8/20/2019 OSPF in Juniper
1/54
Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
4-1
OSPF
8/20/2019 OSPF in Juniper
2/54
© 2008 Juniper Networks, Inc. All rights reserved. 2
OSPF Review
Link-state protocol•Neighbors use hello packets to form adjacencies•Routers flood LSAs within their area
•LSAs are placed into a link-state database
OSPF packet types•Hello—Type 1•Database description—Type 2•Link-state request—Type 3
•Link-state update—Type 4•Link-state acknowledgement—Type 5
Hierarchical design uses areas connected to abackbone Routers on a broadcast segment elect a DR
8/20/2019 OSPF in Juniper
3/54
© 2008 Juniper Networks, Inc. All rights reserved. 3
Hierarchical Design
Backbone
(Area 0 or 0.0.0.0)
Area 1
Area 2
Area 3
8/20/2019 OSPF in Juniper
4/54
© 2008 Juniper Networks, Inc. All rights reserved. 4
Link-State Update Packets
Carry one or more link-state advertisements
Packets consist of:
•(24-byte) OSPF header
•(4-byte) Number of advertisements
•(Variable) Link-state advertisements
of LSAs
LSA Header
LSA Data
LSA Header
LSA Data
Field length,
in bytes 1 1 2 4 4 2 2 8 Variable
Datauthentication
Authent-
ication
type
Check-
sum
rea IDouter ID
acket
length
ype
ersion
number
4 20 Variable0 Variable
8/20/2019 OSPF in Juniper
5/54
8/20/2019 OSPF in Juniper
6/54
© 2008 Juniper Networks, Inc. All rights reserved. 6
LSA Header
20 bytes of information that identify the LSA uniquelyand consist of:
•(2-byte) LS age
•(1-byte) Options
•(1-byte) LS type•(4-byte) Link-state ID
•(4-byte) Advertising router
•(4-byte) LS sequence number
•(2-byte) LS checksum
•(2-byte) Length
8/20/2019 OSPF in Juniper
7/54© 2008 Juniper Networks, Inc. All rights reserved. 7
Router LSA (Type 1)
Originated by each router in an area•Has area scope
•Describes the state and cost of the router’s interfaces
•Consists of the standard LSA header plus:• (1-byte) Five 0 bits followed by the V, E, and B bits
• (1-byte) Reserved (set to 0)• (2-byte) Number of links
• (4-byte) Link ID
• (4-byte) Link data
• (1-byte) Link type
• (1-byte) Number of ToS metrics
• (2-byte) Metric
• (4-byte) Additional ToS data
8/20/2019 OSPF in Juniper
8/54© 2008 Juniper Networks, Inc. All rights reserved. 8
Link ID and Link Data Fields
Interpretation depends on value of the link type field
Link Type Link ID Link Data
Point-to-point(Type 1) Neighbor’srouter ID Local router’sinterface IP address
Transit
(Type 2)
DR’s
interface IP address
Local router’s
interface IP address
Stub
(Type 3) Network number Subnet mask
Virtual link
(Type 4)
Neighbor’s
router ID
Local router’s
interface IP address
8/20/2019 OSPF in Juniper
9/54© 2008 Juniper Networks, Inc. All rights reserved. 9
user@host> show ospf database router extensive
OSPF link state database, area 0.0.0.0Type ID Adv Rtr Seq Age Opt Cksum Len
Router *192.168.16.1 192.168.16.1 0x80000004 947 0x2 0xd45b 60
bits 0x3, link count 3
id 192.168.24.1, data 10.222.28.1, type PointToPoint (1)
TOS count 0, TOS 0 metric 1
id 10.222.28.0, data 255.255.255.0, type Stub (3)TOS count 0, TOS 0 metric 1
id 192.168.16.1, data 255.255.255.255, type Stub (3)
TOS count 0, TOS 0 metric 0Gen timer 00:30:56
Aging timer 00:44:13
Installed 00:15:47 ago, expires in 00:44:13, sent 00:15:47 agoOurs
Router 192.168.36.1 192.168.36.1 0x80000003 173 0x2 0xfa6 60
bits 0x3, link count 3
id 192.168.24.1, data 10.222.4.2, type PointToPoint (1)
TOS count 0, TOS 0 metric 1id 10.222.4.0, data 255.255.255.0, type Stub (3)
TOS count 0, TOS 0 metric 1
id 192.168.36.1, data 255.255.255.255, type Stub (3)TOS count 0, TOS 0 metric 0
Aging timer 00:57:06
Installed 00:02:47 ago, expires in 00:57:07, sent 19:55:19 ago
Router LSA Example
8/20/2019 OSPF in Juniper
10/54© 2008 Juniper Networks, Inc. All rights reserved. 10
Build a Network — Type 1 LSA
192.168.16.1
192.168.24.1
Area 0
192.168.36.1
10.222.28.0/24 10.222.4.0/24.1
.2
8/20/2019 OSPF in Juniper
11/54© 2008 Juniper Networks, Inc. All rights reserved. 11
Network LSA (Type 2)
Originated by designated routers (DR)•Has area scope
•Describes all routers attached to a network segment
•Consists of the standard LSA header plus:
• (4-byte) Network mask
• (4-byte) Attached router
8/20/2019 OSPF in Juniper
12/54
© 2008 Juniper Networks, Inc. All rights reserved. 12
Network LSA Example
user@host> show ospf database network extensive
OSPF link state database, area 0.0.0.1
Type ID Adv Rtr Seq Age Opt Cksum Len
Network 10.222.1.1 192.168.20.1 0x80000002 813 0x2 0x6876 32
mask 255.255.255.0
attached router 192.168.20.1
attached router 192.168.40.1Aging timer 00:46:27
Installed 00:13:32 ago, expires in 00:46:27, sent 1w5d 01:07:09 ago
8/20/2019 OSPF in Juniper
13/54
© 2008 Juniper Networks, Inc. All rights reserved. 13
Build a Network — Type 2 LSA
Area 1
192.168.16.1
192.168.24.1
Area 0
192.168.36.1
192.168.20.1 192.168.40.1
10.222.28.0/24 10.222.4.0/24
10.222.1.0/24
.1 .2
.1
8/20/2019 OSPF in Juniper
14/54
8/20/2019 OSPF in Juniper
15/54
© 2008 Juniper Networks, Inc. All rights reserved. 15
Summary LSA Example
user@host> show ospf database netsummary extensive
OSPF link state database, area 0.0.0.0
Type ID Adv Rtr Seq Age Opt Cksum Len
Summary 10.222.44.0 192.168.36.1 0x80000004 1011 0x2 0x8530 28
mask 255.255.255.0
TOS 0x0, metric 1
Aging timer 00:43:08
Installed 00:16:49 ago, expires in 00:43:09, sent 1w5d 01:08:42 ago
Summary 192.168.32.1 192.168.36.1 0x80000001 1355 0x2 0x49f9 28
mask 255.255.255.255
TOS 0x0, metric 1
Aging timer 00:37:25
Installed 00:22:33 ago, expires in 00:37:25, sent 1w5d 01:08:42 ago
Summary *192.168.40.1 192.168.16.1 0x80000001 1527 0x2 0x87c6 28
mask 255.255.255.255
TOS 0x0, metric 2Gen timer 00:14:18
Aging timer 00:34:33
Installed 00:25:27 ago, expires in 00:34:33, sent 00:25:27 ago
Ours
...
