Junos Asymmetric Routing
joel jaeggli
joelja at bogus.com
Fri May 28 00:48:56 UTC 2010
On 2010-05-27 17:38, Ken Gilmour wrote:
> Wow, very fast responses, Thanks Larry Sheldon and Ricardo Tavares!
>
> On 27 May 2010 18:07, Ricardo Tavares<curupas at gmail.com> wrote:
>
>> Not sure if I correctly undestand you but default route its the route
>> that the packet must follow if it do not have a specific route for the
>> destination, so, if the next-hop for the source IP (3.3.3.3) is not in
>> the route table then the packet will follow the default route (ISP1).
>>
>
> Yes I believe that would be the default if the session was initiated on the
> inside, but if it comes from outside on a particular interface which is not
> the default route, why would the router then send the packet out another
> interface? Should the device not route session-based traffic according to
> where it originated?
nope, forwarding decisions are made on the basis of the FIB.
if stateful filtering policy and the configuration of the forwarding
plane are not congruent then packet will be out of state and likely
discarded by your policy.
>
>>
>> So, this behavior will be correct if next-hop for 3.3.3.0/24 is not
>> installed. Just for troubleshooting purpose install a static route
>> like:
>>
>> set routing-options static route 3.3.3.0/24 next-hop
>> <the-correct-gateway-address> (ISP2)
>>
>
> Yes sir, this works, but when you change the static route to point
> 0.0.0.0/0to the next hop on the virtual router for the particular
> interface (ISP2) it
> starts going over the interface for ISP1 again. I also set
> qualified-next-hop for ISP2 in the main routing table to no avail.
>
>
>> If this works fine then verify the route table, are you using BGP to
>> receive such routing info? If you are not filtering the update maybe
>> the sender is. Verify the received routes using the "show route
>> protocol bgp receive-protocol bgp x.x.x.x" (x.x.x.x is the bgp
>> neighbor)
>>
>
> Yes sir, I have also gone to the extent of deactivating BGP and using only
> static routes.
>
> Thanks for your help!
>
> Regards,
>
> Ken
>
More information about the NANOG
mailing list