SRX

 View Only
last person joined: 17 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
  • 1.  OSPF - No Neighbors?

    Posted 12-26-2019 11:12

    Hey, 

     

    What am I missing?

     

    I'm trying to setup dynamic routing between our vSRXs through our physical infrastructure and I don't even see any received hellos. 

     

    I know the physical side is working because I have OSPF routes connecting all our physical equipment. 

     

    Here is my config (10.66.0.2 / 10.67.0.2 are part of Area 0 in the underlay physical network that is working)

    admin@vSRX1# show security zones security-zone Transport 
    host-inbound-traffic {
        system-services {
            ping;
            all;
        }
        protocols {
            ospf;
            all;
        }
    }
    interfaces {
        ge-0/0/0.660 {
            host-inbound-traffic {
                system-services {
                    ping;
                    all;
                }
                protocols {
                    ospf;
                    all;
                }
            }
        }
        ge-0/0/0.670 {
            host-inbound-traffic {
                system-services {
                    ping;
                    all;
                }
                protocols {                 
                    ospf;
                    all;
                }
            }
        }
    }
    
    
    
    admin@vSRX1# show protocols ospf 
    area 0.0.0.0 {
        interface ge-0/0/0.660;
        interface ge-0/0/0.670;
    }
    
    admin@vSRX1# show security policies from-zone Transport to-zone Transport 
    policy Permit-All {
        match {
            source-address any;
            destination-address any;
            application any;
        }
        then {
            permit;
        }
    }
    admin@vSRX1# show interfaces ge-0/0/0.670 
    vlan-id 670;
    family inet {
        address 10.67.0.3/24;
    }
    
    [edit]
    admin@vSRX1# show interfaces ge-0/0/0.660                                    
    vlan-id 660;
    family inet {
        address 10.66.0.3/24;
    }

     



  • 2.  RE: OSPF - No Neighbors?

     
    Posted 12-26-2019 12:07

    Hi Nothing wrong from OSPF and security zone perspective as far as I can tell

     

    Few more things to check. 

    Are you able to ping directly connected link? For example from 10.66.0.2 to 10.66.0.3?

    Is there any lo0 filter?

    What do you see in "show ospf neighbor (detail)" and "show ospf interface (detail)" output?



  • 3.  RE: OSPF - No Neighbors?

    Posted 12-26-2019 12:23

    Hey, 

     

    Thanks for your reply. 

     

    both my systems dont' seem to see each other at all. I've hard coded the router-id and neighbor just to see and still nothing.

     

    I'm in the process of spinning up another vRouter of sorts and seeing if this is an ESXi problem because if you don't see anythign wrong, it might be that. 

     

    admin@DEN-vSRX1# exit           

    Exiting configuration mode

     

    admin@DEN-vSRX1> show ospf neighbor detail 

     

    admin@DEN-vSRX1> show ospf interface detail 

    Interface           State   Area            DR ID           BDR ID          Nbrs

    ge-0/0/0.660        DR      0.0.0.0         10.67.0.3       0.0.0.0            0

      Type: LAN, Address: 10.66.0.3, Mask: 255.255.255.0, MTU: 1500, Cost: 1

      DR addr: 10.66.0.3, Priority: 128

      Adj count: 0

      Hello: 10, Dead: 40, ReXmit: 5, Not Stub

      Auth type: None

      Protection type: None

      Topology default (ID 0) -> Cost: 1

    ge-0/0/0.670        DR      0.0.0.0         10.67.0.3       0.0.0.0            0

      Type: LAN, Address: 10.67.0.3, Mask: 255.255.255.0, MTU: 1500, Cost: 1

      DR addr: 10.67.0.3, Priority: 128

      Adj count: 0

      Hello: 10, Dead: 40, ReXmit: 5, Not Stub

      Auth type: None

      Protection type: None

      Topology default (ID 0) -> Cost: 1



  • 4.  RE: OSPF - No Neighbors?

    Posted 12-26-2019 14:45

    Hello there, 

     

    Configuration is okay, can you run

    >show ospf overview

     

    Try pinging both sides and see if that works

     

    Thank you, 

    Franky



  • 5.  RE: OSPF - No Neighbors?
    Best Answer

    Posted 12-27-2019 06:53

    Sorry everyone.

     

    I forgot to put the VLAN in ESXi.

     

    Hence why ping doesn't work. This can be closed!