I'm wondering if anyone on list has tried this or gotten decent caveat information on this feature. I intend to lab it but haven't gotten around to it yet.
http://www.juniper.net/documentation/en_US/junos14.2/topics/concept/firewall-filter-flexible-match-conditions-overview.html Some things I wanted to explore; * Matching ethernet dst addr bit 8 to count/police ethernet multicast * Poor man's DNS reflection firewall (counting/policing DNS ANY attempts, aka fkfkfkfz.guru lookups) -Michael _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp