Junos OS Services Interfaces Configuration Guide - Juniper Networks

More documents

Recommendations

Info

Junos 11.2 Services Interfaces Configuration Guide xii Network Address Translation Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 Types of Network Address Translation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 IPv4 to IPv4 Traditional NAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 Network Address Translation–Protocol Translation (NAT-PT) . . . . . . . . 50 Dynamic NAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 Static Destination NAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 Stateful NAT64 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 Twice NAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 IPv6 NAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 NAT-PT with DNS ALG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 Transition of IPv4 Traffic to IPv6 Addresses Using Dual-Stack Lite . . . . . 52 Softwire Services for IPv4-to-IPv6 Transition Overview . . . . . . . . . . . . . . . . . . . . 53 DS-Lite Softwires—IPv4 over IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 6rd Softwire Services—IPv6-over-IPv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 IPsec Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 IPsec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Security Associations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 IKE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Comparison of IPsec Services and ES Interface Configuration . . . . . . . . . . . . 56 Layer 2 Tunneling Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 Voice Services Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 Class of Service Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 Examples: Services Interfaces Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 Example: Service Interfaces Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 Example: VPN Routing and Forwarding (VRF) and Service Configuration . . . 61 Example: Dynamic Source NAT as a Next-Hop Service . . . . . . . . . . . . . . . . . 63 Example: NAT Between VRFs Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 64 Example: BOOTP and Broadcast Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . 67 Chapter 4 Applications Configuration Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 Configuring Application Protocol Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 Configuring an Application Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 Configuring the Network Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72 Configuring the ICMP Code and Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73 Configuring Source and Destination Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 Configuring the Inactivity Timeout Period . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78 Configuring an SNMP Command for Packet Matching . . . . . . . . . . . . . . . . . . 78 Configuring an RPC Program Number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78 Configuring the TTL Threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78 Configuring a Universal Unique Identifier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 Configuring Application Sets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 ALG Descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 Basic TCP ALG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 Basic UDP ALG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 BOOTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 DCE RPC Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 ONC RPC Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 FTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 ICMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 Copyright © 2011, Juniper Networks, Inc.
NetShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 RPC and RPC Portmap Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 RTSP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84 SMB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84 SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84 SQLNet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 TFTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 Traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 UNIX Remote-Shell Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 Verifying the Output of ALG Sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86 FTP Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86 Sample Output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86 FTP System Log Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88 Troubleshooting Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88 RTSP ALG Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Sample Output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Troubleshooting Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 System Log Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 System Log Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 System Log Output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 Junos Default Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 Examples: Referencing the Preset Statement from the Junos Default Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 Examples: Configuring Application Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 Chapter 5 Summary of Applications Configuration Statements . . . . . . . . . . . . . . . . . . 101 application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 application-protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 application-set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 destination-port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104 icmp-code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104 icmp-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105 inactivity-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105 learn-sip-register . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107 rpc-program-number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108 sip-call-hold-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108 snmp-command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109 source-port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109 ttl-threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110 uuid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110 Chapter 6 Stateful Firewall Services Configuration Guidelines . . . . . . . . . . . . . . . . . . . 111 Copyright © 2011, Juniper Networks, Inc. Table of Contents Configuring Stateful Firewall Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112 Configuring Match Direction for Stateful Firewall Rules . . . . . . . . . . . . . . . . . 112 Configuring Match Conditions in Stateful Firewall Rules . . . . . . . . . . . . . . . . 113 xiii
Page 1 and 2: Junos ® OS Services Interfaces Con
Page 3 and 4: END USER LICENSE AGREEMENT READ THI
Page 5 and 6: 12. Commercial Computer Software. T
Page 7 and 8: Abbreviated Table of Contents Part
Page 9 and 10: Chapter 58 Real-Time Performance Mo
Page 11: Table of Contents Part 1 Overview A
Page 15 and 16: Configuring Translation Type for Tr
Page 17 and 18: Chapter 11 Summary of Intrusion Det
Page 19 and 20: Tracing IPsec Operations . . . . .
Page 21 and 22: maximum-send-window . . . . . . . .
Page 23 and 24: family . . . . . . . . . . . . . .
Page 25 and 26: ptsp-rules . . . . . . . . . . . .
Page 27 and 28: Copyright © 2011, Juniper Networks
Page 29 and 30: service-interface-pools . . . . . .
Page 31 and 32: local-ports . . . . . . . . . . . .
Page 33 and 34: enable-heuristics . . . . . . . . .
Page 35 and 36: Example: Configuring an Encryption
Page 37 and 38: Copyright © 2011, Juniper Networks
Page 39 and 40: version9 . . . . . . . . . . . . .
Page 41 and 42: source-addresses . . . . . . . . .
Page 43 and 44: Configuring RPM Timestamping . . .
Page 45 and 46: Part 9 Index Copyright © 2011, Jun
Page 47 and 48: List of Figures Part 2 Adaptive Ser
Page 49 and 50: List of Tables About This Guide . .