8/20/2019 OSPF in Juniper
16/54
8/20/2019 OSPF in Juniper
17/54
© 2008 Juniper Networks, Inc. All rights reserved. 17
ASBR Summary LSA (Type 4)
Originated by ABRs
•Has area scope
•Describes ASBRs external to the area
•Consists of the standard LSA header plus:
• (4-byte) Network Mask
• (1-byte) Reserved (set to 0)
• (3-byte) Metric
• (1-byte) ToS
• (3-byte) ToS Metric
8/20/2019 OSPF in Juniper
18/54
© 2008 Juniper Networks, Inc. All rights reserved. 18
ASBR Summary LSA Example
user@host> show ospf database asbrsummary extensive
OSPF link state database, area 0.0.0.0
Type ID Adv Rtr Seq Age Opt Cksum Len
ASBRSum 192.168.32.1 192.168.36.1 0x80000001 1477 0x2 0x3b07 28
mask 0.0.0.0
TOS 0x0, metric 1
Aging timer 00:35:22
Installed 00:24:35 ago, expires in 00:35:23, sent 1w5d 01:10:44 ago
ASBRSum *192.168.40.1 192.168.16.1 0x80000001 1649 0x2 0x79d3 28
mask 0.0.0.0
TOS 0x0, metric 2
Gen timer 00:14:36
Aging timer 00:32:30
Installed 00:27:29 ago, expires in 00:32:31, sent 00:27:29 ago
Ours
8/20/2019 OSPF in Juniper
19/54
© 2008 Juniper Networks, Inc. All rights reserved. 19
Build a Network — Type 4
Area 1
Area ?
192.168.16.1
192.168.24.1
Area 0
192.168.36.1
192.168.20.1 192.168.40.1
192.168.32.1
10.222.28.0/24 10.222.4.0/24
10.222.44.0/24
10.222.1.0/24
.1 .2
.1
8/20/2019 OSPF in Juniper
20/54
© 2008 Juniper Networks, Inc. All rights reserved. 20
AS External LSA (Type 5)
Originated by ASBRs
•Has domain scope
•Describes networks external to the OSPF domain
•Consists of the standard LSA header plus:
• (4-byte) Network mask
• (1-byte) E-bit followed by seven 0 bits
• (3-byte) Metric
• (4-byte) Forwarding address
• (4-byte) External route tag
• (4-byte) Optional ToS fields
8/20/2019 OSPF in Juniper
21/54
© 2008 Juniper Networks, Inc. All rights reserved. 21
AS External LSA Example
user@host> show ospf database extern extensive
OSPF external link state databaseType ID Adv Rtr Seq Age Opt Cksum LenExtern *192.168.17.0 192.168.16.1 0x80000001 1919 0x2 0x3812 36mask 255.255.255.0Type 1, TOS 0x0, metric 20, fwd addr 0.0.0.0, tag 0.0.0.0Gen timer 00:00:32Aging timer 00:28:01Installed 00:31:59 ago, expires in 00:28:01, sent 00:31:58 ago
OursExtern 192.168.33.0 192.168.32.1 0x80000001 1878 0x2 0x1713 36mask 255.255.255.0Type 1, TOS 0x0, metric 20, fwd addr 0.0.0.0, tag 0.0.0.0Aging timer 00:28:42Installed 00:31:15 ago, expires in 00:28:42, sent 00:31:15 ago
Extern 192.168.37.0 192.168.36.1 0x80000002 1287 0x2 0xcc54 36mask 255.255.255.0Type 1, TOS 0x0, metric 20, fwd addr 0.0.0.0, tag 0.0.0.0
Aging timer 00:38:33Installed 00:21:25 ago, expires in 00:38:33, sent 00:21:25 ago
Extern 192.168.41.0 192.168.40.1 0x80000001 1708 0x2 0x8693 36mask 255.255.255.0Type 1, TOS 0x0, metric 20, fwd addr 0.0.0.0, tag 0.0.0.0Aging timer 00:31:34Installed 00:28:25 ago, expires in 00:31:32, sent 00:28:25 ago
8/20/2019 OSPF in Juniper
22/54
© 2008 Juniper Networks, Inc. All rights reserved. 22
Build a Network — Type 5
Area 1
Area ?
