Switching

 View Only
last person joined: 13 hours ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.
  • 1.  CoS MF classifier on ethernet-switching

    Posted 09-21-2023 15:23

    Hi,

    I've created FW filter:

    family ethernet-switching {
        filter by_dest_ip {
            term 1 {
                from {
                    ip-protocol icmp;}
                then {
                    forwarding-class no-loss;
                    loss-priority high;
                }}}}

    And port configured:

    root# show interfaces xe-0/0/44
    unit 0 {
        family ethernet-switching {
            interface-mode access;
            vlan {
                members vl100;
            }
            filter {
                input by_dest_ip;}}}

    root# show vlans
    vl100 {
        vlan-id 100;
        l3-interface irb.100;
    }
    root# show interfaces irb
    unit 100 {
        family inet {
            address 4.0.0.1/24;}}

    IP 4.0.0.10 sits behind switch and ping works id from stranza is deactivated.

    If I remove destination address and set from ip-protocol icmp ping doesnot work too.

    Can I classify traffic on edge port somehow by port proto and destination IP? 



  • 2.  RE: CoS MF classifier on ethernet-switching

    Posted 09-22-2023 10:56

    Hi,

    Yes, you can classify the traffic on the edge port by source/destination IP/port, DSCP values, etc.

    The problem is that there is no term 2 in the firewall-filter, so all the L2 traffic (ARP, broadcast,etc.) are dropped by default. Can you please add "term 2 then accept" in the filter?

    Regards

    Sheetanshu



    ------------------------------
    Sheetanshu Shekhar
    ------------------------------