Juniper SRX基本配置手册(2)

2018-12-27 20:03

set firewall filter USER-IN term 2 then routing-instance TRUST-VRF-2

客户要求内网192.168.9.0网段走走第三条ADSL线路

set firewall filter USER-IN term 3 from source-address 192.168.9.0/24 set firewall filter USER-IN term 3 then routing-instance TRUST-VRF-3

客户要求内网192.168.5.0, 192.168.1.0网段走走第四条ADSL线路

set firewall filter USER-IN term 4 from source-address 192.168.5.0/24

set firewall filter USER-IN term 4 from source-address 192.168.1.0/24 set firewall filter USER-IN term 4 then routing-instance TRUST-VRF-4

set firewall filter USER-IN term 5 then accept

第五步：在内网接口上面ge-0/0/8 input方向引用定义的firewall filter USER-IN set interfaces ge-0/0/8 unit 0 family inet filter input USER-IN

查看SRX上面的路由表，能够查看到5张路由表,一张全局路由表，还有四张VRF路由表TRUST-VRF-1，2,3,4

root# run show route

inet.0: 25 destinations, 26 routes (25 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 00:40:49 via pp0.0 via pp0.1 via pp0.2 via pp0.3

> to 192.168.0.1 via ge-0/0/9.0 58.61.136.1/32 *[Direct/0] 00:40:49 > via pp0.0

58.61.137.74/32 *[Local/0] 00:40:49 Local via pp0.0 192.168.0.0/24 *[Direct/0] 00:40:49 > via ge-0/0/9.0 192.168.0.254/32 *[Local/0] 00:41:02 Local via ge-0/0/9.0 192.168.1.0/24 *[Static/5] 00:40:53

> to 192.168.100.1 via ge-0/0/8.0 192.168.2.0/24 *[Static/5] 00:40:53

> to 192.168.100.1 via ge-0/0/8.0 192.168.3.0/24 *[Static/5] 00:40:53

> to 192.168.100.1 via ge-0/0/8.0 192.168.4.0/24 *[Static/5] 00:40:53

> to 192.168.100.1 via ge-0/0/8.0 192.168.5.0/24 *[Static/5] 00:40:53

> to 192.168.100.1 via ge-0/0/8.0 192.168.6.0/24 *[Static/5] 00:40:53

> to 192.168.100.1 via ge-0/0/8.0 192.168.7.0/24 *[Static/5] 00:40:53

> to 192.168.100.1 via ge-0/0/8.0 192.168.8.0/24 *[Static/5] 00:40:53

> to 192.168.100.1 via ge-0/0/8.0 192.168.9.0/24 *[Static/5] 00:40:53

> to 192.168.100.1 via ge-0/0/8.0 192.168.10.0/24 *[Static/5] 00:40:53

> to 192.168.100.1 via ge-0/0/8.0 192.168.11.0/24 *[Static/5] 00:40:53

> to 192.168.100.1 via ge-0/0/8.0 192.168.12.0/24 *[Static/5] 00:40:53

> to 192.168.100.1 via ge-0/0/8.0 192.168.13.0/24 *[Static/5] 00:40:53

> to 192.168.100.1 via ge-0/0/8.0 192.168.100.0/24 *[Direct/0] 00:40:53 > via ge-0/0/8.0 192.168.100.2/32 *[Local/0] 00:41:02 Local via ge-0/0/8.0 219.133.216.1/32 *[Direct/0] 00:30:06 > via pp0.2

219.133.216.203/32 *[Local/0] 00:30:06 Local via pp0.2 219.134.120.1/32 *[Direct/0] 00:06:05 > via pp0.1

[Direct/0] 00:04:04 > via pp0.3

219.134.121.59/32 *[Local/0] 00:04:04 Local via pp0.3 219.134.121.165/32 *[Local/0] 00:06:05 Local via pp0.1

TRUST-VRF-1.inet.0: 12 destinations, 13 routes (12 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 00:17:41 > via pp0.0

58.61.136.1/32 *[Direct/0] 00:17:41

> via pp0.0

58.61.137.74/32 *[Local/0] 00:05:41 Local via pp0.0 192.168.0.0/24 *[Direct/0] 00:17:41 > via ge-0/0/9.0 192.168.0.254/32 *[Local/0] 00:05:41 Local via ge-0/0/9.0 192.168.100.0/24 *[Direct/0] 00:17:41 > via ge-0/0/8.0 192.168.100.2/32 *[Local/0] 00:05:41 Local via ge-0/0/8.0 219.133.216.1/32 *[Direct/0] 00:17:41 > via pp0.2

219.133.216.203/32 *[Local/0] 00:05:41 Local via pp0.2 219.134.120.1/32 *[Direct/0] 00:06:05 > via pp0.1

[Direct/0] 00:04:04 > via pp0.3

219.134.121.59/32 *[Local/0] 00:04:04 Local via pp0.3 219.134.121.165/32 *[Local/0] 00:05:41 Local via pp0.1

TRUST-VRF-2.inet.0: 12 destinations, 13 routes (12 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 00:06:05 > via pp0.1

58.61.136.1/32 *[Direct/0] 00:17:41 > via pp0.0

219.133.216.203/32 *[Local/0] 00:05:41

Local via pp0.2 219.134.120.1/32 *[Direct/0] 00:06:05 > via pp0.1

[Direct/0] 00:04:04 > via pp0.3

219.134.121.59/32 *[Local/0] 00:04:04 Local via pp0.3 219.134.121.165/32 *[Local/0] 00:05:41 Local via pp0.1

TRUST-VRF-3.inet.0: 12 destinations, 13 routes (12 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 00:17:41 > via pp0.2

58.61.136.1/32 *[Direct/0] 00:17:41 > via pp0.0

219.133.216.203/32 *[Local/0] 00:05:41 Local via pp0.2 219.134.120.1/32 *[Direct/0] 00:06:05 > via pp0.1

[Direct/0] 00:04:04 > via pp0.3

219.134.121.59/32 *[Local/0] 00:04:04 Local via pp0.3 219.134.121.165/32 *[Local/0] 00:05:41 Local via pp0.1

TRUST-VRF-4.inet.0: 12 destinations, 13 routes (12 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both

0.0.0.0/0 *[Static/5] 00:04:05

> via pp0.3

58.61.136.1/32 *[Direct/0] 00:17:42 > via pp0.0

58.61.137.74/32 *[Local/0] 00:05:42 Local via pp0.0 192.168.0.0/24 *[Direct/0] 00:17:42 > via ge-0/0/9.0 192.168.0.254/32 *[Local/0] 00:05:42 Local via ge-0/0/9.0 192.168.100.0/24 *[Direct/0] 00:17:42 > via ge-0/0/8.0 192.168.100.2/32 *[Local/0] 00:05:42 Local via ge-0/0/8.0 219.133.216.1/32 *[Direct/0] 00:17:42 > via pp0.2

219.133.216.203/32 *[Local/0] 00:05:42 Local via pp0.2 219.134.120.1/32 *[Direct/0] 00:06:06 > via pp0.1

[Direct/0] 00:04:05 > via pp0.3

219.134.121.59/32 *[Local/0] 00:04:05 Local via pp0.3 219.134.121.165/32 *[Local/0] 00:05:42 Local via pp0.1

共2页:

Juniper SRX基本配置手册(2).doc 将本文的Word文档下载到电脑下载失败或者文档不完整，请联系客服人员解决！

下载这篇word文档