nanog mailing list archives

Re: QFX5k question

From: Denys Fedoryshchenko <nuclearcat () nuclearcat com>
Date: Sun, 24 Mar 2019 10:25:48 +0200

On 2019-03-24 00:32, Thomas Bellman wrote:

They do have limited feature set, though.  E.g, they only look at
the first 64 octets of each packet (and that includes L2 and L2.5
headers) when deciding what to do with a packet, and can't chase
the IPv6 header chain; thus, if there is an extension header before
the TCP/UDP header, they won't know what TCP/UDP ports are used,
or even if it is TCP, UDP or something else.  Dealing with packets
exiting tunnels (MPLS, VXLAN, et.c) is also limited.

Some declared features - do not work.

For example, IPIP termination through filters is claimed, but does notwork.

https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ipip-tunnel-services-filter-qfx-series.html

Perhaps "not implemented yet", possibly errata, nevertheless it is veryunpleasant when you buy equipment and this is a key necessary function.Therefore, if any more or less complex (uncommon) features are used, itis better to test them first.

Current thread:

QFX5k question Mehmet Akcin (Mar 23)
- Re: QFX5k question Paul S. (Mar 23)
  - Re: QFX5k question Mehmet Akcin (Mar 23)
    - Re: QFX5k question Niels Bakker (Mar 23)
    - Re: QFX5k question Sander Steffann (Mar 23)
- Re: QFX5k question Joseph Jenkins (Mar 23)
  - RE: QFX5k question Tony Wicks (Mar 23)
- Re: QFX5k question Grant Taylor via NANOG (Mar 23)
- Re: QFX5k question Thomas Bellman (Mar 23)
  - Re: QFX5k question Denys Fedoryshchenko (Mar 24)