[j-nsp] Routing Instance for fxp0
Brian Fitzgerald
FitzgeraldB at camosun.bc.ca
Sun Nov 29 23:27:10 EST 2009
Hi All
Assuming you are on a M/MX/T series, you have the option of using a logical
router (logical system in 9.x and later). This allows you to totally
isolate the fxp0 OOB within it's own environment.
It's really simple with one RE
logical-systems {
MGMT {
interfaces {
fxp0 {
unit 0 {
family inet {
address 192.168.1.123/24;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 192.168.1.1;
}
}
}
}
With 2 REs its a little more complex. You can use pply-groups to configure
both RE's fxp0 interfaces with a live OOB IP, plus an IP that tracks with
the active (master) RE.
groups {
re0 {
logical-systems {
MGMT {
interfaces {
fxp0 {
unit 0 {
family inet {
address 192.168.1.121/24;
address 192.168.1.123.24 {
master-only;
}
}
}
}
}
}
}
}
re1 {
logical-systems {
MGMT {
interfaces {
fxp0 {
unit 0 {
family inet {
address 192.168.1.122/24;
address 192.168.1.123/24 {
master-only;
}
}
}
}
}
}
}
}
}
apply-groups [ re0 re1 ];
logical-systems {
MGMT {
routing-options {
static {
route 0.0.0.0/0 next-hop 192.168.1.1;
}
}
}
}
If you have a J/E/EX etc., I am afraid I am less help - don't have much
experience with those platforms.
Hope that helps
Brian Fitzgerald
Sr. Network & Security Admin.
ITS, Camosun College, Victoria, BC.
On 09-11-28 3:09 AM, "Alfred Schweder" <alf at all.de> wrote:
> Hello
>
> I'd like to seperate the routing instance of fxp0 for a real outband Mgmt
> Access.
> At our ciscos we configure:
>
> ip vrf InternalMgmt
> rd 42:42
> int eth0
> ip vrf forwarding InternalMgmt
> ip address 192.168.1.123 255.255.255.0
> ip route vrf InternalMgmt 0.0.0.0 0.0.0.0 192.168.1.1
>
> So we can make an outband mgmt acces, but the mgmt interface is seperated from
> the global routing, and the network can used for other purpose.
>
>
> At junos I cant configure it the same way:
>
> alf at M7i# set routing-instances mgmt instance-type no-forwarding interface
> fxp0.0
> alf at M7i# commit confirmed
> [edit routing-instances mgmt]
> 'interface fxp0.0'
> RT Instance: Interface fxp0.0 not supported under routing-instances.
> error: configuration check-out failed
>
>
> Is there an other way to do this seperation ?
>
> Thanks and regards,
More information about the juniper-nsp
mailing list