Hi All,
I am trying to work through a scenario, and I've read some documentation/forum posts to help troubleshoot what I'm attempting to do but haven't gotten very far.
I have a subnet, lets call it subnet A, that is routable over link A, however, in order to test a specific scenario (this needs to be permanent), I need to route this over link B.
The setup:
- Configure routing instance B, containing link B
- Leave link A in default/master routing instance
- Subnet A is routed over link A and link B via BGP
- Setup a DNAT (Subnet B) to then put the pool (containing subnet A) in the routing instance B:
-
pool pool-dst-nat {
routing-instance {
B;
}
address 10.10.10.1/32;
}
-
rule-set dnat-1 {
from zone trust;
rule 1 {
match {
destination-address 10.20.20.1/32;
}
then {
destination-nat {
pool {
pool-dst-nat;
}
}
This way, routing instance B only has the route for subnet A over link B.
The default/master routing-instance only has the route for the DNAT address to routing instance B.
However, when implemented in my lab, traffic to subnet A over link A is working correctly, but I can't get traffic destined for the DNAT to even hit the rule. I suspect I have a knowledge gap when trying to DNAT between routing instances. Can anyone provide some assistance? Let me know if my description above is too confusing, I'm happy to provide some more info.