Hi all, I'm working on an ACX multiservice PE test plan and can't quite parse the difference between network control loopback filter for RE and the management filters. The EVO Overview says, "firewall filters applied to the loopback interface apply only to network control traffic. You must explicitly apply firewall filters to the management interface to filter management traffic," as a result of a shift to leveraging Linux Netfilters for RE destinted traffic.[1]
I suppose the root question is do I have to apply a management filter on my transit interfaces for in-band management traffic? Does ACX have a new (not fxp1) relationship between the RE and the external re0:mgmt-0/em0/fxp0 in the management interface in the ACX? Thoughts? Thanks, Jason [1] https://www.juniper.net/documentation/us/en/software/junos/overview-evo/overview-evo.pdf _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
