The Firewall Filter (equivalent to Access List or ACL) implementation on MX and PTX is truly unique and can’t be matched by any TCAM-based solution, compressed or not.
In this video, David Roy (PTME for Juniper HPE. Networking) will detail:
————————————————————————————
0:00 • Intro
1:13 • Let’s start with the basics
3:08 • Firewall filters challenges
4:17 • FLT Fast Lookup Table (Juniper Secret Sauce)
5:19 • Firewall Filters history
6:14 • FLT on Express ASICs
7:29 • Trio: Default DMEM Filters
8:38 • Trio: 5-tuple Fulters
9:18 • Trio: Filters Acceleration with FLT Block
11:03 • Comparing PTX and MX Filter Configuration
11:38 • FLT Implementation on Trio PFE
13:23 • Real Life Example, FLT vs TCAM-based implementation
15:55 • Let’s Wrap this Up
————————————————————————————
Details on the PTX implementation: https://community.juniper.net/blogs/dmitry-bugrimenko/2022/06/30/express-4-filters-foundation
