loopback-firewall-per-vrf
Syntax
loopback-firewall-per-vrf
Hierarchy Level
[edit chassis loopback-firewall-per-vrf]
Description
After setting this configuration, the system allows you to apply firewall filters to loopback address logical interfaces on a per VRF basis.
In the following example, two logical interfaces on the loopback address are
configured. Two logical interfaces on an ethernet interface are configured.
Two VRFs are configured, and each VRF is assigned a loopback address logical
interface and an ethernet interface logical interface. set chassis
loopback-firewall-per-vrf configuration statement is issued.
A firewall filter is configured. The firewall filter is applied to the two
loopback address logical interfaces.
set interfaces lo0 unit 0 family inet address 1.1.1.2/32 set interfaces lo0 unit 1 family inet address 2.2.2.2/32 set interfaces xe-0/0/1 vlan-tagging set interfaces xe-0/0/1 unit 0 vlan-id 100 set interfaces xe-0/0/1 unit 0 family inet address 100.1.1.1/24 set interfaces xe-0/0/1 unit 1 vlan-id 200 set interfaces xe-0/0/1 unit 1 family inet address 200.1.1.1/24 set routing-instances vrf-green instance-type virtual-router set routing-instances vrf-green interface lo0.1 set routing-instances vrf-green interface xe-0/0/1.0 set routing-instances vrf-blue instance-type virtual-router set routing-instances vrf-blue interface lo0.2 set routing-instances vrf-blue interface xe-0/0/1.1 set chassis loopback-firewall-per-vrf set firewall family inet filter accept-ospf term t1 from protocol ospf set firewall family inet filter accept-ospf term t1 then count accept-ospf set firewall family inet filter accept-ospf term t1 then accept set interfaces lo0 unit 0 family inet filter input accept-ospf set interfaces lo0 unit 1 family inet filter input accept-ospf
Required Privilege Level
interface
Release Information
Statement introduced in Junos OS Release 25.4R1