Feature Explorer AI 
×
You can configure egress filters with Layer 2 and Layer 3 match conditions in both VLAN and VXLAN deployments. Junos OS already supports filtering in Layer 2 match conditions in the ingress direction. To use egress filters for micro segmentation in a VXLAN, enable the epacl-firewall-optimization statement at the [edit chassis] level of the hierarchy and create the firewall rules with the match conditions that you want to filter on. For egress filtering on VLANs, you do not need to enable epaclfirewall-optimization. Both the devices support egress filtering, for VLANs and VXLANs, with the following match conditions:
Valid actions for these rules are accept, count, and discard.
| Product / Application | Software | Introduced Release |
|---|---|---|
| EX4100 | Junos OS | 25.4R1 |
| EX4100-F | Junos OS | 25.4R1 |
| EX4100 Multigigabit | Junos OS | 25.4R1 |
| EX4400 | Junos OS | 25.4R1 |
| EX4400 Multigigabit | Junos OS | 25.4R1 |
| EX4400-24X | Junos OS | 25.4R1 |
| EX4650-48Y | Junos OS | 25.4R1 |
| EX4650-48Y | Junos OS | 21.1R1 |
| QFX5110 | Junos OS | 21.1R1 |
| QFX5120-48Y | Junos OS | 25.4R1 |
| QFX5120-48Y | Junos OS | 21.1R1 |
| QFX5120-32C | Junos OS | 25.4R1 |
| QFX5120-32C | Junos OS | 21.1R1 |
| QFX5120-48T | Junos OS | 25.4R1 |
| QFX5120-48T | Junos OS | 21.1R1 |
| QFX5120-48YM | Junos OS | 21.1R1 |