[j-nsp] ACL for lo0 template/example comprehensive list of 'things to think about'?

Vincent Bernat bernat at luffy.cx
Wed Jul 11 15:31:16 EDT 2018


 ❦ 11 juillet 2018 18:17 GMT, Drew Weaver <drew.weaver at thenap.com> :

> Is there a list of best practices or 'things to think about' when
> constructing a firewall filter for a loopback on an MX series router
> running version 15 of Junos?
>
> I'm slowly piecing it together by just 'seeing what is broken next'
> and I have found some issue specific examples on Juniper.net thus far
> that tend to help with some of the issues but if anyone has ever seen
> a decent comprehensive guide that would be tremendously useful.
>
> If anyone has seen anything like this let me know, if not no worries
> will just keep fixing the things one by one =)

There is a "Day One: Securing the Routing Engine" [0] about that. It is
missing IPv6 which is present in the O'Reilly book about the MX.

[0]: http://www.hiphop-resistance.com/juniperdayone/Securing_RouteEngine2.pdf
-- 
Use the good features of a language; avoid the bad ones.
            - The Elements of Programming Style (Kernighan & Plauger)


More information about the juniper-nsp mailing list