• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
JUNOS.... OSPF and BGP
 

JUNOS.... OSPF and BGP

on

  • 606 views

JUNOS.... A brief introduction to JUNOS OSPF and BGP

JUNOS.... A brief introduction to JUNOS OSPF and BGP

Statistics

Views

Total Views
606
Views on SlideShare
606
Embed Views
0

Actions

Likes
2
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    JUNOS.... OSPF and BGP JUNOS.... OSPF and BGP Presentation Transcript

    •  Thomas Stuart – President / CTO Zenith Networks  tstuart@zenithnetworks.com Copyright 2012 (c) www.zenithnetworks.com 2
    • Partner of Juniper Networks  HQ Philadelphia, PA  25 Years Network Integration Services  10 Years Education Services  LAN / WAN Configuration and Design  Routing, Switching and Security  IPv6 Practice  JNCIA, JNCIS-ENT, JNCI-ENT  www.zenithnetworks.com  Copyright 2012 (c) www.zenithnetworks.com 3
    • Founded 1996 HQ Sunnyvale, CA Employees 9,400 + 46 countries Award: 2011, 2012 & 2013 World’s Most Ethical Company Connect Everything…. Empower Everyone! Routing, Switching, Security www.juniper.net Copyright 2012 (c) www.zenithnetworks.com 4
    • Copyright 2012 (c) www.zenithnetworks.com 5
    • Access to view the Slides……  http://www.zenithnetworks.com/education Copyright 2012 (c) www.zenithnetworks.com 6
    •  Classless – IGP (interior gateway routing protocol)       Open Shortest Path First….. Link State… Enterprise Routing Protocol….. Supports VLSM…. Define Single Area or Multi-Area…. Fast network convergence. Multicast – LSA  Uses multicast, not broadcast…  224.0.0.5 ( all ospf routers.. Sourced by DR and BDR to Drothers ).  224.0.0.6 ( dr and bdr… Sourced by Drothers to DR and BDR ).  Advertise network link information     LSA (link state advertisements) (contained within LSU packet). LSA’s are used to build the LSDB. LSDB is identical for each router within a given area. SPF runs against LSDB to create SPF Tree…OSPF routing table. Copyright 2012 (c) www.zenithnetworks.com 7
    •  Single Area OSPF  All routers share a common ospf area id…. 0, 5, 10…  Defined at the physical or L3 vlan interface or tagged logical interface.  Multi-Area OSPF         More than one area defined. Area 0, and some other area…. 5, 10, 15 Area 0 is known as the backbone area. All non-zero areas must connect through area 0 Otherwise you must define a virtual-area. Allows for route summarization and stub area….. Control LSA traffic. Defined at the physical or L3 vlan interface or tagged logical interface. Copyright 2012 (c) www.zenithnetworks.com 8
    •  OSPF Router Types: Internal…….. All links on a given router reside in same area.  Backbone... ...At least one link in area 0.  ABR……….. Area 0 and other non-zero area.. 10.  ASBR……… Router that inject routes from other routing protocol or outside AS.  Area 0 Area 5 Area 0 Internal Routers Area 5 ABR Backbone Backbone and Internal Routers Area 10 Area 0 Area 10 ABR Backbone Internal Routers ASBR RIP Routes Copyright 2012 (c) www.zenithnetworks.com 9
    •      Type 1 Hello Packet Type 2 Database Description Type 3 Link State Request Type 4 Link State Update Type 5 Link State Ack Copyright 2012 (c) www.zenithnetworks.com 10
    •  Hello OSPF Packet  Type 1  Dynamically Discover and Maintain OSPF neighbors  Hello – Dead Intervals  10 / 40  Authentication ?  Area ID  Subnet mask  OSPF Stub flag Copyright 2012 (c) www.zenithnetworks.com 11
    •  DDP Database Description  Type 2  Used to form adjacencies  Describe contents of link-state DB  Master/Slave relationship  Thanks for the summary information…  I need more information… ( LSR ) Start of OSPF exchange process! Copyright 2012 (c) www.zenithnetworks.com 12
    •  LSR Link State Request  Type 3  After receiving DDP….  Router determines stale or empty DB entries…  Router needs more detailed information (Send LSR).  In response to LSR, Router will receive LSU. Copyright 2012 (c) www.zenithnetworks.com 13
    •  LSU Link State Update  Type 4  Sent in response to LSR…  Sent if link information changes… Up/Down/New.  Sent to 224.0.0.5 or 224.0.0.6  Carries multiple LSA Types (router, network, summary…) Copyright 2012 (c) www.zenithnetworks.com 14
    •  Link State Ack  Type 5  LSR…….  LSU……. (contains multiple lsa types)  LSAck….. ACK’s LSR… sent to unicast ip address Reliable OSPF DB exchange process. Copyright 2012 (c) www.zenithnetworks.com 15
    •  Router LSA (contained within OSPF LSU packet)  Type 1  Router LSA originated by all OSPF routers  Describes state of a routers interfaces…  Flooded throughout a single-area… could be a large area! No more than 50 routers per area. Copyright 2012 (c) www.zenithnetworks.com 16
    •  Network Link LSA (contained within the OSPF LSU packet)  Type 2  Originated by DR for BCAST and NBMA networks  Represents the local routed segment and all attached routers  Contains list of routers within the ethernet segment…  Flooded throughout a single-area… could be a large area! Copyright 2012 (c) www.zenithnetworks.com 17
    •  Summary Link LSA (contained within OSPF LSU packet)  Type 3 and 4  Originated by ABR  Describes routes from other areas, but within the AS  Inter-Area Routes  Type 4… Advertise the presence of the ASBR… via ABR  Flooded throughout ALL ospf areas!  Totally Stubby and Route Summarization control propagation Copyright 2012 (c) www.zenithnetworks.com 18
    •  External Link LSA (contained within OSPF LSU packet)  Type 5  Originated by AS Boundry Router  Describes routes from outside the AS…  Describes routes that have been redistributed from other routing protocols or static routes.  Flooded throughout OSPF AS.  Type II do not add internal ospf cost to route (default)  Type I do ADD internal ospf cost to route.  Blocked by stub abr! Copyright 2012 (c) www.zenithnetworks.com 19
    •  External links redistributed into NSSA (contained within OSPF LSU packet)  Type 7  Originated by AS Boundry Router (ASBR)  Describes routes from outside the AS…  Describes routes that have been redistributed from other routing protocols or static routes.  Flooded throughout OSPF NSSA  ABR converts type 7 into type 5… floods into area 0. Copyright 2012 (c) www.zenithnetworks.com 20
    • Regular Area Backbone Area 10 Type 1, 2, 3, 4, 5 Router, Network, Summary, ASBR, and External RIP Copyright 2012 (c) www.zenithnetworks.com 21
    •  OSPF Versions  V2 ( IPv4 processing )  V3 ( IPv4 and IPV6 processing ) Copyright 2012 (c) www.zenithnetworks.com 22
