SRX packet modeJunOS can have two modes which are Flow and Packet mode in the following devices;

J-series services routers (I think after 9.3 version). This is also called junos enhanced services (junos-es)

SRX security devices

In default configuration SRX devices work in flow mode by which security policies are in place and unless otherwise allowed, packets are dropped i.e it works as a firewall device. What if you want to configure SRX as a router only device for this you should change from flow mode to packet mode as below.

123456

root@srx# show security forwarding-optionsfamily {    mpls {        mode packet-based;    }}

or as SET command

1 #set security forwarding-options family mpls mode packet-based

For this config to commit properly, you must deactive/remove security policies otherwise you will receive the following warning;

1 root@host# show

root@srx# show security forwfamily { mpls { mode packet-based;

#set security forw arding-option

root@host# show#### Warning: MPLS mode packet##

234567

#### Warning: MPLS mode packet-based not allowed when [security policies] are configured.##mpls {  mode packet-based;}

Commit the config and reboot the device as this is required

12

#commit>request system reboot

To check the flow mode after the reboot;

12345678910111213

root@srx> show security flow status  Flow forwarding mode:    Inet forwarding mode: packet based  <<<<<<--Now we are working as a router    Inet6 forwarding mode: drop    MPLS forwarding mode: packet based    ISO forwarding mode: drop  Flow trace status    Flow tracing status: off  Flow session distribution    Distribution mode: RR-based  Flow ipsec performance acceleration: off  Flow packet ordering    Ordering mode: Hardware

#commit>request system reboot

root@srx> show security f low Flow forw arding mode: Inet forw arding mode: packet Inet6 forw arding mode: drop