allow-reverse-ecmp
Syntax
allow-reverse-ecmp
Hierarchy Level
[edit security flow]
Description
Enable ECMP support for reverse traffic. In this case, Junos OS for SRX Series Firewalls and vSRX Virtual Firewall instances use a hash algorithm to determine the interface to use for reverse traffic in a flow. This process is similar to asymmetric routing in which a packet traverses from a source to a destination in one path and takes a different path when it returns to the source.
If you do not enable this feature, the software selects a route in the ECMP set to the incoming interface for reverse traffic, which is the default behavior.
Required Privilege Level
security—To view this in the configuration.
security-control—To add this to the configuration.
Release Information
Statement introduced in Junos OS Release 17.3.