ajer_11.a-r_lgd

Advanced Junos Enterprise 1194 North Mathilda Avenue

Worldwide Education ServicesWorldwide Education Services

Routing11.a

Detailed Lab GuideSunnyvale, CA 94089USA408-745-2000www.juniper.net

Course Number: EDU-JUN-AJER

This document is produced by Juniper Networks, Inc.

This document or any part thereof may not be reproduced or transmitted in any form under penalty of law, without the prior written permission of Juniper Networks Education Services.

Juniper Networks, Junos, Steel-Belted Radius, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. The Juniper Networks Logo, the Junos logo, and JunosE are trademarks of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.

Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.

YEAR 2000 NOTICE

Juniper Networks hardware and software products do not suffer from Year 2000 problems and hence are Year 2000 compliant. The Junos operating system has no known time-related limitations through the year 2038. However, the NTP application is known to have some difficulty in the year 2036.

SOFTWARE LICENSE

The terms and conditions for using Juniper Networks software are described in the software license provided with the software, or to the extent applicable, in an agreement executed between you and Juniper Networks, or Juniper Networks agent. By using Juniper Networks software, you indicate that you understand and agree to be bound by its license terms and conditions. Generally speaking, the software license restricts the manner in which you are permitted to use the Juniper Networks software, may contain prohibitions against certain uses, and may state conditions under which the license is automatically terminated. You should consult the software license for further details.

Advanced Junos Enterprise Routing Detailed Lab Guide, Revision 11.a

Copyright 2012 Juniper Networks, Inc. All rights reserved.

Printed in USA.

Revision History:

Revision 10.aMarch 2011.

Revision 11.aApril 2012.

The information in this document is current as of the date listed above.

The information in this document has been carefully verified and is believed to be accurate for software Release 11.4R1.6. Juniper Networks assumes no responsibilities for any inaccuracies that may appear in this document. In no event will Juniper Networks be liable for direct, indirect, special, exemplary, incidental, or consequential damages resulting from any defect or omission in this document, even if advised of the possibility of such damages.

Contents

Lab 1: Configuring and Monitoring OSPF (Detailed) . . . . . . . . . . . . . . . . . . . . . . . . . 1-1Part 1: Configuring and Monitoring OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2Part 2: Configuring OSPF Cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6Part 3: Configuring OSPF Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-15

Lab 2: Configuring and Monitoring OSPF Areas and Route Summarization (Detailed) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1Part 1: Configuring a Stub Area . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2Part 2: Configuring an NSSA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-9

Lab 3: Configuring and Monitoring Routing Policy and Advanced OSPF Options (Detailed) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1Part 1: Establishing the OSPF Adjacencies and Creating a Virtual Tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2Part 2: Configuring OSPF Multiarea . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7Part 3: Configuring External Reachability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-11

Lab 4: Implementing BGP (Detailed) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1Part 1: Loading the Baseline Interface and OSPF Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2Part 2: Configuring IBGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5Part 3: Configuring and Monitoring EBGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-10Part 4: Configuring BGP Multipath . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-21Part 5: Configuring BGP Multihop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-27

Lab 5: BGP Attributes (Detailed) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1Part 1: Loading the Initial Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2Part 2: Configuring BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3Part 3: Configuring Next-Hop Self Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5Part 4: Using Policy to Avoid Becoming a Transit AS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7Part 5: Manipulating Attributes with Policy to Influence Inbound Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10Part 6: Manipulating Local Preference with an Import Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-15Part 7: Aggregating Routes and Using Well-Known Communities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-17

Lab 6: Implementing Enterprise Routing Policies (Detailed) . . . . . . . . . . . . . . . . . . 6-1Part 1: Loading the Initial Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2Part 2: Configuring BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-3Part 3: Implementing a Strict Primary/Secondary Routing Policy for Outbound Traffic . . . . . . . . . . . . . . . . . 6-5Part 4: Implementing a Primary/Secondary Routing Policy for Inbound Traffic . . . . . . . . . . . . . . . . . . . . . . . 6-9Part 5: Implementing a Loose Primary/Secondary Routing Policy for Outbound Traffic . . . . . . . . . . . . . . . 6-13Part 6: Implementing Per-Prefix Load Sharing Outbound Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-15Part 7: Implementing Per-Prefix Load Sharing for Inbound Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-19

Lab 7: Implementing PIM-SM (Detailed) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1Part 1: Loading the Baseline Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2Part 2: Configuring IGMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-6Part 3: Configuring PIM-SM with Static RP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-11Part 4: Configuring PIM-SM with the BSR mechanism . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-16www.juniper.net Contents iii

Lab 8: Implementing SSM (Detailed) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1Part 1: Disabling the Use of RPs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-2Part 2: Configuring IGMPv3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-4Part 3: Viewing PIM-SM SSM Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-8Part 4: Configuring an ssm-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-9

Lab 9: Implementing CoS Features in the Enterprise (Detailed) . . . . . . . . . . . . . . . 9-1Part 1: Loading the Initial Configuration and Accessing the CoS Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-2Part 2: Configuring Traffic Classification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-3Part 3: Configuring Policers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-8Part 4: Configuring and Testing Schedulers and Drop Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-11Part 5: Configuring and Testing a Rewrite Marker . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-17

Lab 10: BGP Route Reflection (Detailed) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1Part 1: Loading the Initial Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-2Part 2: Verifying Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-3Part 3: Converting to Route Reflectors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-6Part 4: Adding a New Router to the Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-14

Appendix A: Lab Diagrams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-1iv Contents www.juniper.net

Course Overview

This three-day course is designed to provide students with the tools required for implementing, monitoring, and troubleshooting Layer 3 components in an enterprise network. Detailed coverage of OSPF, BGP, class of service (CoS), and multicast is strongly emphasized.

Through demonstrations and hands-on labs, students will gain experience in configuring and monitoring the Junos operating system and in monitoring device and protocol operations.

Objectives

After successfully completing this course, you should be able to:

Describe the various OSPF link-state advertisement (LSA) types.

Explain the flooding of LSAs in an OSPF network.

Describe the shortest-path-first (SPF) algorithm.

Describe OSPF area types and operations.

Configure various OSPF area types.

Summarize and restrict routes.

Identify scenarios that require routing policy or specific configuration options.

Use routing policy and specific configuration options to implement solutions for various scenarios.

Describe basic BGP operation and common BGP attributes.

Explain the route selection process for BGP.

Describe how to alter the route selection process.

Configure some advanced options for BGP peers.

Describe various BGP attributes in detail and explain the operation of those attributes.

Manipulate BGP attributes using routing policy.

Describe common routing policies used in the enterprise environment.

Explain how attribute modifications affect routing decisions.

Implement a routing policy for inbound and outbound traffic using BGP.

Identify environments that may require a modified CoS implementation.

Describe the various CoS components and their respective functions.

Explain the CoS processing along with CoS defaults on SRX Series Services Gateways.

Describe situations when some CoS features are used in the enterprise.

Implement some CoS features in an enterprise environment.

Describe IP multicast traffic flow.

Identify the components of IP multicast.

Explain how IP multicast addressing works.

Describe the need for reverse path forwarding (RPF) in multicast.

Explain the role of Internet Group Management Protocol (IGMP) and describe the available IGMP versions.

Configure and monitor IGMP.

Identify common multicast routing protocols.

Describe rendezvous point (RP) discovery options.

Configure and monitor Physical Interface Module (PIM) sparse modes.www.juniper.net Course Overview v

Configure and monitor RP discovery mechanisms.

Describe the basic requirements, benefits, and caveats of source-specific multicast (SSM).

List the address ranges used for SSM.

Illustrate the role of Internet Group Management Protocol version 3 (IGMPv3) and PIM sparse mode (PIM-SM) in an SSM implementation.

Configure and monitor SSM.

Intended Audience

This course benefits individuals responsible for configuring and monitoring devices running the Junos OS.

Course Level

Advanced Junos Enterprise Routing is an advanced-level course.

Prerequisites

Students should have basic networking knowledge and an understanding of the Open Systems Interconnection (OSI) model and the TCP/IP protocol suite. Students should also have working experience with basic routing principles.

Students should also attend the Introduction to the Junos Operating System (IJOS), Junos Routing Essentials (JRE), and Junos Intermediate Routing (JIR) courses prior to attending this class.vi Course Overview www.juniper.net

Course Agenda

Day 1

Chapter 1: Course Introduction

Chapter 2: OSPF

Lab 1: Configuring and Monitoring OSPF

Chapter 3: OSPF Areas

Lab 2: Configuring and Monitoring OSPF Areas and Route Summarization

Chapter 4: OSPF Case Studies and Solutions

Lab 3: Configuring and Monitoring Routing Policy and Advanced OSPF Options

Day 2

Chapter 5: BGP

Lab 4: Implementing BGP

Chapter 6: BGP Attributes and Policy

Lab 5: BGP Attributes

Chapter 7: Enterprise Routing Policies

Lab 6: Implementing Enterprise Routing Policies

Day 3

Chapter 8: Introduction to Multicast

Chapter 9: Multicast Routing Protocols and SSM

Lab 7: Implementing PIM-SM

Lab 8: Implementing SSM

Chapter 10: Class of Service

Lab 9: Implementing CoS Features in the Enterprise

Appendix A: BGP Route Reflection

Lab 10: BGP Route Reflection (Optional)www.juniper.net Course Agenda vii

Document Conventions

CLI and GUI Text

Frequently throughout this course, we refer to text that appears in a command-line interface (CLI) or a graphical user interface (GUI). To make the language of these documents easier to read, we distinguish GUI and CLI text from chapter text according to the following table.

