Zenith Networks OSPF Configuration Guide

Steve Dyer, Zenith Networks
info@zenithnetworks.com
Copyright 2012 (c)
www.zenithnetworks.com 2

 Partner of Juniper Networks
 HQ Philadelphia, PA
 27 Years Network Integration Services
 12 Years Education Services
 LAN / WAN Configuration and Design
 Routing, Switching and Security
 JNCIA, JNCIS-ENT, JNCI-ENT
 www.zenithnetworks.com
Copyright 2012 (c)

Founded 1996
HQ Sunnyvale, CA
Employees 9,400 + 46 countries
Award: 2011, 2012, 2013 & 2014 World’s Most Ethical
Company!
Connect Everything…. Empower Everyone!
Routing, Switching, Security
www.juniper.net
Copyright 2012 (c)

Access to view the Slides……
 http://www.zenithnetworks.com/education
Copyright 2012 (c)

 Classless – IGP (interior gateway routing protocol)
 Open Shortest Path First….. Link State…
 Enterprise Routing Protocol…..
 Supports VLSM….
 Define Single Area or Multi-Area….
 Fast network convergence.
 Multicast – LSA
 Uses multicast, not broadcast…
 224.0.0.6 ( DR and BDR ).
 224.0.0.5 ( All other OSPF routers… NOT DR / BDR ).
 Advertise network link information
 LSA (link state advertisements) (contained within LSU packet).
 LSA’s are used to build the LSDB.
 LSDB is identical for each router within a given area.
 SPF runs against LSDB to create SPF Tree…OSPF routing table.
Copyright 2012 (c)

 Single Area OSPF
 All routers share a common ospf area id…. 0, 5, 10…
 Defined at the physical.0 or L3 vlan interface or tagged
logical interface.
 Multi-Area OSPF
 More than one area defined.
 Area 0, and some other area…. 5, 10, 15
 Area 0 is known as the backbone area.
 All non-zero areas must connect through area 0
 Otherwise you must define a virtual-area.
 Allows for route summarization and stub area…..
 Control LSA traffic.
 Defined at the physical or L3 vlan interface or tagged
logical interface.
Copyright 2012 (c)

 OSPF Router Types:
 Internal…….. All links on a given router reside in same area.
 Backbone... ...At least one link in area 0.
 ABR……….. Area 0 and other non-zero area.. 10.
 ASBR……… Router that inject routes from other routing protocol or outside AS.
Copyright 2012 (c)
Internal
Routers
Backbone
and
Internal
Routers
Internal
Routers
Area 5 Area 10
ABR ABR
Area 0
RIP
Routes
ASBR
Area 0 Area 0
Area 5
Area 10
Backbone Backbone

 Type 1 Hello Packet
 Type 2 Database Description
 Type 3 Link State Request
 Type 4 Link State Update
 Type 5 Link State Ack
Copyright 2012 (c)

 Hello OSPF Packet
 Type 1
 Dynamically Discover and Maintain OSPF neighbors
 Hello – Dead Intervals
 10 / 40
 Authentication ?
 Area ID
 Subnet mask
 OSPF Stub flag
Copyright 2012 (c)

 DDP Database Description
 Type 2
 Used to form adjacencies
 Describe contents of link-state DB ( Link-Header)
 Master/Slave relationship
 Thanks for the summary information…
 I need more information… ( LSR )
Start of OSPF exchange process!
Copyright 2012 (c)

 LSR Link State Request
 Type 3
 After receiving DDP ( DB Description )….
 Router determines stale or empty DB entries…
 Router needs more detailed information (Send LSR).
 In response to LSR, Router will receive LSU.
Copyright 2012 (c)

 LSU Link State Update
 Type 4
 Sent in response to LSR…
 Sent if link information changes… Up/Down/New.
 Sent to 224.0.0.5 or 224.0.0.6
 Carries multiple LSA Types (router, network,
summary…)
Copyright 2012 (c)

 Link State Ack
 Type 5
 LSR…….
 LSU……. (contains multiple lsa types)
 LSAck….. ACK’s LSR… sent to unicast ip address
Reliable OSPF DB exchange process.
Copyright 2012 (c)

 Router LSA (contained within OSPF LSU packet)
Type 1
Router LSA originated by all OSPF routers
 Describes state of a routers interfaces…
 Flooded throughout a single-area… could be a large area!
No more than 50 routers per area ??
Copyright 2012 (c)

 Network Link LSA (contained within the OSPF LSU packet)
 Type 2
 Originated by DR for BCAST and NBMA networks
 Represents the local routed segment and all attached routers
 Contains list of routers within the ethernet segment…
 Flooded throughout a single-area… could be a large area!
Copyright 2012 (c)

 Summary Link LSA (contained within OSPF LSU packet)
 Type 3 and 4
 Originated by ABR
 Describes routes from other areas, but within the AS
 Inter-Area Routes
 Type 4… Advertise the presence of the ASBR… via ABR
 Flooded throughout ALL ospf areas!
 Totally Stubby and Route Summarization control propagation
Copyright 2012 (c)

 External Link LSA (contained within OSPF LSU packet)
 Type 5
 Originated by AS Boundry Router
 Describes routes from outside the AS…
 Describes routes that have been redistributed from other routing
protocols or static routes.
 Flooded throughout OSPF AS.
 Type II do not add internal ospf cost to route (default)
 Type I do ADD internal ospf cost to route.
 Blocked by stub abr!
Copyright 2012 (c)

 External links redistributed into NSSA (contained within OSPF LSU packet)
 Type 7
 Originated by AS Boundry Router (ASBR)
 Describes routes from outside the AS…
 Describes routes that have been redistributed from other routing protocols or static
routes.
 Flooded throughout OSPF NSSA
 ABR converts type 7 into type 5… floods into area 0.
Copyright 2012 (c)

 OSPF Versions
 V2 ( IPv4 processing )
 V3 ( IPv4 and IPV6 processing )
Copyright 2012 (c)

