The following configuration is an example using a route policy to export /32 local tunnel address route:
config>router>policy-options>
----------------------------------------------
policy-statement "exportOSPF"
entry 10
from
protocol ipsec
state ipsec-master-with-peer
exit
action accept
metric set 500
exit
exit
entry 20
from
protocol ipsec
state ipsec-non-master
exit
action accept
metric set 1000
exit
exit
entry 30
from
protocol ipsec
state ipsec-master-without-peer
exit
action accept
metric set 1000
exit
exit
exit
The following configuration shows shunting in public and private services.
Shunting in public service:
config>service>ies>
interface "ipsec-pub" create
address 172.16.100.254/24
sap tunnel-1.public:100 create
exit
static-tunnel-redundant-next-hop 10.1.1.1
exit
Shunting in private service:
config>service>vprn>
interface "ipsec-priv" tunnel create
…
static-tunnel-redundant-next-hop 10.7.7.1
exit
Shunting is enabled by configuring redundant next-hop on a public or private IPsec interface