木头虫在家

  • 系统
  • 网络
  • 技术
  • 安全
  • 运维
  • 应用
木头虫在家
蜘蛛网
  1. 首页
  2. 网络
  3. 正文

Juniper SRX防火墙 IPV6 配置

2022年2月23日 954点热度 1人点赞 0条评论

IPv6 Forwarding

First of all we enable IPv6 forwarding. Once this is added you will need to reboot the device.

set security forwarding-options family inet6 mode flow-based

You can confirm that IPv6 forwarding is enabled once the device has rebooted by running,

root@240> show security flow status 
  Flow forwarding mode:
    Inet forwarding mode: flow based
    Inet6 forwarding mode: flow based
    MPLS forwarding mode: drop
    ISO forwarding mode: drop
    Flow trace status
    Flow tracing status: off

 

Interface Addressing

Next we configure the interface with an IPv6 address. In this example we configure both a global and link-local based IPv6 address.

set interfaces reth0 unit 0 family inet6 address 2a00:1b30:2401:d4::1/64
set interfaces reth0 unit 0 family inet6 address fe80::d41/64
set interfaces reth1 unit 0 family inet6 address 2a00:1b30:2401:d5::1/64
set interfaces reth1 unit 0 family inet6 address fe80::d51/64

NOTE In a typical scenario you would not configure a link-local (fe80::) and just leave the system to generate a link-local address using EUI64. This was only added to this example as a matter of completeness.

Routing

We then set our default gateway. You can use either a link-local or global address. If you use a link-local address you (as shown below) will need to specify the interface.

set routing-options rib inet6.0 static route ::/0 qualified-next-hop fe80::140 interface reth0.0

 

Caveats

The main caveat you may find is around packet captures. Support for packet capturing on an reth based interface was only added to X45-D30 and X46-D25 within the 12.1 code train.

 

https://www.fir3net.com/firewalls/juniper/ipv6-configuration-on-a-juniper-srx.html

Views: 178
标签: IPV6 juniper 防火墙
最后更新:2022年2月23日

admin

这个人很懒,什么都没留下

点赞
< 上一篇
下一篇 >
分类
  • 值的推
  • 域名主机
  • 安全
  • 应用
  • 技术
  • 未分类
  • 系统
  • 网络
  • 运维
最新 热点 随机
最新 热点 随机
ucloud香港云主机 Windows 11访问局域网共享文件时出现报错 “出现了扩展错误”解决办法 4s店修理工秘密,车开到报废,这几种东西不必换 联想K4e-ITL重装WIN系统蓝屏解决方案 上学出路在哪里 windows远程桌面中如何发送CTRL+ALT+DEL命令 linux查看远程文件保存到本地,复制一个文件到新文件未尾命令 电脑分区盘符不见了怎么找回 Windows系统通过命令行工具启用禁用网卡 攻防演练之企业网络安全体系建设历程
ucloud香港云主机
centos统计服务器当前IP连接数 win10电脑 你不能访问此共享文件夹,因为你组织的安全策略阻止未经身份验证的来宾访问。 freebsd系统开户ssh远程服务 服务器 {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} 没有在要求的超时时间内向 DCOM 注册。 iredmail服务器debian10系统服务器不能被ping改成允许ping freebsd系统使用certbot命令和定时任务(crontab)自动更新 let’s encrypt证书 namesilo 2019年1美元域名注册续费转移最新优惠码 联想K4e-ITL重装WIN系统蓝屏解决方案 Junos的Commit 定时提交命令 vsphere 出现“在主机的当前连接状况下不允许执行该操作”

COPYRIGHT © 2025 blog.qmun.com. ALL RIGHTS RESERVED.

Theme Kratos Made By Seaton Jiang

浙ICP备11036795号