In this sample Nugget from my JN0-102 course at CBT Nuggets, I walk you through important aspects of how interfaces work on Juniper equipment.
This post is critical for those students studying for their Enterprise Routing and Switching Certifications.
The following sequence describes how the device evaluates a packet entering or exiting an interface if the input or output traffic at a device interface is associated with a firewall filter.
Packet evaluation proceeds as follows:
Unlike service filters and simple filters, firewall filters support the next term action, which is neither a terminating action nor a nonterminating action but a flow control action.
If the matched term includes the next term action, the device continues evaluation of the packet at the next term within the firewall filter.
If the matched term does not include the next term action, evaluation of the packet against the given firewall filter ends at this term. The device does not evaluate the packet against any subsequent terms in this filter.
A maximum of 1024 next term actions are supported per firewall filter configuration. If you configure a firewall filter that exceeds this limit, your candidate configuration results in a commit error.
The device stops evaluating a packet against a given firewall filter when either the packet matches a term without the next term action or the packet fails to match the last term in the firewall filter.
If you know anything about my approach to certifications, you will know that I am a huge proponent of building a tracker to make sure you are studying the right topics and to measure your progress and keep yourself accountable.
NOTE: I only show Section 1 below on my blog home page – you might need to click the READ MORE link in order to see the other sections.
Identify the concepts and functionality of various fundamental elements of networking