A routing change occurs on an SRX Series device that involves choosing a new egress interface.
In this scenario, which statement is true for all affected current sessions?
A routing change occurs on an SRX Series device that involves choosing a new egress interface.
In this scenario, which statement is true for all affected current sessions?
When a routing change occurs on an SRX Series device, whether the current sessions are torn down depends on the specific configuration settings. If the 'policy-rematch' option has been enabled, the current sessions are evaluated against the new policies, and this can result in tearing down the sessions if they no longer comply. Thus, the statement that the current sessions are torn down only if the 'policy-rematch' option has been enabled is true for all affected current sessions.
Both of you are wrong, if there is routing change with new egress interface the session is always torn down. And what is that policy change? You can change the address, or application and the session won't change if policy-rematch is not enabled, if you change the action all sessions continue as well, only if you delete the policy it will torn down the session.
Brumik might be correct B https://forums.juniper.net/t5/ScreenOS-Firewalls-NOT-SRX/Affect-of-Route-change-on-Session/m-p/27810#M11385
Option C is incorrect because SRX Series devices do not automatically tear down all existing sessions upon a routing change. The behavior of current sessions in response to routing changes is more nuanced and can depend on specific configurations, such as the "policy-rematch" feature.
C is correct, based on the voucher assessment at least
B is the right answer, it says "routing change" not policy change