Juniper IGP - CONFIGURATION GUIDE V11.1.X Configuration Manual

Software for e series broadband services routers ip, ipv6, and igp configuration guide

page of 454

/ 454
Contents
Table of Contents
Bookmarks

Table of Contents

Quick Links

Download this manual

Enlarged version

JUNOSe

Software

for E Series

Broadband Services Routers

IP, IPv6, and IGP Configuration Guide

Release 11.1.x

Juniper Networks, Inc.

1194 North Mathilda Avenue

Sunnyvale, California 94089

USA

408-745-2000

www.juniper.net

Published: 2010-03-28

Table of Contents

Summary of Contents for Juniper IGP - CONFIGURATION GUIDE V11.1.X

Page 1 JUNOSe Software for E Series Broadband Services Routers IP, IPv6, and IGP Configuration Guide Release 11.1.x Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California 94089 408-745-2000 www.juniper.net Published: 2010-03-28...
Page 2 Products made or sold by Juniper Networks or components thereof might be covered by one or more of the following patents that are owned by or licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579, 6,493,347, 6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785.
Page 3 AND (B) YOU MAY CONTACT JUNIPER NETWORKS REGARDING LICENSE TERMS. 1. The Parties. The parties to this Agreement are (i) Juniper Networks, Inc. (if the Customer’s principal office is located in the Americas) or Juniper Networks (Cayman) Limited (if the Customer’s principal office is located outside the Americas) (such applicable entity being referred to herein as “Juniper”), and (ii) the person or organization that originally purchased from Juniper or an authorized Juniper reseller the applicable license(s) for use of the Software (“Customer”)
Page 4 (“GPL”) or the GNU Library General Public License (“LGPL”)), Juniper will make such source code portions (including Juniper modifications, as appropriate) available upon request for a period of up to three years from the date of distribution. Such request can be made in writing to Juniper Networks, Inc., 1194 http://www.gnu.org/licenses/gpl.html...
Page 5 agreements relating to the Software, whether oral or written (including any inconsistent terms contained in a purchase order), except that the terms of a separate written agreement executed by an authorized Juniper representative and Customer shall govern to the extent such terms are inconsistent or conflict with terms contained herein.
Page 7 Abbreviated Table of Contents About the Documentation Part 1 Internet Protocol Chapter 1 Configuring IP Chapter 2 Configuring IPv6 Chapter 3 Configuring Neighbor Discovery Part 2 Internet Protocol Routing Chapter 4 Configuring RIP Chapter 5 Configuring OSPF Chapter 6 Configuring IS-IS Part 3 Index Index...
Page 8 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide viii...
Page 9: Table Of Contents
Table of Contents About the Documentation E Series and JUNOSe Documentation and Release Notes ......xxi Audience ......................xxi E Series and JUNOSe Text and Syntax Conventions ........xxi Obtaining Documentation ................xxiii Documentation Feedback ................xxiii Requesting Technical Support ..............xxiii Self-Help Online Tools and Resources ..........xxiv Opening a Case with JTAC ..............xxiv Part 1 Internet Protocol...
Page 10 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide ip address Command ...............12 Indirect Next-Hop Support ................13 Before You Configure IP ................14 Creating a Profile ...................14 Assigning a Profile ..................17 Address Resolution Protocol ................18 How ARP Works ..................18 MAC Address Validation ................22 Broadcast Addressing ..................23 Broadcast Tasks ..................24 Fragmentation ....................24...
Page 11 Table of Contents Fast Reroute Protection ..............50 Setting a TTL Value .................51 Protecting Against TCP RST or SYN DoS Attacks ........51 Preventing TCP PAWS Timestamp DoS Attacks ........52 Protecting Against TCP Out of Order DoS Attacks ........53 Limiting Buffers per Router ..............53 Limiting Buffers per Virtual Router ...........54 Limiting Buffers per Connection ............55 Distributing Routing Table Updates to Line Modules .......55...
Page 12 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Indirect Next Hop Support ..............131 Platform Considerations ................132 References ....................133 Before You Configure IPv6 ................133 Configuring an IPv6 License ................134 Creating an IPv6 Profile ................134 Assigning a Profile ..................137 Enabling Source Address Validation ............137 Establishing a Static Route ................138 Specifying an IPv6 Hop Count Limit ............138 Managing IPv6 Interfaces ................139...
Page 13 Table of Contents Configuring Duplicate Address Detection Attempts ........201 Monitoring Neighbor Discovery ..............202 Part 2 Internet Protocol Routing Chapter 4 Configuring RIP Overview .....................205 RIP Metric .....................205 RIP Messages ..................206 Platform Considerations ................206 References ....................207 Features ......................207 Route Tags ....................207 Authentication ..................207 Subnet Masks ..................208 Next Hop ....................209...
Page 14 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide OSPF MIB .....................248 Interacting with Other Routing Protocols ..........248 Implementing OSPF for IPv6 ..............249 Understanding the OSPFv3 Difference ...........249 Supported LSA Types ..............250 Unsupported OSPF Components ............250 OSPF Configuration Tasks ................251 Starting OSPF ....................251 Enabling OSPFv2 ..................251 Enabling OSPFv3 ..................252 Creating a Range of OSPF Interfaces .............252...
Page 15 Table of Contents Authentication ..................329 Simple Authentication ..............329 HMAC MD5 Authentication ............330 MD5 Authentication Example ............330 Specifying MD5 Start and Stop Timing ...........331 Halting MD5 Authentication ............332 Managing and Replacing MD5 Keys ..........332 Enabling and Disabling Authentication of CSNPs and PSNPs ..332 Extensions for Traffic Engineering ............333 Integrated IS-IS ..................334 Equal-Cost Multipath ................334...
Page 16 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Controlling Granularity of Routing Information ........364 Configuring a Global Default Metric ............364 Configuring Metric Type ...............365 Setting the Administrative Distance ............366 Configuring Default Routes ..............367 Setting Router Type ................368 Summarizing Routes ................368 Avoiding Transient Black Holes .............369 Waiting for BGP Convergence ............370 Example Topology ................370...
Page 17 List of Figures Part 1 Internet Protocol Chapter 1 Configuring IP Figure 1: TCP/IP Conceptual Layers ..............5 Figure 2: IP Address Classes ................8 Figure 3: Basic Network Masking ..............10 Figure 4: Subnetting ..................10 Figure 5: Routing With and Without CIDR .............11 Figure 6: Direct Next Hops ................13 Figure 7: Indirect Next Hops .................13 Figure 8: Sample ARP Process 1 through 3 ..........19...
Page 18 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide xviii List of Figures...
Page 19 List of Tables About the Documentation Table 1: Notice Icons ...................xxii Table 2: Text and Syntax Conventions ............xxii Part 1 Internet Protocol Chapter 1 Configuring IP Table 3: Routing Table for Router NY ............27 Table 4: Routing Table for Router LA .............27 Table 5: Default Administrative Distances for Route Sources ......27 Table 6: Next-Hop Verification Results for Sample Configuration ....34 Table 7: Probe Characteristics ...............67...
Page 20 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide List of Tables...
Page 21: About The Documentation
If the information in the latest release notes differs from the information in the documentation, follow the JUNOSe Release Notes. To obtain the most current version of all Juniper Networks® technical documentation, see the product documentation page on the Juniper Networks website at http://www.juniper.net/techpubs/...
Page 22: Table 1: Notice Icons
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Table 1: Notice Icons Icon Meaning Description Informational note Indicates important features or instructions. Caution Indicates a situation that might result in loss of data or hardware damage. Warning Alerts you to the risk of personal injury or death. Laser warning Alerts you to the risk of personal injury from a laser.
Page 23: About The Documentation
CD-ROMs or DVD-ROMs, see the Offline Documentation page at http://www.juniper.net/techpubs/resources/cdrom.html Copies of the Management Information Bases (MIBs) for a particular software release are available for download in the software image bundle from the Juniper Networks Web site at http://www.juniper.net/...
Page 24: Self-Help Online Tools And Resources
7 days a week, 365 days a year. Self-Help Online Tools and Resources For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called the Customer Support Center (CSC) that provides you with the following features: Find CSC offerings: http://www.juniper.net/customers/support/...
Page 25: Internet Protocol
Part 1 Internet Protocol Configuring IP on page 3 Configuring IPv6 on page 125 Configuring Neighbor Discovery on page 193 Internet Protocol...
Page 26: Internet Protocol
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Internet Protocol...
Page 27: Configuring Ip
Chapter 1 Configuring IP This chapter describes how to configure Internet Protocol (IP) routing on your E Series router. Overview on page 3 Platform Considerations on page 6 References on page 6 IP Features on page 7 IP Addressing on page 7 Indirect Next-Hop Support on page 13 Before You Configure IP on page 14 Creating a Profile on page 14...
Page 28: Ip Packets
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide IP relies on protocols in other layers to establish the connection if connection-oriented services are required and to provide error detection and error recovery. IP is sometimes called an unreliable protocol, because it contains no error detection or recovery code.
Page 29: Ip Layering
Chapter 1: Configuring IP than the other network’s MTU, it is necessary to divide the datagram into smaller fragments for transmission in a process called fragmentation. See “Fragmentation” on page 24. IP Layering TCP/IP is organized into four conceptual layers (as shown in Figure 1 on page 5). Figure 1: TCP/IP Conceptual Layers Network Interface Layer The network interface layer is the lowest level of the TCP/IP protocol stack.
Page 30: Platform Considerations
See ERX Module Guide, Appendix A, Module Protocol Support for information about the modules that support IP. For information about modules that support IP on the Juniper Networks E120 and E320 Broadband Services Routers: See E120 and E320 Module Guide, Table 1, Modules and IOAs for detailed module specifications.
Page 31: Ip Features
Chapter 1: Configuring IP IP Features The E Series router supports the following IP features: Internet Control Message Protocol (ICMP) Traceroute User Datagram Protocol (UDP) Transmission Control Protocol (TCP) Classless interdomain routing (CIDR) Maximum transmission unit (MTU) Support for simultaneous multiple logical IP stacks on the same router Flexible IP address assignment to support any portion of a physical interface (for example, a channel or circuit), exactly one physical interface, or multilink PPP interfaces...
Page 32: Internet Addresses
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide IP implements a system of logical host addresses called IP addresses. The IP addresses are used by the internetwork and higher layers to identify devices and to perform internetwork routing. The Address Resolution Protocol (ARP) enables IP to identify the physical (MAC) address that matches a given IP address.
Page 33: Subnetwork Mask Format Options
Chapter 1: Configuring IP Subnetwork Mask Format Options Most commands allow you to specify IPv4 subnetwork masks in one of two ways: dotted decimal or prefix length notation. NOTE: Protocol commands that use a reverse mask format (for example, RIP) cannot use the prefix notation format.
Page 34: Classless Addressing With Cidr
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide NOTE: The router supports a 31-bit mask on point-to-point links. This means that the IP address 1.2.3.4 255.255.255.254 is valid. A point-to-point link in which only one end supports the use of 31-bit prefixes may not operate correctly. Figure 3: Basic Network Masking Classes A, B, and C have the following natural masks, which define the network and host portions of each class:...
Page 35: Adding And Deleting Addresses
Chapter 1: Configuring IP For example, without CIDR, the class C network address 192.56.0.0 would be an illegal address. With CIDR, the address becomes valid with the notation: 192.56.0.0/16. The /16 indicates that 16 bits of mask are being used (counting from the far left).
Page 36: Deleting A Primary Address
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide You can change a secondary address to be the primary address on an interface only via SNMP. An unnumbered address is always the primary address; adding an unnumbered address, therefore, overwrites any other numbered address. Deleting a Primary Address You must always remove the primary address from an interface last.
Page 37: Indirect Next-Hop Support
Chapter 1: Configuring IP NOTE: You can use this command in Interface Configuration mode, Subinterface Configuration mode, or Profile Configuration mode. Use the no version to remove an IP address. If you remove a primary IP address, IP processing is disabled on the interface. See ip address Indirect Next-Hop Support The router uses indirect next hops to promote faster network convergence (for...
Page 38: Before You Configure Ip
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide By using indirect next hops, if a topology change occurs in the network, only the indirect next hop is modified in the routing table, decreasing the number of state changes required to achieve convergence. Before You Configure IP Before you configure IP, created lower-layer interfaces over which IP traffic flows.
Page 39 Chapter 1: Configuring IP nat Configures the interface as inside or outside for Network Address Translation (NAT) policy Assigns a policy to the ingress or egress of an interface redirects Enables transmission of ICMP redirect messages route-maps Configures the interface for route-map processing source address validation Verifies that a packet has been sent from a valid source address tcp adjust-mss Adjusts maximum packet sizes on TCP connections when path...
Page 40 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to enable a directed broadcast address in a profile. Example host1(config-if)#ip directed-broadcast Use the no version to remove the directed broadcast address from the profile. See ip directed-broadcast ip mtu Use to assign the MTU size sent on an IP interface. Example host1(config-if)#ip mtu 5000 Use the no version to remove the assignment from the profile.
Page 41: Assigning A Profile
Chapter 1: Configuring IP Use the no version to remove the MSS assignment from the profile. See ip tcp adjust-mss ip unnumbered Use to specify the numbered interface with which dynamic unnumbered interfaces created with the profile are associated. You can specify an unnumbered interface using RADIUS instead of using the ip unnumbered command in a profile.
Page 42: Address Resolution Protocol
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide host1(config-if)#interface serial 2/1 host1(config-if)#encapsulation ppp host1(config-if)#profile acton Use the no version to remove the assignment from the interface. See profile Address Resolution Protocol Sending IP packets on a multiaccess network requires mapping from an IP address to a MAC address (the physical or hardware address).
Page 43: Figure 8: Sample Arp Process 1 Through 3
Chapter 1: Configuring IP Figure 8: Sample ARP Process 1 through 3 Host 1 transmits the IP packet to layer 3 DA (host 2) using router 1’s MAC address. Router 1 forwards IP packet to host 2. Router 1 might send an ARP request to identify the MAC of host 2.
Page 44 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to add a static (permanent) entry in the ARP cache. To add a static entry in the ARP cache, specify the ipAddress, interfaceType and interfaceSpecifier (as indicated in Interface Types and Specifiers in JUNOSe Command Reference Guide ), and an optional MAC address You can issue this command only for Fast Ethernet interfaces, Gigabit Ethernet interfaces, 10-Gigabit Ethernet interfaces, and bridged Ethernet interfaces...
Page 45 Chapter 1: Configuring IP Use to specify how long an entry remains in the ARP cache. You can issue this command only for Fast Ethernet interfaces, Gigabit Ethernet interfaces, 10-Gigabit Ethernet interfaces, and bridged Ethernet interfaces configured over ATM 1483. The default value is 21,600 seconds (6 hours).
Page 46: Mac Address Validation
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide MAC Address Validation MAC address validation is a verification process performed on each incoming packet to prevent spoofing on IP Ethernet-based interfaces, including bridged Ethernet interfaces. When an incoming packet arrives on a layer 2 interface, the validation table is used to compare the packet’s source IP address with its MAC address.
Page 47: Broadcast Addressing
Chapter 1: Configuring IP ipAddress, interfaceType and interfaceSpecifier (as indicated in Interface Types and Specifiers in JUNOSe Command Reference Guide ), and an optional MAC address You can issue this command only for an IP Ethernet-based interface. For subscriber interface configurations, the IP address–MAC address pair must have a matching source prefix that already exists on the subscriber interface.
Page 48: Broadcast Tasks
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide The best solution to the broadcast storm is to use a single broadcast address scheme on a network. Most IP implementations allow the network manager to set the address to be used as the broadcast address. Many implementations of IP, including the one on your router, can accept and interpret all possible forms of broadcast addresses.
Page 49: Ip Routing
Chapter 1: Configuring IP Use to force the router to ignore the DF bit if it is set in the IP packet header for packets on an interface. Example host1(config-if)#ip ignore-df-bit Use the no version to restore the default behavior, which is to consider the DF bit before fragmentation.
Page 50: Figure 10: Routers In A Small Network
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide The global routing table is a database maintained by IP on the SRP module. It contains at most one route per protocol to each prefix in the table. Each of these routes is the best route known by a given protocol to get to that prefix.
Page 51: Setting The Administrative Distance For A Route
Chapter 1: Configuring IP Table 3: Routing Table for Router NY Destination Next-Hop Route Administrative Network Router Type Distance Metric 10.1.0.0/16 10.1.0.1 connected 10.2.0.0/16 10.5.0.3 OSPF 10.2.0.0/16 10.5.0.3 IS-IS 10.2.0.0/16 10.5.0.3 EBGP 10.2.0.0/16 10.5.0.3 10.5.0.0/30 10.5.0.2 connected Table 4: Routing Table for Router LA Destination Next-Hop Route...
Page 52 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Table 5: Default Administrative Distances for Route Sources (continued) Route Source Default Distance Internal access route Access route External BGP OSPF IS-IS Internal BGP Unknown If the IP routing table contains several routes to the same prefix for example, an OSPF route and a RIP route the route with the lowest administrative distance is used for forwarding.
Page 53: Setting The Metric For A Route
Chapter 1: Configuring IP Use the no version to restore the default value of 115. See distance ip Setting the Metric for a Route For information about how to set a metric for a route, see JUNOSe IP Services Configuration Guide as well as the individual routing protocol chapters in the JUNOSe BGP and MPLS Configuration Guide , and in this guide.
Page 54: Configuring Static Routes With Indirect Next Hops
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use the no version to remove a static route from the routing table. See ip route Configuring Static Routes with Indirect Next Hops You can configure static routes where next hops are not on directly connected interfaces.
Page 55: Verifying Next Hops For Static Routes
Chapter 1: Configuring IP NOTE: A dynamically learned route can also resolve indirect next hops, as long as the administrative distance value of the learned route is better (lower) than the static route whose next hop is being resolved. Verifying Next Hops for Static Routes You can configure either Bidirectional Forwarding Detection (BFD) or Response Time Reporter (RTR) probes to further control when a static route is installed in the routing table.
Page 56: Bfd Next Hop Verification Configuration Example
