Re: [j-nsp] juniper-nsp Digest, Vol 101, Issue 46

Kari Asheim Thu, 28 Apr 2011 09:34:11 -0700

On Wed, Apr 27, 2011 at 10:21:31PM +0200, martin papik wrote:
> Hi,
> can I block (drop) router advertisemet (RA) only on specific ports in
> EX2400 (EX2200) configuration.


ka@ex4200# show firewall family ethernet-switching filter CUSTOMER-INGRESS
term RA-DENY {
    from {
        icmp-type router-advertisement;
    }
    then discard;
}
term ACCEPT-DEFAULT {
    then accept;
}


ka@ex4200# show interfaces ge-0/0/3                                             
         
unit 0 {
    family ethernet-switching {
        filter {
            input CUSTOMER-INGRESS;
        }
    }
}

Available match conditions:

http://www.juniper.net/techpubs/en_US/junos/topics/reference/requirements/firewall-filter-ex-series-match-conditions.html#ipv6_match_tab


Supported plattforms (3200/4200/8200 now):

http://www.juniper.net/techpubs/en_US/junos/topics/concept/ex-series-software-features-overview.html#routing-policy-packet-filtering-features-by-platform-table


Kari
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] juniper-nsp Digest, Vol 101, Issue 46

Reply via email to