[j-nsp] Addressing fxp0
Levent Ogut
levent.ogut at gmail.com
Tue Apr 25 10:25:43 EDT 2006
how about:
creating an export policy to the forwarding table that deny the direct
route learnt from the fxp0 addressing.
So you will end up installing the OOB route that has been learned by
other means, i.e routing protocol / static; assuming it is advertised
by firewall or configured as static.
fxp0 packets are not forwarded through the box (punted to RE) so I
think it will not affect your own OOB to the juniper box as well.
HTH, if you try please post the results.
assuming 1.1.1.0/24 is your OOB network:
under "routing-options" stanza
forwarding-table {
export deny-fxp0-to-forwarding-table;
}
under "policy-options" stanza
policy-statement deny-fxp0-to-forwarding-table {
from {
protocol direct;
route-filter 1.1.1.0/24 exact;
}
then reject;
}
More information about the juniper-nsp
mailing list