Creating a decent RE protection filter on a Juniper ACX5048 ACX5096

tl;dr We got our hands on a Juniper ACX5048. We were testing it as an access router for our new network and immideatly ran into trouble with. It turns out you cannot apply an input filter on lo0 interfaces. Witch is a huge problem for hardening the device it self with an RE (routing engine) protection filter. And there are some other issues you need to be aware of when deploying this router with multiple routing-instances. In this article I will go into getting around limitations of the ACX50xx in regard to RE protection.
Continue reading “Creating a decent RE protection filter on a Juniper ACX5048 ACX5096”