Routing

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.
Back to discussions
Expand all | Collapse all

Firewall Filters on IRB Interfaces

  • 1.  Firewall Filters on IRB Interfaces

    Posted 07-17-2023 10:44

    I am trying to create a policy based route for egress traffic to forward traffic sourced from a specific network to a next hop of a P2P (GRE Tunnel).  I tried something like:

    user@host# set routing-instances R1 interface <interface name>
    user@host# set routing-instances R1 instance-type forwarding  
    user@host# set routing-instances R1 routing-options static route 0.0.0.0/0 next-hop <P2P-Remote-IP>
    user@host# set firewall family inet filter F1 term match_and_forward from source-address <prefix I want to match from>
    user@host# set firewall family inet filter F1 term match_and_forward then routing-instance R1
    But this throws an error stating that routing-instance actions are not allowed on irb interfaces for this filter.  Is this a limitation or am I doing something wrong?


    ------------------------------
    JEFF SANI
    ------------------------------