PrepAway - Latest Free Exam Questions & Answers

Which two statements about Junos software packet handling are correct?

Which two statements about Junos software packet handling are correct? (Choose two.)

PrepAway - Latest Free Exam Questions & Answers

A.
The Junos OS applies service ALGs only for the first packet of a flow.

B.
The Junos OS uses fast-path processing only for the first packet of a flow.

C.
The Junos OS performs policy lookup only for the first packet of a flow.

D.
The Junos OS applies SCREEN options for both first and consecutive packets of a flow.

One Comment on “Which two statements about Junos software packet handling are correct?

  1. ketan2809 says:

    The first packet of a flow is subject to first-packet-path processing. The software takes the following steps during
    first-packet-path processing:
    1. Based on the protocol used and its session layer (TCP or UDP), the software starts a session timer. For TCP sessions, the default timeout is 30 minutes. For UDP sessions, the default timeout is 1 minute. These values are the defaults, and you can change them.
    2. The software applies firewall SCREEN options.
    3. If destination NAT is used, the software performs address allocation.
    4. Next, the software performs the route lookup. If a route exists for the destination prefix, the software takes the next step. Otherwise, it drops the packet.
    5. The software determines the packet’s incoming zone by the interface through which it arrives. The software also determines the packet’s outgoing zone by the forwarding lookup.
    6. Based on incoming and outgoing zones, the corresponding security policy is determined and a security policy lookup takes place. The software checks the packet against defined policies to determine how to treat the packet.
    7. If source NAT is used, the software performs address allocation.
    8. The software sets up the ALG service vector.
    9. The software creates and installs the session. Furthermore, the software caches the decisions made for the first packet into a flow table, which subsequent packets of that flow use.
    10. The packet now enters the fast-path processing.

    Subsequent packets of a flow are all subject to fast-path processing. The software takes the following steps during fast-path processing:
    1. The software applies firewall SCREEN options.
    2. The software performs TCP checks.
    3. The software applies NAT.
    4. The software applies an ALG.
    5. The software applies packet forwarding features, which include the following:
    a. Stateless packet filters;
    b. Traffic shaping by packet; and
    c. Packet encapsulation and transmission.




    0



    0

Leave a Reply