192.168.16.1
192.168.24.1
Area 0
192.168.36.1
192.168.20.1 192.168.40.1
192.168.32.1
192.168.41.0/24
192.168.33.0/24
192.168.37.0/24
192.168.17.0/2410.222.28.0/24 10.222.4.0/24
10.222.44.0/24
10.222.1.0/24
.1 .2
.1
8/20/2019 OSPF in Juniper
23/54
© 2008 Juniper Networks, Inc. All rights reserved. 23
NSSA External LSA (Type 7)
Originated by ASBR within the NSSA
•Has same format as an AS external LSA (Type 5)
•Has area scope
•Describes networks external to the OSPF domain
Translated into an AS external LSA (Type 5) by the ABR
at the NSSA border
•NSSA/Propagate bit in the options field indicates whether
translation should take place
• A value of 1 means translate and propagate
• A value of 0 means do not translate
•When multiple ABRs exist, the ABR with the highest RID
performs the translation
8/20/2019 OSPF in Juniper
24/54
© 2008 Juniper Networks, Inc. All rights reserved. 24
NSSA LSA Example
user@host> show ospf database nssa extensive
OSPF link state database, area 0.0.0.2
Type ID Adv Rtr Seq Age Opt Cksum Len
NSSA 192.168.33.0 192.168.32.1 0x80000003 1639 0x8 0x7c19 36
mask 255.255.255.0
Type 1, TOS 0x0, metric 20, fwd addr 192.168.32.1, tag 0.0.0.0
Aging timer 00:32:47
Installed 00:27:12 ago, expires in 00:32:41, sent 1w5d 01:13:35 ago
8/20/2019 OSPF in Juniper
25/54
© 2008 Juniper Networks, Inc. All rights reserved. 25
Build a Network — Type 7
Area 1
Area 2
NSSA
192.168.16.1
192.168.24.1
Area 0
192.168.36.1
192.168.20.1 192.168.40.1
192.168.32.1
192.168.41.0/24
192.168.33.0/24
192.168.37.0/24
192.168.17.0/2410.222.28.0/24 10.222.4.0/24
10.222.44.0/24
10.222.1.0/24
.1 .2
.1
8/20/2019 OSPF in Juniper
26/54
© 2008 Juniper Networks, Inc. All rights reserved. 26
Opaque LSA (Types 9–11)
Allows for the future extensibility of OSPF
•JUNOS software uses Type 9 for graceful restart capability
•JUNOS software uses Type 10 for MPLS traffic engineering
•Type 11 is currently not supported
The difference is in flooding scope
•Type 9 has link-local scope
•Type 10 has area scope
•Type 11 has domain scope
Consist of a standard LSA header followed byapplication-specific information
•OSPF or other applications can use information field directly
8/20/2019 OSPF in Juniper
27/54
© 2008 Juniper Networks, Inc. All rights reserved. 27
LSA Flooding Scopes
Backbone
(0.0.0.0)
Area 1
Area 2 Area 3
External
Routes
Injected
rea 0
LSA 1
Area 1
LSA 3
Area 0
LSA 5
Area 0
LSA 2
Area 1
LSA 1
Area 1
LSA 2
Area 2
LSA 1
Area 2
LSA 2
Area 3
LSA 1
Area 3
LSA 2
Area 2
LSA 3
Area 3
LSA 3
Area 0
LSA 3
Area 2
LSA 3
Area 3
LSA 3
Area 0
LSA 3
Area 1
LSA 3
Area 3
LSA 3
Area 0
LSA 3
Area 1
LSA 3
Area 2
LSA 3
Area 3
LSA 4
Area 3
LSA 4
Area 3
LSA 4
Area 0
LSA 4
Area 0
LSA 4
Area 0
LSA 4
Area 0
LSA 5
Area 0
LSA 5
Area 0
LSA 5
Area 3
LSA 5
Area 3
LSA 5
Area 3
LSA 5
Area 3
LSA 5
External
Routes
Injected
8/20/2019 OSPF in Juniper
28/54
© 2008 Juniper Networks, Inc. All rights reserved. 28
Sample OSPF Database
user@host> show ospf database
OSPF link state database, area 0.0.0.0Type ID Adv Rtr Seq Age Opt Cksum LenRouter *192.168.16.1 192.168.16.1 0x80000004 177 0x2 0xd45b 60Router 192.168.36.1 192.168.36.1 0x80000005 305 0x2 0xda47 60Summary *10.222.1.0 192.168.16.1 0x80000002 412 0x2 0xfafa 28Summary *10.222.29.0 192.168.16.1 0x80000002 631 0x2 0xbb1f 28Summary *192.168.20.1 192.168.16.1 0x80000001 412 0x2 0x87c6 28ASBRSum 192.168.32.1 192.168.36.1 0x80000001 240 0x2 0x3b07 28
