copyright © 2005 juniper networks, inc. proprietary and confidential 4-1 operating juniper networks...
TRANSCRIPT
Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
4-1
Operating Juniper Networks Routers in the Enterprise
Chapter 6: Routing Protocols and Policy
Copyright © 2007 Juniper Networks, Inc. 6-2Education Services
Chapter Objectives
After successfully completing this chapter, you will be able to: •Describe routing tables and route preferences•Describe the role of JUNOS software routing policy•Describe J-Web support for routing protocols and
policy•Configure and monitor static routes•Explain the role of IGPs•Configure and monitor RIP•Configure and monitor OSPF
Copyright © 2007 Juniper Networks, Inc. 6-3Education Services
Agenda:Routing Protocols and PolicyRouting Table and Route Preferences Routing Policy J-Web Support for Routing Protocols and
Policy Configuring and Monitoring Static Routing Interior Gateway Protocols Configuring and Monitoring RIP Configuring and Monitoring OSPF
Copyright © 2007 Juniper Networks, Inc. 6-4Education Services
The Routing Table
Compiles information learned from routing protocols and other routing information sources
Selects an active route to each destination Populates forwarding table Juniper Networks routers maintain multiple routing
tables• inet.0 for IPv4 unicast routing•Others are outside the scope of this course
Direct
RoutingTable
Forwarding
Table
RoutingProtocol
DatabasesOther Routing
Information
Sources
Static
OSPF
Copyright © 2007 Juniper Networks, Inc. 6-5Education Services
Route Preference
Ranks routes received from different sources Primary criterion for selecting the active
route Ranges from 0 to 4,294,967,295, with lower
value preferredRoute Preference Values
Routing Information Source Default Preference
Direct 0Local 0Static 5OSPF internal 10RIP 100Aggregate 130OSPF AS external 150BGP (both EBGP and IBGP) 170
Copyright © 2007 Juniper Networks, Inc. 6-7Education Services
Agenda:Routing Protocols and Policy
Routing Table and Route PreferencesRouting Policy J-Web Support for Routing Protocols and
Policy Configuring and Monitoring Static Routing Interior Gateway Protocols Configuring and Monitoring RIP Configuring and Monitoring OSPF
Copyright © 2007 Juniper Networks, Inc. 6-8Education Services
Routing Policy Overview
Controls routing information transferred into and out of the routing table•Can ignore or change incoming routing information •Can suppress or change outgoing routing information
Policies are made up of match/action pairs •Match conditions can be protocol specific
Apply policy when:•You do not want to import all learned routes into the
routing table•You do not want to advertise all learned routes to
neighboring routers•You want one protocol to receive routes from another
protocol•You want to modify information associated with a
route
Copyright © 2007 Juniper Networks, Inc. 6-10Education Services
Import and Export Policies
Perform policy filtering with respect to the JUNOS software routing table•JUNOS software applies import policy prior to
inclusion in the routing table•JUNOS software applies export policy only to
active routes in the routing table
Neighbors
Protocol
RoutingTable
ForwardingTable
Neighbors
Protocol
ImportRoutes Routes
PFE
Export
Copyright © 2007 Juniper Networks, Inc. 6-11Education Services
Routing Policy Flow
Policies can be chained together•Evaluation proceeds left to right until a terminating
action of accept or reject is reached Individual policies can contain a collection of terms
•Flow-control actions such as next-policy supported
RouteRoute
Term ATerm AAccept
or Reject
Term BTerm B
Term CTerm C
Acceptor Reject
Acceptor Reject
Policy 1
Term ATerm AAccept
or Reject
Term BTerm B
Term CTerm C
Acceptor Reject
Acceptor Reject
Policy 2
Term ATerm AAccept
or Reject
DefaultPolicy
DefaultPolicy
Policy n
Accept
Reject
Copyright © 2007 Juniper Networks, Inc. 6-13Education Services
IGP Default Policies
Protocols are associated with a default policy OSPF:
•Import: Accept all LSAs flooded by that protocol•Export: Reject everything
• LSA flooding announces OSPF-learned and local routes
RIP:•Import: Accept all learned RIP routes, export
nothing•Export: Reject everything
• RIP requires export policy to announce RIP (or other) routes
Copyright © 2007 Juniper Networks, Inc. 6-15Education Services
Agenda:Routing Protocols and Policy Routing Table and Route Preferences Routing PolicyJ-Web Support for Routing Protocols and
Policy Configuring and Monitoring Static Routing Interior Gateway Protocols Configuring and Monitoring RIP Configuring and Monitoring OSPF
Copyright © 2007 Juniper Networks, Inc. 6-16Education Services
J-Web and Routing Protocols (1 of 2)
J-Web routing protocol wizards found at Configuration > Quick Configuration > Routing and Protocols•Quickly establish basic connectivity for:
• Static, RIP, OSPF, and BGP routing
Copyright © 2007 Juniper Networks, Inc. 6-17Education Services
J-Web and Routing Protocols (2 of 2) Use J-Web configuration editor (or the CLI) to:
•Tweak OSPF default route origination, summarization, authentication, etc.•Create
and apply routing policy
