[j-nsp] Firewall Filters and BFD
Daniel Verlouw
daniel at bit.nl
Thu Jun 10 11:19:03 EDT 2010
On Jun 10, 2010, at 4:59 PM, Thomas Eichhorn wrote:
> Has somebody here an idea what to allow or maybe even
> a working configuration for this?
this works for us (for both singlehop and multihop paths):
term allow-bfd-control {
from {
source-prefix-list {
<insert prefix list(s) with allowed BFD neighbors>
}
protocol udp;
source-port 49152-65535;
destination-port [ 3784 4784 ];
}
then accept;
}
[... other lo0 terms ....]
--Daniel
More information about the juniper-nsp
mailing list