JNCIS-SP: OSPF lab.

The first JNCI-SP lab I did has the following layout:

scenario

I figured this scenario would enable me to practice and perform nearly everything that is covered in the JNCIS-SP study guide.

What this post will cover:


    • the basic configuration and concepts
    • area types
    • troubleshooting and verifcation commands
    • some policies and redistribution

First, I'll cover area 0.0.5.5, then the NSSA followed by the stub. Near the end, I will cover the backbone area and I'll finish with the Lab's entire configuration.


Area 0.0.5.5

In this area, there are two active routers, R1 and R2. The configuration of the area is as follows;

scenario

scenario



There is nothing really special about this area. R2 is an ABR and does not have any interesting configuration. R1 is where several things are happening:
    • an OSPF adjacency is build with the backbone area
    • loopbacks are redistributed via a policy
    • reference bandwidth is adjusted

The policy we created (INJECT-LOOPBACK) injects the prefixes into OSPF will generate external LSAs, making R1 an ASBR. This can be verfified with the following commands:

scenario


scenario


On R3, when we examine the LSDB, we can see the the additions to the LSDB that resulted from our policy on R1:
    • the ASBR summary LSA that is generated by R2
    • the external addresses that were injected by R1 from another protocol (direct)

scenario


On R1, were the loopback addresses were injected in two different terms. Term 1 injects 1.1.1.1/32 as a type 1 external LSA and term 2 injects 172.16.1.1/32 as a type 2 external LSA. The difference between type 1 and 2 can be observerd on R3:
scenario


In the previous output, you can see that the type 1 external LSA's metric was altered because each time the LSA was advertised, the cost of the link was added. In this case, two GigabitEthernet links were crossed, so the metric is 2.
The type 2 external LSA's metric remains the same on all routers. In this case, the metric is 0 because no costs were added and loopback addresses have 0 starting cost in OSPF.

The last thing that was done one R1, was the alteration of the reference bandwidth. OSPF uses a formula to calculate the cost of a route;
cost = reference-bandwidth / interface bandwidth
All links faster than 100Mbps have a cost metric of 1

Observe the following output.

scenario



The first 'show route' displays the cost of the route to R2's loopback. The cost is 1 because a GigabitEthernet link was traversed and a loopback interface started with a cost of 0.
The second 'show route' displays the metric of the route after increasing the reference bandwidth to 10Gbit. The metric is 10;
10000000000 / 1000000000 = 10


Area 0.0.7.7

This is an NSSA, a Not-So-Stubby-Area. Unlike the stub area, the NSSA area allows external routes to be flooded into the area. The following is happening in this scenario;
    • R6 and R9 are part of the NSSA.
    • R9 and R8 have an BGP neighbor-relationship.
    • R9 learns a default route from R8 via BGP. The route is then redistributed into OSPF as a type 7 LSA.
    • R6 learns the default route from R9 and translates the type 7 LSA into a type 5 LSA for the rest of the AS

The configuration for this area is as follows;

scenario



R9 is an NSSA router that is functioning as an ASBR as well. In a normal stub area, only LSA type 1,2 and 3 are allowed.In an NSSA, there is one extra LSA allowed, the type 7 LSA.
The type 7 LSA describes prefixes from other protcols and are sent by the NSSA ASBR router. In our case, R9 is advertising a type 7 LSA for the default route that is redistributed from BGP
In the picture below, you can see that R9 is functioning as a NSSA ASBR router, and that the router is advertising the default route that is learned from BGP:

scenario



The R6 router is participaring in the NSSA and in the backbone area. The router is receiving the default route from R6 as a type 7 LSA. The R6 router will, apart from use this route, advertise this route within the backbone area
The default route will not remain a type 7 LSA towards other routers in the backbone area, but it will turn the LSA into a type 5 LSA.
This can be observed with the following commands:

scenario



On R1, you can also see that there is no notion of the NSSA. R1 is learning the default route from R2. The default route can be observed as being originated by R6. Because R6 is in another area as R1, the R2 ABR also sends a type 4 LSA (ASBR summary).


