Example: Source-Interface-Based Routing (NSM Procedure)

In this example, you want to forward traffic from the 10.1.1.0/24 subnetwork to ISP 1, and forward traffic from the 10.1.2.0/24 subnetwork to ISP 2. You must configure two entries in the default trust-vr routing table and enable source-based routing. The subnetwork 10.1.1.0/24, with ethernet2/1 as the source interface and ethernet2/3 as the forwarding interface, uses the ISP 1 router (1.1.1.1) as the next hop; subnetwork 10.1.2.0/24, with ethernet2/2 as the source interface and ethernet2/4 as the forwarding interface, uses the ISP 2 router (2.2.2.2) as the next hop.

Figure 5: Source Interface-Based Routing Overview

1. Add a NetScreen-5400 device running ScreenOS 5.x, and then configure the network module:
   • In the NSM navigation tree, select Device Manager > Devices. Double-click the device object to open the device configuration.
   • Double-click the device icon to open the device configuration. In the device navigation tree, select Network > Slot.
   • Double-click slot 2 to display the slot configuration dialog box. For Card Type, select 5000-8G SPM.
   • Click OK to save the slot configuration, and then click Apply to apply the new interfaces to the device.
2. Configure the ethernet 2/1 and ethernet 2/3 interfaces. In the device navigation tree, select Network > Interface.
3. Double-click the ethernet2/1 interface. The General Properties screen appears. Configure the following options:
   • For Zone, select Trust.
   • For IP address and Netmask, enter 10.1.1.0/24.
   • Click OK to save your changes to the interface.
4. Double-click the ethernet2/3 interface. The General Properties screen appears. Configure the following options:
   • For Zone, select Trust.
   • For IP address and Netmask, enter 10.1.2.0/24.
   • Click OK to save your changes to the interface.
5. In the device navigation tree, select Network > Virtual Routers. Double-click the trust-vr virtual router. The General Properties screen appears. In the router navigation tree, select Routing Table.
6. Select Enable Source-Based Routing.
7. Configure the first entry. In the Source Interface-Based Routing Table area, click the Add icon.
8. Configure the following options:
   • For Incoming Interface, select ethernet2/1.
   • For IP Address and Netmask, enter 10.1.1.0/24
   • For Interface, enter ethernet2/3.
   • For Gateway IP Address, enter 1.1.1.1
   • Click OK to save the SIBR entry.
9. Configure the second entry. In the Source Interface-Based Routing Table area, click the Add icon.
10. Configure the following:
    • For Incoming Interface, select ethernet2/3.
    • For IP Address and Netmask, enter 10.1.2.0/24
    • For Interface, enter ethernet2/4.
    • For Gateway IP Address, enter 2.2.2.2
    • Click OK to save the SIBR entry.
11. Click OK to save your changes to the virtual router, and then click OK to save your changes to the device.

Related Documentation

• Destination-Based Routes Overview
• Source-Based Routes Overview