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide BFD Next Hop Verification Configuration Example To enable BFD next hop verification between two adjacent peers, you configure each peer as follows: Configure peer A with the next hop address of peer B along with the desired intervals and keyword options.
Page 57: How Rtr Next-Hop Verification Works
Chapter 1: Configuring IP Use the no version to remove the static route from the routing table and thereby remove BFD from that static route. See ip route How RTR Next-Hop Verification Works Static routes on E Series routers can use Response Time Reporter (RTR) probes configured as echo (ping) types to verify the availability of the next hop and obtain the state of the IP service.
Page 58: Configuring Rtr Next-Hop Verification
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Figure 12: Sample Configuration for Next-Hop Verification The ip route command is issued for each interface with the verify rtr and last-resort keywords to establish the necessary static routes. (See Steps 6 and 7 in the next section, “Configuring RTR Next-Hop Verification”...
Page 59 Chapter 1: Configuring IP Configure a loopback interface, and assign an IP address and mask to the interface. host1(config)#interface loopback 0 host1(config-if)#ip address 10.1.1.1 255.255.255.255 host1(config-if)#exit Configure Fast Ethernet port 4/0 with an unnumbered primary IP interface associated with the loopback interface configured in Step 1. host1(config)#interface fastEthernet 4/0 host1(config-if)#ip unnumbered loopback 0 host1(config-if)#exit...
Page 60 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Enable the probe to react to the test-failure event and the test-completion event. You must configure both the test-failure and test-completion reaction conditions to use next-hop verification. For information, see “Setting Reaction Conditions”...
Page 61 Chapter 1: Configuring IP NOTE: For detailed information about the commands for configuring RTR probes, see “Response Time Reporter” on page 65. interface fastEthernet Use to select a Fast Ethernet (FE) interface on a line module or an SRP module. Example host1(config)#interface fastEthernet 1/0 Use the no version to remove IP from an interface or subinterface.
Page 62 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use the no version to delete the loopback interface. See interface loopback ip address Use to set an IP address for an interface or a subinterface. Specify the layer 2 encapsulation before you set the IP address. Example host1(config-subif)#ip address 192.0.2.50 255.255.255.0 Use the no version to remove the IP address or to disable IP processing on the...
Page 63: Setting Up Default Routes
Chapter 1: Configuring IP host1(config-if)#ip unnumbered loopback 10 Use the no version to disable IP processing on the interface. See ip unnumbered Setting Up Default Routes A router examines its routing table to find a path for each packet. If the router cannot locate a route, it must discard the packet.
Page 64: Enabling Source Address Validation
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to enable the ability to create host access routes on a PPP interface. Example host1(config-if)#ip access-routes Use the no version to disable this feature. See ip access-routes Enabling Source Address Validation Source address validation verifies that a packet has been sent from a valid source address.
Page 65: Defining Tcp Maximum Segment Size
Chapter 1: Configuring IP Use the no version to disable the generation of source address validation failure traps on the router. See ip sa-validate trap-enable Defining TCP Maximum Segment Size The ip tcp adjust-mss command enables you to modify the TCP maximum segment size (MSS) for TCP sessions.
Page 66: Configuring Ip Path Mtu Discovery
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide By default, the router uses an MSS value of 536 bytes and the advertised MSS is derived from the MTU of the transmitting interface. However, you can use the tcp mss command to set the MSS for TCP advertisements. tcp mss Use to specify the MSS value for TCP to advertise.
Page 67: Limiting Pmtu
Chapter 1: Configuring IP host1:VR1(config)#tcp path-mtu-discovery Example 2 Sets path MTU discovery age timers differently host1:VR1(config)#tcp path-mtu-discovery age-timer 20 15 Example 3 Sets path MTU discovery age timers to the same value (5 minutes) host1:VR1(config)#tcp path-mtu-discovery age-timer 5 Example 4 Disables path MTU discovery age timers host1:VR1(config)#tcp path-mtu-discovery age-timer infinite Use the no version with a keyword to return the value to its default.
Page 68: Specifying Black Hole Thresholds
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use the no version to remove any limitation so that the virtual router uses the discovered path MTU value. See tcp path-mtu-discovery Specifying Black Hole Thresholds A black hole threshold is a limit to the number of times a virtual router can retransmit identical sequences of datagrams before the retransmissions are identified as a problem.
Page 69: Clearing Ip Routes
Chapter 1: Configuring IP Use to remove the IP configuration from an interface or subinterface and disable IP processing on the interface. Example host1(config-if)#no ip interface See no ip interface Clearing IP Routes The router enables you to clear the specified routing entries from the routing table. You must specify the IP address prefix and the mask of the IP address prefix to clear specific routes.
Page 70: Setting A Baseline
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide There is no no version. See clear ip interface Setting a Baseline The router enables you to set a baseline for statistics on an IP interface. baseline ip interface Use to set a baseline for a specified IP interface. Example host1#baseline ip interface pos 2/0 There is no no version.
Page 71: Forcing An Interface To Appear Up
Chapter 1: Configuring IP router A to router B to router C to router D, router A specifies a strict-source route as B, C, D. Loose-source routing specifies a set of hops that the packet must traverse, but not necessarily every hop in the path. That is, the specified hops do not have to be adjacent.
Page 72: Adding A Description
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to set the interval in milliseconds for which an interface must maintain a given state before the state change is reported. Example host1(config)#ip debounce-time 5000 Use the no version to remove the debounce time requirement. See ip debounce-time Adding a Description The router enables you to add a text description or an alias to a static IP interface or...
Page 73: Configuring The Speed
Chapter 1: Configuring IP Use the no version to disable link status traps on an interface. See snmp trap ip link-status Configuring the Speed The router enables you to set the speed of an IP interface. ip speed Use to set the speed of the interface in bits per second. By default, the speed is determined from a lower-layer interface.
Page 74: Fast Reroute Protection
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide The random algorithm does not guarantee equal distribution of the packets among the ECMP links. ip multipath round-robin Use to specify round-robin as the mode for ECMP load sharing on an interface. ECMP uses the round-robin mode when you have configured all interfaces in the set to round-robin.
Page 75: Setting A Ttl Value
Chapter 1: Configuring IP interfaces. If the member is an indirect next hop, the interface is obtained by using the forwarding equivalence class (FEC) to which the member points. This method of resolving members occurs only if the FEC, pointed to by the indirect next hop, is either an interface or a direct next hop.
Page 76: Preventing Tcp Paws Timestamp Dos Attacks
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide If the source did not send the RST or SYN message, the source accepts the ACK message as part of an existing connection. As a result, the source does not send another RST or SYN message and the router does not shut down the connection. NOTE: Enabling this command slightly modifies the way TCP processes RST or SYN messages to ensure that they are genuine.
Page 77: Protecting Against Tcp Out Of Order Dos Attacks
Chapter 1: Configuring IP NOTE: Disabling PAWS does not disable other processing related to the TCP timestamp option. This means that even though you disable PAWS, a fabricated timestamp that already exists in the network can still pollute the database and result in a successful DoS attack.
Page 78: Limiting Buffers Per Virtual Router
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to specify a router-wide maximum number of buffers that resequencing queues can contain. Specify a value of zero (0) to turn off the limit. Example host1(config)#tcp resequence-buffers global-maximum Use the no version to revert the global maximum buffer value to its default, 1000 buffers.
Page 79: Limiting Buffers Per Connection
Chapter 1: Configuring IP Limiting Buffers per Connection The tcp resequence-buffers connection-maximum command and tcp resequence-buffers default-connection-maximum command enable you to limit the number of outstanding buffers on existing or newly established connections. tcp resequence-buffers connection-maximum Use to define the maximum number of buffers that connections on the current or specified virtual router can use.
Page 80: Ip Tunnel Routing Table
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Setting the hold-down timer to zero (0) distributes an update after each change to the routing table, which can degrade SRP performance. Example host1(config)#forwarding-table route-holddown 15 Use the no version to set the hold-down timer to the default value, 3 seconds. See forwarding-table route-holddown IP Tunnel Routing Table The IP tunnel routing tables include IPv4 routes that point only to tunnels, such as...
Page 81: Configuring Shared Ip Interfaces
Chapter 1: Configuring IP IP interfaces; however, in this scenario, data received on the layer 2 interface is discarded. You cannot create shared IP interfaces for the following kinds of interface: IP floating interfaces (IP interfaces that stack over MPLS stacked tunnels) Loopback interfaces Null interfaces For information about configuring shared IP interfaces to receive data on the same...
Page 82 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide host1(config)#interface ip si0 Use the no version to delete the IP interface. See interface ip ip share-interface Use to specify the layer 2 interface used by a shared IP interface. The command fails if the layer 2 interface does not yet exist.
Page 83: Moving Ip Interfaces
Chapter 1: Configuring IP Use the no version to halt tracking of the next hop. See ip share-nexthop Moving IP Interfaces You can move an IP shared interface from one layer 2 interface to another by issuing the ip share-interface command to specify a different layer 2 interface. Moving an IP interface does not affect interface statistics, packets forwarded through the interface, or policies attached to the IP interface.
Page 84: Icmp Tasks
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide ICMP messages are sent only when errors occur in either the processing of an unfragmented data packet or the first fragment of a fragmented data packet. ICMP messages are encapsulated as part of the data portion of an IP data packet and are routed like any other IP data packets.
Page 85: Specifying A Source Address For Icmp Messages
Chapter 1: Configuring IP Use to enable the sending of redirect messages if software is forced to resend a packet through the same interface on which it was received. Example host1(config-if)#ip redirects Use the no version to disable the sending of redirect messages. See ip redirects ip unreachables Use to enable the generation of an ICMP unreachable message when a packet...
Page 86: Reachability Commands
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Reachability Commands Use the ping and traceroute commands to determine reachability of destinations in the network. Use the ping command to send an ICMP or ICMPv6 echo request packet. In the following example, the request packet is sent to IP address 192.35.42.1, with a packet count of 10 and a timeout value of 10 seconds: host1#ping 192.35.42.1 10 timeout 10 Use the traceroute command to discover routes that router packets follow when...
Page 87 Chapter 1: Configuring IP The IP addresses to be recorded for a specified number of routers that the packets traverse. The time that a packet traverses a router to be recorded for a specified number of routers. An interface type and specifier of a destination address on the router that is connected for external loopback by means of a cable or plug that loops Tx to Rx.
Page 88 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide I Information request message i Information reply message L TTL expired message M Could not fragment, DF bit set m Parameter problem message N Network unreachable P Protocol unreachable Q Source quench r Redirect message T Timestamp request message Timestamp reply message...
Page 89: Response Time Reporter
Chapter 1: Configuring IP You can also force transmission of the packets on a specified interface regardless of what the IP address lookup indicates. Example host1#traceroute 172.20.13.1 20 timeout 10 There is no no version. See traceroute Response Time Reporter The Response Time Reporter (RTR) feature enables you to monitor network performance and resources by measuring response times and the availability of your network devices.
Page 90: Configuring The Probe Type
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Schedule the probe. (Optional) Capture statistics and collect error information. (Optional) Collect history. Configuring the Probe Type To begin configuring RTR, enter RTR Configuration mode and configure the probe type either an echo probe or a path echo probe. Use to configure an RTR probe and to enter RTR Configuration mode.
Page 91: Configuring Optional Characteristics
Chapter 1: Configuring IP Configuring Optional Characteristics In addition to configuring the probe’s type, you can configure the probe characteristics presented in Table 7 on page 67. Table 7: Probe Characteristics Characteristic Description frequency Time between tests (in seconds) hops-of-statistics-kept Hops per path for which statistics are gathered max-response-failure Maximum number of consecutive failures...
Page 92 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use the no version to return to the default, 3. See operations-per-hop owner Use to identify the owner of the probe. If the SNMP agent is the owner of the probe, the owner’s name can begin with agent.
Page 93: Capturing Statistics
Chapter 1: Configuring IP Use to set the type of service (ToS) byte in the probe’s IP header. Example host1(config-rtr)#tos 16 Use the no version to return to the default value, 0. The default applies to both the echo and pathEcho types. See tos Capturing Statistics The primary objective of RTR is to collect statistics and information about network...
Page 94: Collecting History
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Collecting History RTR can collect data samples for a given probe. These samples are referred to as history data. When RTR collects history, it refers to tests. A test is the lifetime of a probe operation.
Page 95 Chapter 1: Configuring IP NOTE: The only no version for all the rtr reaction-configuration commands is no rtr reaction-configuration rtrIndex. Use the no version to clear all traps. This works for all the options. rtr reaction-configuration action-type Use to specify the type of actions to occur depending on the events controlled by RTR.
Page 96: Scheduling The Probe
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide For pathEcho, a successful test means that the destination was reached at least once. At most, there can be one such event per test. Example host1(config)#rtr reaction-configuration 1 test-completion There is no no version. See rtr reaction-configuration test-completion rtr reaction-configuration test-failure Use to enable test-failure reaction.
Page 97: Shutting Down The Probe
Chapter 1: Configuring IP Use to schedule the test’s length. Life is a value that depends on the type of the RTR entry; it is not a length of time. If the type is echo, life relates to the number of probes sent until a test finishes.
Page 98: Monitoring Rtr
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to shut down the RTR, stop all probe operations, and clear the RTR configuration for the given virtual router. NOTE: We recommend that you use this command only in extremely serious situations, such as problems with the configurations of a number of probe operations.
Page 99 Chapter 1: Configuring IP operStatus Operational status of the probe: enabled, disabled minRtt Minimum round-trip time in milliseconds maxRtt Maximum round-trip time in milliseconds avgRtt Average round-trip time in milliseconds rttSumSqr Sum of the square of all round-trip times in milliseconds testAttempts Number of times the test ran testSuccesses Number of times the test ran successfully currentHop Current hop (TTL) used in the test...
Page 100 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide life Length of the test source Interface from which the probe is sent restartTime Restart time of the test in seconds owner Owner of the probe samples Maximum number of entries saved in the history table for this RTR probe admin Administrative status of the probe: enabled, disabled tos Setting of the type of service (ToS) byte in the probe’s IP header...
Page 101 Chapter 1: Configuring IP rtrIndex receiveInterface ---------- ---------------- fastEthernet0/0 rtrIndex operFail testFail timeout ---------- -------- -------- ------- ------ 10000 rtrIndex operPerHop maxFail hopKpt ---------- ---------- ------- ------ ------ See show rtr configuration show rtr history Use to display history (data samples) for a particular probe or for all probes. Field descriptions rtrIndex Index number of the RTR probe operation Index number of the probe operation...
Page 102 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide rtrIndex operation statusDescription timeStamp -------- --------- ----------------- --------- 5476 responseReceived 08/30/2000 05:17 5477 responseReceived 08/30/2000 05:17 5478 responseReceived 08/30/2000 05:17 5479 responseReceived 08/30/2000 05:17 5480 responseReceived 08/30/2000 05:17 PathEcho Entries: rtrIndex test operation statusDescription ----------...
Page 103: Monitoring Ip
Chapter 1: Configuring IP 192.168.1.1 955363 10.2.0.3 1109 10094451 rtrIndex hop operationsSent operationsRcvd lastGoodResponse -------- --- -------------- -------------- ------------ 36985 36838 09/18/2000 20:20 30717 21494 09/18/2000 20:20 See show rtr hops show rtr operational-state Use to display RTR operational information. Field descriptions rtrIndex Index number of the RTR probe type Type of RTR probe: echo, pathEcho...
Page 104: Establishing A Baseline
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide ipGeneral IP general information ipIfCreator IP interface creator events ipInterface IP interface events ipNhopTrackerGeneral Next-hop tracker for IP shared interfaces ipProfileMgr IP profile manager events ipRoutePolicy IP routing policy events ipRouteTable IP routing table events ipTraffic IP frame transmit and receive events ipTunnel IP tunnel events For more information about using event logs, see the JUNOSe System Event Logging...
Page 105: Ip Show Commands
Chapter 1: Configuring IP There is no no version. See baseline ip udp baseline tcp Use to set a statistics baseline for all (both IPv4 and IPv6) TCP statistics or for only IPv4 or IPv6 statistics. The router implements the baseline by reading and storing the statistics at the time the baseline is set and then subtracting this baseline whenever baseline-relative statistics are retrieved.
Page 106 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide To Display Command Protocols “show ip protocols” on page 96 Redistribution policies “show ip redistribute” on page 99 Routes “show ip route” on page 99 Interfaces and next hops “show ip route slot” on page 103 Socket statistics “show ip socket statistics”...
Page 107 Chapter 1: Configuring IP See show access-list show arp Use to display information about ARP. Field descriptions Address IP address of the entry Age Time to live for this entry in seconds Hardware Addr Physical (MAC) address of the entry Interface Interface-specifier of the entry (for example, fastEthernet6/0 is an Ethernet interface on slot 6, port 0) * Indicates that an ARP entry was added because of an arp validate...
Page 108 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to display general information about IP. Field descriptions IP Router Id Router ID number Router Name Router name Default TTL Default IP TTL (time-to-live) value Reassemble Timeout Amount of time (in minutes) IP waits for missing packet fragments before it drops the fragments it is holding SA Validate Trap Whether the source address validation trap is enabled Example...
Page 109 Chapter 1: Configuring IP Administrative debounce-time Configured debounce behavior, enabled or disabled. If enabled, indicates time in milliseconds that the router waits before generating an up or down event in response to a state change in the interface. If the state changes back before the debounce timer expires, no state change is reported.