Copyright © 2007 Juniper Networks, Inc. 6-18Education Services
Monitoring Routing with J-Web Use J-Web to monitor routing at the Monitor >
Routing page
Displays protocol-specific
information
Displays the
routing table
Copyright © 2007 Juniper Networks, Inc. 6-19Education Services
Sample J-Web Route Table Display
Table name and
summary
Route table contents
Filter display
using these fields
Copyright © 2007 Juniper Networks, Inc. 6-20Education Services
Agenda:Routing Protocols and Policy Routing Table and Route Preferences Routing Policy J-Web Support for Routing Protocols and
PolicyConfiguring and Monitoring Static Routing Interior Gateway Protocols Configuring and Monitoring RIP Configuring and Monitoring OSPF
Copyright © 2007 Juniper Networks, Inc. 6-21Education Services
Static Routing
Static routing is often used when single-homed to a service provider•Static default route directs external traffic to the
service provider
user@host> show route protocol static
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both
0.0.0.0/0 *[Static/5] 00:00:15 > via se-0/0/2.0
A default routeNext-hop interface/IP
address
Route source/global preference
Service Provider
Access Routerse-0/0/2
192.168.0/30.1 .2
Static Routing
Copyright © 2007 Juniper Networks, Inc. 6-23Education Services
Use static routing to provide connectivity among all WAN, LAN, and loopback addresses
Static Routing Case Study
WintermuteLondonlo0: 192.168.36.1
se-1/0/1.2 fe-0/0/1.1
fe-0/0/1
.2
se-1/0/0.1
HARLIETokyolo0: 192.168.24.1
10.222.2.0/30
10.222.1.0/30 10.222.3.0/30
(DCE) (DTE)
Copyright © 2007 Juniper Networks, Inc. 6-24Education Services
Default Route Configuration
Access the J-Web static routing wizard at the Configuration > Quick Configuration > Routing and Protocols page•Create a default route on London
Create a default route by
identifying the next-hop IP
address
Copyright © 2007 Juniper Networks, Inc. 6-25Education Services
Static Route Configuration
Static route definitions at Tokyo •Provides reachability to London’s loopback address
and 10.222.3.0/30 network
Copyright © 2007 Juniper Networks, Inc. 6-26Education Services
Confirming Static Routing
Use J-Web or the CLI to display the routing table and to confirm reachability
Both static routes are active at Tokyo
Test traffic sourced from the LAN interface
to confirm end-to-end routing
WintermuteLondonlo0: 192.168.36.1
se-1/0/1.2 fe-0/0/1.1
fe-0/0/1
.2
se-1/0/0.1
HARLIETokyolo0: 192.168.24.1
10.222.2.0/30
10.222.1.0/30 10.222.3.0/30
(DCE) (DTE)
lab@Tokyo> show route protocol static
inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both
10.222.3.0/30 *[Static/5] 00:01:54 > to 10.222.2.2 via se-1/0/0.0192.168.36.1/32 *[Static/5] 00:03:09 > to 10.222.2.2 via se-1/0/0.0
lab@Tokyo> ping source 10.222.1.2 10.222.3.1 count 2PING 10.222.3.1 (10.222.3.1): 56 data bytes64 bytes from 10.222.3.1: icmp_seq=0 ttl=255 time=85.853 ms64 bytes from 10.222.3.1: icmp_seq=1 ttl=255 time=10.049 ms
--- 10.222.3.1 ping statistics ---2 packets transmitted, 2 packets received, 0% packet lossround-trip min/avg/max/stddev = 10.049/47.951/85.853/37.902 ms
Copyright © 2007 Juniper Networks, Inc. 6-27Education Services
Lab 4—Parts 1–3: Static Routing
Configure and monitor static routing. •Note: This lab and future labs require each team
to use the Sydney router, which is logically segmented into several virtual routers. Each student router connects to a virtual router in the form of xx-VR, where xx is a two letter abbreviation for the directly connected student router. Please keep in mind that the command syntax is slightly different when working with a virtual router. Following are some examples:ping routing-instance LO-VR
show route table LO-VR
traceroute routing-instance LO-VR
Copyright © 2007 Juniper Networks, Inc. 6-28Education Services
Agenda:Routing Protocols and Policy Routing Table and Route Preferences Routing Policy J-Web Support for Routing Protocols and
Policy Configuring and Monitoring Static RoutingInterior Gateway Protocols Configuring and Monitoring RIP Configuring and Monitoring OSPF
Copyright © 2007 Juniper Networks, Inc. 6-29Education Services
Interior Gateway Protocol Overview
IGPs provide internal reachability•Promote connectivity but lack administrative
controls needed to enforce routing policy Normally, link-state routing (OSPF) is deployed
•Optimal convergence and bandwidth usage based on reliable flooding of link-state updates • Builds a replicated network topology database at all
stations within an OSPF area or IS-IS level and uses SPF to find optimal paths
•RIP and static routing are also common
Router A Router B
lo0: 192.168.255.2/32
Router C
lo0: 192.168.255.1/32
lo0: 192.168.255.3/32
Adjacencies
Router A can reach
192.168.255.1, cost 0
Flooded LSAs build link-state database
Copyright © 2007 Juniper Networks, Inc. 6-31Education Services
Agenda:Routing Protocols and Policy Routing Table and Route Preferences Routing Policy J-Web Support for Routing Protocols and
Policy Configuring and Monitoring Static Routing Interior Gateway ProtocolsConfiguring and Monitoring RIP Configuring and Monitoring OSPF
Copyright © 2007 Juniper Networks, Inc. 6-32Education Services
What Is RIP?
