
| action de transfert DROP |
acl-sets {
acl-set <> ACL_IPV6 {
acl-entries {
acl-entry <> {
actions {
config {
forwarding-action DROP;
}
}
}
}
}
} |
firewall {
family inet6 {
filter <> {
term <> {
then discard;
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/actions/config/forwarding-action |
||
| action de transfert REJECT |
acl-sets {
acl-set <> ACL_IPV6 {
acl-entries {
acl-entry <> {
actions {
config {
forwarding-action REJECT;
}
}
}
}
}
} |
firewall {
family inet6 {
filter <> {
term <> {
then {
reject;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/actions/config/forwarding-action |
||
| LOG_SYSLOG log-action |
acl-sets {
acl-set <> ACL_IPV6 {
acl-entries {
acl-entry <> {
actions {
config {
log-action LOG_SYSLOG;
}
}
}
}
}
} |
firewall {
family inet6 {
filter <> {
term <> {
then syslog;
}
}
}
}
|
| Chemin d’accès OpenConfig : /acl/acl-sets/acl-set/acl-entries/acl-entry/actions/config/log-action |
||
| Nom de la commande |
Configuration d’OpenConfig |
Junos Configuration |
|---|---|---|
| configuration de liaison d’entrée |
openconfig-acl:acl {
interfaces {
interface <> {
interface-ref {
config {
interface <>;
subinterface <>;
}
}
ingress-acl-sets {
ingress-acl-set <> ACL_IPV6;
}
}
}
}
|
interfaces {
xe-<> {
unit 0 {
family inet6 {
filter {
input <>;
}
}
}
}
}
|
| Chemin OpenConfig : /acl/interfaces/interface/config/interface/interface-ref/config/interface/ingress-acl-sets/ingress-acl-set |
||
| configuration de liaison de sortie |
openconfig-acl:acl {
interfaces {
interface <> {
interface-ref {
config {
interface <>;
subinterface <>;
}
}
egress-acl-sets {
egress-acl-set <> ACL_IPV6;
}
}
}
}
|
interfaces {
<> {
unit 0 {
family inet6 {
filter {
output <>;
}
}
}
}
}
|
| Chemin OpenConfig : /acl/interfaces/interface/config/interface/interface-ref/config/interface/egress-acl-sets/egress-acl-set |
||
| Nom de la commande |
Configuration d’OpenConfig |
Junos Configuration |
|---|---|---|
| Adresse de destination |
network-instances {
network-instance <> {
policy-forwarding {
policies {
policy <> {
rules {
rule <> {
ipv6 {
config {
destination-address <>;
}
}
}
}
}
}
}
}
}
|
firewall {
family inet6 {
filter <> {
term <> {
from {
destination-address {
<>;
}
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /network-instances/network-instance/policy-forwarding/policies/policy/rules/rule/ipv6/config/destination-address |
||
| Limite de saut |
network-instances {
network-instance <> {
policy-forwarding {
policies {
policy <> {
rules {
rule <> {
ipv6 {
config {
hop-limit <>;
}
}
}
}
}
}
}
}
}
|
firewall {
family inet6 {
filter <> {
term <> {
from {
ttl <>;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /network-instances/network-instance/policy-forwarding/policies/policy/rules/rule/ipv6/config/hop-limit |
||
| Protocole |
network-instances {
network-instance <> {
policy-forwarding {
policies {
policy <> {
rules {
rule <> {
ipv6 {
config {
protocol <>;
}
}
}
}
}
}
}
}
}
|
firewall {
family inet6 {
filter <> {
term <> {
from {
protocol <>;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /network-instances/network-instance/policy-forwarding/policies/policy/rules/rule/ipv6/config/protocol |
||
| Adresse source |
network-instances {
network-instance <> {
policy-forwarding {
policies {
policy dscp <> {
rules {
rule <> {
ipv6 {
config {
source-address <>;
}
}
}
}
}
}
}
}
}
|
firewall {
family inet6 {
filter <> {
term <> {
from {
source-address <>;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /network-instances/network-instance/policy-forwarding/policies/policy/rules/rule/ipv6/config/source-address |
||
| Action : Jeter |
network-instances {
network-instance <> {
policy-forwarding {
policies {
policy <> {
rules {
rule <> {
action {
config {
discard <>;
}
}
}
}
}
}
}
}
}
|
firewall {
family inet6 {
filter <> {
term <> {
then {
discard;
}
}
}
}
}
|
| Nom de la commande |
Configuration d’OpenConfig |
Junos Configuration |
|---|---|---|
| Action : Jeter |
network-instances {
network-instance <> {
policy-forwarding {
policies {
policy <> {
rules {
rule <> {
action {
config {