Page 110 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Out Scheduler Drops Exceeded Packets, Bytes Outgoing packets and bytes that were dropped by the scheduler because they exceeded the contract Out Policed Packets, Bytes Outgoing packets and bytes dropped because of rate limiters Out Discarded Packets Outgoing packets that were discarded for reasons other than those dropped by the scheduler and those dropped because of rate limits...
Page 111 Chapter 1: Configuring IP deny AS Path Access List 4: permit _109$ deny AS Path Access List 10: deny _109$ permit ^108_ deny See show ip as-path-access-list show ip community-list Use to display routes that are permitted by a BGP community list. Example host1#show ip community-list Community List 1:...
Page 112 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide host1#show ip forwarding-table slot 9 Free Memory = 3,166KB Virtual Router Memory Load Errors Status (KB) ---------------- --------- ------------- -------- 4128 Valid 3136 Valid 2256 Valid default 1024 Valid ----------------------------------------------------------- See show ip forwarding-table slot show ip interface Use to display the current state of all IP interfaces or the IP interfaces you specify.
Page 113 Chapter 1: Configuring IP frag req Number of frames requiring fragmentation frag fails Number of packets unsuccessfully fragmented IP Statistics Sent: generated Number of packets generated no routes Number of packets that could not be routed discards Number of packets that could not be routed that were discarded ICMP Statistics Rcvd: errors Error packets received...
Page 114 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide ARP spoof checking Status of the check for spoofed ARP packets received on an IP interface, enabled or disabled. This field is not displayed when you use the detail keyword. In Received Packets, Bytes Total number of packets and bytes received on the IP interface Unicast Packets, Bytes Unicast packets and bytes received on the IP interface;...
Page 115 Chapter 1: Configuring IP Out Scheduler Drops Committed Packets, Bytes Packets and bytes dropped by the scheduler even though they had a committed traffic contract Out Scheduler Drops Conformed Packets, Bytes Packets and bytes dropped by the scheduler even though they conformed to the traffic contract Out Scheduler Drops Exceeded Packets, Bytes Packets and bytes dropped by the scheduler because they exceeded the contract...
Page 116 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Out Requested Packets 117, Bytes 87297 Out Total Dropped Packets 0, Bytes 0 Out Scheduler Drops Committed Packets 0, Bytes 0 Out Scheduler Drops Conformed Packets 0, Bytes 0 Out Scheduler Drops Exceeded Packets 0, Bytes 0 Out Policed Packets 0 Out Discarded Packets 0...
Page 117 Chapter 1: Configuring IP Packets not dropped for another listed reason are considered to have been dropped in the fabric. The router calculates In Fabric Dropped Packets by subtracting the total number of inbound packets dropped for all other reasons from the In Total Dropped Packets number.
Page 118 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Example 3 For a description of the following fields, see the show ip address command host1#show ip interface shares atm 4/0.1 atm4/0.1 is up, line protocol is up Network Protocols: IP Unnumbered Interface on loopback100 ( IP address 202.1.1.1 ) Operational MTU = 1500...
Page 119 Chapter 1: Configuring IP ip si1 is up, line protocol is up Network Protocols: IP Virtual Router vr-b:vrf-1 Layer 2 interface atm4/0.1 Out Policed Packets 0, Bytes 0 Example 4 host1#show ip interface shares ip si0 ip0 is up, line protocol is up Network Protocols: IP Layer 2 interface atm4/0.1 Unnumbered Interface on loopback100...
Page 120 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide ICMP Redirects Enabled or disabled Access Route Addition Enabled or disabled Network Address Translation Enable or disable; domain location (inside or outside) Source-Address Validation Enabled or disabled Ignore DF Bit Enabled or disabled Administrative MTU MTU size Auto Detect Router automatically detects packets that do not match any entries in the demultiplexer table;...
Page 121 Chapter 1: Configuring IP Administrative Distance External, internal, and local administrative distances Neighbor Address IP address of the BGP neighbor Neighbor Incoming/Outgoing update distribute list Number of the access list for outgoing routes Neighbor Incoming/Outgoing update prefix list Number of the prefix list for incoming or outgoing routes Neighbor Incoming/Outgoing update prefix tree Number of the prefix tree for incoming or outgoing routes...
Page 122 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide router will send and receive version 2 only. The default is configured for RIP1. Update interval Current setting of the update timer (in seconds) Invalid after Current setting of the invalid timer (in seconds) hold down time Current setting of the hold down timer (in seconds) flushed interval Current setting of the flush timer (in seconds) Filter applied to outgoing route update Access list applied to outgoing...
Page 123 Chapter 1: Configuring IP Redistributing: isis Address Summarization: None Routing for Networks: 192.168.1.0/255.255.255.0 area 0.0.0.0 Routing Protocol is rip” Router Administrative State: enable System version RIP1: send = 1, receive = 1 or 2 Update interval: 30 seconds Invalid after: 180 seconds hold down time: 120 seconds flushed interval: 300 seconds...
Page 124 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Protocol/Route type codes Protocol and route type codes for the table that follows Prefix IP address prefix of network destination Length Network mask length for prefix Next Hop IP address of the next hop to the route, whether it is a local interface or another router Dist Administrative distance for the route;...
Page 125 Chapter 1: Configuring IP 2 other internal routes 0 access routes 0 internally created access host routes Last route added/deleted: 2::4/128 by BGP At MON FEB 04 2008 14:18:25 UTC Unicast routes used only for Multicast RPF check: 0 total routes, 0 bytes in route entries 0 isis routes 0 rip routes 0 static routes...
Page 126 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide 176.20.32.0/24 Connect 176.20.32.1 loopback1 192.168.1.0/24 Connect 192.168.1.214 fastEthernet0/0 201.1.1.0/24 I2-E-i 192.168.1.105 115/10 fastEthernet0/0 201.2.1.0/24 I2-E-i 192.168.1.105 115/10 fastEthernet0/0 201.3.1.0/24 I2-E-i 192.168.1.105 115/10 fastEthernet0/0 202.1.1.1/32 I2-E-i 192.168.1.105 115/10 fastEthernet0/0 207.1.1.0/24 I2-E-i 192.168.1.105 115/10 fastEthernet0/0 Example 5 Indirect Next Hop (* displayed) host1#show ip route...
Page 127 Chapter 1: Configuring IP Use to display the interface and next hop for an IP address in the routing table of a line module. A next hop is displayed only for protocols where ARP is used to resolve the addresses, such as for fastEthernet, gigabitEthernet, bridged Ethernet over ATM, and so on.
Page 128 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide socketNumber ipAddress:portNumber --> ipAddress:portNumber Socket and the IP address and port number for each end of the connection, with the E Series router shown on the left and the remote peer on the right type Type of connection: SOCK_STREAM (uses TCP) or DGRAM (datagram;...
Page 129 Chapter 1: Configuring IP keep alive poll time Interval in seconds at which TCP sends keepalive probes to idle remote nodes Additional state flags State of the following flags in the socket_stats structure: ss_Bound, ss_BindError, ss_ListenOk, ss_ListenError, ss_AcceptOk, ss_AcceptError, ss_RsAcceptOk, ss_RsAcceptError, ss_ConnectOk, ss_ConnectErrors, ss_ConnectToOk, ss_ConnectToError, ss_CalledShutdown, and ss_CalledRsSocreate.
Page 130 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide application. 2 (SELWRITE) means that more buffer space is available and the application can queue up more data to be transmitted. Call to soclose() 8-bit value indicating how the call went Call to sendto() 16-bit value indicating the return status Call to write() 16-bit value indicating the return status Call to sendmsg() 16-bit value indicating the return status Call to send() 16-bit value indicating the return status...
Page 131 Chapter 1: Configuring IP so_RecvMsgs = 0 so_Reads = 0 Socket Event Log (most recent at bottom) rssocket sobind - 0 bind - 0 solisten - 0 listen - 0 See show ip socket statistics show ip static Use to display the status of static routes in the routing table. You can specify an IP mask that filters specific routes.
Page 132 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide 10.10.133.17/32 10.6.128.1 0 unresolved 1 down 11.11.11.11/32 3.3.3.3 0 unresolved 1 down(lr) See show ip static show tcp ack-rst-and-syn Use to display the status of TCP ACK, RST, and SYN protection. Example host1#show tcp ack-rst-and-syn TCP Ack Rst and Syn Protection is ENABLED See show tcp ack-rst-and-syn...
Page 133 Chapter 1: Configuring IP High Water Largest number of outstanding resequencing buffers for the current virtual router since the last reset Buffers Discarded Because Global Limit Exceeded Number of resequencing buffers discarded because the global limit was reached Buffers Discarded Because VR Limit Exceeded Number of resequencing buffers that have been discarded in this virtual router because the virtual router buffer limit was reached Example...
Page 134 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Example host1#show tcp path-mtu-discovery TCP PMTU Discovery is ENABLED Administrative Minimum MTU: 512 Administrative Maximum MTU: 65535 Timer 1: 10 minutes Timer 2: 2 minutes Black Hole Detect Threshold: 0 retransmissions # ICMP TooBigs: 0 # ICMP TooBigs for unk.
Page 135 Chapter 1: Configuring IP chksum err pkts Number of checksum error packets received authentication err pkts Number of authentication error packets received bad offset pkts Number of bad offset packets received short pkts Number of short packets received duplicate pkts Number of duplicate packets received out of order pkts Number of packets received out of order TCP Global Statistics Sent: total pkts Total number of packets sent...
Page 136 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide TCP Session Statistics Sent: total pkts Total number of packets sent on the TCP connection data pkts Number of data packets sent on the TCP connection bytes Number of bytes sent on the TCP connection retransmitted pkts Number of packets retransmitted on the TCP connection retransmitted bytes Number of bytes retransmitted on the TCP...
Page 137 Chapter 1: Configuring IP New soconnect failed Number of times a SONEWCONN() was tried on a listening connection and failed. This is a per-connection statistic. # Write-Wakeups Number of times a “ write wakeup” occurred on the connection. This is a per-connection statistic. # Read wakeups Number of times a “...
Page 138 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Retransmit a packet Did a PRU_RCVOOB Did a PRU_ATTACH Did a PRU_SENDOOB Did a PRU_DETACH Did a PRU_SOCKADDR Did a PRU_BIND Did a PRU_PEERADDR Did a PRU_LISTEN The keepalive timer popped. An 8-bit argument that describes how the timer was handled: Ignored because the session was not established (that is, not in the OPEN state)
Page 139 Chapter 1: Configuring IP NOTE: This count is maintained even when the protection functions are disabled. The value indicates the count of packets that would have been rejected if the protections were enabled. Providing this information can help determine whether attacks are occurring.
Page 140 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Application set MSS MSS that an application might have set for the connection Xmit Interface MSS MSS for the interface used to transmit packets to the peer; calculated as the interface MTU minus the size of the TCP and IP headers.
Page 141 Chapter 1: Configuring IP Sent: 0 total pkts, 0 data pkts, 0 bytes 0 retransmitted pkts, 0 retransmitted bytes Local addr: 192.168.1.250, Local port: 23 Remote addr: 10.10.0.77, Remote port: 2170 State: ESTABLISHED Authentication: None Rcvd: 61 total pkts, 34 in-sequence pkts, 41 bytes 0 chksum err pkts, 0 bad offset pkts, 0 short pkts 0 duplicate pkts, 0 out of order pkts Sent: 64 total pkts, 45 data...
Page 142 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide PRU_FASTTIMO: 0 PRU_SLOWTIMO: 0 PRU_PROTORCV: 0 PRU_PROTOSEND: 0 Wildcard Matches: 2 Rcv'd Packets after connection closed: 0 Connect request rejected: 0 Connect request approval pending 0 New soconnect failed 0 # Write-Wakeups: 0 # Read wakeups 0 # receives after close 0 Retransmit timer: 0...
Page 143 Chapter 1: Configuring IP Buffers Outstanding: 25 High Water: 28 Buffers discarded: 15 TCP-Paws is disabled See show tcp statistics show ip traffic Use to display statistics about IP traffic. You can use the ipTraffic log to show consumable IP traffic to the SRP module; the traffic is filterable per router and IP interface.
Page 144 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide no routes Number of packets that could not be routed routing discards Number of packets that could not be routed and were discarded IP Statistics Route: routes in table Number of routes in the routing table ICMP Statistics Rcvd: total Total number of ICMP packets received errors Number of error packets received...
Page 145 Chapter 1: Configuring IP addr mask req Number of address mask requests sent addr mask rpy Number of replies to address mask requests UDP Statistics Rcvd: total Total number of UDP packets received checksum Number of checksum error packets received no port Number of packets received for which no E Series router application listener was listening on the destination port UDP Statistics Sent:...
Page 146 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide retransmitted pkts Number of packets retransmitted retransmitted bytes Number of retransmitted bytes OSPF Statistics Provides statistics on OSPF IGMP Statistics Provides statistics about queries, reports sent or received ARP Statistics Not supported for this version of the router Example host1#show ip traffic IP statistics: Router Id: 172.31.192.217...
Page 147 Chapter 1: Configuring IP total Total number of UDP packets received checksum Number of checksum error packets received no port Number of packets received for which no E Series router application listener was listening on the destination port UDP Statistics Sent: total Total number of UDP packets sent errors Number of error packets sent Example...
Page 148 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Set clauses: set local-pref 400 See show route-map Monitoring IP...
Page 149: Configuring Ipv6
Chapter 2 Configuring IPv6 This chapter describes how to configure Internet Protocol version 6 (IPv6) routing on your E Series router; it contains the following sections: IPv6 Overview on page 125 Platform Considerations on page 132 References on page 133 Before You Configure IPv6 on page 133 Configuring an IPv6 License on page 134 Creating an IPv6 Profile on page 134...
Page 150: Ipv6 Packet Headers
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Expanded addressing capabilities IPv6 increases the size of the IP address from 32 bits to 128 bits. This increased size provides a larger address space and a much larger number of addressable nodes.
Page 151: Standard Ipv6 Headers
Chapter 2: Configuring IPv6 Figure 13: IPv4 and IPv6 Header Comparison Standard IPv6 Headers IPv6 packet headers contain many of the fields found in IPv4 packet headers; some of these fields differ from IPv4. (See Figure 13 on page 127.) The 40-byte IPv6 header consists of the following eight fields: Version Indicates the version of the Internet Protocol.
Page 152: Ipv6 Addressing
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide IPv6 enables you to chain extension headers together by using the next header field. The next header field, located in the IPv6 header, indicates to the router which extension header to expect next. If there are no more extension headers, the next header field indicates the upper-layer header (TCP header, UDP header, ICMPv6 header, an encapsulated IP packet, or other items).
Page 153: Address Types
Chapter 2: Configuring IPv6 NOTE: You can use two colons (::) only once in an IPv6 address to represent hexadecimal fields of consecutive zeros. IPv6 Address Prefix An IPv6 address prefix is a combination of an IPv6 prefix (address) and a prefix length.
Page 154: Address Scope
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Loopback Used by a node to send an IPv6 packet to itself. An IPv6 loopback address functions the same as an IPv4 loopback address. Unspecified Indicates the absence of an IPv6 address. For example, newly initialized IPv6 nodes may use the unspecified address as the source address in their packets until they receive an IPv6 address.
Page 155: Icmp Support
Chapter 2: Configuring IPv6 ICMP Support Internet Control Message Protocol (ICMP) provides a mechanism that enables a router or destination host to report an error in data traffic processing to the original source of the packet. For this release, the E Series router supports ICMP for use in the IPv6 ping and traceroute commands.
Page 156: Platform Considerations
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Figure 14: Direct Next Hops Indirect next hops enable multiple routes in the routing table to point to a single next hop, thereby accelerating convergence. (See Figure 15 on page 132.) NOTE: Indirect next hops are not limited to any number of levels. In other words, an indirect next hop can point to a direct next hop or another indirect next hop.
Page 157: References
Chapter 2: Configuring IPv6 See E120 and E320 Module Guide, Appendix A, IOA Protocol Support for information about the modules that support IP. References For more information about IPv6, consult the following resources: RFC 2373 IP Version 6 Addressing Architecture (July 1998) RFC 2460 Internet Protocol, Version 6 (IPv6) (December 1998) RFC 2461 Neighbor Discovery for IP Version 6 (IPv6) (December 1998) RFC 2462 IPv6 Stateless Address Autoconfiguration (December 1998)
Page 158: Configuring An Ipv6 License
Use to specify an IPv6 license. Purchase an IPv6 license to allow IPv6 configuration on the E Series router. NOTE: Acquire the license from Juniper Networks Customer Services and Support or your Juniper Networks sales representative. Example host1(config)#license ipv6 license-value Use the no version to disable the license.
Page 159 Chapter 2: Configuring IPv6 NOTE: You can also configure any of these IPv6 characteristics outside the profile configuration mode. Use the profile command from Global Configuration mode to create or edit a profile. See JUNOSe Link Layer Configuration Guide for information about creating profiles and on other characteristics that can be applied to the profile.
Page 160 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Command Description ipv6 nd ra-lifetime Configures the router advertisement lifetime ipv6 nd reachable-time Configures the amount of time the router can reach an IPv6 node after a reachability confirmation event occurs ipv6 nd suppress-ra Disables router advertisement transmissions Example host1(config)#profile ProfileIpv6South22...
Page 161: Assigning A Profile
Chapter 2: Configuring IPv6 Use to assign a virtual router to a profile. You can configure a virtual router using RADIUS instead of adding one to the profile by using the ipv6 virtual-router command. Example host1(config-profile)#ipv6 virtual-router VR6 Use the no version to remove the virtual router assignment. See ipv6 virtual-router Assigning a Profile To assign a profile to an interface, use the profile command from Interface mode.
Page 162: Establishing A Static Route
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide ipv6 sa-validate Use to enable source address validation. Source address validation verifies that a packet has been sent from a valid source address. Example host1(config-if)#ipv6 sa-validate Use the no version to disable source address validation. See ipv6 sa-validate Establishing a Static Route You can set a destination to receive and send traffic by a specific route through the...
Page 163: Managing Ipv6 Interfaces
Chapter 2: Configuring IPv6 Managing IPv6 Interfaces You can manage IPv6 interfaces in the following ways: Disable or reenable an IPv6 interface. host1(config-if)#no ipv6 enable host1(config-if)#ipv6 enable Set a baseline for IPv6 interface counters. host1#clear ipv6 interface atm 2/0 Determine reachability within a network. host1#ping ipv6 1::1 host1#traceroute ipv6 1::1 clear ipv6 interface...
Page 164 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide You can specify the following options: packetCount Number of packets to send to the destination IPv6 address. If you specify a zero (0), echo requests packets are sent indefinitely. data-pattern Sets the type of bits contained in the packet to all ones, all zeros, a random mixture of ones and zeros, or a specific hexadecimal data pattern that can range from 0x0–0xFFFFFFFF.
Page 165: Configuring Shared Ipv6 Interfaces
