Routing

last person joined: yesterday 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.

  • 1.  OSPF ASBR LSA Issues

    Posted 01-07-2020 14:33

    Hi Guys, this is my first post here so I just want to say a huge thank you in advance for any help I'm able to get on this!!

     

    I'm studying for my JNCIP-SP and I've knocked together a lab which should scale to allow me to cover all topics simultaneously so it's quite large, sorry in advance (Attached is the diagram from my EVE-NG setup). I'm slightly confused by the behaviour of OSPF at the moment. My provider core (represented by the cloud icons, running vMXs) is currently area 0 (had all sorts of issues trying to integrate the 'super' backbone into an existing customer LAN with area 0, so re-designed it) This re-distributes into MP-BGP with RSVP signalled LSPs for transport.

     

    The connections between net1 and net3 are area 100 - the 'Branch' vMX has a loopback intf in area 50. What i wanted to do was create a backdoor link between net1 and branch to then set up a sham link to allow type 1 and 2 LSA's to be propagated by the ISP-D ASBR to allow normal metrics to control the use of the MPLS as the primary path.

     

    The issue i'm having is that whilst net1, net 3 and Branch see the ISP devices as ASBR's - the ASBRs are not generating type 5 LSA's as expected for the routes learned at the branch office, despite being redistributed from BGP. They show as Summary LSA's in the LSDB. I know the OSPF domain ID can be used to convert the advertisements from type 5 to type 3 if they match - this has not been done and I've even gone to the trouble of explicitly configuring different domain ID's but no luck!

     

    I really want to be able to mess around with the NSSA flag, domain ID, sham links etc - so any help understanding what i've done wrong would be great! I've attached config for the net 1 device, the ISP-A and the LSDB. Thanks!! =]

    Attachment(s)

    txt
    ISP-A_config.txt   1 KB 1 version
    txt
    ISP-A_config.txt   1 KB 1 version
    txt
    net1_config.txt   1 KB 1 version
    txt
    OSPF_Output.txt   3 KB 1 version


  • 2.  RE: OSPF ASBR LSA Issues

    Posted 01-07-2020 16:08

    Need to look at the details that you sent, but here are the advertisement rules, which migh help: 

    DOMAIN IDs.png

    REGARDS!



  • 3.  RE: OSPF ASBR LSA Issues

    Posted 01-08-2020 02:12

    Hi Yasmin,

     

    Thanks for the quick response! That behaviour is exactly what i'd expect. The two connections to the 'customers' main site are configured with a domain ID of 20 and the Branch site is configured to use a domain ID of 10. The vMX in the branch site has a loopback address of 4.4.4.4 - From the primary site I should see this route as an External LSA, not a summary, right? 

     

    Config for the VRF on ISP devices:

     

    =========

    MAIN SITE

    =========

    stewart@ISP-A> show configuration routing-instances CustomerA
    instance-type vrf;
    interface ge-0/0/3.0;
    route-distinguisher 39326:1;
    vrf-import CustomerA-Import;
    vrf-export CustomerA-Export;
    routing-options {
    router-id 210.210.210.210;
    }
    protocols {
    ospf {
    domain-id 20;
    export [ CustomerA CustomerA-Import ];
    area 0.0.0.0 {
    interface ge-0/0/3.0 {
    interface-type p2p;
    }
    }
    }
    }

    =======================

    stewart@ISP-C> show configuration routing-instances CustomerA instance-type vrf;
    interface ge-0/0/3.0;
    route-distinguisher 39326:1;
    vrf-import CustomerA-Import;
    vrf-export CustomerA-Export;
    routing-options {
    router-id 212.212.212.212;
    }
    protocols {
    ospf {
    domain-id 20;
    export CustomerA-Import;
    area 0.0.0.0 {
    interface ge-0/0/3.0 {
    interface-type p2p;
    }
    }
    }
    }

    ===========

    BRANCH SITE

    ===========

    stewart@IPS-D> show configuration routing-instances CustomerA
    instance-type vrf;
    interface ge-0/0/4.0;
    route-distinguisher 39326:1;
    vrf-import CustomerA-Import;
    vrf-export CustomerA-Export;
    routing-options {
    router-id 213.213.213.213;
    }
    protocols {
    ospf {
    domain-id 10;
    export CustomerA-Import;
    area 0.0.0.0 {
    interface ge-0/0/4.0 {
    interface-type p2p;
    }
    }
    }
    }

     

    =====================

     

    Despite this, the LSDB shows it as a summary, despite having type 4 ASBR summary's being flooded into area 100 😞 

