Routing

last person joined: 3 days ago 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.

  • 1.  One-arm Router / EX4200 virtual routing Problem

    Posted 01-10-2011 05:44

    Hi,

     

    maybe the following is just some weird newcomer question, so sorry if i wasted anybodys time.

     

    As far as i understand i'm trying to build a One-Arm Router Deployment, (but actually i only found the description in the security paper, no configuration examples)

     

    i've made a short sketch here:

    https://docs.google.com/drawings/edit?id=1P3NTCJg5CC4VJ0tkZVFNFibJoMknlGdOQwlfgch4lfo&hl=en&authkey=CMO4kIEL

    to show my scenario.

     

    an EX4200 is connected to a network, from which i would like to access a server connected to switch "random switch (i dont care about the model soon as traffice lands there im good;)".

    traffic should be routed from EX to an SRX, (for firewall stuff), then back to EX, from there to switch "r". everything should be fully routed, so i can see errors in traceroute..)

    i think i'm good with SRX and security zones, policies, so no problem there, just don't understand the EX part.


    first question: is this even possible? (i think i have to somehow put the address of "server" into the routing table "twice", once to enter the srx, once to be actually routed to switch. tried virtual-router instances in "routing-instance", with assigned interfaces, but i couldnt even connect to the EX any more.)

     

    i dont want anyone to give me a full solution (if there is one), just some hint like if there's a scenario on the juniper support or KB i could read. (and no, i dont want to put srx between EX and network1;)

     

    thanks in advance

    chris



  • 2.  RE: One-arm Router / EX4200 virtual routing Problem
    Best Answer

    Posted 01-10-2011 06:25

    Hello,

    I see nothing complicated here. If you want your traffic L3-routed between ge-0/0/0 & ge-0/0/5, also between ge-0/0/6 and ge-0/0/23 then here is a hint for you:

    1/ 2 virtual routers VR1 and VR2

    2/ ge-0/0/0 and ge-0/0/5 inside VR1

    3/ ge-0/0/6 and ge-0/0/23 inside VR2

    4/ 2 static routes inside VR1: towards server and towards client

    5/ 2 static routes inside VR2: towards server and towards client

    6/ now, if you want to accessEX, manage EX and/or SNMP-poll EX via either ge-0/0/0,5,6 or 23, things become slightly more complex...Not all protocols supported inside routing instance, prime example is NTP. If you could reserve another port for EX mgmt and/or use me0/vme0 for management this will make your life much easier in the long run.

    HTH

    Rgds

    Alex



  • 3.  RE: One-arm Router / EX4200 virtual routing Problem

    Posted 01-12-2011 06:59

    thanks a ton,

    i had tried about the same configuration before, didnt work then, so i tried to find different ways. and now looked back into it, because of you.

     

    now i stumbled upon the option 

    routing-instance > instance-type

     

    (which i had not set before) and now i feel pretty stupid. ( and happy ofcourse Smiley Very Happy )