Input Text Versus Output Text

You will also frequently see cases where you must enter input text yourself. Often these instances will be shown in the context of where you must enter them. We use bold style to distinguish text that is input versus text that is simply displayed.

Defined and Undefined Syntax Variables

Finally, this course distinguishes between regular text and syntax variables, and it also distinguishes between syntax variables where the value is already assigned (defined variables) and syntax variables where you must assign the value (undefined variables). Note that these styles can be combined with the input style as well.

Style Description Usage Example

Franklin Gothic Normal text. Most of what you read in the Lab Guide and Student Guide.

Courier New Console text: Screen captures

Noncommand-related syntax

GUI text elements:

Menu names

Text field entry

commit complete

Exiting configuration mode

Select File > Open, and then click Configuration.conf in the Filename text box.


Normal CLINormal GUI

No distinguishing variant. Physical interface:fxp0, EnabledView configuration history by clicking Configuration > History.

CLI InputGUI Input

Text that you must enter. lab@San_Jose> show routeSelect File > Save, and type config.ini in the Filename field.


CLI Variable

GUI Variable

Text where variable value is already assigned.

policy my-peersClick my-peers in the dialog.

CLI Undefined

GUI Undefined

Text where the variables value is the users discretion or text where the variables value as shown in the lab guide might differ from the value the user must input according to the lab topology.

Type set policy policy-name.ping 10.0.x.ySelect File > Save, and type filename in the Filename field.viii Document Conventions www.juniper.net

Additional Information

Education Services Offerings

You can obtain information on the latest Education Services offerings, course dates, and class locations from the World Wide Web by pointing your Web browser to: http://www.juniper.net/training/education/.

About This Publication

The Advanced Junos Enterprise Routing Detailed Lab Guide was developed and tested using software Release 11.4R1.6. Previous and later versions of software might behave differently so you should always consult the documentation and release notes for the version of code you are running before reporting errors.

This document is written and maintained by the Juniper Networks Education Services development team. Please send questions and suggestions for improvement to [email protected].

Technical Publications

You can print technical manuals and release notes directly from the Internet in a variety of formats:

Go to http://www.juniper.net/techpubs/.

Locate the specific software or hardware release and title you need, and choose the format in which you want to view or print the document.

Documentation sets and CDs are available through your local Juniper Networks sales office or account representative.

Juniper Networks Support

For technical support, contact Juniper Networks at http://www.juniper.net/customers/support/, or at 1-888-314-JTAC (within the United States) or 408-745-2121 (from outside the United States).www.juniper.net Additional Information ix

x Additional Information www.juniper.net

Lab 1Configuring and Monitoring OSPF (Detailed)

Overview

This lab demonstrates configuration and monitoring of the OSPF protocol. In this lab, you use the command-line interface (CLI) to configure, monitor, and troubleshoot OSPF.

The lab is available in two formats: a high-level format designed to make you think through each step and a detailed format that offers step-by-step instructions complete with sample output from most commands.

By completing this lab, you will perform the following tasks:

Configure a multiarea OSPF network.

Configure link costs and reference-bandwidth.

Overload a router.

Configure and troubleshoot OSPF authentication.www.juniper.net Configuring and Monitoring OSPF (Detailed) Lab 1111.a.11.4R1.6

Advanced Junos Enterprise RoutingPart 1: Configuring and Monitoring OSPF

In this lab part, you configure and monitor a multiarea OSPF network. You will first prepare your device by loading a reset config located on your device. Next, you define a router ID for your assigned device. You then configure your device to participate in a multiarea OSPF network and verify operations using CLI operational mode commands.

Step 1.1

Ensure that you know to which student device you have been assigned. Check with your instructor if you are not certain. Consult the management network diagram to determine the management address of your student device.

Question: What is the management address assigned to your station?

Answer: The answer varies. The sample hostname and IP address used in the output examples in this lab are for srxA-1, which uses 10.210.14.131 as its management IP address. The actual management subnet varies between delivery environments.

Step 1.2

Access the CLI on your student device using either the console, Telnet, or SSH as directed by your instructor. Refer to the management network diagram for the IP address associated with your student device. The following example uses a simple Telnet access to srxA-1 with the Secure CRT program as a basis:

Note

The instructor will tell you the nature of your access and will provide you with the necessary details to access your assigned device.Lab 12 Configuring and Monitoring OSPF (Detailed) www.juniper.net

Advanced Junos Enterprise RoutingStep 1.3

Log in to the student device with the username lab using a password of lab123. Note that both the name and password are case-sensitive. Enter configuration mode and load the reset configuration file using theload override /var/home/lab/ajer/reset.config command. After the configuration has been loaded, commit the changes before proceeding.

srxA-1 (ttyu0)

login: labPassword:

--- JUNOS 11.4R1.6 built 2011-11-15 12:44:14 UTClab@srxA-1> configure Entering configuration mode

[edit]lab@srxA-1# load override ajer/reset.config load complete

[edit]lab@srxA-1# commit commit complete

[edit]lab@srxA-1# Step 1.4

Navigate to the [edit routing-options] hierarchy and configure the router ID on your router using the IP address assigned to the lo0 interface as the input value.

[edit]lab@srxA-1# edit routing-options[edit routing-options]lab@srxA-1# set router-id address[edit routing-options]lab@srxA-1#Step 1.5

Navigate to the [edit protocols ospf] hierarchy and configure the interfaces necessary for OSPF Area 0. Refer to the network diagram as needed and remember to include the loopback interface, lo0.0. On the ge-0/0/1 interface, use the interface-type p2p option to speed up its adjacency time.

[edit routing-options]lab@srxA-1# top edit protocols ospf [edit protocols ospf]lab@srxA-1# set area 0 interface lo0.0 [edit protocols ospf]lab@srxA-1# set area 0 interface ge-0/0/1.0 interface-type p2pwww.juniper.net Configuring and Monitoring OSPF (Detailed) Lab 13

Advanced Junos Enterprise Routing[edit protocols ospf]lab@srxA-1# set area 0 interface ge-0/0/2.0[edit protocols ospf]lab@srxA-1#

Step 1.6

Activate the configuration and quickly issue the run show ospf neighbor command.

[edit protocols ospf]lab@srxA-1# commit commit complete

[edit protocols ospf]lab@srxA-1# run show ospf neighbor Address Interface State ID Pri Dead172.20.77.2 ge-0/0/1.0 Full 192.168.2.1 128 38172.20.66.2 ge-0/0/2.0 2Way 192.168.2.1 128 39

Question: Which neighbor states are shown for the listed interfaces and why?

Answer: The neighbor state for the ge-0/0/1.0 should immediately show Full and the ge-0/0/2.0 interface should be in 2Way or ExStart as shown in the previous sample output.

Question: Why did the ge-0/0/1.0 interface form its adjacency more quickly than the ge-0/0/2.0 interface?

Answer: Adding the interface-type p2p option to a link tells OSPF not to perform a DR/BDR election on that link. This can save up to 40 seconds of wait time for the adjacency to form. Another benefit of the interface-type p2p option is that no Type 3 LSA is generated describing the multiaccess segment. This can help to reduce the size of the OSPF link-state database (LSDB).

Note

Before proceeding, ensure that the remote student team in your pod finishes the previous step.Lab 14 Configuring and Monitoring OSPF (Detailed) www.juniper.net


Issue the run show ospf interface command to view the interface states.[edit protocols ospf]lab@srxA-1# run show ospf interfaceInterface State Area DR ID BDR ID Nbrsge-0/0/1.0 PtToPt 0.0.0.0 0.0.0.0 0.0.0.0 1ge-0/0/2.0 BDR 0.0.0.0 192.168.2.1 192.168.1.1 1lo0.0 DR 0.0.0.0 192.168.1.1 0.0.0.0 0

Question: What are the states of the two ethernet interfaces and what do they mean?

Answer: The ge-0/0/1.0 interface has a state of PtToPt because we configured it using the interface-type p2p option. No OSPF election occurred on this link, as shown by the 0.0.0.0 values in the DR ID and BDR ID fields. The output for the ge-0/0/2.0 interface might vary. The example output shows a state of BDR indicating this router was elected as the backup designated router for this segment.

Step 1.8

Issue the run show ospf neighbor command again to verify the current OSPF adjacency details.

[edit protocols ospf]lab@srxA-1# run show ospf neighbor Address Interface State ID Pri Dead172.20.77.2 ge-0/0/1.0 Full 192.168.2.1 128 37172.20.66.2 ge-0/0/2.0 Full 192.168.2.1 128 37

Question: How many OSPF neighbors exist and what are the states of those adjacencies?

Answer: You should eventually see two OSPF neighbors in the Full adjacency state. If you do not see two OSPF neighbors in the Full adjacency state, check your configuration and, if necessary, work with the instructor.www.juniper.net Configuring and Monitoring OSPF (Detailed) Lab 15

Advanced Junos Enterprise Routing STOP Do not proceed until the remote team finishes Part 1.

Part 2: Configuring OSPF Cost

In this lab part, you configure OSPF link costs, or metrics, on the student devices and check your changes using CLI operational mode commands. In subsequent steps, the words cost and metric are used interchangeably.

Step 2.1

Display routes advertised to and received from OSPF using the run show ospf route command.

