I have implemented an MTU filter at value 1522 . As such.
firewall {
filter 1522mtu {
term 1 {
from {
packet-length 1522-1522;
}
then {
count 1522mtu_DROP;
discard;
}
}
term 2 {
then accept;
}
}
}
My questions are these...
1. Will adding a third term help me in terms of round trip improvement? I want to make the filter more redundant but I realize that adding another term will divide the filter even more. In three parts.
The reason I want to do this is because of anomalous behavior at value 1522.
2. I have set a range in my code block, but if I set a single value will that change behavior closer to the needed behavior?
firewall {
filter 1522mtu {
term 1 {
from {
packet-length 1522-1522;
}
then {
count 1522mtu_DROP;
discard;
}
}
term 2 {
then accept;
}
}
}
My questions are these...
1. Will adding a third term help me in terms of round trip improvement? I want to make the filter more redundant but I realize that adding another term will divide the filter even more. In three parts.
The reason I want to do this is because of anomalous behavior at value 1522.
2. I have set a range in my code block, but if I set a single value will that change behavior closer to the needed behavior?