Junos
Highlighted
Junos

Trying to get fxp0 to work with mgmt_junos routing instance on vSRX running JunOS 19.3R1.8

‎01-23-2020 04:17 PM

I'm trying to create a basic example config for using the mgmt_junos routing instance. I've tried what I think the Juniper docs suggest, but I get no response at all from the fxp0 interface. Here's what I've got at the moment:

 

system {
    services {
        ssh {
            root-login allow;
        }
    }
    management-instance;
    syslog {
        ---chop---
    }
}
security {
    forwarding-options {
        family {
            inet6 {
                mode drop;
            }
        }
    }
    screen {
        ids-option untrust-screen {
            icmp {
                ping-death;
            }
            ip {
                source-route-option;
                tear-drop;
            }
            tcp {
                syn-flood {
                    alarm-threshold 1024;
                    attack-threshold 200;
                    source-threshold 1024;
                    destination-threshold 2048;
                    queue-size 2000; ## Warning: 'queue-size' is deprecated
                    timeout 20;
                }
                land;
            }
        }
    }
    policies {
        from-zone trust to-zone trust {
            policy default-permit {
                match {
                    source-address any;
                    destination-address any;
                    application any;
                }
                then {
                    permit;
                }
            }
        }
        from-zone trust to-zone untrust {
            policy default-permit {
                match {
                    source-address any;
                    destination-address any;
                    application any;
                }
                then {
                    permit;
                }
            }
        }
    }
    zones {
        security-zone trust {
            tcp-rst;
            interfaces {
                ge-0/0/0.0 {
                    host-inbound-traffic {
                        system-services {
                            ping;
                        }
                    }
                }
            }
        }
        security-zone untrust {
            screen untrust-screen;
        }
    }
}
interfaces {
    ge-0/0/0 {
        unit 0 {
            family inet {
                address 10.100.1.202/24;
            }
        }
    }
    fxp0 {
        unit 0 {
            family inet {
                address 10.100.1.201/24;
            }
        }
    }
}
routing-instances {
    mgmt_junos {
        routing-options {
            static {
                route 0.0.0.0/0 next-hop 10.100.1.1;
            }
        }
    }
}
routing-options {
    static {
        route 0.0.0.0/0 next-hop 10.100.1.1;
    }
}

Any ideas would be very much appreciated!

 

Thanks!

 

...Ralph

1 REPLY 1
Highlighted
Junos

Re: Trying to get fxp0 to work with mgmt_junos routing instance on vSRX running JunOS 19.3R1.8

‎01-23-2020 05:09 PM

A few other things that may help and/or seem odd:

root> show interfaces fxp0 terse
Interface               Admin Link Proto    Local                 Remote
fxp0                    up    up
fxp0.0                  up    up   inet     10.100.1.201/24

root> show interfaces ge-0/0/0 terse
Interface               Admin Link Proto    Local                 Remote
ge-0/0/0                up    up
ge-0/0/0.0              up    up   inet     10.100.1.202/24

And under show interfaces fxp0 detail:

  Traffic statistics:
   Input  bytes  :                    0
   Output bytes  :                  546
   Input  packets:                    0
   Output packets:                   13

Kind of a reverse Hotel California...

...Ralph

Feedback