RIP is an IGP that is used within an AS Two versions:
•RIPv1 (RFC 1058)•RIPv2 (RFC 2453)
Primary characteristics:•Distance-vector routing protocol; prone to loops
and slow convergence• Split horizon and poison reverse for loop prevention
•Hop count is used as the metric for path selection, based on Bellman-Ford distance-vector routing algorithm
•Routing updates sent every 30 seconds
Copyright © 2007 Juniper Networks, Inc. 6-34Education Services
RIP V2 Update: 10.222.1.0/30,
cost 1 192.168.24.1/32,
cost 1
RIP Message Types
Two message types:•Request message
• Asks neighbors to send routes•Response message
• Carries route updates• Advertises up to 25 routes per update
Router decides how to handle routes in update•Add, modify, or delete
WintermuteLondonlo0: 192.168.36.1
se-1/0/1.2 fe-0/0/1.1
fe-0/0/1
.2
se-1/0/0.1
HARLIETokyolo0: 192.168.24.1
10.222.2.0/30
10.222.1.0/30 10.222.3.0/30
(DCE) (DTE)
Copyright © 2007 Juniper Networks, Inc. 6-36Education Services
RIPv2 Features
Backward compatible with RIPv1 Update includes prefix length to support VLSM Authentication on a per-message basis
•Simple password or MD5 authentication Updates sent to multicast address 224.0.0.9
•You can configure broadcast-based updates
192.168.1.128/26
192.168.1.192/26
192.168.1.0/30
192.168.1.4/30
The 192.168.1.0 prefix is subnetted
with a variable-length
netmaskRIP V2 updates
include the netmask in
updates to support VLSM
Update: 192.168.1.192/26,
Cost 1
Copyright © 2007 Juniper Networks, Inc. 6-38Education Services
RIP Limitations
Limitations:•Maximum network diameter = 15 hops•Regular updates include entire routing table
approximately every 30 seconds•Poison reverse increases size of routing updates•Count to infinity slows route-loop prevention•Metrics reflect hop count only•Broadcasts between neighbors (RIPv1 only)•Classful routing means no prefix length carried in
route updates (RIPv1 only)•No authentication mechanism exists (RIPv1 only)•Has poor convergence
Copyright © 2007 Juniper Networks, Inc. 6-40Education Services
Use RIPv2 to provide connectivity among all WAN, LAN, and loopback addresses
RIP Case Study
WintermuteLondonlo0: 192.168.36.1
se-1/0/1.2 fe-0/0/1.1
fe-0/0/1
.2
se-1/0/0.1
HARLIETokyolo0: 192.168.24.1
10.222.2.0/30
10.222.1.0/30 10.222.3.0/30
(DCE) (DTE)
Copyright © 2007 Juniper Networks, Inc. 6-41Education Services
Configuring RIP: J-Web Use the J-Web Configuration > Quick
Configuration > Routing and Protocols > RIP Routing wizard•Automatically creates export policy to advertise RIP-
enabled interface and learned RIP routes
RIP is enabled
RIP is enabled on LAN, WAN, and loopback interfaces
Copyright © 2007 Juniper Networks, Inc. 6-42Education Services
lab@London# show protocols rip group jweb-rip { export [ jweb-policy-rip jweb-policy-direct ]; neighbor fe-0/0/1.0; neighbor lo0.0; neighbor se-1/0/1.0;}
[edit]lab@London# show policy-options policy-statement jweb-policy-rip { from protocol rip; then accept;}policy-statement jweb-policy-direct { from { protocol direct; interface [ fe-0/0/1.0 lo0.0 se-1/0/1.0 ]; } then accept;}
The Resulting RIP Configuration
Two export policies are in
effect
Export policies override default
behavior by advertising RIP interfaces and
learned RIP routes
Copyright © 2007 Juniper Networks, Inc. 6-43Education Services
Monitoring RIP: J-Web
Use the J-Web Monitor > Routing > RIP Information page to monitor general RIP operation
Two routes learned via RIP
RIP interface paramete
rs
Copyright © 2007 Juniper Networks, Inc. 6-44Education Services
Monitoring RIP Using the CLI (1 of 3)
Show the state of your RIP interfaces using the show rip neighbor command
lab@London> show rip neighbor Source Destination Send Receive InNeighbor State Address Address Mode Mode Met -------- ----- ------- ----------- ---- ------- --- se-1/0/1.0 Up 10.222.2.2 224.0.0.9 mcast both 1lo0.0 Up 192.168.36.1 224.0.0.9 mcast both 1fe-0/0/1.0 Up 10.222.3.1 224.0.0.9 mcast both 1
Show routes learned via RIP using the show route protocol rip command
