Exam JN0-363 topic 1 question 11 discussion

To configure filter-based forwarding, perform the following tasks: Create a match filter on the ingress device. To specify a match filter, include the filter filter-name statement at the [edit firewall] hierarchy level. A packet that passes through the filter is compared against a set of rules to classify it and to determine its membership in a set. Once classified, the packet is forwarded to a routing table specified in the accept action in the filter description language. The routing table then forwards the packet to the next hop that corresponds to the destination address entry in the table. Create routing instances that specify the routing table(s) to which a packet is forwarded, and the destination to which the packet is forwarded at the [edit routing-instances] hierarchy level.

The two correct statements when configuring filter-based forwarding (FBF) on a Junos device are: A. You must create a routing policy. C. You must create and apply a match filter. Here's why: A. You must create a routing policy: Filter-based forwarding relies on routing policies to define the criteria (the filter) for selecting a specific forwarding next hop or routing instance. The policy dictates what traffic will be treated specially. C. You must create and apply a match filter: The core of FBF is identifying specific traffic flows based on certain characteristics (source/destination IP address, port numbers, protocol, etc.). This identification is done using a firewall filter (which acts as the "match filter"). This filter defines the criteria that, when matched, will trigger the forwarding action defined in the routing policy. The filter must then be applied to an interface to inspect traffic.

However, technically you don't need an RI to do filter based forwarding as you can make the filter send to either an interface or an IP as its next hop...

Filter policy and routing instance should be the correct!

Filter-based forwarding (FBF), which is also called Policy Based Routing (PBR), provides a a simple but powerful way to route IP traffic to different interfaces on the basis of Layer-3 or Layer-4 parameters. FBF works by using match conditions in a firewall filter to select certain traffic and then direct it to a given routing instance that points to the desired next hop. To ensure the next hop is resolvable, interface routes from the main routing table are shared via RIB group with the routing table(s) specified in the routing instance(s). Match conditions can include the source or destination IP address, source or destination port, IP protocol, DSCP value, TCP flag, ICMP type, and packet length.

You must creat and apply a match filter you must creat a routing instance

FBF works by using match conditions in a firewall filter to select certain traffic and then direct it to a given routing instance that points to the desired next hop. To ensure the next hop is resolvable, interface routes from the main routing table are shared via RIB group with the routing table(s) specified in the routing instance(s).

FBF works by using match conditions in a firewall filter to select certain traffic and then direct it to a given routing instance that points to the desired next hop. To ensure the next hop is resolvable, interface routes from the main routing table are shared via RIB group with the routing table(s) specified in the routing instance(s).