flow (IPv6)

Configure the discard action for BGP flow specification routes that were not resolved using the redirect to IP action.

Exclude applying flowspec filter to traffic received on specific interfaces. Use exclude to specify the interface group where you do not want to receive the traffic.

Enable traffic accounting per flowspec route.

Disable traffic accounting per flowspec route.

IP destination address field.

TCP or User Datagram Protocol (UDP) destination port field. You cannot specify both the port and destination-port match conditions in the same term.

In place of the numeric value, you can specify one of the following text synonyms (the port numbers are also listed): afs (1483), bgp (179), biff (512), bootpc (68), bootps (67), cmd (514), cvspserver (2401), dhcp (67), domain (53), eklogin (2105), ekshell (2106), exec (512), finger (79), ftp (21), ftp-data (20), http (80), https (443), ident (113), imap (143), kerberos-sec (88), klogin (543), kpasswd (761), krb-prop (754), krbupdate (760), kshell (544), ldap (389), login (513), mobileip-agent (434), mobilip-mn (435), msdp (639), netbios-dgm (138), netbios-ns (137), netbios-ssn (139), nfsd (2049), nntp (119), ntalk (518), ntp (123), pop3 (110), pptp (1723), printer (515), radacct (1813), radius (1812), rip (520), rkinit (2108), smtp (25), snmp (161), snmptrap (162), snpp (444), socks (1080), ssh (22), sunrpc (111), syslog (514), tacacs-ds (65), talk (517), telnet (23), tftp (69), timed (525), who (513), xdmcp (177), zephyr-clt (2103), or zephyr-hm (2104).

Differentiated Services code point (DSCP). The DiffServ protocol uses the type-of-service (ToS) byte in the IP header. The most significant six bits of this byte form the DSCP.

• Range: You can specify DSCP in hexadecimal or decimal form from 0 through 63.

The value of this field ranges from 0 through 1048575.

This match condition is supported only on Junos devices with enhanced MPCs that are configured for enhanced-ip mode.

The keywords are grouped by the fragment type with which they are associated:

• first-fragment

• is-fragment

• last-fragment

• not-a-fragment

This match condition is supported only on Junos devices with enhanced MPCs that are configured for enhanced-ip mode.

ICMP6 code field. This value or keyword provides more specific information than icmp6-type. Because the value’s meaning depends on the associated icmp6-type value, you must specify icmp6-type along with icmp6-code.

In place of the numeric value, you can specify one of the following text synonyms (the field values are also listed). The keywords are grouped by the ICMP type with which they are associated:

• parameter-problem: ip-header-bad (0), required-option-missing (1)

• redirect: redirect-for-host (1), redirect-for-network (0), redirect-for-tos-and-host (3), redirect-for-tos-and-net (2)

• time-exceeded: ttl-eq-zero-during-reassembly (1), ttl-eq-zero-during-transit (0)

• unreachable: communication-prohibited-by-filtering (13), destination-host-prohibited (10), destination-host-unknown (7), destination-network-prohibited (9), destination-network-unknown (6), fragmentation-needed (4), host-precedence-violation (14), host-unreachable (1), host-unreachable-for-TOS (12), network-unreachable (0), network-unreachable-for-TOS (11), port-unreachable (3), precedence-cutoff-in-effect (15), protocol-unreachable (2), source-host-isolated (8), source-route-failed (5)

ICMP6 packet type field. Normally, you specify this match in conjunction with the protocol match statement to determine which protocol is being used on the port.

In place of the numeric value, you can specify one of the following text synonyms (the field values are also listed): echo-reply (0), echo-request (8), info-reply (16), info-request (15), mask-request (17), mask-reply (18), parameter-problem (12), redirect (5), router-advertisement (9), router-solicit (10), source-quench (4), time-exceeded (11), timestamp (13), timestamp-reply (14), or unreachable (3).

Total IP packet length value can range from 0 through 65535.

TCP or UDP source or destination port field. You cannot specify both the port match condition and either the destination-port or source-port match condition in the same term.

In place of the numeric value, you can specify one of the text synonyms listed under destination-port.

(Optional) Specify the number of bits that must be skipped before Junos OS starts matching the prefix.

This match condition is supported only on Junos devices with enhanced MPCs that are configured for enhanced-ip mode.

For IPv6, the IP protocol field is supported only on Junos devices with MPCs that are configured for enhanced-ip mode. In place of the numeric value, you can specify one of the following text synonyms (the field values are also listed): ah (51), egp (8), esp (50), gre (47), icmp (1), igmp (2), ipip (4), ipv6 (41), ospf (89), pim (103), rsvp (46), tcp (6), or udp (17).

IP source address field.

TCP or UDP source port field. You cannot specify the port and source-port match conditions in the same term.

In place of the numeric field, you can specify one of the text synonyms listed under destination-port.

TCP header format.

Prohibit installing received routes in the forwarding table.

Accept a packet. This is the default value.

Replace any communities in the route with the specified communities.

Discard a packet silently, without sending an Internet Control Message Protocol (ICMP) message.

Set a DSCP value for traffic that matches this flow. Specify a value from 0 through 63.

This action is supported only on Junos devices with MPCs that are configured for enhanced-ip mode.

Redirect (tunnel) this flow's traffic to given next-hop address.

Continue to the next match condition for evaluation.

Limit the bandwidth on the flow route. Express the limit in bits per second (bps).

Specify a routing instance to which packets are forwarded.

Sample the traffic on the flow route.

Define tracing operations that track all routing protocol functionality in the routing device.