[j-nsp] IPv6 firewall question
Harry Reynolds
harry at juniper.net
Mon Jul 2 14:48:53 EDT 2012
Try hop-limit
set firewall family inet6 filter test term 1 from hop-limit
-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Alex D.
Sent: Monday, July 02, 2012 11:47 AM
To: Juniper-Nsp
Subject: [j-nsp] IPv6 firewall question
Hi guys,
i have a running IPv4 firewall filter for limiting tcp-traceroute. All works as desired:
term accept-traceroute-tcp {
from {
destination-prefix-list {
router-v4-addr;
}
protocol tcp;
ttl 1;
}
then {
policer management-1m;
count accept-traceroute-tcp;
accept;
}
}
Now i want to build the same filter for IPv6, but the statement "ttl" is not suported within family inet6 Does anybody knows the equivalent for IPv6.
Thanks in advance...
Regards,
Alex
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list