Difference between revisions of "TDC Juniper CPE/Dynamisk routing"

From Teknologisk videncenter
Jump to: navigation, search
m (Reference båndbredde)
m (BGP)
 
(9 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
{{TOCright}}
 
I denne opgave kan du enten vælge at konfigurere OSPF eller BGP alt efter preference. Eller hvert medlem af holdet kan konfigurere hver sin protokol:-)
 
I denne opgave kan du enten vælge at konfigurere OSPF eller BGP alt efter preference. Eller hvert medlem af holdet kan konfigurere hver sin protokol:-)
 
=OSPF=
 
=OSPF=
Line 22: Line 23:
 
root@SRX240# <input>show routing-options router-id</input>
 
root@SRX240# <input>show routing-options router-id</input>
 
<notice>router-id 24.24.24.24;</notice>
 
<notice>router-id 24.24.24.24;</notice>
 +
</source>
 +
==OSPF Konfiguration==
 +
Konfigurations af OSPF parametre sker under protocols ospf stanza'en
 +
<source lang=cli>
 +
[edit]
 +
root@SRX07# <input>show protocols ospf</input>
 +
area 0.0.0.0 {
 +
    interface ge-0/0/0.10;
 +
    interface vlan.10 {
 +
        passive;
 +
    }
 +
}
 
</source>
 
</source>
 
==Reference båndbredde==
 
==Reference båndbredde==
Line 58: Line 71:
  
 
</source>
 
</source>
==OSPF Konfiguration==
+
==Tillad OSPF trafik==
Konfigurations af OSPF parametre sker under protocols ospf stanza'en
+
OSPF Trafik skal selvfølgelig også tillades i vores '''host-inbound-traffic''' regl
 
<source lang=cli>
 
<source lang=cli>
 
[edit]
 
[edit]
root@SRX07# <input>show protocols ospf</input>
+
root@SRX07# <input>show security zones security-zone untrust</input>
 +
screen untrust-screen;
 +
interfaces {
 +
    ge-0/0/0.10 {
 +
        host-inbound-traffic {
 +
            system-services {
 +
                dhcp;
 +
                tftp;
 +
            }
 +
            <notice>protocols {
 +
                ospf;
 +
            }</notice>
 +
        }
 +
    }
 +
}
 +
</source>
 +
==Fejlfinding==
 +
===Interfaces===
 +
<source lang=cli>
 +
root@SRX07> <input>show ospf interface</input>
 +
Interface          State  Area            DR ID          BDR ID          Nbrs
 +
ge-0/0/0.10        BDR    0.0.0.0        24.24.24.24    7.7.7.7            <notice>1</notice>
 +
vlan.10            DRother 0.0.0.0        0.0.0.0        0.0.0.0            0
 +
 
 +
root@SRX07> <input>show ospf interface detail</input>
 +
Interface          State  Area            DR ID          BDR ID          Nbrs
 +
ge-0/0/0.10        BDR    0.0.0.0        24.24.24.24    7.7.7.7            1
 +
  Type: LAN, Address: 10.64.0.26, Mask: 255.255.255.252, MTU: 1500, Cost: 1
 +
  DR addr: 10.64.0.25, BDR addr: 10.64.0.26, Priority: 128
 +
  <notice>Adj count: 1
 +
  Hello: 10, Dead: 40, ReXmit: 5, Not Stub</notice>
 +
  Auth type: None
 +
  Protection type: None
 +
  Topology default (ID 0) -> Cost: 1
 +
vlan.10            DRother 0.0.0.0        0.0.0.0        0.0.0.0            0
 +
  Type: LAN, Address: 10.56.10.1, Mask: 255.255.255.0, MTU: 1500, Cost: 1
 +
  Adj count: 0, Passive
 +
  Hello: 10, Dead: 40, ReXmit: 5, Not Stub
 +
  Auth type: None
 +
  Protection type: None
 +
  Topology default (ID 0) -> Passive, Cost: 1
 +
 
 +
</source>
 +
===Routing===
 +
<source lang=cli>
 +
root@SRX07> <input>show ospf route</input>
 +
Topology default Route Table:
 +
 
