Difference between revisions of "OSPF JUNOS"

From Teknologisk videncenter
Jump to: navigation, search
m (Konfiguration af OSPF)
m (MD5 Authentication)
 
(22 intermediate revisions by the same user not shown)
Line 1: Line 1:
Konfigurations eksemplet for OSPF konfigureres på [[Virtual_Router_JUNOS|dette setup]]. Det kører allerede RIP og vi skal nu tilføje OSPF og når OSPF har konvergeret erstatter vi RIP med OSPF i route tabellen<br/><br/>
+
{{TOCright}}
 
+
Konfigurations eksemplet for OSPF konfigureres på [[Virtual_Router_JUNOS|dette setup]]. Det kører allerede RIP og vi skal nu tilføje OSPF og når OSPF har konvergeret erstatter vi RIP med OSPF i route tabellen<br/>
 +
Default timers:
 +
;Hello:10 sekunder
 +
;Dead:40 Sekunder<br/>
 
Konfigurations rækkefælgen bliver:
 
Konfigurations rækkefælgen bliver:
 
#Konfigurer OSPF
 
#Konfigurer OSPF
##Areas og interfaces
 
##Export regler
 
 
#Verificer OSPF
 
#Verificer OSPF
 
#Fjern RIP.
 
#Fjern RIP.
 
==Konfiguration af OSPF==
 
==Konfiguration af OSPF==
Her konfigureres OSPF så forbindelserne imellem routerne tilhører Area 0 og Lo interfaces tilhører et Area med samme nummer som P-Routeren(P1 = Area 1)<br/>
+
Her konfigureres OSPF<ref>http://kb.juniper.net/InfoCenter/index?page=content&id=KB16570</ref> så forbindelserne imellem routerne tilhører Area 0 og Lo interfaces tilhører et Area med samme nummer som P-Routeren(P1 = Area 1)<br/>
 
Route Preference konfigureres til at være højere end RIP, så vi ikke mister routing imens OSPF konvergerer.
 
Route Preference konfigureres til at være højere end RIP, så vi ikke mister routing imens OSPF konvergerer.
 
<source lang=cli>
 
<source lang=cli>
[edit routing-instances P1 protocols ospf]
+
[edit routing-instances P1]
rael@SRX240# <input>show</input>
+
rael@SRX240# <input>show</input>  
preference 101;
+
routing-options {
external-preference 105;
+
     router-id 10.1.0.1;
area 0.0.0.0 {
 
     interface lt-0/0/0.1;
 
    interface lt-0/0/0.10;
 
 
}
 
}
area 0.0.0.1 {
+
protocols {
    interface lo0.1;
+
    ospf {
 +
        preference 101;
 +
        external-preference 105;
 +
        area 0.0.0.0 {
 +
            interface lt-0/0/0.1;
 +
            interface lt-0/0/0.10;
 +
        }
 +
        area 0.0.0.1 {
 +
            interface lo0.1;
 +
        }
 +
    }
 
