Firewall Filters in Logical Systems Overview
Logical Systems
With the Junos OS, you can partition a single physical router or switch into multiple logical devices that perform independent routing tasks. Because logical systems perform a subset of the tasks once handled by the physical router or switch, logical systems offer an effective way to maximize the use of a single router or switch.
Firewall Filters in Logical Systems
You can configure a separate set of firewall filters for each logical system on a router
or switch. To configure a filter in a logical system, you must define the filter in the firewall
stanza at the [edit logical-systems logical-system-name]
hierarchy level, and you must apply the filter to a logical interface that is also configured at the [edit logical-systems logical-system-name]
hierarchy level.
Identifiers for Firewall Objects in Logical Systems
To identify firewall objects configured under logical systems, operational show
commands and firewall-related SNMP MIB objects include a __logical-system-name/
prefix in the object name. For example, firewall objects configured under the ls1
logical system include __ls1/
as the prefix.