I am sorry maybe i've described wrong let me tell you what i need and what we have
we have 1x MX80 2xSRX3600 1xEx4500 30xEx4200 (10G connected to Ex 4500)
Conditions :
SRX needs to see return traffic what pass on it
We need to use vlans
We do not trust the srx totally so if srx fails for some reason traffic will go from the normal route
Last thing we just keep the traffic for some ip addresses on srx not for total of network
So we put a rule on ISP interface with inbound filter. It forward the traffic to the SRX / udp firewalls and we put an other filter on IRB so it pass the return traffic when it arrives to gateway to the SRX as return traffic .
That worked perfectly and do what we need.
Problems :
But this time we need to add this inbound rule to all irb interfaces and also we have static routed ip subnets to our downstream isps which is not in any irb so we can not pass their traffic on both directon to SRX .
We can not put any routing instance filter on EX connection port because it works on family bridge mode to send trunks to EX4500. Other isps also get ip from our natvie vlan and we send their subnets to their layer 3 devices from this road.
So we need to generate an alternate method and what we decide is
1. Ex connection weill be normal family inet connection and we will build all Vlans on EX4500 this time we should put a rule on this interface to send the return of traffic to SRX but the problem is we have too many servers so EX having difficulties
Solution is to buy one more Router but that costs so much. this is why we are looking for an alternative solution.