Chapter 2: Configuring IPv6 p Parameter problem S Source beyond scope t Hop limit expired (TTL expired) Example host1#ping ipv6 1::1 There is no no version. See ping traceroute ipv6 Use to discover the routes that router packets follow when traveling to their destination.
Page 166 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Create a layer 2 interface. host1(config)#interface atm 5/3 host1(config-if)#interface atm 5/3.101 (Optional) Create a primary IPv6 interface. host1(config-if)#ipv6 address 1::1/64 host1(config-if)#exit Create the shared IPv6 interface. host1(config)#interface ipv6 si0 Associate the shared IPv6 interface with the layer 2 interface by the following method: host1(config-if)#ipv6 share-interface atm 5/3.101 To fully configure the shared interface, assign an address (or make the interface...
Page 167: Adding A Description
Chapter 2: Configuring IPv6 Use the no version to remove the association between the layer 2 interface and the shared IPv6 interface. You can delete shared and primary IPv6 interfaces independently. See ipv6 share-interface Adding a Description The router enables you to add a text description or an alias to an IPv6 interface or subinterface.
Page 168: Configuring Path Mtu Discovery
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to specify the MSS value for TCP to use. NOTE: The MSS value is equal to the MTU value minus the IPv6 and TCP headers, so the MSS value is generally 60 bytes less than the MTU. Use the vrfName variable to specify a VRF to which you want to assign the TCP MSS value.
Page 169: Limiting Pmtu
Chapter 2: Configuring IPv6 Example 3 Sets path MTU discovery age timers to the same value (5 minutes) host1:VR1(config)#tcp path-mtu-discovery age-timer 5 Example 4 Disables path MTU discovery age timers host1:VR1(config)#tcp path-mtu-discovery age-timer indefinite Use the no version with a keyword to return the values to their defaults. Issue the no version without any keywords to disable path MTU discovery on the virtual router.
Page 170: Specifying Black Hole Thresholds
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Specifying Black Hole Thresholds Some domains might be configured not to generate certain ICMP messages (like an ICMP destination unreachable message) or to filter all ICMP messages. Under these conditions, the source of oversized ICMP packets never learns that it is sending oversized packets.
Page 171: Preventing Tcp Paws Timestamp Dos Attacks
Chapter 2: Configuring IPv6 Use to help protect the router from TCP RST and SYN denial of service attacks. Example host1(config)#tcp ack-rst-and-syn Use the no version to disable this protection (the default mode). See tcp ack-rst-and-syn Preventing TCP PAWS Timestamp DoS Attacks The TCP Protect Against Wrapped Sequence (PAWS) number option works by including the TCP timestamp option in all TCP headers to help validate the packet sequence number.
Page 172: Protecting Against Tcp Out Of Order Dos Attacks
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide host1(config)#tcp paws-disable Use the no version to restore PAWS processing (the default mode). See tcp paws-disable Protecting Against TCP Out of Order DoS Attacks You can use the group of tcp resequence-buffers commands to help protect the router from TCP out-of-order packet DoS attacks.
Page 173: Limiting Buffers Per Virtual Router
Chapter 2: Configuring IPv6 Limiting Buffers per Virtual Router The tcp resequence-buffers vr-maximum command and tcp resequence-buffers default-vr-maximum command allow you to limit the number of outstanding buffers on existing or newly established virtual routers. tcp resequence-buffers default-vr-maximum Use to specify the default buffer limit assigned to all virtual routers when the virtual router is established.
Page 174: Configuring Equal-Cost Multipath Load Sharing
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide 10 buffers. See tcp resequence-buffers connection-maximum tcp resequence-buffers default-connection-maximum Use to specify the default buffer limit assigned to all TCP connections on a virtual router unless a specific limit is set for the VR in which the connection is established.
Page 175: Fast Reroute Protection
Chapter 2: Configuring IPv6 Use the no version to restore the default value, 1 for BGP or 4 for IS-IS, OSPF, or RIP. See maximum-paths Fast Reroute Protection If a link goes down, ECMP uses fast reroute protection to shift packet forwarding to use operational links, thereby decreasing packet loss.
Page 176: Clearing Ipv6 Routes
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Clearing IPv6 Routes To clear dynamic IPv6 routes from the routing table, use the clear ipv6 routes command. To clear the routes for a specific IPv6 network, specify the IPv6 prefix. To clear all dynamic IPv6 routes, using the * (asterisk) option. clear ipv6 routes Use to clear IPv6 routes.
Page 177: Monitoring Ipv6
Chapter 2: Configuring IPv6 There is no no version. See clear ipv6 neighbors Monitoring IPv6 This section explains how to set an IPv6 statistics baseline and use the show commands to view your IPv6 configuration, monitor IPv6 interfaces and statistics, and view IPv6 neighbors.
Page 178 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to set a statistical baseline for a specified IPv6 interface. Example host1#baseline ipv6 interface atm 2/0.100 There is no no version. See baseline ipv6 interface baseline ipv6 local pool Use to set a baseline for IPv6 local address pool statistics used in DHCP prefix delegation.
Page 179: Ipv6 Show Commands
Chapter 2: Configuring IPv6 IPv6 show Commands You can monitor the following aspects of IPv6 using show ipv6 commands: To Display Command General IPv6 information show ipv6 IPv6 addresses show ipv6 address IPv6 forwarding table show ipv6 forwarding table slot IPv6 Interfaces show ipv6 interface IPv6 neighbors...
Page 180 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide See show ipv6 show ipv6 address show ipv6 interface Use to display detailed or summary information for a particular IPv6 address or interface or for all interfaces. The default for the show ipv6 interface command is all interface types and all interfaces.
Page 181 Chapter 2: Configuring IPv6 pkt too big Number of packet-too-big messages received that indicate a packet was too large to forward because of the allowed MTU size redirects Received packet redirects echo requests Echo request (ping) packets echo replies Echo replies received rtr solicits Number of received router solicitations rtr advertisements Number of received router advertisements neighbor solicits Number of received neighbor solicitations...
Page 182 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Administrative MTU Value of the MTU if it has been administratively overridden using the configuration Operational speed Speed of the interface Administrative speed Value of the speed if it has been administratively overridden using the configuration Creation type Method by which the interface was created (static or dynamic) HTTP Redirect Url Url to which a subscriber’s initial web browser session...
Page 183 Chapter 2: Configuring IPv6 In Policed Packets Packets that were received and dropped on the interface for any of the following reasons: exceeding the token bucket limit, exceeding the rate limit, a drop action in a policy, discarded MAC validation packets, a destination address lookup failure, or when the destination address is an IP interface that has a route configured to the null 0 interface.
Page 184 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Dropped conformed packets, bytes Total number of conformed packets and bytes dropped by this interface Dropped exceeded packets, bytes Total number of exceeded packets and bytes dropped by this interface Example 1 host1#show ipv6 address 5:1:1::2 FastEthernet9/1.5 line protocol VlanSub is up, ipv6 is up Description: IPv6 interface in Virtual Router Hop5...
Page 185 Chapter 2: Configuring IPv6 Internet address: 5:1:1::2/64 IPv6 statistics: Rcvd: 0 local destination 0 hdr errors, 0 addr errors 0 unkn proto, 0 discards Sent: 0 generated, 0 no routes, 0 discards ICMPv6 statistics: Rcvd: 0 destination unreach, 0 admin unreach, 0 parameter problem 0 time exceeded, 0 pkt too big, 0 echo requests 3 echo replies Sent:...
Page 186 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Dropped committed packets 0, bytes 0 Dropped conformed packets 0, bytes 0 Dropped exceeded packets 0, bytes 0 Example 3 host1#show ipv6 interface null0 line protocol IpLoopback is up, ipv6 is up Network Protocols: IPv6 Link local address: fe80::90:1a00:740:1d44 Unnumbered Interface: Corresponding Numbered Interface not specified or...
Page 187 Chapter 2: Configuring IPv6 Multicast Routed Packets 0, Bytes 0 Out Total Dropped Packets 8, Bytes 0 Out Scheduler Dropped Packets 0, Bytes 0 Out Policed Packets 0 Out Discarded Packets 8 queue 0: traffic class best-effort, bound to ipv6 FastEthernet9/1.5 Queue length 0 bytes Forwarded packets 4, bytes 680 Dropped committed packets 0, bytes 0...
Page 188 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Operational speed 100000000 Administrative speed 0 Creation type Static Neighbor Discovery is disabled In Received Packets 0, Bytes 0 Unicast Packets 0, Bytes 0 Multicast Packets 0, Bytes 0 In Total Dropped Packets 0, Bytes 0 In Policed Packets 0 In Invalid Source Address Packets 0 In Error Packets 0...
Page 189 Chapter 2: Configuring IPv6 Description: IPv6 interface in Virtual Router Hop6 Network Protocols: IPv6 Link local address: fe80::90:1a00:740:31cd Internet address: 6:1:1::1/64 Operational MTU 1500 Administrative MTU 0 Operational speed 100000000 Administrative speed 0 Creation type Static ND reachable time is 3600000 milliseconds ND duplicate address detection attempts is 100 ND neighbor solicitation retransmission interval is 1000 milliseconds ND proxy is enabled...
Page 190 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Committed: 0 packets, 0 bytes Conformed: 0 packets, 0 bytes Exceeded: 0 packets, 0 bytes rate-limit-profile Rlp5Mb Committed: 0 packets, 0 bytes Conformed: 0 packets, 0 bytes Exceeded: 0 packets, 0 bytes queue 0: traffic class best-effort, bound to ipv6 FastEthernet9/0.6 Queue length 0 bytes Forwarded packets 0, bytes 0...
Page 191 Chapter 2: Configuring IPv6 In Invalid Source Address Packets 0 In Error Packets 0 In Discarded Packets 0 Out Forwarded Packets 0, Bytes 0 Unicast Packets 0, Bytes 0 Multicast Routed Packets 0, Bytes 0 Out Total Dropped Packets 0, Bytes 0 Out Scheduler Dropped Packets 0, Bytes 0 Out Policed Packets 0 Out Discarded Packets 0...
Page 192 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide In Total Dropped Packets 0, Bytes 0 In Policed Packets 0 In Invalid Source Address Packets 0 In Error Packets 0 In Discarded Packets 0 Out Forwarded Packets 22, Bytes 2480 Unicast Packets 22, Bytes 2480 Multicast Routed Packets 0, Bytes 0 Out Total Dropped Packets 8, Bytes 0 Out Scheduler Dropped Packets 0, Bytes 0...
Page 193 Chapter 2: Configuring IPv6 Sent: 13 total, 0 errors 0 rtr solicits, 9 rtr advertisements 2 neighbor solicits, 2 neighbor advertisements Group membership: 0 queries, 0 responses, 0 reductions 0 redirects In Received Packets 0, Bytes 0 Unicast Packets 0, Bytes 0 Multicast Packets 0, Bytes 0 In Total Dropped Packets 0, Bytes 0 In Policed Packets 0...
Page 194 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide ICMPv6 statistics: Rcvd: 0 total, 0 errors 0 rtr solicits, 0 rtr advertisements 0 neighbor solicits, 0 neighbor advertisements Group membership: 0 queries, 0 responses, 0 reductions 0 redirects Sent: 0 total, 0 errors 0 rtr solicits, 0 rtr advertisements 0 neighbor solicits, 0 neighbor advertisements Group membership: 0 queries, 0 responses, 0 reductions...
Page 195 Chapter 2: Configuring IPv6 Example 6 host1# show ipv6 interface brief Interface IPv6-Address Status Protocol Description ----------------- ------------------ ------- -------- ---------------- null0 Unnumbered FastEthernet9/1.5 5:1:1::2/64 IPv6 interface in Virtual Router Hop FastEthernet9/0.6 6:1:1::1/64 IPv6 interface in Virtual Router Hop loopback5 10:1:1:0:290:1aff:fe up 40:1d44/64 See show ipv6 address...
Page 196 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide See show ipv6 forwarding-table slot. show ipv6 local pool Use to display information on IPv6 local address pools, such as prefix delegation parameters and attributes that control the assignment of prefixes to requesting routers.
Page 197 Chapter 2: Configuring IPv6 Dns Servers List of IPv6 addresses of DNS servers to be sent to clients in the DHCPv6 responses Domain Search List List of domain names configured in the IPv6 local pool for DNS resolution IPv6 Local Address Pool Statistics: Allocations Number of prefixes allocated to DHCPv6 clients from the local address pool Allocation Errors Number of errors encountered during the allocation...
Page 198 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide 2002:2002::/48 1 day 1 day 3003:3003::/56 1 day 1 day 4004:4004:0:ff00::/64 1 day 1 day 5005:5005::/48 infinite infinite Exclude 5005:5005:1::/48 5005:5005:2::/48 - 5005:5005:a::/48 Dns Servers 3001::1 3001::2 Domain Search List test1.com test2.com test3.com test4.com Example 3 Displays IPv6 local address pool statistics used for DHCP prefix...
Page 199 Chapter 2: Configuring IPv6 host1# show ipv6 neighbors Interface IPv6-Address Type Hardware Addr State ----------------- ----------------- ------- -------------- ----- ----- FastEthernet4/1 1::1 dynamic 0090.1a40.05e5 reach 3 Example 2 host1# show ipv6 neighbors summary Total IPv6 neighbors: 7 By type: 5 global, 2 link-local, 0 anycast, 0 unknown By state: 5 reachable, 0 incomplete, 2 stale, 0 probe, 0 delay, 0 init IPv6 address conflicts: 0 during DAD resolution, 0 after DAD resolution See show ipv6 neighbors...
Page 200 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Shutdown in overload state Status of shutdown in an overload state Default local preference Default value for local preference IGP synchronization Indicates whether synchronization is enabled or disabled Default originate Indicates whether network 0.0.0.0 is redistributed into Auto summary Status of autosummary Always compare MED Status of always compare MED Compare MED within confederation Status of compare MED within a...
Page 201 Chapter 2: Configuring IPv6 Local router ID 1.1.1.1, local AS 100 Administrative state is Start Operational state is Up Shutdown in overload state is disabled Default local preference is 100 IGP synchronization is enabled Default originate is disabled Auto summary is enabled Always compare MED is disabled Compare MED within confederation is disabled Advertise inactive routes is disabled...
Page 202 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to display the current state of the routing table, including routes not used for forwarding. You can display all routes, a specific route, detailed information about all or a specific route, or summary counters for the routing table. Field descriptions Prefix IPv6 address prefix Length Prefix length...
Page 203 Chapter 2: Configuring IPv6 0 other internal routes 0 access routes 0 internally created access host routes 0 mbgp routes 0 dvmrp routes Last route added/deleted: null by Invalid At MON FEB 04 2008 14:18:04 UTC MPLS tunnel routes (not used for forwarding): 3 total routes, 216 bytes in route entries 1 bgp tunnel routes 1 ldp tunnel routes...
Page 204 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Valid lifetime Amount of time in seconds that the router advertises the IPv6 prefix as valid preferred lifetime Amount of time in seconds that the router advertises the specified IPv6 prefix as preferred Example 1 host1#show ipv6 routers Router FE80::83B3:60A4 on FastEthernet2/0, last update 3 min...
Page 205 Chapter 2: Configuring IPv6 6::/64 5::2 ATM4/0.15 2003::/16 5::1 ATM4/0.15 See show ipv6 static show ipv6 traffic Use to display statistics about IPv6 traffic. Field descriptions IPv6 statistics Rcvd: total Total number of packets received local destination Number of packets received with this router as their destination hdr errors Number of packets containing header errors addr errors Number of packets containing addressing errors...
Page 206 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide redirects Received packet redirects echo requests Echo request (ping) packets echo replies Echo replies received rtr solicits Number of received router solicitations rtr advertisements Number of received router advertisements neighbor solicits Number of received neighbor solicitations neighbor advertisements Number of received neighbor advertisements Group membership (queries, responses, reductions) Number of queries, responses, and reduction requests received from within a group to which...
Page 207 Chapter 2: Configuring IPv6 no port No port error packets received UDP Statistics Sent: total Total number of received packets errors Error packets received Example host1#show ipv6 traffic IPv6 statistics: Rcvd: 0 total, 0 local destination 0 hdr errors, 0 addr errors 0 unkn proto, 0 discards Sent: 0 forwarded, 0 generated...
Page 208 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Example host1#show license ipv6 Ipv6 license is ipv6_license See show license show tcp statistics Use to display all TCP statistics (both IPv4 and IPv6). Baselining is supported for this command. Use the ip keyword to display only IPv4 statistics. Use the ipv6 keyword to display only IPv6 statistics.
Page 209 Chapter 2: Configuring IPv6 retransmitted pkts Number of packets retransmitted retransmitted bytes Number of bytes retransmitted Global Diagnostic Data Unknown Connection log Includes the following global statistics: Source address/port – local port Shows the 32 most recent TCP connection attempts that were rejected, including the remote node’s IP or IPv6 address and port, the local port for the connection attempt, and the number of identical attempts that have been received on that port in a row.
Page 210 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide bytes Number of bytes received on the TCP connection chksum err pkts Number of checksum error packets received on the TCP connection bad offset pkts Number of bad offset packets received on the TCP connection short pkts Number of short packets received on the TCP connection duplicate pkts Number of duplicate packets received on the TCP...
Page 211 Chapter 2: Configuring IPv6 tcpDisconnect()s Number of times BsdTcp::tcpDisconnect() was called. This is a per-connection statistic. keep T/O pre-estab Number of times the keepalive timer expired before the connection reached the established state. This is a per-connection statistic. tcpkeeptimeo_idle Number of times the keepalive timer popped, but no keepalive was sent because of connection idle-time considerations.
Page 212 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide RST/SYN-Ack DoS Protection Specifies when this function is enabled RSTs acked Number of RSTs received and then acknowledged by the TCP stack. NOTE: This count is maintained even when the protection functions are disabled. The value indicates the count of packets that would have been acknowledged if the protections were enabled.
Page 213 Chapter 2: Configuring IPv6 # ICMP TooBigs Number of ICMP Too Big messages that the router has received. When PMTU is disabled, this counter does not increase. # ICMP TooBigs for unk. connection Number of ICMP Too Big messages that the router has received for TCP connections that do not exist. When PMTU is disabled, this counter does not increase.
Page 214 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Buffers Outstanding Number of buffers currently on the connection reordering queue High Water Most buffers that have ever been on the connection reordering queue Buffers discarded Number of buffers that were discarded because keeping them would have exceeded the connection maximum TCP PAWS is [enabled/disabled] Status of the TCP PAWS option;...
Page 215 Chapter 2: Configuring IPv6 Example 2 Additional fields displayed by diagnostic keyword host1#show tcp statistics diagnostic Global Diagnostic Data Unknown Connection log Source address/port -> local port 128.127.126.125/124 -> 8080 count: 3 111.111.111.111/222 -> 3333 count: 4 # connection-reqs rejected: 0 # connection-reqs pending: 0 # sonewconn calls that fail: 0 Diagnostics:...
Page 216 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide RST/SYN-Ack Protection is: ENABLED RSTs acked: 0 ...Bogus RSTs: 0 SYNs acked: 0 ...Bogus SYNs: 0 Data Insertions rejected: 0 PMTUD Information: PMTUD: ENABLED Administrative Minimum MTU: 512 Administrative Maximum MTU: none Timer 1: 10 minutes Timer 2: 2 minutes # ICMP TooBigs: 0...
Page 217: Configuring Neighbor Discovery
Chapter 3 Configuring Neighbor Discovery This chapter describes how to configure Neighbor Discovery (ND) on your E Series router; it contains the following sections: Overview on page 193 Platform Considerations on page 194 References on page 194 Before You Configure Neighbor Discovery on page 194 Configuring Neighbor Discovery on page 195 Configuring Proxy Neighbor Advertisements on page 200 Configuring Duplicate Address Detection Attempts on page 201...
Page 218: Platform Considerations
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Next-hop determination The algorithm that a node uses for mapping an IPv6 destination address into a neighbor IPv6 address (either the next router hop or the destination itself) to which it plans to send traffic for the destination. Neighbor unreachability detection How a node determines that it can no longer reach a neighbor.
