Chapter 9: layer 2 firewall filters, Chapter 9, Layer 2 firewall filters – Juniper Networks JUNOS OS 10.4 User Manual
Page 121
CHAPTER 9
Layer 2 Firewall Filters
This chapter discusses the following topics:
•
Firewall Filters for Bridge Domains and VPLS Instances on page 101
•
Example: Configuring Policing and Marking of Traffic Entering a VPLS Core on page 102
•
Example: Configuring Filtering of Frames by MAC Address on page 104
•
Example: Configuring Filtering of Frames by IEEE 802.1p Bits on page 106
•
Example: Configuring Filtering of Frames by Packet Loss Priority on page 107
Firewall Filters for Bridge Domains and VPLS Instances
Juniper Networks MX Series 3D Universal Edge Routers support firewall filters for the
bridge
and
vpls
protocol families. You configure these firewall filters to control traffic
within bridge domains and VPLS instances. This chapter explores some of the ways that
filters can be used in a Layer 2 environment to control traffic.
MX Series router firewall filters can be applied to:
•
Input interfaces
•
Output interfaces
•
Input to the Layer 2 forwarding table
NOTE:
Broadcast, unicast unknown, and multicast (BUM) traffic is not
affected by input and output policies. BUM traffic can only be filtered by
forwarding table policies.
You use a firewall filter after taking the following two steps:
1.
You configure any policers and the firewall filter at the
[edit firewall]
hierarchy level.
2.
You apply the properly configured firewall filter to an interface.
101
Copyright © 2013, Juniper Networks, Inc.