[BPF] PBR Juniper
Bruno DataFibra Telecom
bruno em datafibra.com.br
Sexta Janeiro 3 01:06:56 -03 2020
Bom dia a todos
Estava olhando na internet e existe várias formas de fazer o PBR para o
CGNAT no juniper, gostaria de uma opinião dos amigos qual forma é a melhor
Via filter com netx-ip
set firewall family inet filter blocos-cgnat term cgnat from source-address
100.64.0.0/19
set firewall family inet filter blocos-cgnat term cgnat then next-ip
100.64.255.254
set firewall family inet filter blocos-cgnat term default then accept
ou via filter com routing-instance
set routing-options rib-groups CGNAT-rib-group import-rib inet.0
set routing-options rib-groups CGNAT-rib-group import-rib CGNAT.inet.0
set firewall family inet filter blocos-cgnat term cgnat from source-address
100.64.0.0/19
set firewall family inet filter blocos-cgnat term cgnat then
routing-instance CGNAT
set firewall family inet filter blocos-cgnat term default then accept
set routing-instances CGNAT instance-type forwarding
set routing-instances CGNAT routing-options static route 0.0.0.0/0 next-hop
100.64.255.254
Atenciosamente,
Bruno Benatto Adacheski
CIO Diretor TI
Rua Professor Amálio Pinheiro , 20 Guarapuava/PR - 85015-440
http://www.datafibra.com.br
(42) 3036-6151 - (42) 3622-8199
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://listas.brasilpeeringforum.org/pipermail/bpf/attachments/20200103/c6462a56/attachment.html>
More information about the bpf
mailing list