SRX Services Gateway
Highlighted
SRX Services Gateway

Routing instance, defaut inet.0 and route

[ Edited ]
‎11-20-2018 01:32 AM

Hello,

 

I'm having trouble to correctly setup my SRX340 (15.1X49-D150.2). I have two routing-instace, each of them using a specific WAN (one for LAN, other for WIFI). I work great and I have to separate network.

 

But I'm having trouble to correctly route packets for basic services like NTP sync:

root@srx> set date ntp
20 Nov 10:03:16 ntpdate[38625]: no server suitable for synchronization found

Looking at this doc ( https://kb.juniper.net/InfoCenter/index?page=content&id=KB31654&actp=RSS ), it should be because the SRX could not found any route.

root@srx> show route

inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 3d 17:14:18
to table RouteLANInternet.inet.0
192.168.1.1/32 *[Local/0] 5d 21:14:15
Reject

RouteLANInternet.inet.0: 16 destinations, 16 routes (16 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 4d 16:07:15
> via pp0.0
10.3.0.0/21 *[Static/5] 5d 21:14:09
> via st0.0
X.X.X.0/22 *[Direct/0] 4d 16:07:33
> via ge-0/0/4.0
X.X.X.91/32 *[Local/0] 4d 16:07:33
Local via ge-0/0/4.0
Z.Z.Z.0/24 *[Direct/0] 5d 21:13:05
> via ge-0/0/6.0
Z.Z.Z.47/32 *[Local/0] 5d 21:13:05
Local via ge-0/0/6.0
Y.Y.Y.47/32 *[Local/0] 4d 16:07:15
Local via pp0.0
192.168.30.0/24 *[Direct/0] 5d 21:13:29
> via ge-0/0/3.0
192.168.30.1/32 *[Local/0] 5d 21:13:29
Local via ge-0/0/3.0
192.168.33.0/24 *[Direct/0] 5d 21:13:29
> via ge-0/0/1.0
192.168.33.10/32 *[Local/0] 5d 21:13:29
Local via ge-0/0/1.0
192.168.88.0/24 *[Direct/0] 5d 21:13:31
> via ge-0/0/15.0
192.168.88.8/32 *[Local/0] 5d 21:13:33
Local via ge-0/0/15.0
192.168.89.0/24 *[Direct/0] 5d 21:13:29
> via ge-0/0/2.0
192.168.89.1/32 *[Local/0] 5d 21:13:29
Local via ge-0/0/2.0
193.253.160.3/32 *[Direct/0] 4d 16:07:15
> via pp0.0

RouteWifiCameraInternetOrange.inet.0: 42 destinations, 43 routes (42 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Access-internal/12] 4d 16:07:32
> to X.X.X.1 via ge-0/0/4.0
[Access-internal/12] 5d 21:12:50
> to Z.Z.Z.254 via ge-0/0/6.0
X.X.X.0/22 *[Direct/0] 4d 16:07:33
> via ge-0/0/4.0
X.X.X.91/32 *[Local/0] 4d 16:07:33
Local via ge-0/0/4.0
Z.Z.Z.0/24 *[Direct/0] 5d 21:13:05
> via ge-0/0/6.0
Z.Z.Z.47/32 *[Local/0] 5d 21:13:05
Local via ge-0/0/6.0
Y.Y.Y.47/32 *[Local/0] 4d 16:07:15
Local via pp0.0
192.168.30.0/24 *[Direct/0] 5d 21:13:29
> via ge-0/0/3.0
192.168.30.1/32 *[Local/0] 5d 21:13:34
Local via ge-0/0/3.0
192.168.33.0/24 *[Direct/0] 5d 21:13:29
> via ge-0/0/1.0
192.168.33.10/32 *[Local/0] 5d 21:13:34
Local via ge-0/0/1.0
192.168.88.0/24 *[Direct/0] 5d 21:13:31
> via ge-0/0/15.0
192.168.88.8/32 *[Local/0] 5d 21:13:31
Local via ge-0/0/15.0
192.168.89.0/24 *[Direct/0] 5d 21:13:29
> via ge-0/0/2.0
192.168.89.1/32 *[Local/0] 5d 21:13:34
Local via ge-0/0/2.0
193.253.160.3/32 *[Direct/0] 4d 16:07:15
> via pp0.0

Here is my config :

routing-options {
static {
route 0.0.0.0/0 next-table RouteLANInternet.inet.0;
} rib-groups { LAN-External { import-rib [ RouteWifiCameraInternetOrange.inet.0 RouteLANInternet.inet.0 ]; } } forwarding-table { export load-balancing-policy; } } (...) routing-instances { RouteLANInternet { instance-type virtual-router; interface ge-0/0/5.0; interface ge-0/0/15.0; interface pp0.0; interface st0.0; routing-options { interface-routes { rib-group inet LAN-External; } # le lan sort sur le lien Orange static { route 10.3.0.0/21 next-hop st0.0; route 0.0.0.0/0 next-hop pp0.0; } } } RouteWifiCameraInternetOrange { instance-type virtual-router; interface ge-0/0/1.0; interface ge-0/0/2.0; interface ge-0/0/3.0; interface ge-0/0/4.0; interface ge-0/0/6.0; routing-options { interface-routes { rib-group inet LAN-External; } static { route 0.0.0.0/0 next-hop X.X.X.91; } } } }

I'm using RIB group to import ribs between instance, because they do need to communicate (LAN must have access to Wifi).

If I'm adding in global routing-options the default route to 0.0.0.0 

static {
    route 0.0.0.0/0 next-table RouteLANInternet.inet.0;
}

Then I have a different result :

root@srx> set date ntp
20 Nov 10:19:37 ntpdate[39077]: sendto/sendmsg(195.83.132.135): No route to host
20 Nov 10:19:38 ntpdate[39077]: sendto/sendmsg(195.83.132.135): No route to host
20 Nov 10:19:39 ntpdate[39077]: sendto/sendmsg(195.83.132.135): No route to host
20 Nov 10:19:40 ntpdate[39077]: sendto/sendmsg(195.83.132.135): No route to host
20 Nov 10:19:41 ntpdate[39077]: no server suitable for synchronization found

and show route clearly shows that inet.0 does not have any route to follow :

root@srx> show route

inet.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

192.168.1.1/32     *[Local/0] 5d 21:29:05
                      Reject

I'm a bit lost for now, so any help is welcome 🙂

2 REPLIES 2
Highlighted
SRX Services Gateway
Solution
Accepted by topic author fmiermont1
‎11-21-2018 01:03 AM

Re: Routing instance, defaut inet.0 and route

‎11-20-2018 01:38 AM

Hi,

Please follow the KB: https://kb.juniper.net/InfoCenter/index?page=content&id=KB22499&actp=METADATA

 

Thanks,
Nellikka
JNCIE x3 (SEC #321; SP #2839; ENT #790)
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!
Highlighted
SRX Services Gateway

Re: Routing instance, defaut inet.0 and route

‎11-21-2018 01:03 AM

Thanks for the link, it was indeed what was missing !

Feedback