lab@London> show route protocol rip
inet.0: 10 destinations, 10 routes (10 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both
10.222.1.0/30 *[RIP/100] 00:21:16, metric 2, tag 0 > to 10.222.2.1 via se-1/0/1.0192.168.24.1/32 *[RIP/100] 00:21:16, metric 2, tag 0 > to 10.222.2.1 via se-1/0/1.0224.0.0.9/32 *[RIP/100] 00:21:22, metric 1 MultiRecv
Copyright © 2007 Juniper Networks, Inc. 6-45Education Services
Monitoring RIP Using the CLI (2 of 3)
Display RIP routes advertised out an interface using the show route advertising-protocol rip neighbor command•neighbor is the IP address of local RIP interface
lab@London> show route advertising-protocol rip 10.222.2.2
inet.0: 10 destinations, 10 routes (10 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.222.3.0/30 *[Direct/0] 01:19:23 > via fe-0/0/1.0192.168.36.1/32 *[Direct/0] 01:19:23 > via lo0.0
Advertisement of the LAN and loopback addresses owned by London are confirmed on
London’s se-1/0/1 interface
Copyright © 2007 Juniper Networks, Inc. 6-46Education Services
Monitoring RIP Using the CLI (3 of 3)
Display RIP routes received on a particular interface using the show route receive-protocol rip neighbor command•neighbor is the IP address of remote RIP neighbor
lab@London> show route receive-protocol rip 10.222.2.1
inet.0: 10 destinations, 10 routes (10 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.222.1.0/30 *[RIP/100] 00:27:04, metric 2, tag 0 > to 10.222.2.1 via se-1/0/1.0192.168.24.1/32 *[RIP/100] 00:27:04, metric 2, tag 0 > to 10.222.2.1 via se-1/0/1.0
RIP advertisements for the LAN and loopback addresses owned by Tokyo are confirmed on London’s
se-1/0/1 interface
Copyright © 2007 Juniper Networks, Inc. 6-47Education Services
Lab 4—Parts 4–5: RIP
Configure and monitor RIP version 2.
Copyright © 2007 Juniper Networks, Inc. 6-48Education Services
Agenda:Routing Protocols and Policy Routing Table and Route Preferences Routing Policy J-Web Support for Routing Protocols and
Policy Configuring and Monitoring Static Routing Interior Gateway Protocols Configuring and Monitoring RIPConfiguring and Monitoring OSPF
Copyright © 2007 Juniper Networks, Inc. 6-49Education Services
OSPF Protocol Overview OSPF is a link-state routing protocol OSPF reliably floods LSAs to distribute link-state
information once an adjacency is formed Each router uses these LSAs to create a
complete database for the network OSPF uses the SPF algorithm within the
database to calculate the best route to every node in the network
JUNOS software support for OSPF includes:•RFC 1587, The OSPF NSSA Option •RFC 2328, OSPF Version 2 •RFC 2740, OSPF for IPv6 •draft-katz-yeung-ospf-traffic-01.txt, Traffic Engineering
Extensions to OSPF •draft-ietf-katz-ward-bfd-00.txt, Bidirectional
Forwarding Detection
Copyright © 2007 Juniper Networks, Inc. 6-51Education Services
OSPF Router Terminology
Internal router has all OSPF links in the same area•Within Area 0, also called a backbone router
Backbone router•Any router with a link to Area 0
ABRs•Routers that belong to more than one area are
called area border routers•Connect OSPF areas to the backbone Area 0
ASBRs•Routers that inject routing information from outside
the OSPF domain are called AS boundary routers
Copyright © 2007 Juniper Networks, Inc. 6-52Education Services
The Designated Router
OSPF elects a DR to represent a broadcast segment•Significantly reduces OSPF traffic on segment•A backup DR is also elected to recover for DR failures
• DROther stations form adjacencies to the DR and BDR only
BDR DR
Adjacencies DROtherDROtherDROther
Copyright © 2007 Juniper Networks, Inc. 6-53Education Services
OSPF Neighbors Versus Adjacencies
DRDROther
DROther
Adjacent
2-way
2-way state to DROther routers is normal
user@host> show ospf neighbor extensive Address Intf State ID Pri Dead172.16.30.254 fe-0/0/0.0 Full 10.250.240.8 128 30 area 0.0.0.5, opt 0x42, DR 172.16.30.254, BDR 172.16.30.253 Up 00:10:50, adjacent 00:10:50