}
 
}
 +
 +
</source>
 +
 +
==Verificer OSPF==
 +
OSPF status
 +
<source lang=cli>
 +
[edit]
 +
rael@SRX240# <input>run show ospf overview instance P1</input>
 +
Instance: P1
 +
  <notice>Router ID: 10.1.0.1</notice>
 +
  Route table index: 5
 +
  Area border router
 +
  LSA refresh time: 50 minutes
 +
  Area: 0.0.0.0
 +
    Stub type: Not Stub
 +
    Authentication Type: None
 +
    Area border routers: 3, AS boundary routers: 0
 +
    Neighbors
 +
      <notice>Up (in full state): 2</notice>
 +
  Area: 0.0.0.1
 +
    Stub type: Not Stub
 +
    Authentication Type: None
 +
    Area border routers: 0, AS boundary routers: 0
 +
    Neighbors
 +
      Up (in full state): 0
 +
  Topology: default (ID 0)
 +
    Prefix export count: 0
 +
    Full SPF runs: 15
 +
    SPF delay: 0.200000 sec, SPF holddown: 5 sec, SPF rapid runs: 3
 +
    Backup SPF: Not Needed
 +
</source>
 +
Show ospf database for P1
 +
<source lang=cli>
 +
[edit]
 +
rael@SRX240# <input>run show ospf database instance P1</input>
 +
 +
    OSPF database, Area 0.0.0.0
 +
Type      ID              Adv Rtr          Seq      Age  Opt  Cksum  Len
 +
<notice>Router  *10.1.0.1        10.1.0.1        0x8000000c    62  0x22 0x922e  48
 +
Router  10.2.0.1        10.2.0.1        0x8000000a    63  0x22 0xcbfb  48
 +
Router  10.3.0.1        10.3.0.1        0x80000009    64  0x22 0x7b2d  48
 +
Router  10.4.0.1        10.4.0.1        0x8000000a    65  0x22 0xc6e5  48</notice>
 +
Network  10.0.0.2        10.2.0.1        0x80000005    63  0x22 0x679f  32
 +
Network  10.0.0.6        10.4.0.1        0x80000006    69  0x22 0x49b3  32
 +
Network  10.0.0.9        10.3.0.1        0x80000004    69  0x22 0x23db  32
 +
Network  10.0.0.13        10.4.0.1        0x80000003    65  0x22 0x15e2  32
 +
Summary *10.1.0.0        10.1.0.1        0x80000003  673  0x22 0x8e95  28
 +
Summary *10.1.0.1        10.1.0.1        0x80000003  476  0x22 0x849e  28
 +
Summary  10.2.0.0        10.2.0.1        0x80000003  687  0x22 0x7aa7  28
 +
Summary  10.2.0.1        10.2.0.1        0x80000003  503  0x22 0x70b0  28
 +
Summary  10.3.0.0        10.3.0.1        0x80000003  687  0x22 0x66b9  28
 +
Summary  10.3.0.1        10.3.0.1        0x80000003  503  0x22 0x5cc2  28
 +
Summary  10.4.0.0        10.4.0.1        0x80000003  699  0x22 0x52cb  28
 +
Summary  10.4.0.1        10.4.0.1        0x80000003  527  0x22 0x48d4  28
 +
 +
    OSPF database, Area 0.0.0.1
 +
Type      ID              Adv Rtr          Seq      Age  Opt  Cksum  Len
 +
Router  *10.1.0.1        10.1.0.1        0x80000004  124  0x22 0x7f70  48
 +
Summary *10.0.0.0        10.1.0.1        0x80000006    58  0x22 0x8c97  28
 +
Summary *10.0.0.4        10.1.0.1        0x80000003    58  0x22 0x74ad  28
 +
Summary *10.0.0.8        10.1.0.1        0x80000007    68  0x22 0x3ae0  28
 +
Summary *10.0.0.12        10.1.0.1        0x80000005    63  0x22 0x20f7  28
 +
Summary *10.2.0.0        10.1.0.1        0x80000003    58  0x22 0x8c95  28
 +
Summary *10.2.0.1        10.1.0.1        0x80000003    58  0x22 0x829e  28
 +
Summary *10.3.0.0        10.1.0.1        0x80000004    67  0x22 0x7ea1  28
 +
Summary *10.3.0.1        10.1.0.1        0x80000004    67  0x22 0x74aa  28
 +
Summary *10.4.0.0        10.1.0.1        0x80000005    58  0x22 0x7aa2  28
 +
Summary *10.4.0.1        10.1.0.1        0x80000005    58  0x22 0x70ab  28
 +
</source>
 +
Nabo tabellen for P1:
 +
<source lang=cli>
 +
[edit]
 +
rael@SRX240# <input>run show ospf neighbor instance P1</input>
 +
Address          Interface              State    ID              Pri  Dead
 +
10.0.0.2        lt-0/0/0.1            Full      10.2.0.1        128    35
 +
10.0.0.9        lt-0/0/0.10            Full      10.3.0.1        128    32
 +
</source>
 +
Statistikker for OSPF
 +
<source lang=cli>
 +
[edit]
 +
rael@SRX240# <input>run show ospf statistics instance P1</input>
 +
 +
Packet type            Total                  Last 5 seconds
 +
                  Sent      Received        Sent      Received
 +
  Hello            36            28          0            0
 +
    DbD            25            20          0            0
 +
  LSReq              5            3          0            0
 +
LSUpdate            54            44          0            0
 +
  LSAck            37            32          0            0
 +
 +
DBDs retransmitted    :                    9, last 5 seconds :          0
 +
LSAs flooded          :                  33, last 5 seconds :          0
 +
LSAs flooded high-prio :                  22, last 5 seconds :          0
 +
LSAs retransmitted    :                    9, last 5 seconds :          0
 +
LSAs transmitted to nbr:                    5, last 5 seconds :          0
 +
LSAs requested        :                  15, last 5 seconds :          0
 +
LSAs acknowledged      :                  64, last 5 seconds :          0
 +
 +
Flood queue depth      :              0
 +
Total rexmit entries  :              0
 +
db summaries          :              0
 +
lsreq entries          :              0
 +
 +
<notice>Receive errors:
 +
  None</notice>
 +
</source>
 +
==Deaktiver RIP==
 +
Først ændrer vi Global route Preference til default og så fjerner vi RIP.<br/><br/>
 +
Her kan vi se at alle netværk er lært via både RIP og OSPF. RIP Routen er den aktive(*).
 +
<source lang=cli>
 +
[edit]
 +
rael@SRX240# <input>run show route table P1.inet.0</input>
 +
 +
P1.inet.0: 16 destinations, 21 routes (16 active, 0 holddown, 0 hidden)
 +
+ = Active Route, - = Last Active, * = Both
 +
 +
10.0.0.0/30        *[Direct/0] 02:02:48
 +
                    > via lt-0/0/0.1
 +
10.0.0.1/32        *[Local/0] 02:08:03
 +
                      Local via lt-0/0/0.1
 +
<notice>10.0.0.4/30        *[RIP/100] 01:20:00, metric 2, tag 0
 +
                    > to 10.0.0.2 via lt-0/0/0.1</notice>
 +
