Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

JUNOS: OSPF and BGP

4,387 views

Published on

JUNOS: A 2.5 hour introduction / overview of OSPF and very basic BGP.

Published in: Technology

JUNOS: OSPF and BGP

  1. 1. Steve Dyer, Zenith Networks info@zenithnetworks.com Copyright 2012 (c) www.zenithnetworks.com 2
  2. 2.  Partner of Juniper Networks  HQ Philadelphia, PA  27 Years Network Integration Services  12 Years Education Services  LAN / WAN Configuration and Design  Routing, Switching and Security  JNCIA, JNCIS-ENT, JNCI-ENT  www.zenithnetworks.com Copyright 2012 (c) www.zenithnetworks.com 3
  3. 3. Founded 1996 HQ Sunnyvale, CA Employees 9,400 + 46 countries Award: 2011, 2012, 2013 & 2014 World’s Most Ethical Company! Connect Everything…. Empower Everyone! Routing, Switching, Security www.juniper.net Copyright 2012 (c) www.zenithnetworks.com 4
  4. 4. Copyright 2012 (c) www.zenithnetworks.com 5
  5. 5. Access to view the Slides……  http://www.zenithnetworks.com/education Copyright 2012 (c) www.zenithnetworks.com 6
  6. 6.  Classless – IGP (interior gateway routing protocol)  Open Shortest Path First….. Link State…  Enterprise Routing Protocol…..  Supports VLSM….  Define Single Area or Multi-Area….  Fast network convergence.  Multicast – LSA  Uses multicast, not broadcast…  224.0.0.6 ( DR and BDR ).  224.0.0.5 ( All other OSPF routers… NOT DR / BDR ).  Advertise network link information  LSA (link state advertisements) (contained within LSU packet).  LSA’s are used to build the LSDB.  LSDB is identical for each router within a given area.  SPF runs against LSDB to create SPF Tree…OSPF routing table. Copyright 2012 (c) www.zenithnetworks.com 7
  7. 7.  Single Area OSPF  All routers share a common ospf area id…. 0, 5, 10…  Defined at the physical.0 or L3 vlan interface or tagged logical interface.  Multi-Area OSPF  More than one area defined.  Area 0, and some other area…. 5, 10, 15  Area 0 is known as the backbone area.  All non-zero areas must connect through area 0  Otherwise you must define a virtual-area.  Allows for route summarization and stub area…..  Control LSA traffic.  Defined at the physical or L3 vlan interface or tagged logical interface. Copyright 2012 (c) www.zenithnetworks.com 8
  8. 8.  OSPF Router Types:  Internal…….. All links on a given router reside in same area.  Backbone... ...At least one link in area 0.  ABR……….. Area 0 and other non-zero area.. 10.  ASBR……… Router that inject routes from other routing protocol or outside AS. Copyright 2012 (c) www.zenithnetworks.com 9 Internal Routers Backbone and Internal Routers Internal Routers Area 5 Area 10 ABR ABR Area 0 RIP Routes ASBR Area 0 Area 0 Area 5 Area 10 Backbone Backbone
  9. 9.  Type 1 Hello Packet  Type 2 Database Description  Type 3 Link State Request  Type 4 Link State Update  Type 5 Link State Ack Copyright 2012 (c) www.zenithnetworks.com 10
  10. 10.  Hello OSPF Packet  Type 1  Dynamically Discover and Maintain OSPF neighbors  Hello – Dead Intervals  10 / 40  Authentication ?  Area ID  Subnet mask  OSPF Stub flag Copyright 2012 (c) www.zenithnetworks.com 11
  11. 11.  DDP Database Description  Type 2  Used to form adjacencies  Describe contents of link-state DB ( Link-Header)  Master/Slave relationship  Thanks for the summary information…  I need more information… ( LSR ) Start of OSPF exchange process! Copyright 2012 (c) www.zenithnetworks.com 12
  12. 12.  LSR Link State Request  Type 3  After receiving DDP ( DB Description )….  Router determines stale or empty DB entries…  Router needs more detailed information (Send LSR).  In response to LSR, Router will receive LSU. Copyright 2012 (c) www.zenithnetworks.com 13
  13. 13.  LSU Link State Update  Type 4  Sent in response to LSR…  Sent if link information changes… Up/Down/New.  Sent to 224.0.0.5 or 224.0.0.6  Carries multiple LSA Types (router, network, summary…) Copyright 2012 (c) www.zenithnetworks.com 14
  14. 14.  Link State Ack  Type 5  LSR…….  LSU……. (contains multiple lsa types)  LSAck….. ACK’s LSR… sent to unicast ip address Reliable OSPF DB exchange process. Copyright 2012 (c) www.zenithnetworks.com 15
  15. 15.  Router LSA (contained within OSPF LSU packet) Type 1 Router LSA originated by all OSPF routers  Describes state of a routers interfaces…  Flooded throughout a single-area… could be a large area! No more than 50 routers per area ?? Copyright 2012 (c) www.zenithnetworks.com 16
  16. 16.  Network Link LSA (contained within the OSPF LSU packet)  Type 2  Originated by DR for BCAST and NBMA networks  Represents the local routed segment and all attached routers  Contains list of routers within the ethernet segment…  Flooded throughout a single-area… could be a large area! Copyright 2012 (c) www.zenithnetworks.com 17
  17. 17.  Summary Link LSA (contained within OSPF LSU packet)  Type 3 and 4  Originated by ABR  Describes routes from other areas, but within the AS  Inter-Area Routes  Type 4… Advertise the presence of the ASBR… via ABR  Flooded throughout ALL ospf areas!  Totally Stubby and Route Summarization control propagation Copyright 2012 (c) www.zenithnetworks.com 18
  18. 18.  External Link LSA (contained within OSPF LSU packet)  Type 5  Originated by AS Boundry Router  Describes routes from outside the AS…  Describes routes that have been redistributed from other routing protocols or static routes.  Flooded throughout OSPF AS.  Type II do not add internal ospf cost to route (default)  Type I do ADD internal ospf cost to route.  Blocked by stub abr! Copyright 2012 (c) www.zenithnetworks.com 19
  19. 19.  External links redistributed into NSSA (contained within OSPF LSU packet)  Type 7  Originated by AS Boundry Router (ASBR)  Describes routes from outside the AS…  Describes routes that have been redistributed from other routing protocols or static routes.  Flooded throughout OSPF NSSA  ABR converts type 7 into type 5… floods into area 0. Copyright 2012 (c) www.zenithnetworks.com 20
