[126765] in North American Network Operators' Group
Re: Junos Asymmetric Routing
daemon@ATHENA.MIT.EDU (Florian Weimer)
Fri May 28 17:28:02 2010
From: Florian Weimer <fw@deneb.enyo.de>
To: Ken Gilmour <ken.gilmour@gmail.com>
Date: Fri, 28 May 2010 23:27:28 +0200
In-Reply-To: <AANLkTimilon0PpfIqi4CykORni4WwwX5llosxoa5G212@mail.gmail.com>
(Ken Gilmour's message of "Thu, 27 May 2010 17:27:16 -0600")
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
* Ken Gilmour:
> ISP1 is the default gateway, ISP2 is a backup provider but which is always
> active. Client comes in on ISP1's link, traffic goes back out on ISP1s link.
> Client comes in on ISP2's link (non default gateway) but for some reason,
> the packets seem to be going back out through the link for ISP1.
You cannot use Juniper's software forwarding platforms in this
scenario. This may sound like a drastic verdict, but I think it's a
pretty accurate summary of the situation.
Perhaps you can coax the software forwarding platforms into packet
mode (instead of flow mode), but from the documentation, I get the
feeling that Juniper doesn't want you to do that (at least on
J-series). You also lose some functionality if you do that. Moving
the filters to a different box doesn't help, either.
So you either have to buy real Juniper routers (and the necessary
service modules to implement this), or switch vendors.