                    [OSPF/101] 00:14:56, metric 2
 +
                    > to 10.0.0.2 via lt-0/0/0.1
 +
10.0.0.8/30        *[Direct/0] 02:02:48
 +
                    > via lt-0/0/0.10
 +
10.0.0.10/32      *[Local/0] 02:08:03
 +
                      Local via lt-0/0/0.10
 +
<notice>10.0.0.12/30      *[RIP/100] 01:20:01, metric 2, tag 0
 +
                    > to 10.0.0.9 via lt-0/0/0.10</notice>
 +
                    [OSPF/101] 00:15:05, metric 2
 +
                    > to 10.0.0.9 via lt-0/0/0.10
 +
10.1.0.0/24        *[Direct/0] 01:19:59
 +
                    > via lo0.1
 +
10.1.0.1/32        *[Local/0] 01:19:59
 +
                      Local via lo0.1
 +
<notice>10.2.0.0/24        *[RIP/100] 01:19:55, metric 2, tag 0
 +
                    > to 10.0.0.2 via lt-0/0/0.1</notice>
 +
                    [OSPF/101] 00:14:56, metric 1
 +
                    > to 10.0.0.2 via lt-0/0/0.1
 +
10.2.0.1/32        *[OSPF/101] 00:14:56, metric 1
 +
                    > to 10.0.0.2 via lt-0/0/0.1
 +
<notice>10.3.0.0/24        *[RIP/100] 01:19:55, metric 2, tag 0
 +
                    > to 10.0.0.9 via lt-0/0/0.10</notice>
 +
                    [OSPF/101] 00:15:05, metric 1
 +
                    > to 10.0.0.9 via lt-0/0/0.10
 +
10.3.0.1/32        *[OSPF/101] 00:15:05, metric 1
 +
                    > to 10.0.0.9 via lt-0/0/0.10
 +
<notice>10.4.0.0/24        *[RIP/100] 01:11:15, metric 3, tag 0
 +
                    > to 10.0.0.2 via lt-0/0/0.1
 +
                      to 10.0.0.9 via lt-0/0/0.10</notice>
 +
                    [OSPF/101] 00:14:56, metric 2
 +
                      to 10.0.0.2 via lt-0/0/0.1
 +
                    > to 10.0.0.9 via lt-0/0/0.10
 +
10.4.0.1/32        *[OSPF/101] 00:14:56, metric 2
 +
                    > to 10.0.0.2 via lt-0/0/0.1
 +
                      to 10.0.0.9 via lt-0/0/0.10
 +
224.0.0.5/32      *[OSPF/10] 00:33:28, metric 1
 +
                      MultiRecv
 +
224.0.0.9/32      *[RIP/100] 00:16:02, metric 1
 +
                      MultiRecv
 +
</source>
 +
Slet den forhøjede Route Preference på 101, så den falder tilbage på 10(default)
 +
<source lang=cli>
 +
[edit routing-instances]
 +
rael@SRX240# <input>delete P1 protocols ospf preference</input>
 +
 +
[edit routing-instances]
 +
rael@SRX240# <input>delete P2 protocols ospf preference</input>
 +
 +
[edit routing-instances]
 +
rael@SRX240# <input>delete P3 protocols ospf preference</input>
 +
 +
[edit routing-instances]
 +
rael@SRX240# <input>delete P4 protocols ospf preference</input>
 +
 +
[edit routing-instances]
 +
rael@SRX240# <input>commit</input>
 +
 +
</source>
 +
Alle routes har nu skiftet til OSPF routes i stedet for RIP
 +
<source lang=cli>
 +
[edit routing-instances]
 +
rael@SRX240# <input>run show route table P1.inet.0</input>
 +
 +
P1.inet.0: 16 destinations, 20 routes (16 active, 4 holddown, 0 hidden)
 +
+ = Active Route, - = Last Active, * = Both
 +
 +
10.0.0.0/30        *[Direct/0] 02:20:03
 +
                    > via lt-0/0/0.1
 +
10.0.0.1/32        *[Local/0] 02:25:18
 +
                      Local via lt-0/0/0.1
 +
<notice>10.0.0.4/30        *[OSPF/10] 00:00:10, metric 2
 +
                    > to 10.0.0.2 via lt-0/0/0.1</notice>
 +
                    [RIP/100] 01:37:15, metric 2, tag 0
 +
                    > to 10.0.0.2 via lt-0/0/0.1
 +
10.0.0.8/30        *[Direct/0] 02:20:03
 +
                    > via lt-0/0/0.10
 +
10.0.0.10/32      *[Local/0] 02:25:18
 +
                      Local via lt-0/0/0.10
 +
<notice>10.0.0.12/30      *[OSPF/10] 00:00:10, metric 2
 +
                    > to 10.0.0.9 via lt-0/0/0.10</notice>
 +
                    [RIP/100] 01:37:16, metric 2, tag 0
 +
                    > to 10.0.0.9 via lt-0/0/0.10
 +
10.1.0.0/24        *[Direct/0] 01:37:14
 +
                    > via lo0.1
 +
10.1.0.1/32        *[Local/0] 01:37:14
 +
                      Local via lo0.1
 +
<notice>10.2.0.0/24        *[OSPF/10] 00:00:10, metric 1
 +
                    > to 10.0.0.2 via lt-0/0/0.1</notice>
 +
                    [RIP/100] 01:37:10, metric 2, tag 0
 +
                    > to 10.0.0.2 via lt-0/0/0.1
 +
10.2.0.1/32        *[OSPF/10] 00:00:10, metric 1
 +
                    > to 10.0.0.2 via lt-0/0/0.1
 +
<notice>10.3.0.0/24        *[OSPF/10] 00:00:10, metric 1
 +
                    > to 10.0.0.9 via lt-0/0/0.10</notice>
 +
                    [RIP/100] 01:37:10, metric 2, tag 0
 +
                    > to 10.0.0.9 via lt-0/0/0.10
 +
10.3.0.1/32        *[OSPF/10] 00:00:10, metric 1
 +
                    > to 10.0.0.9 via lt-0/0/0.10
 +
10.4.0.0/24        *[OSPF/10] 00:00:10, metric 2
 +
                      to 10.0.0.2 via lt-0/0/0.1
 +
                    > to 10.0.0.9 via lt-0/0/0.10
 +
10.4.0.1/32        *[OSPF/10] 00:00:10, metric 2
 +
                      to 10.0.0.2 via lt-0/0/0.1
 +
                    > to 10.0.0.9 via lt-0/0/0.10
 +
224.0.0.5/32      *[OSPF/10] 00:50:43, metric 1
 +
                      MultiRecv
 +
224.0.0.9/32      *[RIP/100] 00:00:10, metric 1
 +
                      MultiRecv
 +
</source>
 +
Nu hvor OSPF har alle de aktive routes, kan vi slette RIP i alle instances.
 +
<source lang=cli>
 +
[edit routing-instances]
 +
rael@SRX240# <input>delete P1 protocols rip</input>
 +
 +
[edit routing-instances]
 +
rael@SRX240# <input>delete P2 protocols rip</input>
 +
 +
[edit routing-instances]
 +
rael@SRX240# <input>delete P3 protocols rip</input>
 +
 +
[edit routing-instances]
 +
rael@SRX240# <input>delete P4 protocols rip</input>
 +
 +
[edit routing-instances]
 +
rael@SRX240# <input>commit</input>
 +
commit complete
 +
 +
[edit routing-instances]
 +
rael@SRX240# <input>run show route protocol rip table P1.inet.0</input>
 +
 +
P1.inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden)
 +
 +
[edit routing-instances]
 +
rael@SRX240#
 