[edit protocols ospf]lab@srxA-1# run show ospf route Topology default Route Table:

Prefix Path Route NH Metric NextHop Nexthop Type Type Type Interface Address/LSP192.168.2.1 Intra Router IP 1 ge-0/0/1.0 172.20.77.2 ge-0/0/2.0 172.20.66.2172.20.66.0/30 Intra Network IP 1 ge-0/0/2.0172.20.77.0/30 Intra Network IP 1 ge-0/0/1.0192.168.1.1/32 Intra Network IP 0 lo0.0192.168.2.1/32 Intra Network IP 1 ge-0/0/1.0 172.20.77.2 ge-0/0/2.0 172.20.66.2

Question: What is the current metric associated with the displayed OSPF routes?

Answer: With the exception of the OSPF route for the local devices loopback address, all OSPF routes should show a metric of one (1). The metric for the locally defined loopback address should be zero (0).Lab 16 Configuring and Monitoring OSPF (Detailed) www.juniper.net

Advanced Junos Enterprise RoutingQuestion: Why does the output show two entries with the same prefix?

Answer: The two entries with the same prefix information represent the router ID and IP address assigned to the remote team device. In the example shown in the previous output, the 192.168.2.1 Router entry is associated with the router ID, whereas the 192.168.2.1/32 Network entry is the IP address assigned to the lo0.0 interface of the remote team device.

Step 2.2

Associate a metric of 100 with the ge-0/0/2.0 interface. Activate the change and reissue the run show ospf route command.

[edit protocols ospf]lab@srxA-1# set area 0 interface ge-0/0/2.0 metric 100 [edit protocols ospf]lab@srxA-1# commit commit complete

[edit protocols ospf]lab@srxA-1# run show ospf route Topology default Route Table:

Prefix Path Route NH Metric NextHop Nexthop Type Type Type Interface Address/LSP192.168.2.1 Intra Router IP 1 ge-0/0/1.0 172.20.77.2172.20.66.0/30 Intra Network IP 100 ge-0/0/2.0172.20.77.0/30 Intra Network IP 1 ge-0/0/1.0192.168.1.1/32 Intra Network IP 0 lo0.0192.168.2.1/32 Intra Network IP 1 ge-0/0/1.0 172.20.77.2

Question: What is the current metric associated with the 172.20.66.0/30 OSPF route?

Answer: The metric for the referenced prefix should now show 100; previously, it was 1.www.juniper.net Configuring and Monitoring OSPF (Detailed) Lab 17

Advanced Junos Enterprise RoutingQuestion: What was the effect of the increased metric on the route associated with the remote student devices loopback address?

Answer: Because the ge-0/0/2.0 interface now has a higher metric or cost, the route associated with the remote student devices loopback lists only the ge-0/0/1.0 interface as the next-hop interface; previously, both ge-0/0/1.0 and ge-0/0/2.0 were next-hops because they had the same metric.

Step 2.3

Another method to view the metric of an interface is the show ospf interface detail command. Issue a run show ospf interface ge-0/0/2.0 detail command to view its output.

[edit protocols ospf]lab@srxA-1# run show ospf interface ge-0/0/2.0 detail Interface State Area DR ID BDR ID Nbrsge-0/0/2.0 BDR 0.0.0.0 192.168.2.1 192.168.1.1 1 Type: LAN, Address: 172.20.66.1, Mask: 255.255.255.252, MTU: 1500, Cost: 100 DR addr: 172.20.66.2, BDR addr: 172.20.66.1, Priority: 128 Adj count: 1 Hello: 10, Dead: 40, ReXmit: 5, Not Stub Auth type: None Protection type: None Topology default (ID 0) -> Cost: 100Step 2.4

Because we are using Gigabit Ethernet interfaces in the network, change the reference-bandwidth to 10g. Activate the change and issue the run show ospf route command to view the changes.

[edit protocols ospf]lab@srxA-1# set reference-bandwidth 10g[edit protocols ospf]lab@srxA-1# commit commit complete

[edit protocols ospf]lab@srxA-1# run show ospf routeTopology default Route Table:

Prefix Path Route NH Metric NextHop Nexthop Type Type Type Interface Address/LSP192.168.2.1 Intra Router IP 10 ge-0/0/1.0 172.20.77.2172.20.66.0/30 Intra Network IP 100 ge-0/0/2.0172.20.77.0/30 Intra Network IP 10 ge-0/0/1.0192.168.1.1/32 Intra Network IP 0 lo0.0192.168.2.1/32 Intra Network IP 10 ge-0/0/1.0 172.20.77.2

Lab 18 Configuring and Monitoring OSPF (Detailed) www.juniper.net

Advanced Junos Enterprise RoutingQuestion: What was the effect of setting the reference-bandwidth to 10g?

Answer: The ge-0/0/1.0 interfaces metric increased to 10 (from 1) because of the changes made to the reference-bandwidth setting.

Question: Why did the metric associated with ge-0/0/2.0 remain unchanged?

Answer: Recall that we manually set the metric for the ge-0/0/2.0 interface. Interfaces that have their metric manually configured are unaffected by changes made by the reference-bandwidth setting.

Step 2.5

Configure your assigned device to function as an area border router (ABR), joining Area 0 with a second area. Refer to the network diagram for the area and interface details. When complete, activate the configuration changes using the commit command.

[edit protocols ospf]lab@srxA-1# set area area interface ge-0/0/4.unit [edit protocols ospf]lab@srxA-1# commitcommit completeStep 2.6

Issue the run show ospf neighbor command to verify the current OSPF adjacency details.

[edit protocols ospf]lab@srxA-1# run show ospf neighbor Address Interface State ID Pri Dead172.20.77.2 ge-0/0/1.0 Full 192.168.2.1 128 37172.20.66.2 ge-0/0/2.0 Full 192.168.2.1 128 37172.20.111.10 ge-0/0/4.111 Full 192.168.1.2 128 31www.juniper.net Configuring and Monitoring OSPF (Detailed) Lab 19

Advanced Junos Enterprise RoutingQuestion: How many OSPF neighbors exist and what are the states of those adjacencies?

Answer: You should now see three OSPF neighbors and they should each be in the Full adjacency state. If you do not see three OSPF neighbors in the Full adjacency state, check your configuration and, if necessary, work with the instructor.

Step 2.7

Verify reachability to the virtual router attached to your assigned device by pinging its loopback address. Refer to your network diagram as necessary.

[edit protocols ospf]lab@srxA-1# run ping local-vr-loopback rapid PING 192.168.1.2 (192.168.1.2): 56 data bytes!!!!!--- 192.168.1.2 ping statistics ---5 packets transmitted, 5 packets received, 0% packet lossround-trip min/avg/max/stddev = 1.437/4.057/8.057/3.122 ms

Question: Was the ping to your attached virtual router successful?

Answer: Yes, the ping should be successful. If the ping is not successful, double-check your configuration and notify your instructor.

Note

Note

Before proceeding, ensure that the remote team in your pod finishes the previous step.

The next two lab steps require you to log in to the virtual router attached to your teams device. The virtual routers are logical devices created on a J Series Services Router.Lab 110 Configuring and Monitoring OSPF (Detailed) www.juniper.net


Open a second CLI session to your student device. Log in to this second session to the student device with the username lab using a password of lab123. Note that both the name and password are case-sensitive.

srxA-1 (ttyu0)

login: labPassword:

--- JUNOS 11.4R1.6 built 2011-11-15 12:44:14 UTClab@srxA-1>Step 2.9

From the second CLI session to your student device, telnet to your virtual routers loopback address. Log in to the virtual router using the login information shown in the following table:

lab@srxA-1> telnet local-vr-loopback Trying 192.168.1.2...Connected to 192.168.1.2.Escape character is '^]'.This device has been configured to run the AJER course

Virtual Router Login Details

Student Device Username Password

srxA-1 a1 lab123

srxA-2 a2 lab123

srxB-1 b1 lab123

srxB-2 b2 lab123

srxC-1 c1 lab123

srxC-2 c2 lab123

srxD-1 d1 lab123

srxD-2 d2 lab123www.juniper.net Configuring and Monitoring OSPF (Detailed) Lab 111

Advanced Junos Enterprise Routingvr-device (ttyp1)

login: usernamePassword: password

--- JUNOS 11.4R1.6 built 2011-11-15 11:28:05 UTC

NOTE: This router is divided into many virtual routers used by different teams. Please only configure your own virtual router.

You must use 'configure private' to configure this router.a1@vr-device>Step 2.10

Verify reachability back to your student devices loopback address from the remote virtual router. Be sure to source your ping from the correct virtual router routing instance. Refer to the following table for your assigned instance name.

a1@vr-device> ping routing-instance instance-name student-device-loopback rapidPING 192.168.1.1 (192.168.1.1): 56 data bytes!!!!!--- 192.168.1.1 ping statistics ---5 packets transmitted, 5 packets received, 0% packet lossround-trip min/avg/max/stddev = 9.884/11.850/18.420/3.300 ms

Note

Keep in mind that when working with virtual routers and routing instances, command syntax is different. If needed, please reference the Detailed Lab Guide for sample command syntax for the individual verification tasks performed within this lab.

Routing Instance Names

Student Device Instance Name

srxA-1 vr111

srxA-2 vr112

srxB-1 vr113

srxB-2 vr114

srxC-1 vr115

srxC-2 vr116

srxD-1 vr117

srxD-2 vr118Lab 112 Configuring and Monitoring OSPF (Detailed) www.juniper.net


Issue a show route remote-virtual-router-loopback/32 table instance-name command to view the route table data of the remote teams virtual routers loopback address. Use the table from the previous step for the instance name.

a1@vr-device> show route remote-virtual-router-loopback/32 table instance-name vr111.inet.0: 21 destinations, 28 routes (21 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both

192.168.2.2/32 *[OSPF/10] 00:03:39, metric 21 > to 172.20.111.1 via ge-0/0/1.111

Question: What is the OSPF cost to reach the remote virtual routers loopback address?

