Good news as the following layer 2 security features were added in 13.2 release of Junos:
We’re still running the recommended 12.3R6.6 in production at this time so we’re going to have to test the 13.2 features in the lab before putting them on production systems.
Use these with the load merge terminal command for easy cut-and-pasting in Junos.
policy-options {
prefix-list localhost {
127.0.0.1/32;
}
prefix-list martians-IPv4 {
0.0.0.0/8;
10.0.0.0/8;
127.0.0.0/8;
169.254.0.0/16;
172.16.0.0/12;
192.168.0.0/16;
}
prefix-list multicast {
224.0.0.0/4;
}
prefix-list multicast-all-systems {
224.0.0.1/32;
}
prefix-list rfc1918 {
10.0.0.0/8;
172.16.0.0/12;
192.168.0.0/16;
}
prefix-list martians-IPv6 {
::/96;
::1/128;
fe80::/10;
fec0::/10;
ff00::/8;
ff02::/16;
}
prefix-list other-bad-src-addrs-IPv6 {
::/128;
::ffff:0.0.0.0/96;
::ffff:10.0.0.0/104;
::ffff:127.0.0.0/104;
::ffff:172.16.0.0/108;
::ffff:192.168.0.0/112;
::ffff:224.0.0.0/100;
::ffff:240.0.0.0/100;
::ffff:255.0.0.0/104;
2001:db8::/32;
2002:0000::/24;
2002:0a00::/24;
2002:7f00::/24;
2002:ac10::/28;
2002:c0a8::/32;
2002:e000::/20;
2002:ff00::/24;
3ffe::/16;
fc00::/7;
}
}
Data Engineering 