Router ID
 Every OSPF router has a unique ospf router id
 Identifies router to the OSPF routing domain
 32 bit number
 Generally the loopback ip address, but not required
 If using loop…. Loop IP is the OSPF router ID…
 Not using loop… IP address of 1st physical interface to come online is R-ID
 If router-id is hard-coded, then this parameter rules (loop or no loop)!!
Copyright 2012 (c)

DR ( Designated Router )
 Determined at the interface ( broadcast ) level
 Non-deterministic process….
 Priority 0 thru 255…. 128 is default…
 Highest priority wins DR… if tie…. Highest RID becomes DR.
 DR establishes full adjacency with all other OSPF routers for a given area….
 Ensure LSDB Synchronization
Copyright 2012 (c)

 SPF Algorithim – Dijkstra
 1. SPF runs against local LSDB…
 2. Build SPF Tree….
 3. Routes are selected for the routing table.
 OSPF Processing
 SPF runs on each router and depending on # of entries can be cpu intensive.
 MCAST on network… not broadcast… so easy on the network
 224.0.0.5 - 224.0.0.6 v. 255.255.255.255 ( MCAST v. BCAST )
 Only send LSA for up/down/new link state information or if no changes..
 LSA refresh every 50 minutes
Copyright 2012 (c)

 Router ID
 Version
 Areas
 Neighbors
 View LSDB
 View OSPF Statistics
 View OSPF Routes
 Metric
 Hello / Dead
 Authentication
 Traceoptions
Copyright 2012 (c)

Let’s build basic OSPF configuration on all routers!
 Router ID
 OSPF Areas and Marry Interface to Area
Copyright 2012 (c)

OSPF Router ID
Optional
Overrides any other default R-ID candidate.
Generally lo0 IPAddress.
If no loop… 1st physical interface to come online.
Does not have to be routable.
[edit]
root@Top-Router# set routing-options router-id 1.1.1.1
[edit]
root@Top-Router# show routing-options
router-id 1.1.1.1;
Copyright 2012 (c)

Configure OSPFv2 or OSPFv3
root@Top-Router# edit protocols ospf?
Possible completions:
> ospf OSPF configuration ( IPv4 )
> ospf3 OSPFv3 configuration ( IPv4 and IPv6 )
edit protocols ospf (ipv4 processing)
edit protocols ospf3 (ipv4 and ipv6 processing)
Copyright 2012 (c)

[edit protocols ospf]
root@Top-Router# set area 16 interface ge-0/0/0.0
root@Top-Router# set area 0.0.0.0 interface ge-0/0/1.0
root@Top-Router# set area 0.0.0.0 interface ge-0/0/2.0
root@Top-Router# set area 0.0.0.0 interface ge-0/0/3
Not required to use .0 at end, but note…..
If using vlan tagged interface… must specify
.x or .0 is assumed!
Interface ge-0/0/5
vlan-tagging
Unit 10
vlan-id 10
family-inet
address 172.16.10.1/24
SET AREA 20 INTERFACE GE-0/0/5.10
Copyright 2012 (c)

root@Top-Router# show
area 0.0.0.16 {
interface ge-0/0/0.0;
}
area 0.0.0.0 {
}
Copyright 2012 (c)

OSPF Router ID
Optional
Overrides any other default.
Generally lo0 IP Address.
If no loop… 1st physical interface to come online.
Does not have to be routable.
[edit]
root@Left-Router# set routing-options router-id 2.2.2.2
[edit]
root@Left-Router# show routing-options
router-id 2.2.2.2 ;
Copyright 2012 (c)

[edit]
root@Left-Router# edit protocols ospf
root@Left-Router# set area 4 interface ge-0/0/0.0
root@Left-Router# set area 0 interface ge-0/0/1.0
We define OSPF areas and at the same time
marry interfaces to these areas!
Copyright 2012 (c)

root@Left-Router# show
area 0.0.0.4 {
}
area 0.0.0.0 {
}
Copyright 2012 (c)

root@Right-Router# set routing-options router-id 3.3.3.3
[edit routing-options]
root@Right-Router# show
router-id 3.3.3.3;
Copyright 2012 (c)

root@Right-Router# set area 8 interface ge-0/0/0.0
Copyright 2012 (c)

root@Right-Router# show
area 0.0.0.8 {
}
area 0.0.0.0 {
}
Copyright 2012 (c)

Basic configuration now built on all routers!
 IP Addresses
 Lo0 Interface
 Router ID
 OSPF Areas and Marry Interface to Area
Let’s Monitor basic OSPF information.
Copyright 2012 (c)

[edit]
root@Top-Router# run show ospf ?
Possible completions:
backup Show OSPF backup information
database Show OSPF link-state database
interface Show OSPF interface status information
io-statistics Show OSPF I/O statistics
log Show shortest-path-first calculations from OSPF log
neighbor Show OSPF neighbor status information
overview Show overview of OSPF information
route Show OSPF routing table
statistics Show OSPF statistics
Copyright 2012 (c)

[edit]
root@Top-Router# run show ospf interface
Interface State Area DR ID BDR ID Nbrs
ge-0/0/1.0 DR 0.0.0.0 1.1.1.1 2.2.2.2 1
ge-0/0/2.0 DR 0.0.0.0 1.1.1.1 3.3.3.3 1
ge-0/0/3.0 DR 0.0.0.0 1.1.1.1 3.3.3.3 1
ge-0/0/0.0 DR 0.0.0.16 1.1.1.1 0.0.0.0 0
 Our router interface.
 OSPF Router state (dr,bdr, drother).
Copyright 2012 (c)

root@Top-Router# run show ospf neighbor
Address Interface State ID Pri Dead
172.16.32.2 ge-0/0/1.0 Full 2.2.2.2 128 36
172.16.33.2 ge-0/0/2.0 Full 3.3.3.3 128 36
172.16.34.2 ge-0/0/3.0 Full 3.3.3.3 128 36
 My physical interface.
 Neighbor IP address on phys. Interface.
 Neighbor OSPF router id.
 Interface priority (DR Election ).
Copyright 2012 (c)