    •  Router ID          Every OSPF router has a unique ospf router id Identifies router to the OSPF routing domain 32 bit number Generally the loopback ip address, but not required If using loop…. Loop IP is the OSPF router ID… If multiple loops, then lowest ip of all the loops…. Or…. IP address of 1st physical interface to come online. If router-id is hard-coded, then this parameter rules (loop or no loop)!! DR ( Designated Router )      Determined at the interface ( broadcast ) level Non-deterministic process…. Priority 0 thru 255, 128 is default… Highest priority wins DR… if tie…. Highest RID becomes DR. DR establishes full adjacency with all other OSPF routers for a given area…. Ensure LSDB Synchronization Copyright 2012 (c) www.zenithnetworks.com 23
    •  Dijkstra  SPF algorithim  1. SPF runs against local LSDB… 2. Build SPF Tree…. 3. routes are selected for the routing table.  OSPF Processing  SPF runs on each router and depending on # of entries can be cpu intensive.  MCAST on network, not broadcast, so easy on the network  224.0.0.5, 224.0.0.6 v. 255.255.255.255 ( MCAST v. BCAST )  Only send LSA for up/down/new link state information or if no changes..  LSA refresh every 50 minutes Copyright 2012 (c) www.zenithnetworks.com 24
    • Copyright 2012 (c) www.zenithnetworks.com 25
    •            Router ID Version Areas Authentication Neighbors View LSDB View OSPF Statistics View OSPF Routes Metric Hello / Dead Traceoptions Copyright 2012 (c) www.zenithnetworks.com 26
    • Copyright 2012 (c) www.zenithnetworks.com 27
    • OSPF Router ID Optional Overrides any other default R-ID candidate. Generally lo0 IP Address. If no loop… 1st physical interface to come online. Does not have to be routable. {master:0}[edit] root@Top-Router# set routing-options router-id 1.1.1.1 {master:0}[edit] root@Top-Router# show routing-options router-id 1.1.1.1; Copyright 2012 (c) www.zenithnetworks.com 28
    • Configure OSPFv2 or OSPFv3 root@Top-Router# edit protocols ospf? Possible completions: > ospf OSPF configuration ( IPv4 ) > ospf3 OSPFv3 configuration ( IPv4 and IPv6 ) edit protocols ospf (ipv4 processing) edit protocols ospf3 (ipv4 and ipv6 processing) Copyright 2012 (c) www.zenithnetworks.com 29
    • {master:0}[edit protocols ospf] root@Top-Router# set area 16 interface ge-0/0/0.0 root@Top-Router# set area 0.0.0.0 interface ge-0/0/1.0 root@Top-Router# set area 0.0.0.0 interface ge-0/0/2.0 root@Top-Router# set area 0.0.0.0 interface ge-0/0/3 Not required to use .0 at end, but be aware If using vlan tagged interface… must specify .x or .0 is assumed! Interface ge-0/0/5 vlan-tagging Unit 10 vlan-id 10 family-inet address 172.16.10.1/24 SET AREA 20 INTERFACE GE-0/0/5.10 Copyright 2012 (c) www.zenithnetworks.com 30
    • {master:0}[edit protocols ospf] root@Top-Router# show area 0.0.0.16 { interface ge-0/0/0.0; } area 0.0.0.0 { interface ge-0/0/1.0; interface ge-0/0/2.0; interface ge-0/0/3.0; } Copyright 2012 (c) www.zenithnetworks.com 31
    • OSPF Router ID Optional Overrides any other default. Generally lo0 IP Address. If no loop… 1st physical interface to come online. Does not have to be routable. {master:0}[edit] root@Left-Router# set routing-options router-id 2.2.2.2 {master:0}[edit] root@Left-Router# show routing-options router-id 2.2.2.2 ; Copyright 2012 (c) www.zenithnetworks.com 32
    • {master:0}[edit] root@Left-Router# edit protocols ospf {master:0}[edit protocols ospf] root@Left-Router# set area 4 interface ge-0/0/0.0 root@Left-Router# set area 0 interface ge-0/0/1.0 We define OSPF areas and at the same time marry interfaces to these areas! Copyright 2012 (c) www.zenithnetworks.com 33
    • {master:0}[edit protocols ospf] root@Left-Router# show area 0.0.0.4 { interface ge-0/0/0.0; } area 0.0.0.0 { interface ge-0/0/1.0; } Copyright 2012 (c) www.zenithnetworks.com 34
    • root@Right-Router# set routing-options router-id 3.3.3.3 {master:0}[edit routing-options] root@Right-Router# show Right-Router Lo0 3.3.3.3 ge-0/0/0 router-id 3.3.3.3; Copyright 2012 (c) www.zenithnetworks.com 35
    • {master:0}[edit protocols ospf] root@Right-Router# set area 8 interface ge-0/0/0.0 root@Right-Router# set area 0 interface ge-0/0/2.0 root@Right-Router# set area 0 interface ge-0/0/3.0 Copyright 2012 (c) www.zenithnetworks.com 36
    • {master:0}[edit protocols ospf] root@Right-Router# show area 0.0.0.8 { interface ge-0/0/0.0; } area 0.0.0.0 { interface ge-0/0/2.0; interface ge-0/0/3.0; } Copyright 2012 (c) www.zenithnetworks.com 37
    • Basic configuration now built on all routers!  IP Addresses    Lo0 Interface Router ID OSPF Areas and Marry Interface to Area Let’s Monitor basic OSPF information. Copyright 2012 (c) www.zenithnetworks.com 38
    • {master:0}[edit] root@Top-Router# run show ospf ? Possible completions: backup Show OSPF backup information database Show OSPF link-state database interface Show OSPF interface status information io-statistics Show OSPF I/O statistics log Show shortest-path-first calculations from OSPF log neighbor Show OSPF neighbor status information overview Show overview of OSPF information route Show OSPF routing table statistics Show OSPF statistics Copyright 2012 (c) www.zenithnetworks.com 39
    • {master:0}[edit] root@Top-Router# run show ospf interface Interface State Area DR ID BDR ID ge-0/0/1.0 DR 0.0.0.0 1.1.1.1 2.2.2.2 ge-0/0/2.0 DR 0.0.0.0 1.1.1.1 3.3.3.3 ge-0/0/3.0 DR 0.0.0.0 1.1.1.1 3.3.3.3 ge-0/0/0.0 DR 0.0.0.16 1.1.1.1 0.0.0.0   Nbrs 1 1 1 0 Our router interface. OSPF Router state (dr,bdr, drother). Copyright 2012 (c) www.zenithnetworks.com 40
    • root@Top-Router# run show ospf neighbor Address Interface State ID 172.16.32.2 ge-0/0/1.0 Full 2.2.2.2 172.16.33.2 ge-0/0/2.0 Full 3.3.3.3 172.16.34.2 ge-0/0/3.0 Full 3.3.3.3     Pri Dead 128 36 128 36 128 36 My physical interface. Neighbor IP address on phys. Interface. Neighbor OSPF router id. Interface priority (DR Election ). Copyright 2012 (c) www.zenithnetworks.com 41
    • root@Top-Router# run show ospf database OSPF database, Area 0.0.0.0 Type ID Adv Rtr Router *1.1.1.1 1.1.1.1 Router 2.2.2.2 2.2.2.2 Router 3.3.3.3 3.3.3.3 Network *172.16.32.1 1.1.1.1 Network *172.16.33.1 1.1.1.1 Network *172.16.34.1 1.1.1.1 Summary 172.16.4.0 2.2.2.2 Summary 172.16.8.0 3.3.3.3 Summary *172.16.16.0 1.1.1.1     Seq Age Opt Cksum Len 0x80000008 268 0x22 0x7f4a 60 0x80000003 61 0x22 0xa0c2 36 0x80000003 264 0x22 0x6028 48 0x80000001 1100 0x22 0x1735 32 0x80000001 273 0x22 0x3e09 32 0x80000001 268 0x22 0x3313 32 0x80000003 410 0x22 0xa1cf 28 0x80000002 269 0x22 0x5911 28 0x80000002 770 0x22 0x3d2d 28 * Sourced from this router. Router Type 1……… Considered to be within same OSPF area ( Intra-Area ). Network Type 2…… Sourced by DR. Summary Type 3….. Relative to area 0, routes from other OSPF area… Sourced by ABR. Copyright 2012 (c) www.zenithnetworks.com 42
