[j-nsp] different default for different vlans
Cord MacLeod
cordmacleod at gmail.com
Fri Mar 20 21:51:35 EDT 2009
That would be great, and I thought of it just after I sent the email.
There's one big thing I'm missing though... except.
From an m7:
Possible completions:
<[Enter]> Execute this command
except Match address not in this prefix
From an ex4200:
<[Enter]> Execute this command
In other words, all of my traffic would hit this proxy and it would
break routing between the vlans if I use policy based routing and
can't use except.
On Mar 20, 2009, at 6:37 PM, Nilesh Khambal wrote:
> Can you try policy based routing using input firewall filter on EX?
> This was you can redirect the traffic to another forwarding-instance
> where your proxy resides. You will also have to take care of reverse
> routing from the proxy forwarding instance back to inet.0 on EX so
> that return traffic can go back to client VLANs.
>
> Thanks,
> Nilesh.
>
> Cord MacLeod wrote:
>> I feel silly for asking this, but apparently my brain isn't
>> working today.
>> I've got some machines in a public vlan, 100 and some RFC 1918
>> machines on another vlan, 120. I redistribute 0.0.0.0 in ospf
>> through my network down to these EX4200's that the machines are
>> hanging off of. Is there a way for my RFC 1918 machines to
>> default to different next hop (proxy machine) when not attempting
>> to route between vlans so they can hit outside. The way we do it
>> now is changing the default gateway on the machines. I'd like to
>> perform this automatically on the ex4200s if possible.
>> Any ideas?
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list