SRX

last person joined: 12 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  Source Based Routing

    Posted 09-20-2009 01:40

    Hi,

     

    how can i configure source based routing under the srx210 ?

     

    thanks.

     

    edit by myself :

    ##############

    found the solution :

    my network is 192.168.49.0/24 and i want that client 192.168.49.5 is routed thrue 192.168.10.1 instead of my default route.

     

    set routing-instances REDIRECT-100-0 instance-type forwarding
    set routing-instances REDIRECT-100-0 routing-options static route 0.0.0.0/0 next-hop 192.168.10.1

     

    set routing-options interface-routes rib-group inet all-ribs
    set routing-options rib-groups all-ribs import rib [ inet.0 REDIRECT-100-0.inet.0 ]

    set firewall family inet filter ROUTE-MAP-NET-100-0 term 1 from source-address 192.168.49.5/32

    set firewall family inet filter ROUTE-MAP-NET-100-0 term 1 then then routing-instance REDIRECT-100-0
    set firewall family inet filter ROUTE-MAP-NET-100-0 term 2 then accept

    set interfaces ge-0/0/1 unit 0 family inet filter input ROUTE-MAP-NET-100-0

     

    Message Edited by Piccolo on 09-20-2009 01:14 PM
    Message Edited by Piccolo on 09-20-2009 01:16 PM


  • 2.  RE: Source Based Routing
    Best Answer

    Posted 09-21-2009 18:43

    If you want your client to be able to ping its default gateway, it is better to exclude packets, addressed to own SRX address, from FBF:

    set firewall family inet filter ROUTE-MAP-NET-100-0 term exclude-to-own from address <SRX interface address>/32

    set firewall family inet filter ROUTE-MAP-NET-100-0 term exclude-to-own then accept

    insert firewall family inet filter ROUTE-MAP-NET-100-0 term exclude-to-own before term 1