SRX

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about the SRX Series.
  • 1.  SRX OSPF over IPSec Tunnel

    Posted 03-24-2014 13:08

     

    Hi Experts,

     

     

    we are tring to connect two ABR routers (R1 and R2) thru ipsec tunnel on SRX devices in area 0 . The issue we are seeing is ospf adjanceny is a point to point. We would like it to have DR and BDR relation between the SRX so that if one goes down the other one will take over the backbone as a DR router.

     

    any advie is well appreciated.

     

     

    OSPF-topo.PNG

     

    Thank you,


    #SRX
    #ospf


  • 2.  RE: SRX OSPF over IPSec Tunnel
    Best Answer

    Posted 03-24-2014 23:25

    Hello,

    Below configuration will help you to accomplish the requirement.


    First SRX
    =========
    set protocols ospf area 0.0.0.0 interface st0.0 interface-type nbma
    set protocols ospf area 0.0.0.0 interface st0.0 neighbor 1.1.1.3
    set interfaces st0 unit 0 multipoint
    set interfaces st0 unit 0 family inet mtu 1500
    set interfaces st0 unit 0 family inet address 1.1.1.5/24


    Second SRX
    ==========
    set protocols ospf area 0.0.0.0 interface st0.0 interface-type nbma
    set protocols ospf area 0.0.0.0 interface st0.0 neighbor 1.1.1.5
    set interfaces st0 unit 0 multipoint
    set interfaces st0 unit 0 family inet mtu 1500
    set interfaces st0 unit 0 family inet address 1.1.1.3/24


    -CK
    Please mark My solution accepted if it helped you , your kudos are much appreciated ...



  • 3.  RE: SRX OSPF over IPSec Tunnel

    Posted 03-26-2014 09:42

     

     

    Thank you, The config you gave work.

     

    basically, what we are trying to do is extending the backbone area 0 and connect all the remote sites to SRX-R1 and SRX-R2 so that if SRX-R1 goes down, SRX-R2 should be able to take over.

     

    However, if SRX-R1 and R2 both are operational, we want all the traffic go thru R1 to reach R2.

     

    when we increase the cost on the link between R2 and R3, traffic behind R3 take the link between R1 and R2 but when it comes back it's taking the link between R2 and R3 becasue it's intra route is prefered over inter route and creating an asymetrix route.

     

    do you know any way to solve this issue?

     

     

     

     

     

     

     

     

     

     

    Thank you,

     

     

     



  • 4.  RE: SRX OSPF over IPSec Tunnel

    Posted 03-26-2014 09:43

    ospf-topo1.PNG