</source>
 
</source>
 +
 +
=Tuning af OSPF=
 +
==Passiv interfaces==
 +
Konfigrurer alle Loopback interfaces som passiv for at undgå CPU spild ved at sende Hello Pakker.
 +
<source lang=cli>
 +
[edit routing-instances]
 +
rael@SRX240# <input>load set relative terminal</input>
 +
[Type ^D at a new line to end input]
 +
<input>set P1 protocols ospf area 1 interface lo0.1 passive
 +
set P2 protocols ospf area 2 interface lo0.2 passive
 +
set P3 protocols ospf area 3 interface lo0.3 passive
 +
set P4 protocols ospf area 4 interface lo0.4 passive</input>
 +
<notice>load complete</notice>
 +
</source>
 +
==Traceoptions(debug)==
 +
Lav debugging filer for alle Instances
 +
<source lang=cli>
 +
[edit routing-instances]
 +
rael@SRX240# <input>load set relative terminal</input>
 +
[Type ^D at a new line to end input]
 +
<input>set P1 protocols ospf traceoptions file P1.ospf.debug size 5m files 5
 +
set P1 protocols ospf traceoptions flag all
 +
 +
set P2 protocols ospf traceoptions file P2.ospf.debug size 5m files 5
 +
set P2 protocols ospf traceoptions flag all
 +
 +
set P3 protocols ospf traceoptions file P3.ospf.debug size 5m files 5
 +
set P3 protocols ospf traceoptions flag all
 +
 +
set P4 protocols ospf traceoptions file P4.ospf.debug size 5m files 5
 +
set P4 protocols ospf traceoptions flag all</input>
 +
<notice>load complete</notice>
 +
</source>
 +
Se output af tracefilen i realtime.
 +
<source lang=cli>
 +
rael@SRX240> <input>monitor start P1.ospf.debug</input>
 +
 +
rael@SRX240>
 +
*** P1.ospf.debug ***
 +
Oct 16 18:59:11.366200 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:11.367118 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:11.367381 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:11
 +
Oct 16 18:59:11.368962 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:11.369198 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:11.369505 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:11
 +
Oct 16 18:59:11.369585 OSPF hello from 10.0.0.9 (IFL 78, area 0.0.0.0) absorbed
 +
Oct 16 18:59:11.920089 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:11.920341 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:11.921851 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:11
 +
Oct 16 18:59:11.922180 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:11.922362 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:11.922672 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:11
 +
Oct 16 18:59:12.827040 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:12.827597 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:12.827858 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:12
 +
Oct 16 18:59:12.827955 OSPF periodic xmit from 10.0.0.1 to 224.0.0.5 (IFL 73 area 0.0.0.0)
 +
Oct 16 18:59:12.830855 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:12.831096 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:12.831391 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:12
 +
Oct 16 18:59:13.015010 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:13.015588 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:13.015847 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:13
 +
Oct 16 18:59:13.017392 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:13.017636 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:13.017939 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:13
 +
Oct 16 18:59:14.964711 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:14.965296 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:14.965557 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:14
 +
Oct 16 18:59:14.965653 OSPF periodic xmit from 10.0.0.10 to 224.0.0.5 (IFL 78 area 0.0.0.0)
 +
Oct 16 18:59:14.966971 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:14.967207 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:14.967520 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:14
 +
Oct 16 18:59:15.091702 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:15.092276 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:15.092538 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:15
 +
Oct 16 18:59:15.094479 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:15.094717 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:15.095022 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:15
 +
Oct 16 18:59:15.745741 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 18:59:15.745995 task_process_events: recv ready for <input>monitor stop</input>
 +
 +
rael@SRX240>
 +
</source>
 +
==MD5 Authentication==
 +
MD5 authentication på OSPF<ref>http://www.juniper.net/techpubs/en_US/junos11.4/topics/topic-map/ospf-authentication.html#jd0e529</ref> sikrer imod falske OSPF pakker fra uautoriserede naboer.
 +
<source lang=cli>
 +
[edit routing-instances]
 +
rael@SRX240# <input>set routing-instances P1 protocols ospf area 0.0.0.0 interface lt-0/0/0.1 authentication md5 1 key juniper</input>
 +
 +
[edit routing-instances]
 +
rael@SRX240# <input>set routing-instances P1 protocols ospf area 0.0.0.0 interface lt-0/0/0.10 authentication md5 1 key juniper</input>
 +
 +
[edit routing-instances]
 +
rael@SRX240# <input>commit</input>
 +
</source>
 +
Efter 40 sekunder dør naboskabet.
 +
<source lang=cli>
 +
[edit routing-instances]
 +
rael@SRX240# <input>run show ospf neighbor instance P1</input>
 +
Address          Interface              State    ID              Pri  Dead
 +
10.0.0.2        lt-0/0/0.1            Full      10.2.0.1        128    4
 +
10.0.0.9        lt-0/0/0.10            Full      10.3.0.1        128    4
 +
 +
[edit routing-instances]
 +
rael@SRX240# <input>run show ospf neighbor instance P1</input>
 +
Address          Interface              State    ID              Pri  Dead
 +
10.0.0.2        lt-0/0/0.1            Full      10.2.0.1        128    0
 +
10.0.0.9        lt-0/0/0.10            Full      10.3.0.1        128    0
 +
 +
[edit routing-instances]
 +
rael@SRX240# <input>run show ospf neighbor instance P1</input>
 +
 +
[edit routing-instances]
 +
rael@SRX240#
 +
</source>
 +
og en lille tracefile af authentication fejl
 +
<source lang=cli>
 +
[edit routing-instances]
 +
rael@SRX240# run monitor start P1.ospf.debug
 +
 +
[edit routing-instances]
 +
rael@SRX240#
 +
*** P1.ospf.debug ***
 +
Oct 16 19:14:53.334355 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 19:14:53.334590 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 19:14:53.334905 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:16:53
 +
<notice>Oct 16 19:14:53.334987 OSPF packet ignored: authentication type mismatch (0) from 10.0.0.2</notice>
 +
Oct 16 19:14:53.335591 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 19:14:53.335988 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 19:14:53.336272 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:16:53
 +
Oct 16 19:14:54.230649 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 19:14:54.232642 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 19:14:54.232995 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:16:54
 +
Oct 16 19:14:54.233590 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 19:14:54.233775 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 19:14:54.234032 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:16:54
 +
Oct 16 19:14:55.607448 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 19:14:55.609324 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 19:14:55.609672 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:16:55
 +
Oct 16 19:14:55.609950 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 19:14:55.610154 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 19:14:55.610404 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:16:55
 +
<notice>Oct 16 19:14:55.610496 OSPF packet ignored: authentication type mismatch (0) from 10.0.0.9</notice>
 +
Oct 16 19:14:56.171242 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 19:14:56.172891 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 19:14:56.173216 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:16:56
 +
Oct 16 19:14:56.173313 OSPF periodic xmit from 10.0.0.10 to 224.0.0.5 (IFL 78 area 0.0.0.0)
 +
Oct 16 19:14:56.173832 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 19:14:56.174037 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
<notice><-- output omitted --></notice>
 +
Oct 16 19:15:01.747036 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:17:01
 +
Oct 16 19:15:01.748570 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
 +
Oct 16 19:15:01.748804 tarun <input>monitor stop</input>
 +
 +
[edit routing-instances]
 +
rael@SRX240#</source>
 +
 +
Fuld konfiguration kan findes [[/VR_CONFIG|her]]
  
