SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  source-nat with multiple ip adresses on a interface

    Posted 03-15-2017 06:05

    Hello all,

     

    I have an SRX300 with multiple IP adresses on interface GE-0/0/0 Unit 0

    I have source nat configured to use the interface address

     

    I know i can make a Source-Nat pool to determine what IP is used for source nat

    But if i let the interface decide. ik uses 1.1.1.1 in my example. What rule will be applied ?

    Is it always the lowest IP ?

     

     

    ge-0/0/0 {
    unit 0 {
        family inet {
            mtu 1492;
            address 1.1.1.1/29;
            address 1.1.1.2/29;
            address 1.1.1.3/29;
        }
    }
}

     

    rule-set Ruleset1{
from zone Trust;
to zone Untrust;
rule Rule-1 {
match {
source-address 192.168.0.0/24;
destination-address 0.0.0.0/0;
}
then {
source-nat {
interface;
}
}
}
}

    Regards,

     

    Robbert



  • 2.  RE: source-nat with multiple ip adresses on a interface
    Best Answer

     
    Posted 03-15-2017 07:04
    numerically lowest.
    By default, the primary address on an interface is selected as the numerically lowest local address configured on the interface.

    An interface’s primary address is used by default as the local address for broadcast and multicast packets sourced locally and sent out through the interface. An interface’s preferred address is the default local address used for packets sourced by the local router or switch to destinations on the subnet. By default, the numerically lowest local address configured for the interface is chosen as the preferred address on the subnet.

    To configure a different primary address or preferred address, include the primary or preferred statement at the [edit interfaces interface-name unit logical-unit-number family family address address or [edit logical-systems logical-system-name interfaces interface-name unit logical-unit-number family family address address hierarchy levels.

    For more information about default, primary, and preferred addresses for an interface, see “Configuring Default, Primary, and Preferred Addresses and Interfaces” in the Junos OS Network Interfaces Library for Routing Devices.


    ref :http://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/default-address-selection-edit-system.html


  • 3.  RE: source-nat with multiple ip adresses on a interface

    Posted 03-15-2017 07:35

    Thanx a lot 🙂

    Very clear