Junos OS

last person joined: 7 days ago 

Ask questions and share experiences about Junos OS.

  • 1.  BGP with Junos with Enhenced Services

    Posted 07-22-2009 04:28

    Hi,

     

    If I want to enable BGP routing on a J-Series device running Junos with advanced services, do I have to create a policy permitting BGP traffic or is it automatically enabled by default.

     

    Regards,

    Dominik



  • 2.  RE: BGP with Junos with Enhenced Services
    Best Answer

    Posted 07-23-2009 01:17

    Hi Dominik,

     

    You will have to explicitly define what protocols you allow or not, over what interfaces etc..

     

    zones {
        security-zone trust {
            tcp-rst;
            interfaces {
                ge-0/0/0.0 {
                    host-inbound-traffic {
                        system-services {
                            http;
                            https;
                            ssh;
                            telnet;
                            dhcp;
                        }
                        protocols {   <<<<<<<
                            all;  
                        }
                    }
                }
              }
           }
       

    HTH,

    -A



  • 3.  RE: BGP with Junos with Enhenced Services

    Posted 07-24-2009 00:13

    Security policy is not needed for self traffic which includes dynamic routing protocols. This assumes that your J-Series router will be the BGP peer. But as Antares stated, you do have to enable host-inbound-traffic protocol bgp for whichever interface you will be peering BGP on.

     

    -Richard



  • 4.  RE: BGP with Junos with Enhenced Services

    Posted 07-24-2009 00:16

    Great input guys. I will make myself more familiar with the ES features in the near future but for the moment, this was enough.

     

    Kind regards,

    Dominik