You want to configure filter-based forwarding.
What are the three required configuration elements? (Choose three.)
A.
routing instance
B.
firewall filter
C.
policy statement
D.
prefix list
E.
RIB group
Explanation:
A rib-group is a way to have a routing protocol, in most cases, place information in multiple route tables. Within the JUNOS software configuration language, rib-groups must first be defined before they are applied.Each rib-group is named and told where to place and retrieve route information.
An example of a rib-group is:
routing-options {
rib-groups {
test {
import-rib [ inet.0 test.inet.0 ];
}}
The export-rib and import-rib statements tell the rib-group what to do with the route information. As these statements imply, some directionality is at work here.
To properly interpret the commands, place yourself in the position of the route table.
* The export-rib command tells the router which tables to take information from. For any individual rib-groups, only one table can be specified in the export-rib statement.
* Conversely, the import-rib command tells the router which tables to place information into. Unlink its counterpart, the import-rib statement can specify multiple route tables.Once defined, the rib-groups can then be associated with a particular routing protocol.
protocols {
isis {
rib-group test
interface all {Currently a rib-group called interface-rib is defined. Its only specification is to place information in both inet.0 and test.inet.0 via import rib statement. Here the rib-group is then applied to the interface-routes,
routing-options {
interface-routes {
rib-group inet interface-rib;
}rib-groups {
interface-rib {
import-rib [inet.0 test.inet.0]
}
}
}Configuring Filter-Based Forwarding
You can create a filter to classify packets to determine their forwarding path within a router. Use filter-based forwarding to redirect traffic for analysis.
Filter-based forwarding is supported for Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6).
Use filter-based forwarding for service provider selection when customers have Internet connectivity provided by different ISPs yet share a common access layer. When a shared media (such as a cable modem) is used, a mechanism on the common access layer looks at Layer2 or Layer3 addresses and distinguishes between customers. You can use filter-based forwarding when the common access layer is implemented using a combination of Layer2 switches and a single router.
With filter-based forwarding, all packets received on an interface are considered. Each packet passes through a filter that has match conditions. If the match conditions are met for a filter and you have created a routing instance, filter-based forwarding is applied to a packet. The packet is forwarded based on the next hop specified in the routing instance. For static routes, the next hop can be a specific LSP. For more information about configuring LSPs, see the JUNOS MPLS Applications Configuration Guide.
Note: Source-class usage filter matching and unicast reverse-path forwarding checks are not supported on an interface configured with filter-based forwarding (FBF).
To configure filter-based forwarding, perform the following tasks:
* Create a match filter on an ingress router. To specify a match filter, include the filter filter-name statement at the [edit firewall] hierarchy level. For more information about creating a match filter for packet forwarding, see the JUNOS Policy Framework Configuration Guide. A packet that passes through the filter is compared against a set of rules to classify it and to determine its membership in a set. Once classified, the packet is forwarded to a routing table specified in the accept action in the filter description language. The routing table then forwards the packet to the next hop that corresponds to the destination address entry in the table.
* Create routing instances that specify the routing table(s) to which a packet is forwarded, and the destination to which the packet is forwarded at the [edit routing-instances] or [edit logical-systems logical-system-name routing-instances] hierarchy levels. For example:[edit]
routing-instances {
routing-table-name1 {
instance-type forwarding;
routing-options {
static {
route 0.0.0.0/0 nexthop 10.0.0.1;
}
}
}
routing-table-name2 {
instance-type forwarding;
routing-options {
static {
route 0.0.0.0/0 nexthop 10.0.0.2;
}
}
}
}* Create a routing table group that adds interface routes to the forwarding routing instances used in filter-based forwarding (FBF), as well as to the default routing instance inet.0. This part of the configuration resolves the routes installed in the routing instances to directly connected next hops on that interface. Create the routing table group at the [editrouting-options] or [editlogical-systems logical-system-name routing-options] hierarchy levels.
For IPv4, the following configuration installs interface routes into the default routing instance inet.0, as well as two forwarding routing instancesrouting-table-name1.inet.0 and routing-table-name2.inet.0:
[edit]
routing-options {
interface-routes {
rib-group inet group-name;
}
rib-groups {
group-name {
import-rib [ inet.0 routing-table-name1.inet.0
routing-table-name2.inet.0 ];
}
}
}Note: Specify inet.0 as one of the routing instances that the interface routes are imported into. If the default instance inet.0 is not specified, interface routes are not imported into the default routing instance.