I've got a number of SRX300's in my lab. I have found that I cannot get them to distribute a static default route to another SRX300. Routes for directly connected networks are being distributed. Any ideas?
Thanks
version 15.1X49-D45;
system {
host-name ns-firewall;
...
}
routing-options {
static {
route 0.0.0.0/0 next-hop 24.aa.bb.153;
}
generate {
route 0.0.0.0/0 discard;
}
router-id 10.128.1.5;
}
protocols {
ospf {
export [ export-connected export-default-route ];
area 0.0.0.0 {
interface ge-0/0/1.0 {
authentication {
simple-password "zzzzzzzzzzzzzzzzzzzzz";
}
}
}
}
}
policy-options {
policy-statement export-connected {
term t1 {
from {
protocol direct;
interface [ ge-0/0/0.0 ge-0/0/2.0 lo0.0 ];
}
then {
metric 20;
preference 60;
external {
type 1;
}
accept;
}
}
term reject {
then reject;
}
}
policy-statement export-default-route {
term export-default-route-t1 {
from {
protocol static;
route-filter 0.0.0.0/0 exact;
}
then accept;
}
term default {
then reject;
}
}
}
me@ns-firewall> show route
inet.0: 12 destinations, 14 routes (12 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
0.0.0.0/0 *[Static/5] 20:01:04
> to 24.aa.bb.153 via ge-0/0/5.0
10.5.1.1/32 *[Local/0] 20:01:04
Reject
10.5.2.1/32 *[Local/0] 20:01:04
Reject
10.5.3.1/32 *[Local/0] 20:01:04
Reject
10.5.254.0/24 *[Direct/0] 20:01:04
> via lo0.0
10.5.254.1/32 *[Local/0] 20:01:04
Local via lo0.0
10.128.1.0/24 *[Direct/0] 20:01:04
> via ge-0/0/1.0
10.128.1.5/32 *[Local/0] 20:01:04
Local via ge-0/0/1.0
24.aa.bb.144/28 *[Direct/0] 20:01:04
> via ge-0/0/5.0
[Direct/0] 20:01:04
> via ge-0/0/5.0
24.aa.bb.157/32 *[Local/0] 20:01:04
Local via ge-0/0/5.0
24.aa.bb.158/32 *[Local/0] 20:01:04
Local via ge-0/0/5.0
224.0.0.5/32 *[OSPF/10] 20:01:04, metric 1
MultiRecv
me@ns-firewall> show ospf database
OSPF database, Area 0.0.0.0
Type ID Adv Rtr Seq Age Opt Cksum Len
Router 10.128.1.2 10.128.1.2 0x8000001a 2091 0x22 0xc915 36
Router *10.128.1.5 10.128.1.5 0x80000019 2841 0x22 0xc511 36
Network *10.128.1.5 10.128.1.5 0x80000018 2091 0x22 0x4b98 32
OSPF AS SCOPE link state database
Type ID Adv Rtr Seq Age Opt Cksum Len
Extern *10.5.1.0 10.128.1.5 0x80000019 591 0x22 0xc89d 36
Extern *10.5.254.0 10.128.1.5 0x80000019 1341 0x22 0xde89 36
me@ns-firewall> test policy export-default-route 0.0.0.0/0
inet.0: 12 destinations, 14 routes (12 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
0.0.0.0/0 *[Static/5] 19:55:32
> to 24.aa.bb.153 via ge-0/0/5.0
Policy export-default-route: 1 prefix accepted, 11 prefix rejected
version 15.1X49-D45;
system {
host-name osk-firewall;
...
}
routing-options {
static {
route 0.0.0.0/0 next-hop 192.168.0.1;
}
router-id 10.128.1.2;
}
protocols {
ospf {
export [ export-connected exportstatic1 ];
area 0.0.0.0 {
interface ge-0/0/1.0 {
authentication {
simple-password "zzzzzzzzzzzzzzzzzzzz";
}
}
}
}
}
policy-options {
policy-statement export-connected {
term t1 {
from {
protocol direct;
interface [ ge-0/0/0.0 ge-0/0/2.0 ];
}
then {
metric 20;
preference 60;
external {
type 1;
}
accept;
}
}
term reject {
then reject;
}
}
policy-statement exportstatic1 {
term exportstatic1t1 {
from {
protocol static;
route-filter 0.0.0.0/0 exact;
}
then accept;
}
term default {
then reject;
}
}
}
me@osk-firewall> show route
inet.0: 10 destinations, 10 routes (10 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
0.0.0.0/0 *[Static/5] 00:07:00
> to 192.168.0.1 via ge-0/0/5.0
10.2.1.1/32 *[Local/0] 20:01:01
Reject
10.2.2.1/32 *[Local/0] 20:01:01
Reject
10.2.3.1/32 *[Local/0] 20:01:01
Reject
10.5.254.0/24 *[OSPF/150] 20:00:12, metric 21, tag 0
> to 10.128.1.5 via ge-0/0/1.0
10.128.1.0/24 *[Direct/0] 20:01:01
> via ge-0/0/1.0
10.128.1.2/32 *[Local/0] 20:01:01
Local via ge-0/0/1.0
192.168.0.0/24 *[Direct/0] 00:07:00
> via ge-0/0/5.0
192.168.0.254/32 *[Local/0] 20:01:01
Local via ge-0/0/5.0
224.0.0.5/32 *[OSPF/10] 20:01:01, metric 1
MultiRecv
me@osk-firewall> show ospf database
OSPF database, Area 0.0.0.0
Type ID Adv Rtr Seq Age Opt Cksum Len
Router *10.128.1.2 10.128.1.2 0x8000001a 2551 0x22 0xc915 36
Router 10.128.1.5 10.128.1.5 0x8000001a 303 0x22 0xc312 36
Network 10.128.1.5 10.128.1.5 0x80000018 2553 0x22 0x4b98 32
OSPF AS SCOPE link state database
Type ID Adv Rtr Seq Age Opt Cksum Len
Extern 10.5.1.0 10.128.1.5 0x80000019 1053 0x22 0xc89d 36
Extern 10.5.254.0 10.128.1.5 0x80000019 1803 0x22 0xde89 36
me@osk-firewall> test policy exportstatic1 0.0.0.0/0
inet.0: 10 destinations, 10 routes (10 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
0.0.0.0/0 *[Static/5] 00:00:51
> to 192.168.0.1 via ge-0/0/5.0
Policy exportstatic1: 1 prefix accepted, 9 prefix rejected