     

    stewart@net2> show ospf database

    OSPF database, Area 0.0.0.0
    Type ID Adv Rtr Seq Age Opt Cksum Len
    Summary *1.1.1.1 2.2.2.2 0x80000001 334 0x22 0x2907 28
    Summary *2.2.2.2 2.2.2.2 0x80000002 19 0x22 0xee3d 28
    Summary *3.3.3.3 2.2.2.2 0x80000001 334 0x22 0xcc5b 28
    Summary *10.1.2.0 2.2.2.2 0x80000002 362 0x22 0x9e8a 28
    Summary *10.1.3.0 2.2.2.2 0x80000001 334 0x22 0x9f88 28
    Summary *10.2.3.0 2.2.2.2 0x80000002 362 0x22 0x879f 28
    Summary *10.2.150.0 2.2.2.2 0x80000002 362 0x22 0x3063 28
    Summary *150.150.150.150 2.2.2.2 0x80000001 345 0x22 0x4891 28

    OSPF database, Area 0.0.0.100
    Type ID Adv Rtr Seq Age Opt Cksum Len
    Router 1.1.1.1 1.1.1.1 0x80000005 339 0x22 0xa7f3 84
    Router *2.2.2.2 2.2.2.2 0x80000005 336 0x22 0xb85 84
    Router 3.3.3.3 3.3.3.3 0x80000005 338 0x22 0x671e 84
    Summary 4.4.4.4 1.1.1.1 0x80000002 21 0x22 0xc461 28
    Summary 4.4.4.4 3.3.3.3 0x80000002 21 0x22 0x8895 28
    Summary 10.1.210.0 1.1.1.1 0x80000002 359 0x22 0xc398 28
    Summary *10.2.150.0 2.2.2.2 0x80000002 362 0x22 0x3063 28
    Summary 10.3.200.0 1.1.1.1 0x80000001 257 0x22 0x3033 28
    Summary 10.3.200.0 3.3.3.3 0x80000003 307 0x22 0xdb7f 28
    Summary 10.3.212.0 3.3.3.3 0x80000002 355 0x22 0x59f6 28
    Summary *150.150.150.150 2.2.2.2 0x80000001 345 0x22 0x4891 28
    Summary 192.168.200.0 1.1.1.1 0x80000001 257 0x22 0x41c1 28
    Summary 192.168.200.0 3.3.3.3 0x80000001 307 0x22 0xf00c 28
    Summary 200.200.200.200 1.1.1.1 0x80000001 257 0x22 0x759d 28
    Summary 200.200.200.200 3.3.3.3 0x80000001 307 0x22 0x25e7 28
    ASBRSum 210.210.210.210 1.1.1.1 0x80000001 348 0x22 0x8566 28
    ASBRSum 212.212.212.212 3.3.3.3 0x80000001 343 0x22 0xecee 28

    OSPF database, Area 0.0.0.150
    Type ID Adv Rtr Seq Age Opt Cksum Len
    Router *2.2.2.2 2.2.2.2 0x80000002 350 0x22 0xe64 48
    Router 150.150.150.150 150.150.150.150 0x80000004 351 0x22 0x3084 60
    Summary *1.1.1.1 2.2.2.2 0x80000001 334 0x22 0x2907 28
    Summary *2.2.2.2 2.2.2.2 0x80000001 471 0x22 0xf03c 28
    Summary *3.3.3.3 2.2.2.2 0x80000001 334 0x22 0xcc5b 28
    Summary *10.1.2.0 2.2.2.2 0x80000002 362 0x22 0x9e8a 28
    Summary *10.1.3.0 2.2.2.2 0x80000001 334 0x22 0x9f88 28
    Summary *10.2.3.0 2.2.2.2 0x80000002 362 0x22 0x879f 28
    Summary 10.2.160.0 150.150.150.150 0x80000002 372 0x22 0x58de 28



  • 4.  RE: OSPF ASBR LSA Issues
    Best Answer

     
    Posted 01-08-2020 08:15

    Hi Stewart,

     

    Can you please add the OSPF domain-id in the VRF Export policy.

     

    Ref Link: https://www.juniper.net/documentation/en_US/junos/topics/topic-map/l3-vpns-routing-between-ce-pe.html

     

    The community for OSPF routes should be something like this to advertise the domain-id with OSPF routes

     

    community export-target-VPN-B members [ target:10.255.14.216:11 domain-id:192.0.2.1:0 ]

     

    PS: Please mark my response as solution if it answers your query, kudos are appreciated as well.

     

    Thanks

    Vishal



  • 5.  RE: OSPF ASBR LSA Issues

    Posted 01-08-2020 09:36

    Vishal you're a star - thanks!!

     

    I thought applying the domain-id within the VRF would be enough, must have missed the bit about an additional named-community! Thanks again =]



  • 6.  RE: OSPF ASBR LSA Issues

     
    Posted 01-08-2020 09:49
    Glad I could help! Good Luck with your JNCIP-SP Thanks Vishal