JUNIPer OSPFVv2 Review (1 of 3) + OSPF is a link-state IGP used within an AS = Neighbors use hello packets to form adjacencies, = OSPF floods LSAs + OSPF routers use the received LSAs to create a complete database of the network “OSPF uses the SPF algorithm to caleulate the best path to ‘each destination network "Hierarchical design uses areas connected to a backbone = Routers on a broadcast segment elect a designated router + Pointte-point option Intentionally Left Blank OSPFv2 Review (2 of 3) “All OSPF routers maintain a copy of the database + Database contents consis f information learned through LSAs and must match on all routers within an area “The SPF algorithm uses the contents of the LSDB as input data to caleulate network pathsOSPFv2 Review (3 of 3) OSPF uses five packet types: + Hello—Type 1 Database deseription—Type 2 + Linkstate request—Type 3 ‘ Link-state update—Type 4 + Linkstate acknowledgment—Type 5 Hierarchical Design OSPF Routers ‘iis blog en 0009 ane ravamnet rn Ieestone bakin OSPF ea abi retina OSPF Configuration "Configured at the [edit protocols ospf] hierarchy level * List the interfaces associated with the areaMultiarea OSPF Configuration = Configured at the [edit protocols ospf] hierarchy level = Each area is listed along with the interfaces associated with that area: OSPFV3 Protocol Highlights = OSPF\3 is a modified version of OSPF that supports IPV6 addressing "A few of the ways OSPFV3 differs from OSPFV: + The protocol runs per ink rather than per subnet + Router and network LSAs da not earty prefix information + Two new LSA types: link LSA and intra-area-preficLSA + Flooding scopos are linklocal, area, and AS * Linkclocal addresses are used forall neighbor exchanges ‘except virtual links + Two new option bits are included: R and V6 * Beyond the scope of this material K-State Update Packets *= Carry one or more LSAS ' Packets consist of the following: + (24-byte) OSPF header + (A-byte) Number of advertisements + (arable) LSAS Fielenghy 2 2 ese woven LSA Types "LSA types: + Router LSAs—Type 1 + Network LSAS—Type 2 + Summary LSAs—Type 3 and Type 4 +AS external LSAS—Type 5 * Group membership LSAs—Type 6 {NSA LSASType 7 + External attributes LSAs—Type 8 + Opaque LSAs—Type 9, Type 10, and Type 11 ‘Each LSA type describes a portion of the OSPF routing domain ‘= Type 6, Type 8, and Type 11 are not supportedIntentionally Left Blank LSA Header = 20 bytes of information that identify the LSA uniquely and consist of the following: + (byte) LS age + (byte) Options + (byte) LS ype + (byte) Linkstate 1D + (byte) Advertising router + (byte) LS sequence number + (2-byte} LS checksum + (byte) Lenath Router LSA (Type 1) * Originated by each router in an area + Has area scope + Deseribes the state and cost ofthe routers interfaces, + Consists of the standard LSA neader plus: + (Lbyte} ve 0 bts fotlowed by te VE ord 8 as + (byte sara (sett 0) + (byte) Number oF Inks + yt} Line + yt Line cata + (Lyte) Line ype + (byte) Number 0 TOS mete (eto 0} + 2byte) ete + rte Aastnal To dat rot used k ID and Link Data ids * Interpretation depends on value of the link type field ire it ite Pontinpont Nebo carom \avpo 4) joutorio nerace I across rans ions Locals p62) |rtrtaoe I aes itertazo I address ‘sue INetworcnumber — [Svanet maak (type) Wwuariak ——Rarrnore (acalronare (ype 2) feuteri0 nertace adress,Router LSA Example Blank Build a Network—Type 1 LSA Network LSA (Type 2) = Originated by designated routers. + Has area scope + Describes all routers attached to a network segment * Consists ofthe standard LSA header plus: + (yt) Nework mask + (te) tached rotarNetwork LSA Example Build a Network—Type 2 LSA Summary LSA (Type 3) * Originated by ABRs + Has area scope + Deseribes networks external tothe area ‘Consists ofthe standard LSA header plus: + yt Network mas + (byte Rosorved sett 0) + (byte) Mote + {byte} To (not use0) + (byt ToS mote rot ws) Moa het OeBuild a Network—Type 3 LSA been = ASBR Summary LSA (Type 4) * Originated by ABRs + Has area scope + Deserines ASBRs externalto the area * Consists ofthe standard LSA header plus: + Kbyte) Network mask + (byte) Reserved (eet) + (.yt) Metre + (Loy) Tos + (0st ToS mere ASBR Summary LSA Exampl Ce 2)AS External LSA (Type 5) * Originated by ASBRs ++ Has domain scope + Deseribes networks external to the OSPF domain + Consists of the standard LSA header plus: + byt) Network mas + {Lyte} Eb olowed by seven 0 bits—setauk £2 + (yt tre + byte) Forwaaing assess + cyte Ester out to, + byte) Onion TOS els AS External LSA Example Build a Network—Type 5 NSSA External LSA (Type 7) * Originated by ASBR within the NSSA + Has same format as an AS external LSA (Type 5) + Has area scope + Describes networks external to the OSPF domain * Translated into an AS external LSA (Type 5) by the ABR at the NSSA border * The propagate bt in the options feld indicates whether translation should take place + Avalue of means tarlat and propagate + Avalue of © means dona ral + When multiple ABRs exis, the ABR with the highest RID perfooms the translationIntentionally Blank NSSA LSA Exampl Build a Network—Type 7 Opaque LSA (Types 9-11) “Allows for the future extensibility of OSPF + The Junos 0S uses Type 9 for graceful restart capability + The Junos 0S uses Type 10 for MPLS trafic engineering ‘Type 11s currently not supported "The difference is in flooding scope ‘Type 9 has unktocal scope ‘Type 10 has area scope ‘Type 11 has domain scope * Consist of a standard LSA header followed by application-specific information + OSPF or other applications can use information felé directlyLSA Flooding Scopes so sans / ton Keno ‘Sample OSPF Database OSPF Database Protection = Limits the number of LSAs not generated by the local router in a given OSPF routing instance ' Protects the LSDB from being flooded with excessive LSAs * Useful if VPN routing and forwarding is configured on your provider edge and customer edge routers are using OSPF as the routing protocol Shortest-Path-First Algorithm = Based on the Dijkstra algorithm + Link-state database + Candidate database + Tree database = Run on a per.area basis on each router + Independent caleulation ofthe topology "= Result is passed to the Junos OS routing table * The route selection algorithm (route preference value) determines whether the route is marked activeIntentionally Left Blank SPF Example (1 of 6) RAO) maa) wen was, wo. wan) 0.4) .0.1) w.e.2) ‘SPF Example (2 of 6) Unestate cancldate Tree 80 cz was eo eas ena 0 6.2) cae yp AO ‘SPF Example (3 of 6) oo (Szaw Catamal] rea || aa 0.3) eae ena os wer) = ao BROS waa‘SPF Example (4 of 6) Lat Lea Sete res Se Se — tcAa 6.0.9) « SPF Example (5 of 6) (aia ceca eAoi-0 ed mein met weai-2 .0.2)-8 SPF Example (6 of 6) [Si Cantina wana Control 1g SPF Calcul: jons Three consecutive SPF runs can occur before a mandatory hold-down occurs + Keeps the network stable during change + S.second ter is now configurable + Possible values range from 2000 to 20,000 ms "Default 200 ms delay between a topology change and running the SPF algorithm *Atered with the sp£-options delay command + Possible values range from 50 to 8000 msOSPF Cost * Cost, or metric, of an interface indicates the overhead required to send packets out a particular interface * Default OSPF cost for all links is 10/bandwiclth (bps) + Links with a bandwidth > 4100 Mops have a cost of 1 + If cost calculation results in value <2, its rounded up = Cost can be set on a per.interface basis Reference Bandwidth You can change the 108 value in the cost calculation + Automatica eters the cost ointerfaces + Allows fora consistent change across al interfaces * Use the reference-bandwidth command * Overtidden by metric command Effects of Alter 1s Metrics = Metric values are advertised in Type 4 or Type 2 LSAS. and populate the LSDB '" As each router runs the SPF algorithm, each LSA is examined individually for the cost of the outgoing interface + The final metre calculation uses that cost = Routers can disagree about the cost on a network link * Can resulk in asymmetric routing inthe network ‘RL sees a cost of 45 to reach the Re router +1 R4 sees a cost af 60 to reach the Rd router *= Used for transit traffic only if no other path is available + Sets metric to 65,535 in router LSA on all transit links + Flooding of changed LSA causes SPF calculations in network = Can be set permanently or with a timeout value + Timer is between 60 and 1800 seconds ‘Timer only runs after rpd startsCase Study: Overload = Case study assumptions: + We have @ meshed network with multiple paths ++R2 is scheduled for maintenance + Overload is configured on R2 during the maintenance + Transit trafic is outed around R2 OSPF Router ID + Each OSPF router selects @ 22-bit value to Use as ite router ID + Populated win the USA sen out by each outer + Uniquely idemifis the outer within te network + Used by the LSD trun SPF * When rpd initiates, the primary interface ofthe router Is chosen as the source of the router ID “= Nermaly the oopbsck nartece when anon Maran route vd ederess iscontgures + You can set the RID explicitly within [edit routing options] + Stub ruts RID eno longo adored by cof. Intentionally Blank Adverti ing Your Loopback = Your loopback address is likely equal to your router ID. + Occurs when a non-127/8 address is configured "As of Junos OS Release 8.5, the Junos OS no longer automatically advertises the loopback address into the LSDB + When snterface 100 is net configured within OSPF, itis no longer advertised + When interface 100s configured in a specific area, Is advertised in the router LSA of that areaOSPF Authentication * Four types of authentication are supported: none, simple, MD5 and IPsec + IPsec suppor started in Junos OS Release 8.3 * By default, the authentication type is set to none + Effectively means no authentication is performed ‘= Type simple uses a plain-text password MD5 Authentication (1 of 2) ‘Includes an encrypted checksum with all packets. + Provides better security than si mpie type "Each interface requires an authentication key “Multiple interfaces can use the same key + Keys are always encrypted in the configuration "Each key requires a key ID value ranging from 0-255, MDS Authentication (2 of 2) = MDS authentication allows for multiple key ID values * Highest value used by defautt “= For easy transition, assign each key Da stat time Verifying Authentication * Authentication information available with the show ospf interface detail command * Type of authentication is cisplayed + Kay ID values shown if appropriateAuthentication Mismatch "Use traceoptions to look for an authentication mismatch : ss PSUSEIIi Sb RE ESS eS