[j-nsp] Juniper annoyance... Migration from MX104 to MX960 - inet6 lo0 firewall issue
Alain Hebert
ahebert at pubnix.net
Mon Jul 9 16:11:48 EDT 2018
Y'all can safely ignore that.
Someone punched in a lo0.1 without inet6 input-filter and it was
bypassing it through a routing-instance which was unused.
PS: Diogo, yeah did all that nice stuff while scratching my head
for an hour until I noticed someone had fat fingers. Thx for the follow up.
-----
Alain Hebert ahebert at pubnix.net
PubNIX Inc.
50 boul. St-Charles
P.O. Box 26770 Beaconsfield, Quebec H9W 6G7
Tel: 514-990-5911 http://www.pubnix.net Fax: 514-990-9443
On 07/09/18 15:58, Alain Hebert wrote:
> Pretty basic box (beside boost in capacity and REs).
>
> MX104 - Junos: 16.1R4-S1.3
>
> MX960 - Junos: 16.1R7.7
>
> And yet the same "firewall family inet6" "lo0.0 family inet6
> filter-list [ ... ]" from the MX104 refuse to work on the MX960...
>
> I have yet to find the hidden knot from Juniper about the MX960
> and RE protect firewalling for inet6.
>
> PS: Works without issue for IPv4.
>
>
> Any hints?
>
>
More information about the juniper-nsp
mailing list