root@Top-Router# run show ospf database
OSPF database, Area 0.0.0.0
Type ID Adv Rtr Seq Age Opt Cksum Len
Router *1.1.1.1 1.1.1.1 0x80000008 268 0x22 0x7f4a 60
Router 2.2.2.2 2.2.2.2 0x80000003 61 0x22 0xa0c2 36
Router 3.3.3.3 3.3.3.3 0x80000003 264 0x22 0x6028 48
Network *172.16.32.1 1.1.1.1 0x80000001 1100 0x22 0x1735 32
Network *172.16.33.1 1.1.1.1 0x80000001 273 0x22 0x3e09 32
Network *172.16.34.1 1.1.1.1 0x80000001 268 0x22 0x3313 32
Summary 172.16.4.0 2.2.2.2 0x80000003 410 0x22 0xa1cf 28
Summary 172.16.8.0 3.3.3.3 0x80000002 269 0x22 0x5911 28
Summary *172.16.16.0 1.1.1.1 0x80000002 770 0x22 0x3d2d 28
 * Sourced from this router.
 Router Type 1……… Considered to be within same OSPF area ( Intra-Area ).
 Network Type 2…… Sourced by DR.
 Summary Type 3….. Relative to area 0, routes from other OSPF area… Sourced by ABR.
Copyright 2012 (c)

Router *1.1.1.1 1.1.1.1 0x80000003 1084 0x22 0x77e2 36
Summary *172.16.4.0 1.1.1.1 0x80000001 1093 0x22 0xcda8 28
Summary *172.16.8.0 1.1.1.1 0x80000002 261 0x22 0x9fd1 28
Summary *172.16.32.0 1.1.1.1 0x80000002 1100 0x22 0x8ccd 28
Summary *172.16.33.0 1.1.1.1 0x80000003 273 0x22 0x7fd8 28
Summary *172.16.34.0 1.1.1.1 0x80000002 268 0x22 0x76e1 28
Copyright 2012 (c)

root@Top-Router# run show ospf statistics
Packet type Total Last 5 seconds
Sent Received Sent Received
Hello 41 10 0 0
DbD 10 7 0 0
LSReq 3 2 0 0
LSUpdate 19 11 0 0
LSAck 11 14 0 0
Copyright 2012 (c)

DBDs retransmitted : 1, last 5 seconds : 0
LSAs flooded : 4, last 5 seconds : 0
LSAs flooded high-prio : 19, last 5 seconds : 0
LSAs retransmitted : 0, last 5 seconds : 0
LSAs transmitted to nbr: 7, last 5 seconds : 0
LSAs requested : 3, last 5 seconds : 0
LSAs acknowledged : 13, last 5 seconds :0
Flood queue depth : 0
Total rexmit entries : 0
db summaries : 0
lsreq entries : 0
Receive errors:
None
Copyright 2012 (c)

root@Top-Router# run show ospf overview
Instance: master
Router ID: 1.1.1.1
Route table index: 0
Area border router
LSA refresh time: 50 minutes
Area: 0.0.0.0
Stub type: Not Stub
Authentication Type: None
Area border routers: 2, AS boundary routers: 0
Neighbors
Up (in full state): 3
Copyright 2012 (c)

Area: 0.0.0.16
Stub type: Not Stub
Neighbors
Topology: default (ID 0)
Prefix export count: 0
Full SPF runs: 11
SPF delay: 0.200000 sec, SPF holddown: 5 sec, SPF rapid runs: 3
Backup SPF: Not Needed
Copyright 2012 (c)

root@Top-Router# run show ospf route
Topology default Route Table:
Prefix Path Route NH Metric NextHop Nexthop
Type Type Type Interface Address/LSP
2.2.2.2 Intra Area BR IP 1 ge-0/0/1.0 172.16.32.2
3.3.3.3 Intra Area BR IP 1 ge-0/0/2.0 172.16.33.2
ge-0/0/3.0 172.16.34.2
172.16.4.0/24 Inter Network IP 2 ge-0/0/1.0 172.16.32.2
172.16.8.0/24 Inter Network IP 2 ge-0/0/2.0 172.16.33.2
ge-0/0/3.0 172.16.34.2
172.16.16.0/24 Intra Network IP 1 ge-0/0/0.0
 Routes OSPF would like to add to the RIB.
 Sourced from LSDB.
 Red is directly connected on Top-Router…. Blue is learned.
Copyright 2012 (c)

root@Top-Router# run show route protocol ospf
inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
172.16.4.0/24 *[OSPF/10] 00:23:44, metric 2
> to 172.16.32.2 via ge-0/0/1.0
172.16.8.0/24 *[OSPF/10] 00:09:52, metric 2
> to 172.16.33.2 via ge-0/0/2.0
to 172.16.34.2 via ge-0/0/3.0
224.0.0.5/32 *[OSPF/10] 00:45:52, metric 1
MultiRecv
 Routes from RIB.
Copyright 2012 (c)

root@Left-Router# run show ospf interface
ge-0/0/1.0 BDR 0.0.0.0 1.1.1.1 2.2.2.2 1
ge-0/0/0.0 DR 0.0.0.4 2.2.2.2 0.0.0.0 0
Copyright 2012 (c)

root@Left-Router# run show ospf neighbor
172.16.32.1 ge-0/0/1.0 Full 1.1.1.1 128 33
Copyright 2012 (c)

root@Left-Router# run show ospf database
Router 1.1.1.1 1.1.1.1 0x80000008 719 0x22 0x7f4a 60
Router *2.2.2.2 2.2.2.2 0x80000003 510 0x22 0xa0c2 36
Router 3.3.3.3 3.3.3.3 0x80000003 715 0x22 0x6028 48
Network 172.16.32.1 1.1.1.1 0x80000002 221 0x22 0x1536 32
Network 172.16.33.1 1.1.1.1 0x80000001 724 0x22 0x3e09 32
Network 172.16.34.1 1.1.1.1 0x80000001 719 0x22 0x3313 32
Summary *172.16.4.0 2.2.2.2 0x80000003 858 0x22 0xa1cf 28
Summary 172.16.8.0 3.3.3.3 0x80000003 82 0x22 0x5712 28
Summary 172.16.16.0 1.1.1.1 0x80000002 1221 0x22 0x3d2d 28
 Network Type 2…… Sourced by DR ( Top Router ).
Copyright 2012 (c)

