Junos OS

last person joined: 4 days ago 

Ask questions and share experiences about Junos OS.

  • 1.  Counters for IPv6 Firewall Filter Does Not Showing

    Posted 04-26-2020 21:46

    Hello,

     

    I have IPv6 firewall filter which contains multiple terms. Each term in the firewall has its own counter but when I show firewall, only counter in the first term appear. Any idea or suggestion that might help to solve this?

    > show configuration firewall family inet6 filter IPV6-TEST-IN  
term 1 {
    from {
        source-address {
            2002:1234:0:7::2/128;
        }
        destination-prefix-list {
            LOCAL-TRAFFIC;
        }
    }
    then {
        policer 50M;
        count IPV6-TEST-IN-LOCAL;
    }
}
term 2 {
    from {
        source-address {
            2002:1234:0:7::2/128;
        }
    }
    then {
        policer 15M;
        count IPV6-TEST-IN-GLOBAL;
    }
}
term DEFAULT {
    then accept;
}
    > show firewall filter IPV6-TEST-IN 

Filter: IPV6-TEST-IN                                           
Counters:
Name                                                Bytes              Packets
IPV6-TEST-IN-LOCAL                                      0                    0
Policers:
Name                                                Bytes              Packets
50M-5                                                   0                    0

     

    Appreciate for any input.

    Regards,



  • 2.  RE: Counters for IPv6 Firewall Filter Does Not Showing
    Best Answer

     
    Posted 04-26-2020 23:28

    Hi Seyma,

     

    This can happen in a case where term 1 and term 2 are configured the same. However, I see that you have a destination-prefix-list configured with LOCAL-TRAFFIC.

     

    Can you share the configuration related to the destination-prefix-list LOCAL-TRAFFIC you used in term 1. If it is configured to include the entire range of IPv6 IP's, then the terms are equivalent and this is expected.

     

    Hope this helps.

     

    Thanks and Regards,

    Pradeep Kumar M

     

    || If this solves your problem, please mark this post as "Accepted Solution" so we can help others too ||



  • 3.  RE: Counters for IPv6 Firewall Filter Does Not Showing

    Posted 04-27-2020 00:05

    Hello Pradeep,

     

    Appreciated for your reply. This provided me clue to check about that and finally found the mistake. The prefix-list LOCAL-TRAFFIC contains only IPv4 addresses which I copied from other router. I then removed it and put only IPv6 addresses solved the problem.

     

    Thank you very much,

     

     



  • 4.  RE: Counters for IPv6 Firewall Filter Does Not Showing

     
    Posted 04-27-2020 00:35

    Hi Seyma,

     

    Glad that helped.

     

    Thanks and Regards,

    Pradeep Kumar M



  • 5.  RE: Counters for IPv6 Firewall Filter Does Not Showing

    Posted 04-26-2020 23:30

    Hi Seyma, 

     

    Greetings, 

     

    I understand that it is not displaying the other counter, could you try the below and share if works:
    Try displaying the counter specifically : 

    > show firewall filter IPV6-TEST-IN counter IPV6-TEST-IN-GLOBAL

     

    Please mark "Accept as solution" if this answers your query. 

     

    Kudos are appreciated too! 

     

    Regards, 

    Sharat Ainapur