Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

egress-l2-extended-match

Syntax

Hierarchy Level

Description

Set this configuration to support TCP-flags, dscp, ip-version, source-port, destination-port, ip-source-address, ip-destination-address, source-prefix-list, destination-prefix-list, and icmp-type matches for egress port firewall filters and egress VLAN firewall filters.

Note:

The configuration is applicable for EX4400, EX4100, QFX5120-48Y, EX4650-48Y, QFX5120-32C, QFX5120-48T, and QFX5120-48YM platforms.

This knob will restart PFE for standalone box. For Virtual Chassis, it requires manual reboot to take effect.

If the knob is not configured, then commit error is issued if these matches are present in the firewall filter configuration.

Required Privilege Level

firewall—To view this statement in the configuration.

firewall-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos Release 23.4.