Page 51 and 52: About This Guide This preface provi
Page 53 and 54: Using the Indexes • MX Series •
Page 55 and 56: Table 1: Notice Icons Icon Meaning
Page 57 and 58: or are covered under warranty, and
Page 59 and 60: PART 1 Overview Copyright © 2011,
Page 61 and 62: CHAPTER 1 Services Interfaces Overv
Page 63 and 64:
CHAPTER 2 Services Interfaces Confi
Page 65 and 66:
Copyright © 2011, Juniper Networks
Page 67 and 68:
Page 69 and 70:
Page 71 and 72:
Page 73 and 74:
Page 75 and 76:
Page 77 and 78:
Page 79 and 80:
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
Page 87 and 88:
Page 89 and 90:
Page 91 and 92:
Page 93 and 94:
PART 2 Adaptive Services Copyright
Page 95 and 96:
CHAPTER 3 Adaptive Services Overvie
Page 97 and 98:
Enabling Service Packages Copyright
Page 99 and 100:
Table 3: AS and Multiservices PIC S
Page 101 and 102:
Page 103 and 104:
3. A next-hop service set can be ap
Page 105 and 106:
Page 107 and 108:
Types of Network Address Translatio
Page 109 and 110:
Stateful NAT64 Stateful NAT64 is a
Page 111 and 112:
Currently, a NAT rule configuration
Page 113 and 114:
IPsec Overview IPsec Security Assoc
Page 115 and 116:
Layer 2 Tunneling Protocol Overview
Page 117 and 118:
Page 119 and 120:
match-direction input; term Transla
Page 121 and 122:
interface-service { service-interfa
Page 123 and 124:
Page 125 and 126:
} rule vrf-b-output { match-directi
Page 127 and 128:
CHAPTER 4 Applications Configuratio
Page 129 and 130:
Table 5: Application Protocols Supp
Page 131 and 132:
Table 6: Network Protocols Supporte
Page 133 and 134:
Configuring Source and Destination
Page 135 and 136:
Table 8: Port Names Supported by Se
Page 137 and 138:
Configuring a Universal Unique Iden
Page 139 and 140:
BOOTP DCE RPC Services ONC RPC Serv
Page 141 and 142:
Table 9: Supported RPC Services Nam
Page 143 and 144:
SQLNet TFTP Traceroute command. If
Page 145 and 146:
For each flow, the first line shows
Page 147 and 148:
RTSP ALG Example The following is a
Page 149 and 150:
System Log Messages Copyright © 20
Page 151 and 152:
Page 153 and 154:
Page 155 and 156:
application junos-dcerpc-msexchange
Page 157 and 158:
} } } Examples: Configuring Applica
Page 159 and 160:
CHAPTER 5 Summary of Applications C
Page 161 and 162:
application-set Syntax application-
Page 163 and 164:
icmp-type Syntax icmp-type value; H
Page 165 and 166:
protocol Syntax protocol type; Hier
Page 167 and 168:
snmp-command Syntax snmp-command co
Page 169 and 170:
CHAPTER 6 Stateful Firewall Service
Page 171 and 172:
If you configure match-direction in
Page 173 and 174:
Configuring IP Option Handling You
Page 175 and 176:
} } } } Copyright © 2011, Juniper
Page 177 and 178:
Related Documentation Copyright ©
Page 179 and 180:
CHAPTER 7 Summary of Stateful Firew
Page 181 and 182:
application-sets Syntax application
Page 183 and 184:
destination-prefix-list Syntax dest
Page 185 and 186:
ule Syntax rule rule-name { match-d
Page 187 and 188:
source-address Syntax source-addres
Page 189 and 190:
term Syntax term term-name { from {
Page 191 and 192:
CHAPTER 8 Network Address Translati
Page 193 and 194:
• Specifying Destination and Sour
Page 195 and 196:
• The fifth connection is allocat
Page 197 and 198:
application-sets set-name; applicat
Page 199 and 200:
NOTE: If you include one of the sta
Page 201 and 202:
Configuring NAT Rule Sets Copyright
Page 203 and 204:
user@host# set rule rule-basic-nat4
Page 205 and 206:
[edit services] user@host# show ada
Page 207 and 208:
Configuring Trace Options 2. Config
Page 209 and 210:
Page 211 and 212:
Configuring Dynamic Source Address
Page 213 and 214:
Page 215 and 216:
Configuring Static Destination Addr
Page 217 and 218:
Related Documentation • } pool de
Page 219 and 220:
Page 221 and 222:
Configuring the Service Set for NAT
Page 223 and 224:
Page 225 and 226:
Related Documentation [edit] user@h
Page 227 and 228:
Page 229 and 230:
Page 231 and 232:
service-set s1 { nat-rules rule-dyn
Page 233 and 234:
Page 235 and 236:
Page 237 and 238:
} } } } } } stateful-nat64; Example
Page 239 and 240:
Step-by-Step Procedure Copyright ©
Page 241 and 242:
[edit services nat] user@host# set
Page 243 and 244:
user@host# set then translated tran
Page 245 and 246:
5. Specify the type of NAT used for
Page 247 and 248:
Only the device name is needed, bec
Page 249 and 250:
3. Specify the interface properties
Page 251 and 252:
} } Example: Assigning Addresses fr
Page 253 and 254:
} Example: Configuring NAT for Mult
Page 255 and 256:
The routing instance stage forwards
Page 257 and 258:
CHAPTER 9 Summary of Network Addres
Page 259 and 260:
address-range Syntax address-range
Page 261 and 262:
destination-address-range Syntax de
Page 263 and 264:
dns-alg-pool Syntax dns-alg-pool dn
Page 265 and 266:
hint Syntax hint [ hint-strings ];
Page 267 and 268:
match-direction Syntax match-direct
Page 269 and 270:
pgcp Syntax pgcp { hint [ hint-stri
Page 271 and 272:
port Syntax port (automatic | range
Page 273 and 274:
Page 275 and 276:
