Understanding How to Control Inbound Traffic Based on Protocols
This topic describes the inbound system protocols on the specified zone or interface.
Any host-inbound traffic that corresponds to a protocol listed under the host-inbound traffic option is allowed. For example, if anywhere in the configuration, you map a protocol to a port number other than the default, you can specify the protocol in the host-inbound traffic option, and the new port number will be used. Table 11 lists the supported protocols. A value of all indicates that traffic from all of the following protocols is allowed inbound on the specified interfaces (of the zone, or a single specified interface).
Table 11: Supported Inbound System Protocols
Supported System Services | |||
|---|---|---|---|
all | igmp | pim | sap |
bfd | ldp | rip | vrrp |
bgp | msdp | ripng | nhrp |
router-discovery | dvmrp | ospf | rsvp |
ndp | pgm | ospf3 | |
 | Note: If DVMRP or PIM is enabled for an interface, IGMP and MLD host-inbound traffic is enabled automatically. Because ISIS uses OSI addressing and should not generate any IP traffic, there is no host-inbound traffic option for the ISIS protocol. |
Related Topics
- JUNOS Software Feature Support Reference for SRX Series and J Series Devices
- Security Zones and Interfaces Overview
- Understanding How to Control Inbound Traffic Based on Traffic Types
- Understanding How to Identify Duplicate Sessions Using the TCP-Reset Parameter
- Example: Controlling Inbound Traffic Based on Protocols