[j-nsp] Addressing fxp0
Levent Ogut
levent.ogut at gmail.com
Tue Apr 25 10:40:58 EDT 2006
thinking again I am being slow, that will not work,
unless the two routes have same preference.
On 25/04/06, Levent Ogut <levent.ogut at gmail.com> wrote:
> how about:
>
> creating an export policy to the forwarding table that deny the direct
> route learnt from the fxp0 addressing.
> So you will end up installing the OOB route that has been learned by
> other means, i.e routing protocol / static; assuming it is advertised
> by firewall or configured as static.
>
> fxp0 packets are not forwarded through the box (punted to RE) so I
> think it will not affect your own OOB to the juniper box as well.
>
> HTH, if you try please post the results.
>
> assuming 1.1.1.0/24 is your OOB network:
>
> under "routing-options" stanza
> forwarding-table {
>
> export deny-fxp0-to-forwarding-table;
>
> }
>
> under "policy-options" stanza
> policy-statement deny-fxp0-to-forwarding-table {
> from {
> protocol direct;
> route-filter 1.1.1.0/24 exact;
> }
> then reject;
> }
>
More information about the juniper-nsp
mailing list