[j-nsp] Firewall filter help.
Mike Sumrall
msumrall at ic2net.net
Fri Nov 21 16:12:24 EST 2003
Hello all,
I am new to this List and also the Juniper. I have just installed a
customer that uses about 70M worth of B/W. Since I am running a multi-homed
BGP environment and, I only have B/W to support 70M worth of traffic on one
of my providers, I need to hard code this new customer to that provider.
Not knowing what the best way to do this is, I decided to implement a
firewall filter (not sure what other options I have?). I already had a
firewall set up for another customer (filter AAA below) which seemed to work
just fine so I figured that I could do the same thing but, every time I
apply the filter to my customers interface all of their traffic goes to
zero. I've checked all of my resources for help but to no avail. I am
running Juniper M10 with ver 5.6r1.3. Filter AAA seems to work fine, filter
CCC (what I am trying to implement) does not work. This may be simple to
you guys but I am stumped. I know I must be doing something wrong but I
cannot figure it out, Please help. Thanks in advance.
Juno# show firewall
family inet {
filter AAA {
term main {
from {
source-prefix-list {
AAA;
}
}
then routing-instance BBB;
}
term Default {
then accept;
}
}
filter CCC {
term main {
from {
source-address {
1.1.1.1/32;
}
}
then routing-instance DDD;
}
term Default {
then accept;
}
}
}
Juno# show routing-instances
DDD {
instance-type forwarding;
routing-options {
static {
route 0.0.0.0/0 next-hop 3.3.3.3;
}
}
}
BBB {
instance-type forwarding;
routing-options {
static {
route 0.0.0.0/0 next-hop 2.2.2.2;
}
}
}
Thanks,
-Mike
msumrall at ic2net.net
More information about the juniper-nsp
mailing list