Answer: The cost for this route is 21.

Step 2.12

Return to the CLI session on your SRX Series student device.

On the SRX Series student device, configure your device for OSPF overload mode and activate the change.

[edit protocols ospf]lab@srxA-1# set overload [edit protocols ospf]lab@srxA-1# commit commit completeStep 2.13

Return to the CLI session on your virtual router.

On your local virtual router, reissue the show route remote-virtual-router-loopback/32 table instance-name command.

a1@vr-device> show route remote-virtual-router-loopback/32 table instance-name vr111.inet.0: 21 destinations, 28 routes (21 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both


a1@vr-device> www.juniper.net Configuring and Monitoring OSPF (Detailed) Lab 113

Advanced Junos Enterprise RoutingQuestion: Did the metric change? If so, what did it change to and why?

Answer: Yes, depending on the remote student team, you might see the metric change to 65546 or 131071. The metric changes because overloading a router automatically increases its metric by 65535.

Question: Why would you overload a router?

Answer: The main reason for overloading a router is to force transit traffic off of it. This could be because of maintenance or if the router is experiencing other types of trouble.

Step 2.14

Log out of the vr-device and then log out of student device. You can close this second window because you will not need it anymore.

a1@vr-device> exit Connection closed by foreign host.

lab@srxA-1> exitStep 2.15

Return to the CLI session on your SRX Series student device.

On the SRX Series student device, delete the overload setting and activate your changes.

[edit protocols ospf]lab@srxA-1# delete overload [edit protocols ospf]lab@srxA-1# commit commit complete

STOP Do not proceed until the remote team finishes Part 2.Lab 114 Configuring and Monitoring OSPF (Detailed) www.juniper.net

Advanced Junos Enterprise RoutingPart 3: Configuring OSPF Authentication

In this lab part, you configure OSPF authentication on the link between the student devices. Initially, only team 1 will modify its devices current configuration to make it incompatible with team 2s router. Then, both teams will enable OSPF traceoptions to log protocol activity and the associated errors. Finally, team 2 will configure its router to match team 1s configuration changes.

Step 3.1

This step is for team 1 only.

Configure the ge-0/0/1.0 interface in Area 0 for OSPF Message Digest 5 (MD5) authentication. Use a password of juniper and a key-id of 1. Activate your changes when complete.

[edit protocols ospf]lab@srxA-1# set area 0 interface ge-0/0/1.0 authentication md5 1 key juniper [edit protocols ospf]lab@srxA-1# commit commit complete

Step 3.2

This step is for both teams.

Issue a run show ospf neighbor command.[edit protocols ospf]lab@srxA-1# run show ospf neighbor Address Interface State ID Pri Dead172.20.66.2 ge-0/0/2.0 Full 192.168.2.1 128 35172.20.111.10 ge-0/0/4.111 Full 192.168.1.2 128 33

Question: How many OSPF neighbors does your assigned device currently have?

Answer: At this point, your device should have only two neighbors (instead of three). The neighbor adjacency across the ge-0/0/1 interface should no longer be in place because of team 1s recent configuration change. It might take up to forty seconds for the ge-0/0/1.0 neighbor to drop because of the OSPF dead timer.

Step 3.3

This step is for both teams.www.juniper.net Configuring and Monitoring OSPF (Detailed) Lab 115

Advanced Junos Enterprise RoutingDefine traceoptions for OSPF so that OSPF errors write to a file named trace-ospf. Include the detail option with the error flag to capture additional details of the OSPF errors. Activate the configuration change when completed.

[edit protocols ospf]lab@srxA-1# set traceoptions file trace-ospf [edit protocols ospf]lab@srxA-1# set traceoptions flag error detail [edit protocols ospf]lab@srxA-1# commit commit complete

Step 3.4


Issue the run show log trace-ospf command to view the contents written to the trace-ospf trace file.

[edit protocols ospf]lab@srxA-1# run show log trace-ospf Feb 22 21:42:24 trace_on: Tracing to "/var/log/trace-ospf" startedFeb 22 21:42:30.224638 OSPF packet ignored: authentication type mismatch (0)

from 172.20.77.2Feb 22 21:42:38.426655 OSPF packet ignored: authentication type mismatch (0)

from 172.20.77.2Feb 22 21:42:38.440217 OSPF packet ignored: authentication type mismatch (0)

from 172.20.77.2[...]

Question: Does the generated error in the trace file explain the current OSPF adjacency issue?

Answer: Yes, based on the contents of the trace file, an authentication mismatch exists.

Step 3.5

This step is for team 2 only.

Configure the ge-0/0/1.0 interface in Area 0 for OSPF MD5 authentication. Use a password of juniper and a key-id of 1. Activate the changes when completed.

[edit protocols ospf]lab@srxA-2# set area 0 interface ge-0/0/1.0 authentication md5 1 key juniper [edit protocols ospf]lab@srxA-2# commit commit completeLab 116 Configuring and Monitoring OSPF (Detailed) www.juniper.net

Advanced Junos Enterprise Routing[edit protocols ospf]lab@srxA-2#Step 3.6


Issue a run show ospf neighbor command.[edit protocols ospf]lab@srxA-1# run show ospf neighbor Address Interface State ID Pri Dead172.20.77.2 ge-0/0/1.0 Full 192.168.2.1 128 39172.20.66.2 ge-0/0/2.0 Full 192.168.2.1 128 37172.20.111.10 ge-0/0/4.111 Full 192.168.1.2 128 39

[edit protocols ospf]lab@srxA-1#

Question: Did the OSPF adjacency across thege-0/0/1.0 interface return to the Full state?

Answer: Yes, you should now see all three neighbors in the Full adjacency state, as shown in the previous output.

Step 3.7


Deactivate traceoptions and delete the trace-ospf log file. Activate the configuration and return to operational mode using the commit and-quit command.

[edit protocols ospf]lab@srxA-1# deactivate traceoptions [edit protocols ospf]lab@srxA-1# run file delete /var/log/trace-ospf [edit protocols ospf]lab@srxA-1# commit and-quitcommit completeExiting configuration mode

lab@srxA-1> Step 3.8

Log out of your assigned device using the exit command.lab@srxA-1> exitwww.juniper.net Configuring and Monitoring OSPF (Detailed) Lab 117

Advanced Junos Enterprise Routing STOP Tell your instructor that you have completed Lab 1.Lab 118 Configuring and Monitoring OSPF (Detailed) www.juniper.net

Lab 2Configuring and Monitoring OSPF Areas and Route

Summarization (Detailed)

Overview

This lab configures a stub area and a not-so-stubby (NSSA) area, and performs route summarization. In addition, the stub area will be converted into a totally stubby area using the no-summaries option.



Create a stub area.

Change the stub area to a totally stubby area.

Create a not-so-stubby area.

Perform route summarization.www.juniper.net Configuring and Monitoring OSPF Areas and Route Summarization (Detailed) Lab 2111.a.11.4R1.6

Advanced Junos Enterprise RoutingPart 1: Configuring a Stub Area

In this lab part, you configure an OSPF stub area. You will first prepare your device by loading a reset configuration file located on your device. You then configure a new interface and the stub area. Finally, you reconfigure the stub area as a totally stubby area. For this lab, you will use the network diagram titled Lab 2 (Stub Area): Configuring and Monitoring OSPF Areas and Route Summarization.

Step 1.1




Step 1.2


Note

The instructor will tell you the nature of your access and will provide you with the necessary details to access your assigned device.Lab 22 Configuring and Monitoring OSPF Areas and Route Summarization (Detailed) www.juniper.net


Log in to the student device with the username lab using a password of lab123. Note that both the name and password are case-sensitive. Enter configuration mode and load the reset configuration file using theload override /var/home/lab/ajer/lab2-start.config command. After the configuration has been loaded, commit the changes before proceeding.

srxA-1 (ttyu0)

login: labPassword:


[edit]lab@srxA-1# load override ajer/lab2-start.config load complete

[edit]lab@srxA-1# commit commit completeStep 1.4

Refer to the network diagram and configure the IP address on the ge-0/0/4.unit interface for the stub area on your assigned device. Use the logical unit value as the VLAN-ID value for this interface.

[edit]lab@srxA-1# edit interfaces ge-0/0/4 [edit interfaces ge-0/0/4]lab@srxA-1# set unit unit vlan-id vlan-id family inet address address/24 [edit interfaces ge-0/0/4]lab@srxA-1# show vlan-tagging;unit 111 { vlan-id 111; family inet { address 172.20.111.1/24; }}unit 151 { vlan-id 151; family inet { address 172.20.151.1/24; }}

[edit interfaces ge-0/0/4]lab@srxA-1# www.juniper.net Configuring and Monitoring OSPF Areas and Route Summarization (Detailed) Lab 23


Navigate to the [edit protocols ospf] hierarchy and configure the OSPF stub area. Refer to the network diagram to ensure you use the correct area number for your device .

[edit interfaces ge-0/0/4]lab@srxA-1# top edit protocols ospf[edit protocols ospf]lab@srxA-1# set area area stub [edit protocols ospf]lab@srxA-1# set area area interface ge-0/0/4.unit [edit protocols ospf]lab@srxA-1# show area areastub;interface ge-0/0/4.151;

[edit protocols ospf]lab@srxA-1# Step 1.6

Activate the configuration and issue the run show ospf neighbor command.[edit protocols ospf]lab@srxA-1# commit commit complete

[edit protocols ospf]lab@srxA-1# run show ospf neighborAddress Interface State ID Pri Dead172.20.77.2 ge-0/0/1.0 Full 192.168.2.1 128 35172.20.66.2 ge-0/0/2.0 Full 192.168.2.1 128 35172.20.111.10 ge-0/0/4.111 Full 192.168.1.2 128 33172.20.151.10 ge-0/0/4.151 Full 192.168.3.2 128 33

Question: Did the new neighbor come up to a Full state?