    • OSPF database, Area 0.0.0.16 Type ID Adv Rtr Router *1.1.1.1 1.1.1.1 Summary *172.16.4.0 1.1.1.1 Summary *172.16.8.0 1.1.1.1 Summary *172.16.32.0 1.1.1.1 Summary *172.16.33.0 1.1.1.1 Summary *172.16.34.0 1.1.1.1 Seq 0x80000003 0x80000001 0x80000002 0x80000002 0x80000003 0x80000002 Age Opt Cksum Len 1084 0x22 0x77e2 36 1093 0x22 0xcda8 28 261 0x22 0x9fd1 28 1100 0x22 0x8ccd 28 273 0x22 0x7fd8 28 268 0x22 0x76e1 28 Copyright 2012 (c) www.zenithnetworks.com 43
    • root@Top-Router# run show ospf statistics Packet type Total Sent Received Hello 41 10 DbD 10 7 LSReq 3 2 LSUpdate 19 11 LSAck 11 14 Last 5 seconds Sent Received 0 0 0 0 0 0 0 0 0 0 Copyright 2012 (c) www.zenithnetworks.com 44
    • DBDs retransmitted : 1, LSAs flooded : 4, LSAs flooded high-prio : 19, LSAs retransmitted : 0, LSAs transmitted to nbr: 7, LSAs requested : 3, LSAs acknowledged : 13, last 5 seconds : 0 last 5 seconds : 0 last 5 seconds : 0 last 5 seconds : 0 last 5 seconds : 0 last 5 seconds : 0 last 5 seconds :0 Flood queue depth :0 Total rexmit entries : 0 db summaries : 0 lsreq entries : 0 Receive errors: None Copyright 2012 (c) www.zenithnetworks.com 45
    • root@Top-Router# run show ospf overview Instance: master Router ID: 1.1.1.1 Route table index: 0 Area border router LSA refresh time: 50 minutes Area: 0.0.0.0 Stub type: Not Stub Authentication Type: None Area border routers: 2, AS boundary routers: 0 Neighbors Up (in full state): 3 Copyright 2012 (c) www.zenithnetworks.com 46
    • Area: 0.0.0.16 Stub type: Not Stub Authentication Type: None Area border routers: 0, AS boundary routers: 0 Neighbors Up (in full state): 0 Topology: default (ID 0) Prefix export count: 0 Full SPF runs: 11 SPF delay: 0.200000 sec, SPF holddown: 5 sec, SPF rapid runs: 3 Backup SPF: Not Needed Copyright 2012 (c) www.zenithnetworks.com 47
    • root@Top-Router# run show ospf route Topology default Route Table: Prefix 2.2.2.2 3.3.3.3 Path Route NH Type Type Type Intra Area BR IP Intra Area BR IP 172.16.4.0/24 172.16.8.0/24 Inter Network Inter Network 172.16.16.0/24 172.16.32.0/24 172.16.33.0/24 172.16.34.0/24 Intra Network Intra Network Intra Network Intra Network    Metric NextHop Interface 1 ge-0/0/1.0 1 ge-0/0/2.0 ge-0/0/3.0 IP 2 ge-0/0/1.0 IP 2 ge-0/0/2.0 ge-0/0/3.0 IP 1 ge-0/0/0.0 IP 1 ge-0/0/1.0 IP 1 ge-0/0/2.0 IP 1 ge-0/0/3.0 Nexthop Address/LSP 172.16.32.2 172.16.33.2 172.16.34.2 172.16.32.2 172.16.33.2 172.16.34.2 Routes OSPF would like to add to the RIB. Sourced from LSDB. Red is directly connected on Top-Router…. Blue is learned. Copyright 2012 (c) www.zenithnetworks.com 48
    • root@Top-Router# run show route protocol ospf inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 172.16.4.0/24 *[OSPF/10] 00:23:44, metric 2 > to 172.16.32.2 via ge-0/0/1.0 172.16.8.0/24 *[OSPF/10] 00:09:52, metric 2 > to 172.16.33.2 via ge-0/0/2.0 to 172.16.34.2 via ge-0/0/3.0 224.0.0.5/32  *[OSPF/10] 00:45:52, metric 1 MultiRecv Routes from RIB. Copyright 2012 (c) www.zenithnetworks.com 49
    • root@Left-Router# run show ospf interface Interface State Area DR ID ge-0/0/1.0 BDR 0.0.0.0 1.1.1.1 ge-0/0/0.0 DR 0.0.0.4 2.2.2.2 BDR ID 2.2.2.2 0.0.0.0 Copyright 2012 (c) www.zenithnetworks.com Nbrs 1 0 50
    • root@Left-Router# run show ospf neighbor Address Interface 172.16.32.1 ge-0/0/1.0 State Full ID 1.1.1.1 Pri Dead 128 33 Copyright 2012 (c) www.zenithnetworks.com 51
    • root@Left-Router# run show ospf database OSPF database, Area 0.0.0.0 Type ID Adv Rtr Router 1.1.1.1 1.1.1.1 Router *2.2.2.2 2.2.2.2 Router 3.3.3.3 3.3.3.3 Network 172.16.32.1 1.1.1.1 Network 172.16.33.1 1.1.1.1 Network 172.16.34.1 1.1.1.1 Summary *172.16.4.0 2.2.2.2 Summary 172.16.8.0 3.3.3.3 Summary 172.16.16.0 1.1.1.1     Seq Age Opt Cksum Len 0x80000008 719 0x22 0x7f4a 60 0x80000003 510 0x22 0xa0c2 36 0x80000003 715 0x22 0x6028 48 0x80000002 221 0x22 0x1536 32 0x80000001 724 0x22 0x3e09 32 0x80000001 719 0x22 0x3313 32 0x80000003 858 0x22 0xa1cf 28 0x80000003 82 0x22 0x5712 28 0x80000002 1221 0x22 0x3d2d 28 * Sourced from this router. Router Type 1……… Considered to be within same OSPF area ( Intra-Area ). Network Type 2…… Sourced by DR ( Top Router ). Summary Type 3….. Relative to area 0, routes from other OSPF area… Sourced by ABR. Copyright 2012 (c) www.zenithnetworks.com 52
    • OSPF database, Area 0.0.0.4 Type ID Adv Rtr Seq Age Opt Cksum Len Router *2.2.2.2 2.2.2.2 0x80000002 1510 0x22 0xc09e 36 Summary *172.16.8.0 2.2.2.2 0x80000001 716 0x22 0x8ddf 28 Summary *172.16.16.0 2.2.2.2 0x80000002 161 0x22 0x293c 28 Summary *172.16.32.0 2.2.2.2 0x80000003 1544 0x22 0x6ce8 28 Summary *172.16.33.0 2.2.2.2 0x80000002 722 0x22 0x6de6 28 Summary *172.16.34.0 2.2.2.2 0x80000002 717 0x22 0x62f0 28 Relative to area 4…. All other routes are from other area… Summary Type 3 LSA…. ABR.     * Sourced from this router. Router Type 1……… Considered to be within same OSPF area ( Intra-Area ). Network Type 2…… Sourced by DR ( Top Router ). Summary Type 3….. Relative to area 0, routes from other OSPF area… Sourced by ABR. Copyright 2012 (c) www.zenithnetworks.com 53
    • root@Left-Router# run show ospf overview Instance: master Router ID: 2.2.2.2 Route table index: 0 Area border router LSA refresh time: 50 minutes Area: 0.0.0.0 Stub type: Not Stub Authentication Type: None Area border routers: 2, AS boundary routers: 0 Neighbors Up (in full state): 1 Copyright 2012 (c) www.zenithnetworks.com 54
    • Area: 0.0.0.4 Stub type: Not Stub Authentication Type: None Area border routers: 0, AS boundary routers: 0 Neighbors Up (in full state): 0 Topology: default (ID 0) Prefix export count: 0 Full SPF runs: 7 SPF delay: 0.200000 sec, SPF holddown: 5 sec, SPF rapid runs: 3 Backup SPF: Not Needed Copyright 2012 (c) www.zenithnetworks.com 55
    • root@Left-Router# run show route protocol ospf inet.0: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 172.16.8.0/24 *[OSPF/10] 00:13:35, metric 3 > to 172.16.32.1 via ge-0/0/1.0 172.16.16.0/24 *[OSPF/10] 00:27:23, metric 2 > to 172.16.32.1 via ge-0/0/1.0 172.16.33.0/24 *[OSPF/10] 00:27:23, metric 2 > to 172.16.32.1 via ge-0/0/1.0 172.16.34.0/24 *[OSPF/10] 00:27:23, metric 2 > to 172.16.32.1 via ge-0/0/1.0 224.0.0.5/32 *[OSPF/10] 00:27:29, metric 1 MultiRecv inet6.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) Copyright 2012 (c) www.zenithnetworks.com 56
