Example: Configuring Filtering Of Frames By Ieee 802.1P Bits - Juniper JUNOS OS 10.4 Manual
3d universal edge routers solutions junos os
Hide thumbs
Also See for JUNOS OS 10.4:
- Supplementary manual (6804 pages) ,
- Manual (4268 pages) ,
- Configuration manual (290 pages)
Table of Contents
Advertisement
Related
Documentation
Example: Configuring Filtering of Frames by IEEE 802.1p Bits
Copyright © 2012, Juniper Networks, Inc.
family bridge {
filter evil-mac-address {
term one {
from {
source-mac-address 88:05:00:29:3c:de/48;
}
then {
count evil-mac-address; # Counts frame with the bad source MAC address
discard;
}
term two {
then accept; # Make sure to accept other traffic
}
}
}
}
Apply
evil-mac-address
2.
[edit routing-instances]
virtual-switch-R1-1 {
bridge-domains {
vlan100200 {
domain-type bridge;
forwarding-options {
filter {
input evil-mac-address;
}
}
}
}
}
Layer 2 Firewall Filters
Firewall Filters for Bridge Domains and VPLS Instances on page 95
Example: Configuring Policing and Marking of Traffic Entering a VPLS Core on page 96
Example: Configuring Filtering of Frames by IEEE 802.1p Bits on page 99
Example: Configuring Filtering of Frames by Packet Loss Priority on page 101
For the
and
protocol families only, MX Series router firewall filters can be
bridge
vpls
configured to provide matching on IEEE 802.1p priority bits in packets with VLAN tagging:
To configure a firewall filter term that includes matching on IEEE 802.1p learned VLAN
priority (in the outer VLAN tag), use the
learn-vlan-1p-priority-except
To configure a firewall filter term that includes matching on IEEE 802.1p user priority
(in the inner VLAN tag), use the
match condition.
as an input filter to
vlan100200
learn-vlan-1p-priority
match condition.
user-vlan-1p-priority
Chapter 9: Layer 2 Firewall Filters
on Router 1:
or
or
user-vlan-1p-priority-except
99
Advertisement
Table of Contents