Router *2.2.2.2 2.2.2.2 0x80000002 1510 0x22 0xc09e 36
Summary *172.16.8.0 2.2.2.2 0x80000001 716 0x22 0x8ddf 28
Summary *172.16.16.0 2.2.2.2 0x80000002 161 0x22 0x293c 28
Summary *172.16.32.0 2.2.2.2 0x80000003 1544 0x22 0x6ce8 28
Summary *172.16.33.0 2.2.2.2 0x80000002 722 0x22 0x6de6 28
Summary *172.16.34.0 2.2.2.2 0x80000002 717 0x22 0x62f0 28
Relative to area 4…. All other routes are from other area…
Summary Type 3 LSA…. ABR.
Copyright 2012 (c)

root@Left-Router# run show ospf overview
Instance: master
Router ID: 2.2.2.2
Area border router
Area: 0.0.0.0
Stub type: Not Stub
Neighbors
Copyright 2012 (c)

Area: 0.0.0.4
Stub type: Not Stub
Neighbors
Full SPF runs: 7
Copyright 2012 (c)

root@Left-Router# run show route protocol ospf
172.16.8.0/24 *[OSPF/10] 00:13:35, metric 3
> to 172.16.32.1 via ge-0/0/1.0
172.16.16.0/24 *[OSPF/10] 00:27:23, metric 2
> to 172.16.32.1 via ge-0/0/1.0
172.16.33.0/24 *[OSPF/10] 00:27:23, metric 2
> to 172.16.32.1 via ge-0/0/1.0
172.16.34.0/24 *[OSPF/10] 00:27:23, metric 2
> to 172.16.32.1 via ge-0/0/1.0
224.0.0.5/32 *[OSPF/10] 00:27:29, metric 1
MultiRecv
inet6.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
Copyright 2012 (c)

root@Right-Router# run show ospf interface
ge-0/0/2.0 BDR 0.0.0.0 1.1.1.1 3.3.3.3 1
ge-0/0/3.0 BDR 0.0.0.0 1.1.1.1 3.3.3.3 1
ge-0/0/0.0 DR 0.0.0.8 3.3.3.3 0.0.0.0 0
Copyright 2012 (c)

root@Right-Router# run show ospf neighbor
172.16.33.1 ge-0/0/2.0 Full 1.1.1.1 128 32
172.16.34.1 ge-0/0/3.0 Full 1.1.1.1 128 33
Copyright 2012 (c)

root@Right-Router# run show ospf database
Router 1.1.1.1 1.1.1.1 0x80000008 947 0x22 0x7f4a 60
Router 2.2.2.2 2.2.2.2 0x80000003 740 0x22 0xa0c2 36
Router *3.3.3.3 3.3.3.3 0x80000003 942 0x22 0x6028 48
Network 172.16.32.1 1.1.1.1 0x80000002 450 0x22 0x1536 32
Network 172.16.33.1 1.1.1.1 0x80000001 952 0x22 0x3e09 32
Network 172.16.34.1 1.1.1.1 0x80000001 947 0x22 0x3313 32
Summary 172.16.4.0 2.2.2.2 0x80000003 1089 0x22 0xa1cf 28
Summary *172.16.8.0 3.3.3.3 0x80000003 309 0x22 0x5712 28
Summary 172.16.16.0 1.1.1.1 0x80000002 1449 0x22 0x3d2d 28
Copyright 2012 (c)

Router *3.3.3.3 3.3.3.3 0x80000002 912 0x22 0x98ba 36
Summary *172.16.4.0 3.3.3.3 0x80000002 937 0x22 0x99d2 28
Summary *172.16.16.0 3.3.3.3 0x80000002 937 0x22 0xb56 28
Summary *172.16.32.0 3.3.3.3 0x80000002 937 0x22 0x5af6 28
Summary *172.16.33.0 3.3.3.3 0x80000004 4 0x22 0x410e 28
Summary *172.16.34.0 3.3.3.3 0x80000004 937 0x22 0x3618 28
Copyright 2012 (c)

root@Right-Router# run show ospf overview
Instance: master
Router ID: 3.3.3.3
Area border router
Area: 0.0.0.0
Stub type: Not Stub
Neighbors
Copyright 2012 (c)

Area: 0.0.0.8
Stub type: Not Stub
Neighbors
Full SPF runs: 4
Copyright 2012 (c)

root@Right-Router# run show route protocol ospf
172.16.4.0/24 *[OSPF/10] 00:18:26, metric 3
> to 172.16.33.1 via ge-0/0/2.0
to 172.16.34.1 via ge-0/0/3.0
172.16.16.0/24 *[OSPF/10] 00:18:26, metric 2
to 172.16.33.1 via ge-0/0/2.0
> to 172.16.34.1 via ge-0/0/3.0
172.16.32.0/24 *[OSPF/10] 00:18:26, metric 2
to 172.16.33.1 via ge-0/0/2.0
> to 172.16.34.1 via ge-0/0/3.0
224.0.0.5/32 *[OSPF/10] 00:18:41, metric 1
MultiRecv
Copyright 2012 (c)

Adjusting the hello parameter
Traceoptions (troubleshooting)
Adjusting the default metric
Authentication
Passive Interface
Copyright 2012 (c)

 Let’s break ospf by changing hello timers on top router!
 Default hello timer is 10 seconds.
 Hello parameters must match in order to establish and
maintain neighbor!!
Copyright 2012 (c)

CHANGE OSPF HELLO ON TOP ROUTER INTERFACES
root@Top-Router# set area 0 interface ge-0/0/1.0 hello-interval 5
Copyright 2012 (c)

area 0.0.0.16 {
}
area 0.0.0.0
interface ge-0/0/1.0 {
hello-interval 5;
}
hello-interval 5;
}
hello-interval 5;
}
}
Copyright 2012 (c)