    • root@Right-Router# run show ospf interface Interface ge-0/0/2.0 ge-0/0/3.0 ge-0/0/0.0 State Area BDR 0.0.0.0 BDR 0.0.0.0 DR 0.0.0.8 DR ID 1.1.1.1 1.1.1.1 3.3.3.3 BDR ID 3.3.3.3 3.3.3.3 0.0.0.0 Nbrs 1 1 0 Copyright 2012 (c) www.zenithnetworks.com 57
    • root@Right-Router# run show ospf neighbor Address 172.16.33.1 172.16.34.1 Interface ge-0/0/2.0 ge-0/0/3.0 State Full Full ID 1.1.1.1 1.1.1.1 Pri Dead 128 32 128 33 Copyright 2012 (c) www.zenithnetworks.com 58
    • root@Right-Router# run show ospf database OSPF database, Area 0.0.0.0 Type ID Adv Rtr Seq Age Opt Cksum Len Router 1.1.1.1 1.1.1.1 0x80000008 947 0x22 0x7f4a 60 Router 2.2.2.2 2.2.2.2 0x80000003 740 0x22 0xa0c2 36 Router *3.3.3.3 3.3.3.3 0x80000003 942 0x22 0x6028 48 Network 172.16.32.1 1.1.1.1 0x80000002 450 0x22 0x1536 32 Network 172.16.33.1 1.1.1.1 0x80000001 952 0x22 0x3e09 32 Network 172.16.34.1 1.1.1.1 0x80000001 947 0x22 0x3313 32 Summary 172.16.4.0 2.2.2.2 0x80000003 1089 0x22 0xa1cf 28 Summary *172.16.8.0 3.3.3.3 0x80000003 309 0x22 0x5712 28 Summary 172.16.16.0 1.1.1.1 0x80000002 1449 0x22 0x3d2d 28     * Sourced from this router. Router Type 1……… Considered to be within same OSPF area ( Intra-Area ). Network Type 2…… Sourced by DR ( Top Router ). Summary Type 3….. Relative to area 0, routes from other OSPF area… Sourced by ABR. Copyright 2012 (c) www.zenithnetworks.com 59
    • OSPF database, Area 0.0.0.8 Type ID Adv Rtr Seq Age Opt Cksum Len Router *3.3.3.3 3.3.3.3 0x80000002 912 0x22 0x98ba 36 Summary *172.16.4.0 3.3.3.3 0x80000002 937 0x22 0x99d2 28 Summary *172.16.16.0 3.3.3.3 0x80000002 937 0x22 0xb56 28 Summary *172.16.32.0 3.3.3.3 0x80000002 937 0x22 0x5af6 28 Summary *172.16.33.0 3.3.3.3 0x80000004 4 0x22 0x410e 28 Summary *172.16.34.0 3.3.3.3 0x80000004 937 0x22 0x3618 28 Copyright 2012 (c) www.zenithnetworks.com 60
    • root@Right-Router# run show ospf overview Instance: master Router ID: 3.3.3.3 Route table index: 0 Area border router LSA refresh time: 50 minutes Area: 0.0.0.0 Stub type: Not Stub Authentication Type: None Area border routers: 2, AS boundary routers: 0 Neighbors Up (in full state): 2 Copyright 2012 (c) www.zenithnetworks.com 61
    • Area: 0.0.0.8 Stub type: Not Stub Authentication Type: None Area border routers: 0, AS boundary routers: 0 Neighbors Up (in full state): 0 Topology: default (ID 0) Prefix export count: 0 Full SPF runs: 4 SPF delay: 0.200000 sec, SPF holddown: 5 sec, SPF rapid runs: 3 Backup SPF: Not Needed Copyright 2012 (c) www.zenithnetworks.com 62
    • root@Right-Router# run show route protocol ospf inet.0: 14 destinations, 14 routes (14 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 172.16.4.0/24 *[OSPF/10] 00:18:26, metric 3 > to 172.16.33.1 via ge-0/0/2.0 to 172.16.34.1 via ge-0/0/3.0 172.16.16.0/24 *[OSPF/10] 00:18:26, metric 2 to 172.16.33.1 via ge-0/0/2.0 > to 172.16.34.1 via ge-0/0/3.0 172.16.32.0/24 *[OSPF/10] 00:18:26, metric 2 to 172.16.33.1 via ge-0/0/2.0 > to 172.16.34.1 via ge-0/0/3.0 224.0.0.5/32 *[OSPF/10] 00:18:41, metric 1 MultiRecv Copyright 2012 (c) www.zenithnetworks.com 63
    • Copyright 2012 (c) www.zenithnetworks.com 64
    • Adjusting the hello parameter Traceoptions (troubleshooting) Adjusting the default metric Authentication Passive Interface Copyright 2012 (c) www.zenithnetworks.com 65
    •  Let’s break ospf by changing hello timers on top router!  Default hello timer is 10 seconds.  Hello parameters must match in order to establish and maintain neighbor!! Copyright 2012 (c) www.zenithnetworks.com 66
    • CHANGE OSPF HELLO ON TOP ROUTER INTERFACES {master:0}[edit protocols ospf] root@Top-Route# set area 0 interface ge-0/0/1.0 hello-interval 5 root@Top-Router# set area 0 interface ge-0/0/2.0 hello-interval 5 root@Top-Router# set area 0 interface ge-0/0/3.0 hello-interval 5 Copyright 2012 (c) www.zenithnetworks.com 67
    • {master:0}[edit protocols ospf] root@Top-Router# show area 0.0.0.16 { interface ge-0/0/0.0; } area 0.0.0.0 interface ge-0/0/1.0 { hello-interval 5; } interface ge-0/0/2.0 { hello-interval 5; } interface ge-0/0/3.0 { hello-interval 5; } } Copyright 2012 (c) www.zenithnetworks.com 68
    • BEFORE COMITTING THE PRIOR HELLO CHANGES, LET’S TAKE AN INTERFACE SNAPSHOT!!! root@Top-Router# run show ospf interface Interface ge-0/0/1.0 ge-0/0/2.0 ge-0/0/3.0 ge-0/0/0.0 State DR DR DR DR Area 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.16 DR ID 1.1.1.1 1.1.1.1 1.1.1.1 1.1.1.1 BDR ID 2.2.2.2 3.3.3.3 3.3.3.3 0.0.0.0 Nbrs 1 1 1 0 We are Happy!! Copyright 2012 (c) www.zenithnetworks.com 69
    • NOW COMMIT, PRIOR HELLO CHANGES…….. NEIGHBORS ARE GONE! root@Top-Router# run show ospf interface Interface State Area DR ID ge-0/0/1.0 DR 0.0.0.0 1.1.1.1 ge-0/0/2.0 DR 0.0.0.0 1.1.1.1 ge-0/0/3.0 DR 0.0.0.0 1.1.1.1 ge-0/0/0.0 DR 0.0.0.16 1.1.1.1 BDR ID 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 Nbrs 0 0 0 0 We are Sad Copyright 2012 (c) www.zenithnetworks.com 70
    • Let’s setup TRACEOPTIONS and see the impact of the recent hello changes. We can view detailed real-time protocol events. {master:0}[edit protocols ospf] root@Top-Router# set traceoptions file whats-up root@Top-Router# set traceoptions flag hello root@Top-Router# set traceoptions flag event root@Top-Router# set traceoptions flag error Copyright 2012 (c) www.zenithnetworks.com 71
    • root@Top-Router# show traceoptions { file whats-up; flag hello; flag event; flag error; } Copyright 2012 (c) www.zenithnetworks.com 72
    • root@Top-Router# run show log whats-up *** monitor start whats-up ( filename ) *** “copy to screen” *** monitor stop whats-up ( filename ) *** WE ARE RECEIVING HELLO’S FROM NEIGHBORS SET FOR 10, BUT TOP IS NOW SET FOR 5 Aug 21 22:46:44.983559 OSPF rcvd Hello 172.16.33.2 -> 224.0.0.5 (ge-0/0/2.0 IFL 74 area 0.0.0.0) Aug 21 22:46:44.983621 Version 2, length 44, ID 3.3.3.3, area 0.0.0.0 Aug 21 22:46:44.983640 checksum 0x0, authtype 0 Aug 21 22:46:44.983677 mask 255.255.255.0, hello_ivl 10, opts 0x2, prio 128 Aug 21 22:46:44.983698 dead_ivl 40, DR 172.16.33.2, BDR 0.0.0.0 Aug 21 22:46:44.983725 OSPF packet ignored: hello interval mismatch 10 from 172.16.33.2 on intf ge-0/0/2.0 area 0.0.0.0 Copyright 2012 (c) www.zenithnetworks.com 73
    • ON THE TOP ROUTER, DUE TO HELLO CHANGE… OSPF ROUTES ARE GONE!!!! root@Top-Router# run show route protocol ospf inet.0: 13 destinations, 13 routes (13 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 224.0.0.5/32 *[OSPF/10] 01:13:20, metric 1 MultiRecv inet6.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) Copyright 2012 (c) www.zenithnetworks.com 74
