[j-nsp] Interface policy route-map/next-hop

Neil Stirling neil.stirling at nortelnetworks.com
Tue Apr 1 11:26:26 EST 2003


>From the notes;
If the packet has a source address of 10.0.0.0/24, then destination-based
forwarding occurs using the next-hop1-table.
If the packet has a source address of 10.0.1.0/24, then destination-based
forwarding occurs using the next-hop2-table.
If a packet does not match either of these conditions, then the packet is
accepted by the filter, and
then destination-based forwarding occurs using the standard inet.0 routing
table.

Try this;

interfaces {
    fe-0/0/0 {
        unit 0 {
            family inet {
                filter {
                    input next-hop; /* all data is matched on input HERE */
                }
                address 10.0.0.1/24 { /* preferred IP address */
                    preferred;
                }
                address 10.0.1.1/24; /* logical secondary */
            }
        }
    }
}
routing-options {
	interface-routes {
	  rib-group inet nh-group;
	}
	rib-groups {
	  nh-group {
		import-rib [inet.0 next-hop1-table.inet.0
				next-hop2-table.inet.0];
	  }
	}
}
firewall {
    family inet {
        filter next-hop {
            term one {
                from {
                    source-address {
                        10.0.0.0/24;
                    }
                }
                then routing-instance next-hop1-table; /* selected routes
for SA 10.0.0.0/24 */
            }
            term two {
                from {
                    source-address {
                        10.0.1.0/24;
                    }
                }
                then routing-instance next-hop2-table; /* selected routes
for SA 10.0.1.0/24 */
            }
            term default {
                then {
                    accept; /* need this otherwise we will drop all other
routes !!*/
                }
            }
        }
    }
}
routing-instances {
    next-hop1-table {
	    instance-type forwarding;
	    routing-options {
			static {
				route 0.0.0.0/0 nexthop 192.168.0.1; /*
static default route */
			}
	    }
    }
    next-hop2-table {
	    instance-type forwarding;
	    routing-options {
			static {
				route 0.0.0.0/0 nexthop 192.168.1.1; /*
static default route */ 
			}
	    }
    }
}

------------------

It seems there has been a slight syntax change since the document
http://www.juniper.net/solutions/literature/white_papers/552003.pdf was
written (05/01).

routing-instances now have routing-options for static rather than directly
configured routes - quite logical.

Neil.

-----Original Message-----
From: Link King [mailto:king at kinger.net]
Sent: 31 March 2003 18:48
To: juniper-nsp at puck.nether.net
Subject: [j-nsp] Interface policy route-map/next-hop



Hi folks.

I'm in the process of converting Cisco configurations to Juniper and am
trying to setup a policy statement to set next-hop addresses on a physical
interface.  Setup on Cisco as follows:

interface FastEthernet0/0
 ip address 10.0.0.1 255.255.255.0
 ip address 10.0.1.1 255.255.255.0 secondary
 ip route-cache policy
 ip policy route-map next-hop
!
access-list 10 permit 10.0.0.0 0.0.0.255
access-list 10 deny any
access-list 20 permit 10.0.1.0 0.0.0.255
access-list 20 deny any
!
route-map next-hop permit 10
 match ip address 10
 set ip next-hop 192.168.0.1
!
route-map next-hop permit 20
 match ip address 20
 set ip next-hop 192.168.1.1

I'm struggling with how to set this up on a Juniper M5 (running 5.6R1.3 if
that matters).  Any help would be greatly appreciated.  Thanks!

Link King
king at kinger.net
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
http://puck.nether.net/mailman/listinfo/juniper-nsp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://puck.nether.net/pipermail/juniper-nsp/attachments/20030401/f7862c2f/attachment.htm


More information about the juniper-nsp mailing list