Difference between revisions of "TDC Juniper CPE/Dynamisk routing"
m |
m (→Reference båndbredde) |
||
| Line 70: | Line 70: | ||
</source> | </source> | ||
| + | ==Tillad OSPF trafik== | ||
| + | OSPF Trafik skal selvfølgelig også tillades i vores '''host-inbound-traffic''' regl | ||
| + | <source lang=cli> | ||
| + | [edit] | ||
| + | root@SRX07# <input>show security zones security-zone untrust</input> | ||
| + | screen untrust-screen; | ||
| + | interfaces { | ||
| + | ge-0/0/0.10 { | ||
| + | host-inbound-traffic { | ||
| + | system-services { | ||
| + | dhcp; | ||
| + | tftp; | ||
| + | } | ||
| + | <notice>protocols { | ||
| + | ospf; | ||
| + | }</notice> | ||
| + | } | ||
| + | } | ||
| + | } | ||
| + | </source> | ||
| + | |||
=Links= | =Links= | ||
[https://www.juniper.net/documentation/en_US/junos14.2/topics/topic-map/ospf-traffic-control.html Examples: Configuring OSPF Traffic Control] | [https://www.juniper.net/documentation/en_US/junos14.2/topics/topic-map/ospf-traffic-control.html Examples: Configuring OSPF Traffic Control] | ||
Revision as of 23:09, 13 January 2015
I denne opgave kan du enten vælge at konfigurere OSPF eller BGP alt efter preference. Eller hvert medlem af holdet kan konfigurere hver sin protokol:-)
Contents
OSPF
Tegning findes i klassen.
Default timers:
- Hello
- 10 sekunder
- Dead
- 40 Sekunder
Implmentering
For at konfigurere OSPF på en SRX kasse skal man igennem følgende skridt:
- Konfigurer router-id
- Konfigurer OSPF interfaces
- Herunder passiv interfaces
- Sæt reference båndbredde
- Tillad OSPF i host-inbound
- Kontroller det virker
Router-ID
Konfiguration af Router-ID finder sted under router-options stanza.
Router-ID er et 32 bits streng skrevet i dotted decimal notation som en IPv4 adresse.
Router-ID kan ikke være i 0.0.0.0/8 eller 127.0.0.0/8 området.
[edit]
root@SRX240# <input>show routing-options router-id</input>
<notice>router-id 24.24.24.24;</notice>OSPF Konfiguration
Konfigurations af OSPF parametre sker under protocols ospf stanza'en
[edit]
root@SRX07# <input>show protocols ospf</input>
area 0.0.0.0 {
interface ge-0/0/0.10;
interface vlan.10 {
passive;
}
}Reference båndbredde
Default reference båndbredde ligger på 100Mbit/s, så den alle links på 100Mbit/s og over vil have en cost på 1.
Her ændrer vi den til 10Gbit/s istedet.
root@SRX240# <input>run show ospf interface detail</input>
Interface State Area DR ID BDR ID Nbrs
ge-0/0/1.10 DR 0.0.0.0 24.24.24.24 0.0.0.0 0
Type: LAN, Address: 10.64.0.1, Mask: 255.255.255.252, MTU: 1500, <notice>Cost: 1</notice>
DR addr: 10.64.0.1, Priority: 128
Adj count: 0
Hello: 10, Dead: 40, ReXmit: 5, Not Stub
Auth type: None
Protection type: None
Topology default (ID 0) -> <notice>Cost: 1</notice>
[edit]
root@SRX240# <input>set protocols ospf reference-bandwidth 10G</input>
[edit]
root@SRX240# <input>commit</input>
commit complete
[edit]
root@SRX240# run show ospf interface detail
Interface State Area DR ID BDR ID Nbrs
ge-0/0/1.10 DR 0.0.0.0 24.24.24.24 0.0.0.0 0
Type: LAN, Address: 10.64.0.1, Mask: 255.255.255.252, MTU: 1500, <notice>Cost: 10</notice>
DR addr: 10.64.0.1, Priority: 128
Adj count: 0
Hello: 10, Dead: 40, ReXmit: 5, Not Stub
Auth type: None
Protection type: None
Topology default (ID 0) -> <notice>Cost: 10</notice>Tillad OSPF trafik
OSPF Trafik skal selvfølgelig også tillades i vores host-inbound-traffic regl
[edit]
root@SRX07# <input>show security zones security-zone untrust</input>
screen untrust-screen;
interfaces {
ge-0/0/0.10 {
host-inbound-traffic {
system-services {
dhcp;
tftp;
}
<notice>protocols {
ospf;
}</notice>
}
}
}