 +
Prefix            Path  Route      NH      Metric NextHop      Nexthop
 +
                  Type  Type      Type            Interface    Address/LSP
 +
24.24.24.24        Intra AS BR      IP            1 ge-0/0/0.10  10.64.0.25
 +
<notice>0.0.0.0/0          Ext2</notice>  Network    IP            0 ge-0/0/0.10  10.64.0.25
 +
10.56.10.0/24      Intra Network    IP            1 vlan.10
 +
<notice>10.64.0.0/30      Intra Network    IP          11 ge-0/0/0.10  10.64.0.25</notice>
 +
10.64.0.24/30      Intra Network    IP            1 ge-0/0/0.10
 +
 
 +
root@SRX07> <input>show route protocol ospf</input>
 +
 
 +
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
 +
+ = Active Route, - = Last Active, * = Both
 +
 
 +
<notice>0.0.0.0/0          *[OSPF/150] 04:12:28, metric 0, tag 0
 +
                    > to 10.64.0.25 via ge-0/0/0.10
 +
10.64.0.0/30      *[OSPF/10] 00:15:42, metric 11
 +
                    > to 10.64.0.25 via ge-0/0/0.10</notice>
 +
224.0.0.5/32      *[OSPF/10] 07:08:58, metric 1
 +
                      MultiRecv
 +
</source>
 +
===Naboer===
 +
<source lang=cli>
 +
root@SRX07> <input>show ospf neighbor</input>
 +
Address          Interface              State    ID              Pri  Dead
 +
10.64.0.25      ge-0/0/0.10            Full      24.24.24.24      128    32
 +
</source>
 +
===Pakker===
 +
Med det samme OSPF er konfigureret begynder den at sende pakker på interfaces. Hvis den ikke modtager pakker skyldes det som regl firewall politikker.
 +
<source lang=cli>
 +
root@SRX07> show ospf statistics
 +
 
 +
Packet type            Total                  Last 5 seconds
 +
                  Sent      Received        Sent      Received
 +
  <notice>Hello          1939          1791</notice>          1            0
 +
    DbD              3            2          0            0
 +
  LSReq              1            1          0            0
 +
LSUpdate              8            20          0            0
 +
  LSAck            18            7          0            0
 +
 
 +
DBDs retransmitted    :                    0, last 5 seconds :          0
 +
LSAs flooded          :                    5, last 5 seconds :          0
 +
LSAs flooded high-prio :                    2, last 5 seconds :          0
 +
LSAs retransmitted    :                    0, last 5 seconds :          0
 +
LSAs transmitted to nbr:                    1, last 5 seconds :          0
 +
LSAs requested        :                    1, last 5 seconds :          0
 +
LSAs acknowledged      :                  20, last 5 seconds :          0
 +
 
 +
Flood queue depth      :              0
 +
Total rexmit entries  :              0
 +
db summaries          :              0
 +
lsreq entries          :              0
 +
 
 +
Receive errors:
 +
  None
 +
</source>
 +
===Nabo problemer===
 +
Hvis der aldrig bliver oprettet naboskaber men pakker bliver sendt og modtaget kan vi aktivere en traceoption.
 +
<source lang=cli>
 +
root@SRX07> <input>show configuration protocols ospf</input>
 +
<notice>traceoptions {
 +
    file ospf.tr;
 +
    flag error detail;
 +
    flag event detail;
 +
}</notice>
 
area 0.0.0.0 {
 
area 0.0.0.0 {
 
     interface ge-0/0/0.10;
 
     interface ge-0/0/0.10;
Line 70: Line 194:
 