  20. 20.  OSPF Versions  V2 ( IPv4 processing )  V3 ( IPv4 and IPV6 processing ) Copyright 2012 (c) www.zenithnetworks.com 21
  21. 21. Router ID  Every OSPF router has a unique ospf router id  Identifies router to the OSPF routing domain  32 bit number  Generally the loopback ip address, but not required  If using loop…. Loop IP is the OSPF router ID…  Not using loop… IP address of 1st physical interface to come online is R-ID  If router-id is hard-coded, then this parameter rules (loop or no loop)!! Copyright 2012 (c) www.zenithnetworks.com 22
  22. 22. DR ( Designated Router )  Determined at the interface ( broadcast ) level  Non-deterministic process….  Priority 0 thru 255…. 128 is default…  Highest priority wins DR… if tie…. Highest RID becomes DR.  DR establishes full adjacency with all other OSPF routers for a given area….  Ensure LSDB Synchronization Copyright 2012 (c) www.zenithnetworks.com 23
  23. 23.  SPF Algorithim – Dijkstra  1. SPF runs against local LSDB…  2. Build SPF Tree….  3. Routes are selected for the routing table.  OSPF Processing  SPF runs on each router and depending on # of entries can be cpu intensive.  MCAST on network… not broadcast… so easy on the network  224.0.0.5 - 224.0.0.6 v. 255.255.255.255 ( MCAST v. BCAST )  Only send LSA for up/down/new link state information or if no changes..  LSA refresh every 50 minutes Copyright 2012 (c) www.zenithnetworks.com 24
  24. 24. Copyright 2012 (c) www.zenithnetworks.com 25
  25. 25.  Router ID  Version  Areas  Neighbors  View LSDB  View OSPF Statistics  View OSPF Routes  Metric  Hello / Dead  Authentication  Traceoptions Copyright 2012 (c) www.zenithnetworks.com 26
  26. 26. Let’s build basic OSPF configuration on all routers!  Router ID  OSPF Areas and Marry Interface to Area Copyright 2012 (c) www.zenithnetworks.com 27
  27. 27. Copyright 2012 (c) www.zenithnetworks.com 28
  28. 28. OSPF Router ID Optional Overrides any other default R-ID candidate. Generally lo0 IPAddress. If no loop… 1st physical interface to come online. Does not have to be routable. [edit] root@Top-Router# set routing-options router-id 1.1.1.1 [edit] root@Top-Router# show routing-options router-id 1.1.1.1; Copyright 2012 (c) www.zenithnetworks.com 29
  29. 29. Configure OSPFv2 or OSPFv3 root@Top-Router# edit protocols ospf? Possible completions: > ospf OSPF configuration ( IPv4 ) > ospf3 OSPFv3 configuration ( IPv4 and IPv6 ) edit protocols ospf (ipv4 processing) edit protocols ospf3 (ipv4 and ipv6 processing) Copyright 2012 (c) www.zenithnetworks.com 30
  30. 30. [edit protocols ospf] root@Top-Router# set area 16 interface ge-0/0/0.0 root@Top-Router# set area 0.0.0.0 interface ge-0/0/1.0 root@Top-Router# set area 0.0.0.0 interface ge-0/0/2.0 root@Top-Router# set area 0.0.0.0 interface ge-0/0/3 Not required to use .0 at end, but note….. If using vlan tagged interface… must specify .x or .0 is assumed! Interface ge-0/0/5 vlan-tagging Unit 10 vlan-id 10 family-inet address 172.16.10.1/24 SET AREA 20 INTERFACE GE-0/0/5.10 Copyright 2012 (c) www.zenithnetworks.com 31
  31. 31. [edit protocols ospf] root@Top-Router# show area 0.0.0.16 { interface ge-0/0/0.0; } area 0.0.0.0 { interface ge-0/0/1.0; interface ge-0/0/2.0; interface ge-0/0/3.0; } Copyright 2012 (c) www.zenithnetworks.com 32
  32. 32. OSPF Router ID Optional Overrides any other default. Generally lo0 IP Address. If no loop… 1st physical interface to come online. Does not have to be routable. [edit] root@Left-Router# set routing-options router-id 2.2.2.2 [edit] root@Left-Router# show routing-options router-id 2.2.2.2 ; Copyright 2012 (c) www.zenithnetworks.com 33
  33. 33. [edit] root@Left-Router# edit protocols ospf [edit protocols ospf] root@Left-Router# set area 4 interface ge-0/0/0.0 root@Left-Router# set area 0 interface ge-0/0/1.0 We define OSPF areas and at the same time marry interfaces to these areas! Copyright 2012 (c) www.zenithnetworks.com 34
  34. 34. [edit protocols ospf] root@Left-Router# show area 0.0.0.4 { interface ge-0/0/0.0; } area 0.0.0.0 { interface ge-0/0/1.0; } Copyright 2012 (c) www.zenithnetworks.com 35
  35. 35. root@Right-Router# set routing-options router-id 3.3.3.3 [edit routing-options] root@Right-Router# show router-id 3.3.3.3; Copyright 2012 (c) www.zenithnetworks.com 36
  36. 36. [edit protocols ospf] root@Right-Router# set area 8 interface ge-0/0/0.0 root@Right-Router# set area 0 interface ge-0/0/2.0 root@Right-Router# set area 0 interface ge-0/0/3.0 Copyright 2012 (c) www.zenithnetworks.com 37
  37. 37. [edit protocols ospf] root@Right-Router# show area 0.0.0.8 { interface ge-0/0/0.0; } area 0.0.0.0 { interface ge-0/0/2.0; interface ge-0/0/3.0; } Copyright 2012 (c) www.zenithnetworks.com 38
  38. 38. Basic configuration now built on all routers!  IP Addresses  Lo0 Interface  Router ID  OSPF Areas and Marry Interface to Area Let’s Monitor basic OSPF information. Copyright 2012 (c) www.zenithnetworks.com 39
  39. 39. [edit] root@Top-Router# run show ospf ? Possible completions: backup Show OSPF backup information database Show OSPF link-state database interface Show OSPF interface status information io-statistics Show OSPF I/O statistics log Show shortest-path-first calculations from OSPF log neighbor Show OSPF neighbor status information overview Show overview of OSPF information route Show OSPF routing table statistics Show OSPF statistics Copyright 2012 (c) www.zenithnetworks.com 40
  40. 40. [edit] root@Top-Router# run show ospf interface Interface State Area DR ID BDR ID Nbrs ge-0/0/1.0 DR 0.0.0.0 1.1.1.1 2.2.2.2 1 ge-0/0/2.0 DR 0.0.0.0 1.1.1.1 3.3.3.3 1 ge-0/0/3.0 DR 0.0.0.0 1.1.1.1 3.3.3.3 1 ge-0/0/0.0 DR 0.0.0.16 1.1.1.1 0.0.0.0 0  Our router interface.  OSPF Router state (dr,bdr, drother). Copyright 2012 (c) www.zenithnetworks.com 41
  41. 41. root@Top-Router# run show ospf neighbor Address Interface State ID Pri Dead 172.16.32.2 ge-0/0/1.0 Full 2.2.2.2 128 36 172.16.33.2 ge-0/0/2.0 Full 3.3.3.3 128 36 172.16.34.2 ge-0/0/3.0 Full 3.3.3.3 128 36  My physical interface.  Neighbor IP address on phys. Interface.  Neighbor OSPF router id.  Interface priority (DR Election ). Copyright 2012 (c) www.zenithnetworks.com 42