scenario


Area 0.0.6.6

This is a stub area. Inside a stub area, only type 1, 2 and 3 LSAs are allowed. Futhermore, a default route is received from the ABR.
Stub areas can be used to increase the perfomance and scalability of OSPF. The LSDB's size can be significantly decreased by having the external LSA's replaced by a default route. This can significantly decrease the volume and frequency of LSA flooding.
The LSDB size can be decreased even further by making a stub area a totally-stubby-area.
Let's look at the relevant configuration for the stub area. R3 (the ABR of the backbone area) has the following configuration;

scenario



The configuration on R4 is as follows;

scenario


The result of the configuration is that the R4 router will only learn type 1, 2 and 3 LSA's. The R4 router will also receive a default route from R3.

scenario



The LSDB of the stub area can be decreased even further by turning it into a totally stubby area. This can be done by issuing the following command on R3;


scenario

After configuring R3 to stop sending type 3 LSAs (other than the default route), the effects will be visible on R4 immediately;


scenario

scenario


Area 0.0.0.0

This is the final area in this lab, the backbone area. In every OSPF implementation, there is a backbone area. It is the central area of an AS and it's always assigned ID 0.0.0.0. All other areas are adjacent to the backbone area. In our case, there are four routers in the backbone area. These are R2, R6, R3 and R7. All of the routers, except for R7, are ABRs. R7 is an ASBR injecting RIP routes into the backbone.

The configuration of the area is pretty straightforward. The configuration of R7 is depicted below;

scenario



An overview from R7 will show the following:

scenario

I suppose this setup covers most of JNCIS-SP ospfv2 related stuff.

Lastly, the complete configuration for the logical routers in this lab is as follows:


set logical-systems R1 interfaces xe-0/0/0 unit 1 vlan-id 1
set logical-systems R1 interfaces xe-0/0/0 unit 1 family inet address 172.16.0.1/30
set logical-systems R1 interfaces ge-1/0/3 unit 50 description TO-R2
set logical-systems R1 interfaces ge-1/0/3 unit 50 vlan-id 50
set logical-systems R1 interfaces ge-1/0/3 unit 50 family inet address 2.0.0.9/30
set logical-systems R1 interfaces lo0 unit 1 family inet address 172.16.1.1/32
set logical-systems R1 interfaces lo0 unit 1 family inet address 1.1.1.1/32
set logical-systems R1 protocols ospf export INJECT-LOOPBACK
set logical-systems R1 protocols ospf reference-bandwidth 10g
set logical-systems R1 protocols ospf area 0.0.5.5 interface ge-1/0/3.50 interface-type p2p
set logical-systems R1 protocols ospf area 0.0.5.5 interface ge-1/0/3.50 authentication md5 1 key "$9$E39yrKX7dgoZ/C"
set logical-systems R1 policy-options policy-statement INJECT-LOOPBACK term 1 from protocol direct
set logical-systems R1 policy-options policy-statement INJECT-LOOPBACK term 1 from route-filter 1.1.1.1/32 exact
set logical-systems R1 policy-options policy-statement INJECT-LOOPBACK term 1 then external type 1
set logical-systems R1 policy-options policy-statement INJECT-LOOPBACK term 1 then accept
set logical-systems R1 policy-options policy-statement INJECT-LOOPBACK term 2 from protocol direct
set logical-systems R1 policy-options policy-statement INJECT-LOOPBACK term 2 from route-filter 172.16.1.1/32 exact
set logical-systems R1 policy-options policy-statement INJECT-LOOPBACK term 2 then external type 2
set logical-systems R1 policy-options policy-statement INJECT-LOOPBACK term 2 then accept
set logical-systems R10 interfaces xe-0/0/0 unit 10 vlan-id 10
set logical-systems R10 interfaces xe-0/0/0 unit 10 family inet address 172.16.0.37/30
set logical-systems R10 interfaces ge-1/0/3 unit 58 description TO-R7
set logical-systems R10 interfaces ge-1/0/3 unit 58 vlan-id 58
set logical-systems R10 interfaces ge-1/0/3 unit 58 family inet address 2.0.0.34/30
set logical-systems R10 interfaces lo0 unit 10 family inet address 172.16.1.10/32
set logical-systems R10 interfaces lo0 unit 10 family inet address 1.1.1.10/32
set logical-systems R10 protocols rip group LAB export EXPORT
set logical-systems R10 protocols rip group LAB neighbor ge-1/0/3.58
set logical-systems R10 policy-options policy-statement EXPORT term 1 from protocol direct
set logical-systems R10 policy-options policy-statement EXPORT term 1 from protocol rip
set logical-systems R10 policy-options policy-statement EXPORT term 1 then accept
set logical-systems R2 interfaces xe-0/0/0 unit 2 vlan-id 2
set logical-systems R2 interfaces xe-0/0/0 unit 2 family inet address 172.16.0.5/30
set logical-systems R2 interfaces ge-1/1/3 unit 50 description TO-R1
set logical-systems R2 interfaces ge-1/1/3 unit 50 vlan-id 50
set logical-systems R2 interfaces ge-1/1/3 unit 50 family inet address 2.0.0.10/30
set logical-systems R2 interfaces ge-1/1/3 unit 51 description TO-R3
set logical-systems R2 interfaces ge-1/1/3 unit 51 vlan-id 51
set logical-systems R2 interfaces ge-1/1/3 unit 51 family inet address 2.0.0.1/30
set logical-systems R2 interfaces ge-1/1/3 unit 52 description TO-R6
set logical-systems R2 interfaces ge-1/1/3 unit 52 vlan-id 52
set logical-systems R2 interfaces ge-1/1/3 unit 52 family inet address 2.0.0.5/30
set logical-systems R2 interfaces lo0 unit 2 family inet address 172.16.1.2/32
set logical-systems R2 interfaces lo0 unit 2 family inet address 1.1.1.2/32
set logical-systems R2 protocols ospf area 0.0.0.0 interface xe-0/0/0.2 interface-type p2p