}
 
}
 
</source>
 
</source>
 +
Se filen med '''monitor start ospf.tr''' eller '''show log ospf.tr'''
 +
<source lang=cli>
 +
root@SRX07> clear ospf neighbor
 +
 +
root@SRX07> show log ospf.tr
 +
Jan 13 21:19:11.156267 RPD_OSPF_NBRDOWN: OSPF neighbor 10.64.0.25 (realm ospf-v2 ge-0/0/0.10 area 0.0.0.0) state changed from Full to Down due to KillNbr (event reason: command to clear a neighbor was issued)
 +
Jan 13 21:19:11.156662 OSPF Interface event job created at restart phase 0.
 +
Jan 13 21:19:11.157507 Interface ge-0/0/0.10 area 0.0.0.0 event NeighborChange
 +
Jan 13 21:19:11.160539 OSPF Interface event job processed 1 events.
 +
Jan 13 21:19:11.160638 OSPF Interface event job deleted.
 +
Jan 13 21:19:11.162147 OSPF neighbor 10.64.0.25 (IFL 71, area 0.0.0.0, rtbl idx 0) deleted
 +
Jan 13 21:19:11.171780 OSPF programmed periodic xmit from 10.64.0.26 to 224.0.0.5 (IFL 71, area 0.0.0.0, ID 0.0.0.0, rtbl idx 0) interval 10 0
 +
Jan 13 21:19:11.179759 RPD_OSPF_NBRUP: OSPF neighbor 10.64.0.25 (realm ospf-v2 ge-0/0/0.10 area 0.0.0.0) state changed from Init to ExStart due to 2WayRcvd (event reason: neighbor detected this router)
 +
Jan 13 21:19:11.179873 OSPF Interface event job created at restart phase 0.
 +
Jan 13 21:19:11.180455 Interface ge-0/0/0.10 area 0.0.0.0 event NeighborChange
 +
Jan 13 21:19:11.180932 OSPF Interface event job processed 1 events.
 +
Jan 13 21:19:11.181003 OSPF Interface event job deleted.
 +
Jan 13 21:19:11.186901 OSPF neighbor 10.64.0.25 (IFL 71, area 0.0.0.0, rtbl idx 0) set, 40 0
 +
Jan 13 21:19:11.187271 OSPF programmed periodic xmit from 10.64.0.26 to 224.0.0.5 (IFL 71, area 0.0.0.0, ID 0.0.0.0, rtbl idx 0) interval 10 0
 +
Jan 13 21:19:11.189557 OSPF programmed periodic xmit from 10.64.0.26 to 224.0.0.5 (IFL 71, area 0.0.0.0, ID 0.0.0.0, rtbl idx 0) interval 10 0
 +
Jan 13 21:19:11.272292 RPD_OSPF_NBRUP: OSPF neighbor 10.64.0.25 (realm ospf-v2 ge-0/0/0.10 area 0.0.0.0) state changed from Loading to Full due to LoadDone (event reason: OSPF loading completed)
 +
 +
</source>
 +
=BGP=
 +
'''Tegning findes i klassen'''<br/>
 +
Følg denne [[BGP JUNOS|Guide]] men glem alt omkring IPv6.<br/>
 +
'''Vær opmærksom på at guiden arbejder i packet-based flow'''
  
 
=Links=
 
=Links=
 
[https://www.juniper.net/documentation/en_US/junos14.2/topics/topic-map/ospf-traffic-control.html Examples: Configuring OSPF Traffic Control]
 
[https://www.juniper.net/documentation/en_US/junos14.2/topics/topic-map/ospf-traffic-control.html Examples: Configuring OSPF Traffic Control]
 +
[[OSPF_JUNOS]]
 +
=Referencer=
 +
<references/>
 +
{{Source cli}}
 +
 +
[[Category:TDC Juniper CPE]]

Latest revision as of 14:40, 14 January 2015

I denne opgave kan du enten vælge at konfigurere OSPF eller BGP alt efter preference. Eller hvert medlem af holdet kan konfigurere hver sin protokol:-)

OSPF

Tegning findes i klassen.
Default timers:

Hello
10 sekunder
Dead
40 Sekunder

Implmentering

For at konfigurere OSPF på en SRX kasse skal man igennem følgende skridt:

  1. Konfigurer router-id
  2. Konfigurer OSPF interfaces
    1. Herunder passiv interfaces
  3. Sæt reference båndbredde
  4. Tillad OSPF i host-inbound
  5. Kontroller det virker

Router-ID

Konfiguration af Router-ID finder sted under router-options stanza.
Router-ID er et 32 bits streng skrevet i dotted decimal notation som en IPv4 adresse.
Router-ID kan ikke være i 0.0.0.0/8 eller 127.0.0.0/8 området.

[edit]
root@SRX240# <input>show routing-options router-id</input>
<notice>router-id 24.24.24.24;</notice>

OSPF Konfiguration

Konfigurations af OSPF parametre sker under protocols ospf stanza'en

[edit]
root@SRX07# <input>show protocols ospf</input>
area 0.0.0.0 {
    interface ge-0/0/0.10;
    interface vlan.10 {
        passive;
    }
}

Reference båndbredde

Default reference båndbredde ligger på 100Mbit/s, så den alle links på 100Mbit/s og over vil have en cost på 1.
Her ændrer vi den til 10Gbit/s istedet.