OSPF link state database, area 0.0.0.1Type ID Adv Rtr Seq Age Opt Cksum LenRouter *192.168.16.1 192.168.16.1 0x80000007 39 0x2 0xcc62 60Router 192.168.20.1 192.168.20.1 0x80000002 415 0x2 0xd7d9 48Network 10.222.1.1 192.168.20.1 0x80000001 418 0x2 0x6a75 32Summary *192.168.32.1 192.168.16.1 0x80000001 238 0x2 0xe96b 28Summary *192.168.36.1 192.168.16.1 0x80000002 631 0x2 0xb19f 28ASBRSum *192.168.32.1 192.168.16.1 0x80000001 238 0x2 0xdb78 28
ASBRSum *192.168.36.1 192.168.16.1 0x80000001 574 0x2 0xa5ab 28OSPF external link state databaseType ID Adv Rtr Seq Age Opt Cksum LenExtern *192.168.17.0 192.168.16.1 0x80000001 631 0x2 0x3812 36Extern 192.168.21.0 192.168.20.1 0x80000001 420 0x2 0x8693 36Extern 192.168.33.0 192.168.32.1 0x80000001 590 0x2 0x1713 36Extern 192.168.37.0 192.168.36.1 0x80000001 576 0x2 0xce53 36
8/20/2019 OSPF in Juniper
29/54
© 2008 Juniper Networks, Inc. All rights reserved. 29
Shortest-Path-First Algorithm
Based on the Dijkstra algorithm
•Link-state database
•Candidate database
•Tree database
Run on a per-area basis on each router• Independent calculation of the topology
Result is passed to the JUNOS software routing table
•Decision as to whether or not the route is marked active is
made there
8/20/2019 OSPF in Juniper
30/54
8/20/2019 OSPF in Juniper
31/54
© 2008 Juniper Networks, Inc. All rights reserved. 31
SPF Example (2 of 6)
Tree
(A, A, 0) - 0
Link-state
(A, A, 0)
(A, B, 1)
(A, C, 2)
(B, A, 3)
(B, D, 3)
(C, A, 4)
(C, D, 4)
(D, C, 2)
(D, B, 1)
LS Entry Cost to Root
Candidate
(A, A, 0) 0
RTR-A
8/20/2019 OSPF in Juniper
32/54
© 2008 Juniper Networks, Inc. All rights reserved. 32
SPF Example (3 of 6)
Tree
(A, A, 0) - 0
(A, B, 1) - 1
Link-state
(A, A, 0)
(A, B, 1)
(A, C, 2)
(B, A, 3)
(B, D, 3)
(C, A, 4)
(C, D, 4)
(D, C, 2)
(D, B, 1)
LS Entry Cost to Root
Candidate
(A, A, 0) 0
(A, B, 1) 1
(A, C, 2) 2
RTR-A
RTR-B
1
8/20/2019 OSPF in Juniper
33/54
© 2008 Juniper Networks, Inc. All rights reserved. 33
SPF Example (4 of 6)
Tree
(A, A, 0) - 0
(A, B, 1) - 1
(A, C, 2) - 2
Link-state
(A, A, 0)
(A, B, 1)
(A, C, 2)
(B, A, 3)
(B, D, 3)
(C, A, 4)
(C, D, 4)
(D, C, 2)
(D, B, 1)
LS Entry Cost to Root
Candidate
(A, A, 0) 0
(A, B, 1) 1
(A, C, 2) 2
(B, A, 3) 4
(B, D, 3) 4
RTR-A
RTR-B
RTR-C
1
2
8/20/2019 OSPF in Juniper
34/54
© 2008 Juniper Networks, Inc. All rights reserved. 34
SPF Example (5 of 6)
Tree
(A, A, 0) - 0
(A, B, 1) - 1
(A, C, 2) - 2
(B, D, 3) - 4
Link-state
(A, A, 0)
(A, B, 1)
(A, C, 2)
(B, A, 3)
(B, D, 3)
(C, A, 4)
(C, D, 4)
(D, C, 2)
(D, B, 1)
LS Entry Cost to Root
Candidate
(A, A, 0) 0
(A, B, 1) 1
(A, C, 2) 2
(B, A, 3) 4
(B, D, 3) 4
(C, A, 4) 6
(C, D, 4) 6
RTR-A
RTR-B
RTR-C
RTR-D
1
2
3
8/20/2019 OSPF in Juniper
35/54
© 2008 Juniper Networks, Inc. All rights reserved. 35
SPF Example (6 of 6)
Tree
(A, A, 0) - 0
(A, B, 1) - 1
(A, C, 2) - 2
(B, D, 3) - 4
Link-state
(A, A, 0)
(A, B, 1)
(A, C, 2)
(B, A, 3)
(B, D, 3)
(C, A, 4)
(C, D, 4)
(D, C, 2)
(D, B, 1)
LS Entry Cost to Root
Candidate
(A, A, 0) 0
(A, B, 1) 1
(A, C, 2) 2
(B, A, 3) 4
(B, D, 3) 4
(C, A, 4) 6
(C, D, 4) 6
(D, B, 1) 5
(D, C, 2) 6
RTR-A
RTR-B
RTR-C
RTR-D
1
2
3
