Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Routing Policy and Firewall Filters

  • Support for firewall filters per logical interface (QFX5110, QFX5120-32C, QFX5120-48T, QFX5120-48Y, QFX5120-48YM, QFX5200, and QFX5210)— Starting in Junos OS Release 22.2R1, you can configure port firewall filters per logical interface, in the input direction, using the service provider-style configuration. To configure, use the set chassis per-logical-interface-firewall CLI command. In earlier Junos OS releases, port firewall filters would be applied to all logical interfaces of a physical interface.

  • Optimize TCAM when EVPN/VXLAN is enabled (EX4400-48F, EX4650, QFX5110, QFX5120-32C, QFX5120-48T, QFX5120-48Y, QFX5120-48YM, QFX5200, and QFX5210)

    In Junos OS Release 22.2R1, we've introduced CLI configuration commands to optimize ternary content addressable memory (TCAM) space usage. Use these commands to prevent ingress filter processor (IFP) TCAM space exhaustion:

    • set chassis ivacl-firewall-no-portrange-profile
    • set chassis iracl-firewall-ipv4-profile
    • set chassis ipvacl-firewall-l2-profile
    • set chassis input-firewall-optimized-profile