root@SRX240# <input>run show ospf interface detail</input>
Interface           State   Area            DR ID           BDR ID          Nbrs
ge-0/0/1.10         DR      0.0.0.0         24.24.24.24     0.0.0.0            0
  Type: LAN, Address: 10.64.0.1, Mask: 255.255.255.252, MTU: 1500, <notice>Cost: 1</notice>
  DR addr: 10.64.0.1, Priority: 128
  Adj count: 0
  Hello: 10, Dead: 40, ReXmit: 5, Not Stub
  Auth type: None
  Protection type: None
  Topology default (ID 0) -> <notice>Cost: 1</notice>

[edit]
root@SRX240# <input>set protocols ospf reference-bandwidth 10G</input>

[edit]
root@SRX240# <input>commit</input>
commit complete

[edit]
root@SRX240# run show ospf interface detail
Interface           State   Area            DR ID           BDR ID          Nbrs
ge-0/0/1.10         DR      0.0.0.0         24.24.24.24     0.0.0.0            0
  Type: LAN, Address: 10.64.0.1, Mask: 255.255.255.252, MTU: 1500, <notice>Cost: 10</notice>
  DR addr: 10.64.0.1, Priority: 128
  Adj count: 0
  Hello: 10, Dead: 40, ReXmit: 5, Not Stub
  Auth type: None
  Protection type: None
  Topology default (ID 0) -> <notice>Cost: 10</notice>

Tillad OSPF trafik

OSPF Trafik skal selvfølgelig også tillades i vores host-inbound-traffic regl

[edit]
root@SRX07# <input>show security zones security-zone untrust</input>
screen untrust-screen;
interfaces {
    ge-0/0/0.10 {
        host-inbound-traffic {
            system-services {
                dhcp;
                tftp;
            }
            <notice>protocols {
                ospf;
            }</notice>
        }
    }
}

Fejlfinding

Interfaces

root@SRX07> <input>show ospf interface</input>
Interface           State   Area            DR ID           BDR ID          Nbrs
ge-0/0/0.10         BDR     0.0.0.0         24.24.24.24     7.7.7.7            <notice>1</notice>
vlan.10             DRother 0.0.0.0         0.0.0.0         0.0.0.0            0

root@SRX07> <input>show ospf interface detail</input>
Interface           State   Area            DR ID           BDR ID          Nbrs
ge-0/0/0.10         BDR     0.0.0.0         24.24.24.24     7.7.7.7            1
  Type: LAN, Address: 10.64.0.26, Mask: 255.255.255.252, MTU: 1500, Cost: 1
  DR addr: 10.64.0.25, BDR addr: 10.64.0.26, Priority: 128
  <notice>Adj count: 1
  Hello: 10, Dead: 40, ReXmit: 5, Not Stub</notice>
  Auth type: None
  Protection type: None
  Topology default (ID 0) -> Cost: 1
vlan.10             DRother 0.0.0.0         0.0.0.0         0.0.0.0            0
  Type: LAN, Address: 10.56.10.1, Mask: 255.255.255.0, MTU: 1500, Cost: 1
  Adj count: 0, Passive
  Hello: 10, Dead: 40, ReXmit: 5, Not Stub
  Auth type: None
  Protection type: None
  Topology default (ID 0) -> Passive, Cost: 1

Routing

root@SRX07> <input>show ospf route</input>
Topology default Route Table:

Prefix             Path  Route      NH       Metric NextHop       Nexthop
                   Type  Type       Type            Interface     Address/LSP
24.24.24.24        Intra AS BR      IP            1 ge-0/0/0.10   10.64.0.25
<notice>0.0.0.0/0          Ext2</notice>  Network    IP            0 ge-0/0/0.10   10.64.0.25
10.56.10.0/24      Intra Network    IP            1 vlan.10
<notice>10.64.0.0/30       Intra Network    IP           11 ge-0/0/0.10   10.64.0.25</notice>
10.64.0.24/30      Intra Network    IP            1 ge-0/0/0.10

root@SRX07> <input>show route protocol ospf</input>

inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

<notice>0.0.0.0/0          *[OSPF/150] 04:12:28, metric 0, tag 0
                    > to 10.64.0.25 via ge-0/0/0.10
10.64.0.0/30       *[OSPF/10] 00:15:42, metric 11
                    > to 10.64.0.25 via ge-0/0/0.10</notice>
224.0.0.5/32       *[OSPF/10] 07:08:58, metric 1
                      MultiRecv

Naboer

root@SRX07> <input>show ospf neighbor</input>
Address          Interface              State     ID               Pri  Dead
10.64.0.25       ge-0/0/0.10            Full      24.24.24.24      128    32

