How to correctly filter PIM joins in policy-options/policy-statement on an IRB interface. In order to reject PIM for a local RP between group 249.255.0.0/16 and source 10.15.29.224/27, you can use a specific filter in policy-options/policy-statement called 'pim-join-filter' trying to reject this specific join: term bad-groups { from { route-filter … [Read more...]
Policer using firewall filter : Configuration Example
Policer using firewall filter : Policer using firewall filter : Configuration Example How to configure policer based on firewall? Use the following configuration: Firewall filter: set firewall family inet filter specificroutes term 1 from source-address 192.168.2.0/32 set firewall family inet filter specificroutes term 1 from source-address 192.168.1.0/32 set firewall … [Read more...]
Firewall filter counters are not incrementing when applied under input-list.
This article discusses the reason why Firewall filter counters donot increment when applied under "input-list". Firewall filter counters are not incrementing for second filter when applied under input-list. Filter configuration: set firewall filter test1 term ftp from destination-port ftp set firewall filter test1 term ftp then count counter1 set firewall filter test1 … [Read more...]
“dfwc_bitfield: “82” is an invalid option commit error
This article describes the issue of the "dfwc_bitfield: "82" is an invalid option error message being generated, when a specific numeric value is committed as a match condition in a firewall filter. If you try to commit a specific numeric value, such as 82, as a match condition in a firewall filter, the following error message is generated: p57024@r1a5# commit check dfwc: … [Read more...]
How to find TCAM utilization by firewall filter terms on QFX3500 Switch
This article is intended to explain the procedure to find the number of TCAM entries by firewall filter terms used on the QFX3500 Switch. How do I find the number of TCAM entries used by filter terms? In QFX3500 switches, the user can find the number of TCAM entries used by terms used in firewall filter applied to interfaces or VLAN. Procedure: 1. Access the shell … [Read more...]