[j-nsp] srx210 interesting difficulty with managed layer 3 setup .
Georgios Vlachos
g.vlachos at kestrel-is.gr
Tue Jul 16 15:30:01 EDT 2013
You have two options actually:
L2circuit (Martini circuit) or VPLS (BGP based) over MPLS over GRE over
IPsec!
p.s. watch out for fragmentation issues due to the encapsulation overhead.
-----Original Message-----
From: juniper-nsp [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of
Mr. James W. Laferriere
Sent: Tuesday, July 16, 2013 9:16 PM
To: juniper-nsp at puck.nether.net
Subject: [j-nsp] srx210 interesting difficulty with managed layer 3 setup .
Hello All , We've a vendor that is providing us a l3 managed
interconnect to one of our branch locations . Both of our branches have a
internet feeds & we were looking to do some method of internet backup
connection .
Now the proposed configuration:
I1()<--->B1<--->srx1<--ipsec-->srx2<->B2<--->I2()
internet Branch Managed Managed Branch internet
The ipsec section is required by management . No unencrypted data
outside of our control space(-;) .
What we'd like to do:
Is run ospf on our B1 & B2 devices which are not srx's to propigate
the
default when one or the other looses connectivity .
Distance between B1 & B2 is negligible as far as latency is
concerned .
But our ospf announcements are NOT allowed in the vendors network as
they are running ospf .
Is there some method of configuring the srx's to have the interface
at B1 at srx1 be hard mapped to pass all traffic to the srx2 at B2 ? So
that we
can run ospf ?
Tia , JimL
--
+------------------------------------------------------------------+
| James W. Laferriere | System Techniques | Give me VMS |
| Network&System Engineer | 3237 Holden Road | Give me Linux |
| babydr at baby-dragons.com | Fairbanks, AK. 99709 | only on AXP |
+------------------------------------------------------------------+
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list