Hi Guy,
> - From a brief check, your config looks OK. I've certainly had FBF
> running successfully on an M5 in our lab. It looks to me like you're
> not actually using 5.0R2.4 (inet6??? ;-). I had some issues with
> interface groups which were fixed in 5.0R2.4 (not in 5.0R1) but you
> don't appear to be using them.
Yes I'm using 5.0R2.4, I also downgraded today to 4.4R4.1 and still
have the same problem.
Thanks,
Kimmo Liikonen / PHNet Internet Services
> > -----Original Message-----
> > From: Kimmo Liikonen [mailto:kimmo-juniper-nsp@sneezy.phnet.fi]
> > Sent: Thursday, October 25, 2001 6:38 PM
> > To: juniper-nsp@puck.nether.net
> > Subject: JunOS 5.0R2.4 and Filter Based Forwarding (FBF) with M5
> >
> >
> > Hi All,
> >
> > I am testing a Juniper M5 router and trying to get filter
> > based forwarding
> > to work properly. The problem are interface routes, they
> > aren't exported to
> > forwarding tables and traffic to interface addresses is going
> > via default-
> > route. If I remove "filter input policy" from fe-0/2/3
> > interface then traffic
> > to interface addresses works fine.
> >
> > Interface routes are exported to routing tables:
> >
> > kimmo@test-core1> show route summary
> > Router ID: XXX.XXX.XXX.XXX
> >
> > inet.0: 14 destinations, 14 routes (13 active, 0 holddown, 1
> > hidden)
> > Direct: 7 routes, 6 active
> > Local: 6 routes, 6 active
> > Static: 1 routes, 1 active
> >
> > test1-routing-table.inet.0: 14 destinations, 14 routes (13 active,
> > 0 holddown, 1 hidden)
> > Direct: 7 routes, 6 active
> > Local: 6 routes, 6 active
> > Static: 1 routes, 1 active
> >
> > test2-routing-table.inet.0: 14 destinations, 14 routes (13 active,
> > 0 holddown, 1 hidden)
> > Direct: 7 routes, 6 active
> > Local: 6 routes, 6 active
> > Static: 1 routes, 1 active
> >
> > But not to every forwarding table:
> >
> > kimmo@test-core1> show route forwarding-table summary
> > Internet:
> > user: 1 routes
> > perm: 4 routes
> > intf: 13 routes
> > dest: 27 routes
> >
> > Routing table:: test1-routing-table.inet
> > Internet:
> > user: 1 routes
> > perm: 4 routes
> >
> > Routing table:: test2-routing-table.inet
> > Internet:
> > user: 1 routes
> > perm: 4 routes
> >
> > Routing table:: inet6
> > Internet6:
> > perm: 1 routes
> >
> > Routing table:: ccc
> > MPLS:
> >
> > According to the JunOS 5.0 documentation, configs should be right:
> >
> > interfaces {
> > fe-0/2/3 {
> > unit 0 {
> > family inet {
> > no-redirects;
> > filter {
> > input policy;
> > }
> > address 172.21.1.1/24;
> > address 10.0.1.1/24;
> > }
> > }
> > }
> > }
> >
> > routing-options {
> > interface-routes {
> > rib-group inet common;
> > }
> > rib-groups {
> > common {
> > import-rib [ inet.0 test1-routing-table.inet.0
> > test2-routing-table.inet.0 ];
> > }
> > }
> > }
> >
> > firewall {
> > filter policy {
> > term 1 {
> > from {
> > source-address {
> > 172.21.1.1/24;
> > }
> > }
> > then {
> > routing-instance test1-routing-table;
> > }
> > term 2 {
> > from {
> > source-address {
> > 10.0.1.1/24;
> > }
> > }
> > then {
> > routing-instance test2-routing-table;
> > }
> > term default {
> > then accept;
> > }
> > }
> > }
> >
> > routing-instances {
> > test1-routing-table {
> > instance-type forwarding;
> > routing-options {
> > static {
> > route 0.0.0.0/0 next-hop 172.21.0.1;
> > }
> > }
> > }
> > test2-routing-table {
> > instance-type forwarding;
> > routing-options {
> > static {
> > route 0.0.0.0/0 next-hop 10.0.0.1;
> > }
> > }
> > }
> > }
> >
> > Any hints are welcome, thanks.
> >
> > Kimmo Liikonen / PHNet Internet Services
> >
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 7.0.1
>
> iQA/AwUBO9kbRY3dwu/Ss2PCEQLzMQCfZfH3PU+jDb5DJNARH3EmMQyDy2EAoL3q
> tExgk18ixnG3TRS6P5gxO6BV
> =4tg2
> -----END PGP SIGNATURE-----
>
>
> --------------------------------------------------------
> Don't miss the 28th Telindus International Symposium on
> Thursday, 25 October 2001, Brussels Expo, Belgium.
> Check out the programme and register now for free:
> http://www.telindussymposium.com
> --------------------------------------------------------
This archive was generated by hypermail 2b29 : Mon Aug 05 2002 - 10:42:37 EDT