|
List Info Thread: Addressing fxp0
[1]
|
||||||||||||
|
about | contact Other archives ( Real Estate discussion Medical topics ) |
||||||||||||
Addressing fxp0 |
|
List Info Thread: Addressing fxp0
[1]
|
||||||||||||
|
about | contact Other archives ( Real Estate discussion Medical topics ) |
||||||||||||
gmail.com> wrote:
> how about:
>
> creating an export policy to the forwarding table that
deny the direct
> route learnt from the fxp0 addressing.
> So you will end up installing the OOB route that has
been learned by
> other means, i.e routing protocol / static; assuming it
is advertised
> by firewall or configured as static.
>
> fxp0 packets are not forwarded through the box (punted
to RE) so I
> think it will not affect your own OOB to the juniper
box as well.
>
> HTH, if you try please post the results.
>
> assuming 1.1.1.0/24 is your OOB network:
>
> under "routing-options" stanza
> forwarding-table {
>
> export deny-fxp0-to-forwarding-table;
>
> }
>
> under "policy-options" stanza
> policy-statement deny-fxp0-to-forwarding-table {
> from {
> protocol direct;
> route-filter 1.1.1.0/24 exact;
> }
> then reject;
> }
>
_______________________________________________
juniper-nsp mailing list juniper-nsp