SRX Services Gateway
SRX Services Gateway

Srx 550M transparent bridge with route mode isp | design

Thursday

There is any way to allow zone for bridge interface to route zone?

I tried to configure srx550m with redundancy wan link. 

Wan1 L2 interface = untrust zone /192.168.10.0/24

Internal l2 interface = trust zone /192.168.10.0/24

Irb.0 = 192.168.10.2/24

 

Wan2 L3 interface = isp2 zone / 172.16.10.1/24

 

1.Is possible to route traffic from internal to wan2?

2.Also can irb in layer2 allow traffic to forward to route interface.

3. Can irb interface provide dhcp services?

4. Is  configure nat is allow on L2 interface?

Please advise on the design requirement.

1 REPLY 1
SRX Services Gateway

Re: Srx 550M transparent bridge with route mode isp | design

Friday
There is any way to allow zone for bridge interface to route zone?

I assume you are running the SRX in mixed mode.  So no, the layer two zone policies require layer 2 traffic analysis and the layer 3 zone policies likewise layer 3 analysis.

1.Is possible to route traffic from internal to wan2?

Routing will happen based on the route table and layer 3 information of the packet on the SRX so if traffic arrives to the routing engine it will be routed per the table.  But if the traffic arrives as a layer 2 communication it will be switched via the layer 2 data.

Also can irb in layer2 allow traffic to forward to route interface.

Yes, adding an irb interface to a layer 2 domain will create a routing interface for layer 3 requests out of that domain.

Can irb interface provide dhcp services?

Yes dhcp server can be associated with an irb layer 3 interface.

Is  configure nat is allow on L2 interface?

No, nat is a layer 3 function

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home