On 18/05/11 10:34, OBrien, Will wrote: > I've been working through a nat configuration on my lab MX960 with a MS-DPC > blade that I've borrowed. > To start, I'm trying to create a simple nat'd subnet. However, the NAT guide > that I've been provided doesn't really fit my current design. > > The example I'm looking at uses a nat pool that's defined like so: > 150.150.150.0/24 > > with an outside interface that has say, 150.150.150.1/24 on it, > > Ok. > > Well, in my world, I use MX's for BGP announcements. So I'm trying to put the > NAT source interface on a lo0 instead of a normal interface. > > Is anyone else doing it this way or is there some other sneaky trick I'm > missing? So far applying the service filter only seems to break traffic.
I've not done NAT on MX only SRX, but with an SRX just announce the NAT pool as a route (static and readvertise, for whatever reason just adding a pool isn't enough to make it eligible for redist), don't need to assign it to an interface at all. -- Julien Goodwin Studio442 "Blue Sky Solutioneering"
signature.asc
Description: OpenPGP digital signature
_______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp