Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Routing Policy and Firewall Filters

  • Support for EVPN-VXLAN filtering and port mirroring based on VNI match conditions (PTX10001-36MR, PTX10004, PTX10008, and PTX10016)—Starting in Junos OS Evolved Release 23.4R1, you can construct a firewall filter to filter EVPN-VXLAN traffic by using the VXLAN network identifier (VNI) values in the match condition on ingress interfaces. This feature supports redirecting traffic to a global port-mirroring instance.

    To filter traffic based on the VNI, use the following commands:

    • set firewall filter filter-name term term-name from vxlan vni vni-value

    • set firewall filter filter-name term term-name from vxlan vni-except vni-value

      vni-value can be a numeric value or range of numeric values.

    [See Firewall Filter Match Conditions and Actions (PTX Series Routers).]

  • Enhanced hierarchical policer (ACX7024, ACX7100-32C, ACX7100-48L, and ACX7509)-Starting in Junos OS Evolved Release 23.4R1, you can use the enhanced hierarchical policer configuration to rate limit traffic based on packets classified on the traffic priority. You can configure traffic policing at four levels of hierarchies with respect to the traffic priority. Use enhanced-hierarchical-policer to configure these levels.

    [See enhanced-hierarchical-policer.]