BEFORE COMITTING THE PRIOR HELLO CHANGES, LET’S TAKE AN
INTERFACE SNAPSHOT!!!
ge-0/0/1.0 DR 0.0.0.0 1.1.1.1 2.2.2.2 1
ge-0/0/2.0 DR 0.0.0.0 1.1.1.1 3.3.3.3 1
ge-0/0/3.0 DR 0.0.0.0 1.1.1.1 3.3.3.3 1
ge-0/0/0.0 DR 0.0.0.16 1.1.1.1 0.0.0.0 0
We are Happy!!
Copyright 2012 (c)

NOW COMMIT, PRIOR HELLO CHANGES…….. NEIGHBORS ARE GONE!
ge-0/0/1.0 DR 0.0.0.0 1.1.1.1 0.0.0.0 0
ge-0/0/2.0 DR 0.0.0.0 1.1.1.1 0.0.0.0 0
ge-0/0/3.0 DR 0.0.0.0 1.1.1.1 0.0.0.0 0
ge-0/0/0.0 DR 0.0.0.16 1.1.1.1 0.0.0.0 0
We are Sad
Copyright 2012 (c)

Let’s setup TRACEOPTIONS and see the impact of the recent hello changes.
We can view detailed real-time protocol events.
root@Top-Router# set traceoptions file whats-up
root@Top-Router# set traceoptions flag hello
root@Top-Router# set traceoptions flag event
root@Top-Router# set traceoptions flag error
Copyright 2012 (c)

traceoptions {
file whats-up;
flag hello;
flag event;
flag error;
}
Copyright 2012 (c)

root@Top-Router# run show log whats-up
*** monitor start whats-up ( filename ) *** “copy to screen”
*** monitor stop whats-up ( filename ) *** “ stop copy to screen”
WE ARE RECEIVING HELLO’S FROM NEIGHBORS SET FOR 10, BUT
TOP IS NOW SET FOR 5
Aug 21 22:46:44.983559 OSPF rcvd Hello 172.16.33.2 -> 224.0.0.5 (ge-0/0/2.0 IFL 74
area 0.0.0.0)
Aug 21 22:46:44.983621 Version 2, length 44, ID 3.3.3.3, area 0.0.0.0
Aug 21 22:46:44.983640 checksum 0x0, authtype 0
Aug 21 22:46:44.983677 mask 255.255.255.0, hello_ivl 10, opts 0x2, prio 128
Aug 21 22:46:44.983698 dead_ivl 40, DR 172.16.33.2, BDR 0.0.0.0
Aug 21 22:46:44.983725 OSPF packet ignored: hello interval mismatch 10 from
172.16.33.2 on intf ge-0/0/2.0 area 0.0.0.0
Copyright 2012 (c)

LET’S FIX HELLO ON TOP AND GET OUR NETWORK BACK!!
[edit protocols ospf area 0.0.0.0]
root@Top-Router# set interface ge-0/0/1.0 hello-interval 10
Copyright 2012 (c)

root@Top-Router# commit
configuration check succeedscommit complete
ge-0/0/1.0 BDR 0.0.0.0 2.2.2.2 1.1.1.1 1
ge-0/0/2.0 BDR 0.0.0.0 3.3.3.3 1.1.1.1 1
ge-0/0/3.0 BDR 0.0.0.0 3.3.3.3 1.1.1.1 1
ge-0/0/0.0 DR 0.0.0.16 1.1.1.1 0.0.0.0 0
Copyright 2012 (c)

Top Router…. Multiple paths to the 8.0 Net.
Path To Right 8.0 via ge-0/0/3.0 is best!!!
172.16.8.0/24 *[OSPF/10] 00:01:40, metric 2
to 172.16.33.2 via ge-0/0/2.0
> to 172.16.34.2 via ge-0/0/3.0
 By default… No load balancing.
 By default… Junos selects one path.
 > is the selected path.
 Show route forwarding-table… rules!
Copyright 2012 (c)

root@Top-Router# set interface ge-0/0/3.0 metric 200
[edit protocols ospf area 0.0.0.0]
hello-interval 10;
}
hello-interval 10;
}
metric 200;
hello-interval 10;
}
Copyright 2012 (c)

“show ospf interface extensive”….NOTE INTERFACE COSTS…..
ge-0/0/2.0 BDR 0.0.0.0 3.3.3.3 1.1.1.1 1
Type: LAN, Address: 172.16.33.1, Mask: 255.255.255.0, MTU: 1500, Cost: 1
DR addr: 172.16.33.2, BDR addr: 172.16.33.1, Priority: 128
Adj count: 1
Hello: 10, Dead: 40, ReXmit: 5, Not Stub
Auth type: None
Protection type: None
Topology default (ID 0) -> Cost: 0
ge-0/0/3.0 BDR 0.0.0.0 3.3.3.3 1.1.1.1 1
Type: LAN, Address: 172.16.34.1, Mask: 255.255.255.0, MTU: 1500, Cost: 200
DR addr: 172.16.34.2, BDR addr: 172.16.34.1, Priority: 128
Adj count: 1
Hello: 10, Dead: 40, ReXmit: 5, Not Stub
Auth type: None
Protection type: None
Topology default (ID 0) -> Cost: 0
Copyright 2012 (c)

AFTER BUMPING THE METRIC ON INT GE-0/0/3
NOW WE ONLY SEE ONE PATH… THE BEST, NOW GE-0/0/2
root@Top-Router# run show route protocol ospf
172.16.4.0/24 *[OSPF/10] 00:13:50, metric 2
> to 172.16.32.2 via ge-0/0/1.0
172.16.8.0/24 *[OSPF/10] 00:00:18, metric 2
> to 172.16.33.2 via ge-0/0/2.0
Copyright 2012 (c)

 Advertise OSPF network…… but….
 Do not attempt to form ospf adjacency on LAN.
 We do not want to send hellos on ge-0/0/0….
 Yet, we do want the network to be part of OSPF.
Passive Interface
Copyright 2012 (c)

