https://kb.juniper.net/InfoCenter/index?page=content&id=KB28893&actp=RSS
https://puck.nether.net/pipermail/juniper-nsp/2016-April/032346.html
- Aaron
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/jun
Had already been answered in the thread:
"The script is building only /32 "local" prefixes.
Your suggestion is building "direct" prefixes and when matching at the
FTF, you can achieve "undesired" results."
Best Regards,
Krasi
On 22 March 2017 at 20:00, Eduardo Schoedler wrote:
> have you trie
You probably don't want to protect customer LANs same way as you want
to protect your control-plane.
On 22 March 2017 at 20:12, Eduardo Schoedler wrote:
> Better example:
>
> {master}[edit]
> jnpr@R1-RE0# *show policy-options prefix-list router-ipv4*
> apply-path "interfaces <*> unit <*> family i
Better example:
{master}[edit]
jnpr@R1-RE0# *show policy-options prefix-list router-ipv4*
apply-path "interfaces <*> unit <*> family inet address <*>";
{master}[edit]
jnpr@R1-RE0# *show policy-options prefix-list router-ipv4 | display inheritance*
##
## apply-path was expanded to:
## 192.168.
have you tried to do a prefix-list like this?
{master}[edit]
regress@R1-RE0# *show policy-options | no-more*
prefix-list router-ipv4 {
apply-path "interfaces <*> unit <*> family inet address <*>";
}
--
Eduardo Schoedler
Em seg, 20 de mar de 2017 às 06:24, Johan Borch
escreveu:
> Hi
>
>
On Mon, Mar 20, 2017 at 10:19:35AM +0100, Johan Borch wrote:
> Do anyone have a control plane filter for ACX they can share? :) they don't
> seem to support using standard loopback filters.
See this thread:
https://puck.nether.net/pipermail/juniper-nsp/2016-April/032422.html
and specifically thi
Here's how I block telnet and ssh I have to add a firewall
destination-address entry for each local route that I do not want accessible
for telnet and ssh...and then apply it to the forwarding plane of the
routing-instance that these addresses belong to.
set firewall family inet filter protec
Hi
Do anyone have a control plane filter for ACX they can share? :) they don't
seem to support using standard loopback filters.
Johan
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
8 matches
Mail list logo