 
=Referencer=
 
=Referencer=

Latest revision as of 13:24, 4 November 2014

Konfigurations eksemplet for OSPF konfigureres på dette setup. Det kører allerede RIP og vi skal nu tilføje OSPF og når OSPF har konvergeret erstatter vi RIP med OSPF i route tabellen
Default timers:

Hello
10 sekunder
Dead
40 Sekunder

Konfigurations rækkefælgen bliver:

  1. Konfigurer OSPF
  2. Verificer OSPF
  3. Fjern RIP.

Konfiguration af OSPF

Her konfigureres OSPF[1] så forbindelserne imellem routerne tilhører Area 0 og Lo interfaces tilhører et Area med samme nummer som P-Routeren(P1 = Area 1)
Route Preference konfigureres til at være højere end RIP, så vi ikke mister routing imens OSPF konvergerer.

[edit routing-instances P1]
rael@SRX240# <input>show</input> 
routing-options {
    router-id 10.1.0.1;
}
protocols {
    ospf {
        preference 101;
        external-preference 105;
        area 0.0.0.0 {
            interface lt-0/0/0.1;
            interface lt-0/0/0.10;
        }
        area 0.0.0.1 {
            interface lo0.1;
        }
    }
}

Verificer OSPF

OSPF status

[edit]
rael@SRX240# <input>run show ospf overview instance P1</input>
Instance: P1
  <notice>Router ID: 10.1.0.1</notice>
  Route table index: 5
  Area border router
  LSA refresh time: 50 minutes
  Area: 0.0.0.0
    Stub type: Not Stub
    Authentication Type: None
    Area border routers: 3, AS boundary routers: 0
    Neighbors
      <notice>Up (in full state): 2</notice>
  Area: 0.0.0.1
    Stub type: Not Stub
    Authentication Type: None
    Area border routers: 0, AS boundary routers: 0
    Neighbors
      Up (in full state): 0
  Topology: default (ID 0)
    Prefix export count: 0
    Full SPF runs: 15
    SPF delay: 0.200000 sec, SPF holddown: 5 sec, SPF rapid runs: 3
    Backup SPF: Not Needed

Show ospf database for P1

[edit]
rael@SRX240# <input>run show ospf database instance P1</input>

    OSPF database, Area 0.0.0.0
 Type       ID               Adv Rtr           Seq      Age  Opt  Cksum  Len
<notice>Router  *10.1.0.1         10.1.0.1         0x8000000c    62  0x22 0x922e  48
Router   10.2.0.1         10.2.0.1         0x8000000a    63  0x22 0xcbfb  48
Router   10.3.0.1         10.3.0.1         0x80000009    64  0x22 0x7b2d  48
Router   10.4.0.1         10.4.0.1         0x8000000a    65  0x22 0xc6e5  48</notice>
Network  10.0.0.2         10.2.0.1         0x80000005    63  0x22 0x679f  32
Network  10.0.0.6         10.4.0.1         0x80000006    69  0x22 0x49b3  32
Network  10.0.0.9         10.3.0.1         0x80000004    69  0x22 0x23db  32
Network  10.0.0.13        10.4.0.1         0x80000003    65  0x22 0x15e2  32
Summary *10.1.0.0         10.1.0.1         0x80000003   673  0x22 0x8e95  28
Summary *10.1.0.1         10.1.0.1         0x80000003   476  0x22 0x849e  28
Summary  10.2.0.0         10.2.0.1         0x80000003   687  0x22 0x7aa7  28
Summary  10.2.0.1         10.2.0.1         0x80000003   503  0x22 0x70b0  28
Summary  10.3.0.0         10.3.0.1         0x80000003   687  0x22 0x66b9  28
Summary  10.3.0.1         10.3.0.1         0x80000003   503  0x22 0x5cc2  28
Summary  10.4.0.0         10.4.0.1         0x80000003   699  0x22 0x52cb  28
Summary  10.4.0.1         10.4.0.1         0x80000003   527  0x22 0x48d4  28