Page 219: Configuring Neighbor Discovery
Chapter 3: Configuring Neighbor Discovery NOTE: IPv6 Neighbor Discovery is fully supported when configured on broadcast interfaces. IPv6 neighbor discovery supports only router advertisement characteristics when configured on PPP interfaces. Configuring Neighbor Discovery To configure Neighbor Discovery: Access an IPv6 interface. host1(config)#interface fastEthernet 3/0 host1(config-if)# Configure the current IPv6 interface to send neighbor solicitations and to respond...
Page 220: Using Ipv6 Profiles And Radius To Configure Neighbor Discovery Route Advertisements
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide host1(config-if)#ipv6 nd ra-lifetime 900 (Optional) Configure the router advertisement to list a specified prefix, for a valid lifetime and preferred lifetime. The following example also advertises the prefix as reachable on link and that the router can use it as part of the stateless address configuration.
Page 221: Radius-Based Configuration
Chapter 3: Configuring Neighbor Discovery route advertisement characteristics, which are then configured on the dynamically-created IPv6 interfaces. You can include the following commands in IPv6 profiles to configure Neighbor Discovery route advertisement characteristics. Command Description ipv6 nd Enables Neighbor Discovery on an interface ipv6 nd managed-config-flag Sets the “...
Page 222 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide ipv6 nd active-solicitations Use to specify that the router actively solicit neighbors that become stale (inactive). Normally, when a neighbor entry goes from a reachable state to a stale state, the router drops traffic until it resolves this neighbor entry. When enabled, the ipv6 nd active-solicitations command allows the router to use the stale neighbor entry while it solicits the neighbor.
Page 223 Chapter 3: Configuring Neighbor Discovery Use the no version of this command to clear the flag from IPv6 router advertisements. See ipv6 nd other-config-flag ipv6 nd prefix-advertisement Use to specify which IPv6 prefixes the system includes in IPv6 router advertisements. Example host1(config-if)#ipv6 nd prefix-advertisement 2002:1::/64 60000 45000 onlink autoconfig...
Page 224: Configuring Proxy Neighbor Advertisements
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide host1(config-if)#ipv6 nd reachable-time 30000 Example 2 Sets the reachable-time to 1 hour, 10 minutes, and 45 seconds host1(config-if)#ipv6 nd reachable-time 1 10 45 Use the no version of this command to restore the default value (zero [0] milliseconds for router advertisements and 3,600,000 milliseconds [1 hour] for Neighbor Discovery activity of the E Series router).
Page 225: Configuring Duplicate Address Detection Attempts
Chapter 3: Configuring Neighbor Discovery host1(config)#ipv6 nd NOTE: This command is redundant when configuring Neighbor Discovery over Ethernet, because neighbor solicitations and advertisements are automatically sent on Ethernet interfaces. Enable IPv6 neighbor proxy. host1(config-if)#ipv6 nd proxy ipv6 nd proxy Use to enable or disable Neighbor Discovery proxy. Example host1(config-if)#ipv6 nd proxy Use the no version of this command to disable Neighbor Discovery proxy.
Page 226: Monitoring Neighbor Discovery
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Monitoring Neighbor Discovery Neighbor Discovery-specific output appears in the output of various IPv6 show commands. For detailed information about IPv6 show commands and their output, see “Configuring IPv6” on page 125. Monitoring Neighbor Discovery...
Page 227: Part 2 Internet Protocol Routing
Part 2 Internet Protocol Routing Configuring RIP on page 205 Configuring OSPF on page 241 Configuring IS-IS on page 325 Internet Protocol Routing...
Page 228 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Internet Protocol Routing...
Page 229: Chapter 4 Configuring Rip
Chapter 4 Configuring RIP This chapter describes how to configure the Routing Information Protocol (RIP) on your E Series router; it contains the following sections: Overview on page 205 Platform Considerations on page 206 References on page 207 Features on page 207 Before You Run RIP on page 210 Configuration Tasks on page 210 Enabling RIP on Dynamic IP Interfaces on page 223...
Page 230: Rip Messages
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide to 16 for an unreachable network. This small range prevents RIP from being useful for large networks. RIP Messages RIP exchanges routing information via User Datagram Protocol (UDP) data packets. Each RIP router sends and receives datagrams on UDP port number 520, the RIP version 1/RIP version 2 port.
Page 231: References
Chapter 4: Configuring RIP References For more information about RIP, consult the following resources: RFC 1058 Routing Information Protocol (June 1998) RFC 2453 RIP Version 2 (November 1998) Features Some of the major RIP features supported by the router include: authentication RIP version 1 BFD liveness detection...
Page 232: Subnet Masks
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide The first 20-byte entry in a RIP authentication message contains an address family identifier value of 0xffff and a route tag value of 2. If the 0xffff address family is present in the RIP message, the remaining 16 octets of the entry contain a plain text password.
Page 233: Next Hop
Chapter 4: Configuring RIP Next Hop The Next Hop field in a RIP message contains the next IP address where a packet is sent. A value of zero in this field indicates that the next address the packet should be sent to is the router that originally sent the RIP message. Multicasting To reduce unnecessary load on hosts that are not listening to RIPv2 messages, an IP multicast address is used for periodic broadcast messages.
Page 234: Split Horizon
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide You can use the ip summary-address command to specify routes that RIP will Static Summary summarize. Example host1(config-router)#ip summary-address 4.4.0.0 255.255.0.0 5 host1(config-router)#ip summary-address 4.3.0.0 255.255.0.0 6 Split Horizon Split horizon is a mechanism to aid in preventing routing loops when distance-vector routing protocols such as RIP are employed in broadcast networks.
Page 235 Chapter 4: Configuring RIP host1(config-router)#network 10.2.1.0 255.255.255.0 host1(config-if)#ip rip host1(config-if)#ip rip receive version 1 host1(config-if)#ip rip send version 2 host1(config-if)#ip rip authentication mode text host1(config-if)#ip rip authentication key klaatu42 Associate the RIP routing process with an interface specified by an IP address or with an unnumbered interface, and configure RIP for the interface.
Page 236 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide (Optional) Summarize routes. Use a prefix tree to specify the number of bits to report for routes matching a route map: host1(config)#ip prefix-tree boston permit 10.10.2.0/24 host1(config-router)#route-map 4 host1(config-route-map)#match-set summary prefix-tree boston NOTE: For information about the ip prefix-tree command, see JUNOSe IP Services Configuration Guide.
Page 237: Relationship Between Address And Network Commands
Chapter 4: Configuring RIP Relationship Between address and network Commands If you use the network command to configure a RIP network, use the ip rip commands to configure the RIP attributes for that network. Do not use the address commands. If you use the address command to configure a RIP network, use the address commands to configure the RIP attributes for that network.
Page 238 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Specify md5 keyID to send an MD5 hash to neighbors. Neighbors must share the MD5 key to decrypt the message and encrypt the response. Example host1(config-router)#address 10.2.1.1 authentication mode text Use the no version to remove authentication from all RIP interfaces. See address authentication mode address receive version Use to restrict the RIP version that the router can receive on an interface.
Page 239 Chapter 4: Configuring RIP Use the no version to restore the default value, 10 seconds. See debounce-time default-information originate Use to enable RIP to advertise a default route (0.0.0.0/0) if the default route exists in the IP routing table. If the default route does not exist, you must configure it using the ip route command, or specify the always keyword.
Page 240 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use the no version to reenable dynamic redistribution. See disable-dynamic-redistribute distance Use to set the administrative distances for routes. Example host1(config-router)#distance 150 Use the no version to restore the default value, 120. See distance distribute-list Use to apply a specific access list to incoming or outgoing RIP route updates.
Page 241 Chapter 4: Configuring RIP ip rip authentication key Use to specify either the simple password for text authentication or the encryption/decryption key for MD5 authentication. The key is a string of up to 16 alphanumeric characters and can be mixed uppercase and lowercase. You can specify whether the key is entered in unencrypted or encrypted format.
Page 242 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide ip split-horizon Use to configure the split horizon feature and poison reverse features for the interface. Enabled by default, split horizon prevents the RIP router from advertising routes from the originating interface. Poison reverse routing updates are disabled by default;...
Page 243 Chapter 4: Configuring RIP The maximum number of routes can be in the range 1–16. Example host1(config-router)#maximum-paths 2 Use the no version to restore the default value, 4. See maximum-paths neighbor Use to specify a RIP neighbor to which the router sends unicast messages. You must also use the passive-interface command to specify the interface as passive, thereby restricting the interface to unicast RIP messages.
Page 244 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use the no version to reenable the transmission of RIP multicast messages on the specified interface. See passive-interface redistribute Use to redistribute information from a routing domain other than RIP into the RIP domain.
Page 245 Chapter 4: Configuring RIP Example host1(config)#router rip Use the no version to delete the RIP process and removes the configuration from your router. See router rip send-more-specific-routes-disable Use to configure RIP to send a less-specific route in preference to a more-specific route if the less-specific route has a metric.
Page 246 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide update Interval in seconds at which routing updates are sent. The default is 30 seconds. invalid Interval in seconds after which a route is declared invalid (null). Set this value to at least three times the update value. The default is 180 seconds. holddown Interval in seconds during which routing information about better paths is suppressed.
Page 247: Enabling Rip On Dynamic Ip Interfaces
Chapter 4: Configuring RIP Enabling RIP on Dynamic IP Interfaces You can use the ip rip copy-to-dynamic command to enable RIP on dynamic, unnumbered IP interfaces. This command allows the dynamic interfaces, as they are created, to copy RIP settings from a numbered IP interface to which the interfaces refer for their source address.
Page 248: Using Rip Routes For Multicast Rpf Checks
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide is still using the ip rip copy-to-dynamic command, when the router recreates the dynamic interfaces, they use the RIP attributes from the interface to which they refer. If the router no longer uses the ip rip copy-to-dynamic command, any newly created dynamic interfaces do not use the RIP attributes from the reference interface.
Page 249 Chapter 4: Configuring RIP rapidly detect failures in a network. Also, because they are adjustable, you can modify the BFD timers for more or less aggressive failure detection. Without BFD, when a RIP peer goes down, the routes learned from that peer are purged only after each route times out.
Page 250: Remote Neighbors
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide You can use the minimum-interval keyword to specify the same value for both of those intervals. Configuring a minimum interval has the same effect as configuring the minimum receive interval and the minimum transmit interval to the same value.
Page 251 Chapter 4: Configuring RIP authentication-key Use to specify the password for text authentication and the key for MD5 authentication for RIP remote-neighbor interface. This command is supported only in RIPv2. Authentication is disabled by default. Example host1(config-router-rn)#authentication key 0 jun27ior Use the no version to clear the key for the remote-neighbor interface.
Page 252 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide host1(config-router-rn)#exit-remote-neighbor There is no no version. See exit-remote-neighbor receive version Use to restrict the RIP version that the router can receive on a RIP remote-neighbor interface. The default is to receive both RIPv1 and RIPv2. The off keyword overrides any other specified option;...
Page 253: Monitoring Rip
Chapter 4: Configuring RIP Example host1(config-router-rn)#no split-horizon Use the no version to disable the split horizon and enable poison reverse routing updates. See split-horizon time-to-live Use to configure a hop count by setting the value of the time-to-live field used by packets sent to a RIP remote neighbor.
Page 254: Debug Commands
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide debug Commands The debug commands provide information about the following RIP items: General events, such as creating a RIP process or removing RIP from an interface Routing events, such as when two RIP routers exchange routes debug ip rip Use to display information about selected RIP events.
Page 255 Chapter 4: Configuring RIP You can set a statistics baseline for RIP interfaces by using the baseline ip rip command. You can specify a VRF instance for the show ip rip commands. You can use the output filtering feature of the show command to include or exclude lines of output based on a text string you specify.
Page 256 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Distance Value added to RIP routes added to the IP routing table. The default is 120. Number of route changes Number of times the router has been told to route changes by its peers Number of route queries Number of times the router has received route requests from other routers Update interval Current setting of the update timer (in seconds)
Page 257 Chapter 4: Configuring RIP Unnumbered status Status of the unnumbered interface Received bad packet Number of bad packets received Received bad routes Number of bad routes received Triggered updates sent Number of triggered updates sent; triggered updates are sent before the entire RIP routing table is sent; triggered by events such as adding a new RIP route or redistribution Received updates Number of updates received Numbered status Status of the numbered interface from which this...
Page 258 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide host1#show ip rip Routing Information Protocol Router Administrative State = enable System version RIP2: send = 2, receive = 2 No filter is applied to outgoing route update for all interfaces No filter is applied to incoming route update for all interfaces No global route map No table map Default metric = 1...
Page 259 Chapter 4: Configuring RIP No global route map No table map Default metric = 1 Distance = 120 Number of route changes = 17 Number of route queries = 2 Update interval = 30 (secs) Invalid interval = 180 (secs) Hold down time = 120 (secs) Flush interval = 300 (secs) Route Type...
Page 260 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide host1#show ip rip ifconfig *** Interface Configuration Data*** FastEthernet1/0 Send version = def Receive version = def Authentication mode = none Default metric = default BFD minimum receive interval(msec) = BFD minimum transmit interval(msec)= 500 BFD multiplier = 2 Passive Interface = No Access-list applied to outgoing route = none...
Page 261 Chapter 4: Configuring RIP Specify the active keyword to limit the display to active routes learned via RIP updates. Specify the inactive keyword to limit the display to routes that the router will discard in the immediate future. Field descriptions Prefix IP address prefix Length Prefix length ttl (Time to live) Indicates how many seconds the specific route remains...
Page 262 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to display limited information about each RIP neighbor. Specify vrf vrfName to limit the display to a specific VRF. Field descriptions Time since last update received Time in seconds since an update was received from this peer Peer version Version of IS-IS running on the peer Bad packets received Number of bad packets received from the peer...
Page 263 Chapter 4: Configuring RIP Received bad packets Number of bad packets received from the peer Received bad routes Number of bad routes received from the peer Triggered updates sent Number of triggered updates sent; triggered updates are sent before the entire RIP routing table is sent; triggered by events such as adding a new RIP route or redistribution Received updates Number of updates received Example 1...
Page 264 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Monitoring RIP...
Page 265: Configuring Ospf
Chapter 5 Configuring OSPF This chapter provides information for configuring the Open Shortest Path First (OSPF) routing protocol on your E Series router; it contains the following sections: Overview on page 242 Platform Considerations on page 245 References on page 246 Features on page 246 OSPF Configuration Tasks on page 251 Starting OSPF on page 251...
Page 266: Overview
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Overview OSPF is an interior gateway protocol (IGP) that runs within a single autonomous system (AS). Exterior gateway protocols (EGPs), such as Border Gateway Protocol (BGP), exchange routing information between ASs. OSPF is a link-state routing protocol, similar to the Intermediate System–to–Intermediate System (IS-IS) routing protocol.
Page 267 Chapter 5: Configuring OSPF Table 9: OSPF-Related Terms (continued) Term Meaning authentication type The method by which authentication is achieved null (or none), simple, or MD5. For example, simple authentication requires a 64-bit password in each OSPF packet. autonomous system A set of networks or IP prefixes within a single routing policy domain.
Page 268 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Table 9: OSPF-Related Terms (continued) Term Meaning LSA types OSPF LSAs are categorized into the following types: Type 1 LSAs generated by an OSPF router for each area that it belongs to. Type 1 LSAs are flooded to only a single area. These LSAs carry information about directly connected links.
Page 269: Platform Considerations
Chapter 5: Configuring OSPF Table 9: OSPF-Related Terms (continued) Term Meaning router ID A 32-bit number that uniquely identifies a router within an AS; for example, 10.10.1.5. stub area An area that does not get flooded with external LSAs but does carry intra-area and interarea routes and a default route.
Page 270: References
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide See ERX Module Guide, Table 1, Module Combinations for detailed module specifications. See ERX Module Guide, Appendix A, Module Protocol Support for information about the modules that support OSPF. For information about modules that support OSPF on the E120 and E320 Broadband Services Routers: See E120 and E320 Module Guide, Table 1, Modules and IOAs for detailed module specifications.
Page 271: Routing Priority
Chapter 5: Configuring OSPF LSDB. OSPF computes routes only to destinations within the area, and does not flood routes beyond the area boundaries. Routing Priority OSPF areas receive routes based on priority. Table 10 on page 247 describes the routing priority. Table 10: Routing Priority Priority Type...
Page 272: Opaque Lsas
Networks website for complete information about the OSPF Management Information Base (MIB) supported by your router. The MIBs folder contains information about all supported standard and Juniper Networks E Series enterprise (proprietary) MIBs. OSPF does not act as a host within the router and therefore does not support the ospfIfMetric and ospfHost tables.
Page 273: Implementing Ospf For Ipv6
Chapter 5: Configuring OSPF BGP The default expectation is that your routing environment is an AS running OSPF and exchanging BGP routes with other ASs. See JUNOSe BGP and MPLS Configuration Guide. Implementing OSPF for IPv6 OSPF version 3 (OSPFv3) specifies IPv6 support in the OSPF protocol. Compared with OSPF version 2, the fundamental mechanisms for OSPF remain unchanged.
Page 274: Supported Lsa Types
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Supported LSA Types OSPFv3 supports the following LSA types: Router LSA Describes link state and costs of router links to the area; flooded within an area only Network LSA Originated by the designated router for every broadcast or nonbroadcast multiaccess (NBMA) link having two or more attached routers;...
Page 275: Ospf Configuration Tasks
