Ok, time for some OSPF and I will also cover Rollback (Love this feature)
Here is our OSPF Topology, we will only do Single Area for this lab.
Ok, time to rollback to the rescue configs.
Up first replacing the config on R4 (if you have not done this in the last lab)
R4#configure replace flash:base.txt
Ok, that’s done – J1, J2, and J3 next.
First up, we need to roll-back to the rescue config. This is done from the edit mode by issuing the command rollback rescue.
jfry@J1> edit
Entering configuration mode
[edit]
jfry@J1# rollback rescue
load complete
[edit]
jfry@J1# commit and-quit
commit complete
Exiting configuration mode
jfry@J1>
Now to J2:
jfry@J2> edit
Entering configuration mode
[edit]
jfry@J2# rollback rescue
load complete
[edit]
jfry@J2# commit and-quit
commit complete
Exiting configuration mode
And J3:
jfry@J3> edit
Entering configuration mode
[edit]
jfry@J3# rollback rescue
load complete
[edit]
jfry@J3# commit and-quit
commit complete
Exiting configuration mode
jfry@J3>
Ok, back to the rescue config, now to configure up OSPF!
For this lab we will be using a single OSPF Area, Area 0.
Up first will be R4, we will configure all interfaces in Area 0.
R4#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#router ospf 1
R4(config-router)#net 192.168.14.4 0.0.0.0 a 0
R4(config-router)#net 4.4.4.4 0.0.0.0 a 0
R4(config-router)#no auto-summary
R4(config-router)#^Z
R4#
Ok, now we can configure J1 for OSPF.
[edit]
jfry@J1# set protocols ospf area 0 interface fe-0/0/7.0
[edit]
jfry@J1# set protocols ospf area 0 interface ge-0/0/0.0
[edit]
jfry@J1# set protocols ospf area 0 interface fe-0/0/2.0
[edit]
jfry@J1# set protocols ospf area 0 interface lo0.0 passive
[edit]
jfry@J1# commit and-quit
Ok, we should check R4 for OSPF neighbor:
R4#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
1.1.1.1 128 FULL/BDR 00:00:37 192.168.14.1 Ethernet0
R4#
Good, now we should see what that command looks like on J1
jfry@J1> show ospf neighbor
Address Interface State ID Pri Dead
192.168.14.4 fe-0/0/7.0 Full 4.4.4.4 1 34
jfry@J1>
Ok, J1 and R4 are OSPF neighbors. Let’s get J2 and J3 configured.
J2:
jfry@J2> edit
Entering configuration mode
[edit]
jfry@J2# set protocols ospf area 0 interface ge-0/0/0.0
[edit]
jfry@J2# set protocols ospf area 0 interface ge-0/0/1.0
[edit]
jfry@J2# set protocols ospf area 0 interface lo0.0 passive
[edit]
jfry@J2# commit and-quit
J3:
jfry@J3> edit
Entering configuration mode
[edit]
jfry@J3# set protocols ospf area 0 interface fe-0/0/1.0
[edit]
jfry@J3# set protocols ospf area 0 interface fe-0/0/2.0
[edit]
jfry@J3# set protocols ospf area 0 interface lo0.0 passive
[edit]
jfry@J3# command and-quit
Ok, back to R4 to see what the routing table looks like (since it is the furtherst router):
R4#sh ip route
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route
Gateway of last resort is not set
O 192.168.12.0/24 [110/11] via 192.168.14.1, 00:04:46, Ethernet0
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/10] via 192.168.14.1, 00:04:46, Ethernet0
O 192.168.13.0/24 [110/11] via 192.168.14.1, 00:04:46, Ethernet0
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/11] via 192.168.14.1, 00:04:46, Ethernet0
C 192.168.14.0/24 is directly connected, Ethernet0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/11] via 192.168.14.1, 00:04:46, Ethernet0
4.0.0.0/32 is subnetted, 1 subnets
C 4.4.4.4 is directly connected, Loopback0
O 192.168.23.0/24 [110/12] via 192.168.14.1, 00:04:47, Ethernet0
R4#
Looks like we have a full table! Time to PING R3 loopback
R4#ping 3.3.3.3 so l0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
R4#
We have full connectivity!
Ok, on Cisco if we want to advertise a default route (0/0) with OSPF, we use Default-information originate. Below we will show that, but first we will create a new loopback (Loopback 1) on R4 and assign it an IP of 200.200.200.200.