Answer: The neighbor state for the newge-0/0/4.unit interface should be Full, as shown in the previous sample output. If you do not see the Full state for this interface, check your configuration and, if necessary, work with the instructor.Lab 24 Configuring and Monitoring OSPF Areas and Route Summarization (Detailed) www.juniper.net


Issue the run show ospf interface detail | find ge-0/0/4 command to see the difference between the non-stub area interface and the new stub area interface.

[edit protocols ospf]lab@srxA-1# run show ospf interface detail | find ge-0/0/4ge-0/0/4.111 BDR 0.0.0.1 192.168.1.2 192.168.1.1 1 Type: LAN, Address: 172.20.111.1, Mask: 255.255.255.0, MTU: 1500, Cost: 10 DR addr: 172.20.111.10, BDR addr: 172.20.111.1, Priority: 128 Adj count: 1 Hello: 10, Dead: 40, ReXmit: 5, Not Stub Auth type: None Protection type: None Topology default (ID 0) -> Cost: 10ge-0/0/4.151 BDR 0.0.0.3 192.168.3.2 192.168.1.1 1 Type: LAN, Address: 172.20.151.1, Mask: 255.255.255.0, MTU: 1500, Cost: 10 DR addr: 172.20.151.10, BDR addr: 172.20.151.1, Priority: 128 Adj count: 1 Hello: 10, Dead: 40, ReXmit: 5, Stub Auth type: None Protection type: None Topology default (ID 0) -> Cost: 10

Question: Is the new interface correctly set as Stub?

Answer: The output shows the new interface set as Stub (as opposed to Not Stub in the non-stub area). If you do not see this setting, check your configuration and, if necessary, work with the instructor.

Step 1.8

Issue the run show ospf database area area summary and run show ospf database area area commands to see how many and what types of link-state advertisements (LSAs) are contained in the OSPF database for your stub area. Refer to the network diagram as needed for the correct stub area number.

[edit protocols ospf]lab@srxA-1# run show ospf database area area summary Area 0.0.0.3: 2 Router LSAs 1 Network LSAs 10 Summary LSAsExternals: 6 Extern LSAsInterface ge-0/0/1.0:Area 0.0.0.0:Interface ge-0/0/2.0:www.juniper.net Configuring and Monitoring OSPF Areas and Route Summarization (Detailed) Lab 25

Advanced Junos Enterprise RoutingArea 0.0.0.0:Interface ge-0/0/4.111:Area 0.0.0.1:Interface ge-0/0/4.151:Area 0.0.0.3:Interface lo0.0:Area 0.0.0.0:

[edit protocols ospf]lab@srxA-1# run show ospf database area area OSPF database, Area 0.0.0.3 Type ID Adv Rtr Seq Age Opt Cksum Len Router *192.168.1.1 192.168.1.1 0x80000004 350 0x20 0xf89c 36Router 192.168.3.2 192.168.3.2 0x80000007 352 0x20 0xed21 48Network 172.20.151.10 192.168.3.2 0x80000001 352 0x20 0xf799 32Summary *172.20.66.0 192.168.1.1 0x80000003 350 0x20 0xd597 28Summary *172.20.77.0 192.168.1.1 0x80000001 356 0x20 0xd8e5 28Summary *172.20.111.0 192.168.1.1 0x80000001 356 0x20 0x7326 28Summary *172.20.112.0 192.168.1.1 0x80000001 356 0x20 0xccc1 28Summary *172.20.152.0 192.168.1.1 0x80000001 348 0x20 0x1353 28Summary *192.168.1.1 192.168.1.1 0x80000001 356 0x20 0xc7a0 28Summary *192.168.1.2 192.168.1.1 0x80000001 356 0x20 0x223b 28Summary *192.168.2.1 192.168.1.1 0x80000001 356 0x20 0x213c 28Summary *192.168.2.2 192.168.1.1 0x80000001 356 0x20 0x7bd6 28Summary *192.168.4.2 192.168.1.1 0x80000001 59 0x20 0x65ea 28 OSPF AS SCOPE link state database Type ID Adv Rtr Seq Age Opt Cksum Len Extern 172.21.0.0 192.168.1.2 0x8000007b 1148 0x22 0x2bde 36Extern 172.21.1.0 192.168.1.2 0x8000007b 560 0x22 0x20e8 36Extern 172.21.2.0 192.168.1.2 0x8000007a 1898 0x22 0x17f1 36Extern 172.22.0.0 192.168.2.2 0x8000007b 1661 0x22 0x18ef 36Extern 172.22.1.0 192.168.2.2 0x8000007b 940 0x22 0xdf9 36Extern 172.22.2.0 192.168.2.2 0x8000007b 370 0x22 0x204 36

Question: How many summary LSAs are in your stub area?

Answer: There are ten summary LSAs, as shown in the previous sample output.

Step 1.9

Convert your stub area to a totally stubby area using the no-summaries option and activate your changes.

[edit protocols ospf]lab@srxA-1# set area area stub no-summaries[edit protocols ospf]lab@srxA-1# show area areastub no-summaries;Lab 26 Configuring and Monitoring OSPF Areas and Route Summarization (Detailed) www.juniper.net

Advanced Junos Enterprise Routinginterface ge-0/0/4.151;

[edit protocols ospf]lab@srxA-1# commit commit completeStep 1.10

Issue the run show ospf database area area summary and run show ospf database area area commands again.

[edit protocols ospf]lab@srxA-1# run show ospf database area area summary Area 0.0.0.3: 2 Router LSAs 1 Network LSAsExternals: 6 Extern LSAsInterface ge-0/0/1.0:Area 0.0.0.0:Interface ge-0/0/2.0:Area 0.0.0.0:Interface ge-0/0/4.111:Area 0.0.0.1:Interface ge-0/0/4.151:Area 0.0.0.3:Interface lo0.0:Area 0.0.0.0:

[edit protocols ospf]lab@srxA-1# run show ospf database area area OSPF database, Area 0.0.0.3 Type ID Adv Rtr Seq Age Opt Cksum Len Router *192.168.1.1 192.168.1.1 0x80000006 149 0x20 0xf49e 36Router 192.168.3.2 192.168.3.2 0x80000009 155 0x20 0xe923 48Network 172.20.151.10 192.168.3.2 0x80000003 155 0x20 0xf39b 32 OSPF AS SCOPE link state database Type ID Adv Rtr Seq Age Opt Cksum Len Extern 172.21.0.0 192.168.1.2 0x8000007b 1376 0x22 0x2bde 36Extern 172.21.1.0 192.168.1.2 0x8000007b 788 0x22 0x20e8 36Extern 172.21.2.0 192.168.1.2 0x8000007b 199 0x22 0x15f2 36Extern 172.22.0.0 192.168.2.2 0x8000007b 1889 0x22 0x18ef 36Extern 172.22.1.0 192.168.2.2 0x8000007b 1168 0x22 0xdf9 36Extern 172.22.2.0 192.168.2.2 0x8000007b 598 0x22 0x204 36

Question: How many summary LSAs are now in your stub area?

Answer: You should not see any summary LSAs in your stub areas database. If you do see summary LSAs, check your configuration and, if necessary, work with the instructor.www.juniper.net Configuring and Monitoring OSPF Areas and Route Summarization (Detailed) Lab 27

Advanced Junos Enterprise RoutingQuestion: Why are there no summary LSAs?

Answer: In a totally stubby area, summary LSAs are not allowed. Reachability to external destinations is accomplished by injecting a default route into the area.

Step 1.11

Configure the router to inject a default route into the stub area by using the default-metric option. Give this route a metric of 10 and activate your changes.

[edit protocols ospf]lab@srxA-1# set area area stub default-metric 10 [edit protocols ospf]lab@srxA-1# show area areastub default-metric 10 no-summaries;interface ge-0/0/4.151;

[edit protocols ospf]lab@srxA-1# commit commit completeStep 1.12

Issue the run show ospf database area area summary and run show ospf database area area commands again.

[edit protocols ospf]lab@srxA-1# run show ospf database area area summary Area 0.0.0.3: 2 Router LSAs 1 Network LSAs 1 Summary LSAsExternals: 6 Extern LSAsInterface ge-0/0/1.0:Area 0.0.0.0:Interface ge-0/0/2.0:Area 0.0.0.0:Interface ge-0/0/4.111:Area 0.0.0.1:Interface ge-0/0/4.151:Area 0.0.0.3:Interface lo0.0:Area 0.0.0.0:

[edit protocols ospf]lab@srxA-1# run show ospf database area areaLab 28 Configuring and Monitoring OSPF Areas and Route Summarization (Detailed) www.juniper.net

Advanced Junos Enterprise Routing OSPF database, Area 0.0.0.3 Type ID Adv Rtr Seq Age Opt Cksum Len Router *192.168.1.1 192.168.1.1 0x80000007 64 0x20 0xf29f 36Router 192.168.3.2 192.168.3.2 0x80000009 298 0x20 0xe923 48Network 172.20.151.10 192.168.3.2 0x80000003 298 0x20 0xf39b 32Summary *0.0.0.0 192.168.1.1 0x80000001 64 0x20 0xf2d6 28 OSPF AS SCOPE link state database Type ID Adv Rtr Seq Age Opt Cksum Len Extern 172.21.0.0 192.168.1.2 0x8000007b 1519 0x22 0x2bde 36Extern 172.21.1.0 192.168.1.2 0x8000007b 931 0x22 0x20e8 36Extern 172.21.2.0 192.168.1.2 0x8000007b 342 0x22 0x15f2 36Extern 172.22.0.0 192.168.2.2 0x8000007c 54 0x22 0x16f0 36Extern 172.22.1.0 192.168.2.2 0x8000007b 1311 0x22 0xdf9 36Extern 172.22.2.0 192.168.2.2 0x8000007b 741 0x22 0x204 36

Question: How many summary LSAs are now in your stub area?