Chapter 5: Configuring OSPF SNMP traps Features specified in “OSPF as the PE/CE Protocol in BGP/MPLS IP VPNs” (draft-ietf-l3vpn-ospf-2547) OSPF Configuration Tasks Configuring OSPF requires careful coordination among a variety of routing devices: Routers internal to a single area Routers that link multiple areas within a single routing domain; these routers are called area border routers (ABRs) Routers that link multiple routing domains;...
Page 276: Enabling Ospfv3
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide You can issue the no network area command, which deletes all OSPF interfaces within the specified range. If the OSPF interface was created with the address area command, you can issue the no address area command to delete the specified interface. You can issue the no ip address command to delete the IP interface associated with the OSPF interface and also the OSPF interface itself.
Page 277 Chapter 5: Configuring OSPF network area Use to configure a range of OSPFv2 interfaces and their related area. If the specified range matches one or more of the IP addresses configured for IP interfaces, one or more corresponding OSPF interfaces are created and placed in the specified area.
Page 278: Creating A Single Ospfv2 Interface
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to enable OSPF on the router. OSPF is enabled by default. Example host1(config-router)#ospf enable The no version of this command is deprecated and may be removed in a future release. Use the ospf shutdown command to disable OSPF on the router. See ospf enable router ospf ipv6 router ospf...
Page 279: Specifying An Ospf Router Id
Chapter 5: Configuring OSPF Configures OSPFv2 with the default values. You can configure the interface with a nondefault value by using the other address commands. You must first issue the address area command before issuing any other address commands. See “Configuring OSPF Interfaces”...
Page 280: Aggregating Ospf Networks
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to specify a different IP address for the router to use as the OSPF router ID. Example host1(config-if)#router-id 192.168.50.5 Use the no version to force OSPF to use the previous OSPF router ID behavior. See router-id Aggregating OSPF Networks You can aggregate OSPF networks at the border of an OSPF area by using the area...
Page 281: Configuring Ospf Interfaces
Chapter 5: Configuring OSPF host1(config-router)#network 2.2.0.0 0.0.255.255 area 0 At this point, the OSPF process is configured with two OSPF interfaces. If your router is an ABR, two networks must be summarized: 2.2.10.0/24 and 2.2.11.0/24. host1(config-router)#area 0 range 2.2.0.0 255.255.0.0 After you enter this area range command, only the aggregated range 2.2.0.0/16 is going to be summarized.
Page 282: Address Commands
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Configuring OSPF attributes for OSPF networks includes setting the following: Cost Dead interval Hello interval Router priority Retransmit interval Transmit delay NOTE: Before using the address or ip ospf commands, see “Precedence of Commands”...
Page 283 Chapter 5: Configuring OSPF Use to specify the cost metric for the interface. The cost is used in calculating the SPF routing table and can be in the range 0–65535. The interface can have an IP address, or it can be unnumbered. Example host1(config-router)#address unnumbered atm 4/0.1 area 3 host1(config-router)#address unnumbered atm 4/0.1 cost 50...
Page 284 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Example host1(config-router)#address 192.168.100.20 area 5 host1(config-router)#address 192.168.100.20 passive-interface Use the no version to reenable the transmission of routing updates. See address passive-interface address priority Use to specify the router priority, an 8-bit number in the range 1–255. Used in determining the designated router for the particular network.
Page 285: Ip Ospf And Ipv6 Ospf Commands
Chapter 5: Configuring OSPF Use the no version to restore the default value, 1 second. See address transmit-delay ip ospf and ipv6 ospf Commands The ip ospf commands have two effects on interface configuration. These effects apply to all ip ospf commands: Configuration per logical IP interface (for example, Fast Ethernet 0/1.3 or ATM 5/0.1): The ip ospf command configures the specified OSPF parameters for all networks...
Page 286 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use the no version to remove this interface from the specified area. See ipv6 ospf area ip ospf cost ipv6 ospf cost Use to configure the cost of sending a packet on the network. Cost is a metric value in the range 0–65535;...
Page 287 Chapter 5: Configuring OSPF See ip ospf dead-interval See ipv6 ospf dead-interval ip ospf hello-interval ipv6 ospf hello-interval Use to configure the interval between hello packets. Specify an interval in the range 1–65535 seconds; the default value is 10 seconds. For the OSPF routers to become adjacent, the hello interval must be identical on each router.
Page 288 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use the no version to revert the network type to the default for the interface. See ipv6 ospf network ip ospf priority ipv6 ospf priority Use to configure the router’s priority. Select a priority level in the range 0–255; the default value is 1. This setting determines the designated router for the particular network.
Page 289: Comparison Example
Chapter 5: Configuring OSPF ipv6 ospf transmit-delay Use to configure the time it takes to transmit a link-state update on the interface. This is the time between transmissions of LSAs. Specify an interval in the rang 0–3600 seconds; the default value is 1 second. In setting the time, consider the interface’s transmission and propagation delays.
Page 290: Precedence Of Commands
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Precedence of Commands For a single OSPF interface, when you modify the same OSPF attribute by issuing both the ip ospf command and the address command, the value configured with the address command takes precedence. In other words, the most specific command for a single OSPF interface takes precedence.
Page 291 Chapter 5: Configuring OSPF Creating areas complicates the task of configuring OSPF routing domains. You can optionally define an area to be a stub area, totally stubby area, or a not-so-stubby area. You can configure virtual links for areas that are not directly connected to a backbone area.
Page 292 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide area (with the no-summary keyword), or to stop the application of the specified metric cost, metric type, or a route map to the type 7 default LSAs. See area nssa area stub Use to configure a stub area.
Page 293 Chapter 5: Configuring OSPF Use to set the time in seconds to wait before declaring a neighbor down after not receiving packets from that neighbor. Specify an interval in the range 0–2147483647 seconds; the default value is 40 seconds. Example host1(config-router)#area 27.0.0.0 virtual-link 27.8.4.2 dead-interval 10 Use the no version to remove the virtual link’s dead interval.
Page 294: Optimizing The Cost To Reach A Range Of Ospf Routers Within An Area
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use the no version to remove the interface’s transmit delay. See area virtual-link transmit-delay automatic-virtual-link Use to enable an automatic virtual link configuration. If this feature is enabled, then backbone connectivity is ensured by the automatic creation of a virtual link between this backbone router that has an interface to a common nonbackbone area and other backbone routers that have interfaces to a common nonbackbone area.
Page 295: Figure 17: Optimizing Ospf Area Aggregate Costs
Chapter 5: Configuring OSPF Figure 17: Optimizing OSPF Area Aggregate Costs In this example, the router IDs of the OSPF routers in area 1 are announced by OSPF into area 0. ABR 1 and ABR 2 aggregates the 10.1.1.x networks in area 1 at the border.
Page 296: Configuring Authentication
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide ABR 2-->Router 5-->Router 4 The highest individual cost is 3. ABR 2 subsequently calculates a cost of 3 for the aggregate 10.1.1.0 to be announced into area 0. When Router 3 sends traffic to Router 4, it routes the traffic via ABR 2 because ABR 2 advertises a lower cost than does ABR 1.
Page 297 Chapter 5: Configuring OSPF Use to assign a password used by neighboring routers for OSPF simple password authentication. The interface can have an IP address, or it can be unnumbered. You can specify whether the key is entered in unencrypted or encrypted format. If you do not specify which, the string is assumed to be unencrypted.
Page 298 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Configures an interface already created, or creates a new OSPF interface and configures the MD5 key. The interface can have an IP address, or it can be unnumbered. Example host1(config-router)#address 10.1.1.1 message-digest-key 1 md5 0 9mwk6gdr76 Use the no version to delete the MD5 key.
Page 299 Chapter 5: Configuring OSPF The no version has no effect. See area virtual-link authentication-none area virtual-link message-digest-key md5 Use to enable MD5 authentication and to configure MD5 keys for virtual links. The MD5 key is a character string up to 16 characters long. You must also specify a key identifier and whether the key is entered in unencrypted or encrypted format.
Page 300: Configuring The Bfd Protocol For Ospf
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use the no version to set authentication for the interface to none without removing any configured MD5 key. You can subsequently apply MD5 authentication to the interface without having to reconfigure the key. See ip ospf authentication message-digest ip ospf authentication-none Use to specify that no authentication is used for the OSPF interface.
Page 301 Chapter 5: Configuring OSPF OSPFv3 (respectively). The BFD protocol uses control packets and shorter detection time limits to more rapidly detect failures in a network. Also, because they are adjustable, you can modify the BFD timers for more or less aggressive failure detection.
Page 302: Configuring Additional Parameters
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide You can change the BFD liveness detection parameters at any time without stopping or restarting the existing session; BFD automatically adjusts to the new parameter value. However, no changes to BFD parameters take place until the values resynchronize with each peer.
Page 303 Chapter 5: Configuring OSPF host1(config)#ip route 20.20.20.0 255.255.255.0 192.168.1.0 host1(config)#ip route 20.20.21.0 255.255.255.0 192.168.1.0 host1(config)#ip route 20.21.0.0 255.255.255.0 192.168.1.0 Configure an access list with filters on routes 20.20.20.0/24 and 20.20.21.0/24. host1(config)#access-list boston permit 20.20.0.0 0.0.255.255 Configure a route map that matches the previous access list and applies a metric type 1 (OSPF).
Page 304 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Affects OSPF metrics for only OSPFv3 interfaces created after the execution of this command. This command’s value overrides the cost resulting from the command. If you want this command to apply to OSPF interfaces already configured, you need to bounce the existing interfaces: Use the no network and then the network command for the selected OSPF interfaces.
Page 305 Chapter 5: Configuring OSPF 8927 hello, 8341 database desc, 53 link state req 158571 link state updates, 89134 link state acks Supports only single TOS(TOS0) routes SPF schedule delay 0 secs, Hold time between two SPFs 3 secs Maximum path splits 1 Area BACKBONE(0.0.0.0) Area is a transit area SPF algorithm executed 425 times...
Page 306 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to clear the OSPF IPv6 process on the virtual router. Example host1#clear ipv6 ospf process There is no no version. See clear ipv6 ospf process clear ip ospf database Use to delete all entries from the OSPF link-state database and to reset all adjacencies.
Page 307 Chapter 5: Configuring OSPF Use to clear and readvertise all of the routes that have been previously redistributed into OSPF. CAUTION: Using this command purges all external LSAs and reoriginates. Example 1 host1#clear ip ospf redistribution Example 2 host1#clear ipv6 ospf redistribution There is no no version.
Page 308 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide distance Use to configure the administrative distance for OSPF routes. Example host1(config-router)#distance ospf external 60 Default settings: Intra-area routes 110 Interarea routes 112 External routes 114 Use the no version to restore the default values. See distance ip ospf shutdown ipv6 ospf shutdown...
Page 309 Chapter 5: Configuring OSPF See log-adjacency-changes See ospf log-adjacency-changes maximum-paths Use to control the maximum number of parallel routes that OSPF can support. The maximum number of routes can be in the range 1–16. The default for OSPF is 4 paths. To enable equal-cost multipath (ECMP) for OSPF, you need to specify a value for maximum paths greater than 1.
Page 310 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to disable the transmission of routing updates on the interface, meaning that OSPFv2 or OSPFv3 routing information is neither sent by nor received through the interface. The specified interface appears as a stub network in the OSPF domain. By default, OSPF is enabled on a configured OSPF interface.
Page 311: Methods For Calculating Ospf Interface Cost
Chapter 5: Configuring OSPF host1(config)#route-map dist1 permit 5 host1(config-route-map)#match community boston42 host1(config-route-map)#set distance 33 host1(config-route-map)#exit host1(config)#router ospf 100 host1(config-router)#table-map dist1 host1(config-router)#exit host1(config)#exit host1#clear ip routes * Use the no version to halt application of the route map. See table-map timers spf Use to configure the time between two consecutive SPF calculations.
Page 312: Default Metrics
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Table 12: Methods and Precedence for Calculating OSPF Interface Cost (continued) Cost Calculation Method Precedence Issuing auto-cost Takes the lowest precedence. The router uses the reference-bandwidth command reference bandwidth configured on the OSPF interface for cost calculation.
Page 313 Chapter 5: Configuring OSPF Exit Interface Configuration mode. Enter Global Configuration mode. host1(config-subif)#exit Configure an OSPF routing process, and enter Router Configuration mode. host1(config)#router ospf 5 Specify an OSPF neighbor, and optionally assign a priority number or poll interval to the neighbor. host1(config-router)#neighbor 10.12.14.1 priority 5 poll-interval 180 Repeat Step 4 for each neighbor in the OSPF network.
Page 314: Traffic Engineering
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide host1(config-router)#neighbor 10.12.11.5 priority 100 Use the no version to remove the neighbor or restore the default values 0 and 120. See neighbor Traffic Engineering Traffic engineering enables more effective use of network resources by providing for the setup of explicitly routed Multiprotocol Label Switching (MPLS) label-switched paths (LSPs) that satisfy resource and administrative constraints.
Page 315: Using Ospf Routes For Multicast Rpf Checks
Chapter 5: Configuring OSPF Use to enable SPF calculations to consider the IGP (OSPF) best paths as well as the MPLS tunnel for forwarding traffic to the MPLS endpoint. By default, the MPLS tunnel is always selected for traffic to the tunnel endpoint; IGP paths are not considered.
Page 316: Ospf And Bgp/Mpls Vpns
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to specify whether OSPF routes are available only for unicast forwarding, only for multicast RPF checks, or for both. Use the show ip route or show ipv6 route command to view the routes available for unicast forwarding.
Page 317 Chapter 5: Configuring OSPF route to reach the remote neighbor. A best route to the neighbor must exist in the IP routing table. You must explicitly configure a remote neighbor on an OSPF router. You must specify the remote neighbor with which the router forms an adjacency and the source IP address the router uses for OSPF packets destined to its peer remote neighbor.
Page 318 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide host1(config-router-rn)#authentication-none There is no no version. See authentication-none cost Use to specify a cost metric for the OSPF remote-neighbor interface; the metric is used in the calculation of the SPF routing table. The default value is 10 if there is no route to the remote neighbor;...
Page 319 Chapter 5: Configuring OSPF Example host1(config-router-rn)#message-digest-key 42 md5 0 sal29ute Use the no version to delete the MD5 key. See message-digest-key md5 remote-neighbor Use to configure an OSPF remote neighbor. Use the update-source command to configure source IP address for packets sent to the remote neighbor.
Page 320: Remote Neighbors And Sham Links
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to configure a hop count by setting the value of the time-to-live field used by packets sent to an OSPF remote neighbor. Specify a value in the range 1–255 seconds; the default value is 1 second. Example host1(config-router-rn)#ttl 35 Use the no version to restore the default value, 1 second.
Page 321 Chapter 5: Configuring OSPF router does not become fully adjacent with the helper router before the grace period expires, the helper abandons the helper role and determines its adjacency with the restarting router to be down. Also, based on your configuration, the helper can abandon a restart if it detects a topology change before the restart is complete.
Page 322 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to specify conditions under which the OSPFv2 or OSPFv3 router abandons its role as an OSPF graceful restart helper router. Use the any keyword to abandon the helper role when any LSA changes during the restart.
Page 323: Disabling And Reenabling Incremental Spf
Chapter 5: Configuring OSPF Disabling and Reenabling Incremental SPF By default, when changes occur to a type 5 or type 7 LSA, OSPF recalculates new, loop-free routes for only the LSAs that change. When a subset of LSAs in the external link-state database change, a full recalculation is not necessary.
Page 324: Neighbor Uptime Tracking
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to specify traps for OSPF. Example host1(config-router-rn)#traps all Use the no version to delete the specified trap, group of traps, or all traps. See traps Neighbor Uptime Tracking You can use the history keyword with the show ip ospf neighbors command to display a history of up to 10 events for all OSPF neighbors or a specific OSPF neighbor.
Page 325 Chapter 5: Configuring OSPF Adjacencies Designated router General events Link-state advertisements Neighbors Packets received Packets sent Route events SPF events debug ip ospf debug ipv6 ospf Use to display information about selected OSPF events. This command has many keywords so you can specify a variety of OSPF events. You can set the level of severity for the events you want displayed: 0–7.
Page 326: Show Commands
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to cancel the display of information about a selected event. The same OSPF variables can be designated as in the debug ip ospf or debug ipv6 ospf commands. Example 1 host1#undebug ip ospf adj Example 2 host1#undebug ipv6 ospf lsa There is no no version.
Page 327 Chapter 5: Configuring OSPF Graceful Restart Capability On or off Time limit to complete graceful restart Amount of time (in seconds) during which the router can reacquire OSPF neighbors that were fully operational prior to the restart Time limit to flush grace LSAs Amount of time (in seconds) during which the router can remove grace LSAs over all interfaces Graceful Restart Helper Capability On or off Graceful Restart Help:...
Page 328 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Maximum path splits 4 Number of active areas in this router is 0 0 normal, 0 stub, 0 NSSA. Example 2 host1#show ip ospf Routing Process OSPF 4 with Router ID, 10.0.0.1, Domain ID 0.0.0 OSPF administrative state is enabled OSPF operational state is enabled Incremental External SPF is ON...
Page 329 Chapter 5: Configuring OSPF Number of active areas in this router is 4 normal, 1 stub, 2 NSSA. Example 3 host1#show ipv6 ospf Routing Process OSPFv3 1 with Router ID 10.1.1.1 OSPFv3 administrative state is enabled OSPFv3 operational state is enabled Incremental External SPF is OFF Graceful Restart capability is OFF Graceful Restart helper capability is OFF...
Page 330 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide host1#show ipv6 ospf border-routers OSPF Area Border Routers Destination NEXT_HOP Interface RouteType Area 10.0.0.10 FE80::3 ATM4/1.39 INTRA 0.0.0.0 10.0.0.11 FE80::4 ATM4/0.41 INTRA 0.0.0.0 10.0.0.11 FE80::5 ATM4/1.48 INTRA 100.0.0.1 OSPF Autonomous System Border Routers Destination NEXT_HOP Interface...
Page 331 Chapter 5: Configuring OSPF Seq# Link-state sequence number (detects old or duplicate LSAs) Checksum Fletcher checksum of the complete contents of the LSA Area Area for which data is displayed Router Number of router LSAs Network Number of network LSAs Intra-Prefix Number of intra-prefix LSAs Inter-Prefix Number of inter-prefix LSAs Inter-Router Number of inter-outer LSAs...