    OSPF database, Area 0.0.0.1
 Type       ID               Adv Rtr           Seq      Age  Opt  Cksum  Len
Router  *10.1.0.1         10.1.0.1         0x80000004   124  0x22 0x7f70  48
Summary *10.0.0.0         10.1.0.1         0x80000006    58  0x22 0x8c97  28
Summary *10.0.0.4         10.1.0.1         0x80000003    58  0x22 0x74ad  28
Summary *10.0.0.8         10.1.0.1         0x80000007    68  0x22 0x3ae0  28
Summary *10.0.0.12        10.1.0.1         0x80000005    63  0x22 0x20f7  28
Summary *10.2.0.0         10.1.0.1         0x80000003    58  0x22 0x8c95  28
Summary *10.2.0.1         10.1.0.1         0x80000003    58  0x22 0x829e  28
Summary *10.3.0.0         10.1.0.1         0x80000004    67  0x22 0x7ea1  28
Summary *10.3.0.1         10.1.0.1         0x80000004    67  0x22 0x74aa  28
Summary *10.4.0.0         10.1.0.1         0x80000005    58  0x22 0x7aa2  28
Summary *10.4.0.1         10.1.0.1         0x80000005    58  0x22 0x70ab  28

Nabo tabellen for P1:

[edit]
rael@SRX240# <input>run show ospf neighbor instance P1</input>
Address          Interface              State     ID               Pri  Dead
10.0.0.2         lt-0/0/0.1             Full      10.2.0.1         128    35
10.0.0.9         lt-0/0/0.10            Full      10.3.0.1         128    32

Statistikker for OSPF

[edit]
rael@SRX240# <input>run show ospf statistics instance P1</input>

Packet type             Total                  Last 5 seconds
                   Sent      Received        Sent      Received
   Hello             36            28           0             0
     DbD             25            20           0             0
   LSReq              5             3           0             0
LSUpdate             54            44           0             0
   LSAck             37            32           0             0

DBDs retransmitted     :                    9, last 5 seconds :          0
LSAs flooded           :                   33, last 5 seconds :          0
LSAs flooded high-prio :                   22, last 5 seconds :          0
LSAs retransmitted     :                    9, last 5 seconds :          0
LSAs transmitted to nbr:                    5, last 5 seconds :          0
LSAs requested         :                   15, last 5 seconds :          0
LSAs acknowledged      :                   64, last 5 seconds :          0

Flood queue depth      :               0
Total rexmit entries   :               0
db summaries           :               0
lsreq entries          :               0

<notice>Receive errors:
  None</notice>

Deaktiver RIP

Først ændrer vi Global route Preference til default og så fjerner vi RIP.

Her kan vi se at alle netværk er lært via både RIP og OSPF. RIP Routen er den aktive(*).

[edit]
rael@SRX240# <input>run show route table P1.inet.0</input>

P1.inet.0: 16 destinations, 21 routes (16 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.0.0.0/30        *[Direct/0] 02:02:48
                    > via lt-0/0/0.1
10.0.0.1/32        *[Local/0] 02:08:03
                      Local via lt-0/0/0.1
<notice>10.0.0.4/30        *[RIP/100] 01:20:00, metric 2, tag 0
                    > to 10.0.0.2 via lt-0/0/0.1</notice>
                    [OSPF/101] 00:14:56, metric 2
                    > to 10.0.0.2 via lt-0/0/0.1
10.0.0.8/30        *[Direct/0] 02:02:48
                    > via lt-0/0/0.10
10.0.0.10/32       *[Local/0] 02:08:03
                      Local via lt-0/0/0.10
<notice>10.0.0.12/30       *[RIP/100] 01:20:01, metric 2, tag 0
                    > to 10.0.0.9 via lt-0/0/0.10</notice>
                    [OSPF/101] 00:15:05, metric 2
                    > to 10.0.0.9 via lt-0/0/0.10
10.1.0.0/24        *[Direct/0] 01:19:59
                    > via lo0.1
10.1.0.1/32        *[Local/0] 01:19:59
                      Local via lo0.1
<notice>10.2.0.0/24        *[RIP/100] 01:19:55, metric 2, tag 0
                    > to 10.0.0.2 via lt-0/0/0.1</notice>
                    [OSPF/101] 00:14:56, metric 1
                    > to 10.0.0.2 via lt-0/0/0.1
10.2.0.1/32        *[OSPF/101] 00:14:56, metric 1
                    > to 10.0.0.2 via lt-0/0/0.1
<notice>10.3.0.0/24        *[RIP/100] 01:19:55, metric 2, tag 0
                    > to 10.0.0.9 via lt-0/0/0.10</notice>
                    [OSPF/101] 00:15:05, metric 1
                    > to 10.0.0.9 via lt-0/0/0.10
10.3.0.1/32        *[OSPF/101] 00:15:05, metric 1
                    > to 10.0.0.9 via lt-0/0/0.10
<notice>10.4.0.0/24        *[RIP/100] 01:11:15, metric 3, tag 0
                    > to 10.0.0.2 via lt-0/0/0.1
                      to 10.0.0.9 via lt-0/0/0.10</notice>
                    [OSPF/101] 00:14:56, metric 2
                      to 10.0.0.2 via lt-0/0/0.1
                    > to 10.0.0.9 via lt-0/0/0.10
10.4.0.1/32        *[OSPF/101] 00:14:56, metric 2
                    > to 10.0.0.2 via lt-0/0/0.1
                      to 10.0.0.9 via lt-0/0/0.10
224.0.0.5/32       *[OSPF/10] 00:33:28, metric 1
                      MultiRecv
224.0.0.9/32       *[RIP/100] 00:16:02, metric 1
                      MultiRecv

