SRX Services Gateway
Reply
Visitor
mark1221
Posts: 7
Registered: ‎04-20-2012
0

Static Routes on SRX210

I have some static routes set-up but all traffic seems to hit the 0.0.0.0/0 route instead of the ones specified:

route 10.1.0.0/16 next-hop 10.2.2.13;
route 10.3.0.0/16 next-hop 10.2.2.13;

 

Any ideas?

 

Config attached.

 

 

 

Recognized Expert
JunOS_Fan
Posts: 241
Registered: ‎02-13-2012
0

Re: Static Routes on SRX210

Hi,

 

Did you check the the "show route" output ?   This should give you an idea of whats happening ?

 

Is 10.1.13.1 ( the next-hop of your default route ) in the same network of your ge-0/0/0 interface ?  I can see that all other interfaces are eth-switching interfaces mapped to vlan.0 whose network is 10.2.0.0/16.   Is the second next-hop 10.2.2.13 ( for other static routes- 10.1.0.0/16  and 10.3.0.0/16) reachable to your SRX ?

 

Whats the purpose of routing instance routing-table-lan ?

Best regards
Pradeep (JNCIP-SEC,ENT,SP)
www.networker.co.in
Visitor
mark1221
Posts: 7
Registered: ‎04-20-2012
0

Re: Static Routes on SRX210

Show route output:

 

mpoole@r1> show route

inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 05:33:22
> to 10.1.13.1 via ge-0/0/0.0
0.0.0.0/1 *[Direct/0] 05:33:22
> via ge-0/0/0.0
10.1.0.0/16 *[Static/5] 00:59:24
> to 10.2.2.13 via vlan.0
10.2.0.0/16 *[Direct/0] 05:33:21
> via vlan.0
10.2.1.1/32 *[Local/0] 05:34:01
Local via vlan.0
10.3.0.0/16 *[Static/5] 00:59:24
> to 10.2.2.13 via vlan.0
extern.ip/32 *[Local/0] 05:33:28
Local via ge-0/0/0.0

 

10.1.13.1 Is the next hop to our ISP on ge-0/0/0. ge-0/0/0 is a direct ethernet feed from them.

 

The router can access 10.2.2.13:

r1> ping 10.2.2.13
PING 10.2.2.13 (10.2.2.13): 56 data bytes
64 bytes from 10.2.2.13: icmp_seq=0 ttl=64 time=7.256 ms
64 bytes from 10.2.2.13: icmp_seq=1 ttl=64 time=5.194 ms

 

>Whats the purpose of routing instance routing-table-lan ?

 

This isn't used for anything.

 

The route for 10.1.0.0/16 and 10.3.0.0/16 on vlan.0 tries to go out via 10.1.13.1 even with the static routes in place.

Recognized Expert
JunOS_Fan
Posts: 241
Registered: ‎02-13-2012
0

Re: Static Routes on SRX210

Hi ,

 

 

Is this an edited output or the actual ?

 

0.0.0.0/1 *[Direct/0] 05:33:22
> via ge-0/0/0.0

Best regards
Pradeep (JNCIP-SEC,ENT,SP)
www.networker.co.in
Visitor
mark1221
Posts: 7
Registered: ‎04-20-2012
0

Re: Static Routes on SRX210

That is part of the config but I believed it was required as the static IP on ge-0/0/0 is in the 77.86.xx.xx range and the first hop out on for that IP is 10.1.13.1

Recognized Expert
JunOS_Fan
Posts: 241
Registered: ‎02-13-2012
0

Re: Static Routes on SRX210

have you configured it as 77.86.x.x/1  (/1 prefix) on ge-0/0/0 interface ? any specific reason for this ? what is the size of your public ip block ? 

 

If 10.1.13.1 is your next-hop , may be you can configure an ip in the same network on your ge-0/0/0 interface and then use source nat (pool based - with the public ip addresses assigned to you as the pool ) .

 

If this is not the case , detailed setup would help . and in the forwarding table how are those routes shown ? with which next-hop ?

Best regards
Pradeep (JNCIP-SEC,ENT,SP)
www.networker.co.in
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.