    • LET’S FIX HELLO ON TOP AND GET OUR NETWORK BACK!! {master:0}[edit protocols ospf area 0.0.0.0] root@Top-Router# set interface ge-0/0/1.0 hello-interval 10 root@Top-Router# set interface ge-0/0/2.0 hello-interval 10 root@Top-Router# set interface ge-0/0/3.0 hello-interval 10 Copyright 2012 (c) www.zenithnetworks.com 75
    • root@Top-Router# commit configuration check succeedscommit complete root@Top-Router# run show ospf interface Interface ge-0/0/1.0 ge-0/0/2.0 ge-0/0/3.0 ge-0/0/0.0 State BDR BDR BDR DR Area 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.16 DR ID 2.2.2.2 3.3.3.3 3.3.3.3 1.1.1.1 BDR ID 1.1.1.1 1.1.1.1 1.1.1.1 0.0.0.0 Copyright 2012 (c) www.zenithnetworks.com Nbrs 1 1 1 0 76
    • root@Top-Router# run show route protocol ospf inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 172.16.4.0/24 *[OSPF/10] 00:01:45, metric 2 > to 172.16.32.2 via ge-0/0/1.0 172.16.8.0/24 *[OSPF/10] 00:01:40, metric 2 to 172.16.33.2 via ge-0/0/2.0 > to 172.16.34.2 via ge-0/0/3.0 224.0.0.5/32 *[OSPF/10] 01:19:21, metric 1 MultiRecv WE ARE NOW FINISHED WITH HELLO LABS. Copyright 2012 (c) www.zenithnetworks.com 77
    • Top Router…. Multiple paths to the 8.0 Net. Path via ge-0/0/3.0 is best! 172.16.8.0/24 *[OSPF/10] 00:01:40, metric 2 to 172.16.33.2 via ge-0/0/2.0 > to 172.16.34.2 via ge-0/0/3.0     By default… No load balancing. By default… Junos selects one path. > is the selected path. Show route forwarding-table… rules! Copyright 2012 (c) www.zenithnetworks.com 78
    • root@Top-Router# set interface ge-0/0/3.0 metric 200 {master:0}[edit protocols ospf area 0.0.0.0] root@Top-Router# show interface ge-0/0/1.0 { hello-interval 10; } interface ge-0/0/2.0 { hello-interval 10; } interface ge-0/0/3.0 { metric 200; hello-interval 10; } Copyright 2012 (c) www.zenithnetworks.com 79
    • “show ospf interface extensive”….NOTE INTERFACE COSTS….. ge-0/0/2.0 BDR 0.0.0.0 3.3.3.3 1.1.1.1 1 Type: LAN, Address: 172.16.33.1, Mask: 255.255.255.0, MTU: 1500, Cost: 1 DR addr: 172.16.33.2, BDR addr: 172.16.33.1, Priority: 128 Adj count: 1 Hello: 10, Dead: 40, ReXmit: 5, Not Stub Auth type: None Protection type: None Topology default (ID 0) -> Cost: 0 ge-0/0/3.0 BDR 0.0.0.0 3.3.3.3 1.1.1.1 1 Type: LAN, Address: 172.16.34.1, Mask: 255.255.255.0, MTU: 1500, Cost: 200 DR addr: 172.16.34.2, BDR addr: 172.16.34.1, Priority: 128 Adj count: 1 Hello: 10, Dead: 40, ReXmit: 5, Not Stub Auth type: None Protection type: None Topology default (ID 0) -> Cost: 0 Copyright 2012 (c) www.zenithnetworks.com 80
    • AFTER BUMPING THE METRIC ON INT GE-0/0/3 NOW WE ONLY SEE ONE PATH… THE BEST, NOW GE-0/0/2 root@Top-Router# run show route protocol ospf inet.0: 15 destinations, 16 routes (15 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 172.16.4.0/24 *[OSPF/10] 00:13:50, metric 2 > to 172.16.32.2 via ge-0/0/1.0 172.16.8.0/24 *[OSPF/10] 00:00:18, metric 2 > to 172.16.33.2 via ge-0/0/2.0 Copyright 2012 (c) www.zenithnetworks.com 81
    •     Advertise OSPF network…… but…. Do not attempt to form ospf adjacency on LAN. We do not want to send hellos on ge-0/0/0…. Yet, we do want the network to be part of OSPF. Copyright 2012 (c) www.zenithnetworks.com 82
    • We can observe that TOP-Router is sending out hellos on its LAN interface. root@Top-Router> monitor start top-router-lan {master:0} root@Top-Router> *** top-router-lan *** Aug 21 23:42:36.358177 OSPF periodic xmit from 172.16.16.1 to 224.0.0.5 (IFL 2147405284 area 0.0.0.16) root@Top-Router> monitor stop Copyright 2012 (c) www.zenithnetworks.com 83
    • Now, we set and activate the passive option on TOP-Router LAN. root@Top-Router# set area 16 interface ge-0/0/0.0 passive {master:0}[edit] root@Top-Router# commit configuration check succeeds commit complete Copyright 2012 (c) www.zenithnetworks.com 84
    • root@Top-Router> monitor start top-router-lan {master:0} root@Top-Router> *** top-router-lan *** Aug 21 23:46:14.234280 OSPF periodic xmit from 172.16.33.1 to 224.0.0.5 (IFL 2147405284 area 0.0.0.0) Aug 21 23:46:16.838283 OSPF periodic xmit from 172.16.34.1 to 224.0.0.5 (IFL 2147405284 area 0.0.0.0) Aug 21 23:46:17.502040 OSPF periodic xmit from 172.16.32.1 to 224.0.0.5 (IFL 2147405284 area 0.0.0.0) Copyright 2012 (c) www.zenithnetworks.com 85
    • OSPF AUTHENTICATION: Top router for area 0 interfaces root@Top-Router# set interface ge-0/0/2.0 authentication md5 1 key password root@Top-Router# set interface ge-0/0/3.0 authentication md5 1 key password MD5 or Simple  Key identifier for password transition  Specify new key start date / time  Copyright 2012 (c) www.zenithnetworks.com 86
    • root@Top-Router# show interface ge-0/0/1.0 { hello-interval 10; } interface ge-0/0/2.0 { hello-interval 10; authentication { md5 1 key "$9$PfF/CA0Ihrp0-wgJHkp0B1RS"; ## SECRET-DATA } } interface ge-0/0/3.0 { hello-interval 10; authentication { md5 1 key "$9$bow4ZUDkPT3ik1hrv7Nik.mfz"; ## SECRET-DATA } Copyright 2012 (c) www.zenithnetworks.com } 87
    •  Normal Multi-Area OSPF  Stub Area  Totally Stubby Area  Not-So-Stubby Areas Copyright 2012 (c) www.zenithnetworks.com 88
    • Regular OSPF Area All OSPF LSA Types (1 router, 2 network, 3 summary, 4 asbr and 5 external) Area 20 Type 1, 2, 3, 4, 5 Backbone Area 10 RIP {master:0}[edit protocols ospf] root@Customer-Internal# show area 0.0.0.0 { interface ge-0/0/0.0; interface ge-0/0/2.0; } area 0.0.0.20 { interface ge-0/0/20.0; } Copyright 2012 (c) www.zenithnetworks.com 89
    • Stub Area: Router, Network, Summary (0 & 10), maybe Default…. NO EXTERNAL TYPE 5 ROUTES!! All routers within stub area must have stub configuration!!! Stub Area 20 Type 1, 2, 3, and default Backbone Area 10 {master:0}[edit protocols ospf] root@Customer-Internal# set area 20 stub {master:0}[edit protocols ospf] root@Customer-Internal# show area 0.0.0.0 { interface ge-0/0/0.0; } area 0.0.0.20 { stub; interface ge-0/0/20.0; } Copyright 2012 (c) www.zenithnetworks.com 90
    • Stub Area: Injecting default route…. Only on ABR…. into STUB area 20 Stub Area 20 Type 1, 2, 3, and default Backbone Area 10 {master:0}[edit protocols ospf] root@Customer-Internal# set area 20 stub default-metric 15 {master:0}[edit protocols ospf] root@Customer-Internal# show area 0.0.0.0 { interface ge-0/0/0.0; } area 0.0.0.20 { stub default-metric 15; interface ge-0/0/20.0; } Copyright 2012 (c) www.zenithnetworks.com 91
