This section focuses on a JUNOS configuration with ASP-based services that is migrated to JUNOS with JUNOS software with enhanced services, and therefore demonstrates much of the new configuration syntax for NAT and stateful-firewall services. The point of this exercise is to provide an example of the same set of services, in the same network context, along with the operational mode commands that are used to display and debug flow state.

Figure 11-6 shows the network topology for the services migration case study.

Figure 11-6. Services migration topology

As called out in the diagram, router PBR is the services-enabled router, and therefore the focus of the example. The particulars of this topology vary slightly from the example used in other chapters. These changes result from use of a different test bed with J-series routers that support JUNOS software with enhanced services. The primary change in the topology is the shift to J4350s that use GE interfaces. The link between Wheat and PBR no longer uses virtual LAN (VLAN) tagging, in order to accommodate a switch. Also, the routers are using their ge-0/0/0 interfaces for Out of Band (OoB) management purposes, providing Telnet, FTP, and other system services. The OoB network is not shown in Figure 11-6, but evidence of its presence can be noted in some of ...