Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from JUNOS Automation Cookbook Automate network devices on Juniper's operating system

Product type Paperback

Published in Sep 2017

Publisher Packt

ISBN-13 9781788290999

Length 382 pages

Edition 1st Edition

Tools

Juniper

Concepts

Networking

Author (1):

Adam Chappell

View More author details

Table of Contents (10) Chapters

Preface

1. Configuring JUNOS through NETCONF

2. Working with the Junos REST API FREE CHAPTER

3. Using SLAX to Write Op Scripts

4. Event Programming

5. Automating JUNOS with PyEZ

6. Advanced Visualization Applications

7. Monitoring and Maintaining JUNOS

8. Security Applications

9. Extending JUNOS with Ansible

Operating a distributed ACL function

In this recipe, we'll develop a capability to rapidly deploy packet filters to all devices in our network, making use of BGP to transport the specification of the packet filter rules to all the routers in our network. The capability, defined formally in IETF RFC 5575 and often informally called FlowSpec, is particularly useful in defending large networks against distributed DOS attacks.

It's important to note that these are not full-on session-based firewall rules, but rather a specification of packet-level characteristics that can be applied to incoming traffic in order to determine if special handling is needed. In our case, we'll take a specification of packets based on the following fields in the IP header and we will apply the discard action.

Source address
Destination address
Source TCP/UDP port
Destination TCP/UDP port...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Chappell

Adam Chappell first cut his teeth in the networking world in 1995 after an opportunity in Finchley, North London, at what would become one of the pioneering dial-up Internet ISPs in the United Kingdom. His early forays into network automation generally involved cron, Perl, expect, and a healthy dose of hope and luck. As the commercial networking market matured, he joined Interoute to develop one of the first large-scale European MPLS networks, leading the market in the provision of private packet networking. Adam was responsible for Interoute's unique network automation technology that seamlessly stitches together industry-standard MPLS VPNs and private cloud compute logical networks. Currently, he works in the thriving technology development team at Interoute, between London and Prague, focusing on network technologies, software, and security.

See other products by Chappell