 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
Configure a filter (rpf-dhcp) that accepts DHCP packets with a source address of 0.0.0.0 and a destination address of 255.255.255.255:
- [edit firewall family inet]
- filter rpf-dhcp {
-
- term dhcp {
-
- from {
-
- source-address {
- 0.0.0.0/32;
- }
-
- destination-address {
- 255.255.255.255/32;
- }
- }
-
- then {
- accept;
- }
- }
- }
To apply this filter to an interface, include the rpf-check fail-filter statement at the [edit interface interface-name unit logical-unit-number family family-name] hierarchy level:
- [edit interface interface-name unit logical-unit-number family inet]
- rpf-check fail-filter rpf-dhcp;
| Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |