Thanks! I thought that must be the case, but I was told by two other Juniper engineers that it shouldn't be working because there was no explicit accept. That didn't seem to make sense because the term is clearly working. I wanted to check here to make sure I understood. I appreciate the help!
John On Sun, Jul 22, 2012 at 12:12 PM, Doug Hanks <dha...@juniper.net> wrote: > Action modifiers such as count, loss-priority, and forwarding-class > implicitly imply a terminating action of accept. > > Thank you, > > -- > Doug Hanks - JNCIE-ENT #213, JNCIE-SP #875 > Solutions Architect EABU > Juniper Networks > > > On 7/22/12 10:34 AM, "John Neiberger" <jneiber...@gmail.com> wrote: > >>Forgive my Juniper noobiness once again. We have the following term in >>a ingress firewall filter for marking: >> >>term netmgmt { >> then { >> count fec-cs2; >> loss-priority high; >> forwarding-class MNGMT; >> >>It seems to be working, but I don't know why. If there is no "accept", >>shouldn't it be dropping the traffic? I know the default action is >>accept, but once we use a "then" statement, don't we have to specify >>the accept/reject/discard action? I'm wondering if the >>"forwarding-class" statement has an implied accept or something like >>that. I really have no idea. >> >>Thanks, >>John >>_______________________________________________ >>juniper-nsp mailing list juniper-nsp@puck.nether.net >>https://puck.nether.net/mailman/listinfo/juniper-nsp > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp