protocols

See the following sections:

• protocols (Interface Host-Inbound Traffic)
• protocols (Zone Host-Inbound Traffic)

protocols (Interface Host-Inbound Traffic)

Syntax

Hierarchy Level

Release Information

Statement introduced in Release 8.5 of JUNOS software.

Description

Specify the types of routing protocol traffic that can reach the device on a per-interface basis.

This statement is supported on J-series and SRX-series devices.

Options

protocol-name —Protocol for which traffic is allowed. The following protocols are supported:

• all—Enable traffic from all possible protocols available.
• bfd—Enable incoming Bidirectional Forwarding Detection (BFD) Protocol traffic.
• bgp—Enable incoming BGP traffic.
• dvmrp—Enable incoming Distance Vector Multicast Routing Protocol (DVMRP) traffic.
• igmp—Enable incoming Internet Group Management Protocol (IGMP) traffic.
• ldp—Enable incoming Label Distribution Protocol (LDP) traffic (UDP and TCP port 646).
• msdp—Enable incoming Multicast Source Discovery Protocol (MSDP) traffic.
• nhrp—Enable incoming Next Hop Resolution Protocol (NHRP) traffic.
• ospf—Enable incoming OSPF traffic.
• pgm—Enable incoming Pragmatic General Multicast (PGM) protocol traffic (IP protocol number 113).
• pim—Enable incoming Protocol Independent Multicast (PIM) traffic.
• rip—Enable incoming RIP traffic.
• router-discovery—Enable incoming router discovery traffic.
• rsvp—Enable incoming Resource Resolution Protocol (RSVP) traffic (IP protocol number 46).
• sap— Enable incoming Session Announcement Protocol (SAP) traffic. SAP always listens on 224.2.127.254:9875.
• vrrp—Enable incoming Virtual Router Redundancy Protocol (VRRP) traffic.

except—(Optional) except can only be used if all has been defined.

Usage Guidelines

For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

protocols (Zone Host-Inbound Traffic)

Syntax

Hierarchy Level

Release Information

Statement introduced in Release 8.5 of JUNOS software.

Description

Specify the types of traffic that can reach the device for all interfaces in a zone.

This statement is supported on J-series and SRX-series devices.

Options

protocol-name —Protocol for which traffic is allowed. The following protocols are supported:

• all—Enable traffic from all possible protocols available.
• bfd—Enable incoming Bidirectional Forwarding Detection (BFD) protocol traffic.
• bgp—Enable incoming BGP traffic.
• dvmrp—Enable incoming Distance Vector Multicast Routing Protocol (DVMRP) traffic.
• igmp—Enable incoming Internet Group Management Protocol (IGMP) traffic.
• ldp—Enable incoming Label Distribution Protocol (LDP) traffic (UDP and TCP port 646).
• msdp—Enable incoming Multicast Source Discovery Protocol (MSDP) traffic.
• nhrp—Enable incoming Next Hop Resolution Protocol (NHRP) traffic.
• ospf—Enable incoming OSPF traffic.
• pgm—Enable incoming Pragmatic General Multicast (PGM) protocol traffic (IP protocol number 113).
• pim—Enable incoming Protocol Independent Multicast (PIM) traffic.
• rip—Enable incoming RIP traffic.
• router-discovery—Enable incoming router discovery traffic.
• rsvp—Enable incoming Resource Reservation Protocol (RSVP) traffic (IP protocol number 46).
• sap— Enable incoming Session Announcement Protocol (SAP) traffic. SAP always listens on 224.2.127.254:9875. New addresses and ports can be added dynamically. This information must be propagated to the Packet Forwarding Engine (PFE).
• vrrp—Enable incoming Virtual Router Redundancy Protocol (VRRP) traffic.

except—(Optional) except can only be used if all has been defined.

Usage Guidelines

For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.