[j-nsp] Addressing fxp0

Levent Ogut levent.ogut at gmail.com
Tue Apr 25 10:25:43 EDT 2006


how about:

creating an export policy to the forwarding table that deny the direct
route learnt from the fxp0 addressing.
So you will end up installing the OOB route that has been learned by
other means, i.e routing protocol / static; assuming it is advertised
by firewall or configured as static.

fxp0 packets are not forwarded through the box (punted to RE)  so I
think it will not affect your own OOB to the juniper box as well.

HTH, if you try please post the results.

assuming 1.1.1.0/24 is your OOB network:

under "routing-options" stanza
forwarding-table {

    export deny-fxp0-to-forwarding-table;

}

under "policy-options" stanza
policy-statement deny-fxp0-to-forwarding-table {
from {
protocol direct;
route-filter 1.1.1.0/24 exact;
}
then reject;
}



More information about the juniper-nsp mailing list