discard <>;
}
}
}
}
}
}
}
}
}
|
firewall {
family inet {
filter <> {
term <> {
then {
discard;
}
}
}
}
}
firewall {
family inet6 {
filter <> {
term <> {
then {
discard;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /network-instances/network-instance/policy-forwarding/policies/policy/rules/rule/action/config/discard
|
||
| Action : configurer l’instance réseau |
network-instances {
network-instance <> {
policy-forwarding {
policies {
policy dscp-steer {
rules {
rule <> {
action {
config {
network-instance <>;
}
}
}
}
}
}
}
}
}
|
firewall {
family inet {
filter <> {
term <> {
then {
routing-instance <>;
}
}
}
}
}
firewall {
family inet6 {
filter <> {
term <> {
then {
routing-instance <>;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /network-instances/network-instance/policy-forwarding/policies/policy dscp-steer/rules/rule/action/config/network-instance
Note:
Lorsque la
|
||
| Nom de la commande |
Configuration d’OpenConfig |
Junos Configuration |
|---|---|---|
| INET : appliquer la stratégie de transfert (instance de routage par défaut) |
Entrée de liaison d’interface INET (instance de routage par défaut) network-instances {
network-instance <> {
policy-forwarding {
interfaces {
interface <> {
config {
apply-forwarding-policy <>;
}
interface-ref {
config {
interface <>;
subinterface <>;
}
}
}
}
}
}
}
|
Entrée de liaison d’interface INET (instance de routage par défaut) firewall {
family inet {
filter <> {
term <> {
then {
next-interface;
}
}
}
}
}
forwarding-options {
family inet {
filter {
input <>;
}
}
}
|
| Chemin d’accès OpenConfig : /network-instances/network-instance/policy-forwarding/interfaces/interface/config/apply-forwarding-policy/interface-ref/config/interface/subinterface
Note:
Utilisez la |
||
| INET : appliquer une stratégie de transfert (pas une instance de routage par défaut) |
Entrée de liaison d’interface INET (pas d’instance de routage par défaut) network-instances {
network-instance <> {
policy-forwarding {
interfaces {
interface <> {
config {
apply-forwarding-policy <>;
}
interface-ref {
config {
interface <>;
subinterface <>;
}
}
}
}
}
}
}
|
Entrée de liaison d’interface INET (pas d’instance de routage par défaut) firewall {
family inet {
filter <> {
term <> {
then {
next-interface;
}
}
}
}
}
routing-instances {
<> {
forwarding-options {
family inet {
filter {
input <>;
}
}
}
}
}
|
| Chemin d’accès OpenConfig : /network-instances/network-instance/policy-forwarding/interfaces/interface/config/apply-forwarding-policy/interface-ref/config/interface/subinterface |
||
| INET6 : appliquer la stratégie de transfert (instance de routage par défaut) |
Entrée de liaison d’interface INET6 (instance de routage par défaut) network-instances {
network-instance <> {
policy-forwarding {
interfaces {
interface <> {
config {
apply-forwarding-policy <>;
}
interface-ref {
config {
interface <>;
subinterface <>;
}
}
}
}
}
}
}
|
Entrée de liaison d’interface INET6 (instance de routage par défaut) firewall {
family inet6 {
filter <> {
term <> {
then {
next-interface;
}
}
}
}
}
forwarding-options {
family inet6 {
filter {
input <>;
}
}
}
|
| Chemin d’accès OpenConfig : /network-instances/network-instance/policy-forwarding/interfaces/interface/config/apply-forwarding-policy/interface-ref/config/interface/subinterface |
||
| INET6 : appliquer la stratégie de transfert (pas une instance de routage par défaut) |
Entrée de liaison d’interface INET6 (pas d’instance de routage par défaut) network-instances {
network-instance <> {
policy-forwarding {
interfaces {
interface <> {
config {
apply-forwarding-policy <>;
}
interface-ref {
config {
interface <>;
subinterface <>;
}
}
}
}
}
}
}
|
Entrée de liaison d’interface INET6 (pas d’instance de routage par défaut) firewall {
family inet6 {
filter <> {
term <> {
then {
next-interface;
}
}
}
}
}
routing-instances {
<> {
forwarding-options {
family inet6 {
filter {
input <>;
}
}
}
}
}
|
|
Note:
Veuillez noter que ces filtres seront implémentés en tant que filtre de table de transfert d’entrée.
Note:
Le filtrage sortant n’est pas pris en charge. |
||