172.16.30.253 fe-0/0/0.0 Full 10.250.240.35 128 30 area 0.0.0.5, opt 0x42, DR 172.16.30.254, BDR 172.16.30.253 Up 00:10:50, adjacent 00:10:52
172.16.30.252 fe-0/0/0.0 2Way 10.250.240.32 64 38 area 0.0.0.5, opt 0x42, DR 172.16.30.254, BDR 172.16.30.253 Up 00:08:10
Copyright © 2007 Juniper Networks, Inc. 6-54Education Services
OSPF Areas (1 of 2)
Areas: •Single AS can be divided into smaller groups called areas•Areas reduce the link-state database because LSA
flooding is now constrained to the area•Routers maintain a separate link-state database on a
per-area basis•Each link-state database within an area must still be
identical on all routers
Backbone(Area 0)
Backbone(Area 0)
Area 1 Area 2
Copyright © 2007 Juniper Networks, Inc. 6-55Education Services
OSPF Areas (2 of 2)
Special OSPF area called the backbone area •Backbone area (0.0.0.0) distributes routing
information between areas•All other OSPF areas must connect to the
backbone area•All user traffic from one area to another must
traverse the backbone
Backbone(Area 0)
Backbone(Area 0)
Area 1 Area 2
Copyright © 2007 Juniper Networks, Inc. 6-56Education Services
OSPF Area Relationships
Backbone
Area 1
Area 3Area 2
(0.0.0.0)
RIP
BGPExternal Routes
Interarea Routes(Summary Routes)
Intra-Area Routes
Copyright © 2007 Juniper Networks, Inc. 6-57Education Services
OSPF Area Types
Stub areas•Do not carry external routes•Cannot contain ASBRs
Totally stubby areas•Stub areas that only receive the default route
from the backbone Not-so-stubby areas
•Allow external routes to be advertised from the area but not received from another area
Copyright © 2007 Juniper Networks, Inc. 6-59Education Services
OSPF Area Types
Backbone
Stub Area
(0.0.0.0)
RIP
BGPExternal Routes
Interarea Routes(Summary Routes) Default Route
Totally Stubby Area
Not-So-StubbyArea
Intra-Area Routes
Copyright © 2007 Juniper Networks, Inc. 6-60Education Services
OSPF LSA Types
NSSA
NSSA External LinksType 7
Used by NSSAa to import external routes into a stub area.
ASBR
External LinksType 5
Originated by an ASBR.Describe destinations external to the AS or a default route to the outside AS.
DR
Network LinksType 2
Originated for multi-access segments with more than one attached router. Describe all routers attached to the specific segment. Originated by a designated router (discussed later).
Router LinksType 1
Describe the state and cost of the router’s links (interfaces) to the area (intra-area).
Summary LinksTypes 3 and 4
Originated by ABRs only.Describe networks in the AS but outside of area (interarea).Also describe the location of the ASBR.
ABR
ASBR
Copyright © 2007 Juniper Networks, Inc. 6-61Education Services
Use a single OSPF area to provide connectivity among all WAN, LAN, and loopback addresses
OSPF Case Study (Single-Area)
OSPF Area 0
WintermuteLondonlo0: 192.168.36.1
se-1/0/1.2 fe-0/0/1.1
fe-0/0/1
.2
se-1/0/0.1
HARLIETokyolo0: 192.168.24.1
10.222.2.0/30
10.222.1.0/30 10.222.3.0/30
(DCE) (DTE)
Copyright © 2007 Juniper Networks, Inc. 6-62Education Services
Configuring OSPF: J-Web
Use the J-Web OSPF wizard at the Configuration > Quick Configuration > Routing and Protocols page•Configuration goal: A single-area OSPF network using the
sample topology
OSPF process enabled
OSPF enabled on LAN, WAN, and
loopback interfaces
Defaults to lo0
address
Area number and type
Copyright © 2007 Juniper Networks, Inc. 6-63Education Services
The Resulting OSPF Configuration
Default OSPF import and export policies are in effect•Explicit declaration of lo0-based RID requires that
OSPF run on loopback interface• Otherwise, the loopback route will not be advertised
Required because of explicit RID; can be
set to passive
[edit]lab@London# show routing-options router-id 192.168.36.1;
[edit]lab@London# show protocols ospf area 0.0.0.0 { interface fe-0/0/1.0; interface se-1/0/1.0; interface lo0.0;}
Copyright © 2007 Juniper Networks, Inc. 6-64Education Services
Monitoring OSPF: J-Web (1 of 2)
Use the J-Web Monitor > Routing > OSPF Information page to monitor general OSPF operation
