1. How to UP logical status.

2. How to disable one of multiple static route.

Route:

 Show route
 Show route 8.8.8.8
 Show route active-path
 Show route protocol direct
 Show route protocol local
 Show route protocol ospf
 Show route forwarding-table
 Show pfe route ip

Reject -- drop but send ICMP

Discard -- drop and no ICMP

Type--- perm--- default decision

Type--- user--- default decision -- higher priority than perm.

Static Route:

# edit interface ge-0/0/0 unit 0 family inet ---- logical unit 0 and family protocol “inet”

# set address a.b.c.d/24

# commit

Default security zone is untrust and ping is not allowed. We can verify by show config

# set security zones security-zone untrust interfaces ge-0/0/0 host-inbound-traffic system-services

ping --- need to issue this command otherwise ping will not work.

# edit routing-options

# set static route a.b.c.0 /24 next-hop x.x.x.x

# set static route 0.0.0.0/0 next-hop x.x.x.x ---- for default route

# edit security policies

#set security policies default-policy permit –all

# edit routing-options static route 1.1.1.0/24

# Set preference 3 ---- changing preference to 3. Same for ospf and other routing protocol.

Routing Instances:

In a same physical router, we can create instances and allocate interface. All instances will act like a
separate router.

# edit routing-instances

# set MY-INSTANCE instance-type virtual-router -- MY-INSTANCE will be created

# set MY-INSTANCE interface ge-0/0/1.0 --- ge-0/0/1 interface will be added to MY-INSTANCE

 Show route instance

 Show route

Routing Policy:

1. Create a policy statement (MY-POLICY)

2. Create term
3. Set “from protocol”
4. Set route-filter
5. Set “then” action
6. Apply the policy (import or export)
7. # edit protocols ospf
8. # set export/import MY-POLICY
Firewall Filter Rules (ACL):

# edit firewall filter BLOCK-ICMP

# edit term TERM1

[ edit firewall filter BLOCK-ICMP term TERM1]

# set from protocol IMCP

# set from destination-address 1.1.1.1

# set then discard

# set then log

# edit term TERM2

[ edit firewall filter BLOCK-ICMP term TERM2]

# set then accept ---- This will accept anything else. By default deny all

Finally apply this filter rules.

# edit interfaces ge-0/0/1 unit 0 family inet

# set filter output BLOCK-ICMP

 Show firewall log

OSPF:

- Link state protocols

- LSA
- LSDB ---- identical for all routers within an area.
  Show ospf neighbour
 Show route ospf protocol


# set family inet6 ---- enable IPv6 packet processing and link-local address is generated.