    • Totally Stubby Area: Router, Network and maybe Summary Default. Only defined on ABR! Totally Stubby 20 Type 1, 2, and default Backbone Area 10 {master:0}[edit protocols ospf] root@Customer-Internal# set area 20 stub no-summaries (only on abr) {master:0}[edit protocols ospf] root@Customer-Internal# show area 0.0.0.0 { interface ge-0/0/0.0; } area 0.0.0.20 { stub no-summaries; interface ge-0/0/20.0; } Copyright 2012 (c) www.zenithnetworks.com 92
    • Totally Stubby Area: Injecting a default-route!... Only on ABR! Totally Stubby 20 Type 1, 2, and default Backbone Area 10 {master:0}[edit protocols ospf] root@Customer-Internal# set area 20 stub default-metric 15 no-summaries {master:0}[edit protocols ospf] root@Customer-Internal# show area 0.0.0.0 { interface ge-0/0/0.0; } area 0.0.0.20 { stub default-metric 15 no-summaries; interface ge-0/0/20.0; } Copyright 2012 (c) www.zenithnetworks.com 93
    • Not-So-Stubby Area: NSSA - Router, Network, Summary Default & Type 7 All routers within NSSA must have NSSA set! RIP NSSA 20 Type 1, 2, 3, 7 and default root@Customer-Internal# set Backbone Area 10 area 20 nssa {master:0}[edit protocols ospf] root@Customer-Internal# show area 0.0.0.0 { interface ge-0/0/0.0; } area 0.0.0.20 { nssa; interface ge-0/0/20.0; } Copyright 2012 (c) www.zenithnetworks.com 94
    • Not-So-Stubby Area: Inject default-route on ABR! RIP NSSA 20 Type 1, 2, 3, 7 and default Backbone Area 10 {master:0}[edit protocols ospf] root@Customer-Internal# set area 20 nssa default-lsa default-metric 30 {master:0}[edit protocols ospf] root@Customer-Internal# show area 0.0.0.0 { interface ge-0/0/0.0; } area 0.0.0.20 { nssa { default-lsa default-metric 30; } interface ge-0/0/20.0; } Copyright 2012 (c) www.zenithnetworks.com 95
    • Access to view the Slides……  http://www.zenithnetworks.com/education Copyright 2012 (c) www.zenithnetworks.com 96
    • Copyright 2012 (c) www.zenithnetworks.com 97
    • Module 1 Introduction Copyright 2012 (c) www.zenithnetworks.com 99
    • Copyright 2012 (c) www.zenithnetworks.com 10 0
    •  Border Gateway Protocol…. Primarily Internet based routing protocol  BGP Version 4  ISP to ISP….. Customer to ISP…. Or Customer to Multiple ISP’s!  Autonomous Systems… 16 bit ( 1 thru 65535 ) and 32 bit.. ( 1 – 4,294,967,295 ).  64512-65535 Private  IANA manages AS…. RIR’s assign!  Path Vector protocol…. Uses TCP port 179…Guaranteed BGP updates!  EBGP…External…. Internet based…. Routers from different AS’s  IBGP… Internal… Routers within the same AS Copyright 2012 (c) www.zenithnetworks.com 10 1
    •  Policy based routing….. Inbound and Outbound routing policy.  BGP attributes associated with network prefix.  Attributes:  Origin…. AS Path….. Next Hop…..  Local Pref (outgoing)…. MED (inbound)….. Community..  Atomic Aggregate… Aggregator… Cluster List. Copyright 2012 (c) www.zenithnetworks.com 10 2
    • More about Attributes…  Origin…. Source of prefix ( i: IGP 0 (ospf – isis – static), E: EGP 1, ? Incomplete).  AS Path.. Collection of AS #’s… describe path to network…. Prevent loops.  Next Hop.. Verify BGP connectivity… direct connect or remote ip address.  Local Pref.. Determines path out of AS… higher pref is more preferred.. Def is 100.  MED…. Influence path back into AS… when multiple direct paths to same ISP.  Community.. Tag routes for identification and hence further operations. 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 10 3
    •  EBGP: Peer to the IP Address of directly connected network.  IBGP: Best to peer to the IP Address of the loopback address.  No auto-neighbor discovery….. Manually define neighbor/peer.  Various TCP/BGP States… Idle, Connect, Active, Open Sent, Open Confirm, Established! 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 10 4
    • BGP Configuration Elements  Router-ID  Autonomous-System…. 1 – 4,294,967,295  BGP Protocol Group… “edit protocols bgp”  BGP type (internal / external)… ibgp – internal…. ebgp – external.  Remote AS… 1 – 4,294,967,295  Local Address.. Specify source ip address ( ibgp loop ).  IBGP: Peer to loopback address.  EBGP: Peer to remote ip address of directly connected interface.  Policy…. Control inbound / outbound routing. Copyright 2012 (c) www.zenithnetworks.com 10 5
    • End of BGP Overview…. Let’s start BGP configuration!! Copyright 2012 (c) www.zenithnetworks.com 10 6
    • 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 10 7
    • Goals:  Establish EBGP Session between ISP and Customer.  Peer on directly connected interfaces.  Customer AS…. 65500  ISP AS………….. 65530  Customer……... 192.168.1.2  ISP………………. 192.168.1.1 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 10 8
    • Customer: 1: AS Number ( 32 bit / 4 byte value ) 2: Router ID ( Identifies router… source of BGP updates ) {master:0}[edit] root@Customer# set routing-options autonomous-system 65500 root@Customer# set routing-options router-id 1.1.1.1 {master:0}[edit] root@Customer# show routing-options } router-id 1.1.1.1; autonomous-system 65500; } Copyright 2012 (c) www.zenithnetworks.com 10 9
    • Customer: 1. Group…. 2. Type…. 3. Remote AS….. 4. Neighbor IP Address. 1. root@Customer# edit protocols bgp group external-bgp (define bgp group) {master:0}[edit protocols bgp group external-bgp] 2. root@Customer# set type external 3. root@Customer# set peer-as 65530 4. root@Customer# set neighbor 192.168.1.1 (neighbor ip address on common network) 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 11 0
    • Resulting EBGP Group Configuration: {master:0}[edit protocols bgp] root@Customer# show group external-bgp { type external; peer-as 65530; neighbor 192.168.1.1; Copyright 2012 (c) www.zenithnetworks.com 11 1
    • ISP: Set AS Number and Router ID: {master:0}[edit] root@ISP# set routing-options autonomous-system 65530 root@ISP# set routing-options router-id 2.2.2.2 {master:0}[edit] root@ISP# show routing-options router-id 2.2.2.2; autonomous-system 65530; 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Lo0 1.1.1.1 Copyright 2012 (c) www.zenithnetworks.com 11 2
    • root@ISP# edit protocols bgp group external-cust (define bgp group) {master:0}[edit protocols bgp group external-cust] root@ISP# set type external root@ISP# set peer-as 65500 root@ISP# set neighbor 192.168.1.2 (directly connected neighbor) 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 11 3
    • master:0}[edit protocols bgp] root@ISP# show group external-cust { type external; peer-as 65500; neighbor 192.168.1.2; } 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 11 4
