netsec-sig - Re: [Security-WG] Junos min-ttl and as regex backref feature
Subject: Internet2 Network Security SIG
List archive
- From: John Kristoff <>
- To: Jeff Bartig <>
- Cc:
- Subject: Re: [Security-WG] Junos min-ttl and as regex backref feature
- Date: Tue, 29 May 2018 11:16:42 -0500
- Ironport-phdr: 9a23:GfpirBO9HgZlzZCbb7Ul6mtUPXoX/o7sNwtQ0KIMzox0I/r8rarrMEGX3/hxlliBBdydt6oZzbKO+4nbGkU4qa6bt34DdJEeHzQksu4x2zIaPcieFEfgJ+TrZSFpVO5LVVti4m3peRMNQJW2aFLduGC94iAPERvjKwV1Ov71GonPhMiryuy+4ZLebxlIiTanfb9+MAi9oBnMuMURnYZsMLs6xAHTontPdeRWxGdoKkyWkh3h+Mq+/4Nt/jpJtf45+MFOTav1f6IjTbxFFzsmKHw65NfqtRbYUwSC4GYXX3gMnRpJBwjF6wz6Xov0vyDnuOdxxDWWMMvrRr0vRz+s87lkRwPpiCcfNj427mfXitBrjKlGpB6tvgFzz5LIbI2QMvd1Y6HTcs4ARWdZUMhfVzJPDJ6/YYQNAeoBJ+lXoJXyqVYVsRuzBxOhCP/zxjNUmHP727Ax3eQ7EQHB2QwtB9YAsHPUrNXzKawcVPq1zKjTzTXfaPNW1zn945XPfxAjvfGMXql9ftfPxkk3DQzFk1GQpZb7MDyIy+QAqm6W5PduW+Kojm4osQBxoj63y8cul4nJgIMVykja+iVj2oo1I8O3SFJ9bNW5E5VQrzmXO5V3T888X21lvTo2x7gYtZKlfCUG1JEqywDCZ/Cac4WF5w7sWPqLLjp6gX9pZbGyhxiy/EWl0eLzStO73EtPoyVeiNbBsm4B2hrO4cadUPR95F2u2TOX2gDT9O5EJUc0mLLBJJ4h2LEwjIITvV7CHi/xgkX5kLWaeVg69eiw8evnf7HmqoWCOIBplwHyKqUumsqhDuQkKgUCQWmW9fqg2LDm4UH0RatGguM2n6XFtZ3WO9kXqrO5DgJQzokv9wywAjWj3dgFnnQHIlJIdRecgIf1IV7CPfX1AuyljFmojjtn3/XGMafgApXJIHjDirDhfbNl5k5e1AozzstS6I9KBbEZOv3zR0vxuMbGARAkLgy42/znB8ll1oMCRWKPBbeUMKHJvlCS/OIvP+iMZIAOtTb8Lfgl++DhjWU/mVADYamlw4EbZ26lEfR7O0+Ze2bjgs8dEWcWuQozVPfqh0OeXj5OfXayXr485zEiBIOoAofOXYStgL2a3CenBZ1aeHpKClGKEXf0aYqEQfEMZzyOIsN/iDALS6WuS5JynS2p4S33xbQvBOPO5iwX/cbh3tFv++zcvRA06TFuCcmBiSeAQ3wizVkFXzsn4Kcqo1B+4l6D2LJgxf1fD9cV6/5RWxo+c5PQ0r9UEdf3DyDGftHBa0ynWcmhDz95GtAtwPcCbl50BtHkgxzeiXn5S4QJnqCGUcRnupnX2GL8coMkky7L
On Wed, 23 May 2018 21:50:49 -0500
Jeff Bartig
<>
wrote:
> Yes, I would be supportive of these features. I'd prioritize the back
> reference feature higher, since it is something that isn't possible
> today, while GTSM is possible, but not as easy as it could be.
So apparently the back reference exists already:
<https://www.juniper.net/documentation/en_US/junos/topics/reference/general/junos-cli-replace-command-regular-expressions.html>
I thought this page was referring to edit mode search and replace. I'm
guessing no one here who is still listening to me was aware of this
either. I'll play around with captures when I get a chance.
That leaves the GTSM proposal. After some discussion with some other
colleague in a big network, ingress GTSM support might be non-trivial,
but there may not be an easy way to get this functionality like there
is in IOS. One suggestion was to put GTSM-enabled peers in a BGP group
and then use an apply-path in a loopback filter on a ttl 255 filter.
Not crazy about using GTSM BGP groups, but I'll think on this one a
little more.
John
- [Security-WG] Junos min-ttl and as regex backref feature, John Kristoff, 05/18/2018
- Re: [Security-WG] Junos min-ttl and as regex backref feature, Andrew Gallo, 05/20/2018
- Re: [Security-WG] Junos min-ttl and as regex backref feature, Jeff Bartig, 05/24/2018
- Re: [Security-WG] Junos min-ttl and as regex backref feature, Dale W. Carder, 05/24/2018
- Re: [Security-WG] Junos min-ttl and as regex backref feature, John Kristoff, 05/29/2018
- Re: [Security-WG] Junos min-ttl and as regex backref feature, Jeff Bartig, 05/29/2018
- Re: [Security-WG] Junos min-ttl and as regex backref feature, John Kristoff, 05/29/2018
- Re: [Security-WG] Junos min-ttl and as regex backref feature, Jeff Bartig, 05/29/2018
Archive powered by MHonArc 2.6.19.