[j-nsp] IPv6 traceroute filter
Alfred Schweder
alf at all.de
Wed Feb 22 09:08:10 EST 2012
Hello
Im trying to convert a IPv4 trace filterrole in a IPv6
variant, but I miss an equivalent check of "ttl 1" at IPv6.
alf at lab# show firewall family inet filter accept-traceroute
term accept-traceroute-udp {
from {
protocol udp;
ttl 1;
destination-port 33435-33450;
}
then {
policer traceroute-1m;
count accept-traceroute-udp;
accept;
}
}
There seems to be no test against the ttl or hop value.
Can somebody give me a hint ?
PS: Junos 10.4R8.5
Regards,
Alf
More information about the juniper-nsp
mailing list