[j-nsp] interface-set using
juniper at arnes.si
juniper at arnes.si
Wed Oct 12 07:24:04 EDT 2005
Hi, Alexander!
I'm not sure -- are you talking about "Filter-Based Forwarding"? If so,
routing-instances must be used. Then you can use a firewall filter to set a
next hop for some specific traffic. Here is an example:
firewall {
family inet {
filter some-filter {
term some-term {
from {
/* some criteria */
}
then {
routing-instance FORWARD-TO-X;
}
}
}
}
}
routing-instances {
/* for filter-based forwarding */
FORWARD-TO-X {
instance-type forwarding;
routing-options {
static {
/* set next hop via interface X */
route 0.0.0.0/0 next-hop x.y.z.w;
}
}
}
}
routing-options {
rib-groups {
interface-rib {
import-rib [ inet.0 inet.2 FORWARD-TO-X.inet.0 ];
}
}
}
Regards,
Matjaz
In-reply-to: Your message dated: Tue, 11 Oct 2005 10:17:43 +0400
> Hi.
> Could anybody give an example of using interface-set in firewall filter
> rules (if its possible at all)?
>
> --
> Alexander
More information about the juniper-nsp
mailing list