SRX Interface設定
I/F Enable/Disable (物理的にDown, Ciscoでいうadmin down)
set interfaces [I/F] disable delete interfaces [I/F] disable
I/F activate/deactivate (物理的にはUP, Configはあるが機能しない状態になる)
deactivate interfaces [I/F] activate interfaces [I/F]
I/Fの説明を設定
set interfaces [I/F] unit [UNIT] description [TEXT]
Speed/Duplex
set interfaces [I/F] speed [SPEED] set interfaces [I/F] link-mode [MODE]
IP Addressの割り当て
set interfaces [I/F] unit [UNIT] family inet address [ADDRESS]/[PREFIX]
DHCP Addressの割り当て
set interfaces [I/F] unit [UNIT] family inet dhcp
MTU
set interfaces [I/F] unit [UNIT] family inet [MTU]
MSS
set security flow tcp-mss all-tcp mss [MSS]
Loopback I/Fの設定
set interfaces lo0 unit [UNIT] family inet address [ADDRESS]/[PREFIX]
Vlan I/Fの作成 (CiscoでいうSubInterface[SVI])
set interfaces [I/F] vlan-tagging set interfaces [I/F] unit [UNIT] vlan-id [VLAN]
ProxyARPの設定
- restricted: 自身が対象IPの情報を持っている、かつ送信元と送信先のセグメントが異なる場合のみ応答
- unrestricted: 自身が対象IPの情報を持っていれば、すべて応答
set interfaces [I/F] unit [UNIT] proxy-arp [restricted/unrestricted]
I/FにZoneを割り当てる
set security zones security-zone [ZONE] interfaces [I/F]
MAC-Addressフィルタリング
- [gigether-options]はI/Fによって[gig]の部分が異なる
set interfaces [I/F] gigether-options source-filtering set interfaces [I/F] gigether-options source-address-filter [MAC]
PPPoE
PPPoEの設定はこちら
