Fxp0 and Public IP's question

jmartinez · ‎09-28-2009

Hi to all,

I have two questions about SRX, the first is that i only can get access to interface fxp0.0 (ge-0/0/0 in my srx240) if i'm in the same subnet of the configured ip, even if a have configured a backup-router statetement or even if i am accessing to the primary device, is this situation correct?

The other question is if a i have 2 public IP's (assigned to me from my ISP) can i configure this IP's in two differents interfaces of the firewall, even if they're in the same subnet? i think that to do this is not possible with SCREENOS.

Thanks and regards.

aarseniev · ‎08-21-2009

Hello there,

To answer Your questions:

Answer #1:

--You have to configure specific static routes with next-hop on fxp0.0-attached subnet to be able to route traffic out of master RE's fxp0.0 beyond 1st hop. "backup-router" knob only works when RPD is not up on master RE, or on backup RE.

Answer #2:

--usually JUNOS issues a warning when You assign two IP@ from same subnet to two different logical interfaces inside the same routing-instance but commits the config nevertheless. Beware though that outgoing interface choice between two interfaces with IP@ from the same subnet, and residing inside the same routing-instance (be it inet.0 or otherwise) is not deterministic: if you configure a static route with next-hop residing on said subnet, the outgoing interface choice may change between interface flaps or reboots or RPD restarts.

HTH

Regards

Alex

___________________________________
Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !

jmartinez · ‎09-28-2009

Thanks for the reply!!!

Fxp0 and Public IP's question

Re: Fxp0 and Public IP's question

Re: Fxp0 and Public IP's question