Answer: You should now see one summary LSA in your stub areas database with a value of 0.0.0.0. This is the default route being injected by the ABR. If you do not see this LSA, check your configuration and, if necessary, work with the instructor.

STOP Do not proceed until the remote team finishes Part 1.

Part 2: Configuring an NSSA

In this lab part, you configure an NSSA and perform route summarization on it. For the remainder of this lab, please refer to the lab diagram titled Lab 2 (NSSA Area): Configuring and Monitoring OSPF Areas and Route Summarization.

Step 2.1

Refer to the network diagram and configure the IP address on the ge-0/0/4.unit interface for the NSSA area on your assigned device. Use the logical unit value as the VLAN-ID value for this interface.

[edit protocols ospf]lab@srxA-1# top edit interfaces ge-0/0/4 [edit interfaces ge-0/0/4]lab@srxA-1# set unit unit vlan-id vlan-id family inet address address/24 [edit interfaces ge-0/0/4]lab@srxA-1# show vlan-tagging;unit 111 { vlan-id 111; family inet {www.juniper.net Configuring and Monitoring OSPF Areas and Route Summarization (Detailed) Lab 29

Advanced Junos Enterprise Routing address 172.20.111.1/24; }}unit 151 { vlan-id 151; family inet { address 172.20.151.1/24; }}unit 161 { vlan-id 161; family inet { address 172.20.161.0/24; }}

[edit interfaces ge-0/0/4]lab@srxA-1# Step 2.2

Navigate to the [edit protocols ospf] hierarchy and configure the NSSA area. Refer to the network diagram to ensure you use the correct area number for your device.

[edit interfaces ge-0/0/4]lab@srxA-1# top edit protocols ospf[edit protocols ospf]lab@srxA-1# set area area nssa [edit protocols ospf]lab@srxA-1# set area area interface ge-0/0/4.unit [edit protocols ospf]lab@srxA-1# show area areanssa;interface ge-0/0/4.161;

[edit protocols ospf]lab@srxA-1# Step 2.3

Activate the configuration and issue the run show ospf neighbor command.[edit protocols ospf]lab@srxA-1# commit commit complete

[edit protocols ospf]lab@srxA-1# run show ospf neighborLab 210 Configuring and Monitoring OSPF Areas and Route Summarization (Detailed) www.juniper.net

Advanced Junos Enterprise RoutingAddress Interface State ID Pri Dead172.20.77.2 ge-0/0/1.0 Full 192.168.2.1 128 33172.20.66.2 ge-0/0/2.0 Full 192.168.2.1 128 33172.20.111.10 ge-0/0/4.111 Full 192.168.1.2 128 39172.20.151.10 ge-0/0/4.151 Full 192.168.3.2 128 36172.20.161.10 ge-0/0/4.161 Full 192.168.5.2 128 34

Question: Did the new neighbor come up to a full state?

Answer: The neighbor state for the newge-0/0/4.unit interface should be Full, as shown in the sample output. If you do not see the Full state for this interface, check your configuration and, if necessary, work with the instructor.

Step 2.4

Issue the run show ospf interface ge-0/0/4.unit detail command to verify this interface is set as an NSSA interface.

[edit protocols ospf]lab@srxA-1# run show ospf interface ge-0/0/4.unit detail Interface State Area DR ID BDR ID Nbrsge-0/0/4.161 BDR 0.0.0.5 192.168.5.2 192.168.1.1 1 Type: LAN, Address: 172.20.161.1, Mask: 255.255.255.0, MTU: 1500, Cost: 10 DR addr: 172.20.161.10, BDR addr: 172.20.161.1, Priority: 128 Adj count: 1 Hello: 10, Dead: 40, ReXmit: 5, Stub NSSA Auth type: None Protection type: None Topology default (ID 0) -> Cost: 10

Question: Is the new interface correctly set as an NSSA interface?

Answer: The output shows the new interface set as Stub NSSA. If you do not see this setting, check your configuration and, if necessary, work with the instructor.

Note

Before proceeding, ensure that the remote team in your pod finishes the previous step. www.juniper.net Configuring and Monitoring OSPF Areas and Route Summarization (Detailed) Lab 211


Issue the run show ospf database area area summary and run show ospf database area area nssa commands to see how many and what types of LSAs are contained in the OSPF database for your NSSA area.

[edit protocols ospf]lab@srxA-1# run show ospf database area area summary Area 0.0.0.5: 2 Router LSAs 1 Network LSAs 13 Summary LSAs 4 NSSA LSAsExternals: 14 Extern LSAsInterface ge-0/0/1.0:Area 0.0.0.0:Interface ge-0/0/2.0:Area 0.0.0.0:Interface ge-0/0/4.111:Area 0.0.0.1:Interface ge-0/0/4.151:Area 0.0.0.3:Interface ge-0/0/4.161:Area 0.0.0.5:Interface lo0.0:Area 0.0.0.0:

[edit protocols ospf]lab@srxA-1# run show ospf database area area nssa OSPF database, Area 0.0.0.5 Type ID Adv Rtr Seq Age Opt Cksum Len NSSA 172.61.0.0 192.168.5.2 0x80000004 76 0x28 0xc31d 36NSSA 172.61.1.0 192.168.5.2 0x80000003 2474 0x28 0xba26 36NSSA 172.61.2.0 192.168.5.2 0x80000003 1875 0x28 0xaf30 36NSSA 172.61.3.0 192.168.5.2 0x80000003 1276 0x28 0xa43a 36

Question: How many NSSA LSAs are in your NSSA areas database?

Answer: There should be four NSSA LSAs. If not, check your configuration and, if necessary, work with the instructor.

Step 2.6

Issue the run show ospf database external command to see external LSAs contained in the OSPF database.

[edit protocols ospf]lab@srxA-1# run show ospf database external Lab 212 Configuring and Monitoring OSPF Areas and Route Summarization (Detailed) www.juniper.net

Advanced Junos Enterprise Routing OSPF AS SCOPE link state database Type ID Adv Rtr Seq Age Opt Cksum Len Extern 172.21.0.0 192.168.1.2 0x8000007b 1941 0x22 0x2bde 36Extern 172.21.1.0 192.168.1.2 0x8000007b 1353 0x22 0x20e8 36Extern 172.21.2.0 192.168.1.2 0x8000007b 764 0x22 0x15f2 36Extern 172.22.0.0 192.168.2.2 0x8000007c 476 0x22 0x16f0 36Extern 172.22.1.0 192.168.2.2 0x8000007b 1733 0x22 0xdf9 36Extern 172.22.2.0 192.168.2.2 0x8000007b 1163 0x22 0x204 36Extern *172.61.0.0 192.168.1.1 0x80000001 165 0x22 0x628e 36Extern *172.61.1.0 192.168.1.1 0x80000001 165 0x22 0x5798 36Extern *172.61.2.0 192.168.1.1 0x80000001 165 0x22 0x4ca2 36Extern *172.61.3.0 192.168.1.1 0x80000001 165 0x22 0x41ac 36Extern 172.62.0.0 192.168.2.1 0x80000001 203 0x22 0x5c91 36Extern 172.62.1.0 192.168.2.1 0x80000001 203 0x22 0x519b 36Extern 172.62.2.0 192.168.2.1 0x80000001 203 0x22 0x46a5 36Extern 172.62.3.0 192.168.2.1 0x80000001 203 0x22 0x3baf 36

Question: Are the external LSAs that describe the remote teams NSSA routes present?

Answer: Yes, they are present. The example output is from the srxX-1 router, so the remote teams NSSA LSAs are the four 172.62.x.x entries. From the perspective of the srxX-2 router, the remote teams NSSA LSAs are the 172.61.x.x entries. Note that no summary route exists for these networks.

Question: How many external LSAs are present?

Answer: There are 14 external LSAs, as shown in the example output.

Step 2.7

Each of the external NSSA destinations is represented by a /24 network. Choose one of the remote teams destinations and issue a run show route destination command for that destination.

[edit protocols ospf]lab@srxA-1# run show route destination inet.0: 38 destinations, 38 routes (38 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both

172.62.0.0/24 *[OSPF/150] 00:06:01, metric 0, tag 0 > to 172.20.77.2 via ge-0/0/1.0www.juniper.net Configuring and Monitoring OSPF Areas and Route Summarization (Detailed) Lab 213


You will now summarize your four networks into one /22 network using the area-range option. Ensure you set this command within the [edit protocols ospf area area nssa] hierarchy of the configuration. Commit your changes when completed and exit to operational mode.

