Hi
I wan't to isolate a customer setup with some overlapping IP's in a virtual router on a SRX3600, and it seem as I have two options, either connect the VR with a logical tunnel, or leak routes between the two instances.
I have both options working, but to keep policy writing as simple as possible, I would prefeer to just leak routes, so that I can write policies directly to the zones inside the VR.
Most of the routing in my SRX happens in inet.0, where I have a default route.
So my initial thought was to just leak the default route from inet.0 into the VR, expecting the SRX to the look for more specifics in inet.0, but this didn't happen, instead all traffic from the VR was just send directly to the next hop of the default route.
I can live with this, but.. The SRX is also originating some prefixes, from some static discard routes, when I leak these routes into the VR, traffic from the VR to these prefixes are just dropped inside the VR.
Is there any way around this behaviour?
/Ralf