Now, we set and activate the passive option on TOP-Router LAN.
root@Top-Router# set area 16 interface ge-0/0/0.0 passive
[edit]
root@Top-Router# commit
configuration check succeeds commit complete
Copyright 2012 (c)

OSPF AUTHENTICATION: Top router for area 0 interfaces
root@Top-Router# set interface ge-0/0/2.0 authentication md5 1 key password
root@Top-Router# set interface ge-0/0/3.0 authentication md5 1 key password
 MD5 or Simple
 Key identifier for password transition
 Specify new key start date / time
Copyright 2012 (c)

hello-interval 10;
}
hello-interval 10;
authentication {
md5 1 key "$9$PfF/CA0Ihrp0-wgJHkp0B1RS"; ## SECRET-DATA
}
}
hello-interval 10;
authentication {
md5 1 key "$9$bow4ZUDkPT3ik1hrv7Nik.mfz"; ## SECRET-DATA
}
}
Copyright 2012 (c)

 Normal Multi-Area OSPF
 Stub Area
 Totally Stubby Area
 Not-So-Stubby Areas
Copyright 2012 (c)

Area 5 - Regular OSPF Area
All OSPF LSA Types (1 router, 2 network, 3 summary, 4 asbr and 5 external)
Copyright 2012 (c)

Stub Area: Router, Network, Summary, maybe Default…. NO EXTERNAL TYPE 5 ROUTES!!
All routers within stub area must have stub configuration!!!
root@Router# set area 5 stub
root@Router# show
area 0.0.0.0 {
}
area 0.0.0.5 {
stub;
Copyright 2012 (c)

Stub Area: Injecting default route…. Only on ABR…. into STUB area 5
root@Router# set area 5 stub default-metric 15
root@Router# show
area 0.0.0.0 {
}
area 0.0.0.5 {
stub default-metric 15;
Copyright 2012 (c)

Totally Stubby Area: Router, Network and maybe Summary Default. Only defined on ABR!
root@Router# set area 5 stub no-summaries(only on abr)
root@Router# show
area 0.0.0.0 {
}
area 0.0.0.5 {
stub no-summaries;
Copyright 2012 (c)

Totally Stubby Area: Injecting a default-route!... Only on ABR!
root@Router# set area 5 stub default-metric 15 no-summaries
root@Router# show
area 0.0.0.0 {
}
area 0.0.0.5 {
stub default-metric 15 no-summaries;
Copyright 2012 (c)

Not-So-Stubby Area: NSSA - Router, Network, Summary Default & Type 7 All routers within
NSSA must have NSSA set!
root@Router# set area 5 nssa
root@Router# show
area 0.0.0.0 {
}
area 0.0.0.5 {
nssa;
Copyright 2012 (c)

Not-So-Stubby Area: Inject default-route on ABR!
root@Router# set area 5 nssa default-lsa default-metric 30
root@Router# show
area 0.0.0.0 {
}
area 0.0.0.5 {
nssa {
default-lsa default-metric 30;
}
root@Router# set area 5 nssa default-lsa default-metric 30
Copyright 2012 (c)

Introduction
Copyright 2012 (c)
Module 1

 Border Gateway Protocol…. Primarily Internet based routing protocol
 BGP Version 4
 ISP to ISP….. Customer to ISP…. Or Customer to Multiple ISP’s!
 Autonomous Systems… 16 bit ( 1 thru 65535 ) and 32 bit.. ( 1 – 4,294,967,295 ).
 64512-65535 Private
 Path Vector protocol…. Uses TCP port 179…Guaranteed BGP updates!
 EBGP…External…. Routers from different AS’s
 IBGP… Internal…… Routers within the same AS
Copyright 2012 (c)

 Policy based routing….. Inbound and Outbound routing policy.
 BGP attributes associated with network prefix.
 Attributes:
 Origin…. AS Path….. Next Hop…..
 Local Pref (outgoing)…. MED (inbound)….. Community..
 Atomic Aggregate… Aggregator… Cluster List.
Copyright 2012 (c)

More about Attributes…
 Origin……… Source of prefix ( i: IGP 0 (ospf – isis – static), E: EGP 1, ? Incomplete).
 AS Path……. Collection of AS #’s… describe path to network…. Prevent loops.
 Next Hop…... Verify BGP connectivity… direct connect or remote ip address.
 Local Pref…. Determines path out of AS… higher pref is more preferred.. Def is 100.
 MED……….. Influence path back into AS… when multiple direct paths to same ISP.
 Community.. Tag routes for identification and hence further operations.
Copyright 2012 (c)
www.zenithnetworks.com
10
0

 EBGP: Peer to the IP Address of directly connected network.
 IBGP: Best to peer to the IP Address of the loopback address.
 No auto-neighbor discovery….. Manually define neighbor/peer.
 Various TCP/BGP States… Idle, Connect, Active, Open Sent, Open Confirm, Established!
Copyright 2012 (c)
10
1

BGP Configuration Elements
 Router-ID
 Autonomous-System…. 1 – 4,294,967,295
 BGP Protocol Group… “edit protocols bgp”
 BGP type (internal / external)… ibgp – internal…. ebgp – external.
 Remote AS… 1 – 4,294,967,295
 Local Address.. Specify source ip address ( ibgp loop ).
 IBGP: Peer to loopback address.
 EBGP: Peer to remote ip address of directly connected interface.
 Policy…. Control inbound / outbound routing.
Copyright 2012 (c)
10
2

End of BGP Overview….
Let’s start BGP configuration!!
Copyright 2012 (c)
10
3

Copyright 2012 (c)
10
4

Goals:
 Establish EBGP Session between ISP and Customer.
 Peer on directly connected interfaces.
 Customer AS…. 65500
 ISPAS………….. 65530
 Customer……... 192.168.1.2
 ISP………………. 192.168.1.1
Copyright 2012 (c)
10
5

Customer:
1: AS Number ( 32 bit / 4 byte value )
2: Router ID ( Identifies router… source of BGP updates )
[edit]
root@Customer# set routing-options autonomous-system 65500
root@Customer# set routing-options router-id 1.1.1.1
[edit]
root@Customer# show routing-options
}
router-id 1.1.1.1;
autonomous-system 65500;
}
Copyright 2012 (c)
10
6

