Re: [j-nsp] Managing MX480 fxp0

[Aaron Gould]

Thanks, but I just moved the fxp0 ip address to a revenue interface to get the 
pfe forwarding I needed.

-Aaron

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Managing MX480 fxp0

[Eric Van Tol]

This used to be possible by setting the "net.pfe.transit_re" (or similar) value 
using sysctl, but I'm not sure if it still works on newer Junos versions:

https://www.kumari.net/index.php/networking/tips-and-tricks/14-

I would not do this on production router, though. If you need to reach your 
fxp0 from locations outside of your OOB subnet, I think the practice is to 
either use source NAT on a device that has connectivity to your OOB or you 
should put fxp0 into a routing-instance using 'management-instance' on Junos 
17.x and above (I believe). One caveat to doing the latter is that if you use 
TACACS (and possibly RADIUS) for authentication and your source address is the 
router loopback IP in inet.0, your 'mgmt_junos' instance needs to have static 
routes for the TACACS servers installed:

routing-options {
static {
route 0.0.0.0/0 next-hop 172.16.14.1; # Default route for fxp0 network
route 192.0.2.55/32 next-table inet.0;  # Public lo0.0 IP
route 10.55.234.90/32 next-table inet.0; # TACACS server
}
}

In my environment, this was necessary, but YMMV.

-evt

On 11/22/19, 12:02 PM, "juniper-nsp on behalf of Aaron Gould" 
 wrote:

Thanks again (Chris) for solving my vpls/irb/tagging combination problem
yesterday. we can bridge successfully now. 

 

Taking this one step further, we now are trying to route via fxp0 and
*through* it to the irb.100 interface and are unable to.

 

Is it possible to route traffic *through* an fxp0 interface ? (MX204)

 

I'm asking since it seems that someone mentioned that it is in fact possible
with some sort of static routes.  but I'm unsure what they meant exactly.

 

If it's definitely not possible to transit an fxp0 interface, I just need to
know that, and I will seek solutions using a revenue interface instead.

 

Resurrecting an old thread(s)..

https://www.mail-archive.com/juniper-nsp@puck.nether.net/msg09809.html   

https://puck.nether.net/pipermail/juniper-nsp/2010-August/017545.html 

 

subnet A-fxp0/mx204/irb.100subnet B

 

<---is bi-dir comms possible?-->

 

 

-Aaron

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp


___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp