I export the wan route into ospf. Then if the wan connection goes down, the route is removed from the ospf export. This will increase the number of updates, but on a small network the extra cpu required is fairly minimal.
The trick is getting the route removed. I usually have a dynamic protocol like bgp for the wan links. For a static connection, you could use the equivalent of netscreen ip monitoring on the SRX. (Which I think is there now, but I haven't needed it.) On Jul 19, 2011, at 9:46 AM, John Center wrote: > Hi, > > I'm hoping someone can help me with a routing configuration issue. I > have the following physical configuration: > > Backbone Router > / \ > VLAN 416| | VLAN 417 > L2 Switch > || VLAN 416 & 417 > || > SRX3400 Cluster > > > The backbone router & the L2 switch has 2 WAN connections (VLAN 416 & > 417) from 2 SPs. The VLANs are trunked over a LAG connection from the > L2 switch to the SRX3400 cluster. OSPF is being run in a stub area > between the backbone router & the SRXs. The backbone router does not > support BFD. > > My problem is, if one of the 2 WAN connections between the Backbone > router & the L2 switch goes down, how do I prevent the SRX from still > sending traffic on both of the 2 VLAN connections? OSPF on the SRX > knows that the neighbor has gone down. I think I should be able to do > this via the routing table, but I'm not sure how to approach it. > > Any help would be greatly appreciated. > > Thanks. > > -John > > -- > John Center > Villanova University > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp Will O'Brien University of Missouri, DoIT DNPS Network Systems Analyst - Redacted obri...@missouri.edu _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
