Switching

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.
  • 1.  Policy-based routing on the EX 2200?

    Posted 05-07-2010 13:07

    I want to make a routing decision on an EX 2200 based on the source address of the packet.

     

    Given 2 VLANs that should be configured for inter-VLAN routing; given 2 separate upstream connections to different ISPs (one for each VLAN); I want the routing logic to go like this:

     

    1. If the destination address is known, forward the traffic (traffic destined for a different VLAN).
    2. If the destination address is unknown, forward the traffic to ISP A's gateway if the source address is on VLAN A; or forward the traffic to ISP B's gateway if the source address is VLAN B.

     

    I know how to do this on Cisco with a route-map (by matching the source address and setting the next-hop & using ACLs to controls when the route-map applies), but I couldn't find any online documentation for the EX series (much less the 2200) that described a similar function.

     

    Thanks!


    #source-address
    #routing
    #switch
    #policy-based
    #EX


  • 2.  RE: Policy-based routing on the EX 2200?

    Posted 05-07-2010 20:00

    Hi,

     

    I did this a while back on a 3200 and I recall using  a combination of routing instances and firewall filters.  You would setup the routing instances with the appropriate routes (ISPA/ISPB), create Firewall Filters to match source traffic (VLANA, VLANB), action to each routing instance, then apply to the VLAN interface.  I included a link below that should help.  Let me know if you need a hand.

     

     

    http://www.juniper.net/techpubs/en_US/junos10.1/information-products/pathway-pages/ex-series/routing-policy.html

     

    -John



  • 3.  RE: Policy-based routing on the EX 2200?

    Posted 05-09-2010 12:33

    Here is an Example :

    i got it from : http://forums.juniper.net/t5/SRX-Services-Gateway/filter-based-forwarding-question/m-p/27786

     

    interfaces {
        ge-0/0/1 {
            unit 0 {
                family inet {
                    address 10.10.10.254/24;
                }
            }
        }
        fe-0/0/6 {
            unit 0 {
                family inet {
                    filter {
                        input isp1-in;
                    }
                    address 1.1.1.2/29;
                }
            }
        }
    }
    routing-options {
        interface-routes {
            rib-group inet inside;
        }
        static {
            route 0.0.0.0/0 {
                next-hop 1.1.1.1;
            }
        }
        rib-groups {
            inside {
                import-rib [ inet.0 TRUST-VRF.inet.0 INSIDE.inet.0 ];
            }
        }
    }
    firewall {
        filter isp1-in {
            term 1 {
                from {
                    destination-address {
                        10.10.10.0/24;
                    }
                }
                then {
                    routing-instance TRUST-VRF;
                }
            }
            term 2 {
                then {
                    accept;
                }
            }
        }
    }
    routing-instances {
        TRUST-VRF {
            instance-type forwarding;
            routing-options {
                static {
                    route 10.10.10.0/24 next-hop 10.10.10.1;
                }
            }
        }
        INSIDE {
            instance-type virtual-router;
            interface ge-0/0/1.0;
            routing-options {
                interface-routes {
                    rib-group inet inside;
                }
                static {
                    route 0.0.0.0/0 next-table inet.0;
                }
            }
        }
    }



  • 4.  RE: Policy-based routing on the EX 2200?
    Best Answer

    Posted 05-09-2010 19:44

    as others have mentioned, this is possible on the EX3200/4200/8200.  However, at least as of Junos 10.1, the EX200 does not support Routing-Instances.  As such, you can not create the forwarding instances needed for source-based routing (or as Junos calls -- filter-based-forwarding)

     

    no idea if routing-instances are on the road map for the EX2200 or not.

     

     

    if you need this capability, look at the EX3200/4200, or supplementing your EX2200 with an SRX or SSG (if this is a branch site) -- all SRX models support routing-instances and should be able to do what you need (verified myself on the SRX240 for sure).

     

    Will



  • 5.  RE: Policy-based routing on the EX 2200?

    Posted 05-08-2012 11:35

    Hello All,

     

    Can anyone confirm whether this function is now available on the EX2200 on the latest version of Junos?

     

    Regards

    Nick



  • 6.  RE: Policy-based routing on the EX 2200?

    Posted 05-08-2012 12:58

    in 11.4 there is still not a 'routing-instance' hierarchy

     

    there is also nothing in the 12.1 release notes to suggest it can be done in that release either.

     

    will



  • 7.  RE: Policy-based routing on the EX 2200?

    Posted 05-11-2012 10:42

    Hello WIll,

     

    Many thanks - that was my conclusion too. Is there any way that you can divert traffic to another inline device, like policy based switching - similar to WCCP on Cisco's?

     

    Regards
    Nick



  • 8.  RE: Policy-based routing on the EX 2200?

    Posted 11-26-2013 02:47

    Is policy based routing supported on JUniper EX2200 & EX2200-C now ?



  • 9.  RE: Policy-based routing on the EX 2200?

    Posted 11-26-2013 17:54

    I don't have one to test, but documentation for 12.3 says it has the following support:

    Release 12.3R4
    21 November 2013
    Revision 4

    Layer 2 and Layer 3 Protocols

    • VRF support on EX2200 switches—Virtual routing and forwarding (VRF) is now supported on EX2200 switches. [See Understanding Virtual Routing Instances on EX Series Switches.]
    • Feature support added on EX3300 switches—EX3300 switches now support:
      • Virtual routing and forwarding (VRF)—virtual routing instances—with IPv6 for unicast traffic
      • Layer 3 filter-based forwarding for unicast traffic
      • Layer 3 VRF for unicast BGP, RIP, and OSPF traffic
      • Multiple VLAN Registration Protocol (MVRP, IEEE 802.1ak)


  • 10.  RE: Policy-based routing on the EX 2200?

    Posted 10-19-2014 22:38

    you where able to test PBR in EX2200? 



  • 11.  RE: Policy-based routing on the EX 2200?

    Posted 10-21-2014 02:42
    No - we ended up putting a small router to head end the switches as the cost was lower. Never did get a clear answer on the capability from Juniper SE either!

    Best Regards,

    Nicholai Roguski



    SecureData, combating cyber threats
    ______________________________________________________________________
    The information contained in this message or any of its attachments may be privileged and confidential and intended for the exclusive use of the intended recipient. If you are not the intended recipient any disclosure, reproduction, distribution or other dissemination or use of this communications is strictly prohibited. The views expressed in this email are those of the individual and not necessarily of SecureData Europe Ltd. Any prices quoted are only valid if followed up by a formal written quote.

    SecureData Europe Limited. Registered in England & Wales 04365896. Registered Address: SecureData House, Hermitage Court, Hermitage Lane, Maidstone, Kent, ME16 9NT