[j-nsp] Filter based forwarding
Chris Evans
chrisccnpspam2 at gmail.com
Wed Dec 2 22:39:17 EST 2009
Yes, you are correct.. it doesn't make it back to the source. I don't have
any active routing protocols at all, so I pasted them all. We're just
relying on the default route and directly connected routes. If I set the
next-hop table to 'master.inet.0' it doesn't install the 0.0.0.0/0 route
into PBR.inet.0 at all..
root at JuniperM7i> show route extensive table inet.0
inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
Restart Complete
0.0.0.0/0 (1 entry, 1 announced)
TSI:
KRT in-kernel 0.0.0.0/0 -> {192.168.1.1}
*Static Preference: 5
Next hop type: Router, Next hop index: 614
Next-hop reference count: 3
Next hop: 192.168.1.1 via ge-1/3/0.0, selected
State: <Active Int Ext>
Age: 1:26:03
Task: RT
Announcement bits (1): 0-KRT
AS path: I
192.168.1.0/24 (1 entry, 0 announced)
*Direct Preference: 0
Next hop type: Interface
Next-hop reference count: 1
Next hop: via ge-1/3/0.0, selected
State: <Active Int>
Age: 1:26:03
Task: IF
AS path: I
192.168.1.252/32 (1 entry, 0 announced)
*Local Preference: 0
Next hop type: Local
Next-hop reference count: 6
Interface: ge-1/3/0.0
State: <Active NoReadvrt Int>
Age: 1:26:03
Task: IF
AS path: I
root at JuniperM7i> show route extensive table PBR.inet.0
PBR.inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
0.0.0.0/0 (1 entry, 1 announced)
TSI:
KRT in-kernel 0.0.0.0/0 -> {Table}
*Static Preference: 5
Next table: inet.0
Next-hop reference count: 3
State: <Active Int Ext>
Age: 22
Task: RT
Announcement bits (1): 0-KRT
AS path: I
172.16.1.128/25 (1 entry, 0 announced)
*Direct Preference: 0
Next hop type: Interface
Next-hop reference count: 1
Next hop: via ge-0/1/0.0, selected
State: <Active Int>
Age: 3:52:19
Task: IF
AS path: I
172.16.1.129/32 (1 entry, 0 announced)
*Local Preference: 0
Next hop type: Local
Next-hop reference count: 6
Interface: ge-0/1/0.0
State: <Active NoReadvrt Int>
Age: 3:52:20
Task: IF
AS path: I
On Wed, Dec 2, 2009 at 10:26 PM, Nilesh Khambal <nkhambal at juniper.net>wrote:
> So, are you saying that by adding a default route pointing to the inet.0
> table (default routing table) the return traffic is not getting routed to
> via inet.0 via appropriate egress interface?
>
> Is there any another more specific route in PBR.inet.0 for the return
> traffic destination?
>
> Is there a route for the return traffic destination in inet.0 point to the
> correct egress interface?
>
> Can you post “show route a.b.c.d extensive table PBR.inet.0” and then “show
> route a.b.c.d extensive”?
>
> Thanks,
> Nilesh
>
>
> On 12/2/09 7:21 PM, "Chris Evans" <chrisccnpspam2 at gmail.com> wrote:
>
> Just tried that, no dice.. I also tried 'master.inet.0' with no luck.
>
> If I pull the interfaces out of the global routing instance, I can
> successfully use a firewall filter to forward how I need it to.
> Unfortunately it just doens't work with interfaces are in the default
> instance..
>
> Thanks
>
> Chris
>
>
> On Wed, Dec 2, 2009 at 10:11 PM, Nilesh Khambal <nkhambal at juniper.net>
> wrote:
>
>
>
> On 12/2/09 7:10 PM, "Nilesh Khambal" <nkhambal at juniper.net> wrote:
>
> > - set virtual-router PBR routing-options static route 0.0.0.0/0 <
> http://0.0.0.0/0> next-table
> > inet.0
>
> Sorry the syntax should be
>
> - set routing-instances PBR routing-options static route 0.0.0.0/0 <
> http://0.0.0.0/0>
> next-table inet.0
>
> Thanks,
> Nilesh.
>
>
>
>
More information about the juniper-nsp
mailing list