[j-nsp] PBR config help

Nalkhande Tarique Abbas ntarique at juniper.net
Sat Nov 14 11:01:31 EST 2009 

Samit,

Have a look here, rib-groups is what you may need.

http://www.juniper.net/techpubs/software/junos/junos82/swconfig82-policy
/html/firewall-config36.html


Hope it helps!

 
Thanks & Regards,
Tarique A. Nalkhande


-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net
[mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Samit
Sent: Saturday, November 14, 2009 9:01 PM
To: juniper-nsp at puck.nether.net
Subject: [j-nsp] PBR config help

Hi gurus,

I am looking for following cisco PBR example equivalent config for junos
and work.

interface GigabitEthernet0/0
 description WAN1-primary
 ip address 192.168.1.1 255.255.255.0

interface GigabitEthernet0/1
 description WAN2-secondary
 ip address 192.168.2.1 255.255.255.0

interface GigabitEthernet0/2
 description To LAN
 ip address 192.168.0.1 255.255.255.192
 ip policy route-map via-wan2

ip access-list extended pbr-test
 permit ip 192.168.10.0 0.0.0.255 any

route-map via-wan2 permit 10
 match ip address pppoe
 set ip next-hop 192.168.2.1

ip route 0.0.0.0 0.0.0.0 192.168.1.2

All traffic with source Ip address 192.168.10.0/24 will go via
192.168.2.1 secondary link remaining traffic will go via default route
192.168.1.2 primary link .

I tried the following in junos but it is not working and all traffic
just stuck, any tips would be appreciated..

[edit interfaces ge-0/0/0]
unit 0 {
    description "WAN1-primary";
    family inet {
        address 192.168.1.1/24;
    }
}

[edit interfaces ge-0/0/1]
unit 0 {
    description "WAN2-secondary";
    family inet {
        address 192.168.2.1/24;
    }
}

[edit interfaces ge-0/0/2]
unit 0 {
    description "LAN";
    family inet {
    filter {
            input via-WAN2;
        }
        address 192.168.0.1/24;
    }
}

[edit routing-options static]
route 0.0.0.0/0 next-hop 192.168.1.2;

[edit firewall filter via-WAN2]
term 1 {
    from {
        source-address {
            192.168.10.0/24;
        }
    }
    then {
        routing-instance pbr-test;
    }
}

[edit routing-instances]
pbr-test {
    instance-type forwarding;
    routing-options {
        static {
            route 0.0.0.0/0 {
                next-hop 192.168.2.1;
                resolve;
            }
        }
    }
}

Regards,
Samit



_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list