You might want "payload-protocol" for IPv6, except where you really want
"next-header". This is a case where there's not a definite single functional
mapping from IPv4 to IPv6.
________________________________________________________________________
Jay Ford, Network Engineering Group, Information Technology Services
University of Iowa, Iowa City, IA 52242
email: jay-f...@uiowa.edu, phone: 319-335-5555
On Wed, 11 Jul 2018, Olivier Benghozi wrote:
One thing to think about, in IPv6:
On MX, one can use "match protocol" (with Trio / MPC cards).
But it's not supported on lo0 filters, where you were / probably still are restricted to
"match next-header", in order to have a filter working as expected.
Le 11 juil. 2018 à 20:17, Drew Weaver <drew.wea...@thenap.com> a écrit :
Is there a list of best practices or 'things to think about' when constructing
a firewall filter for a loopback on an MX series router running version 15 of
Junos?
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
