Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

source-mac-address-list

 

Syntax

Hierarchy Level

Release Information

Statement introduced in Junos OS Release 15.1X53-D55.

Description

Configure a list of MAC addresses for an IPv6 Router Advertisement (RA) guard policy to validate the source MAC address of an incoming RA message against the MAC addresses in this list. RA guard protects against rogue RA messages generated either maliciously or unintentionally by unauthorized or improperly configured routers connecting to the network segment. An RA guard policy is used to validate incoming RA messages on the basis of whether they match the conditions defined in the policy.

You can use a list of MAC address for validating RA messages as part of either an accept policy or a discard policy. Before you can include a list in an RA policy, you much configure the list name at the [edit policy-options mac-list] hierarchy level. When RA guard is enabled by using an accept policy, any RA messages that match the conditions defined in the policy are forwarded, and RA messages that do not match the conditions are dropped. When RA guard is enabled by using a discard policy, any RA messages that match the conditions are dropped, and RA messages that do not match the conditions are forwarded.

Options

address-list-nameConfigure the RA guard policy to match the MAC source address of an incoming RA message to a MAC address contained in the list.

Required Privilege Level

interface—To view this statement in the configuration.

interface-control—To add this statement to the configuration.