8/20/2019 OSPF in Juniper
36/54
© 2008 Juniper Networks, Inc. All rights reserved. 36
Controlling SPF Calculations
Three consecutive SPF runs can occur before a
mandatory hold-down occurs
•Keeps the network stable during change
•5-second timer is not configurable
A 200-millisecond delay is preconfigured between theback-to-back SPFs
•Altered with the spf-delay knob
•Possible values range from 50 to 1000 ms
[edit protocols ospf]
user@host# set spf-delay 100
8/20/2019 OSPF in Juniper
37/54
© 2008 Juniper Networks, Inc. All rights reserved. 37
OSPF Router ID
Each OSPF router selects a 32-bit value to use as its
router ID•Populated within the LSAs sent out by each router•Uniquely identifies the router within the network•Used by the link-state database to run SPF
When rpd initiates, the primary interface of the routeris chosen as the source of the router ID•Normally the loopback interface when a non-Martian route
IPv4 address is configured
You can set the RID explicitly within [editrouting-options]•Stub route to RID is no longer advertised by default
[edit routing-options]
user@host# set router-id 192.168.1.1
8/20/2019 OSPF in Juniper
38/54
© 2008 Juniper Networks, Inc. All rights reserved. 38
Advertising Your Loopback
Your loopback address is likely equal to your router ID
•Occurs when a non-127/8 address is configured
JUNOS software automatically advertises the loopback
address into the link-state database
•When interface lo0 is not configured within OSPF, it isadvertised within all router LSAs
•When interface lo0 is configured in a specific area, it is
only advertised in the router LSA of that area
•Stops when you set the RID with the router-id command
8/20/2019 OSPF in Juniper
39/54
© 2008 Juniper Networks, Inc. All rights reserved. 39
Graceful Restart (1 of 2)
A restarting router can ask its neighbors to not alter
their database
•Restarting router must continue to forward packets
•The network topology must be stable
•The neighbors must support this functionality
Three modes of operation:
•Restart candidate router
•Possible helper router
•Helper router
8/20/2019 OSPF in Juniper
40/54
© 2008 Juniper Networks, Inc. All rights reserved. 40
Enabled globally within [edit routing-options]
•Four options to further control graceful restart operation
Grace LSA used for communications
•Link-local opaque LSA format (Type 9)
Graceful Restart (2 of 2)
routing-options {
graceful-restart;
}
lab@host> show ospf database link-local extensive
OSPF Link-Local link state database, interface at-0/2/0.0
Type ID Adv Rtr Seq Age Opt Cksum LenOpaqLoc 3.0.0.0 192.168.20.1 0x80000001 29 0x22 0xdc4 36Grace 210
Reason 1
Aging timer 00:59:31Installed 00:00:26 ago, expires in 00:59:31
Change count: 0
8/20/2019 OSPF in Juniper
41/54
© 2008 Juniper Networks, Inc. All rights reserved. 41
[edit protocols ospf area 0.0.0.0]user@host# showinterface all {
bfd-liveness-detection {
minimum-interval 100;}
}interface fxp0.0 {
disable;}
A protocol that provides millisecond-level failure
detection of a neighboring router’s forwarding plane•Support for OSPF, IS-IS, and static routing
•Support for RSVP-TE and LDP-signaled LSPs
•Defined in draft-katz-ward-bfd, draft-katz-ward-bfd-v4v6-1hop,
and draft-ietf-bfd-mpls Enabled on a per-interface basis:
Bidirectional Forwarding Detection
8/20/2019 OSPF in Juniper
42/54
© 2008 Juniper Networks, Inc. All rights reserved. 42
[edit protocols ospf]
user@host# show
area 0.0.0.0 {
interface so-0/0/0.0 {
metric 12;
}
interface at-1/0/1.100 {
metric 73;
}
}
Cost, or metric, of an interface indicates the overhead
required to send packets out a particular interface Default OSPF cost for all links is 108 /bandwidth (bps)
•Links with a bandwidth 100 Mbps have a cost of 1
•Cost calculation results in a value
8/20/2019 OSPF in Juniper
43/54
8/20/2019 OSPF in Juniper
44/54
© 2008 Juniper Networks, Inc. All rights reserved. 44
Effects of Altering Metrics
Metric values are advertised in Type 1 or Type 2 LSAs
and populate link-state database As each router runs the SPF algorithm, each LSA is
examined individually for the cost of the outgoinginterface•The final metric calculation uses that cost
Routers can disagree about the cost on a network link•Can result in asynchronous routing in the network•Hong Kong sees a cost of 45 to reach the Amsterdam router•Amsterdam sees a cost of 60 to reach the Hong Kong router
Hong Kong
San Jose Montreal
Amsterdam
5
10
15
20 25
30
8/20/2019 OSPF in Juniper
45/54
8/20/2019 OSPF in Juniper
46/54
© 2008 Juniper Networks, Inc. All rights reserved. 46
[edit protocols ospf]
lab@Sydney# show
area 0.0.0.20 {
authentication-type md5;
interface fe-0/0/2.0 {authentication {
md5 30 key "$9$wc24ZzF/O1h"; ## SECRET-DATA
}
}
}
MD5 Per-Area Authentication
Includes an encrypted checksum with all packets
•Provides better security than type simple Each interface requires an authentication key
•Multiple interfaces can use the same key•Keys are always encrypted in the configuration
Each key requires a key ID value ranging from 0 to 255
8/20/2019 OSPF in Juniper
47/54
© 2008 Juniper Networks, Inc. All rights reserved. 47
Interface Level Authentication
Different authentication types can be configured on a
per-interface basis•Omit authentication-type from the area hierarchy•Configure the authentication hierarchy under the
interface•Type simple uses the simple-password command
•MD5 authentication allows for multiple key ID values• Highest value used by default• For easy transition, assign each key ID a start time
[edit protocols ospf area 0.0.0.1]
lab@Sydney# show
interface fe-0/0/0.0 {authentication {
md5 1 key "$9$fQF/SyK7-w"; ## SECRET-DATA
md5 2 key "$9$fQz69CuBRS" start-time 2006-7-4.17:07:06; ## SECRET-DATA
}
}
interface fe-0/0/1.0 {
authentication {
simple-password "$9$ChkJpORreW-VYhSVYgojiAp0"; ## SECRET-DATA
}}
8/20/2019 OSPF in Juniper
48/54
© 2008 Juniper Networks, Inc. All rights reserved. 48
user@host> show ospf interface detail
Interface State Area DR ID BDR ID Nbrsfe-0/0/2.0 DR 0.0.0.0 192.168.36.1 192.168.24.1 1
Type LAN, address 10.222.4.2, mask 255.255.255.0, MTU 1500, cost 1
DR addr 10.222.4.2, BDR addr 10.222.4.1, adj count 1, priority 128
Hello 10, Dead 40, ReXmit 5, Not Stub
Auth type MD5, Active key id 4, Start time 2003 Apr 14 11:05:00 UTC
fe-0/0/3.0 DRother 0.0.0.0 0.0.0.0 0.0.0.0 0
Type LAN, address 1.1.1.2, mask 255.255.255.0, MTU 1500, cost 1
adj count 0, priority 128
Hello 10, Dead 40, ReXmit 5, Not Stub
Auth type Password
Verifying Authentication
