Overload Bit – 0XFFFF -> Advertisement Behavior Stub vs Transit

No Comments

Hi,

While exploring certain knobs of OSPF I cam across overload bit.

When would you use OverloadBit ?

-> Your device has just started and you do not want traffic to pass through your device till all the protocols converge.

-> You are going into a Maintenance Window and want to auto-drain the traffic w.r.t IGP.

What does Overload-Bit do ?

-> Advertise Transit Networks with Max-Metric 0xFFFF 65535. Okay, I specifically said Transit Networks ? What about own loopbacks or connected Networks ? What is the behavior ? When do you call a connected Network stub / Transit ?

 

Lets see the below topology

topology_1

Lets have a quick look at Normal output and when configured with overload knob on r2 what it looks like on r3

 

1_normal_output_before 2_ospf_db_output_after_overload 3_r3_output_with_metric

Now, 9.9.27.0 network on r3 looks like having a metric of 2, hold that thought there as it is going to change now

 

4_looking_at_db

From the above, 9.9.27.0 network is mentioned as stub and going back to definition, anyone who is transit would get affected. What happens when i do peering over r2-r7, does the network 9.9.27.0 interface change from stub to transit, lets see how it gets altered.

 

5_final_output

The above image gives a Alteration in behavior when things change on R2. Hence the new metric for 9.9.27.0 network now is 6553x as it is treated as transit on Router-2

To make things simple any ospf routes from other neighbors will be sent out with highest-metric so that no other router will not use this routers path as the best one for forwarding traffic.

 

Regards

Rakesh M

 

 

Generated Route ! A Beauty with Policies

No Comments

Hi,

I have got couple of requests to write up on Generated Route concept. Generated Route is By far the Most Complex Topic that I felt when I was prepping for JNCIE-SP exam.

-> Generated Route and Aggregated Route are Almost Identical and only vary with Next-hops, while aggregate Route has always a NH-REJECT, Generated Route has a Valid NH.

-> Generated Route is installed as [aggregate/130] , so by default if you are referring it in policy, you need to call it from protocol Aggregate

The above Quotes are by far the General Ones, but digging deep, we got to understand the actual application of a Generated route.

Lets see the Below Topology First

toplogy

 

 

What is the ASK ?

Two ISP’s A & B are connected , ISP-A edge router has a loopback of 4.4.4.4/32 and ISP-B edge Router has a Loopback of 3.3.3.3/32 , we need to send Default route as long as we have connection with ISP-A then if Connection is lost to ISP-A , then ISP-B needs to be preferred.

 

Looks pretty easy and frankly can be done in multiple ways, but how do we do this via Generated Route concept ?

 

Lets Quickly check if we have OSPF relationship between SRX1 and SRX2 and Bgp between R3 and R4 exchanging their Loopbacks

output1

 

Lets see the OSPF policy , Generated-Route and Associated Route policy

output3

 

Policy Looks Good , Lets Examine the Route now

output4

 

NOW THE PROBLEM 

As we can see, the 0/0 route is preferring ISP-B instead of ISP-A 

 

When you closely Examine the Contributing Routes, 3.3.3.3/32 is installed well before 4.4.4.4/32 and the order continues there.

How do we make sure 4.4.4.4/32 is more preferred Contributing Route over 3.3.3.3/32 ?

Lets write up simple policy to modify the local preference for 3.3.3.3/32 route , so that it has less preference.  Note, 4.4.4.4/32 and 3.3.3.3/32 are not from same neighbors neither they have multiple exit points, The logic here is to increase the overall credibility of One Route over the Other

output5

 

Now that it is done, lets see if this worked, our 0/0 should prefer ISP-A and in the even if  ISP-A goes down, ISP-B should be preferred and when ISP-A returns ISP-A should be preferred Back

 

output6

 

output7

 

Lets check on SRX1 , if it receives the Route

output8

 

That explains all, Not only the route but there are many factors which influence the same.

 

Regards

Rakesh M

 

VPLS IN VMX !! – Vmx is Awesome

5 Comments

Hi,

I wanted to setup VPLS in VMX, Back in 2012-2013 during my studies for Jncie-sp track, we never had this tool for simulation, though oilve was around helping with complete layer-3. Thankfully i had partner-labs then and also our own lab setup to play around with VPLS. But again nothing as satisfying as playing it analyzing it on your system.

Tools Used :

Xshell – Terminal Emulator

Vmware- Workstation 12

UnetLab

 

Lets see the topology

Toplogy1

Core comprises of

BGP/RSVP/MPLS/OSPF – Lets quickly check everything in place,  I will discuss the connectivity as well

2_quick_check_protocols

Lets see the IOU / Vmware connectivity

3_netadap_settings

 

Lets quickly check, Vpls configuration / Bgp configuration, Am keeping it simple by showing only on one device.

 

4_config

The most important thing, not that instance wont run if you dont have vt, it still finds it way via a LSI interface, but the general flow described in JMV is also via VT interface

5_vt_chassi_config

6_vpls_output

Lets see if we have arp flooding , kindly remember the arp addresses, that will be verified on end-nodes

 

7_mac_table

 

Final Ping verification From end-nodes

8_final_verification

Regards

Rakesh M

 

Real Problem with TE-knob mpls TE bgp-igp – JNPR

No Comments

Hi,

Previous posts covered about using Traffic-Engineering bgp-igp vs Mpls Forwarding. Though technically both of them does the same job, there is a huge difference and may short-comings in using bgp-igp

Below is the topology

topology

 

We have a core-area and R5 router just gets loopback of R4 through BGP via R1 and R5. The policy on R1 is written such that it matches Protocol IGP ospf and a specific Route-Filter for R4 Loopback. Lets look at the policy and bgp peering

policy-export-import-r1.png

Lets look at R1 routing table and also the advertised routes to R5

adv-routes-r1

Lets have a quick look on R5 and see the peering to R4

bgp-peering-r5

Now lets introduce the knob – te bgp-igp

knob-te-bgp-igp.png

As we can see no R4 loopback being set to R5 and this becomes a disaster if your policy is based on IGP match criteria. Using this knob will over-write the inet.3 and put all ldp/rsvp routes in inet.0 which have more Preference/AD than OSPF.

