I have a question. I have a plan to connect the SRX to the DNS server toward Internet. Let just say that the DNS is 8.8.8.8. SRX that i have configured is already have an RI that provide for internet connection. Since i read this article.
https://kb.juniper.net/InfoCenter/index?page=content&id=KB15656&actp=METADATA
It is written
NOTE: Name resolution will not work for SRX if the DNS server is only reachable via a VR (Virtual Router). The SRX cannot source the DNS queries from a VR type routing instance.
Then it might not possible to create new route table on master (the inet.0) because it is already assigned to the RI (which it is has 0.0.0.0/0 route). Several questions is came for the way...
- What is the interface for egress to the nameserver based on the configuration? I am guessing of fxp0, am i correct?
- Can i made the route way for fxp0 using stateless firewall? Since i have an experience creating the FBF (or PBR perhaps) that i able to manipulate the use for route table. Can it to be possible to assign it to output filter on fxp0 interface?
Or any idea would be appreciated. I need to configure the DNS for auto-update on my IDP signature.