[edit protocols ospf]lab@srxA-1# set area area nssa area-range summary-address/22[edit protocols ospf]lab@srxA-1# show area areanssa { area-range 172.61.0.0/22;}interface ge-0/0/4.161;

[edit protocols ospf]lab@srxA-1# commit and-quit commit completeExiting configuration mode

lab@srxA-1>

Step 2.9

Issue the show ospf database external command to view the external LSAs present in the OSPF database.

lab@srxA-1> show ospf database external OSPF AS SCOPE link state database Type ID Adv Rtr Seq Age Opt Cksum Len Extern 172.21.0.0 192.168.1.2 0x8000007b 2294 0x22 0x2bde 36Extern 172.21.1.0 192.168.1.2 0x8000007b 1706 0x22 0x20e8 36Extern 172.21.2.0 192.168.1.2 0x8000007b 1117 0x22 0x15f2 36Extern 172.22.0.0 192.168.2.2 0x8000007c 829 0x22 0x16f0 36Extern 172.22.1.0 192.168.2.2 0x8000007c 251 0x22 0xbfa 36Extern 172.22.2.0 192.168.2.2 0x8000007b 1516 0x22 0x204 36Extern *172.61.0.0 192.168.1.1 0x80000002 46 0x22 0x3d21 36Extern 172.62.0.0 192.168.2.1 0x80000002 30 0x22 0x2a32 36

Note

Before proceeding, ensure that the remote team in your pod finishes the previous step. Lab 214 Configuring and Monitoring OSPF Areas and Route Summarization (Detailed) www.juniper.net

Advanced Junos Enterprise RoutingQuestion: Were the changes successful? How can you tell?

Answer: Yes, the changes were successful. Instead of eight total LSAs representing the 172.6x.x.x routes, we now have two. This has resulted in a smaller link-state database and demonstrates one mechanism you can use to scale OSPF networks.

Step 2.10

Choose one of the remote teams destinations and issue a show route destination command for that destination to verify the router is using the /22 summary route instead of the original /24 route.

lab@srxA-1> show route destination inet.0: 36 destinations, 36 routes (36 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both

172.62.0.0/22 *[OSPF/150] 00:01:12, metric 1, tag 0 > to 172.20.77.2 via ge-0/0/1.0Step 2.11

Log out of your assigned device using the exit command.lab@srxA-1> exit

STOP Tell your instructor that you have completed Lab 2.www.juniper.net Configuring and Monitoring OSPF Areas and Route Summarization (Detailed) Lab 215

Advanced Junos Enterprise RoutingLab 216 Configuring and Monitoring OSPF Areas and Route Summarization (Detailed) www.juniper.net

Lab 3Configuring and Monitoring Routing Policy and Advanced

OSPF Options (Detailed)

Overview

In this lab, you will use the lab diagram titled Lab 3: Configuring and Monitoring Routing Policy and Advanced OSPF Options to establish a multiarea OSPF routing domain. This lab will require the configuration of a virtual link as backup to the backbone connection and a multiarea adjacency as outlined in RFC 5185. The final part of this lab will require routing policy to redistribute and advertise routes being received from a RIP network into OSPF external link-state advertisements (LSAs).



Load the default configuration.

Establish multiple OSPF adjacencies.

Configure and verify a virtual link.

Configure and verify a OSPF multiarea adjacency.

Establish a RIP neighbor peer session.

Write a routing policy to advertise a default route into RIP.

Configure prefix-limits in OSPF to prevent excessive external routes.

Write a routing policy to advertise a RIP summary route into OSPF.

Write an OSPF import policy to prevent less than optimal routing.www.juniper.net Configuring and Monitoring Routing Policy and Advanced OSPF Options (Detailed) Lab 3111.a.11.4R1.6

Advanced Junos Enterprise RoutingPart 1: Establishing the OSPF Adjacencies and Creating a Virtual Tunnel

In this lab part, you load the reset configuration for this lab and then establish the OSPF adjacencies. The virtual router device (vr-device) will provide connectivity for all three OSPF areas between your student device and your partners.

Step 1.1




Step 1.2


Note

The instructor will tell you the nature of your access and will provide you with the necessary details to access your assigned device.Lab 32 Configuring and Monitoring Routing Policy and Advanced OSPF Options (Detailed) www.juniper.net


Log in to the student device with the username lab using a password of lab123. Note that both the name and password are case-sensitive. Enter configuration mode and load the reset configuration file using theload override /var/home/lab/ajer/lab3-start.config command. After the configuration has been loaded, commit the changes before proceeding.

srxA-1 (ttyu0)

login: labPassword:


[edit]lab@srxA-1# load override ajer/lab3-start.config load complete

[edit]lab@srxA-1# commit commit completeStep 1.4

Navigate to the [edit protocols ospf] hierarchy. Establish the OSPF adjacencies with the P1, P2, and R3 routers attached to your student device. Configure OSPF Area 10 as a not-so-stubby area (NSSA) and advertise a default route with a metric of 10. Do not forget the loopback address in Area 0. Commit the configuration when complete.

[edit]lab@srxA-1# edit protocols ospf [edit protocols ospf]lab@srxA-1# set area 0 interface lo0.0 [edit protocols ospf]lab@srxA-1# set area 0 interface P1-interface [edit protocols ospf]lab@srxA-1# set area 20 interface P2-interface [edit protocols ospf]lab@srxA-1# set area 10 nssa default-lsa default-metric 10 [edit protocols ospf]lab@srxA-1# set area 10 interface ge-0/0/14www.juniper.net Configuring and Monitoring Routing Policy and Advanced OSPF Options (Detailed) Lab 33

Advanced Junos Enterprise Routing[edit protocols ospf]lab@srxA-1# commit commit complete

[edit protocols ospf]lab@srxA-1#Step 1.5

Use the run show ospf interface command to verify which interfaces are participating in OSPF.

[edit protocols ospf]lab@srxA-1# run show ospf interface Interface State Area DR ID BDR ID Nbrsge-0/0/4.1211 BDR 0.0.0.0 192.168.100.1 192.168.1.1 1lo0.0 DR 0.0.0.0 192.168.1.1 0.0.0.0 0ge-0/0/14.0 BDR 0.0.0.10 192.168.1.2 192.168.1.1 1ge-0/0/4.1213 BDR 0.0.0.20 192.168.101.1 192.168.1.1 1

Question: How many interfaces are running OSPF?

Answer: Three transit interfaces and the loopback interface exist, for a total of four interfaces running OSPF.

Step 1.6

Use the run show ospf neighbor command to verify the establishment of the OSPF adjacencies.

[edit protocols ospf]lab@srxA-1# run show ospf neighbor Address Interface State ID Pri Dead172.22.121.2 ge-0/0/4.1211 Full 192.168.100.1 128 3310.0.10.2 ge-0/0/14.0 Full 192.168.1.2 128 37172.22.123.2 ge-0/0/4.1213 Full 192.168.101.1 128 35

Question: Are all OSPF adjacencies established and in the Full state?

Answer: Yes, three OSPF adjacencies should be established, one in each OSPF area.

Step 1.7

Verify that the routing table has connectivity to all devices in the OSPF domain. Use the run show route protocol ospf table inet.0 | match /32 command to display only the host addresses.Lab 34 Configuring and Monitoring Routing Policy and Advanced OSPF Options (Detailed) www.juniper.net

Advanced Junos Enterprise Routing[edit protocols ospf]lab@srxA-1# run show route protocol ospf table inet.0 | match /32 192.168.1.2/32 *[OSPF/10] 00:03:07, metric 1192.168.2.1/32 *[OSPF/10] 00:02:22, metric 2192.168.2.2/32 *[OSPF/10] 00:03:07, metric 3192.168.100.1/32 *[OSPF/10] 00:02:57, metric 1192.168.101.1/32 *[OSPF/10] 00:02:57, metric 1192.168.102.1/32 *[OSPF/10] 00:03:07, metric 2224.0.0.5/32 *[OSPF/10] 00:03:12, metric 1

Question: Is there an entry in the primary routing table (inet.0) for all six loopback addresses within the OSPF domain?

Answer: Yes, if your partner has successfully configured OSPF, six host addresses should exist in the inet.0 routing table, one for each loopback address.

Step 1.8

Navigate to the [edit protocols ospf area 0.0.0.0] hierarchy. Create a virtual link in OSPF Area 0 through Area 20 using the OSPF virtual-link command. The virtual-link neighbor-id is the loopback address of your partners student device. The virtual link should be used only as a backup in the event of an P1 failure. This can be accomplished by setting the P2 interface in Area 20 to a metric of 10. Commit this configuration when completed.

[edit protocols ospf]lab@srxA-1# edit area 0 [edit protocols ospf area 0.0.0.0]lab@srxA-1# set virtual-link transit-area 20 neighbor-id address [edit protocols ospf area 0.0.0.0]lab@srxA-1# up [edit protocols ospf]lab@srxA-1# set area 20 interface P2-interface metric 10 [edit protocols ospf]lab@srxA-1# commitcommit completeStep 1.9

Use the run show ospf interface command to verify that the virtual link has been established and that an adjacency has been formed.

[edit protocols ospf]lab@srxA-1# run show ospf interface www.juniper.net Configuring and Monitoring Routing Policy and Advanced OSPF Options (Detailed) Lab 35

Advanced Junos Enterprise RoutingInterface State Area DR ID BDR ID Nbrsge-0/0/4.1211 BDR 0.0.0.0 192.168.100.1 192.168.1.1 1lo0.0 DR 0.0.0.0 192.168.1.1 0.0.0.0 0vl-192.168.2.1 PtToPt 0.0.0.0 0.0.0.0 0.0.0.0 1ge-0/0/14.0 BDR 0.0.0.10 192.168.1.2 192.168.1.1 1ge-0/0/4.1213 BDR 0.0.0.20 192.168.101.1 192.168.1.1 1

Question: Which type of interface is created for the virtual link?

Answer: A point-to-point interface is created for the virtual link.