OSPF neighbor and interface
status
OSPF protocol statistics
Copyright © 2007 Juniper Networks, Inc. 6-65Education Services
Monitoring OSPF: J-Web (2 of 2)
Use the J-Web Monitor > Routing > Route Information page to monitor OSPF routing information
Current OSPF routes
Filter matches
OSPF routes only
Copyright © 2007 Juniper Networks, Inc. 6-66Education Services
Monitoring OSPF Using the CLI (1 of 5)
Use the show ospf route command to display routes learned and advertised into OSPF• Includes routes for interfaces running OSPF
lab@London> show ospf route ?Possible completions: <[Enter]> Execute this command abr Display OSPF routes to area border routers asbr Display OSPF routes to AS border routers detail Display detailed output extern Display external OSPF routes instance Name of OSPF instance inter Display interarea OSPF routes intra Display intraarea OSPF routes | Pipe through a commandlab@London> show ospf route detail Prefix Path Route NH Metric NextHop Nexthop Type Type Type Interface addr/label192.168.24.1 Intra Router IP 12 se-1/0/1.0 area 0.0.0.0, origin 192.168.24.1 optional-capability 0x0,10.222.1.0/24 Intra Network IP 13 se-1/0/1.0 area 0.0.0.0, origin 192.168.24.1. . .
Use switches to filter by OSPF route (LSA)
type
Copyright © 2007 Juniper Networks, Inc. 6-68Education Services
DR/BDR not elected on point-
to-point links An OSPF neighbor was detected
Monitoring OSPF Using the CLI (2 of 5)
Use the show ospf interface command to display the OSPF interface parameters•Add the detail or extensive switch for additional
information
lab@London> show ospf interface Interface State Area DR ID BDR ID Nbrsfe-0/0/1.0 DR 0.0.0.0 192.168.36.1 0.0.0.0 0lo0.0 DR 0.0.0.0 192.168.36.1 0.0.0.0 0se-1/0/1.0 PtToPt 0.0.0.0 0.0.0.0 0.0.0.0 1
Copyright © 2007 Juniper Networks, Inc. 6-70Education Services
Monitoring OSPF Using the CLI (3 of 5)
Use the show ospf neighbor command to display adjacency information
lab@London> show ospf neighbor Address Interface State ID Pri Dead10.222.2.1 se-1/0/1.0 Full 192.168.24.1 128 38
•Clear adjacencies with the clear ospf neighbor command
lab@London> clear ospf neighbor
lab@London> show ospf neighbor Address Interface State ID Pri Dead10.222.2.1 se-1/0/1.0 ExStart 192.168.24.1 128 38
Copyright © 2007 Juniper Networks, Inc. 6-72Education Services
Monitoring OSPF Using the CLI (4 of 5)
Use the show ospf database command to display entries in the link-state database•Filter the display by LSA type•Use the detail or extensive switches for added
informationlab@London> show ospf database ?Possible completions: <[Enter]> Execute this command advertising-router Router ID of advertising router area OSPF area ID asbrsummary Show summary AS boundary router link-state database brief Display brief output (default) detail Display detailed output extensive Display extensive output extern Show external link-state database . . .
lab@London> show ospf database
OSPF link state database, area 0.0.0.0 Type ID Adv Rtr Seq Age Opt Cksum Len Router 192.168.24.1 192.168.24.1 0x80000005 1375 0x2 0xce62 72Router *192.168.36.1 192.168.36.1 0x80000006 1386 0x2 0x9b79 72
Self-originated LSAs marked with *
Copyright © 2007 Juniper Networks, Inc. 6-74Education Services
Use the clear ospf database command to clear the link-state database•Normally, existing LSAs are simply reflooded over
existing adjacencies•OSPF supports a purge option that forces the
refreshing of all LSAs
lab@London> clear ospf database purge
lab@London> show ospf database
OSPF link state database, area 0.0.0.0 Type ID Adv Rtr Seq Age Opt Cksum Len Router 192.168.24.1 192.168.24.1 0x80000008 3600 0x2 0xc865 72Router *192.168.36.1 192.168.36.1 0x8000000a 0 0x2 0x937d 72
Monitoring OSPF Using the CLI (5 of 5)
The purge switch forces all LSAs to the maximum age; the originating router will
refresh the LSA if it is still valid
Copyright © 2007 Juniper Networks, Inc. 6-75Education Services
Lab 4–Part 6: OSPF Single Area
Configure and monitor single-area OSPF.