  42. 42. root@Top-Router# run show ospf database OSPF database, Area 0.0.0.0 Type ID Adv Rtr Seq Age Opt Cksum Len Router *1.1.1.1 1.1.1.1 0x80000008 268 0x22 0x7f4a 60 Router 2.2.2.2 2.2.2.2 0x80000003 61 0x22 0xa0c2 36 Router 3.3.3.3 3.3.3.3 0x80000003 264 0x22 0x6028 48 Network *172.16.32.1 1.1.1.1 0x80000001 1100 0x22 0x1735 32 Network *172.16.33.1 1.1.1.1 0x80000001 273 0x22 0x3e09 32 Network *172.16.34.1 1.1.1.1 0x80000001 268 0x22 0x3313 32 Summary 172.16.4.0 2.2.2.2 0x80000003 410 0x22 0xa1cf 28 Summary 172.16.8.0 3.3.3.3 0x80000002 269 0x22 0x5911 28 Summary *172.16.16.0 1.1.1.1 0x80000002 770 0x22 0x3d2d 28  * Sourced from this router.  Router Type 1……… Considered to be within same OSPF area ( Intra-Area ).  Network Type 2…… Sourced by DR.  Summary Type 3….. Relative to area 0, routes from other OSPF area… Sourced by ABR. Copyright 2012 (c) www.zenithnetworks.com 43
  43. 43. OSPF database, Area 0.0.0.16 Type ID Adv Rtr Seq Age Opt Cksum Len Router *1.1.1.1 1.1.1.1 0x80000003 1084 0x22 0x77e2 36 Summary *172.16.4.0 1.1.1.1 0x80000001 1093 0x22 0xcda8 28 Summary *172.16.8.0 1.1.1.1 0x80000002 261 0x22 0x9fd1 28 Summary *172.16.32.0 1.1.1.1 0x80000002 1100 0x22 0x8ccd 28 Summary *172.16.33.0 1.1.1.1 0x80000003 273 0x22 0x7fd8 28 Summary *172.16.34.0 1.1.1.1 0x80000002 268 0x22 0x76e1 28 Copyright 2012 (c) www.zenithnetworks.com 44
  44. 44. root@Top-Router# run show ospf statistics Packet type Total Last 5 seconds Sent Received Sent Received Hello 41 10 0 0 DbD 10 7 0 0 LSReq 3 2 0 0 LSUpdate 19 11 0 0 LSAck 11 14 0 0 Copyright 2012 (c) www.zenithnetworks.com 45
  45. 45. DBDs retransmitted : 1, last 5 seconds : 0 LSAs flooded : 4, last 5 seconds : 0 LSAs flooded high-prio : 19, last 5 seconds : 0 LSAs retransmitted : 0, last 5 seconds : 0 LSAs transmitted to nbr: 7, last 5 seconds : 0 LSAs requested : 3, last 5 seconds : 0 LSAs acknowledged : 13, last 5 seconds :0 Flood queue depth : 0 Total rexmit entries : 0 db summaries : 0 lsreq entries : 0 Receive errors: None Copyright 2012 (c) www.zenithnetworks.com 46
  46. 46. root@Top-Router# run show ospf overview Instance: master Router ID: 1.1.1.1 Route table index: 0 Area border router LSA refresh time: 50 minutes Area: 0.0.0.0 Stub type: Not Stub Authentication Type: None Area border routers: 2, AS boundary routers: 0 Neighbors Up (in full state): 3 Copyright 2012 (c) www.zenithnetworks.com 47
  47. 47. Area: 0.0.0.16 Stub type: Not Stub Authentication Type: None Area border routers: 0, AS boundary routers: 0 Neighbors Up (in full state): 0 Topology: default (ID 0) Prefix export count: 0 Full SPF runs: 11 SPF delay: 0.200000 sec, SPF holddown: 5 sec, SPF rapid runs: 3 Backup SPF: Not Needed Copyright 2012 (c) www.zenithnetworks.com 48
  48. 48. root@Top-Router# run show ospf route Topology default Route Table: Prefix Path Route NH Metric NextHop Nexthop Type Type Type Interface Address/LSP 2.2.2.2 Intra Area BR IP 1 ge-0/0/1.0 172.16.32.2 3.3.3.3 Intra Area BR IP 1 ge-0/0/2.0 172.16.33.2 ge-0/0/3.0 172.16.34.2 172.16.4.0/24 Inter Network IP 2 ge-0/0/1.0 172.16.32.2 172.16.8.0/24 Inter Network IP 2 ge-0/0/2.0 172.16.33.2 ge-0/0/3.0 172.16.34.2 172.16.16.0/24 Intra Network IP 1 ge-0/0/0.0 172.16.32.0/24 Intra Network IP 1 ge-0/0/1.0 172.16.33.0/24 Intra Network IP 1 ge-0/0/2.0 172.16.34.0/24 Intra Network IP 1 ge-0/0/3.0  Routes OSPF would like to add to the RIB.  Sourced from LSDB.  Red is directly connected on Top-Router…. Blue is learned. Copyright 2012 (c) www.zenithnetworks.com 49
  49. 49. root@Top-Router# run show route protocol ospf inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 172.16.4.0/24 *[OSPF/10] 00:23:44, metric 2 > to 172.16.32.2 via ge-0/0/1.0 172.16.8.0/24 *[OSPF/10] 00:09:52, metric 2 > to 172.16.33.2 via ge-0/0/2.0 to 172.16.34.2 via ge-0/0/3.0 224.0.0.5/32 *[OSPF/10] 00:45:52, metric 1 MultiRecv  Routes from RIB. Copyright 2012 (c) www.zenithnetworks.com 50
  50. 50. root@Left-Router# run show ospf interface Interface State Area DR ID BDR ID Nbrs ge-0/0/1.0 BDR 0.0.0.0 1.1.1.1 2.2.2.2 1 ge-0/0/0.0 DR 0.0.0.4 2.2.2.2 0.0.0.0 0 Copyright 2012 (c) www.zenithnetworks.com 51
  51. 51. root@Left-Router# run show ospf neighbor Address Interface State ID Pri Dead 172.16.32.1 ge-0/0/1.0 Full 1.1.1.1 128 33 Copyright 2012 (c) www.zenithnetworks.com 52
  52. 52. root@Left-Router# run show ospf database OSPF database, Area 0.0.0.0 Type ID Adv Rtr Seq Age Opt Cksum Len Router 1.1.1.1 1.1.1.1 0x80000008 719 0x22 0x7f4a 60 Router *2.2.2.2 2.2.2.2 0x80000003 510 0x22 0xa0c2 36 Router 3.3.3.3 3.3.3.3 0x80000003 715 0x22 0x6028 48 Network 172.16.32.1 1.1.1.1 0x80000002 221 0x22 0x1536 32 Network 172.16.33.1 1.1.1.1 0x80000001 724 0x22 0x3e09 32 Network 172.16.34.1 1.1.1.1 0x80000001 719 0x22 0x3313 32 Summary *172.16.4.0 2.2.2.2 0x80000003 858 0x22 0xa1cf 28 Summary 172.16.8.0 3.3.3.3 0x80000003 82 0x22 0x5712 28 Summary 172.16.16.0 1.1.1.1 0x80000002 1221 0x22 0x3d2d 28  * Sourced from this router.  Router Type 1……… Considered to be within same OSPF area ( Intra-Area ).  Network Type 2…… Sourced by DR ( Top Router ).  Summary Type 3….. Relative to area 0, routes from other OSPF area… Sourced by ABR. Copyright 2012 (c) www.zenithnetworks.com 53
  53. 53. OSPF database, Area 0.0.0.4 Type ID Adv Rtr Seq Age Opt Cksum Len Router *2.2.2.2 2.2.2.2 0x80000002 1510 0x22 0xc09e 36 Summary *172.16.8.0 2.2.2.2 0x80000001 716 0x22 0x8ddf 28 Summary *172.16.16.0 2.2.2.2 0x80000002 161 0x22 0x293c 28 Summary *172.16.32.0 2.2.2.2 0x80000003 1544 0x22 0x6ce8 28 Summary *172.16.33.0 2.2.2.2 0x80000002 722 0x22 0x6de6 28 Summary *172.16.34.0 2.2.2.2 0x80000002 717 0x22 0x62f0 28 Relative to area 4…. All other routes are from other area… Summary Type 3 LSA…. ABR.  * Sourced from this router.  Router Type 1……… Considered to be within same OSPF area ( Intra-Area ).  Network Type 2…… Sourced by DR ( Top Router ).  Summary Type 3….. Relative to area 0, routes from other OSPF area… Sourced by ABR. Copyright 2012 (c) www.zenithnetworks.com 54
