Routing

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.
  • 1.  FBF questions

    Posted 09-26-2023 22:21

    I have the following topology


    What I need is when the traffic sourcing from 172.16.2.X, the next hop is 10.50.1.25,  otherwise, the next hop is via the default route,

    set logical-system sys firewall family inet filter NAT-PBR term 1 from source-prefix-list net-172.16.2.0/24
    set logical-system sys firewall family inet filter NAT-PBR term 1 then count nat-Traffic
    set logical-system sys firewall family inet filter NAT-PBR term 1 then next-ip 10.50.1.25/32
    set logical-system sys firewall family inet filter NAT-PBR term 2 then accept

    set groups NAT-PBR logical-systems <*> interfaces <*> unit <*> family inet filter input NAT-PBR
    set groups NAT-PBR interfaces <*> unit <*> family inet filter input NAT-PBR

    set  logical-system sys interfaces ge-0/0/6 apply-groups NAT-PBR

    When the traffic sources from 172.16.2.X, I can see the count increasing, but traffic still goes to the default.

    Any ideas ? 

    thanks !!



  • 2.  RE: FBF questions

    Posted 09-26-2023 23:27

    When I looked a little deeper via 

    root@sys# show logical-systems sys interfaces ge-0/0/6 | display inheritance 

    I noticed the following:

        family inet {
            ##
            ## 'filter' was inherited from group 'NAT-PBR'
            ##
            filter {
                ##
                ## 'input' was inherited from group 'NAT-PBR'
                ## 'NAT-PBR' was inherited from group 'NAT-PBR'
                ##
                input NAT-PBR; ## reference 'NAT-PBR' not found
            }
            address 10.52.1.2/31;
        }

    Seems NAT-PBR defined inside logical-system can't be resolved in the group 

    Any way to resolve this ?

    thanks !!




  • 3.  RE: FBF questions

    Posted 09-27-2023 21:54

    Today my co-worker showed me the working configuration which has the same line (## reference 'NAT-PBR' not found). So seems it is not the cause for my issue.

    Just no clue why not use the ip specified via next-ip.




  • 4.  RE: FBF questions

    Posted 09-27-2023 23:18

    found out it is caused by the older image. version 18.4 works.