Pakker

Med det samme OSPF er konfigureret begynder den at sende pakker på interfaces. Hvis den ikke modtager pakker skyldes det som regl firewall politikker.

root@SRX07> show ospf statistics

Packet type             Total                  Last 5 seconds
                   Sent      Received        Sent      Received
   <notice>Hello           1939          1791</notice>           1             0
     DbD              3             2           0             0
   LSReq              1             1           0             0
LSUpdate              8            20           0             0
   LSAck             18             7           0             0

DBDs retransmitted     :                    0, last 5 seconds :          0
LSAs flooded           :                    5, last 5 seconds :          0
LSAs flooded high-prio :                    2, last 5 seconds :          0
LSAs retransmitted     :                    0, last 5 seconds :          0
LSAs transmitted to nbr:                    1, last 5 seconds :          0
LSAs requested         :                    1, last 5 seconds :          0
LSAs acknowledged      :                   20, last 5 seconds :          0

Flood queue depth      :               0
Total rexmit entries   :               0
db summaries           :               0
lsreq entries          :               0

Receive errors:
  None

Nabo problemer

Hvis der aldrig bliver oprettet naboskaber men pakker bliver sendt og modtaget kan vi aktivere en traceoption.

root@SRX07> <input>show configuration protocols ospf</input>
<notice>traceoptions {
    file ospf.tr;
    flag error detail;
    flag event detail;
}</notice>
area 0.0.0.0 {
    interface ge-0/0/0.10;
    interface vlan.10 {
        passive;
    }
}

Se filen med monitor start ospf.tr eller show log ospf.tr

root@SRX07> clear ospf neighbor

root@SRX07> show log ospf.tr
Jan 13 21:19:11.156267 RPD_OSPF_NBRDOWN: OSPF neighbor 10.64.0.25 (realm ospf-v2 ge-0/0/0.10 area 0.0.0.0) state changed from Full to Down due to KillNbr (event reason: command to clear a neighbor was issued)
Jan 13 21:19:11.156662 OSPF Interface event job created at restart phase 0.
Jan 13 21:19:11.157507 Interface ge-0/0/0.10 area 0.0.0.0 event NeighborChange
Jan 13 21:19:11.160539 OSPF Interface event job processed 1 events.
Jan 13 21:19:11.160638 OSPF Interface event job deleted.
Jan 13 21:19:11.162147 OSPF neighbor 10.64.0.25 (IFL 71, area 0.0.0.0, rtbl idx 0) deleted
Jan 13 21:19:11.171780 OSPF programmed periodic xmit from 10.64.0.26 to 224.0.0.5 (IFL 71, area 0.0.0.0, ID 0.0.0.0, rtbl idx 0) interval 10 0
Jan 13 21:19:11.179759 RPD_OSPF_NBRUP: OSPF neighbor 10.64.0.25 (realm ospf-v2 ge-0/0/0.10 area 0.0.0.0) state changed from Init to ExStart due to 2WayRcvd (event reason: neighbor detected this router)
Jan 13 21:19:11.179873 OSPF Interface event job created at restart phase 0.
Jan 13 21:19:11.180455 Interface ge-0/0/0.10 area 0.0.0.0 event NeighborChange
Jan 13 21:19:11.180932 OSPF Interface event job processed 1 events.
Jan 13 21:19:11.181003 OSPF Interface event job deleted.
Jan 13 21:19:11.186901 OSPF neighbor 10.64.0.25 (IFL 71, area 0.0.0.0, rtbl idx 0) set, 40 0
Jan 13 21:19:11.187271 OSPF programmed periodic xmit from 10.64.0.26 to 224.0.0.5 (IFL 71, area 0.0.0.0, ID 0.0.0.0, rtbl idx 0) interval 10 0
Jan 13 21:19:11.189557 OSPF programmed periodic xmit from 10.64.0.26 to 224.0.0.5 (IFL 71, area 0.0.0.0, ID 0.0.0.0, rtbl idx 0) interval 10 0
Jan 13 21:19:11.272292 RPD_OSPF_NBRUP: OSPF neighbor 10.64.0.25 (realm ospf-v2 ge-0/0/0.10 area 0.0.0.0) state changed from Loading to Full due to LoadDone (event reason: OSPF loading completed)

BGP

Tegning findes i klassen
Følg denne Guide men glem alt omkring IPv6.
Vær opmærksom på at guiden arbejder i packet-based flow

Links

Examples: Configuring OSPF Traffic Control OSPF_JUNOS

Referencer