* Ken Gilmour: > ISP1 is the default gateway, ISP2 is a backup provider but which is always > active. Client comes in on ISP1's link, traffic goes back out on ISP1s link. > Client comes in on ISP2's link (non default gateway) but for some reason, > the packets seem to be going back out through the link for ISP1.
You cannot use Juniper's software forwarding platforms in this scenario. This may sound like a drastic verdict, but I think it's a pretty accurate summary of the situation. Perhaps you can coax the software forwarding platforms into packet mode (instead of flow mode), but from the documentation, I get the feeling that Juniper doesn't want you to do that (at least on J-series). You also lose some functionality if you do that. Moving the filters to a different box doesn't help, either. So you either have to buy real Juniper routers (and the necessary service modules to implement this), or switch vendors.