source-address Syntax source-addres
Page 277 and 278:
source-prefix-list Syntax source-pr
Page 279 and 280:
then Syntax then { no-translation;
Page 281 and 282:
translation-type translation-type S
Page 283 and 284:
CHAPTER 10 Intrusion Detection Serv
Page 285 and 286:
Configuring IDS Rules Copyright ©
Page 287 and 288:
Configuring Match Conditions in IDS
Page 289 and 290:
Page 291 and 292:
} Configuring IDS Rule Sets NOTE: I
Page 293 and 294:
Page 295 and 296:
CHAPTER 11 Summary of Intrusion Det
Page 297 and 298:
y-destination Syntax by-destination
Page 299 and 300:
y-source Syntax by-source { hold-ti
Page 301 and 302:
destination-prefix Syntax destinati
Page 303 and 304:
from Syntax from { application-sets
Page 305 and 306:
Page 307 and 308:
session-limit Syntax session-limit
Page 309 and 310:
source-prefix Syntax source-prefix
Page 311 and 312:
syslog Syntax syslog; Hierarchy Lev
Page 313 and 314:
Options term-name—Identifier for
Page 315 and 316:
threshold Syntax threshold rate; Hi
Page 317 and 318:
CHAPTER 12 IPsec Services Configura
Page 319 and 320:
This chapter includes the following
Page 321 and 322:
NOTE: Both OSPFv2 and OSPFv3 suppor
Page 323 and 324:
Page 325 and 326:
The key can be one of the following
Page 327 and 328:
• sha1—Produces a 160-bit diges
Page 329 and 330:
Example: Configuring an IKE Proposa
Page 331 and 332:
must match that of its peer. The pr
Page 333 and 334:
key_id [ values ]; } Example: Confi
Page 335 and 336:
Configuring the Description for an
Page 337 and 338:
policy policy-name { description de
Page 339 and 340:
Related Documentation During the IP
Page 341 and 342:
Page 343 and 344:
} Copyright © 2011, Juniper Networ
Page 345 and 346:
anti-replay-window-size can take va
Page 347 and 348:
Implicit Dynamic Rules Phase 2 of t
Page 349 and 350:
NOTE: For dynamic peers, the Junos
Page 351 and 352:
NOTE: RSA certificates are not supp
Page 353 and 354:
file filename ; flag flag (all |
Page 355 and 356:
Page 357 and 358:
Configuring a Next-Hop Style Servic
Page 359 and 360:
Configuring a Next-Hop Style Servic
Page 361 and 362:
Page 363 and 364:
The following sample output shows t
Page 365 and 366:
[edit services ipsec-vpn] user@host
Page 367 and 368:
Page 369 and 370:
CHAPTER 13 Summary of IPsec Service
Page 371 and 372:
authentication-algorithm authentica
Page 373 and 374:
ackup-remote-gateway Syntax backup-
Page 375 and 376:
description Syntax description desc
Page 377 and 378:
direction Syntax direction (inbound
Page 379 and 380:
encryption Syntax encryption { algo
Page 381 and 382:
from Syntax from { destination-addr
Page 383 and 384:
initiate-dead-peer-detection Syntax
Page 385 and 386:
local-certificate Syntax local-cert
Page 387 and 388:
mode Syntax mode (aggressive | main
Page 389 and 390:
policy policy (IKE) See the followi
Page 391 and 392:
proposal proposal (IKE) See the fol
Page 393 and 394:
protocol Syntax protocol (ah | esp
Page 395 and 396:
Page 397 and 398:
source-address spi Syntax source-ad
Page 399 and 400:
Page 401 and 402:
traceoptions Syntax traceoptions {
Page 403 and 404:
traceoptions (PKI) Syntax traceopti
Page 405 and 406:
CHAPTER 14 Layer 2 Tunneling Protoc
Page 407 and 408:
L2TP Services Configuration Overvie
Page 409 and 410:
Page 411 and 412:
• L2TP tunnel access profile, whi
Page 413 and 414:
facility-override facility-name; lo
Page 415 and 416:
AS PIC Redundancy for L2TP Services
Page 417 and 418:
} You can specify the following L2T
Page 419 and 420:
Page 421 and 422:
Page 423 and 424:
CHAPTER 15 Summary of Layer 2 Tunne
Page 425 and 426:
host Syntax host hostname { service
Page 427 and 428:
maximum-send-window Syntax maximum-
Page 429 and 430:
service-interface Syntax service-in
Page 431 and 432:
services (L2TP System Logging) Synt
Page 433 and 434:
traceoptions (L2TP) Syntax traceopt
Page 435 and 436:
Required Privilege Level Copyright
Page 437 and 438:
tunnel-timeout Syntax tunnel-timeou
Page 439 and 440:
CHAPTER 16 Link Services IQ Interfa
Page 441 and 442:
• Multilink Frame Relay (MLFR) en
Page 443 and 444:
Configure SONET APS, with oc3-0/2/0
Page 445 and 446:
LSQ redundancy (rlsq) interface in
Page 447 and 448:
• Since the same interface name i
Page 449 and 450:
} } coc3-2/0/0 { sonet-options { ap
Page 451 and 452:
Page 453 and 454:
The following example shows a confi
Page 455 and 456:
Configuring Scheduler Priority Buff
Page 457 and 458:
Page 459 and 460:
For link services IQ (lsq-) interfa
Page 461 and 462:
We recommend avoiding oversubscript
Page 463 and 464:
If you do not include this statemen
Page 465 and 466:
Page 467 and 468:
t1-3/0/1 { per-unit-scheduler; } }
Page 469 and 470:
Page 471 and 472:
Page 473 and 474:
When a packet is removed from a non
Page 475 and 476:
} nc-scheduler { transmit-rate perc
Page 477 and 478:
Page 479 and 480:
Page 481 and 482:
Configuring LSQ Interfaces for Sing
Page 483 and 484:
If you require the queue to transmi
Page 485 and 486:
transmit-rate percent 50; buffer-si
Page 487 and 488:
queue is serviced. This implementat
Page 489 and 490:
Page 491 and 492:
Page 493 and 494:
NOTE: Link services IQ interfaces s
Page 495 and 496:
To do this, first configure logical
Page 497 and 498:
• 4-port DS3 ATM2 IQ Virtual circ
Page 499 and 500:
CHAPTER 17 Summary of Link Services
Page 501 and 502:
fragment-threshold Syntax fragment-
Page 503 and 504:
link-layer-overhead Syntax link-lay
Page 505 and 506:
no-fragmentation Syntax no-fragment
Page 507 and 508:
primary Syntax primary interface-na
Page 509 and 510:
warm-standby Syntax warm-standby; H
Page 511 and 512:
CHAPTER 18 Voice Services Configura
Page 513 and 514:
} You can configure this statement
Page 515 and 516:
} } Configuring Encapsulation for V
Page 517 and 518:
Page 519 and 520:
Page 521 and 522:
CHAPTER 19 Summary of Voice Service
Page 523 and 524:
compression-device Syntax compressi
Page 525 and 526:
family Syntax family (inet | mlppp
Page 527 and 528:
maximum-contexts Syntax maximum-con
Page 529 and 530:
unit Syntax unit logical-unit-numbe
Page 531 and 532:
CHAPTER 20 Class-of-Service Configu
Page 533 and 534:
Configuring CoS Rules To configure
Page 535 and 536:
You can also include application pr
Page 537 and 538:
To control the direction in which s
Page 539 and 540:
Mapping Forwarding-Class Name to Qu
Page 541 and 542:
CHAPTER 21 Summary of Class-of-Serv
Page 543 and 544:
application-sets Syntax application
Page 545 and 546:
destination-prefix-list Syntax dest
Page 547 and 548:
ftp Syntax ftp { data { dscp (alias
Page 549 and 550:
Page 551 and 552:
sip Syntax sip { video { dscp (alia
Page 553 and 554:
Page 555 and 556:
voice Syntax voice { dscp (alias |
Page 557 and 558:
CHAPTER 22 Service Set Configuratio
Page 559 and 560:
for which you have configured unit
Page 561 and 562:
Determining Traffic Direction The r
Page 563 and 564:
Configuring IPsec Service Sets Copy
Page 565 and 566:
interface-service { service-interfa
Page 567 and 568:
Configuring Passive-Mode Tunneling
Page 569 and 570:
log-prefix prefix-value; } } Config
Page 571 and 572:
handshake; init; interfaces; mib; r
Page 573 and 574:
Table 14: Adaptive Services Tracing
Page 575 and 576:
CHAPTER 23 Summary of Service Set C
Page 577 and 578:
anti-replay-window-size Syntax anti
Page 579 and 580:
clear-dont-fragment-bit Syntax clea
Page 581 and 582:
ids-rules Syntax (ids-rules rule-na
Page 583 and 584:
ipsec-vpn-rules Syntax (ipsec-vpn-r
Page 585 and 586:
max-flows Syntax max-flows number;
Page 587 and 588:
next-hop-service Syntax next-hop-se
Page 589 and 590:
pgcp-rules Syntax (pgcp-rules rule-
Page 591 and 592:
service-set Syntax service-set serv
Page 593 and 594:
services services (Hierarchy) See t
Page 595 and 596:
stateful-firewall-rules Syntax (sta
Page 597 and 598:
Page 599 and 600:
tunnel-mtu Syntax tunnel-mtu bytes;
Page 601 and 602:
CHAPTER 24 Service Interface Config
Page 603 and 604:
Services Interface Naming Overview
Page 605 and 606:
To configure a setting for the inac
Page 607 and 608:
setting for the tunnel as part of a
Page 609 and 610:
Page 611 and 612:
Page 613 and 614:
Page 615 and 616:
CHAPTER 25 Summary of Service Inter
Page 617 and 618:
dial-options Syntax dial-options {
Page 619 and 620:
family Syntax family inet { address
Page 621 and 622:
input Syntax input { service-set se
Page 623 and 624:
output Syntax output { [ service-se
Page 625 and 626:
edundancy-options Syntax redundancy
Page 627 and 628:
service-filter Syntax service-filte
Page 629 and 630:
services-options Syntax services-op
Page 631 and 632:
Page 633 and 634:
CHAPTER 26 PGCP Configuration Guide
Page 635 and 636:
Page 637 and 638:
Page 639 and 640:
CHAPTER 27 Summary of PGCP Configur
Page 641 and 642:
administrative (Virtual Interface)
Page 643 and 644:
audit-observed-events-returns Synta
Page 645 and 646:
gf-core Syntax bgf-core { default t
Page 647 and 648:
cancel-graceful See the following s
Page 649 and 650:
context-indications Syntax context-
Page 651 and 652:
controller-address Syntax controlle
Page 653 and 654:
default Syntax default trace-level;
Page 655 and 656:
destination-port Syntax destination
Page 657 and 658:
disconnect Syntax disconnect { cont
Page 659 and 660:
dscp Syntax dscp { default (dscp-va
Page 661 and 662:
failover-warm Syntax failover-warm
Page 663 and 664:
fast-update-filters Syntax fast-upd
Page 665 and 666:
flag Syntax flag { default trace-le
Page 667 and 668:
Page 669 and 670:
down { administrative (forced-905 |
Page 671 and 672:
gateway-controller Syntax gateway-c
Page 673 and 674:
graceful graceful (Control Associat
Page 675 and 676:
h248-options Syntax h248-options {
Page 677 and 678:
h248-profile Syntax h248-profile {
Page 679 and 680:
Page 681 and 682:
h248-stack Syntax h248-stack { defa
Page 683 and 684:
inactivity-delay Syntax inactivity-
Page 685 and 686:
inactivity-timer Syntax inactivity-
Page 687 and 688:
ipsec-transport-security-associatio
Page 689 and 690:
max-burst-size (RTCP Streams) Synta
Page 691 and 692:
maximum-fuf-percentage Syntax maxim
Page 693 and 694:
maximum-net-propagation-delay Synta
Page 695 and 696:
media Syntax media { rtcp; rtp; } H
Page 697 and 698:
mg-originated-pending-limit Syntax
Page 699 and 700:
mg-segmentation-timer Syntax mg-seg
Page 701 and 702:
mgc-originated-pending-limit Syntax
Page 703 and 704:
mgc-segmentation-timer Syntax mgc-s
Page 705 and 706:
no-dscp-bit-mirroring Syntax no-dsc
Page 707 and 708:
normal-mgc-execution-time Syntax no
Page 709 and 710:
notification-regulation Syntax noti
Page 711 and 712:
peak-data-rate (RTCP) Syntax peak-d
Page 713 and 714:
profile-name Syntax profile-name pr
Page 715 and 716:
econnect Syntax reconnect (disconne
Page 717 and 718:
equest-timestamp Syntax request-tim
Page 719 and 720:
ule Syntax rule rule-name { gateway
Page 721 and 722:
Required Privilege Level Related Do
Page 723 and 724:
service-change Syntax service-chang
Page 725 and 726:
service-state service-state (Virtua
Page 727 and 728:
session-mirroring Syntax session-mi
Page 729 and 730:
state-loss Syntax state-loss (force
Page 731 and 732:
sustained-data-rate (RTCP Streams)
Page 733 and 734:
Page 735 and 736:
up Syntax up { cancel-graceful (non
Page 737 and 738:
virtual-interface Syntax virtual-in
Page 739 and 740:
virtual-interface-indications Synta
Page 741 and 742:
CHAPTER 28 Service Interface Pools
Page 743 and 744:
CHAPTER 29 Summary of Service Inter
Page 745 and 746:
CHAPTER 30 Border Signaling Gateway
Page 747 and 748:
Page 749 and 750:
Page 751 and 752:
CHAPTER 31 Summary of Border Signal
Page 753 and 754:
accelerations Syntax accelerations
Page 755 and 756:
admission-control (New Transaction
Page 757 and 758:
Page 759 and 760:
committed-burst-size Syntax committ
Page 761 and 762:
datastore Syntax datastore { data t
Page 763 and 764:
dialogs Syntax dialogs { maximum-co
Page 765 and 766:
egress-service-point Syntax egress-
Page 767 and 768:
file Syntax file ; Hierarchy Le
Page 769 and 770:
Required Privilege Options The opti
Page 771 and 772:
Page 773 and 774:
from (New Call Usage Policy) Syntax
Page 775 and 776:
Page 777 and 778:
gateway Syntax gateway gateway-name
Page 779 and 780:
Page 781 and 782:
minimum trace-level; policy trace-l
Page 783 and 784:
manipulation-rule Syntax manipulati
Page 785 and 786:
media-type Syntax media-type (any-m
Page 787 and 788:
maximum-records-in-cache Syntax max
Page 789 and 790:
minimum Syntax minimum trace-level;
Page 791 and 792:
new-call-usage-output-policies Synt
Page 793 and 794:
new-call-usage-policy-set Syntax ne
Page 795 and 796:
new-transaction-policy Syntax new-t
Page 797 and 798:
new-transaction-policy-set Syntax n
Page 799 and 800:
on-3xx-response Syntax on-3xx-respo
Page 801 and 802:
everse-manipulation Syntax reverse-
Page 803 and 804:
outing-destinations Syntax routing-
Page 805 and 806:
Required Privilege servers Level Re
Page 807 and 808:
service-interface service-interface
Page 809 and 810:
service-point-type Syntax service-p
Page 811 and 812:
session-trace Syntax session-trace
Page 813 and 814:
Page 815 and 816:
Page 817 and 818:
sip-header Syntax sip-header header
Page 819 and 820:
sip-stack Syntax sip-stack { dev-lo
Page 821 and 822:
term term (New Call Usage Policy) S
Page 823 and 824:
message-manipulation introduced in
Page 825 and 826:
then (New Transaction Policy) Synta
Page 827 and 828:
timer-c Syntax timer-c seconds; Hie
Page 829 and 830:
Release Information Statement intro
Page 831 and 832:
CHAPTER 32 PTSP Configuration Guide
Page 833 and 834:
CHAPTER 33 Summary of PTSP Configur
Page 835 and 836:
demux Syntax demux (destination-add
Page 837 and 838:
forward-rule (Including in Rule) Sy
Page 839 and 840:
local-address Syntax local-address
Page 841 and 842:
local-ports Syntax local-ports [ po
Page 843 and 844:
emote-address Syntax remote-address
Page 845 and 846:
emote-ports Syntax remote-ports [ p
Page 847 and 848:
ule (Including in Rule Set) Syntax
Page 849 and 850:
term (Forward Rule) Syntax term pre
Page 851 and 852:
then (Forward Rule) Syntax then { f
Page 853 and 854:
Page 855 and 856:
CHAPTER 34 Softwire Configuration G
Page 857 and 858:
Configuring Softwire Rules You conf
Page 859 and 860:
Configuring a 6rd Concentrator for
Page 861 and 862:
Page 863 and 864:
Page 865 and 866:
Page 867 and 868:
Page 869 and 870:
CHAPTER 35 Summary of Softwire Conf
Page 871 and 872:
ule (Softwire) Syntax rule rule-nam
Page 873 and 874:
term (softwire-rule) Syntax term te
Page 875 and 876:
ipv6-multicast-interfaces (softwire
Page 877 and 878:
PART 3 Dynamic Application Awarenes
Page 879 and 880:
CHAPTER 36 Dynamic Application Awar
Page 881 and 882:
Related Documentation APPID Overvie
Page 883 and 884:
The following related operational c
Page 885 and 886:
Page 887 and 888:
CHAPTER 37 Application Identificati
Page 889 and 890:
• Tracing APPID Operations on pag
Page 891 and 892:
Page 893 and 894:
Page 895 and 896:
• index—Application group index
Page 897 and 898:
Related Documentation Configuring G
Page 899 and 900:
Configuring APPID Support for Unidi
Page 901 and 902:
Configuring Access to the Log File
Page 903 and 904:
Page 905 and 906:
CHAPTER 38 Summary of Application I
Page 907 and 908:
application application (Defining)
Page 909 and 910:
application-groups Syntax applicati
Page 911 and 912:
chain-order Syntax chain-order; Hie
Page 913 and 914:
disable disable (APPID Application)
Page 915 and 916:
download Syntax download { automati
Page 917 and 918:
idle-timeout Syntax idle-timeout se
Page 919 and 920:
index (Nested Applications) Syntax
Page 921 and 922:
maximum-transactions Syntax maximum
Page 923 and 924:
nested-application Syntax nested-ap
Page 925 and 926:
no-application-system-cache Syntax
Page 927 and 928:
no-signature-based Syntax no-signat
Page 929 and 930:
port-range Syntax port-range { tcp
Page 931 and 932:
ule rule (Configuring) See the foll
Page 933 and 934:
services Syntax services applicatio
Page 935 and 936:
signature Syntax signature name { c
Page 937 and 938:
Page 939 and 940:
url Syntax url url; Hierarchy Level
Page 941 and 942:
CHAPTER 39 Application-Aware Access
Page 943 and 944:
The match direction is used with re
Page 945 and 946:
• application—Count the applica
Page 947 and 948:
Page 949 and 950:
CHAPTER 40 Summary of AACL Configur
Page 951 and 952:
destination-address Syntax destinat
Page 953 and 954:
match-direction Syntax match-direct
Page 955 and 956:
ule-set Syntax rule-set rule-set-na
Page 957 and 958:
source-prefix-list Syntax source-pr
Page 959 and 960:
then Syntax then { (accept | discar
Page 961 and 962:
CHAPTER 41 Local Policy Decision Fu
Page 963 and 964:
For more information on configuring
Page 965 and 966:
Tracing L-PDF Operations Copyright
Page 967 and 968:
CHAPTER 42 Summary of L-PDF Configu
Page 969 and 970:
aacl-statistics-profile Syntax aacl
Page 971 and 972:
file Syntax file file-name { archiv
Page 973 and 974:
policy-decision-statistics-profile
Page 975 and 976:
Page 977 and 978:
PART 4 Encryption Services Copyrigh
Page 979 and 980:
CHAPTER 43 Encryption Overview Encr
Page 981 and 982:
CHAPTER 44 Encryption Interfaces Co
Page 983 and 984:
} } } Configuring Filters for Traff
Page 985 and 986:
Configuring an Outbound Traffic Fil
Page 987 and 988:
Example: Configuring an Inbound Tra
Page 989 and 990:
Example: Configuring ES PIC Redunda
Page 991 and 992:
CHAPTER 45 Summary of Encryption Co
Page 993 and 994:
es-options Syntax es-options { back
Page 995 and 996:
filter Syntax filter { input filter
Page 997 and 998:
tunnel Syntax tunnel { backup-desti
Page 999 and 1000:
PART 5 Flow Monitoring and Discard
Page 1001 and 1002:
CHAPTER 46 Flow Monitoring and Disc
Page 1003 and 1004:
Page 1005 and 1006:
CHAPTER 47 Flow Monitoring and Disc
Page 1007 and 1008:
Page 1009 and 1010:
Page 1011 and 1012:
Configuring Traffic Sampling Copyri
Page 1013 and 1014:
Sampling Once To explicitly sample
Page 1015 and 1016:
Tracing Traffic Sampling Operations
Page 1017 and 1018:
Page 1019 and 1020:
Page 1021 and 1022:
Page 1023 and 1024:
Enabling Flow Aggregation source-ad
Page 1025 and 1026:
Page 1027 and 1028:
The following sections contain addi
Page 1029 and 1030:
Restrictions The following restrict
Page 1031 and 1032:
Verification 1. You configure MPLS
Page 1033 and 1034:
flow-inactive-timeout 30; flow-serv
Page 1035 and 1036:
Configuring Sampling Instances Copy
Page 1037 and 1038:
Configuring Inline Flow Monitoring
Page 1039 and 1040:
Configuring Inline Flow Monitoring
Page 1041 and 1042:
family inet; output { flow-server 1
Page 1043 and 1044:
Configuring Port Mirroring Copyrigh
Page 1045 and 1046:
Configuring Tunnels For more inform
Page 1047 and 1048:
Restrictions For more information a
Page 1049 and 1050:
Page 1051 and 1052:
Page 1053 and 1054:
Page 1055 and 1056:
• Firewall filter configuration
Page 1057 and 1058:
For more information on routing tab
Page 1059 and 1060:
Enabling Passive Flow Monitoring Co
Page 1061 and 1062:
Passive Flow Monitoring for MPLS En
Page 1063 and 1064:
Page 1065 and 1066:
Page 1067 and 1068:
Page 1069 and 1070:
CHAPTER 48 Summary of Flow-Monitori
Page 1071 and 1072:
address Syntax address address { de
Page 1073 and 1074:
autonomous-system-type Syntax auton
Page 1075 and 1076:
cflowd (Flow Monitoring) Syntax cfl
Page 1077 and 1078:
disable-all-instances Syntax disabl
Page 1079 and 1080:
extension-service Syntax extension-
Page 1081 and 1082:
family family (Interfaces) See the
Page 1083 and 1084:
family (Port Mirroring) Syntax fami
Page 1085 and 1086:
Description Configure the protocol
Page 1087 and 1088:
filename Syntax filename filename;
Page 1089 and 1090:
flow-active-timeout Syntax flow-act
Page 1091 and 1092:
flow-export-destination Syntax flow
Page 1093 and 1094:
flow-monitoring Syntax flow-monitor
Page 1095 and 1096:
forwarding-options Syntax forwardin
Page 1097 and 1098:
input-interface-index Syntax input-
Page 1099 and 1100:
instance (Sampling) Syntax instance
Page 1101 and 1102:
interface See the following section
Page 1103 and 1104:
interfaces Syntax interfaces { ...
