Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: nsp: juniper

PBR config help

  

 
nsp juniper RSS feed   Index | Next | Previous | View Threaded


janasamit at wlink

Nov 14, 2009, 7:30 AM

Post #1 of 3 (1520 views)
Permalink
PBR config help
Hi gurus,

I am looking for following cisco PBR example equivalent config for junos
and work.

interface GigabitEthernet0/0
description WAN1-primary
ip address 192.168.1.1 255.255.255.0

interface GigabitEthernet0/1
description WAN2-secondary
ip address 192.168.2.1 255.255.255.0

interface GigabitEthernet0/2
description To LAN
ip address 192.168.0.1 255.255.255.192
ip policy route-map via-wan2

ip access-list extended pbr-test
permit ip 192.168.10.0 0.0.0.255 any

route-map via-wan2 permit 10
match ip address pppoe
set ip next-hop 192.168.2.1

ip route 0.0.0.0 0.0.0.0 192.168.1.2

All traffic with source Ip address 192.168.10.0/24 will go via
192.168.2.1 secondary link remaining traffic will go via default route
192.168.1.2 primary link .

I tried the following in junos but it is not working and all traffic
just stuck, any tips would be appreciated..

[edit interfaces ge-0/0/0]
unit 0 {
description "WAN1-primary";
family inet {
address 192.168.1.1/24;
}
}

[edit interfaces ge-0/0/1]
unit 0 {
description "WAN2-secondary";
family inet {
address 192.168.2.1/24;
}
}

[edit interfaces ge-0/0/2]
unit 0 {
description "LAN";
family inet {
filter {
input via-WAN2;
}
address 192.168.0.1/24;
}
}

[edit routing-options static]
route 0.0.0.0/0 next-hop 192.168.1.2;

[edit firewall filter via-WAN2]
term 1 {
from {
source-address {
192.168.10.0/24;
}
}
then {
routing-instance pbr-test;
}
}

[edit routing-instances]
pbr-test {
instance-type forwarding;
routing-options {
static {
route 0.0.0.0/0 {
next-hop 192.168.2.1;
resolve;
}
}
}
}

Regards,
Samit



_______________________________________________
juniper-nsp mailing list juniper-nsp [at] puck
https://puck.nether.net/mailman/listinfo/juniper-nsp


ntarique at juniper

Nov 14, 2009, 8:01 AM

Post #2 of 3 (1491 views)
Permalink
Re: PBR config help [In reply to]
Samit,

Have a look here, rib-groups is what you may need.

http://www.juniper.net/techpubs/software/junos/junos82/swconfig82-policy
/html/firewall-config36.html


Hope it helps!


Thanks & Regards,
Tarique A. Nalkhande


-----Original Message-----
From: juniper-nsp-bounces [at] puck
[mailto:juniper-nsp-bounces [at] puck] On Behalf Of Samit
Sent: Saturday, November 14, 2009 9:01 PM
To: juniper-nsp [at] puck
Subject: [j-nsp] PBR config help

Hi gurus,

I am looking for following cisco PBR example equivalent config for junos
and work.

interface GigabitEthernet0/0
description WAN1-primary
ip address 192.168.1.1 255.255.255.0

interface GigabitEthernet0/1
description WAN2-secondary
ip address 192.168.2.1 255.255.255.0

interface GigabitEthernet0/2
description To LAN
ip address 192.168.0.1 255.255.255.192
ip policy route-map via-wan2

ip access-list extended pbr-test
permit ip 192.168.10.0 0.0.0.255 any

route-map via-wan2 permit 10
match ip address pppoe
set ip next-hop 192.168.2.1

ip route 0.0.0.0 0.0.0.0 192.168.1.2

All traffic with source Ip address 192.168.10.0/24 will go via
192.168.2.1 secondary link remaining traffic will go via default route
192.168.1.2 primary link .

I tried the following in junos but it is not working and all traffic
just stuck, any tips would be appreciated..

