我在 ge-0/0/2 定義一個 172.18.1.254/24 內網
原本都可以連上 http://172.18.1.254 的內網沒問題, 可是重我下了
set interfaces ge-0/0/2 unit 0 family inet filter input FBF
作FBF (filter-based forwarding)
之後就連不上 http://172.18.1.254/ 了
我看cli 也有
http {
interface [ vlan.0 ge-0/0/0.0 ge-0/0/1.0 ge-0/0/7.0 ge-0/0/2.0 ];
}
我的 FBF 也正常啊,有那位仁兄有碰過跟我一樣的狀況
已邀請的邦友 {{ invite_list.length }}/5
term 0
from destination-address 172.18.1.0/24
then accept
term 1
from destination-address 0.0.0.0/0
then routing-instance FBF
我下FBF的目的是因為要限制某些網段走Wan2 出去所以
我的firewall 是下
set firewall filter FBF term 1 from source-address 172.18.1.248/29
set firewall filter FBF term 1 then routing-instance NATEPATH2
set firewall filter FBF term 2 from source-address 0.0.0.0/0
set firewall filter FBF term 2 then routing-instance NATEPATH1
set firewall filter FBF term 3 then accept
[RIB]
set interfaces ge-0/0/2 unit 0 family inet filter input FBF
set routing-options interface-routes rib-group inet IMPORT-PHY
set routing-options rib-groups IMPORT-PHY import-rib inet.0
set routing-options rib-groups IMPORT-PHY import-rib NATEPATH1.inet.0
set routing-options rib-groups IMPORT-PHY import-rib NATEPATH2.inet.0
但是我連 http://192.168.1.1 卻是正常
iThome鐵人賽
看影片追技術