In Cisco, we use " log" option to count packets that match particular access list statement but this is control plane acivity
In Juniper we use " Count" with " then " statement to acheive the same result , I am wondering if this is all implemented in data plane or Control plane is interrupted ?
Thanks and have a nice day!!
As Ashvin mentioned it is done in pfe; so we should be careful in limiting or enabling it based on the volume of traffic getting logged. Else, we can expect high amount of traffic destined to RE from PFE due to these actions and host traffic may get chocked. On a safer side use this for troubleshooting .