[j-nsp] Filter-based forwarding query
Dave O' Meara
domeara at smarttelecom.ie
Wed Feb 15 11:30:41 EST 2006
Hi there,
I need to over-ride regular routing for three specific subnets, using
filter-based forwarding. Instead of these subnets routing to the
internet, I need to intercept packets destined for these subnets and
route them out of a directly-connected interface. I understand that I
need to create a new routing instance, but how do I keep this new
routing table minimal i.e. just directly-connected routes?
Should the config below work?
Thanks,
Dave
interfaces {
fe-0/0/1 {
unit 0 {
family inet {
no-redirects;
filter {
input policy_route;
}
address a.b.c.d/30;
}
}
}
}
firewall {
filter policy_route {
term intercept {
from {
destination-address {
e.f.g.0/24;
e.f.h.0/24;
e.f.j.0/24;
}
}
then {
routing-instance policy-route-table;
}
term default {
then accept;
}
}
}
routing-instances {
policy-route-table {
instance-type forwarding;
routing-options {
static {
route e.f.g.0/24 next-hop 10.1.1.2;
route e.f.h.0/24 next-hop 10.1.1.2;
route e.f.j.0/24 next-hop 10.1.1.2; }
}
}
}
routing-options {
interface-routes {
rib-group inet policy-route-group;
}
rib-groups {
policy-route-group {
import-rib policy-route-table.inet.0;
}
}
}
More information about the juniper-nsp
mailing list