  54. 54. root@Left-Router# run show ospf overview Instance: master Router ID: 2.2.2.2 Route table index: 0 Area border router LSA refresh time: 50 minutes Area: 0.0.0.0 Stub type: Not Stub Authentication Type: None Area border routers: 2, AS boundary routers: 0 Neighbors Up (in full state): 1 Copyright 2012 (c) www.zenithnetworks.com 55
  55. 55. Area: 0.0.0.4 Stub type: Not Stub Authentication Type: None Area border routers: 0, AS boundary routers: 0 Neighbors Up (in full state): 0 Topology: default (ID 0) Prefix export count: 0 Full SPF runs: 7 SPF delay: 0.200000 sec, SPF holddown: 5 sec, SPF rapid runs: 3 Backup SPF: Not Needed Copyright 2012 (c) www.zenithnetworks.com 56
  56. 56. root@Left-Router# run show route protocol ospf inet.0: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 172.16.8.0/24 *[OSPF/10] 00:13:35, metric 3 > to 172.16.32.1 via ge-0/0/1.0 172.16.16.0/24 *[OSPF/10] 00:27:23, metric 2 > to 172.16.32.1 via ge-0/0/1.0 172.16.33.0/24 *[OSPF/10] 00:27:23, metric 2 > to 172.16.32.1 via ge-0/0/1.0 172.16.34.0/24 *[OSPF/10] 00:27:23, metric 2 > to 172.16.32.1 via ge-0/0/1.0 224.0.0.5/32 *[OSPF/10] 00:27:29, metric 1 MultiRecv inet6.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) Copyright 2012 (c) www.zenithnetworks.com 57
  57. 57. root@Right-Router# run show ospf interface Interface State Area DR ID BDR ID Nbrs ge-0/0/2.0 BDR 0.0.0.0 1.1.1.1 3.3.3.3 1 ge-0/0/3.0 BDR 0.0.0.0 1.1.1.1 3.3.3.3 1 ge-0/0/0.0 DR 0.0.0.8 3.3.3.3 0.0.0.0 0 Copyright 2012 (c) www.zenithnetworks.com 58
  58. 58. root@Right-Router# run show ospf neighbor Address Interface State ID Pri Dead 172.16.33.1 ge-0/0/2.0 Full 1.1.1.1 128 32 172.16.34.1 ge-0/0/3.0 Full 1.1.1.1 128 33 Copyright 2012 (c) www.zenithnetworks.com 59
  59. 59. root@Right-Router# run show ospf database OSPF database, Area 0.0.0.0 Type ID Adv Rtr Seq Age Opt Cksum Len Router 1.1.1.1 1.1.1.1 0x80000008 947 0x22 0x7f4a 60 Router 2.2.2.2 2.2.2.2 0x80000003 740 0x22 0xa0c2 36 Router *3.3.3.3 3.3.3.3 0x80000003 942 0x22 0x6028 48 Network 172.16.32.1 1.1.1.1 0x80000002 450 0x22 0x1536 32 Network 172.16.33.1 1.1.1.1 0x80000001 952 0x22 0x3e09 32 Network 172.16.34.1 1.1.1.1 0x80000001 947 0x22 0x3313 32 Summary 172.16.4.0 2.2.2.2 0x80000003 1089 0x22 0xa1cf 28 Summary *172.16.8.0 3.3.3.3 0x80000003 309 0x22 0x5712 28 Summary 172.16.16.0 1.1.1.1 0x80000002 1449 0x22 0x3d2d 28  * Sourced from this router.  Router Type 1……… Considered to be within same OSPF area ( Intra-Area ).  Network Type 2…… Sourced by DR ( Top Router ).  Summary Type 3….. Relative to area 0, routes from other OSPF area… Sourced by ABR. Copyright 2012 (c) www.zenithnetworks.com 60
  60. 60. OSPF database, Area 0.0.0.8 Type ID Adv Rtr Seq Age Opt Cksum Len Router *3.3.3.3 3.3.3.3 0x80000002 912 0x22 0x98ba 36 Summary *172.16.4.0 3.3.3.3 0x80000002 937 0x22 0x99d2 28 Summary *172.16.16.0 3.3.3.3 0x80000002 937 0x22 0xb56 28 Summary *172.16.32.0 3.3.3.3 0x80000002 937 0x22 0x5af6 28 Summary *172.16.33.0 3.3.3.3 0x80000004 4 0x22 0x410e 28 Summary *172.16.34.0 3.3.3.3 0x80000004 937 0x22 0x3618 28 Copyright 2012 (c) www.zenithnetworks.com 61
  61. 61. root@Right-Router# run show ospf overview Instance: master Router ID: 3.3.3.3 Route table index: 0 Area border router LSA refresh time: 50 minutes Area: 0.0.0.0 Stub type: Not Stub Authentication Type: None Area border routers: 2, AS boundary routers: 0 Neighbors Up (in full state): 2 Copyright 2012 (c) www.zenithnetworks.com 62
  62. 62. Area: 0.0.0.8 Stub type: Not Stub Authentication Type: None Area border routers: 0, AS boundary routers: 0 Neighbors Up (in full state): 0 Topology: default (ID 0) Prefix export count: 0 Full SPF runs: 4 SPF delay: 0.200000 sec, SPF holddown: 5 sec, SPF rapid runs: 3 Backup SPF: Not Needed Copyright 2012 (c) www.zenithnetworks.com 63
  63. 63. root@Right-Router# run show route protocol ospf inet.0: 14 destinations, 14 routes (14 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 172.16.4.0/24 *[OSPF/10] 00:18:26, metric 3 > to 172.16.33.1 via ge-0/0/2.0 to 172.16.34.1 via ge-0/0/3.0 172.16.16.0/24 *[OSPF/10] 00:18:26, metric 2 to 172.16.33.1 via ge-0/0/2.0 > to 172.16.34.1 via ge-0/0/3.0 172.16.32.0/24 *[OSPF/10] 00:18:26, metric 2 to 172.16.33.1 via ge-0/0/2.0 > to 172.16.34.1 via ge-0/0/3.0 224.0.0.5/32 *[OSPF/10] 00:18:41, metric 1 MultiRecv Copyright 2012 (c) www.zenithnetworks.com 64
  64. 64. Copyright 2012 (c) www.zenithnetworks.com 65
  65. 65. Adjusting the hello parameter Traceoptions (troubleshooting) Adjusting the default metric Authentication Passive Interface Copyright 2012 (c) www.zenithnetworks.com 66
  66. 66.  Let’s break ospf by changing hello timers on top router!  Default hello timer is 10 seconds.  Hello parameters must match in order to establish and maintain neighbor!! Copyright 2012 (c) www.zenithnetworks.com 67
  67. 67. CHANGE OSPF HELLO ON TOP ROUTER INTERFACES [edit protocols ospf] root@Top-Router# set area 0 interface ge-0/0/1.0 hello-interval 5 root@Top-Router# set area 0 interface ge-0/0/2.0 hello-interval 5 root@Top-Router# set area 0 interface ge-0/0/3.0 hello-interval 5 Copyright 2012 (c) www.zenithnetworks.com 68
  68. 68. [edit protocols ospf] root@Top-Router# show area 0.0.0.16 { interface ge-0/0/0.0; } area 0.0.0.0 interface ge-0/0/1.0 { hello-interval 5; } interface ge-0/0/2.0 { hello-interval 5; } interface ge-0/0/3.0 { hello-interval 5; } } Copyright 2012 (c) www.zenithnetworks.com 69
  69. 69. BEFORE COMITTING THE PRIOR HELLO CHANGES, LET’S TAKE AN INTERFACE SNAPSHOT!!! root@Top-Router# run show ospf interface Interface State Area DR ID BDR ID Nbrs ge-0/0/1.0 DR 0.0.0.0 1.1.1.1 2.2.2.2 1 ge-0/0/2.0 DR 0.0.0.0 1.1.1.1 3.3.3.3 1 ge-0/0/3.0 DR 0.0.0.0 1.1.1.1 3.3.3.3 1 ge-0/0/0.0 DR 0.0.0.16 1.1.1.1 0.0.0.0 0 We are Happy!! Copyright 2012 (c) www.zenithnetworks.com 70