Step 1.10

Use the run show ospf neighbor command to verify that the virtual link has established an adjacency.

[edit protocols ospf]lab@srxA-1# run show ospf neighbor Address Interface State ID Pri Dead172.22.121.2 ge-0/0/4.1211 Full 192.168.100.1 128 33172.22.124.1 vl-192.168.2.1 Full 192.168.2.1 0 3410.0.10.2 ge-0/0/14.0 Full 192.168.1.2 128 35172.22.123.2 ge-0/0/4.1213 Full 192.168.101.1 128 34

Question: What is the adjacency state of the virtual link interface?

Answer: The state should be Full.

Step 1.11

Use the run show route address/32 table inet.0 command to verify that your partners default loopback address routes through the P1 router and not through the virtual link. Refer to the network diagram as needed.

[edit protocols ospf]lab@srxA-1# run show route address/32 table inet.0 inet.0: 21 destinations, 21 routes (21 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both

192.168.2.1/32 *[OSPF/10] 00:10:21, metric 2 > to 172.22.121.2 via ge-0/0/4.1211Lab 36 Configuring and Monitoring Routing Policy and Advanced OSPF Options (Detailed) www.juniper.net

Advanced Junos Enterprise RoutingQuestion: Does the route to your partners loopback address go through the P1 router or the virtual link?

Answer: Yes, the route to the loopback address of your partners student device should be using the P1 router and not the virtual link.

Part 2: Configuring OSPF Multiarea

In this lab part, you configure an OSPF multiarea adjacency to provide an alternate path for OSPF Area 10.

Step 2.1

Navigate to the [edit protocols ospf area 0.0.0.10] hierarchy and establish an OSPF Area 10 adjacency through the P1 router. You will add the P1 interface to Area 10 with the secondary setting. This will provide a backup path for Area 10 in the event of a P3 failure. Ensure that this backup path is only used in the event of a P3 failure. This can be accomplished by setting the newly configured interface with a higher metric. Commit these changes when completed.

[edit protocols ospf]lab@srxA-1# edit area 10 [edit protocols ospf area 0.0.0.10]lab@srxA-1# set interface P1-interface secondary [edit protocols ospf area 0.0.0.10]lab@srxA-1# set interface P1-interface metric 10 [edit protocols ospf area 0.0.0.10]lab@srxA-1# commit commit complete

[edit protocols ospf area 0.0.0.10]lab@srxA-1#Step 2.2

Use the run show ospf interface command to verify the multiarea adjacency.

[edit protocols ospf area 0.0.0.10]lab@srxA-1# run show ospf interface Interface State Area DR ID BDR ID Nbrsge-0/0/4.1211 BDR 0.0.0.0 192.168.100.1 192.168.1.1 1lo0.0 DR 0.0.0.0 192.168.1.1 0.0.0.0 0vl-192.168.2.1 PtToPt 0.0.0.0 0.0.0.0 0.0.0.0 1ge-0/0/14.0 BDR 0.0.0.10 192.168.1.2 192.168.1.1 1ge-0/0/4.1211 PtToPt 0.0.0.10 0.0.0.0 0.0.0.0 1ge-0/0/4.1213 BDR 0.0.0.20 192.168.101.1 192.168.1.1 1www.juniper.net Configuring and Monitoring Routing Policy and Advanced OSPF Options (Detailed) Lab 37

Advanced Junos Enterprise RoutingQuestion: Area 10 now has two interfaces in it. What is the state for the interface you just added to Area 10? Why?

Answer: The established interface state for Area 10 is point-to-point. As outlined in RFC 5185, all secondary multiarea adjacencies will be formed using a point-to-point interface.

Step 2.3

Use the run show ospf neighbor command to verify the establishment of an OSPF Area 10 adjacency through the P1 router.

[edit protocols ospf area 0.0.0.10]lab@srxA-1# run show ospf neighbor Address Interface State ID Pri Dead172.22.121.2 ge-0/0/4.1211 Full 192.168.100.1 128 33 Area 0.0.0.0172.22.124.1 vl-192.168.2.1 Full 192.168.2.1 0 35 Area 0.0.0.010.0.10.2 ge-0/0/14.0 Full 192.168.1.2 128 31 Area 0.0.0.10172.22.121.2 ge-0/0/4.1211 Full 192.168.100.1 128 32 Area 0.0.0.10172.22.123.2 ge-0/0/4.1213 Full 192.168.101.1 128 39 Area 0.0.0.20

Question: How many OSPF adjacencies exist for Area 0.0.0.10?

Answer: Two adjacencies have been formed within OSPF Area 0.0.0.10.

Step 2.4

Verify that the loopback address of your partners R3 virtual router is being routed through the ge-0/0/14.0 interface toward your R3 virtual router. Use the run show route address/32 table inet.0 command to display the path of the route.

[edit protocols ospf area 0.0.0.10]lab@srxA-1# run show route address/32 table inet.0 inet.0: 21 destinations, 21 routes (21 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both

192.168.2.2/32 *[OSPF/10] 00:22:19, metric 3 > to 10.0.10.2 via ge-0/0/14.0Lab 38 Configuring and Monitoring Routing Policy and Advanced OSPF Options (Detailed) www.juniper.net

Advanced Junos Enterprise RoutingQuestion: What is the primary path to your partners virtual routers loopback address?

Answer: The primary path to your partners virtual routers loopback address is through your R3 virtual router.

Step 2.5

Navigate to the [edit routing-instances instance-name protocols ospf] hierarchy. The value of instance-name is the name of your remote virtual router (either R3-1 or R3-2) depending on your assigned student device. Deactivate your R3 virtual routers Area 10 interface connected to the P3 router. Commit the configuration when completed.

[edit protocols ospf area 0.0.0.10]lab@srxA-1# top edit routing-instances instance-name protocols ospf [edit routing-instances R3-1 protocols ospf]lab@srxA-1# deactivate area 10 interface R3-to-P3-interface [edit routing-instances R3-1 protocols ospf]lab@srxA-1# show area 0.0.0.10 { nssa; inactive: interface ge-0/0/4.1215; interface ge-0/0/15.0; interface lo0.1;}

[edit routing-instances R3-1 protocols ospf]lab@srxA-1# commit commit complete

[edit routing-instances R3-1 protocols ospf]lab@srxA-1#Step 2.6

Issue the run show route address/32 table inet.0 command again to verify the route to your partners remote virtual routers loopback address has converged through the P1 router, thus using the multiarea adjacency.

[edit routing-instances R3-1 protocols ospf]lab@srxA-1# run show route address/32 table inet.0 inet.0: 18 destinations, 18 routes (18 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both

192.168.2.2/32 *[OSPF/10] 00:00:42, metric 12 > to 172.22.121.2 via ge-0/0/4.1211www.juniper.net Configuring and Monitoring Routing Policy and Advanced OSPF Options (Detailed) Lab 39

Advanced Junos Enterprise RoutingQuestion: Did the route converge through the multiarea adjacency?

Answer: Yes, the route has now converged through the backup multiarea adjacency.

Step 2.7

Navigate to the top of the configuration hierarchy. Use the rollback 1 command to reactivate the interface between your R3 virtual router and the P3 router. Commit the configuration when complete.

[edit routing-instances R3-1 protocols ospf]lab@srxA-1# top [edit]lab@srxA-1# rollback 1 load complete

[edit]lab@srxA-1# commit commit complete

[edit]lab@srxA-1#Step 2.8

Verify that OSPF converged back to the primary path by displaying your partners loopback address using the run show route address/32 table inet.0 command.

[edit]lab@srxA-1# run show route address/32 table inet.0 inet.0: 21 destinations, 21 routes (21 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both


Question: Did the route converge back to your R3 virtual router?

Answer: Yes, the route has converged back to the R3 router.Lab 310 Configuring and Monitoring Routing Policy and Advanced OSPF Options (Detailed) www.juniper.net

Advanced Junos Enterprise Routing STOP Do not proceed until the remote team finishes Part 2.

Part 3: Configuring External Reachability

In this lab part, you configure an external connection from the R3 routing instance to a RIP network. Once established, the RIP routes will be redistributed into OSPF.

Step 3.1

Navigate to the [edit routing-instances instance-name] hierarchy. Remove the R3-to-P3 interface from OSPF Area 10 and reconfigure that interface as a RIP interface. Use a RIP group name of P3. Commit the configuration when complete.

[edit]lab@srxA-1# edit routing-instances instance-name [edit routing-instances R3-1]lab@srxA-1# delete protocols ospf area 10 interface R3-to-P3-interface [edit routing-instances R3-1]lab@srxA-1# set protocols rip group P3 neighbor R3-to-P3-interface [edit routing-instances R3-1]lab@srxA-1# commit commit complete

[edit routing-instances R3-1]lab@srxA-1#Step 3.2

Use the run show route receive-protocol rip address table instance-name command to verify that RIP routes are being received from the P3 router. The address value will be 172.22.125.2 or 172.22.126.2 depending on your assigned student device. Please refer to the network diagram as needed.

[edit routing-instances R3-1]lab@srxA-1# run show route receive-protocol rip address table instance-nameR3-1.inet.0: 29 destinations, 29 routes (29 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both

Note

In this lab part, you will be configuring and displaying commands in the virtual routing instance. When referencing the routing instance, the commands will include the routing instance name, R3-N, where N is the user number (1 or 2). Refer to the lab diagram for the correct user number to use.www.juniper.net Configuri

ajer_11.a-r_lgd

Documents

juniper networks software

juniper networks logo

juniper networks agent

software products

software release

software licensethe

monitoring ospf areas

junos logo