Page 1105 and 1106:
match Syntax match expression; Hier
Page 1107 and 1108:
monitoring Syntax monitoring name {
Page 1109 and 1110:
multiservice-options Syntax multise
Page 1111 and 1112:
next-hop-group (Port Mirroring) Syn
Page 1113 and 1114:
option-refresh-rate Syntax option-r
Page 1115 and 1116:
output (Monitoring) Syntax output {
Page 1117 and 1118:
NOTE: The inline-jflow statement is
Page 1119 and 1120:
pop-all-labels Syntax pop-all-label
Page 1121 and 1122:
port-mirroring Syntax port-mirrorin
Page 1123 and 1124:
eceive-ttl-exceeded Syntax receive-
Page 1125 and 1126:
sampling Copyright © 2011, Juniper
Page 1127 and 1128:
} } instance instance-name { disabl
Page 1129 and 1130:
size Syntax size bytes; Hierarchy L
Page 1131 and 1132:
syslog Syntax (syslog | no-syslog);
Page 1133 and 1134:
template (Services) Syntax template
Page 1135 and 1136:
Page 1137 and 1138:
version9 version9 (Forwarding Optio
Page 1139 and 1140:
version-ipfix See the following sec
Page 1141 and 1142:
CHAPTER 49 Flow Collection Configur
Page 1143 and 1144:
Configuring Flow Collection This se
Page 1145 and 1146:
Configuring Transfer Logs Configuri
Page 1147 and 1148:
The cflowd records are compressed i
Page 1149 and 1150:
Page 1151 and 1152:
Page 1153 and 1154:
CHAPTER 50 Summary of Flow Collecti
Page 1155 and 1156:
collector Syntax collector interfac
Page 1157 and 1158:
file-specification file-specificati
Page 1159 and 1160:
Required Privilege Level Copyright
Page 1161 and 1162:
ftp (Flow Collector Files) Syntax f
Page 1163 and 1164:
maximum-age Syntax maximum-age minu
Page 1165 and 1166:
• {year}—In the format YYYY; fo
Page 1167 and 1168:
etry Syntax retry number; Hierarchy
Page 1169 and 1170:
username Syntax username user-name;
Page 1171 and 1172:
CHAPTER 51 Dynamic Flow Capture Con
Page 1173 and 1174:
Configuring the Capture Group Copyr
Page 1175 and 1176:
Configuring the Control Source Copy
Page 1177 and 1178:
Configuring System Logging Configur
Page 1179 and 1180:
Page 1181 and 1182:
CHAPTER 52 Flow-Tap Configuration G
Page 1183 and 1184:
Figure 12: Flow-Tap Topology Mediat
Page 1185 and 1186:
Restrictions on Flow-Tap Services T
Page 1187 and 1188:
Examples: Configuring Flow-Tap Serv
Page 1189 and 1190:
CHAPTER 53 Summary of Dynamic Flow
Page 1191 and 1192:
capture-group Syntax capture-group
Page 1193 and 1194:
control-source Syntax control-sourc
Page 1195 and 1196:
flow-tap Syntax flow-tap { (interfa
Page 1197 and 1198:
g-max-duplicates Syntax g-max-dupli
Page 1199 and 1200:
interface Syntax interface sp-fpc/p
Page 1201 and 1202:
no-syslog Syntax no-syslog; Hierarc
Page 1203 and 1204:
services Syntax services dynamic-fl
Page 1205 and 1206:
source-addresses ttl Syntax source-
Page 1207 and 1208:
PART 6 Link and Multilink Services
Page 1209 and 1210:
CHAPTER 54 Link and Multilink Servi
Page 1211 and 1212:
Page 1213 and 1214:
CHAPTER 55 Link and Multilink Servi
Page 1215 and 1216:
You must configure a link before it
Page 1217 and 1218:
To configure a physical T1 link for
Page 1219 and 1220:
• Configuring the Sequence Header
Page 1221 and 1222:
By default, compression of the inne
Page 1223 and 1224:
mrru bytes; You can include this st
Page 1225 and 1226:
You can configure multicast support
Page 1227 and 1228:
Page 1229 and 1230:
Table 18: Link Services Physical In
Page 1231 and 1232:
The disable-tx option disables tran
Page 1233 and 1234:
number of high-priority traffic flo
Page 1235 and 1236:
Page 1237 and 1238:
} } term default { then { log; forw
Page 1239 and 1240:
pic-type atm2; vpi 12; } unit 2 { e
Page 1241 and 1242:
Example: Configuring a Link Service
Page 1243 and 1244:
Example: Configuring a Link Service
Page 1245 and 1246:
Page 1247 and 1248:
Page 1249 and 1250:
Page 1251 and 1252:
CHAPTER 56 Summary of Multilink and
Page 1253 and 1254:
action-red-differential-delay Synta
Page 1255 and 1256:
destination Syntax destination dest
Page 1257 and 1258:
drop-timeout Syntax drop-timeout mi
Page 1259 and 1260:
encapsulation (Physical Interface)
Page 1261 and 1262:
fragment-threshold Syntax fragment-
Page 1263 and 1264:
interleave-fragments Syntax interle
Page 1265 and 1266:
mlfr-uni-nni-bundle-options Syntax
Page 1267 and 1268:
mtu Syntax mtu bytes; Hierarchy Lev
Page 1269 and 1270:
n393 Syntax n393 number; Hierarchy
Page 1271 and 1272:
t392 Syntax t392 number; Hierarchy
Page 1273 and 1274:
yellow-differential-delay Syntax ye
Page 1275 and 1276:
PART 7 Real-Time Performance Monito
Page 1277 and 1278:
CHAPTER 57 Real-Time Performance Mo
Page 1279 and 1280:
CHAPTER 58 Real-Time Performance Mo
Page 1281 and 1282:
• [edit protocols bgp group group
Page 1283 and 1284:
Configuring RPM Probes Copyright ©
Page 1285 and 1286:
Page 1287 and 1288:
Configuring RPM Receiver Servers Th
Page 1289 and 1290:
Example: Configuring RPM Timestampi
Page 1291 and 1292:
Page 1293 and 1294:
Related Documentation • } } } } E
Page 1295 and 1296:
Page 1297 and 1298:
} } } } Copyright © 2011, Juniper
Page 1299 and 1300:
CHAPTER 59 Summary of Real-Time Per
Page 1301 and 1302:
client-list Syntax client-list list
Page 1303 and 1304:
destination-interface Syntax destin
Page 1305 and 1306:
dscp-code-point Syntax dscp-code-po
Page 1307 and 1308:
inactivity-timeout Syntax inactivit
Page 1309 and 1310:
maximum-connections-per-client Synt
Page 1311 and 1312:
one-way-hardware-timestamp Syntax o
Page 1313 and 1314:
probe Syntax probe owner { test tes
Page 1315 and 1316:
probe-limit Syntax probe-limit limi
Page 1317 and 1318:
outing-instance Syntax routing-inst
Page 1319 and 1320:
server Syntax server { client-list
Page 1321 and 1322:
target tcp Syntax target (url url |
Page 1323 and 1324:
test-interval Syntax test-interval
Page 1325 and 1326:
traps Syntax traps traps; Hierarchy
Page 1327 and 1328:
udp Syntax udp { destination-interf
Page 1329 and 1330:
PART 8 Tunnel Services Copyright ©
Page 1331 and 1332:
CHAPTER 60 Tunnel Services Overview
Page 1333 and 1334:
Table 21: Tunnel Interface Types (c
Page 1335 and 1336:
CHAPTER 61 Tunnel Interfaces Config
Page 1337 and 1338:
it to be one larger than the number
Page 1339 and 1340:
Specifying an MTU Setting for the T
Page 1341 and 1342:
Page 1343 and 1344:
Connecting Logical Systems To conne
Page 1345 and 1346:
Table 22: Methods for Configuring E
Page 1347 and 1348:
Configuring IPv4-over-IPv6 Tunnels
Page 1349 and 1350:
Page 1351 and 1352:
Configuration on Router 2 family in
Page 1353 and 1354:
Related Documentation • Configuri
Page 1355 and 1356:
CHAPTER 62 Summary of Tunnel Servic
Page 1357 and 1358:
destination See the following secti
Page 1359 and 1360:
dynamic-tunnels Syntax dynamic-tunn
Page 1361 and 1362:
keepalive-time key Syntax keepalive
Page 1363 and 1364:
eassemble-packets Syntax reassemble
Page 1365 and 1366:
source Syntax source source-address
Page 1367 and 1368:
tunnel Syntax tunnel { allow-fragme
Page 1369 and 1370:
Page 1371 and 1372:
PART 9 Index Copyright © 2011, Jun
Page 1373 and 1374:
Index Symbols #, comments in config
Page 1375 and 1376:
automatic statement................
Page 1377 and 1378:
IDS................................
Page 1379 and 1380:
database (tracing flag)............
Page 1381 and 1382:
H H.248 properties.620, 638, 639, 6
Page 1383 and 1384:
example configuration..............
Page 1385 and 1386:
manuals comments on................
Page 1387 and 1388:
nested-application-settings stateme
Page 1389 and 1390:
post-service-filter statement......
Page 1391 and 1392:
scheduler map CoS configuration exa
Page 1393 and 1394:
match conditions...................
Page 1395 and 1396:
transport-details statement........
Page 1397 and 1398:
Index of Statements and Commands A
Page 1399 and 1400:
NAT................................
Page 1401 and 1402:
instance statement port mirroring..
Page 1403 and 1404:
no-signature-based statement.......
Page 1405 and 1406:
service-interface statement........
Page 1407 and 1408:
unit statement encryption..........
show all

Junos OS Services Interfaces Configuration Guide - Juniper Networks

Create successful ePaper yourself

Delete template?

Save as template?