  70. 70. NOW COMMIT, PRIOR HELLO CHANGES…….. NEIGHBORS ARE GONE! root@Top-Router# run show ospf interface Interface State Area DR ID BDR ID Nbrs ge-0/0/1.0 DR 0.0.0.0 1.1.1.1 0.0.0.0 0 ge-0/0/2.0 DR 0.0.0.0 1.1.1.1 0.0.0.0 0 ge-0/0/3.0 DR 0.0.0.0 1.1.1.1 0.0.0.0 0 ge-0/0/0.0 DR 0.0.0.16 1.1.1.1 0.0.0.0 0 We are Sad Copyright 2012 (c) www.zenithnetworks.com 71
  71. 71. Let’s setup TRACEOPTIONS and see the impact of the recent hello changes. We can view detailed real-time protocol events. [edit protocols ospf] root@Top-Router# set traceoptions file whats-up root@Top-Router# set traceoptions flag hello root@Top-Router# set traceoptions flag event root@Top-Router# set traceoptions flag error Copyright 2012 (c) www.zenithnetworks.com 72
  72. 72. root@Top-Router# show traceoptions { file whats-up; flag hello; flag event; flag error; } Copyright 2012 (c) www.zenithnetworks.com 73
  73. 73. root@Top-Router# run show log whats-up *** monitor start whats-up ( filename ) *** “copy to screen” *** monitor stop whats-up ( filename ) *** “ stop copy to screen” WE ARE RECEIVING HELLO’S FROM NEIGHBORS SET FOR 10, BUT TOP IS NOW SET FOR 5 Aug 21 22:46:44.983559 OSPF rcvd Hello 172.16.33.2 -> 224.0.0.5 (ge-0/0/2.0 IFL 74 area 0.0.0.0) Aug 21 22:46:44.983621 Version 2, length 44, ID 3.3.3.3, area 0.0.0.0 Aug 21 22:46:44.983640 checksum 0x0, authtype 0 Aug 21 22:46:44.983677 mask 255.255.255.0, hello_ivl 10, opts 0x2, prio 128 Aug 21 22:46:44.983698 dead_ivl 40, DR 172.16.33.2, BDR 0.0.0.0 Aug 21 22:46:44.983725 OSPF packet ignored: hello interval mismatch 10 from 172.16.33.2 on intf ge-0/0/2.0 area 0.0.0.0 Copyright 2012 (c) www.zenithnetworks.com 74
  74. 74. LET’S FIX HELLO ON TOP AND GET OUR NETWORK BACK!! [edit protocols ospf area 0.0.0.0] root@Top-Router# set interface ge-0/0/1.0 hello-interval 10 root@Top-Router# set interface ge-0/0/2.0 hello-interval 10 root@Top-Router# set interface ge-0/0/3.0 hello-interval 10 Copyright 2012 (c) www.zenithnetworks.com 75
  75. 75. root@Top-Router# commit configuration check succeedscommit complete root@Top-Router# run show ospf interface Interface State Area DR ID BDR ID Nbrs ge-0/0/1.0 BDR 0.0.0.0 2.2.2.2 1.1.1.1 1 ge-0/0/2.0 BDR 0.0.0.0 3.3.3.3 1.1.1.1 1 ge-0/0/3.0 BDR 0.0.0.0 3.3.3.3 1.1.1.1 1 ge-0/0/0.0 DR 0.0.0.16 1.1.1.1 0.0.0.0 0 Copyright 2012 (c) www.zenithnetworks.com 76
  76. 76. Top Router…. Multiple paths to the 8.0 Net. Path To Right 8.0 via ge-0/0/3.0 is best!!! 172.16.8.0/24 *[OSPF/10] 00:01:40, metric 2 to 172.16.33.2 via ge-0/0/2.0 > to 172.16.34.2 via ge-0/0/3.0  By default… No load balancing.  By default… Junos selects one path.  > is the selected path.  Show route forwarding-table… rules! Copyright 2012 (c) www.zenithnetworks.com 77
  77. 77. root@Top-Router# set interface ge-0/0/3.0 metric 200 [edit protocols ospf area 0.0.0.0] root@Top-Router# show interface ge-0/0/1.0 { hello-interval 10; } interface ge-0/0/2.0 { hello-interval 10; } interface ge-0/0/3.0 { metric 200; hello-interval 10; } Copyright 2012 (c) www.zenithnetworks.com 78
  78. 78. “show ospf interface extensive”….NOTE INTERFACE COSTS….. ge-0/0/2.0 BDR 0.0.0.0 3.3.3.3 1.1.1.1 1 Type: LAN, Address: 172.16.33.1, Mask: 255.255.255.0, MTU: 1500, Cost: 1 DR addr: 172.16.33.2, BDR addr: 172.16.33.1, Priority: 128 Adj count: 1 Hello: 10, Dead: 40, ReXmit: 5, Not Stub Auth type: None Protection type: None Topology default (ID 0) -> Cost: 0 ge-0/0/3.0 BDR 0.0.0.0 3.3.3.3 1.1.1.1 1 Type: LAN, Address: 172.16.34.1, Mask: 255.255.255.0, MTU: 1500, Cost: 200 DR addr: 172.16.34.2, BDR addr: 172.16.34.1, Priority: 128 Adj count: 1 Hello: 10, Dead: 40, ReXmit: 5, Not Stub Auth type: None Protection type: None Topology default (ID 0) -> Cost: 0 Copyright 2012 (c) www.zenithnetworks.com 79
  79. 79. AFTER BUMPING THE METRIC ON INT GE-0/0/3 NOW WE ONLY SEE ONE PATH… THE BEST, NOW GE-0/0/2 root@Top-Router# run show route protocol ospf inet.0: 15 destinations, 16 routes (15 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 172.16.4.0/24 *[OSPF/10] 00:13:50, metric 2 > to 172.16.32.2 via ge-0/0/1.0 172.16.8.0/24 *[OSPF/10] 00:00:18, metric 2 > to 172.16.33.2 via ge-0/0/2.0 Copyright 2012 (c) www.zenithnetworks.com 80
  80. 80.  Advertise OSPF network…… but….  Do not attempt to form ospf adjacency on LAN.  We do not want to send hellos on ge-0/0/0….  Yet, we do want the network to be part of OSPF. Passive Interface Copyright 2012 (c) www.zenithnetworks.com 81
  81. 81. Now, we set and activate the passive option on TOP-Router LAN. root@Top-Router# set area 16 interface ge-0/0/0.0 passive [edit] root@Top-Router# commit configuration check succeeds commit complete Copyright 2012 (c) www.zenithnetworks.com 82
  82. 82. OSPF AUTHENTICATION: Top router for area 0 interfaces root@Top-Router# set interface ge-0/0/2.0 authentication md5 1 key password root@Top-Router# set interface ge-0/0/3.0 authentication md5 1 key password  MD5 or Simple  Key identifier for password transition  Specify new key start date / time Copyright 2012 (c) www.zenithnetworks.com 83
  83. 83. root@Top-Router# show interface ge-0/0/1.0 { hello-interval 10; } interface ge-0/0/2.0 { hello-interval 10; authentication { md5 1 key "$9$PfF/CA0Ihrp0-wgJHkp0B1RS"; ## SECRET-DATA } } interface ge-0/0/3.0 { hello-interval 10; authentication { md5 1 key "$9$bow4ZUDkPT3ik1hrv7Nik.mfz"; ## SECRET-DATA } } Copyright 2012 (c) www.zenithnetworks.com 84
  84. 84.  Normal Multi-Area OSPF  Stub Area  Totally Stubby Area  Not-So-Stubby Areas Copyright 2012 (c) www.zenithnetworks.com 85
  85. 85. Area 5 - Regular OSPF Area All OSPF LSA Types (1 router, 2 network, 3 summary, 4 asbr and 5 external) Copyright 2012 (c) www.zenithnetworks.com 86
  86. 86. Stub Area: Router, Network, Summary, maybe Default…. NO EXTERNAL TYPE 5 ROUTES!! All routers within stub area must have stub configuration!!! [edit protocols ospf] root@Router# set area 5 stub [edit protocols ospf] root@Router# show area 0.0.0.0 { interface ge-0/0/0.0; } area 0.0.0.5 { stub; interface ge-0/0/20.0; Copyright 2012 (c) www.zenithnetworks.com 87
