Technical Documentation

• Downloads
• Example: Source-Interface-Based Routing (NSM Procedure)    

• Related Topics
• Destination-Based Routes Overview
• Source-Based Routes Overview

Example: Source-Interface-Based Routing (NSM Procedure)

In this example, you want to forward traffic from the 10.1.1.0/24 subnetwork to ISP 1, and forward traffic from the 10.1.2.0/24 subnetwork to ISP 2. You must configure two entries in the default trust-vr routing table and enable source-based routing. The subnetwork 10.1.1.0/24, with ethernet2/1 as the source interface and ethernet2/3 as the forwarding interface, uses the ISP 1 router (1.1.1.1) as the next hop; subnetwork 10.1.2.0/24, with ethernet2/2 as the source interface and ethernet2/4 as the forwarding interface, uses the ISP 2 router (2.2.2.2) as the next hop.

Figure 1: Source Interface-Based Routing Overview

To configure source interface-based routing:

1. Add a NetScreen-5400 device running ScreenOS 5.x, and then configure the network module:
   • In the NSM navigation tree, select Device Manager > Devices. Double-click the device object to open the device configuration.
   • Double-click the device icon to open the device configuration. In the device navigation tree, select Network > Slot.
   • Double-click slot 2 to display the slot configuration dialog box. For Card Type, select 5000-8G SPM.
   • Click OK to save the slot configuration, and then click Apply to apply the new interfaces to the device.
2. Configure the ethernet 2/1 and ethernet 2/3 interfaces. In the device navigation tree, select Network > Interface.
3. Double-click the ethernet2/1 interface. The General Properties screen appears. Configure the following options:
   • For Zone, select Trust.
   • For IP address and Netmask, enter 10.1.1.0/24.
   • Click OK to save your changes to the interface.
4. Double-click the ethernet2/3 interface. The General Properties screen appears. Configure the following options:
   • For Zone, select Trust.
   • For IP address and Netmask, enter 10.1.2.0/24.
   • Click OK to save your changes to the interface.
5. In the device navigation tree, select Network > Virtual Routers. Double-click the trust-vr virtual router. The General Properties screen appears. In the router navigation tree, select Routing Table.
6. Select Enable Source-Based Routing.
7. Configure the first entry. In the Source Interface-Based Routing Table area, click the Add icon.
8. Configure the following options:
   • For Incoming Interface, select ethernet2/1.
   • For IP Address and Netmask, enter 10.1.1.0/24
   • For Interface, enter ethernet2/3.
   • For Gateway IP Address, enter 1.1.1.1
   • Click OK to save the SIBR entry.
9. Configure the second entry. In the Source Interface-Based Routing Table area, click the Add icon.
10. Configure the following:
    • For Incoming Interface, select ethernet2/3.
    • For IP Address and Netmask, enter 10.1.2.0/24
    • For Interface, enter ethernet2/4.
    • For Gateway IP Address, enter 2.2.2.2
    • Click OK to save the SIBR entry.
11. Click OK to save your changes to the virtual router, and then click OK to save your changes to the device.