[j-nsp] PBR config help

Ramesh Karki rameshkarki at gmail.com
Sat Nov 14 11:38:07 EST 2009 

Samit Dai,

Here is the complete Configuration for JunOS FBF :

JunOS#(edit prompt)
JunOS#set routing-instances pbr-test instance-type forwarding
JunOS#set routing-instances pbr-test routing-options static route
0.0.0.0/0next-hop 192.168.2.1
JunOS#commit
JunOS#set routing-options interface-routes rib-group inet all-ribs (it just
the name)
JunOS#set routing-options rib-groups all-ribs import rib [ inet.0
pbr-test.inet.0 ]
(make sure pbr-test similar to your routing-instances name, unless it won’t
work).
JunOS#commit
JunOS#set firewall family inet filter via-WAN2 term 1 from source-address
192.168.10.0/24
JunOS#set firewall family inet filter via-WAN2 term 1 then then
routing-instance pbr-test
JunOS#set firewall family inet filter via-WAN2 term 2 then accept
JunOS#commit
JunOS#interfaces ge-0/0/2 unit 0 family inet filter input via-WAN2
JunOS#commit

Thank you,

Ramesh
On Sat, Nov 14, 2009 at 9:15 PM, Samit <janasamit at wlink.com.np> wrote:

> Hi gurus,
>
> I am looking for following cisco PBR example equivalent config for junos
> and work.
>
> interface GigabitEthernet0/0
>  description WAN1-primary
>  ip address 192.168.1.1 255.255.255.0
>
> interface GigabitEthernet0/1
>  description WAN2-secondary
>  ip address 192.168.2.1 255.255.255.0
>
> interface GigabitEthernet0/2
>  description To LAN
>  ip address 192.168.0.1 255.255.255.192
>  ip policy route-map via-wan2
>
> ip access-list extended pbr-test
>  permit ip 192.168.10.0 0.0.0.255 any
>
> route-map via-wan2 permit 10
>  match ip address pppoe
>  set ip next-hop 192.168.2.1
>
> ip route 0.0.0.0 0.0.0.0 192.168.1.2
>
> All traffic with source Ip address 192.168.10.0/24 will go via
> 192.168.2.1 secondary link remaining traffic will go via default route
> 192.168.1.2 primary link .
>
> I tried the following in junos but it is not working and all traffic
> just stuck, any tips would be appreciated..
>
> [edit interfaces ge-0/0/0]
> unit 0 {
>    description "WAN1-primary";
>    family inet {
>        address 192.168.1.1/24;
>    }
> }
>
> [edit interfaces ge-0/0/1]
> unit 0 {
>    description "WAN2-secondary";
>    family inet {
>        address 192.168.2.1/24;
>    }
> }
>
> [edit interfaces ge-0/0/2]
> unit 0 {
>    description "LAN";
>    family inet {
>    filter {
>            input via-WAN2;
>        }
>        address 192.168.0.1/24;
>    }
> }
>
> [edit routing-options static]
> route 0.0.0.0/0 next-hop 192.168.1.2;
>
> [edit firewall filter via-WAN2]
> term 1 {
>    from {
>        source-address {
>            192.168.10.0/24;
>        }
>    }
>    then {
>        routing-instance pbr-test;
>    }
> }
>
> [edit routing-instances]
> pbr-test {
>    instance-type forwarding;
>    routing-options {
>        static {
>            route 0.0.0.0/0 {
>                next-hop 192.168.2.1;
>                resolve;
>            }
>        }
>    }
> }
>
> Regards,
> Samit
>
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>

More information about the juniper-nsp mailing list