  87. 87. Stub Area: Injecting default route…. Only on ABR…. into STUB area 5 [edit protocols ospf] root@Router# set area 5 stub default-metric 15 [edit protocols ospf] root@Router# show area 0.0.0.0 { interface ge-0/0/0.0; } area 0.0.0.5 { stub default-metric 15; interface ge-0/0/20.0; Copyright 2012 (c) www.zenithnetworks.com 88
  88. 88. Totally Stubby Area: Router, Network and maybe Summary Default. Only defined on ABR! [edit protocols ospf] root@Router# set area 5 stub no-summaries(only on abr) [edit protocols ospf] root@Router# show area 0.0.0.0 { interface ge-0/0/0.0; } area 0.0.0.5 { stub no-summaries; interface ge-0/0/20.0; Copyright 2012 (c) www.zenithnetworks.com 89
  89. 89. Totally Stubby Area: Injecting a default-route!... Only on ABR! [edit protocols ospf] root@Router# set area 5 stub default-metric 15 no-summaries [edit protocols ospf] root@Router# show area 0.0.0.0 { interface ge-0/0/0.0; } area 0.0.0.5 { stub default-metric 15 no-summaries; interface ge-0/0/20.0; Copyright 2012 (c) www.zenithnetworks.com 90
  90. 90. Not-So-Stubby Area: NSSA - Router, Network, Summary Default & Type 7 All routers within NSSA must have NSSA set! root@Router# set area 5 nssa [edit protocols ospf] root@Router# show area 0.0.0.0 { interface ge-0/0/0.0; } area 0.0.0.5 { nssa; interface ge-0/0/20.0; Copyright 2012 (c) www.zenithnetworks.com 91
  91. 91. Not-So-Stubby Area: Inject default-route on ABR! [edit protocols ospf] root@Router# set area 5 nssa default-lsa default-metric 30 [edit protocols ospf] root@Router# show area 0.0.0.0 { interface ge-0/0/0.0; } area 0.0.0.5 { nssa { default-lsa default-metric 30; } interface ge-0/0/20.0; root@Router# set area 5 nssa default-lsa default-metric 30 Copyright 2012 (c) www.zenithnetworks.com 92
  92. 92. Access to view the Slides……  http://www.zenithnetworks.com/education Copyright 2012 (c) www.zenithnetworks.com 93
  93. 93. Copyright 2012 (c) www.zenithnetworks.com 94
  94. 94. Introduction Copyright 2012 (c) www.zenithnetworks.com 96 Module 1
  95. 95. Copyright 2012 (c) www.zenithnetworks.com 97
  96. 96.  Border Gateway Protocol…. Primarily Internet based routing protocol  BGP Version 4  ISP to ISP….. Customer to ISP…. Or Customer to Multiple ISP’s!  Autonomous Systems… 16 bit ( 1 thru 65535 ) and 32 bit.. ( 1 – 4,294,967,295 ).  64512-65535 Private  Path Vector protocol…. Uses TCP port 179…Guaranteed BGP updates!  EBGP…External…. Routers from different AS’s  IBGP… Internal…… Routers within the same AS Copyright 2012 (c) www.zenithnetworks.com 98
  97. 97.  Policy based routing….. Inbound and Outbound routing policy.  BGP attributes associated with network prefix.  Attributes:  Origin…. AS Path….. Next Hop…..  Local Pref (outgoing)…. MED (inbound)….. Community..  Atomic Aggregate… Aggregator… Cluster List. Copyright 2012 (c) www.zenithnetworks.com 99
  98. 98. More about Attributes…  Origin……… Source of prefix ( i: IGP 0 (ospf – isis – static), E: EGP 1, ? Incomplete).  AS Path……. Collection of AS #’s… describe path to network…. Prevent loops.  Next Hop…... Verify BGP connectivity… direct connect or remote ip address.  Local Pref…. Determines path out of AS… higher pref is more preferred.. Def is 100.  MED……….. Influence path back into AS… when multiple direct paths to same ISP.  Community.. Tag routes for identification and hence further operations. Copyright 2012 (c) www.zenithnetworks.com 10 0
  99. 99.  EBGP: Peer to the IP Address of directly connected network.  IBGP: Best to peer to the IP Address of the loopback address.  No auto-neighbor discovery….. Manually define neighbor/peer.  Various TCP/BGP States… Idle, Connect, Active, Open Sent, Open Confirm, Established! Copyright 2012 (c) www.zenithnetworks.com 10 1
  100. 100. BGP Configuration Elements  Router-ID  Autonomous-System…. 1 – 4,294,967,295  BGP Protocol Group… “edit protocols bgp”  BGP type (internal / external)… ibgp – internal…. ebgp – external.  Remote AS… 1 – 4,294,967,295  Local Address.. Specify source ip address ( ibgp loop ).  IBGP: Peer to loopback address.  EBGP: Peer to remote ip address of directly connected interface.  Policy…. Control inbound / outbound routing. Copyright 2012 (c) www.zenithnetworks.com 10 2
  101. 101. End of BGP Overview…. Let’s start BGP configuration!! Copyright 2012 (c) www.zenithnetworks.com 10 3
  102. 102. Copyright 2012 (c) www.zenithnetworks.com 10 4
  103. 103. Goals:  Establish EBGP Session between ISP and Customer.  Peer on directly connected interfaces.  Customer AS…. 65500  ISPAS………….. 65530  Customer……... 192.168.1.2  ISP………………. 192.168.1.1 Copyright 2012 (c) www.zenithnetworks.com 10 5
  104. 104. Customer: 1: AS Number ( 32 bit / 4 byte value ) 2: Router ID ( Identifies router… source of BGP updates ) [edit] root@Customer# set routing-options autonomous-system 65500 root@Customer# set routing-options router-id 1.1.1.1 [edit] root@Customer# show routing-options } router-id 1.1.1.1; autonomous-system 65500; } Copyright 2012 (c) www.zenithnetworks.com 10 6
  105. 105. Customer: 1. Group…. 2. Type…. 3. Remote AS….. 4. Neighbor IPAddress. 1. root@Customer# edit protocols bgp group external-bgp (define bgp group) [edit protocols bgp group external-bgp] 2. root@Customer# set type external 3. root@Customer# set peer-as 65530 4. root@Customer# set neighbor 192.168.1.1 (neighbor ip address on common network) Copyright 2012 (c) www.zenithnetworks.com 10 7
  106. 106. Resulting EBGP Group Configuration: [edit protocols bgp] root@Customer# show group external-bgp { type external; peer-as 65530; neighbor 192.168.1.1; Copyright 2012 (c) www.zenithnetworks.com 10 8
  107. 107. ISP: Set AS Number and Router ID: [edit] root@ISP# set routing-options autonomous-system 65530 root@ISP# set routing-options router-id 2.2.2.2 [edit] root@ISP# show routing-options router-id 2.2.2.2; autonomous-system 65530; Copyright 2012 (c) www.zenithnetworks.com 10 9