    • root@Customer# run show bgp neighbor Peer: 192.168.1.1+49449 AS 65530 Local: 192.168.1.2+179 AS 65500 Type: External State: Established Flags: <Sync> Last State: OpenConfirm Last Event: RecvKeepAlive Last Error: None Export: [ send-my-network ] Options: <Preference PeerAS Refresh> Holdtime: 90 Preference: 170 Number of flaps: 0 Peer ID: 2.2.2.2 Local ID: 1.1.1.1 Active Holdtime: 90 Keepalive Interval: 30 Peer index: 0 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer LAN 172.16.8.1/24 .2 172.16.34.0/24 Lo0 1.1.1.1 Copyright 2012 (c) www.zenithnetworks.com Internal-Right Lo0 1.1.1.2 11 5
    • root@ISP# run show bgp neighbor Peer: 192.168.1.2+179 AS 65500 Local: 192.168.1.1+49449 AS 65530 Type: External State: Established Flags: <Sync> Last State: OpenConfirm Last Event: RecvKeepAlive Last Error: None Options: <Preference PeerAS Refresh> Holdtime: 90 Preference: 170 Number of flaps: 0 Peer ID: 1.1.1.1 Local ID: 2.2.2.2 Active Holdtime: 90 Keepalive Interval: 30 Peer index: 0 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer LAN 172.16.8.1/24 .2 172.16.34.0/24 Lo0 1.1.1.1 Copyright 2012 (c) www.zenithnetworks.com Internal-Right Lo0 1.1.1.2 11 6
    • ON THE CUSTOMER ROUTER, LET’S VIEW OUR CURRENT BGP CONFIGURTION. root@Customer# show group external-bgp { type external; peer-as 65530; neighbor 192.168.1.1; } AS 65530 172.16.0.0/16 EBGP 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Lo0 1.1.1.1 We need to add an IBGP Group for the IBGP session!! Copyright 2012 (c) www.zenithnetworks.com 11 7
    • IBGP: 1. Group, 2. Type, 3. Neighbor, 4. Local-Address (no need to define peer AS) {master:0}[edit protocols bgp group internal-bgp] 1. root@Customer# edit group internal-bgp 2. root@Customer# set type internal 3. root@Customer# set neighbor 1.1.1.2 (loop ip address of right-router) 4. root@Customer# set local-address 1.1.1.1 (need to specify source ip address) do not need to specify remote-as… IBGP! •I did need to specify local-address…..Loopback peering! •I 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer LAN 172.16.8.1/24 .2 172.16.34.0/24 Lo0 1.1.1.1 Copyright 2012 (c) www.zenithnetworks.com Internal-Right Lo0 1.1.1.2 11 8
    • root@Customer# show group external-bgp { type external; export send-my-network; peer-as 65530; neighbor 192.168.1.1; } group internal-bgp { type internal; *** setting for internal, bgp knows to use local as number.. 65500 *** neighbor 1.1.1.2; local-address 1.1.1.1; 172.16.0.0/16 } EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer LAN 172.16.8.1/24 .2 172.16.34.0/24 Lo0 1.1.1.1 Copyright 2012 (c) www.zenithnetworks.com Internal-Right Lo0 1.1.1.2 11 9
    • IGBP: Router-ID…. AS Number. root@Customer-Internal# set routing-options router-id 1.1.1.2 root@Customer-Internal# set routing-options autonomous-system 65500 root@Customer-Internal# show routing-options router-id 1.1.1.2; autonomous-system 65500; 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer LAN 172.16.8.1/24 .2 172.16.34.0/24 Lo0 1.1.1.1 Copyright 2012 (c) www.zenithnetworks.com Internal-Right Lo0 1.1.1.2 12 0
    • {master:0}[edit protocols bgp] root@Customer-Internal# edit group internal-bgp {master:0}[edit protocols bgp group internal-bgp] root@Customer-Internal# set type internal root@Customer-Internal# set neighbor 1.1.1.1 (1.1.1.1 is neighbor loop and source ip address) root@Customer-Internal# set local-address 1.1.1.2 (my loop and source.. Neighbor peers to this) 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 12 1
    • Resulting Configuration: root@Customer-Internal# show group internal-bgp { type internal; neighbor 1.1.1.1; local-address 1.1.1.2; } Copyright 2012 (c) www.zenithnetworks.com 12 2
    • root@Customer-Internal# run show bgp neighbor 1.1.1.1 Peer: 1.1.1.1+179 AS 65500 Type: Internal Local: 1.1.1.2+54588 AS 65500 State: Established Flags: <Sync> Last State: OpenConfirm Last Event: RecvKeepAlive Last Error: None Options: <Preference LocalAddress Refresh> Local Address: 1.1.1.2 Holdtime: 90 Preference: 170 Number of flaps: 0 Peer ID: 1.1.1.1 Local ID: 1.1.1.2 Active Holdtime: 90 Keepalive Interval: 30 Peer index: 0 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer LAN 172.16.8.1/24 .2 172.16.34.0/24 Lo0 1.1.1.1 Copyright 2012 (c) www.zenithnetworks.com Internal-Right Lo0 1.1.1.2 12 3
    • root@Customer# run show bgp neighbor 1.1.1.2 Peer: 1.1.1.2+54588 AS 65500 Local: 1.1.1.1+179 AS 65500 Type: Internal State: Established Flags: <Sync> Last State: OpenConfirm Last Event: RecvKeepAlive Last Error: None Options: <Preference LocalAddress Refresh> Local Address: 1.1.1.1 Holdtime: 90 Preference: 170 Number of flaps: 1 Last flap event: RecvNotify Error: 'Cease' Sent: 0 Recv: 1 Peer ID: 1.1.1.2 Local ID: 1.1.1.1 Active Holdtime: 90 Keepalive Interval: 30 Peer index: 0 EBGP AS 65530 AS 65500 192.168.1.x/24 .1 .1 .2 172.16.0.0/16 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer LAN 172.16.8.1/24 .2 172.16.34.0/24 Lo0 1.1.1.1 Copyright 2012 (c) www.zenithnetworks.com Internal-Right Lo0 1.1.1.2 12 4
    • Copyright 2012 (c) www.zenithnetworks.com 12 5
    • Advertise Our Customer Prefix  Define Local Preference  Set AS Path Prepend  Copyright 2012 (c) www.zenithnetworks.com 12 6
    • Let’s advertise prefix from customer site. First…. customer routing table…. Customer owns 172.16.0.0/16! root@Customer# run show route protocol ospf inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 1.1.1.2/32 *[OSPF/10] 02:49:50, metric 1 > to 172.16.33.2 via ge-0/0/2.0 to 172.16.34.2 via ge-0/0/3.0 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 172.16.8.0/24 *[OSPF/10] 02:49:50, metric 2 > to 172.16.33.2 via ge-0/0/2.0 to 172.16.34.2 via ge-0/0/3.0 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer LAN 172.16.8.1/24 .2 172.16.34.0/24 Lo0 1.1.1.1 Copyright 2012 (c) www.zenithnetworks.com Internal-Right Lo0 1.1.1.2 12 7
    • On the customer router…… Define Aggregate Route… routing-options { aggregate { route 172.16.0.0/16; } 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 12 8
    • On the customer router…. Let’s define a policy! policy-options { policy-statement send-my-network { term my-net { from { protocol aggregate; route-filter 172.16.0.0/16 exact; } then accept; } EBGP AS 65530 AS 65500 } 192.168.1.x/24 .1 } .1 .2 172.16.0.0/16 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer LAN 172.16.8.1/24 .2 172.16.34.0/24 Lo0 1.1.1.1 Copyright 2012 (c) www.zenithnetworks.com Internal-Right Lo0 1.1.1.2 12 9
    • On the customer router…. call previously defined policy… protocols { bgp { group external-bgp { type external; export send-my-network; peer-as 65530; neighbor 192.168.1.1; } Below: PRIOR DEFINED POLICY….. policy-options { policy-statement send-my-network { term my-net { from { protocol aggregate; route-filter 172.16.0.0/16 exact; } then accept; Copyright 2012 (c) www.zenithnetworks.com 13 0
    • root@Customer# run show route advertising-protocol bgp 192.168.1.1 inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden) Prefix Nexthop MED Lclpref AS path * 172.16.0.0/16 Self 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 13 1
    • root@ISP# run show route receive-protocol bgp 192.168.1.2 inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) Prefix Nexthop MED Lclpref AS path * 172.16.0.0/16 192.168.1.2 65500 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 13 2
    • root@ISP> show route protocol bgp inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 172.16.0.0/16 *[BGP/170] 02:59:15, localpref 100 AS path: 65500 I > to 192.168.1.2 via ge-0/0/1.0 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 13 3
    • root@ISP# run show route protocol bgp detail inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) 172.16.0.0/16 (1 entry, 1 announced) *BGP Preference: 170/-101 Next hop type: Router, Next hop index: 1324 Next-hop reference count: 2 Source: 192.168.1.2 Next hop: 192.168.1.2 via ge-0/0/1.0, selected State: <Active Ext> Local AS: 65530 Peer AS: 65500 Age: 3:00:47 Task: BGP_65500.192.168.1.2+179 Announcement bits (1): 0-KRT 172.16.0.0/16 AS path: 65500 I Aggregator: 65500 1.1.1.1 Accepted AS 65530 Localpref: 100 EBGP 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP Router ID: 1.1.1.1 .1 ISP-Left Lo0 2.2.2.2 Customer LAN 172.16.8.1/24 .2 172.16.34.0/24 Lo0 1.1.1.1 Copyright 2012 (c) www.zenithnetworks.com Internal-Right Lo0 1.1.1.2 13 4
    • Let’s change the local-Preference!! Copyright 2012 (c) www.zenithnetworks.com 13 5
    •       Determines path out of your AS….. Multiple paths out! Local-Pref is sent via IBGP to other IBGP peers. Traffic will be sent via the outbound path with the highest Local-Pref. Default local-pref is 100. Set using policy or bgp-group configuration statement. Used only within local AS…. Not sent to External bgp peers. 65530 ISP-1 65531 ISP-2 EBGP Local-Pref 200 Router-A IBGP EBGP IBGP AS 65500 Local-Pref 100 Router-B IBGP Router-C Copyright 2012 (c) www.zenithnetworks.com 13 6
    • Define Policy on ISP….. master:0}[edit policy-options policy-statement local-pref-from-cust] root@ISP# edit term cust-prefix {master:0}[edit policy-options policy-statement local-pref-from-cust term cust-prefix] root@ISP# set from route-filter 172.16.0.0/16 exact root@ISP# set then local-preference 120 root@ISP# set then accept 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 13 7
    • Resulting Policy Config…… root@ISP# show policy-statement local-pref-from-cust { term cust-prefix { from { route-filter 172.16.0.0/16 exact; } then { local-preference 120; accept; } } } Copyright 2012 (c) www.zenithnetworks.com 13 8
    • Marry policy to BGP…… master:0}[edit protocols bgp group external-cust] root@ISP# set import local-pref-from-cust {master:0}[edit protocols bgp] root@ISP# show group external-cust { type external; import local-pref-from-cust; peer-as 65500; neighbor 192.168.1.2; } Copyright 2012 (c) www.zenithnetworks.com 13 9
    • BGP ROUTING TABLE…. Before activating policy on ISP!! inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 172.16.0.0/16 *[BGP/170] 02:59:15, localpref AS path: 65500 I 100 ****** > to 192.168.1.2 via ge-0/0/1.0 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 14 0
    • root@ISP# run show route protocol bgp inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 172.16.0.0/16 *[BGP/170] 03:20:05, localpref 120 ****** AS path: 65500 I > to 192.168.1.2 via ge-0/0/1.0 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 14 1
    • Let’s look at AS-Path Attribute!!! Copyright 2012 (c) www.zenithnetworks.com 14 2
    •      Describes path of AS’s that a route/prefix has traversed. As prefix is advertised via EBGP… AS is added (prepended) to AS list. Loop Prevention…. If router rx BGP update and sees its AS… LOOP… Drop! AS-Path Prepend…. Influence upstream peer to use a certain path back to source! Use MED to influence directly connected peer, but AS-Path Prepend further out. AS 65530 AS 65531 65530 AS 65532 65531 65530 AS 65532 65532 65531 65530 Copyright 2012 (c) www.zenithnetworks.com 14 3
    •     Attempt to influence upstream peer (green) to use a certain path back into your AS! YELLOW… AS 10… Prepend from AS10 to AS12 Peer. Do not prepend from 10 to 11. AS 13 might use return path to 10 via AS 11!! 10 AS 10 AS 11 AS Prepend 10 10 10 AS 12 11 10 12 10 10 10 AS 13 Copyright 2012 (c) www.zenithnetworks.com 14 4
    • On the customer router, let’s setup as-path-prepend…… First, Let’s view the current customer BGP send info. root@Customer# run show route advertising-protocol bgp 192.168.1.1 inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden) Prefix Nexthop MED Lclpref AS path * 172.16.0.0/16 Self I 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 14 5
    • ISP BGP Receive…. Before AS-PATH Prepend is applied on Customer Router. root@ISP# run show route receive-protocol bgp 192.168.1.2 inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) Prefix * 172.16.0.0/16 Nexthop MED Lclpref 192.168.1.2 AS path 65500 I 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 14 6
    • On the customer router… setup as-path-prepend…… policy-statement send-my-network { term my-net { from { protocol aggregate; route-filter 172.16.0.0/16 exact; } then { as-path-prepend "65500 65500 65500"; accept; } } } Copyright 2012 (c) www.zenithnetworks.com 14 7
    • root@Customer# run show route advertising-protocol bgp 192.168.1.1 inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden) Prefix Nexthop MED Lclpref AS path * 172.16.0.0/16 65500 65500 65500 [65500] I Self 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 14 8
    • root@ISP# run show route receive-protocol bgp 192.168.1.2 inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) Prefix Nexthop MED Lclpref AS path * 172.16.0.0/16 192.168.1.2 65500 65500 65500 65500 I 172.16.0.0/16 EBGP AS 65530 192.168.1.x/24 .1 .2 AS 65500 .1 172.16.33.0/24 .2 IBGP .1 ISP-Left Lo0 2.2.2.2 Customer Lo0 1.1.1.1 LAN 172.16.8.1/24 .2 172.16.34.0/24 Internal-Right Lo0 1.1.1.2 Copyright 2012 (c) www.zenithnetworks.com 14 9
    • www.zenithnetworks.com Thomas Stuart tstuart@zenithnetworks.com www.juniper.net extjumpstart-junos@juniper.net Copyright 2012 (c) www.zenithnetworks.com 15 0
    • Access to view the Slides……  http://www.zenithnetworks.com/education Copyright 2012 (c) www.zenithnetworks.com 15 1