Copyright © 2007 Juniper Networks, Inc. 6-76Education Services
Use multiple OSPF areas to provide connectivity among all WAN, LAN, and loopback addresses•Authenticate OSPF exchanges between neighbors
OSPF Case Study (Multiarea)
OSPF Area 0
WintermuteLondonlo0: 192.168.36.1
se-1/0/1.2 fe-0/0/1.1
fe-0/0/1
.2
se-1/0/0.1
HARLIETokyolo0: 192.168.24.1
10.222.2.0/30
10.222.1.0/30 10.222.3.0/30
(DCE) (DTE)
OSPF Area 1 OSPF Area 2
Copyright © 2007 Juniper Networks, Inc. 6-77Education Services
[edit]lab@London# show routing-options router-id 192.168.36.1;
[edit]lab@London# show protocols ospf area 0.0.0.0 { authentication-type md5; interface lo0.0; interface se-1/0/1.0 { authentication { md5 1 key "$9$vW7M7Vg4ZjkPJG"; ## SECRET-DATA } }}area 0.0.0.2 { authentication-type md5; interface fe-0/0/1.0 { authentication { md5 1 key "$9$5T6AB1hrK8Ec"; ## SECRET-DATA } }}
Multiarea OSPF Configuration
Required because of explicit RID; can be set to
passiveArea and interface
configuration
Authentication parameters
Copyright © 2007 Juniper Networks, Inc. 6-78Education Services
Use the show ospf interface command to display the OSPF interface parameters•Add the detail or extensive switch for additional
information
lab@London> show ospf interface Interface State Area DR ID BDR ID Nbrslo0.0 DR 0.0.0.0 192.168.36.1 0.0.0.0 0se-1/0/1.0 PtToPt 0.0.0.0 0.0.0.0 0.0.0.0 1fe-0/0/1.0 DR 0.0.0.2 192.168.36.1 192.168.32.1 1
Monitoring Multiarea OSPF (1 of 2)
Multiple OSPF areas indicates router’s role as
ABR
OSPF neighbors detected
Copyright © 2007 Juniper Networks, Inc. 6-79Education Services
lab@London> show ospf database
OSPF link state database, Area 0.0.0.0 Type ID Adv Rtr Seq Age Opt Cksum Len Router 192.168.24.1 192.168.24.1 0x80000012 3 0x22 0xb953 60Router *192.168.36.1 192.168.36.1 0x80000015 2 0x22 0x16ce 60Summary 10.222.1.0 192.168.24.1 0x80000008 3 0x22 0xb813 28Summary *10.222.3.0 192.168.36.1 0x80000009 2 0x22 0x4c70 28Summary *192.168.32.1 192.168.36.1 0x80000008 2 0x22 0x59c2 28
OSPF link state database, Area 0.0.0.2 Type ID Adv Rtr Seq Age Opt Cksum Len Router 192.168.32.1 192.168.32.1 0x80000011 3 0x22 0xe5b2 48Router *192.168.36.1 192.168.36.1 0x8000000c 2 0x22 0xf837 36Network *10.222.3.1 192.168.36.1 0x80000007 2 0x22 0xc96 32Summary *10.222.1.0 192.168.36.1 0x80000008 2 0x22 0xdcd6 28Summary *10.222.2.0 192.168.36.1 0x80000009 2 0x22 0xc5ec 28Summary *192.168.24.1 192.168.36.1 0x80000008 2 0x22 0x20f8 28Summary *192.168.36.1 192.168.36.1 0x80000009 2 0x22 0x21f6 28
Monitoring Multiarea OSPF (2 of 2)
Use the show ospf database command to display entries in the link-state database for all areas
Copyright © 2007 Juniper Networks, Inc. 6-80Education Services
Summarize link advertisements on ABR•Summarize the 172.18.12.x/30 routes
from Amsterdam into Area 0 on London
OSPF Case Study (Summarization)
OSPF Area 0
WintermuteLondonlo0: 192.168.36.1
se-1/0/1.2
fe-0/0/1se-1/0/0.1
HARLIETokyolo0: 192.168.24.1
10.222.2.0/3010.222.3.0/30
(DCE) (DTE)
OSPF Area 2
Amsterdam.1 .2
fe-0/0/1
fe-2/0/0
172.18.12.0/30
172.18.12.4/30
172.18.12.8/30
172.18.12.12/30
lo0: 192.168.32.1
Copyright © 2007 Juniper Networks, Inc. 6-81Education Services
lab@London> show ospf database
OSPF link state database, Area 0.0.0.0 Type ID Adv Rtr Seq Age Opt Cksum Len Router 192.168.24.1 192.168.24.1 0x80000012 1281 0x22 0xb953 60Router *192.168.36.1 192.168.36.1 0x80000016 837 0x22 0x14cf 60Summary 10.222.1.0 192.168.24.1 0x80000008 1281 0x22 0xb813 28Summary *10.222.3.0 192.168.36.1 0x8000000a 552 0x22 0x4a71 28Summary *172.18.12.0 192.168.36.1 0x80000001 4 0x22 0x5a8a 28Summary *172.18.12.4 192.168.36.1 0x80000001 4 0x22 0x32ae 28Summary *172.18.12.8 192.168.36.1 0x80000001 4 0x22 0xad2 28Summary *172.18.12.12 192.168.36.1 0x80000001 4 0x22 0xe1f6 28Summary *192.168.32.1 192.168.36.1 0x80000009 537 0x22 0x57c3 28
