Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Routing Policy and Firewall Filters

  • Enhanced firewall filter processing on MPC10E and MPC11E line cards (MX Series)—Starting in Junos OS Release 21.2R1, MX Series routers evaluate the terms attached to a firewall filter in an optimized fashion, and the maximum number of terms per filter increases to 8000.

    [See Understanding Firewall Filter Match Conditions.]

  • Class-based firewall filters (PTX Series)—Starting in Junos OS Release 21.2R1, you can apply firewall filter actions like drop, reject, sample, and police on packets classified by destination class usage (DCU) and source class usage (SCU) accounting, for example as part of a design to provide distributed denial-of-service (DDoS) protection to specific customers.

    [See Configuring the Filter Profile.]

  • TCP SYN cookie (MX480 and MX960 with SPC3 card)—Starting in Junos OS Release 21.2R1, we support the TCP SYN cookie. You can configure syn-cookie for the TCP protocol for source and destination.

    [See Configuring Network Attack Protection With IDS Screens for Next Gen Services.]