SRX Services Gateway
SRX Services Gateway

ECMP Load Balancing Bypass for IDP Signature Updates

‎02-25-2019 07:47 AM

Hi All,


I am currently implementing an ECMP load-balancing solution for my default route ( on my SRX. I have the load-balancing working as intended for all traffic originating behind the firewall, however, traffic that originates on the device is seeing packet loss. I cannot seem to find a way to bypass the load-balancing for the specific route that I require it to (signature updates for IDP going to 


I am wondering if there is a list of all IPs that is registered to, so I can just put a static route on my device and point it to one of the two ISP circuits to use. I assume Juniper uses a CDN service to host it so it may be difficult to find a list of all IPs. IF this is the case, does anyone have any other suggestions for my device bypassing the load-balancing?