[j-nsp] juniper-nsp Digest, Vol 101, Issue 46
Kari Asheim
ka at mork.no
Thu Apr 28 10:24:39 EDT 2011
On Wed, Apr 27, 2011 at 10:21:31PM +0200, martin papik wrote:
> Hi,
> can I block (drop) router advertisemet (RA) only on specific ports in
> EX2400 (EX2200) configuration.
ka at ex4200# show firewall family ethernet-switching filter CUSTOMER-INGRESS
term RA-DENY {
from {
icmp-type router-advertisement;
}
then discard;
}
term ACCEPT-DEFAULT {
then accept;
}
ka at ex4200# show interfaces ge-0/0/3
unit 0 {
family ethernet-switching {
filter {
input CUSTOMER-INGRESS;
}
}
}
Available match conditions:
http://www.juniper.net/techpubs/en_US/junos/topics/reference/requirements/firewall-filter-ex-series-match-conditions.html#ipv6_match_tab
Supported plattforms (3200/4200/8200 now):
http://www.juniper.net/techpubs/en_US/junos/topics/concept/ex-series-software-features-overview.html#routing-policy-packet-filtering-features-by-platform-table
Kari
More information about the juniper-nsp
mailing list