OSPF link state database, Area 0.0.0.2 Type ID Adv Rtr Seq Age Opt Cksum Len Router 192.168.32.1 192.168.32.1 0x80000012 5 0x22 0x6caf 96Router *192.168.36.1 192.168.36.1 0x8000000d 237 0x22 0xf638 36Network *10.222.3.1 192.168.36.1 0x80000007 1280 0x22 0xc96 32Summary *10.222.1.0 192.168.36.1 0x80000008 1280 0x22 0xdcd6 28Summary *10.222.2.0 192.168.36.1 0x80000009 1280 0x22 0xc5ec 28Summary *192.168.24.1 192.168.36.1 0x80000008 1280 0x22 0x20f8 28Summary *192.168.36.1 192.168.36.1 0x80000009 1280 0x22 0x21f6 28
OSPF Database (Before Summarization)
Copyright © 2007 Juniper Networks, Inc. 6-82Education Services
[edit]lab@London# show protocols ospf area 0.0.0.0 { authentication-type md5; interface lo0.0; interface se-1/0/1.0 { authentication { md5 1 key "$9$vW7M7Vg4ZjkPJG"; ## SECRET-DATA } }}area 0.0.0.2 { area-range 172.18.12.0/28; authentication-type md5; interface fe-0/0/1.0 { authentication { md5 1 key "$9$5T6AB1hrK8Ec"; ## SECRET-DATA } }}
Summary Configuration Added
area-range statement will summarize all 172.18.12.x/30
prefixes
Copyright © 2007 Juniper Networks, Inc. 6-83Education Services
lab@London> show ospf database
OSPF link state database, Area 0.0.0.0 Type ID Adv Rtr Seq Age Opt Cksum Len Router 192.168.24.1 192.168.24.1 0x80000013 818 0x22 0xb754 60Router *192.168.36.1 192.168.36.1 0x80000018 537 0x22 0x10d1 60Summary 10.222.1.0 192.168.24.1 0x80000009 518 0x22 0xb614 28Summary *10.222.3.0 192.168.36.1 0x8000000b 855 0x22 0x4872 28Summary *172.18.12.0 192.168.36.1 0x80000002 855 0x22 0x10df 28Summary *192.168.32.1 192.168.36.1 0x8000000a 855 0x22 0x55c4 28
OSPF link state database, Area 0.0.0.2 Type ID Adv Rtr Seq Age Opt Cksum Len Router 192.168.32.1 192.168.32.1 0x80000013 1165 0x22 0x6ab0 96Router *192.168.36.1 192.168.36.1 0x8000000f 237 0x22 0xf23a 36Network *10.222.3.1 192.168.36.1 0x80000009 538 0x22 0x898 32Summary *10.222.1.0 192.168.36.1 0x8000000b 237 0x22 0xd6d9 28Summary *10.222.2.0 192.168.36.1 0x8000000a 855 0x22 0xc3ed 28Summary *192.168.24.1 192.168.36.1 0x80000009 855 0x22 0x1ef9 28Summary *192.168.36.1 192.168.36.1 0x8000000a 855 0x22 0x1ff7 28
OSPF Database (After Summarization)
Copyright © 2007 Juniper Networks, Inc. 6-84Education Services
Configuring IGP Tracing
Use tracing to debug the operation of your IGP•A typical OSPF tracing configuration:
•Monitor the resulting ospf-trace log file using the monitor start log-file-name or the show log log-file-name CLI commands• Use Esc+q to toggle terminal output when monitoring and monitor stop to discontinue monitoring
•Turn off tracing by deleting the traceoptions stanza
[edit protocols ospf]lab@London# show traceoptions file ospf-trace;flag error detail;flag hello detail;flag lsa-update;
Copyright © 2007 Juniper Networks, Inc. 6-85Education Services
Review Questions
1.Describe the general purpose of routing policy.2.Describe the purpose and role of an IGP.3.What is the default import and export policy for
RIP?4.How can you confirm OSPF adjacency status?5.How can you display only those routes that are
learned by a certain protocol?6.What is the purpose of the ABR and the ASBR?7.Why might OSPF summarization be a good idea?
Copyright © 2007 Juniper Networks, Inc. 6-86Education Services
Lab 4—Part 7: OSPF Multiarea
Configure and monitor multiarea OSPF.Summarize link-state information into Area 0.
Copyright © 2007 Juniper Networks, Inc. 6-87Education ServicesEducation Services