Page 332 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Referenced LSA Type Router LSA or network LSA with which the IPv6 address prefixes should be associated Referenced LSA Advertising Router Router LSA or network LSA with which the IPv6 address prefixes should be associated Referenced LSA ID Router LSA or network LSA with which the IPv6 address prefixes should be associated asbr Address of the AS boundary router...
Page 333 Chapter 5: Configuring OSPF AS External Link States Link ID ADV Router Age Seq# Checksum 8.8.8.0 5.5.0.250 502 0x8000005f 0x2d67 Router Link States (Area 0.0.0.1) Link ID ADV Router Age Seq# Checksum 5.5.0.250 5.5.0.250 498 0x80000067 0xdec1 192.168.1.13 192.168.1.13 505 0x800000a5 0x3b32 Network Link States (Area 0.0.0.1) Link ID ADV Router...
Page 334 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide V3 Router Link States (Area 0.0.0.1) Link ID ADV Router Seq# Checksum 0.0.0.0 1.1.1.1 0x80000003 0xf7a4 0.0.0.0 2.2.2.2 0x80000003 0x7825 V3 Inter-Area Net Link States (Area 0.0.0.1) Link ID ADV Router Seq# Checksum 0.0.0.2 2.2.2.2...
Page 335 Chapter 5: Configuring OSPF Local Interface ID : 0x32000006 Metric 1 LS age: 432 Options: ( V6-Bit , R-Bit , ExternalRoutingCapability, No Nssa-LSA) LS Type: Router Links Link State ID: 0.0.0.0 Advertising Router: 2.2.2.2 LS Seq Number: 0x80000002 Checksum: 0x8519 Length: 40 Link connected to: a Point To Point Network Neighboring...
Page 336 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Link Local Address fe80::90:1a00:300:670 Prefixes 1:1:1:1000:: / 60 options 0 metric 0 Example 7 OSPFv3 LSA output (intra-area-prefix) host1#show ipv6 ospf database intra-area-prefix V3 Intra Area Prefix Link States (Area 0.0.0.0) LS age: 162 LS Type: Intra Area Prefix Links Link State ID: 0.0.0.1 Advertising Router: 1.1.1.1...
Page 337 Chapter 5: Configuring OSPF Link State ID: 0x00000002 Advertising Router: 2.2.2.2 LS Seq Number: 0x80000001 Checksum: 0x8409 Length: 44 TLVs Type: 1(Restart duration), length: 4, Value: 150 Type: 2(Restart Reason), length: 1, Value: 2(Software Reload) Type: 3(Unknown), length: 4, Value: 33686018 See show ip ospf database See show ipv6 ospf database show ip ospf database link-local...
Page 338 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Grace Period 90 seconds Restart Reason : Unplanned Restart See show ip ospf database show ip ospf database opaque-area Use to display lists of information about the TE opaque LSAs. The TE router address LSA describes a stable IP address on the originating router that can be used for TE purposes such as setting up TE LSPs to this address.
Page 339 Chapter 5: Configuring OSPF Max Unreserved BW Amount of bandwidth not yet reserved at each of the eight priority levels; each value is less than or equal to the maximum reservable bandwidth Color Bitmask that specifies the administrative group membership for this link;...
Page 340 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to display a list of OSPFv2 or OSPFv3 interfaces. Use the optional areaId or areaIdInt values to specify an OSPF area ID in either IP or decimal format. Field descriptions Interface value (fastEthernet) Status of the physical link and the operational status of the protocol Internet Address Interface IP address Area Area identifier: IP address...
Page 341 Chapter 5: Configuring OSPF Example 2 host1#show ipv6 ospf interface ATM4/0.12 is up, OSPFv3 line protocol is up Area 0.0.0.0, Intf ID: 0x320004, Instance ID: 0 Link Local Address: fe80::90:1a00:100:80 Interface is active Network type POINT-TO-POINT Interface State POINT-TO-POINT Cost: 1, Priority 1 No designated router on this network No backup designated router on this network Timer intervals configured:...
Page 342 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Ospf heap total bytes allocated Total number of bytes allocated from the OSPF heap Neighbor allocation failures Number of neighbor allocation failures LSA allocation failures Number of LSA allocation failures LSA HDR allocation failures Number of LSA header allocation failures DB Request allocation failures Number of database request allocation failures RTX allocation failures Number of neighbor retransmission allocation...
Page 343 Chapter 5: Configuring OSPF Ospf heap total bytes allocated: 1000 Internal OSPF Statistics, allocation failures: Neighbor allocation failures: LSA allocation failures: LSA HDR allocation failures: DB Request allocation failures: RTX allocation failures: LS Ack allocation failures: DD pkt allocation failures: OSPF interface allocation failures: OSPF general packet allocation failures: 0 See show ip ospf internal-statistics...
Page 344 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Cause Cause of transition event Time Time stamp for the event in day month date HH : MM : SS format Example 1 host1# show ip ospf neighbors Neighbor ID State Dead Time Address Interface 10.0.8.1...
Page 345 Chapter 5: Configuring OSPF Priority Priority value for this interface Designated router Designated router on this network, if any Backup designated router Backup designated router on this network, if any Hello Hello timer value, in seconds Dead Dead interval timer value, in seconds Wait Wait interval timer value, in seconds Retransmit Retransmit interval timer value, in seconds Neighbor Count Number of neighbors to this interface...
Page 346 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide LSA Router Id Whenever a full SPF calculation is triggered by a new LSA, the router ID is stored in the router Triggers List of reasons that triggered a full SPF calculation Example host1#show ip ospf spf-log Intra SPF log...
Page 347 Chapter 5: Configuring OSPF Use to display OSPFv3 packet statistics. Use the delta keyword to display statistics relative to the current baseline. Field descriptions Rcvd total Total number of packets received checksum errors Total number of packets received that contained checksum errors hello Total number of hello packets received database desc Total number of database description packets received...
Page 348 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Virtual link to router OSPF neighbor and the current state of the virtual link Transmit Delay Time (in seconds) between transmissions from the specified interface Timer intervals Timer intervals (in seconds) configured for the link: Hello, Dead, and Retransmit Example host1#show ip ospf virtual-links...
Page 349: Configuring Is-Is
Chapter 6 Configuring IS-IS This chapter describes how to configure Intermediate System–to–Intermediate System (IS-IS) routing on your E Series router; it contains the following sections: Overview on page 325 Platform Considerations on page 339 References on page 339 Features on page 340 Before You Run IS-IS on page 341 Configuration Tasks on page 341 Enabling IS-IS for IP Routing on page 341...
Page 350: Is-Is Terms
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide hierarchical routing design is used. With this model, routing is referred to as level 1, level 2, or both level 1 and level 2. IS-IS Terms OSI internetworking has its own terminology. A number of terms used in IS-IS routing discussions are defined in Table 13 on page 326.
Page 351: Figure 18: Overview Of Is-Is Topology
Chapter 6: Configuring IS-IS Table 13: IS-IS Terms (continued) Term Meaning network entity title (NET) ISO network addresses used by CLNS networks; an identifier of a network entity in an end system or intermediate system. A NET consists of an area address (routing domain), system identifier, and selector.
Page 352: Iso Network Layer Addresses
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide ISO Network Layer Addresses ISO network layer addresses are flexible enough to make routing feasible in a worldwide Internet. Network layer addresses in ISO and IP are hierarchical and clearly identify level 1 and level 2 areas. These addresses can be up to 20 octets long; any packet that contains an address has one additional octet to specify the length of the address.
Page 353: Authentication
Chapter 6: Configuring IS-IS requires all the tables to be updated. Consequently, the static tables are likely to become rapidly outdated. The router supports dynamic resolution of hostnames to system identifiers. You can use the clns host command to map the hostname to the NSAP address, and therefore to the system ID.
Page 354: Hmac Md5 Authentication
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide NOTE: The router supports simple authentication for compatibility with existing IS-IS implementations. However, we recommend that you do not use the simple authentication method because it is insecure (the text can be “sniffed” ). HMAC MD5 Authentication When you enable IS-IS HMAC MD5 authentication (also referred to as MD5 authentication), the router creates secure digests of the packets, encrypted according...
Page 355: Specifying Md5 Start And Stop Timing
Chapter 6: Configuring IS-IS router SanDiego reject packets from router SanJose because those packets do not include a message digest. Figure 19: Packet Flow Between Routers With and Without Authentication Set Specifying MD5 Start and Stop Timing With each of the MD5 commands, you can specify when the router will start and stop accepting packets that include a digest made with this key.
Page 356: Halting Md5 Authentication
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Example The following commands configure both key 1 and key 2 to be accepted between 08:00:00 and 23:00:00. When the current time reaches 09:00:00, the router begins using key 1 to transmit packets. When the current time reaches 10:00:00, the router begins using key 2 to transmit packets;...
Page 357: Extensions For Traffic Engineering
Chapter 6: Configuring IS-IS The area-authentication { csnp | psnp } command enables or disables simple authentication or HMAC MD5 authentication of IS-IS level 1 CSNP packets or PSNP packets. By default, authentication of CSNPs and PSNPs is disabled. The domain-authentication { csnp | psnp } command enables or disables simple authentication or HMAC MD5 authentication of IS-IS level 2 CSNP packets or PSNP packets.
Page 358: Integrated Is-Is
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Integrated IS-IS The E Series router supports the Integrated IS-IS version of IS-IS. Integrated IS-IS provides a single routing algorithm to route both TCP/IP and OSI Connectionless Network Protocol (CLNP) packets. This design adds IP-specific information to the OSI IS-IS routing protocol.
Page 359: Route Tag Structure
Chapter 6: Configuring IS-IS Route Tag Structure On E Series routers, an IS-IS route tag is a 32-bit (4-octet) nonzero number that is stored as sub-TLV 1 inside the extended IP reachability TLV (type 135). TLV type 135, in turn, is part of an IS-IS LSP. The route tag is therefore advertised when LSPs are transmitted in an IS-IS network.
Page 360: Using Route Tags
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Table 14: Configuration Tasks for Setting IS-IS Route Tags (continued) To Learn About Using This Command Setting a route tag for an IS-IS “summary-address” on “Summarizing Routes” on summary address page 368 page 368 Using Route Tags You can set only a single route tag per IS-IS route.
Page 361: Graceful Restart
Chapter 6: Configuring IS-IS Although the router accepts IS-IS routes with multiple route tags and propagates these routes in LSPs, it uses only the first route tag assigned to a route to determine routing policy. 64-bit (8-octet) route tags Although the router accepts IS-IS routes with 64-bit route tags and propagates these routes in LSPs, it does not use 64-bit route tags to determine routing policy.
Page 362: How Graceful Restart Works
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide minimizes these effects by providing a mechanism by which a restarting router can do the following: Notify neighboring IS-IS routers that it is restarting and request help resynchronizing its LSP database. Neighbors with active adjacencies to the restarting router can thereby reestablish these adjacencies without having to reset them.
Page 363: Is-Is For Ipv6
Chapter 6: Configuring IS-IS For details about configuring graceful restart, see “Configuring Graceful Restart” on page 379 . IS-IS for IPv6 E Series routers support IPv6 routing for IS-IS. The IPv6 Reachability TLV propagates reachability information by flooding and is used in SPF calculations. The IPv6 Interface TLV is used for next hop calculation and is exchanged by means of IS-IS hello packets.
Page 364: Features
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide ISO International Standard 9542:1988 (E) Information processing systems – Telecommunications and information exchange between systems – End System-to-Intermediate System Routing Exchange Protocol for use in conjunction with the protocol for providing the connectionless-mode network service (ISO 8473) ISO/IEC 10589:1992 Information technology –...
Page 365: Before You Run Is-Is
Chapter 6: Configuring IS-IS Dynamic resolution of hostnames to system IDs Mesh groups Configurable LSP transmit and throttle intervals Route redistribution policies based on access lists between IS-IS levels Three-way handshake for point-to-point adjacencies Simple text and HMAC MD5 authentication Support for bigger metric TLVs Domain-wide prefix distribution Traffic engineering for MPLS...
Page 366 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide The router is now in Router Configuration mode. Configure a Network Entity Title (NET) for the routing process that specifies the ISO network address. host1(config-router)#net 47.0010.0000.0000.0000.0001.0001.1111.1111.1111.00 Enter Interface Configuration mode, and specify the interface that you want to actively route IS-IS.
Page 367: Summary Example
Chapter 6: Configuring IS-IS When you use IS-IS to do IP routing only, a NET must be configured to instruct the router about its system ID and area ID. Example The following commands configure a router with the area ID 47.0005.80ff.f800.0000.0001.0001 and the system ID 0000.0c11.1111.
Page 368 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Configure an IP address on the router to serve as the router ID. host1(config)#interface loopback0 host1(config-if)#ip address 10.6.5.4/32 Configure the lower-layer interfaces over which the IPv6 traffic flows. host1(config-if)#interface fastEthernet 1/0 Configure an IPv6 address on the interface. host1(config-if)#ipv6 address 2008::1/48 Specify the IS-IS IPv6 process to apply to the interface.
Page 369: Summary Example
Chapter 6: Configuring IS-IS address-family Use to configure IS-IS to exchange IPv6 addresses by creating the IPv6 address family. Use the unicast keyword to exchange unicast addresses. Use the multicast keyword to exchange multicast addresses. Use the unicast and multicast keywords together, or omit both of them to exchange both unicast and multicast addresses.
Page 370: Configuring Is-Is Interface-Specific Parameters
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide host1(config-if)#interface fastEthernet 1/0 host1(config-if)#ipv6 address 2008::1/48 host1(config-if)#ipv6 router isis floor12 host1(config)#router isis floor12 host1(config-router)#net 47.0010.0000.0000.0000.0001.0001.1111.1111.1111.00 host1(config-router)#address-family ipv6 unicast host1(config-router-af)#redistribute ospf level-1-2 host1(config-router-af)#redistribute isis level-2 into level-1 host1(config-router-af)#distribute-domain-wide host1(config-router-af)#summary-prefix 2001:2000::0/8 level-1 metric 10 tag 100 host1(config-router-af)#table-map ospfFilter Configuring IS-IS Interface-Specific Parameters You can change IS-IS interface–specific parameters;...
Page 371: Configuring Link-State Metrics
Chapter 6: Configuring IS-IS Example host1(config-if)#isis message-digest-key 3 hmac-md5 wdi6c3s39n level-2 For point-to-point interfaces, configure keys only for level 1, because only one hello packet is sent (at level 1), not one at level 1 and one at level 2. Keys configured at level 2 are ignored for point-to-point interfaces.
Page 372: Setting The Csnp Interval
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide For example, if you set the IS-IS reference bandwidth to 50,000,000, the default metric for a 10-Mbps interface is calculated as 5. Interfaces with lower bandwidths have higher default metrics than this interface. Similarly, links with higher bandwidths have lower default metrics than this interface.
Page 373 Chapter 6: Configuring IS-IS Use the isis hello-interval command to set the length of time (in seconds) between hello packets sent on a specific interface. Configure independently for level 1 and level 2, except on point-to-point interfaces because only a single type of hello packet is sent on serial links.
Page 374: Padding Is-Is Hello Packets
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide See isis hello-interval See isis hello-multiplier Padding IS-IS Hello Packets You can use the isis hello padding command to configure IS-IS hello packet padding. Padding the hello packets promotes early error detection due to transmission problems with large frames or due to mismatched MTUs on adjacent interfaces.
Page 375: Setting The Designated Router Priority
Chapter 6: Configuring IS-IS isis retransmit-interval Use to configure the number of seconds between the retransmission of IS-IS LSPs with the same LSP ID for point-to-point links. You can select an interval in the range 1–65535 seconds. The default value is 5 seconds. Specify a number greater than the expected round-trip delay between any two routers on your network.
Page 376: Configuring Passive Interfaces
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide isis priority Use to set the priority of use for your designated router. You can configure an individual priority for level 1 and level 2 by choosing a priority level in the range 0–127. The default priority level is 64.
Page 377: Configuring Adjacency
Chapter 6: Configuring IS-IS You can also accomplish the equivalent of the passive-interface command by using the redistribute command to redistribute a connected route to level 1. Example 1 Configures loopback 0 as a passive interface and enable IS-IS on subinterfaces ATM 2/0.1 and ATM 2/1.1.
Page 378: Configuring Route Tags For Is-Is Interfaces
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to specify adjacency levels on a specified interface; however, normally, you do not need to use this command. Configure a router as a level 1-only, a level 1–level 2 system, or a level 2-only system.
Page 379: Configuring Point-To-Point-Over-Lan Circuits
Chapter 6: Configuring IS-IS host1(config-subif)#ip router isis engineering (Optional) Access Privileged Exec mode, and verify the route tag assignment. host1(config-subif)#exit host1(config)#exit host1#show isis database detail isis tag Use to set a route tag for the IP addresses on an IS-IS interface before the route is propagated to other routers in an IS-IS domain.
Page 380: Summary Example
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide on the circuit. This configuration is known as a point-to-point-over-LAN or P2P circuit. This interface configuration tears down the current LAN adjacency that IS-IS has over this interface. IS-IS then reestablishes the adjacency as a point-to-point connection and regenerates the LSPs.
Page 381: Configuring Global Is-Is Parameters
Chapter 6: Configuring IS-IS host1(config-if)#interface atm 8/0 host1(config-if)#isis tag 55 host1(config-if)#isis metric 20 level-2 host1(config-if)#isis csnp-interval 30 level-1 host1(config-if)#isis hello-interval 6 level-1 host1(config-if)#isis hello-multiplier 10 level-1 host1(config-if)#isis lsp-interval 100 host1(config-if)#isis retransmit-interval 60 host1(config-if)#isis retransmit-throttle-interval 300 host1(config-if)#isis priority 80 level-1 host1(config-if)#isis circuit-type level-2-only host1(config-intf)#no isis network point-to-point Configuring Global IS-IS Parameters This section describes the commands you can use to globally configure optional IS-IS...
Page 382: Configuring Authentication Of Csnps And Psnps
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide You can specify whether the key is entered in unencrypted or encrypted format. If you do not specify which, the string is assumed to be unencrypted. Example host1(config-router)#area-message-digest-key 1 hmac-md5 kd4s8hnEK Use the no version to delete the MD5 key specified by the key ID. See area-message-digest-key domain-authentication-key Use to specify a password used by neighboring routers for authentication of IS-IS...
Page 383: Configuring Redistribution
Chapter 6: Configuring IS-IS Use to enable or disable (suppress) simple authentication or HMAC MD5 authentication of IS-IS level 1 CSNP packets or PSNP packets. When authentication is enabled, it uses either the simple text password specified by the area-authentication-key command, or the HMAC MD5 key specified by the area-message-digest-key command.
Page 384 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide IS-IS. Make sure the route map you specify includes the set tag command that defines a tag value for the routes destined for IS-IS. For details about configuring and using route maps, see JUNOSe IP Services Configuration Guide . To redistribute IPv6 routes, issue the redistribute command from within the IS-IS IPv6 address family.