Authentication information available with the show
ospf interface detail command•Type of authentication is displayed•Key ID values shown if appropriate
8/20/2019 OSPF in Juniper
49/54
© 2008 Juniper Networks, Inc. All rights reserved. 49
Virtual Links
Virtual links can connect remote OSPF areas together
•Used for an area not physically connected to the backbone•Used for a discontiguous backbone
Configuration always occurs within area 0.0.0.0•Creates a virtual ABR out of the remote router•Tunnels OSPF protocol packets through a transit area
•Both ends must configure the link towards each other• Route summarization should not be performed over virtual links
Area 1
Area 2
rea 0
Virtual Link
8/20/2019 OSPF in Juniper
50/54
© 2008 Juniper Networks, Inc. All rights reserved. 50
[edit protocols ospf]
user@host# show
area 0.0.0.1 {
interface fe-0/2/2.0;
}
area 0.0.0.0 {
virtual-link neighbor-id 192.168.0.1 transit-area 0.0.0.1;
}
[edit protocols ospf]
user@host# run show ospf interface
Interface State Area DR ID BDR ID Nbrs
vl-192.168.0.1 PtToPt 0.0.0.0 0.0.0.0 0.0.0.0 1
Virtual Link Configuration
Configuration requires two values
•The transit-area is the area to be tunneled through•The neighbor ID is the 32-bit router ID of the router at the far
end of the link
Virtual link appears as an operational OSPF interface
8/20/2019 OSPF in Juniper
51/54
© 2008 Juniper Networks, Inc. All rights reserved. 51
[edit protocols ospf]user@host# show
overload;
area 0.0.0.0 {
interface so-0/0/0.0;interface ge-0/1/0.0;
}user@host> show ospf database router extensive
OSPF link state database, area 0.0.0.3
Type ID Adv Rtr Seq Age Opt Cksum Len
Router 192.168.56.1 192.168.56.1 0x80000005 71 0x2 0x540b 60id 192.168.48.1, data 10.222.61.1, type PointToPoint (1)
TOS count 0, TOS 0 metric 65535
Overload Settings
Used for transit traffic only if no other path is available
•Sets metric to 65,535 in router LSA on all transit links•Flooding of changed LSA causes SPF calculations in network
Can be set permanently or with a timeout value
•Timer is between 60 and 1800 seconds
•Timer only runs after RPD starts
8/20/2019 OSPF in Juniper
52/54
© 2008 Juniper Networks, Inc. All rights reserved. 52
[edit protocols ospf]user@host# showprefix-export-limit 500;area 0.0.0.0 {
interface so-0/0/0.0;interface ge-0/1/0.0;
}
Prefix Limits for External Routes
JUNOS software built to handle large numbers of
external routes (Type 5 LSAs)• You normally do not want Internet routes in OSPF
• Usually occurs due to configuration mistake
• Can leave a portion of your network unusable
Limit can be placed on the number of routes allowed
using a routing policy•Type 5 LSAs purged when the limit is reached
•Overload state initiated when the limit is reached
•Requires manual action to correct the problem
8/20/2019 OSPF in Juniper
53/54
© 2008 Juniper Networks, Inc. All rights reserved. 53
Multiarea OSPF Configuration
Configured at the [edit protocols ospf]
hierarchy level Each area is listed along with the interfaces
associated with that area:
protocols {
ospf {area area-id {
interface interface-name;interface interface-name;
interface interface-name;
}
area area-id {
interface interface-name;}
area area-id {
interface interface-name;}
}
}
8/20/2019 OSPF in Juniper
54/54