For When You Can't Have The Real Thing
[ start | index | login ]
start > Netscreen > Specifying Interface In Route Statements

Specifying Interface In Route Statements

Created by dave. Last edited by dave, 11 years and 219 days ago. Viewed 2,496 times. #1
[edit] [rdf]
(19 September 2012)


Given something like:

unset flow reverse-route clear-text
set interface "ethernet0/0" zone "Trust" 
set interface ethernet0/0 ip 
set interface ethernet0/0 nat 
set interface ethernet0/0 ip manageable 
set interface ethernet0/3 zone untrust 
set interface ethernet0/2 ip 
set interface ethernet0/3 ip 
set interface ethernet0/2 mip host netmask vr trust-vr
set interface ethernet0/3 mip host netmask vr trust-vr
is there a difference between:

set route gateway
set route gateway


set route interface ethernet0/0 gateway
set route interface ethernet0/1 gateway is there a point to including the "interface" specifier in the route command?


The routes without interface are called gaterway tracking routes. For these routes firewall will do a recurrsive route lookup. Such routes take the best exit interface.

These gateway tracking rotes are not synched in NSRP and you have to manually define them on both the peers.

(Source:My question asked >>here)

no comments | post comment
This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.

Useful: | Copyright 2000-2002 Matthias L. Jugel and Stephan J. Schmidt