Customer: 1. Group…. 2. Type…. 3. Remote AS….. 4. Neighbor IPAddress.
1. root@Customer# edit protocols bgp group external-bgp (define bgp group)
[edit protocols bgp group external-bgp]
2. root@Customer# set type external
3. root@Customer# set peer-as 65530
4. root@Customer# set neighbor 192.168.1.1 (neighbor ip address on common network)
Copyright 2012 (c)
10
7

Resulting EBGP Group Configuration:
[edit protocols bgp]
root@Customer# show
group external-bgp {
type external;
peer-as 65530;
neighbor 192.168.1.1;
Copyright 2012 (c)
10
8

ISP: Set AS Number and Router ID:
[edit]
root@ISP# set routing-options autonomous-system 65530
root@ISP# set routing-options router-id 2.2.2.2
[edit]
root@ISP# show routing-options
router-id 2.2.2.2;
Copyright 2012 (c)
10
9

root@ISP# edit protocols bgp group external-cust (define bgp group)
[edit protocols bgp group external-cust]
root@ISP# set type external
root@ISP# set peer-as 65500
root@ISP# set neighbor 192.168.1.2 (directly connected neighbor)
Copyright 2012 (c)
11
0

root@ISP# show
group external-cust {
type external;
peer-as 65500;
neighbor 192.168.1.2;
}
Copyright 2012 (c)
11
1

root@Customer# run show bgp neighbor
Peer: 192.168.1.1+49449 AS 65530 Local: 192.168.1.2+179 AS 65500
Type: External State: Established Flags: <Sync>
Last State: OpenConfirm Last Event: RecvKeepAlive
Last Error: None
Export: [ send-my-network ]
Options: <Preference PeerAS Refresh>
Holdtime: 90 Preference: 170
Number of flaps: 0
Peer ID: 2.2.2.2 Local ID: 1.1.1.1 Active Holdtime: 90
Keepalive Interval: 30 Peer index: 0
Copyright 2012 (c)
11
2

root@ISP# run show bgp neighbor
Peer: 192.168.1.2+179 AS 65500 Local: 192.168.1.1+49449 AS 65530
Type: External State: Established Flags: <Sync>
Last Error: None
Options: <Preference PeerAS Refresh>
Holdtime: 90 Preference: 170
Number of flaps: 0
Copyright 2012 (c)
11
3

ON THE CUSTOMER ROUTER, LET’S VIEW OUR CURRENT BGP CONFIGURTION.
We need to add an IBGP Group for the IBGP session!!
root@Customer# show
type external;
peer-as 65530;
neighbor 192.168.1.1;
}
Copyright 2012 (c)
11
4

IBGP: 1. Group, 2. Type, 3. Neighbor, 4. Local-Address (no need to define peer AS)
1. root@Customer# edit group internal-bgp
[edit protocols bgp group internal-bgp]
2. root@Customer# set type internal
3. root@Customer# set neighbor 1.1.1.2 (loop ip address of right-router)
4. root@Customer# set local-address 1.1.1.1 (need to specify source ip address)
•I do not need to specify remote-as… IBGP!
•I did need to specify local-address…..Loopback peering!
Copyright 2012 (c)
11
5

root@Customer# show
type external;
export send-my-network;
peer-as 65530;
neighbor 192.168.1.1;
}
group internal-bgp {
type internal; *** setting for IBGP….. IBGP knows to use local as number.. 65500 ***
neighbor 1.1.1.2;
local-address 1.1.1.1;
}
Copyright 2012 (c)
11
6

IGBP: Router-ID…. AS Number.
root@Internal-Router# set routing-options router-id 1.1.1.2
root@Internal-Router# set routing-options autonomous-system 65500
root@Internal-Router# show routing-options
router-id 1.1.1.2;
Copyright 2012 (c)
11
7

root@Internal-Router# edit group internal-bgp
[edit protocols bgp group internal-bgp]
root@Internal-Router# set type internal
root@Internal-Router# set neighbor 1.1.1.1 (1.1.1.1 is neighbor loop and source ip address)
root@Internal-Router# set local-address 1.1.1.2 (my loop and source.. Neighbor peers to this)
Copyright 2012 (c)
11
8

Resulting Configuration:
root@Internal-Router# show
group internal-bgp {
type internal;
neighbor 1.1.1.1;
local-address 1.1.1.2;
}
Copyright 2012 (c)
11
9

root@Internal-Router# run show bgp neighbor 1.1.1.1
Peer: 1.1.1.1+179 AS 65500 Local: 1.1.1.2+54588 AS 65500
Type: Internal State: Established Flags: <Sync>
Last Error: None
Options: <Preference LocalAddress Refresh>
Local Address: 1.1.1.2 Holdtime: 90 Preference: 170
Number of flaps: 0
Copyright 2012 (c)
12
0

root@Customer# run show bgp neighbor 1.1.1.2
Peer: 1.1.1.2+54588 AS 65500 Local: 1.1.1.1+179 AS 65500
Type: Internal State: Established Flags: <Sync>
Last Error: None
Options: <Preference LocalAddress Refresh>
Local Address: 1.1.1.1 Holdtime: 90 Preference: 170
Number of flaps: 1
Last flap event: RecvNotify
Error: 'Cease' Sent: 0 Recv: 1
Copyright 2012 (c)
12
1

 Advertise Our Customer Prefix
 Define Local Preference
 Set AS Path Prepend
Copyright 2012 (c)
12
3

1. On the customer router…… Define Aggregate Route…
routing-options {
aggregate {
route 172.16.0.0/16;
}
Copyright 2012 (c)
12
5

2. On the customer router…. Let’s define a policy!
policy-options {
policy-statement send-my-network {
term my-net {
from {
protocol aggregate;
route-filter 172.16.0.0/16 exact;
}
then accept;
}
}
}
Copyright 2012 (c)
12
6

