Junos OS

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about Junos OS.
  • 1.  L3 loopback access behind layer 2 connection

    Posted 10-06-2022 08:54
    Hello,

    Quick question. I have a firewall srx 340 connected via layer 2 to my internal network. This is using inter-vlan routing using IRB connections on the firewall and interface vlans on the cisco devices. When it comes to the ip addresses assigned to IRB or interface vlans I am having no connection issues. However, when I set up my loop back address on the firewall and set the routing options, I cannot ping it (even from directly connected devices).

    Is there some special trick to getting a loopback to ping and or accessed across a layer 2 network?

    Thanks,
    Matt

    ------------------------------
    MATTHEW LOVELAND
    ------------------------------


  • 2.  RE: L3 loopback access behind layer 2 connection

     
    Posted 10-06-2022 12:06
    Are you announcing the loopback address through a routing protocol? If so, is the loopback interface in a security zone that allows access?


  • 3.  RE: L3 loopback access behind layer 2 connection

    Posted 10-14-2022 14:57
    Hello,

    So here is an example config:

    Juniper

    security-zone trust {
    interfaces {
    lo0.0 {
    host-inbound-traffic {
    system-services {
    all;
    }
    protocols {
    all;


    [edit interfaces]

    ge-0/0/0 {
    unit 0 {
    description trusted_connection;
    family ethernet-switching vlan members FW
    lo0 {
    unit 0 {
    family inet {
    address 1.0.0.43/32;

    irb {
    unit 43 {
    description trust1;
    family inet {
    address 10.0.0.252/24;


    vlans {
    FW {
    vlan-id 43:
    l3-interface irb.43:
    }



    Cisco

    Vlan43

    interface vlan 43
    Ip address 10.0.0.254 255.255.255.0


    ip route 1.0.0.43 255.255.255.255 vlan 43







    What is missing here???

    Thanks,
    Matt

    ------------------------------
    MATTHEW LOVELAND
    ------------------------------