Slet den forhøjede Route Preference på 101, så den falder tilbage på 10(default)

[edit routing-instances]
rael@SRX240# <input>delete P1 protocols ospf preference</input>

[edit routing-instances]
rael@SRX240# <input>delete P2 protocols ospf preference</input>

[edit routing-instances]
rael@SRX240# <input>delete P3 protocols ospf preference</input>

[edit routing-instances]
rael@SRX240# <input>delete P4 protocols ospf preference</input>

[edit routing-instances]
rael@SRX240# <input>commit</input>

Alle routes har nu skiftet til OSPF routes i stedet for RIP

[edit routing-instances]
rael@SRX240# <input>run show route table P1.inet.0</input>

P1.inet.0: 16 destinations, 20 routes (16 active, 4 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.0.0.0/30        *[Direct/0] 02:20:03
                    > via lt-0/0/0.1
10.0.0.1/32        *[Local/0] 02:25:18
                      Local via lt-0/0/0.1
<notice>10.0.0.4/30        *[OSPF/10] 00:00:10, metric 2
                    > to 10.0.0.2 via lt-0/0/0.1</notice>
                    [RIP/100] 01:37:15, metric 2, tag 0
                    > to 10.0.0.2 via lt-0/0/0.1
10.0.0.8/30        *[Direct/0] 02:20:03
                    > via lt-0/0/0.10
10.0.0.10/32       *[Local/0] 02:25:18
                      Local via lt-0/0/0.10
<notice>10.0.0.12/30       *[OSPF/10] 00:00:10, metric 2
                    > to 10.0.0.9 via lt-0/0/0.10</notice>
                    [RIP/100] 01:37:16, metric 2, tag 0
                    > to 10.0.0.9 via lt-0/0/0.10
10.1.0.0/24        *[Direct/0] 01:37:14
                    > via lo0.1
10.1.0.1/32        *[Local/0] 01:37:14
                      Local via lo0.1
<notice>10.2.0.0/24        *[OSPF/10] 00:00:10, metric 1
                    > to 10.0.0.2 via lt-0/0/0.1</notice>
                    [RIP/100] 01:37:10, metric 2, tag 0
                    > to 10.0.0.2 via lt-0/0/0.1
10.2.0.1/32        *[OSPF/10] 00:00:10, metric 1
                    > to 10.0.0.2 via lt-0/0/0.1
<notice>10.3.0.0/24        *[OSPF/10] 00:00:10, metric 1
                    > to 10.0.0.9 via lt-0/0/0.10</notice>
                    [RIP/100] 01:37:10, metric 2, tag 0
                    > to 10.0.0.9 via lt-0/0/0.10
10.3.0.1/32        *[OSPF/10] 00:00:10, metric 1
                    > to 10.0.0.9 via lt-0/0/0.10
10.4.0.0/24        *[OSPF/10] 00:00:10, metric 2
                      to 10.0.0.2 via lt-0/0/0.1
                    > to 10.0.0.9 via lt-0/0/0.10
10.4.0.1/32        *[OSPF/10] 00:00:10, metric 2
                      to 10.0.0.2 via lt-0/0/0.1
                    > to 10.0.0.9 via lt-0/0/0.10
224.0.0.5/32       *[OSPF/10] 00:50:43, metric 1
                      MultiRecv
224.0.0.9/32       *[RIP/100] 00:00:10, metric 1
                      MultiRecv

Nu hvor OSPF har alle de aktive routes, kan vi slette RIP i alle instances.

[edit routing-instances]
rael@SRX240# <input>delete P1 protocols rip</input>

[edit routing-instances]
rael@SRX240# <input>delete P2 protocols rip</input>

[edit routing-instances]
rael@SRX240# <input>delete P3 protocols rip</input>

[edit routing-instances]
rael@SRX240# <input>delete P4 protocols rip</input>

[edit routing-instances]
rael@SRX240# <input>commit</input>
commit complete

[edit routing-instances]
rael@SRX240# <input>run show route protocol rip table P1.inet.0</input>

P1.inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden)

[edit routing-instances]
rael@SRX240#

Tuning af OSPF

Passiv interfaces

Konfigrurer alle Loopback interfaces som passiv for at undgå CPU spild ved at sende Hello Pakker.

