source-based-fpolicy-statementorwarding
Syntax
source-based-forwarding next-hop next-table forwarding table name
Hierarchy Level
[edit policy-options policy-statement policy name term term name then]
Description
Source based forwarding is used to provide value added services where paths through the network are selected based on the packet’s source address. In some deployments, the destination node of the packet, identified by the protocol next hop, stays the same, but the path through the network may vary.
In some deployments, the destination of the packet changes too. In this scenario, separate forwarding tables are used for traffic forwarding, and traffic is steered into these tables based on the packet's source address.
PTX routers provide a mechanism to conditionally route a packet with a specific source IP address via a specific forwarding table. When a packet arrives at the router interface, the source IP address information is retrieved from the packet, and a source lookup is performed in the forwarding table using the packet's source IP address. If a match is found in the forwarding table, the matching route in the forwarding table has the details on which forwarding table to lookup the destination IP address for this packet. Subsequently, the destination IP address and next-hop is used from the designated forwarding table to forward the packet.
This type of conditional traffic steering is done only after initial configuration. You initially configure policy options and within the policy options, under a policy statement, for a match criteria, specify the forwarding table for this route, from where the destination IP address and next-hop is retrieved to forward the packet. In the following example, a packet with BGP community c1 is matched in the from clause, and the matching packet's forwarding table specified in the then clause.
policy-options {
policy-statement p1 {
term t1 {
from community c1;
then {
source-based-forwarding {
next-hop {
next-table foo.inet.0;
}
}
}
}
}
}
You then include the policy in a forwarding table export policy.
routing-options {
forwarding-table {
export pl;
}
}
You have to enable the interface to do a source lookup when the packet arrives
at the interface - you use the source-lookup configuration
statement to enable the interface to do a source lookup. You can enable
source-lookup per interface, per routing protocol
family, for INET or INET6. You cannot use source-lookup
along with Source Class Usage (SCU). In the following example,
source-lookup is enabled for an interface at the
[edit interfaces] hierarchy of the CLI.
et-0/0/1 {
unit 0 {
family inet {
source-lookup;
}
}
}
-
Only the table prefixes - inet.0, inet6.0 and instance tables (including L3vVPN prefixes) are supported.
-
The
source-lookupconfiguration statement cannot be used alongside source-class-usage configuration statement (set interfaces interface name unit unit number family routing protocol family source-class-usage). But becausesouce-lookupis enabled per family for INET or INET 6, there can be a situation where INET hassource-lookupenabled and INET6 has source-class-usage enabled - this use case is supported. -
After configuring the policy, issue
show policy policy nameto display the configured policy, like in the following example.{master}[edit] host@router# run show policy p1 Policy p1: [RESOLVED] Term unnamed: from route filter: 10.0.0.8/32 orlonger then source-based-forwarding next-hop next-table: VRF1.inet.0 -
You can use the
show route extensivecommand to display whether a source-lookup for the route is being performed. In the following output, theOpaque Datafield displays Source Based Forwarding details.{master}[edit] root@R11_re0# run show route 10.0.0.8/32 extensive inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden) 10.0.0.8/32 (1 entry, 1 announced) TSI: KRT in-kernel 10.0.0.8/32 -> {172.16.1.2} Opaque data client: KRT Opaque data: Source Based Forwarding: Table :VRF1.inet.0 Nexthop Index :599 KRT Table Kernel ID :8 Address: 0x4e813d5d840 Opaque-data reference count: 2 *Static Preference: 5 Next hop type: Router, Next hop index: 590 Address: 0x4e813f9a61c Next-hop reference count: 4, Next-hop session id: 320 Kernel Table Id: 0 Next hop: 172.16.1.2 via ge-0/0/0.0, selected Session Id: 320 State: <Active Int Ext OpaqueData> Age: 9:01 Validation State: unverified Task: RT Announcement bits (1): 0-KRT AS path: I Thread: junos-main
Required Privilege Level
routing
routing-control
interface
interface-control
Release Information
Statement introduced in Junos OS Evolved Release 24.4R1