set logical-systems R2 protocols ospf area 0.0.0.0 interface lo0.2 interface-type p2p
set logical-systems R2 protocols ospf area 0.0.0.0 interface lo0.2 passive
set logical-systems R2 protocols ospf area 0.0.0.0 interface ge-1/1/3.51 interface-type p2p
set logical-systems R2 protocols ospf area 0.0.0.0 interface ge-1/1/3.52 interface-type p2p
set logical-systems R2 protocols ospf area 0.0.5.5 interface ge-1/1/3.50 interface-type p2p
set logical-systems R2 protocols ospf area 0.0.5.5 interface ge-1/1/3.50 authentication md5 1 key "$9$rqJvMLdbYZUip0"
set logical-systems R3 interfaces xe-0/0/0 unit 3 vlan-id 3
set logical-systems R3 interfaces xe-0/0/0 unit 3 family inet address 172.16.0.9/30
set logical-systems R3 interfaces ge-1/0/3 unit 51 description TO-R2
set logical-systems R3 interfaces ge-1/0/3 unit 51 vlan-id 51
set logical-systems R3 interfaces ge-1/0/3 unit 51 family inet address 2.0.0.2/30
set logical-systems R3 interfaces ge-1/1/3 unit 54 description TO-R7
set logical-systems R3 interfaces ge-1/1/3 unit 54 vlan-id 54
set logical-systems R3 interfaces ge-1/1/3 unit 54 family inet address 2.0.0.17/30
set logical-systems R3 interfaces ge-1/1/3 unit 59 description TO-R4
set logical-systems R3 interfaces ge-1/1/3 unit 59 vlan-id 59
set logical-systems R3 interfaces ge-1/1/3 unit 59 family inet address 2.0.0.37/30
set logical-systems R3 interfaces ge-1/1/3 unit 60 description TO-R5
set logical-systems R3 interfaces ge-1/1/3 unit 60 vlan-id 60
set logical-systems R3 interfaces ge-1/1/3 unit 60 family inet address 2.0.0.41/30
set logical-systems R3 interfaces lo0 unit 3 family inet address 172.16.1.3/32
set logical-systems R3 interfaces lo0 unit 3 family inet address 1.1.1.3/32
set logical-systems R3 protocols ospf area 0.0.0.0 interface ge-1/0/3.51 interface-type p2p
set logical-systems R3 protocols ospf area 0.0.0.0 interface lo0.3 interface-type p2p
set logical-systems R3 protocols ospf area 0.0.0.0 interface lo0.3 passive
set logical-systems R3 protocols ospf area 0.0.0.0 interface ge-1/1/3.54 interface-type p2p
set logical-systems R3 protocols ospf area 0.0.6.6 stub default-metric 10
set logical-systems R3 protocols ospf area 0.0.6.6 stub no-summaries
set logical-systems R3 protocols ospf area 0.0.6.6 interface ge-1/1/3.59 interface-type p2p
set logical-systems R3 protocols ospf area 0.0.6.6 interface ge-1/1/3.60 interface-type p2p
set logical-systems R4 interfaces xe-0/0/0 unit 4 vlan-id 4
set logical-systems R4 interfaces xe-0/0/0 unit 4 family inet address 172.16.0.13/30
set logical-systems R4 interfaces ge-1/0/3 unit 59 description TO-R3
set logical-systems R4 interfaces ge-1/0/3 unit 59 vlan-id 59
set logical-systems R4 interfaces ge-1/0/3 unit 59 family inet address 2.0.0.38/30
set logical-systems R4 interfaces lo0 unit 4 family inet address 172.16.1.4/32
set logical-systems R4 interfaces lo0 unit 4 family inet address 1.1.1.4/32
set logical-systems R4 protocols ospf area 0.0.6.6 stub
set logical-systems R4 protocols ospf area 0.0.6.6 interface lo0.4 interface-type p2p
set logical-systems R4 protocols ospf area 0.0.6.6 interface lo0.4 passive
set logical-systems R4 protocols ospf area 0.0.6.6 interface ge-1/0/3.59 interface-type p2p
set logical-systems R5 interfaces xe-0/0/0 unit 5 vlan-id 5
set logical-systems R5 interfaces xe-0/0/0 unit 5 family inet address 172.16.0.17/30
set logical-systems R5 interfaces ge-1/0/3 unit 60 description TO-R3
set logical-systems R5 interfaces ge-1/0/3 unit 60 vlan-id 60
set logical-systems R5 interfaces ge-1/0/3 unit 60 family inet address 2.0.0.42/30
set logical-systems R5 interfaces lo0 unit 5 family inet address 172.16.1.5/32
set logical-systems R5 interfaces lo0 unit 5 family inet address 1.1.1.5/32
set logical-systems R5 protocols ospf area 0.0.6.6 stub
set logical-systems R5 protocols ospf area 0.0.6.6 interface lo0.5 interface-type p2p
set logical-systems R5 protocols ospf area 0.0.6.6 interface lo0.5 passive
set logical-systems R5 protocols ospf area 0.0.6.6 interface ge-1/0/3.60 interface-type p2p
set logical-systems R6 interfaces xe-0/0/0 unit 6 vlan-id 6
set logical-systems R6 interfaces xe-0/0/0 unit 6 family inet address 172.16.0.21/30
set logical-systems R6 interfaces ge-1/0/3 unit 52 description TO-R2
set logical-systems R6 interfaces ge-1/0/3 unit 52 vlan-id 52
set logical-systems R6 interfaces ge-1/0/3 unit 52 family inet address 2.0.0.6/30
set logical-systems R6 interfaces ge-1/0/3 unit 57 description TO-R8
set logical-systems R6 interfaces ge-1/0/3 unit 57 vlan-id 57
set logical-systems R6 interfaces ge-1/0/3 unit 57 family inet address 2.0.0.30/30
set logical-systems R6 interfaces ge-1/1/3 unit 53 description TO-R7
set logical-systems R6 interfaces ge-1/1/3 unit 53 vlan-id 53
set logical-systems R6 interfaces ge-1/1/3 unit 53 family inet address 2.0.0.13/30
set logical-systems R6 interfaces ge-1/1/3 unit 55 description TO-R9
set logical-systems R6 interfaces ge-1/1/3 unit 55 vlan-id 55
set logical-systems R6 interfaces ge-1/1/3 unit 55 family inet address 2.0.0.21/30
set logical-systems R6 interfaces lo0 unit 6 family inet address 172.16.1.6/32
set logical-systems R6 interfaces lo0 unit 6 family inet address 1.1.1.6/32
set logical-systems R6 protocols ospf area 0.0.0.0 interface ge-1/0/3.52 interface-type p2p
set logical-systems R6 protocols ospf area 0.0.0.0 interface lo0.6 interface-type p2p
set logical-systems R6 protocols ospf area 0.0.0.0 interface lo0.6 passive
set logical-systems R6 protocols ospf area 0.0.0.0 interface ge-1/1/3.53 interface-type p2p
set logical-systems R6 protocols ospf area 0.0.0.0 interface ge-1/0/3.57 interface-type p2p
set logical-systems R6 protocols ospf area 0.0.7.7 nssa
set logical-systems R6 protocols ospf area 0.0.7.7 interface ge-1/1/3.55 interface-type p2p
set logical-systems R7 interfaces xe-0/0/0 unit 7 vlan-id 7
set logical-systems R7 interfaces xe-0/0/0 unit 7 family inet address 172.16.0.25/30
set logical-systems R7 interfaces ge-1/0/3 unit 53 description TO-R6
set logical-systems R7 interfaces ge-1/0/3 unit 53 vlan-id 53
set logical-systems R7 interfaces ge-1/0/3 unit 53 family inet address 2.0.0.14/30
set logical-systems R7 interfaces ge-1/0/3 unit 54 description TO-R3
set logical-systems R7 interfaces ge-1/0/3 unit 54 vlan-id 54
set logical-systems R7 interfaces ge-1/0/3 unit 54 family inet address 2.0.0.18/30
set logical-systems R7 interfaces ge-1/1/3 unit 58 description TO-R10
set logical-systems R7 interfaces ge-1/1/3 unit 58 vlan-id 58
set logical-systems R7 interfaces ge-1/1/3 unit 58 family inet address 2.0.0.33/30
set logical-systems R7 interfaces lo0 unit 7 family inet address 172.16.1.7/32
set logical-systems R7 interfaces lo0 unit 7 family inet address 1.1.1.7/32
set logical-systems R7 protocols ospf export INJECT-RIP
set logical-systems R7 protocols ospf area 0.0.0.0 interface ge-1/0/3.53 interface-type p2p
set logical-systems R7 protocols ospf area 0.0.0.0 interface lo0.7 interface-type p2p
set logical-systems R7 protocols ospf area 0.0.0.0 interface lo0.7 passive
set logical-systems R7 protocols ospf area 0.0.0.0 interface ge-1/0/3.54 interface-type p2p
set logical-systems R7 protocols rip group LAB export INJECT-OSPF
set logical-systems R7 protocols rip group LAB neighbor ge-1/1/3.58
set logical-systems R7 policy-options policy-statement INJECT-OSPF term 1 from protocol ospf
set logical-systems R7 policy-options policy-statement INJECT-OSPF term 1 from route-filter 0.0.0.0/0 exact
set logical-systems R7 policy-options policy-statement INJECT-OSPF term 1 then accept
set logical-systems R7 policy-options policy-statement INJECT-RIP term 1 from protocol rip
set logical-systems R7 policy-options policy-statement INJECT-RIP term 1 then accept
set logical-systems R8 interfaces xe-0/0/0 unit 8 vlan-id 8
set logical-systems R8 interfaces xe-0/0/0 unit 8 family inet address 172.16.0.29/30
set logical-systems R8 interfaces ge-1/1/3 unit 56 description TO-R9
set logical-systems R8 interfaces ge-1/1/3 unit 56 vlan-id 56
set logical-systems R8 interfaces ge-1/1/3 unit 56 family inet address 2.0.0.25/30
set logical-systems R8 interfaces ge-1/1/3 unit 57 description TO-R6
set logical-systems R8 interfaces ge-1/1/3 unit 57 vlan-id 57
set logical-systems R8 interfaces ge-1/1/3 unit 57 family inet address 2.0.0.29/30
set logical-systems R8 interfaces lo0 unit 8 family inet address 172.16.1.8/32
set logical-systems R8 interfaces lo0 unit 8 family inet address 1.1.1.8/32
set logical-systems R8 protocols bgp group R9 neighbor 2.0.0.26 export ADVERTISE-TO-R9
set logical-systems R8 protocols bgp group R9 neighbor 2.0.0.26 peer-as 2
set logical-systems R8 policy-options policy-statement ADVERTISE-TO-R9 term 1 from protocol static
set logical-systems R8 policy-options policy-statement ADVERTISE-TO-R9 term 1 from protocol direct
set logical-systems R8 policy-options policy-statement ADVERTISE-TO-R9 term 1 then accept
set logical-systems R8 routing-options static route 0.0.0.0/0 discard
set logical-systems R8 routing-options static route 1.1.1.0/24 next-hop 2.0.0.26
set logical-systems R8 routing-options router-id 1.1.1.8
set logical-systems R8 routing-options autonomous-system 1
set logical-systems R9 interfaces xe-0/0/0 unit 9 vlan-id 9
set logical-systems R9 interfaces xe-0/0/0 unit 9 family inet address 172.16.0.33/30
set logical-systems R9 interfaces ge-1/0/3 unit 55 description TO-R6
set logical-systems R9 interfaces ge-1/0/3 unit 55 vlan-id 55
set logical-systems R9 interfaces ge-1/0/3 unit 55 family inet address 2.0.0.22/30
set logical-systems R9 interfaces ge-1/0/3 unit 56 description TO-R8
set logical-systems R9 interfaces ge-1/0/3 unit 56 vlan-id 56
set logical-systems R9 interfaces ge-1/0/3 unit 56 family inet address 2.0.0.26/30
set logical-systems R9 interfaces lo0 unit 9 family inet address 172.16.1.9/32
set logical-systems R9 interfaces lo0 unit 9 family inet address 1.1.1.9/32
set logical-systems R9 protocols bgp group R8 neighbor 2.0.0.25 peer-as 1
set logical-systems R9 protocols ospf export INJECT-BGP
set logical-systems R9 protocols ospf area 0.0.7.7 nssa default-lsa type-7
set logical-systems R9 protocols ospf area 0.0.7.7 interface ge-1/0/3.55 interface-type p2p
set logical-systems R9 protocols ospf area 0.0.7.7 interface lo0.9 interface-type p2p
set logical-systems R9 protocols ospf area 0.0.7.7 interface lo0.9 passive
set logical-systems R9 policy-options policy-statement INJECT-BGP from protocol bgp
set logical-systems R9 policy-options policy-statement INJECT-BGP from route-filter 0.0.0.0/0 exact
set logical-systems R9 policy-options policy-statement INJECT-BGP then accept
set logical-systems R9 routing-options static route 1.1.1.0/24 next-hop 2.0.0.21
set logical-systems R9 routing-options static route 1.1.1.0/24 no-readvertise
set logical-systems R9 routing-options router-id 1.1.1.9
set logical-systems R9 routing-options autonomous-system 2



9-8-2014