ROUTING POLICIES and FIREWALL FILTERS
ROUTING POLICIES
Explain
A routing policy enables you to control (filter) which routes a routing protocol imports into the routing table and which routes a routing protocol exports from the routing table. A routing policy also enables you to set the information associated with a route as it is being imported into or exported from the routing table. Filtering imported routes enables you to control the routes used to determine active routes. Filtering routes being exported from the routing table enables you to control the routes that a protocol advertises to its neighbors.
2 Explain
Routing policies allow you to control the routing information between the routing protocols and the routing tables and between the routing tables and the forwarding table. All routing protocols use the Junos OS routing tables to store the routes that they learn and to determine which routes they should advertise in their protocol packets. Routing policies also allow you to control which routes the routing protocols store in and retrieve from the routing table.
IMPORT - EXPORT ROUTES
*IMPORT ROUTES
When a router comes in from the Junos routing engine and is put into the routing table
It is Import route
*EXPORT ROUTES
When the Junos routing engine take an active route from the routing table and sends a protocol advertisement
It is an export route
*Define the policy or filtering conditions in one part of the configuration ([edit policy-options]
FIREWALL FILTERS
Firewall filter policies allow you to control packets transiting the router to a network destination and packets destined for and sent by the router. They provide a means of protecting your router from excessive traffic transiting the router to a network destination or destined for the Routing Engine. Firewall filters that control local packets can also protect your router from external incidents such as denial-of-service attacks.
[edit firewall] for firewall filters).
POLICY ELEMENTS
ROUTING POLICY TERMS | FIREWALL FILTER TERMS |
Terms : Unlimited
| Unlimited terms – 1 or pluss
|
Evaluated in order of configuration
| Evaluted in order of conf
|
Can name terms
| Can name terms
|
Criteria by which the policy is evaluated
| Criteria by which the policy is evaluated
|
Subsequent terms are not evaluated
| Subsequent terms are not evaluated for the same filter
|
ACTIONS: *Accepted route and rejected route | Actions Next term Next policy Trace options |
|
|
Firewall filters and routing policies are diffirent from each other.
DEFAULT PROTOCOL POLICY
BGP : ACCEPTS AND Exports active BGP route and routing table inet6.0
MPLS: Accept and export active MPLS routes and routing table inet.3
OSPF :Default Export: Rejects everything and routing table inet.0
RIP : Default Export: Reject everything and routing table inet.0
Example for FIREWALL FILTERS
#Set firewall family inet filter ICMP-filter term A from source-address 10.200.12.2
#Set family inet filter ICMP-filter term A from protocol icmp
then
Set interfaces ge-0/0/1 unit family inet filter input AliVelixxx (count name)
TEST: try to ping
Firewall Filters
1.TERM 
match:action
(no match)
2.TERM 
match:action
(no match)
3.TERM 
match:action
match:action
no match
Default term (Discard)
Note: Do you need the Juniper CLI guide course or ebook ?
Discount code: 9FR64FRKKJJWS For Ebook on GOOGLE PLAY
Discount Link For video courses go to UDEMY