Hi All, We have requirement ,client is asking flow between the particular IP addresses with TCP or UDP used between them,they are given source and destination ip address with service port ex,ntp ... Could you please how to find this flow in srx firewall. Thanks for advance. Regards, Rakesh ...

I agree, here we have 6PE configured and active... but not using it actually :) All our traffic is in VRFs (including DFZ/internet) so 6VPE is where our IPv6 traffic really is. Our global/master instance is really only an MPLS control plane. But, 6PE works anyway (so we can use IPv6 everywhere). ...

Thank you Aaron for your message. These are some nice tips. Thank you so much. I'll check the links you provided ------------------------------ MOHAMAMD AYASH ------------------------------

I agree and reiterate Olivier's comments.... I do 6VPE, which I understand is IPv6 over L3VPN. My Internet and CDN links are dual stacked. I already had IPv4 L3VPN. Then sometime later, I needed to dual stack. I had to change the edge of my sp core. I only had to add IPv6 addressing on the pre-existing ...

About inet6 firewall filters, to match Layer4 protocol you'll have to use «match next-header» for loopback filters, and «match payload-protocol» for interface filters on MX (but probably next-header on SRX, not too sure). Annoying. ------------------------------ Olivier Benghozi ------------------ ...

Very simple, really. 6PE tunneling: set protocols mpls ipv6-tunneling We also use these following lines for various reasons: have working VRFs, traceroutes, having internal pathes using IGP metrics even for MPLS/LDP, use explicit null everywhere (but not mandatory at all): set ...

Hi Olivier thank you for your reply. That does not sound like a lot of work, does it? We have our own public IPv6 ranges that we want to advertise to our clients. When it comes to implementing 6PE/6VPE, which security concerns do I need to think of? Do you have any tips that I can use? Much appreciated. ...