Let see the result in R5 and wrap up

r5-bgp-down.png

 

Play with Caution, Its always better to use mpls-forwarding so that both your tables are in-tact and forwarding will be via MPLS for IGP

 

Regards

Rakesh M

 

 

 

Quick Series 27 : MPLS-Traffic-Engineering BGP-IGP – JNPR Usage

No Comments

Hi,

The post gives a perspective on usage of Mpls traffic-Engineering bgp-igp. We all know Juniper has Different set of tables.

  1. inet.0 – igp populated
  2. inet.3 (ldp/rsvp) populated (used by BGP for Routing-Lookups)

Below is the Topology

Topology

https://www.juniper.net/documentation/en_US/junos13.3/topics/usage-guidelines/mpls-configuring-traffic-engineering-for-lsps.html

“If you configure the bgp-igp or bgp-igp-both-ribs options for the traffic-engineering statement, high-priority LSPs can supersede IGP routes in the inet.0 routing table. IGP routes might no longer be redistributed since they are no longer the active routes.”

Lets look at the routing-table without the command, a general output with both the ribs.

output_without_command

Lets add “set protocols mpls traffic-engineering bgp-igp”

output_with_command.png

The entire inet.3 has been removed and all the mpls routes got into inet.0. There is one major problem with this though, will write up in next-post

 

looking_at_tables.png

Regards

Rakesh M

 

 

 

 

 

 

 

 

Quick Series 26 : MPLS INSTALL PREFIX – JNPR Usage

1 Comment

Hi,

The post gives a perspective on usage of Install Prefix keyword. We all know Juniper has Different set of tables.

  1. inet.0 – igp populated
  2. inet.3 (ldp/rsvp) populated (used by BGP for Routing-Lookups)

Below is the Topology

 

Topology.png

I have extensively used Groups and Logical-systems  on VMX and Frankly i have not tried to include that as that will even more bore-you down

Lets see the behavior from R1 to R4, if you watch closely, see the NH lookup for inet.0

1_route_lookup

Lets change things a bit and see what happens

2_command

Lets see lookup table now

3_final_verification

As we can see the Push Label now and also the Route gets Installed as RSVP route into inet.0 table.

Regards

Rakesh M

 

 

 

 

 

 

 

What is Lt Interface – How are Logical systems Built in Juniper Mx without a cable ? – JNCIE-SP

No Comments

Hi,

Most of the times I get queries about my preparation for Juniper SP track. While the questions are based on two categories, one what study materials have i used, secondly how i practiced. While the first question is something which I will cover in another blog post, this is mainly based on second Query on how did i practice.

I worked for Juniper Networks – So Its sort of Obvious that i had access to devices, mostly the high end ones like T640 and T320 , T320 with XE-interface Loop was my all time favorite though.

Secondly, again my work experience helped with a huge migration from Juniper 120 boxes to Cisco ASR series and had a lot of fun and struggle then.

But for JNCIE exam, all that matters would be how good you are actually at technology. It will really not matter if you are using a VMX or Real device say Mx/Ex/M/T/SRX box, a simple olive can also do, service provider Layer-3 preparation is beautiful 🙂

Coming to the point, I had access to device which has no Mic Cards, No Physical interfaces (literally not coming up) so i cannot use a loop-cable to do what so ever in regular fashion.

It was just lying around there, waiting for its turn to be Turned off. I was to do some internal training’s and saw this guy perfectly suitable for 14 odd routers by using Logical Tunnel interface. Yes, if you have an MX , even if its physically not possible to loop around, you can build your virtual systems and play around using LT.

 

First things first, I will show you the procedure for building Two Logical Routers, but procedure remains same for almost any number of routers


R1(lt-1/0/0.1)(5.5.12.1)------------R2(lt-1/0/0.2)(5.5.12.2)

 

 

This is interface that you should be looking for


show inter terse | match lt
lt-1/0/0 up up


 

 

This is how you build the tunnel interfaces


Test#show interfaces lt-1/0/0
unit 1 {
encapsulation frame-relay;
peer-unit 2; ( logical unit number of the opposite-end connecting interface)
dlci 12;
family inet {
5.5.12.1/24;
}
}
unit 2 {
encapsulation frame-relay;
peer-unit 1;( logical unit number of the opposite-end connecting interface)
dlci 12;
family inet {
5.5.12.2/24;
}
}

 

Finally you integrate them into logical-systems


test#show logical-systems
r1 {
interfaces {
lt-1/0/0 {
unit 1;
}
}
}

r2 {
interfaces {
lt-1/0/0 {
unit 2;
}
}
}

commit
run ping 5.5.12.1 logical-system r2
PING 5.5.12.1 (5.5.12.1): 56 data bytes
64 bytes from 5.5.12.1 icmp_seq=0 ttl=64 time=0/650ms
^C

Regards
Rakesh

 

 

 

 

 

 

 

 

 

Close Bitnami banner
Bitnami