Juniper JUNOS OS 10.4 - PROTECTED SYSTEM DOMAIN Configuration Manual
Download Configuration manual of Juniper JUNOS OS 10.4 - PROTECTED SYSTEM DOMAIN Other for Free or View it Online on All-Guides.com.
Brand: Juniper
Category: Other
Type: Configuration manual for Juniper JUNOS OS 10.4 - PROTECTED SYSTEM DOMAIN
Pages: 290
Download Juniper JUNOS OS 10.4 - PROTECTED SYSTEM DOMAIN Configuration manual
}
}
Related
Documentation
Shared Interfaces on page 5•
• Before You Configure Shared Interfaces on page 94
• Interfaces Hierarchy on page 93
• Configuring Shared Interfaces on the RSD on page 95
• Example: Configuring Shared Interfaces (SONET) on page 136
• Example: Configuring Shared Interfaces (Ethernet) on page 147
Configuring Firewall Filters on Shared Interfaces
To allow equitable bandwidth sharing between all logical interfaces on a single shared
physical interface, you configure firewall filters on the logical interfaces in the PSD
configuration.
Whereas the RSD controls the physical shared interface and allocates a logical interface
on it to the PSD, the PSD controls the configuration under the logical interface, including
the protocol family. The shared interface on the RSD is not aware of the protocol family
information associated with the logical interface. Therefore, on the PSD, the firewall filter
must be configured under the [edit firewall family any] hierarchy level and the filter applied
to the entire logical interface (as opposed to a protocol family under the interface). With
Junos OS Release 9.4, only output filters are supported.
To configure a firewall filter on the PSD, create the filter conditions and apply the filter
to the logical interfaces:
1. Configure the firewall filter conditions:
a. Include the filter filter-name statement at the [edit firewall family any] hierarchy
level.
b. Include the term term-name statement at the [edit firewall family any filter
filter-name] hierarchy level.
c. Include the from match-conditions statement at the [edit firewall family any filter
filter-name term term-name] hierarchy level.
d. Include the then action statement at the [edit firewall family any filter filter-name
term term-name] hierarchy level.
e. Include the then action-modifiers statement at the [edit firewall family any filter
filter-name term term-name] hierarchy level.
2. Apply the firewall filter to the logical interface on the shared interface by including
the filter output filter-name statement at the [edit interfaces interface-name unit
logical-unit-number] hierarchy level.
Copyright © 2010, Juniper Networks, Inc.102
JUNOS 10.4 Protected System Domain Configuration Guide