[j-nsp] Firewall filter rule based on external reachability of server

Matthew Crocker via juniper-nsp Wed, 29 Mar 2023 12:19:17 -0700


Hello,


I have a filter setup :

term DDOS {
    from {
        destination-prefix-list {
            DDOS-Customers;
        }
    }
    then {
        count DDOS;
        next-ip 192.168.126.2/32;
    }
}

The 192.168.126.2 IP is the DDOS mitigation device.   Is there a way I can 
setup the router to ping the 192.168.126.2 address, set a ‘reachable variable’ 
and then use that variable in the filter.   So if the device goes down the 
filter term is bypassed and traffic flows to the customer bypassing the DDOS 
mitigation machine.



_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] Firewall filter rule based on external reachability of server

Reply via email to