[Contents] [Prev] [Next] [Index] [Report an Error]

Configuring Protocol Conditions

The procedure in this sections shows how to configure general protocol conditions.

Use the following configuration statements to add general protocol conditions to a classify-traffic condition:

policies group name list name rule name traffic-condition name protocol-condition {
protocol protocol ;
protocol-operation protocol-operation ;
ip-flags ip-flags ;
ip-flags-mask ip-flags-mask ;
fragment-offset fragment-offset ;
packet-length packet-length ;
}

To add general protocol conditions to a classify-traffic condition:

  1. From configuration mode, enter the general protocol condition configuration. For example:
  2. Configure the protocol matched by this classify-traffic condition.
  3. Configure the policy to match packets with the protocol that is either equal or not equal to the specified protocol.
  4. (Optional) Configure the value of the IP flags field in the IP header.
  5. (Optional) Configure the mask that is associated with the IP flag.
  6. (Optional) Configure the value of the fragment offset field.
  7. (Optional) Configure the packet length on which to match. The length refers only to the IP packet, including the packet header, and does not include any layer 2 encapsulation overhead.
  8. (Optional) Verify your protocol condition configuration. 
    [edit policies group dhcp list in rule forward-dhcp traffic-condition client-dhcp protocol-condition]
user@host# show 
protocol 0;
protocol-operation 1;
ip-flags 0;
ip-flags-mask 0;
fragment-offset any;
    

    9. 



Related Topics




[Contents]
[Prev]
[Next]

[Index]

[Report an Error]










Copyright © 2008, Juniper Networks, Inc.
All Rights Reserved.
	Trademark Notice.