Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[Junos] How to edit the routing information by using Martian routes

0

0

Article ID: KB26933 KB Last Updated: 18 Feb 2013Version: 1.0
Summary:
This article provides information on how to use Martian routes to edit the routing information.
Symptoms:
How to use Martian routes to edit the routing information.
Cause:

Solution:
Junos can define address ranges that should not be globally routed in the Internet. These routes are known as martian routes. The default list of martian routes in the Junos is derived via reserved IPv4 address ranges from IANA (Internet Assigned Numbers Authority):
# run show route martians

inet.0:
0.0.0.0/0 exact -- allowed
0.0.0.0/8 orlonger -- disallowed
127.0.0.0/8 orlonger -- disallowed
192.0.0.0/24 orlonger -- disallowed
240.0.0.0/4 orlonger -- disallowed
224.0.0.0/4 exact -- disallowed
224.0.0.0/24 exact -- disallowed
The defined list of martian routes denies them to be placed in the routing table. The router cannot forward packets to these destinations. Junos is very flexible in this way; you can add or remove martian routes by using the following configuration:
routing-options {
     martians {
         prefix/prefix-length match-type allow;
     }
}
user@SRX-03> show route
inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1.1.1.0/24 *[Direct/0] 03:06:03
                 > via fe-0/0/0.0
1.1.1.1/32 *[Local/0] 03:06:03
                Local
6.3.3.0/24 *[Direct/0] 03:06:03
                > via fe-0/0/1.0
6.3.3.1/32 *[Local/0] 03:06:03
                 Local
3.3.3.0/24 *[Direct/0] 03:06:03
                > via fe-0/0/2.0
3.3.3.1/32 *[Local/0] 03:06:03
                 Local
10.10.10.0/24 *[Direct/0] 03:06:03
                 > via so-0/1/1.0
10.10.10.1/32 *[Local/0] 03:06:03
                      Local
172.21.0.0/16 *[Aggregate/130] 00:31:15
                     > to 3.3.3.2 via fe-0/0/2.0
172.21.16.0/24 *[IS-IS/18] 00:47:42, metric 20, tag 2
                     > to 3.3.3.2 via fe-0/0/2.0
172.21.32.12/30 *[Static/5] 01:04:01
                     Reject
172.21.32.24/30 *[Static/5] 01:04:01
                      > to 10.10.10.1 via so-0/1/1.0
172.21.32.36/30 *[Static/5] 01:04:01
                       Discard
172.21.32.48/30 *[Static/5] 01:04:01
                       > to 10.10.10.1 via so-0/1/1.0
172.21.48.0/24 *[IS-IS/18] 00:42:19, metric 20, tag 2
                       > to 6.3.3.2 via fe-0/0/1.0
You can now define a martian route by using the following command:
[edit routing-options]
user@SRX-03# set martians 172.21/16 orlonger
This defines the 172.21.0.0 /16 route and all of the specific routes as martians. You can verify this with the show route command:
user@SRX-03> show route
inet.0: 15 destinations, 15 routes (8 active, 0 holddown, 7 hidden)
+ = Active Route, - = Last Active, * = Both
1.1.1.0/24 *[Direct/0] 02:05:31
                > via fe-0/0/0.0
1.1.1.1/32 *[Local/0] 02:05:31
                  Local
6.3.3.0/24 *[Direct/0] 02:05:31
                > via fe-0/0/1.0
6.3.3.1/32 *[Local/0] 02:05:31
                Local
3.3.3.0/24 *[Direct/0] 02:05:31
               > via fe-0/0/2.0
3.3.3.1/32 *[Local/0] 02:05:31
                Local
10.10.10.0/24 *[Direct/0] 02:05:31
                > via so-0/1/1.0
10.10.10.1/32 *[Local/0] 02:05:31
                Local

user@SRX-03> show route hidden
inet.0: 15 destinations, 15 routes (8 active, 0 holddown, 7 hidden)
+ = Active Route, - = Last Active, * = Both
172.21.0.0/16 [Aggregate/130] 00:31:35
                   > to 3.3.3.2 via fe-0/0/2.0
172.21.16.0/24 [IS-IS/18] 00:48:02, metric 20, tag 2
                   > to 3.3.3.2 via fe-0/0/2.0
172.21.32.12/30 [Static/5] 01:04:21
                   Reject
172.21.32.24/30 [Static/5] 01:04:21
                  > to 10.10.10.1 via so-0/1/1.0
172.21.32.36/30 [Static/5] 01:04:21
                  Discard
172.21.32.48/30 [Static/5] 01:04:21
                  > to 10.10.10.1 via so-0/1/1.0
172.21.48.0/24 [IS-IS/18] 00:42:39, metric 20, tag 2
                  > to 6.3.3.2 via fe-0/0/1.0
You can also check the effect of the configuration by using the following command:
user@SRX-03> show route martians
inet.0:
0.0.0.0/0 exact -- allowed
0.0.0.0/8 orlonger -- disallowed
127.0.0.0/8 orlonger -- disallowed
192.0.0.0/24 orlonger -- disallowed
240.0.0.0/4 orlonger -- disallowed
224.0.0.0/4 exact -- disallowed
224.0.0.0/24 exact -- disallowed

172.21.0.0/16 orlonger -- disallowed
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search