1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. JUNOSE SOFTWARE FOR E SERIES 11.3.X - POLICY MANAGEMENT CONFIGURATION GUIDE...
  6. Configuration manual

Creating And Attaching A Policy With Ip Classifiers - Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - POLICY MANAGEMENT CONFIGURATION GUIDE 2010-10-04 Configuration Manual

Software for e series broadband services routers policy management configuration guide
Hide thumbs Also See for JUNOSE SOFTWARE FOR E SERIES 11.3.X - POLICY MANAGEMENT CONFIGURATION GUIDE 2010-10-04:
Table of Contents

Advertisement

JunosE 11.3.x Policy Management Configuration Guide

Creating and Attaching a Policy with IP Classifiers

160
Table 22: Size Limit of Combined IPv6 Classifiers (continued)
IPv6 Classifier Entry Combination
Source address route class
[ source port ] and
[ [ ICMPv6 type ] | [ ICMPv6 code ]
]
TC field
[ User packet class ] | [ traffic class
] | [ local ]
In this example, a policy with a combination of IP classifiers is created and attached. The
configuration conforms to the 128 bit limit.
Match all TCP SYN packets from 1.1.1.1 to any DA with port 2000.
1.
host1(config)#ip classifier-list tcpCLACL tcp host 1.1.1.1 any eq 2000 tcp-flags "SYN"
Match all IP packets with the don't fragment flag set to host 2.2.2.2.
2.
host1(config)#ip classifier-list ipCLACL ip any host 2.2.2.2 ip-flags "dont-fragment"
Match all ICMP echo packets.
3.
host1(config)#ip classifier-list icmpCLACL icmp any any 8 0
Match all frames with the color red.
4.
host1(config)#ip classifier-list colorCLACL color red ip any any
Create a policy list.
5.
host1(config)#ip policy-list ipPol
host1(config-policy-list)#classifier-group colorCLACL
host1(config-policy-list-classifier-group)#filter
host1(config-policy-list-classifier-group)#classifier-group tcpCLACL
host1(config-policy-list-classifier-group)#filter
host1(config-policy-list-classifier-group)#classifier-group icmpCLACL
host1(config-policy-list-classifier-group)#filter
host1(config-policy-list-classifier-group)#classifier-group ipCLACL
host1(config-policy-list-classifier-group)#filter
Apply the policy list to an interface.
6.
host1(config)#interface atm 5/0/0.1
host1(config-if)#ip policy input ipPol
Table 23 on page 161 lists the active classifiers in the policy named ipPol and the size
of each classifier.
Size
Limit
(Bits)
Rule
8
16
When you specify the source port classifier, 16
bits are added to the total classifier entry size.
If you also specify the ICMPv6 type and ICMPv6
code classifiers, no additional bits are added.
8
8
When you specify one or more of the user
packet class, traffic class, and local classifiers,
8 bits are added to the total classifier entry size.
Copyright © 2010, Juniper Networks, Inc.

Advertisement

Table of Contents
loading

Related Manuals for Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - POLICY MANAGEMENT CONFIGURATION GUIDE 2010-10-04

Related Content for Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - POLICY MANAGEMENT CONFIGURATION GUIDE 2010-10-04

This manual is also suitable for:

Junose 11.3

Table of Contents