R4(config)#int loop1
R4(config-if)#ip add 200.200.200.200 255.255.255.255
R4(config-if)#
Now we should test that we do not currently have connectivity to 200.200.200.200.
jfry@J3> show route table inet.0
inet.0: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden)
+ = Active Route, – = Last Active, * = Both
1.1.1.1/32 *[OSPF/10] 00:49:23, metric 1
> to 192.168.13.1 via fe-0/0/2.0
2.2.2.2/32 *[OSPF/10] 00:49:13, metric 1
> to 192.168.23.2 via fe-0/0/1.0
3.3.3.3/32 *[Direct/0] 05:48:56
> via lo0.0
4.4.4.4/32 *[OSPF/10] 00:31:56, metric 3
> to 192.168.13.1 via fe-0/0/2.0
192.168.12.0/24 *[OSPF/10] 00:49:13, metric 2
to 192.168.23.2 via fe-0/0/1.0
> to 192.168.13.1 via fe-0/0/2.0
192.168.13.0/24 *[Direct/0] 05:47:00
> via fe-0/0/2.0
192.168.13.3/32 *[Local/0] 05:48:30
Local via fe-0/0/2.0
192.168.14.0/24 *[OSPF/10] 00:49:23, metric 2
> to 192.168.13.1 via fe-0/0/2.0
192.168.23.0/24 *[Direct/0] 05:46:36
> via fe-0/0/1.0
192.168.23.3/32 *[Local/0] 05:48:30
Local via fe-0/0/1.0
224.0.0.5/32 *[OSPF/10] 00:49:33, metric 1
MultiRecv
jfry@J3>
Nope, no route nor any default route there.
Time for a PING just to make sure.
jfry@J3> ping 200.200.200.200 rapid
PING 200.200.200.200 (200.200.200.200): 56 data bytes
ping: sendto: No route to host
.ping: sendto: No route to host
.ping: sendto: No route to host
.ping: sendto: No route to host
.ping: sendto: No route to host
.
— 200.200.200.200 ping statistics —
5 packets transmitted, 0 packets received, 100% packet loss
jfry@J3>
Ok, good. Time to configure the Cisco router to advertise a default route.
R4(config)#router ospf 1
R4(config-router)#default-information originate always
R4(config-router)#^Z
R4#
Ok, J3 should now have a default route:
jfry@J3> show route table inet.0 | match 0.0.0.0
0.0.0.0/0 *[OSPF/150] 00:00:27, metric 1, tag 1
jfry@J3>
There it is, so now J3 should be able to ping 200.200.200.200
jfry@J3> ping 200.200.200.200 rapid
PING 200.200.200.200 (200.200.200.200): 56 data bytes
!!!!!
— 200.200.200.200 ping statistics —
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 3.094/3.538/4.385/0.451 ms
jfry@J3>
Good, it can.
So, now that you know how to advertise a default in IOS, we can do the same thing on J3.
First, remove the default and loopback1 interface on R4.
R4(config)#router ospf 1
R4(config-router)#no default-information originate always
R4(config-router)#no int loop1
R4(config)#
Now to check J3 and make sure default is gone:
jfry@J3> show route table inet.0 | match 0.0.0.0
Ok, now we can configure J3 to advertise a default route.
In Junos it is a little bit different. Here we actually need to create the 0/0 route and then write a policy to permit it. This is something that I actually like about Junos, you need to be sure of what you are doing. No need to worry about someone just entering a command and being done.
I suggest that anytime you redistribute a route (Junos or Cisco), a policy should be in place to permit that route. Junos just helps you make sure that happens.
Ok, let’s create a null route for 0/0 on J3.
We will configure the router to discard packets that match this statement and to no install the route in the forwarding table.
[edit]
jfry@J3# set routing-options static route 0.0.0.0/0 discard
[edit]
jfry@J3# set routing-options static route 0.0.0.0/0 no-install
jfry@J3# show | compare
[edit]
+ routing-options {
+ static {
+ route 0.0.0.0/0 {
+ discard;
+ no-install;
+ }
+ }
+ }
Ok, we have the static 0/0 route configured. Now we need to configure the policy to allow this route to be advertised.
[edit]
jfry@J3# set policy-options policy-statement Default from protocol static
[edit]
jfry@J3# set policy-statement Default from route-filter 0.0.0.0/0 exact
[edit]
jfry@J3# set policy-options policy-statement Default then accept
[edit]
jfry@J3# show | compare
[edit]
+ policy-options {
+ policy-statement Default {
+ from {
+ protocol static;
+ route-filter 0.0.0.0/0 exact;
+ }
+ then accept;
+ }
+ }
[edit]
jfry@J3#
Ok, now we need to apply that policy to the OSPF protocol
What is cool with Junos, if you forget what you called the policy, you can hit ? and it will list all the policies configured on the router.
jfry@J3# set protocols ospf export ?
Possible completions:
<value> Export policy
( Open an expression
Default
[ Open a set of values
[edit]
jfry@J3# set protocols ospf export Default
[edit]
jfry@J3# commit and-quit
Now let’s get back to R4 and see if we have a default route:
R4# sh ip route 0.0.0.0
Routing entry for 0.0.0.0/0, supernet
Known via “ospf 1″, distance 110, metric 0, candidate default path, type extern 2, forward metric 11
Last update from 192.168.14.1 on Ethernet0, 00:01:31 ago
Routing Descriptor Blocks:
* 192.168.14.1, from 3.3.3.3, 00:01:31 ago, via Ethernet0
Route metric is 0, traffic share count is 1
There we go, we have a default route being advertised from R3 (3.3.3.3).
Ok, since we cannot create more than one loopback interface on the SRX we will have to cheat a bit.
I am going to connect J3 fe-0/0/7 to my home network and give it an IP address of 192.168.0.200/24.
[edit]
jfry@J3# set interface fe-0/0/7 unit 0 family inet address 192.168.0.200/24
[edit]
jfry@J3# commit and-quit
commit complete
Exiting configuration mode
jfry@J3>
Ok, now that is done we should look at R4 and make sure that we do not have a route to 192.168.0.0/24
R4#sh ip route 192.168.0.0
% Network not in table
R4#
Good, no route. Let’s try and PING 192.168.0.200 (J3 interface)
R4#ping 192.168.0.200
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.200, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
And there you go, we can PING the route!
Ok, time to rollback R3 to before we started with all these changes.
So how do we do this? Well, rollback!
For my router, its rollback # 4.
jfry@J3> show system commit
0 2012-08-10 21:20:06 UTC by jfry via cli
1 2012-08-10 21:19:03 UTC by jfry via cli
2 2012-08-10 21:17:50 UTC by jfry via cli
3 2012-08-10 21:06:16 UTC by jfry via cli
4 2012-08-10 19:42:50 UTC by jfry via cli
You can view the rollback by issuing the command: show system rollback #
jfry@J3> show system rollback 4
## Last changed: 2012-08-10 19:42:42 UTC
version 12.1R2.9;
system {
host-name J3;
root-authentication {
encrypted-password “$1$KzNk.qW/$snaQkMp/4d3vZWjO5YONG/”; ## SECRET-DATA
}
login {
user jfry {
full-name “Jeff Fry”;
uid 2002;
class super-user;
authentication {
encrypted-password “$1$GlR67aAm$uTukNzdwUDf7VDIBxi6sq/”; ## SECRET-DATA
}
}
}
}
interfaces {
fe-0/0/1 {
unit 0 {
family inet {
address 192.168.23.3/24;
}
}
}
fe-0/0/2 {
unit 0 {
family inet {
address 192.168.13.3/24;
}
}
}
lo0 {
unit 0 {
family inet {
address 3.3.3.3/32;
}
}
}
}
protocols {
ospf {
area 0.0.0.0 {
interface fe-0/0/1.0;
interface fe-0/0/2.0;
interface lo0.0 {
passive;
}
}
}
}
security {
forwarding-options {
family {
inet6 {
mode packet-based;
}
mpls {
mode packet-based;
}
iso {
mode packet-based;
}
}
}
}
jfry@J3>
And as we can see, that is the config after OSPF was configured but before we did all the static routes.
So, let’s roll!(back).
Load the rollback
[edit]
jfry@J3# rollback 4
load complete
And to see what it is going to change (here remove), do show | compare
[edit]
jfry@J3# show | compare
[edit interfaces]
- fe-0/0/7 {
- unit 0 {
- family inet {
- address 192.168.0.200/24;
- }
- }
- }
[edit]
- routing-options {
- static {
- route 0.0.0.0/0 {
- discard;
- no-install;
- }
- }
- }
[edit protocols ospf]
- export Default;
[edit]
- policy-options {
- policy-statement Default {
- from {
- protocol static;
- route-filter 0.0.0.0/0 exact;
- }
- then accept;
- }
- }
[edit]
jfry@J3#
Ok, and commit the config!
Now for more fun stuff with OSPF!
By (author) Peter Southwick
| List Price: |
$59.99 USD |
| New From: |
$33.87 In Stock |
| Used from: |
$33.99 In Stock |
|
|
|
Like this:
Like Loading...