  108. 108. root@ISP# edit protocols bgp group external-cust (define bgp group) [edit protocols bgp group external-cust] root@ISP# set type external root@ISP# set peer-as 65500 root@ISP# set neighbor 192.168.1.2 (directly connected neighbor) Copyright 2012 (c) www.zenithnetworks.com 11 0
  109. 109. [edit protocols bgp] root@ISP# show group external-cust { type external; peer-as 65500; neighbor 192.168.1.2; } Copyright 2012 (c) www.zenithnetworks.com 11 1
  110. 110. root@Customer# run show bgp neighbor Peer: 192.168.1.1+49449 AS 65530 Local: 192.168.1.2+179 AS 65500 Type: External State: Established Flags: <Sync> Last State: OpenConfirm Last Event: RecvKeepAlive Last Error: None Export: [ send-my-network ] Options: <Preference PeerAS Refresh> Holdtime: 90 Preference: 170 Number of flaps: 0 Peer ID: 2.2.2.2 Local ID: 1.1.1.1 Active Holdtime: 90 Keepalive Interval: 30 Peer index: 0 Copyright 2012 (c) www.zenithnetworks.com 11 2
  111. 111. root@ISP# run show bgp neighbor Peer: 192.168.1.2+179 AS 65500 Local: 192.168.1.1+49449 AS 65530 Type: External State: Established Flags: <Sync> Last State: OpenConfirm Last Event: RecvKeepAlive Last Error: None Options: <Preference PeerAS Refresh> Holdtime: 90 Preference: 170 Number of flaps: 0 Peer ID: 1.1.1.1 Local ID: 2.2.2.2 Active Holdtime: 90 Keepalive Interval: 30 Peer index: 0 Copyright 2012 (c) www.zenithnetworks.com 11 3
  112. 112. ON THE CUSTOMER ROUTER, LET’S VIEW OUR CURRENT BGP CONFIGURTION. We need to add an IBGP Group for the IBGP session!! root@Customer# show group external-bgp { type external; peer-as 65530; neighbor 192.168.1.1; } Copyright 2012 (c) www.zenithnetworks.com 11 4
  113. 113. IBGP: 1. Group, 2. Type, 3. Neighbor, 4. Local-Address (no need to define peer AS) 1. root@Customer# edit group internal-bgp [edit protocols bgp group internal-bgp] 2. root@Customer# set type internal 3. root@Customer# set neighbor 1.1.1.2 (loop ip address of right-router) 4. root@Customer# set local-address 1.1.1.1 (need to specify source ip address) •I do not need to specify remote-as… IBGP! •I did need to specify local-address…..Loopback peering! Copyright 2012 (c) www.zenithnetworks.com 11 5
  114. 114. root@Customer# show group external-bgp { type external; export send-my-network; peer-as 65530; neighbor 192.168.1.1; } group internal-bgp { type internal; *** setting for IBGP….. IBGP knows to use local as number.. 65500 *** neighbor 1.1.1.2; local-address 1.1.1.1; } Copyright 2012 (c) www.zenithnetworks.com 11 6
  115. 115. IGBP: Router-ID…. AS Number. root@Internal-Router# set routing-options router-id 1.1.1.2 root@Internal-Router# set routing-options autonomous-system 65500 root@Internal-Router# show routing-options router-id 1.1.1.2; autonomous-system 65500; Copyright 2012 (c) www.zenithnetworks.com 11 7
  116. 116. [edit protocols bgp] root@Internal-Router# edit group internal-bgp [edit protocols bgp group internal-bgp] root@Internal-Router# set type internal root@Internal-Router# set neighbor 1.1.1.1 (1.1.1.1 is neighbor loop and source ip address) root@Internal-Router# set local-address 1.1.1.2 (my loop and source.. Neighbor peers to this) Copyright 2012 (c) www.zenithnetworks.com 11 8
  117. 117. Resulting Configuration: root@Internal-Router# show group internal-bgp { type internal; neighbor 1.1.1.1; local-address 1.1.1.2; } Copyright 2012 (c) www.zenithnetworks.com 11 9
  118. 118. root@Internal-Router# run show bgp neighbor 1.1.1.1 Peer: 1.1.1.1+179 AS 65500 Local: 1.1.1.2+54588 AS 65500 Type: Internal State: Established Flags: <Sync> Last State: OpenConfirm Last Event: RecvKeepAlive Last Error: None Options: <Preference LocalAddress Refresh> Local Address: 1.1.1.2 Holdtime: 90 Preference: 170 Number of flaps: 0 Peer ID: 1.1.1.1 Local ID: 1.1.1.2 Active Holdtime: 90 Keepalive Interval: 30 Peer index: 0 Copyright 2012 (c) www.zenithnetworks.com 12 0
  119. 119. root@Customer# run show bgp neighbor 1.1.1.2 Peer: 1.1.1.2+54588 AS 65500 Local: 1.1.1.1+179 AS 65500 Type: Internal State: Established Flags: <Sync> Last State: OpenConfirm Last Event: RecvKeepAlive Last Error: None Options: <Preference LocalAddress Refresh> Local Address: 1.1.1.1 Holdtime: 90 Preference: 170 Number of flaps: 1 Last flap event: RecvNotify Error: 'Cease' Sent: 0 Recv: 1 Peer ID: 1.1.1.2 Local ID: 1.1.1.1 Active Holdtime: 90 Keepalive Interval: 30 Peer index: 0 Copyright 2012 (c) www.zenithnetworks.com 12 1
  120. 120. Copyright 2012 (c) www.zenithnetworks.com 12 2
  121. 121.  Advertise Our Customer Prefix  Define Local Preference  Set AS Path Prepend Copyright 2012 (c) www.zenithnetworks.com 12 3
  122. 122. Let’s advertise prefix from customer site. Copyright 2012 (c) www.zenithnetworks.com 12 4
  123. 123. 1. On the customer router…… Define Aggregate Route… routing-options { aggregate { route 172.16.0.0/16; } Copyright 2012 (c) www.zenithnetworks.com 12 5
  124. 124. 2. On the customer router…. Let’s define a policy! policy-options { policy-statement send-my-network { term my-net { from { protocol aggregate; route-filter 172.16.0.0/16 exact; } then accept; } } } Copyright 2012 (c) www.zenithnetworks.com 12 6
  125. 125. 3. On the customer router…. call previously defined policy… protocols { bgp { group external-bgp { type external; export send-my-network; peer-as 65530; neighbor 192.168.1.1; } Below: PRIOR DEFINED POLICY….. policy-options { policy-statement send-my-network { term my-net { from { protocol aggregate; route-filter 172.16.0.0/16 exact; } then accept; Copyright 2012 (c) www.zenithnetworks.com 12 7
  126. 126. root@Customer# run show route advertising-protocol bgp 192.168.1.1 inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden) Prefix Nexthop MED Lclpref AS path * 172.16.0.0/16 Self Copyright 2012 (c) www.zenithnetworks.com 12 8
  127. 127. root@ISP# run show route receive-protocol bgp 192.168.1.2 inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) Prefix Nexthop MED Lclpref AS path * 172.16.0.0/16 192.168.1.2 65500 Copyright 2012 (c) www.zenithnetworks.com 12 9
