[j-nsp] PBR Cisco vs Juniper
Edson Cardoso
ecardoso at qos.com.br
Thu Oct 21 11:29:16 EDT 2004
Tnks all for help .. :)
-----Original Message-----
From: Pedro Roque Marques [mailto:roque at juniper.net]
Sent: Wednesday, October 20, 2004 18:43
To: Edson Cardoso
Cc: juniper-nsp at puck.nether.net
Subject: Re: [j-nsp] PBR Cisco vs Juniper
Edson Cardoso writes:
> All, I'm facing some problems trying to convert the Cisco conf below
> to Junos world...The problem is how can I change the next-hop based
> on source-address.... Here is the Cisco conf:
> interface GigabitEthernet 0/0/0
> ip policy route-map noc
>
> access-list 51 permit 200.221.31.106
> access-list 51 permit 200.221.62.0 0.0.0.255
> access-list 51 permit 200.221.64.0 0.0.0.31
> access-list 51 permit 200.221.136.0 0.0.3.255
> access-list 51 permit 200.221.160.0 0.0.15.255
> access-list 51 permit 200.147.208.0 0.0.15.255
>
> route-map noc permit 20
> match ip address 51
> set ip default next-hop 200.221.31.121
> Any help ??
start with:
interface ge-0/0/0 unit 0 family inet filter input noc
firewall filter noc {
term a {
from destination-prefix-list 51;
then routing-instance noc;
}
}
routing-instances {
noc {
instance-type forwarding;
routing-options static route 0/0 next-hop 200.221.31.121 resolve;
}
}
Now if the interface torwards the noc address doesn't really have
anything else you can add that interface to the noc instance and be
done w/ it.
Otherwise... for instance, if it is in a shared media, you are going
to have to add something like:
policy-options policy-statement import-direct-rt-to-noc {
term a {
from {
instance master;
protocol direct;
interface <x>;
}
then accept;
}
then reject;
}
routing-instances noc routing-options {
instance-import import-direct-rt-to-noc;
}
Or you can also do it via a rib-group that applies to interface-routes
(exercise left to the reader).
cheers,
Pedro.
More information about the juniper-nsp
mailing list