Related
Documentation
Defining Policy Rules for Forwarding
Copyright © 2010, Juniper Networks, Inc.
An exception rule in the input policy only takes effect if neither the input policy nor the
secondary policy drops the packet. Packets dropped by input or secondary policies are
not exceptioned to the SRP module. HTTP redirect is the only application that is available
as a destination of the exception rule.
Because classifier groups can contain multiple actions, the following list describes how
each rule interacts with the exception rule:
color—Packets are colored and the exception rule is applied.
filter—Packets are filtered and the exception rule is not applied. When the filter rule is
present, other rules are not applied.
forward—Forward rule is ignored and the exception rule is applied to packets.
log—Packets are logged and the exception rule is applied.
mark—Packets are marked and the exception rule is applied.
next-hop—Next-hop rule is ignored and the exception rule is applied to packets.
next-interface—Next-interface rule is ignored and the exception rule is applied to
packets.
rate-limit-profile—Rate limit is applied and the exception rule is applied to packets.
traffic-class—Traffic class is set and the exception rule is applied to packets.
user-packet-class—User packet class is set and the exception rule is applied to packets.
exception—Exception rule is applied to packets.
exception http-redirect
Classifier Groups and Policy Rules Overview on page 27
The forward next-hop command defines a rule that creates the forwarding solution for
packets matching the current CLACL.The forward command can be used while the policy
list is referenced by interfaces. The suspend version suspends the forward rule within
the classifier group.
For IP policy lists only:
Chapter 4: Creating Classifier Groups and Policy Rules
33