[j-nsp] SRX policy action to inject a route in a table??

Clarke Morledge chmorl at wm.edu
Fri Mar 18 09:57:26 EDT 2011


On Thu, 17 Mar 2011, Stefan Fouant wrote:

> Hi Clarke, Doug's suggestion of using a firewall-filter with an action of
> then routing-instance is probably the cleanest way to do this.  We call this
> Filter-Based Forwarding or FBF in Juniper speak but this is no different
> from Policy-Based Routing (PBR) on other vendor platforms.  Firewall-filters
> (stateless) are processed before stateful services so this wouldn't be an
> action that you find under the 'security policies' stanza of the
> configuration hierarchy, but rather would be configured under
> 'firewall-filters'.

Hi, Stefan,

Yes, the firewall filter idea is a good one, but I was hoping to leverage 
some of the more stateful and/or "screen" functions that the SRX has to 
achieve the same thing.

The event script concept is intriguing, but the challenge is how to 
trigger the event appropriately.

Clarke Morledge
College of William and Mary
Information Technology - Network Engineering
Jones Hall (Room 18)
Williamsburg VA 23187


More information about the juniper-nsp mailing list