3. On the customer router…. call previously defined policy…
protocols {
bgp {
type external;
export send-my-network;
peer-as 65530;
neighbor 192.168.1.1;
}
Below: PRIOR DEFINED POLICY…..
policy-options {
term my-net {
from {
protocol aggregate;
}
then accept;
Copyright 2012 (c)
12
7

root@Customer# run show route advertising-protocol bgp 192.168.1.1
Prefix Nexthop MED Lclpref AS path
* 172.16.0.0/16 Self
Copyright 2012 (c)
12
8

root@ISP# run show route receive-protocol bgp 192.168.1.2
* 172.16.0.0/16 192.168.1.2 65500
Copyright 2012 (c)
12
9

root@ISP> show route protocol bgp
172.16.0.0/16 *[BGP/170] 02:59:15, localpref 100
AS path: 65500 I
> to 192.168.1.2 via ge-0/0/1.0
Copyright 2012 (c)
13
0

root@ISP# run show route protocol bgp detail
172.16.0.0/16 (1 entry, 1 announced)
*BGP Preference: 170/-101
Next hop type: Router, Next hop index: 1324
Next-hop reference count: 2
Source: 192.168.1.2
Next hop: 192.168.1.2 via ge-0/0/1.0, selected
State: <Active Ext>
Local AS: 65530 Peer AS: 65500
Age: 3:00:47
Task: BGP_65500.192.168.1.2+179
Announcement bits (1): 0-KRT
AS path: 65500 I Aggregator: 65500 1.1.1.1
Accepted
Localpref: 100
Router ID: 1.1.1.1
Copyright 2012 (c)
13
1

 Determines path out of your AS….. Multiple paths out!
 Local-Pref is sent via IBGP to other IBGP peers.
 Traffic will be sent via the outbound path with the highest Local-Pref.
 Default local-pref is 100.
 Set using policy or bgp-group configuration statement.
 Used only within local AS…. Not sent to External bgp peers.
Copyright 2012 (c)
13
3
65530
ISP-1
65531
ISP-2
EBGP EBGP
IBGP IBGP
IBGP
AS 65500
Local-Pref
200
Local-Pref
100
Router-A Router-B
Router-C

Define Policy on ISP…..
[edit policy-options policy-statement local-pref-from-cust]
root@ISP# edit term cust-prefix
[edit policy-options policy-statement local-pref-from-cust term cust-prefix]
root@ISP# set from route-filter 172.16.0.0/16 exact
root@ISP# set then local-preference 120
root@ISP# set then accept
Copyright 2012 (c)
13
4

Resulting Policy Config……
root@ISP# show
policy-statement local-pref-from-cust {
term cust-prefix {
from {
}
then {
local-preference 120;
accept;
}
}
}
Copyright 2012 (c)
13
5

Marry policy to BGP……
[edit protocols bgp group external-cust]
root@ISP# set import local-pref-from-cust
root@ISP# show
group external-cust {
type external;
import local-pref-from-cust;
peer-as 65500;
neighbor 192.168.1.2;
}
Copyright 2012 (c)
13
6

BGP ROUTING TABLE…. Before activating policy on ISP!!
172.16.0.0/16 *[BGP/170] 02:59:15, localpref 100 ******
AS path: 65500 I
> to 192.168.1.2 via ge-0/0/1.0
Copyright 2012 (c)
13
7

root@ISP# run show route protocol bgp
172.16.0.0/16 *[BGP/170] 03:20:05, localpref 120 ******
AS path: 65500 I
> to 192.168.1.2 via ge-0/0/1.0
Copyright 2012 (c)
13
8

 Describes path of AS’s that a route/prefix has traversed.
 As prefix is advertised via EBGP… AS is added (prepended) to AS list.
 Loop Prevention…. If router rx BGP update and sees its AS… LOOP… Drop!
 AS-Path Prepend…. Influence upstream peer to use a certain path back to source!
 Use MED to influence directly connected peer, but AS-Path Prepend further out.
Copyright 2012 (c)
14
0
AS
65530
AS
65531
AS
65532
AS
65532
65530 65531 65530 65532 65531 65530

 Attempt to influence upstream peer (green) to use a certain path back into your AS!
 YELLOW… AS 10… Prepend from AS10 to AS12 Peer.
 Do not prepend from 10 to 11.
 AS 13 might use return path to 10 via AS 11!!
Copyright 2012 (c)
14
1
AS
11
AS
12
AS
10
AS
13
10 10 1010
12 10 10 1011 10
AS Prepend

On the customer router, let’s setup as-path-prepend……
First, Let’s view the current customer BGP send info.
* 172.16.0.0/16 Self I
Copyright 2012 (c)
14
2

ISP BGP Receive…. Before AS-PATH Prepend is applied on Customer Router.
* 172.16.0.0/16 192.168.1.2 65500 I
Copyright 2012 (c)
14
3

On the customer router… setup as-path-prepend……
term my-net {
from {
protocol aggregate;
}
then {
as-path-prepend "65500 65500 65500";
accept;
}
}
}
Copyright 2012 (c)
14
4

*** info@zenithnetworks.com ***
www.juniper.net
*** junostraining@juniper.net ***
*** extjumpstart-junos@juniper.net ***
Copyright 2012 (c)
14
7

 www.juniper.net/education
 Multiple Tracks
 Enterprise Routing and Switching
 JNCIA-JUNOS, JNCIS-ENT, JNCIP-ENT, JNCIE-ENT
 Service Provider Routing and Switching
 JNCIA-JUNOS, JNCIS-SP, JNCIP-SP, JNCIE-SP
 JUNOS Security
 JNCIA-JUNOS, JNCIS-SEC, JNCIP-SEC, JNCIE-SEC
14
8
Copyright 2012 (c)
ZenithNetworks, Inc.

Zenith Networks OSPF Configuration Guide

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (15)

Similar to Zenith Networks OSPF Configuration Guide

Similar to Zenith Networks OSPF Configuration Guide (20)

Recently uploaded

Recently uploaded (20)

Zenith Networks OSPF Configuration Guide