[edit routing-instances]
rael@SRX240# <input>load set relative terminal</input>
[Type ^D at a new line to end input]
<input>set P1 protocols ospf area 1 interface lo0.1 passive
set P2 protocols ospf area 2 interface lo0.2 passive
set P3 protocols ospf area 3 interface lo0.3 passive
set P4 protocols ospf area 4 interface lo0.4 passive</input>
<notice>load complete</notice>

Traceoptions(debug)

Lav debugging filer for alle Instances

[edit routing-instances]
rael@SRX240# <input>load set relative terminal</input>
[Type ^D at a new line to end input]
<input>set P1 protocols ospf traceoptions file P1.ospf.debug size 5m files 5
set P1 protocols ospf traceoptions flag all

set P2 protocols ospf traceoptions file P2.ospf.debug size 5m files 5
set P2 protocols ospf traceoptions flag all

set P3 protocols ospf traceoptions file P3.ospf.debug size 5m files 5
set P3 protocols ospf traceoptions flag all

set P4 protocols ospf traceoptions file P4.ospf.debug size 5m files 5
set P4 protocols ospf traceoptions flag all</input>
<notice>load complete</notice>

Se output af tracefilen i realtime.

rael@SRX240> <input>monitor start P1.ospf.debug</input>

rael@SRX240>
*** P1.ospf.debug ***
Oct 16 18:59:11.366200 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:11.367118 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:11.367381 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:11
Oct 16 18:59:11.368962 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:11.369198 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:11.369505 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:11
Oct 16 18:59:11.369585 OSPF hello from 10.0.0.9 (IFL 78, area 0.0.0.0) absorbed
Oct 16 18:59:11.920089 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:11.920341 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:11.921851 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:11
Oct 16 18:59:11.922180 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:11.922362 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:11.922672 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:11
Oct 16 18:59:12.827040 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:12.827597 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:12.827858 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:12
Oct 16 18:59:12.827955 OSPF periodic xmit from 10.0.0.1 to 224.0.0.5 (IFL 73 area 0.0.0.0)
Oct 16 18:59:12.830855 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:12.831096 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:12.831391 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:12
Oct 16 18:59:13.015010 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:13.015588 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:13.015847 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:13
Oct 16 18:59:13.017392 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:13.017636 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:13.017939 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:13
Oct 16 18:59:14.964711 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:14.965296 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:14.965557 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:14
Oct 16 18:59:14.965653 OSPF periodic xmit from 10.0.0.10 to 224.0.0.5 (IFL 78 area 0.0.0.0)
Oct 16 18:59:14.966971 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:14.967207 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:14.967520 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:14
Oct 16 18:59:15.091702 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:15.092276 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:15.092538 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:15
Oct 16 18:59:15.094479 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:15.094717 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:15.095022 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:01:15
Oct 16 18:59:15.745741 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 18:59:15.745995 task_process_events: recv ready for <input>monitor stop</input>

rael@SRX240>

MD5 Authentication

MD5 authentication på OSPF[2] sikrer imod falske OSPF pakker fra uautoriserede naboer.

[edit routing-instances]
rael@SRX240# <input>set routing-instances P1 protocols ospf area 0.0.0.0 interface lt-0/0/0.1 authentication md5 1 key juniper</input>

[edit routing-instances]
rael@SRX240# <input>set routing-instances P1 protocols ospf area 0.0.0.0 interface lt-0/0/0.10 authentication md5 1 key juniper</input>

[edit routing-instances]
rael@SRX240# <input>commit</input>

Efter 40 sekunder dør naboskabet.

[edit routing-instances]
rael@SRX240# <input>run show ospf neighbor instance P1</input>
Address          Interface              State     ID               Pri  Dead
10.0.0.2         lt-0/0/0.1             Full      10.2.0.1         128     4
10.0.0.9         lt-0/0/0.10            Full      10.3.0.1         128     4

[edit routing-instances]
rael@SRX240# <input>run show ospf neighbor instance P1</input>
Address          Interface              State     ID               Pri  Dead
10.0.0.2         lt-0/0/0.1             Full      10.2.0.1         128     0
10.0.0.9         lt-0/0/0.10            Full      10.3.0.1         128     0

[edit routing-instances]
rael@SRX240# <input>run show ospf neighbor instance P1</input>

[edit routing-instances]
rael@SRX240#

og en lille tracefile af authentication fejl

[edit routing-instances]
rael@SRX240# run monitor start P1.ospf.debug

[edit routing-instances]
rael@SRX240#
*** P1.ospf.debug ***
Oct 16 19:14:53.334355 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 19:14:53.334590 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 19:14:53.334905 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:16:53
<notice>Oct 16 19:14:53.334987 OSPF packet ignored: authentication type mismatch (0) from 10.0.0.2</notice>
Oct 16 19:14:53.335591 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 19:14:53.335988 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 19:14:53.336272 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:16:53
Oct 16 19:14:54.230649 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 19:14:54.232642 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 19:14:54.232995 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:16:54
Oct 16 19:14:54.233590 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 19:14:54.233775 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 19:14:54.234032 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:16:54
Oct 16 19:14:55.607448 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 19:14:55.609324 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 19:14:55.609672 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:16:55
Oct 16 19:14:55.609950 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 19:14:55.610154 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 19:14:55.610404 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:16:55
<notice>Oct 16 19:14:55.610496 OSPF packet ignored: authentication type mismatch (0) from 10.0.0.9</notice>
Oct 16 19:14:56.171242 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 19:14:56.172891 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 19:14:56.173216 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:16:56
Oct 16 19:14:56.173313 OSPF periodic xmit from 10.0.0.10 to 224.0.0.5 (IFL 78 area 0.0.0.0)
Oct 16 19:14:56.173832 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 19:14:56.174037 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
<notice><-- output omitted --></notice>
Oct 16 19:15:01.747036 task_timer_uset: timer OSPF I/O./var/run/ppmd_control_PPM Hold <Touched> set to offset 2:00 at 19:17:01
Oct 16 19:15:01.748570 task_process_events: recv ready for OSPF I/O./var/run/ppmd_control
Oct 16 19:15:01.748804 tarun <input>monitor stop</input>

[edit routing-instances]
rael@SRX240#

Fuld konfiguration kan findes her

Referencer