It is more complicated than this. I have a bunch of subscribers (each sub on
a different VLAN) and I need to protect CPU per subscriber, per mac address
and such...also for protocols such as LACP, ANCP, DHCP...
One rule fits all is not the best approach here.
Thanks,
Marlon
On Fri, Feb 13, 2009
Marlon,
It wasn't explicitly stated below so just to clarify.
A firewall filter applied to the lo0.0 interface is applied to all
control plane traffic handled by the RE no matter what the
destination address on the router is (i.e it also applied to the ip
address assigned to the interfaces
On Mon, Feb 16, 2009 at 5:01 PM, Amos Rosenboim a...@oasis-tech.net wrote:
As far as I remember firewall-filters can also combine policers within them
(not sure about this), so if I understand your requirement correctly, a
firewall filter on lo0.0 will achieve your goal.
Yes absolutely, you
Hi - does anyone know if it is possible on Junos to install a policers on
logical interfaces to prevent DoS attacks so that control plane as a whole
is identified in a filter rule?
Right now I see a default ARP policer is installed on every interface.
I want to customize this so that all traffic
On Fri, Feb 13, 2009 at 8:49 PM, Marlon Duksa mdu...@gmail.com wrote:
Hi - does anyone know if it is possible on Junos to install a policers on
logical interfaces to prevent DoS attacks so that control plane as a whole
is identified in a filter rule?
Right now I see a default ARP policer is
5 matches
Mail list logo