  128. 128. root@ISP> show route protocol bgp inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 172.16.0.0/16 *[BGP/170] 02:59:15, localpref 100 AS path: 65500 I > to 192.168.1.2 via ge-0/0/1.0 Copyright 2012 (c) www.zenithnetworks.com 13 0
  129. 129. root@ISP# run show route protocol bgp detail inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) 172.16.0.0/16 (1 entry, 1 announced) *BGP Preference: 170/-101 Next hop type: Router, Next hop index: 1324 Next-hop reference count: 2 Source: 192.168.1.2 Next hop: 192.168.1.2 via ge-0/0/1.0, selected State: <Active Ext> Local AS: 65530 Peer AS: 65500 Age: 3:00:47 Task: BGP_65500.192.168.1.2+179 Announcement bits (1): 0-KRT AS path: 65500 I Aggregator: 65500 1.1.1.1 Accepted Localpref: 100 Router ID: 1.1.1.1 Copyright 2012 (c) www.zenithnetworks.com 13 1
  130. 130. Let’s change the local-Preference!! Copyright 2012 (c) www.zenithnetworks.com 13 2
  131. 131.  Determines path out of your AS….. Multiple paths out!  Local-Pref is sent via IBGP to other IBGP peers.  Traffic will be sent via the outbound path with the highest Local-Pref.  Default local-pref is 100.  Set using policy or bgp-group configuration statement.  Used only within local AS…. Not sent to External bgp peers. Copyright 2012 (c) www.zenithnetworks.com 13 3 65530 ISP-1 65531 ISP-2 EBGP EBGP IBGP IBGP IBGP AS 65500 Local-Pref 200 Local-Pref 100 Router-A Router-B Router-C
  132. 132. Define Policy on ISP….. [edit policy-options policy-statement local-pref-from-cust] root@ISP# edit term cust-prefix [edit policy-options policy-statement local-pref-from-cust term cust-prefix] root@ISP# set from route-filter 172.16.0.0/16 exact root@ISP# set then local-preference 120 root@ISP# set then accept Copyright 2012 (c) www.zenithnetworks.com 13 4
  133. 133. Resulting Policy Config…… root@ISP# show policy-statement local-pref-from-cust { term cust-prefix { from { route-filter 172.16.0.0/16 exact; } then { local-preference 120; accept; } } } Copyright 2012 (c) www.zenithnetworks.com 13 5
  134. 134. Marry policy to BGP…… [edit protocols bgp group external-cust] root@ISP# set import local-pref-from-cust [edit protocols bgp] root@ISP# show group external-cust { type external; import local-pref-from-cust; peer-as 65500; neighbor 192.168.1.2; } Copyright 2012 (c) www.zenithnetworks.com 13 6
  135. 135. BGP ROUTING TABLE…. Before activating policy on ISP!! inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 172.16.0.0/16 *[BGP/170] 02:59:15, localpref 100 ****** AS path: 65500 I > to 192.168.1.2 via ge-0/0/1.0 Copyright 2012 (c) www.zenithnetworks.com 13 7
  136. 136. root@ISP# run show route protocol bgp inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 172.16.0.0/16 *[BGP/170] 03:20:05, localpref 120 ****** AS path: 65500 I > to 192.168.1.2 via ge-0/0/1.0 Copyright 2012 (c) www.zenithnetworks.com 13 8
  137. 137. Let’s look at AS-Path Attribute!!! Copyright 2012 (c) www.zenithnetworks.com 13 9
  138. 138.  Describes path of AS’s that a route/prefix has traversed.  As prefix is advertised via EBGP… AS is added (prepended) to AS list.  Loop Prevention…. If router rx BGP update and sees its AS… LOOP… Drop!  AS-Path Prepend…. Influence upstream peer to use a certain path back to source!  Use MED to influence directly connected peer, but AS-Path Prepend further out. Copyright 2012 (c) www.zenithnetworks.com 14 0 AS 65530 AS 65531 AS 65532 AS 65532 65530 65531 65530 65532 65531 65530
  139. 139.  Attempt to influence upstream peer (green) to use a certain path back into your AS!  YELLOW… AS 10… Prepend from AS10 to AS12 Peer.  Do not prepend from 10 to 11.  AS 13 might use return path to 10 via AS 11!! Copyright 2012 (c) www.zenithnetworks.com 14 1 AS 11 AS 12 AS 10 AS 13 10 10 1010 12 10 10 1011 10 AS Prepend
  140. 140. On the customer router, let’s setup as-path-prepend…… First, Let’s view the current customer BGP send info. root@Customer# run show route advertising-protocol bgp 192.168.1.1 inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden) Prefix Nexthop MED Lclpref AS path * 172.16.0.0/16 Self I Copyright 2012 (c) www.zenithnetworks.com 14 2
  141. 141. ISP BGP Receive…. Before AS-PATH Prepend is applied on Customer Router. root@ISP# run show route receive-protocol bgp 192.168.1.2 inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) Prefix Nexthop MED Lclpref AS path * 172.16.0.0/16 192.168.1.2 65500 I Copyright 2012 (c) www.zenithnetworks.com 14 3
  142. 142. On the customer router… setup as-path-prepend…… policy-statement send-my-network { term my-net { from { protocol aggregate; route-filter 172.16.0.0/16 exact; } then { as-path-prepend "65500 65500 65500"; accept; } } } Copyright 2012 (c) www.zenithnetworks.com 14 4
  143. 143. root@Customer# run show route advertising-protocol bgp 192.168.1.1 inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden) Prefix Nexthop MED Lclpref AS path * 172.16.0.0/16 Self 65500 65500 65500 [65500] I Copyright 2012 (c) www.zenithnetworks.com 14 5
  144. 144. root@ISP# run show route receive-protocol bgp 192.168.1.2 inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) Prefix Nexthop MED Lclpref AS path * 172.16.0.0/16 192.168.1.2 65500 65500 65500 65500 I Copyright 2012 (c) www.zenithnetworks.com 14 6
  145. 145. www.zenithnetworks.com *** info@zenithnetworks.com *** www.juniper.net *** junostraining@juniper.net *** *** extjumpstart-junos@juniper.net *** Copyright 2012 (c) www.zenithnetworks.com 14 7
  146. 146.  www.juniper.net/education  Multiple Tracks  Enterprise Routing and Switching  JNCIA-JUNOS, JNCIS-ENT, JNCIP-ENT, JNCIE-ENT  Service Provider Routing and Switching  JNCIA-JUNOS, JNCIS-SP, JNCIP-SP, JNCIE-SP  JUNOS Security  JNCIA-JUNOS, JNCIS-SEC, JNCIP-SEC, JNCIE-SEC 14 8 Copyright 2012 (c) ZenithNetworks, Inc. www.zenithnetworks.com
  147. 147. Access to view the Slides……  http://www.zenithnetworks.com/education Copyright 2012 (c) www.zenithnetworks.com 14 9

×