[edit interfaces ge-0/0/0]
unit 0 {
description "WAN1-primary";
family inet {
address 192.168.1.1/24;
}
}

[edit interfaces ge-0/0/1]
unit 0 {
description "WAN2-secondary";
family inet {
address 192.168.2.1/24;
}
}

[edit interfaces ge-0/0/2]
unit 0 {
description "LAN";
family inet {
filter {
input via-WAN2;
}
address 192.168.0.1/24;
}
}

[edit routing-options static]
route 0.0.0.0/0 next-hop 192.168.1.2;

[edit firewall filter via-WAN2]
term 1 {
from {
source-address {
192.168.10.0/24;
}
}
then {
routing-instance pbr-test;
}
}

[edit routing-instances]
pbr-test {
instance-type forwarding;
routing-options {
static {
route 0.0.0.0/0 {
next-hop 192.168.2.1;
resolve;
}
}
}
}

Regards,
Samit



_______________________________________________
juniper-nsp mailing list juniper-nsp [at] puck
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp [at] puck
https://puck.nether.net/mailman/listinfo/juniper-nsp


rameshkarki at gmail

Nov 14, 2009, 8:38 AM

Post #3 of 3 (1496 views)
Permalink
Re: PBR config help [In reply to]
Samit Dai,

Here is the complete Configuration for JunOS FBF :

JunOS#(edit prompt)
JunOS#set routing-instances pbr-test instance-type forwarding
JunOS#set routing-instances pbr-test routing-options static route
0.0.0.0/0next-hop 192.168.2.1
JunOS#commit
JunOS#set routing-options interface-routes rib-group inet all-ribs (it just
the name)
JunOS#set routing-options rib-groups all-ribs import rib [ inet.0
pbr-test.inet.0 ]
(make sure pbr-test similar to your routing-instances name, unless it won’t
work).
JunOS#commit
JunOS#set firewall family inet filter via-WAN2 term 1 from source-address
192.168.10.0/24
JunOS#set firewall family inet filter via-WAN2 term 1 then then
routing-instance pbr-test
JunOS#set firewall family inet filter via-WAN2 term 2 then accept
JunOS#commit
JunOS#interfaces ge-0/0/2 unit 0 family inet filter input via-WAN2
JunOS#commit

Thank you,

Ramesh
On Sat, Nov 14, 2009 at 9:15 PM, Samit <janasamit [at] wlink> wrote:

> Hi gurus,
>
> I am looking for following cisco PBR example equivalent config for junos
> and work.
>
> interface GigabitEthernet0/0
> description WAN1-primary
> ip address 192.168.1.1 255.255.255.0
>
> interface GigabitEthernet0/1
> description WAN2-secondary
> ip address 192.168.2.1 255.255.255.0
>
> interface GigabitEthernet0/2
> description To LAN
> ip address 192.168.0.1 255.255.255.192
> ip policy route-map via-wan2
>
> ip access-list extended pbr-test
> permit ip 192.168.10.0 0.0.0.255 any
>
> route-map via-wan2 permit 10
> match ip address pppoe
> set ip next-hop 192.168.2.1
>
> ip route 0.0.0.0 0.0.0.0 192.168.1.2
>
> All traffic with source Ip address 192.168.10.0/24 will go via
> 192.168.2.1 secondary link remaining traffic will go via default route
> 192.168.1.2 primary link .
>
> I tried the following in junos but it is not working and all traffic
> just stuck, any tips would be appreciated..
>
> [edit interfaces ge-0/0/0]
> unit 0 {
> description "WAN1-primary";
> family inet {
> address 192.168.1.1/24;
> }
> }
>
> [edit interfaces ge-0/0/1]
> unit 0 {
> description "WAN2-secondary";
> family inet {
> address 192.168.2.1/24;
> }
> }
>
> [edit interfaces ge-0/0/2]
> unit 0 {
> description "LAN";
> family inet {
> filter {
> input via-WAN2;
> }
> address 192.168.0.1/24;
> }
> }
>
> [edit routing-options static]
> route 0.0.0.0/0 next-hop 192.168.1.2;
>
> [edit firewall filter via-WAN2]
> term 1 {
> from {
> source-address {
> 192.168.10.0/24;
> }
> }
> then {
> routing-instance pbr-test;
> }
> }
>
> [edit routing-instances]
> pbr-test {
> instance-type forwarding;
> routing-options {
> static {
> route 0.0.0.0/0 {
> next-hop 192.168.2.1;
> resolve;
> }
> }
> }
> }
>
> Regards,
> Samit
>
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp [at] puck
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
_______________________________________________
juniper-nsp mailing list juniper-nsp [at] puck
https://puck.nether.net/mailman/listinfo/juniper-nsp

nsp juniper RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.