Page 385 Chapter 6: Configuring IS-IS Metric: 30 IP 10.20.21.0 255.255.255.0 Metric: 30 IP 10.20.20.0 255.255.255.0 Use the no version of the access-list command to remove the access list or the specified entry in the access list. Use the no version of the route-map command to remove an entry. See access-list See route-map clear ip isis redistribution...
Page 386: Redistributing Routes Between Levels
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Optionally, you can specify a route map and use it to set a route tag for routes redistributed to IS-IS. Example 1 Redistributing static IP routes with a route map host1(config-router)#redistribute static ip route-map 10 Example 2 Redistributing IPv6 routes from OSPF into IS-IS level 1 and level 2 host1(config-router-af)#redistribute ospf level-1-2 Use the no version to disable redistribution.
Page 387 Chapter 6: Configuring IS-IS You can configure IS-IS to redistribute routes between the routing levels; this is sometimes known as route leaking between levels. The redistribute isis ip command enables you to specify a route filter (an access list) and the direction of leakage, as shown in the following example: host1(config)#access-list leakList permit ip 100.0.0.0 0.255.255.255 any host1(config)#router isis 1...
Page 388: Controlling Granularity Of Routing Information
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use the no version to stop redistribution of IP routes between the specified levels. See redistribute isis ip Controlling Granularity of Routing Information You can force the distribution of level 2 routing information to level 1 routers in other areas to improve the quality of the resulting routes, but at the cost of reduced scalability.
Page 389: Configuring Metric Type
Chapter 6: Configuring IS-IS You can use the following commands to verify configuration of the global default metric: show configuration show clns interface show clns protocol show isis database detail metric Use to apply the same default metric value to all active IS-IS interfaces. The command affects both IPv4 and IPv6 interfaces.
Page 390: Setting The Administrative Distance
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to specify that the router generates and accepts both old-style and new-style TLV tuples. Old style refers to TLVs having metrics with a narrow (six-bit) field with a value in the range 0–63. New style refers to TLVs having metrics with a wider field, as provided for in current extensions to IS-IS traffic engineering.
Page 391: Configuring Default Routes
Chapter 6: Configuring IS-IS Select a value in the range 1–255. A value of 255 means discard the route. Example host1(config-router)#distance ip 50 Use the no version to restore the default value, 115. See distance ip Configuring Default Routes You can specify a default route within IS-IS routing domains. You can also suppress the installation of a default route to level 1-2 routers by level 1 routers.
Page 392: Setting Router Type
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use to prevent level 1 routers from automatically installing a default route to a level 1-2 router in order to reach destinations outside the area. Suppresses the level 1-2 router from indicating to level 1 routers that it can reach other areas.
Page 393: Avoiding Transient Black Holes
Chapter 6: Configuring IS-IS Use to create aggregate addresses of routes that are redistributed from other protocols in the routing table or distributed between level 1 and level 2 by a summary address. This process is called route summarization. A single summary address includes groups of addresses for a given level. Use the summary-address command for IP routes.
Page 394: Waiting For Bgp Convergence
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide bit in the LSP header, and transmits the LSP with the current neighbor information. By sending the updated LSP with the overload bit set immediately after forming the first adjacency, IS-IS reduces the convergence time across the network. If IS-IS waits for all adjacencies to be up before it sends the updated LSP with the overload bit set, the other routers in the domain still have the transit router's old LSP and continue to forward transit traffic to the transit router until all adjacencies are...
Page 395: Suppression For Is-Is Graceful Restart
Chapter 6: Configuring IS-IS –> 4 –> B. Because transit router 3 already had synchronized its BGP routing tables, traffic forwarding continues without delay. When transit router 2 reloads, it establishes adjacencies with routers 1 and 4, and sends out its LSP advertising its neighbors. While router 2 begins to synchronize its BGP routes, the network reconverges to the original path of A –>...
Page 396: Ignoring Lsp Errors
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide To prevent real traffic from flowing through a router to an IS-IS network, such as might be the case for a test router connected to a production network. Use the on-startup keyword to set the overload bit when the router reboots and to specify a period in seconds that IS-IS waits after the reboot before it clears the overload bit.
Page 397: Logging Adjacency State Changes
Chapter 6: Configuring IS-IS Example host1(config-router)#ignore-lsp-errors Use the no version to disable the function. See ignore-lsp-errors Logging Adjacency State Changes You can configure the router to log messages that track when adjacencies change state between up and down. log-adjacency-changes Use to generate log messages that track IS-IS adjacency state changes (up or down).
Page 398 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide seconds. Because the generation of an LSP may cause all routers in the area to perform the SPF calculation, controlling this interval can have an areawide effect. When you raise this interval, you reduce the load on the network imposed by a rapidly changing link.
Page 399: Specifying The Spf Interval
Chapter 6: Configuring IS-IS Increasing the interval reduces the link utilization caused by the flooding of refreshed packets. Example host1(config-router)#lsp-refresh-interval 1000 Use the no version to restore the default value, 900 seconds. See lsp-refresh-interval max-lsp-lifetime Use to set the maximum time that LSPs persist without being refreshed. You can select a maximum time in the range 1–65535 seconds.
Page 400: Defining The Spf Route Calculation Level
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide and so on. When the maximum configured interval is reached, the interval reverts back to immediate response mode for the next triggering event. If no calculation-triggering network events have occurred by the end of any given back-off interval, the router reverts back to immediate response mode.
Page 401: Setting Clns Parameters
Chapter 6: Configuring IS-IS Setting CLNS Parameters You can specify transmission rates for ES and IS hello packets, the period for which the router considers ES and IS hello packets to be valid, and name-to-network service access point mappings. clns configuration-time Use to specify the rate (in seconds) at which ES hello and IS hello packets are sent.
Page 402: Setting The Maximum Parallel Routes
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Enables dynamic resolution of hostnames to system IDs (within the NSAP address). The hostname mapping is sent in the LSPs within the Dynamic Hostname type-length-value (TLV type 137). Display the TLV by issuing the show isis database detail command.
Page 403: Configuring Table Maps
Chapter 6: Configuring IS-IS Configuring Table Maps You can use the table-map command to apply a specified route map as a policy filter on an IS-IS route before the route is installed in the routing table. The route map you apply must contain one or more set commands to modify route attributes. table-map Use to apply a policy to modify distance, level, metric, metric type, origin, preference, route type, or tag values of IS-IS routes about to be added to the IP...
Page 404 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Specify a previously configured IS-IS routing process to access Router Configuration mode. (For information about enabling IS-IS on the router, see “Enabling IS-IS for IP Routing” on page 341.) host1(config)#router isis engineering host1(config-router)# Enable the IS-IS graceful restart mechanism for the router.
Page 405 Chapter 6: Configuring IS-IS For more information about monitoring graceful restart, see “show isis nsf” on page 397 command description in “Monitoring IS-IS Parameters” on page 388 and the “show clns neighbors” on page 408 command description in “Displaying CLNS” on page 400. nsf ietf Use to enable the IS-IS graceful restart mechanism on the router.
Page 406 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Use the no version to restore the default time interval, 5 seconds, or the default number of retry attempts, 1. See nsf t1 nsf t2 Use to specify the maximum amount of time, in seconds, that a restarting router waits for the LSP database to synchronize.
Page 407: Summary Example
Chapter 6: Configuring IS-IS Summary Example host1(config)#router isis floor12 host1(config-router)#net 47.0010.0000.0000.0000.0001.0001.1111.1111.1111.00 host1(config-router)#exit host1(config)#interface atm 0/1 host1(config-if)#ip router isis floor12 tag 24 host1(config-if)#isis mesh-group blocked host1(config-if)#exit host1(config)#interface atm 1/0 host1(config-if)#ip router isis floor12 host1(config-router)#distribute-domain-wide host1(config-router)#distance 100 ip host1(config-router)#default-information originate route-map 9 host1(config-router)#is-type level-1-2 host1(config-router)#summary-address 10.2.0.82 255.255.0.0 level-1-2 tag 90 host1(config-router)#set-overload-bit on-startup wait-for-bgp 450...
Page 408 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Several show commands enable monitoring of MPLS information. See “Monitoring IS-IS” on page 387 for more information. MPLS traffic engineering requires that IS-IS generate the new-style TLVs that enable wider metrics. Use the metric-style wide command to generate the new-style TLVs. If you are using some IS-IS routers that still do not understand the new-style TLVs, use the metric-style transition command.
Page 409: Using Is-Is Routes For Multicast Rpf Checks
Chapter 6: Configuring IS-IS Using IS-IS Routes for Multicast RPF Checks You can use the ip route-type command to specify whether IS-IS routes are available for only unicast forwarding protocols or only multicast reverse-path forwarding (RPF) checks. Routes available for unicast forwarding appear in the unicast view of the routing table, whereas routes available for multicast RPF checks appear in the multicast view of the routing table.
Page 410: Disabling The Is-Is Protocol
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide NOTE: Before the router can use the isis bfd-liveness-detection command, you must specify a BFD license key. To view an already configured license, use the show license bfd command. For general information about configuring and monitoring the BFD protocol, see JUNOSe IP Services Configuration Guide.
Page 411: Monitoring Is-Is
Chapter 6: Configuring IS-IS IS-IS routing after you issue the protocol shutdown command, you can continue to configure IS-IS. Issuing the protocol shutdown command: Clears the LSP database Removes all IS-IS routes in the routing information database (RIB) Deletes all adjacencies with the IS-IS instance NOTE: Rebooting the router does not affect the state of the IS-IS protocol.
Page 412: Monitoring Is-Is Parameters
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide isisNsfEvents IS-IS nonstop forwarding events during warm starts isisProtocolErr IS-IS protocol errors isisSnpPackets IS-IS complete sequence numbers PDU (CSNP) and partial sequence numbers PDU (PSNP) packets isisSpfEvents IS-IS Shortest Path First (SPF) isisSpfStatistics IS-IS SPF timing and statistic data isisSpfTriggers IS-IS SPF triggering isisUpdate Packets IS-IS LSP packets sent or received...
Page 413 Chapter 6: Configuring IS-IS debug isis Use to obtain debug-related information about certain parameters. This command manipulates the same log as the Global Configuration log commands. You can select from these parameters: adj-packets IS-IS adjacency-related packets mpls traffic-eng advertisements MPLS traffic-engineering agent advertisements mpls traffic-eng agents MPLS traffic-engineering agents snp-packets IS-IS CSNP/PSNP packets...
Page 414 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Example host1:abc#show hosts Static Host Table ----------------- name ip address type username password ---- ---------- ---- --------- -------- 10.10.0.73 anonymous null Clns Host Alias Table --------------------- name area address system ID type ----- -------------------------------- ----------------- ------ fred 47.0005.80FF.F800.0000.0001.0001 0000.0000.0011.00 static...
Page 415 Chapter 6: Configuring IS-IS Area Address Area addresses that can be reached from the router NLPID ISO network layer protocol identifier IP Address IP address of the interface Hostname Hostname of the router Router ID ID configured on the router Metric Metric that indicates either of the following costs: Cost of adjacency between the originating router and the advertised...
Page 416 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Area Address: 47.0005.80FF.F800.0000.0000.0004 NLPID: 0x81 0xcc IP Address: 10.1.1.1 Hostname: boston Router ID: 10.1.1.1 Metric: 10 IS newyork.00 IPv4 Interface Address: 10.1.1.1 IPv4 Neighbor Address: 10.1.1.2 Metric: 10 IS washington.00 IPv4 Interface Address: 10.1.3.1 IPv4 Neighbor Address: 10.1.3.3...
Page 417 Chapter 6: Configuring IS-IS Administrative group: IPv4 Interface Address: 221.1.4.1 IPv4 Neighbor Address: 221.1.4.4 Maximum link bandwidth: Reservable link bandwidth: Unreserved bandwidth: Priority 0: Priority 1: Priority 2: Priority 3: Priority 4: Priority 5: Priority 6: Priority 7: TE default metric: Metric: 10 IP 221.1.1.0/24 Metric: 10 IP 221.1.6.0/24 Metric: 10 IP 221.1.4.0/24...
Page 418 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL host1:1.00-00 0x00000005 0x0E39 0/0/0 Area Address: 49.0001 NLPID: 0x81 0xcc IP Address: 4.4.4.1 Hostname: host1:1 Metric: 0 ES host1:1 Metric: 10 IS host1:2.00 Metric: 10 IS host1:2.00 Metric: 10 IP 4.4.4.0/24 Metric: 10 IP 20.0.0.0/24...
Page 419 Chapter 6: Configuring IS-IS Use to display the last record flooded from MPLS. Field descriptions System ID Name or system ID of the MPLS tail-end (destination) router Router ID Router ID for the router Link Count Number of links that MPLS advertises Neighbor System ID Identifier of the remote system in an area Administrative group TLV administrative group or color assigned to the link...
Page 420 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Priority 0: 50000 Priority 1: 50000 Priority 2: 50000 Priority 3: 50000 Priority 4: 30000 Priority 5: 30000 Priority 6: 30000 Priority 7: 30000 TE default metric: Link[3] Neighbor System ID: paris.00 Administrative group: IPv4 Interface Address: 221.1.4.1...
Page 421 Chapter 6: Configuring IS-IS Use to display information about the configured and operational settings on the router for IS-IS graceful restart, which is also known as nonstop forwarding (NSF). Field descriptions Configured Timer Values Displays the following values configured for IS-IS graceful restart on the router, as described in “Configuring Graceful Restart”...
Page 422 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Restart CSNP Adj Recv Count Number of adjacencies for level 1 routing and level 2 routing that have sent complete sequence number PDUs (CSNPs) to provide information about LSP database synchronization Local LSP Wait Count Number of level 1 and level 2 LSPs for which the restarting router is awaiting complete synchronization Example host1#show isis nsf...
Page 423 Chapter 6: Configuring IS-IS host1#show isis spf-log Level 1 SPF log When Duration First Trigger LSP SpfType Triggers 00:01:45 0.000 0000.0000.0000.00-00 Full LSP Add 00:01:36 0.000 0000.0000.0000.00-00 Full LSP Add 00:01:31 0.000 0000.0101.0101.00-00 Full LSP Add 00:00:08 0.000 0000.0101.0101.00-00 PRC LSP Sequence Update Example 2 host1#show isis spf-log detail...
Page 424: Displaying Clns
JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide host1#show isis summary-addresses Prefix Level Metric State ------------ ------------- ---------- ------ ------- 2008::0/8 LEVEL-2 ENABLED See show isis summary-addresses show isis topology Use to display the paths to all intermediate systems or specific types of intermediate systems.
Page 425 Chapter 6: Configuring IS-IS Information about ES and IS neighbors Protocol-specific information for each routing process Information about CLNS packets Global CLNS configurations You can set a statistics baseline for CLNS using the baseline clns command. baseline clns Use to set a statistics baseline for CLNS. The router implements the baseline by reading and storing the statistics at the time the baseline is set and then subtracting this baseline whenever baseline-relative statistics are retrieved.
Page 426 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide IS-IS: Own LSPs Purged: 1 IS-IS: System ID Length Mismatches: 0 IS-IS: Maximum Area Mismatches: 0 Interface: atm2/1.3 IS-IS: Baseline last set 0 days, 0 hours, 0 minutes, 8 seconds IS-IS: Protocol PDUs (in/out): 2/1 IS-IS: Init Failures: 0 IS-IS: Adjacencies Changes: 0 IS-IS: Adjacencies Rejected: 0...
Page 427 Chapter 6: Configuring IS-IS IS-IS Level-2 Link State Database LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL There is no no version. See clear isis database show clns Use to display global CLNS information about the router. Field descriptions Interfaces Enabled for CLNS Number of interfaces that have the CLNS routing protocol enabled Configuration Timer Interval (in seconds) after which the router sends out...
Page 428 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Stop Accept Date and time that the router stops accepting packets created with this password Stop Generate Date and time that the router stops inserting this password into packets Domain Authentication Displays the following fields if domain authentication is enabled: PSNP/CSNP PDU authentication enabled Indicates whether authentication of level 2 PSNP packets and/or level 1 CSNP packets has...
Page 429 Chapter 6: Configuring IS-IS Priority IS-IS priority that the respective neighbor is advertising. The highest-priority neighbor becomes the designated IS-IS router for the interface. Circuit Id Neighbor’s idea of what the designated IS-IS router is for the interface Add the detail keyword to display area addresses and IP addresses. Example 1 For IS-IS IP configuration host1#show clns Global CLNS Information:...
Page 430 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide host1#show clns is-neighbors detail System Id Interface State Type Priority Circuit Id 0000.0000.7500 atm2/0.111 up L1L2 127 0000.0000.0000.00 Area Address(es): 47.0005.80FF.F800.0000.0001.0001 Ip Address(es): 172.30.245.33 See show clns show clns interface Use to display CLNS-specific information about each interface. Field descriptions interface Status of interface line protocol Status of the line protocol, up or down...
Page 431 Chapter 6: Configuring IS-IS Next IS-IS LAN level Hello Amount of time (in seconds) before the next IS-IS LAN level 1 or level 2 hello message occurs BFD State of BFD for IS-IS, enabled or disabled Mesh Group Status of the mesh group, Active or Inactive LDP-IGP Synchronization Status of synchronization, Achieved or Pending;...
Page 432 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide interface state level DIS(L-1) DIS(L-2) Metric ------------- ----- --------- ------------- -------------- ------ loopback1 level-1-2 Point to Point Point to Point 10/10 ATM3/1.1 level-1-2 Point to Point Point to Point 10/10 FastEthernet1/1 level-1-2 nemo:2.03 nemo:2.03 10/10...
Page 433 Chapter 6: Configuring IS-IS Neighbor Restarting Whether the ES or IS is currently restarting: yes or no BFD session State of any BFD session for this neighbor Example 1 For IS-IS IP configuration host1#show clns neighbors detail System Id SNPA Interface State Holdtime(rem)
Page 434 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide host1:2#show clns protocol IS-IS Router: System Id: 0040.0400.4002.00 IS-Type: level-1-2 Operational State: Up Manual area address(es): 49.0001 Routing for area address(es): 49.0001 Interfaces supported by IS-IS: loopback1 - IP FastEthernet1/1 - IP,IPv6 ATM3/1.1 - IP, IPv6 Distance: 115 Redistributing:...
Page 435 Chapter 6: Configuring IS-IS IS-IS: Level-2 LSPs Sent Rcvd Dropped Number of level 2 LSPs sent, received, and dropped IS-IS: LSP checksum errors received Number of LSP checksum errors received When you specify an interface, reports include the following additional fields: Interface IS-IS interface for which details are displayed IS-IS: Protocol PDUs (in/out) Number of packets in/out on interface IS-IS: Init Failures Number of rejected hellos on interface...
Page 436 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide IS-IS: Level-2 PSNPs (in/out) Number of level 2 PSNPs received and sent on the interface IS-IS: LSP Retransmissions Number of LSPs retransmitted on the interface Example 1 host1#show clns traffic IS-IS: Baseline last set 0 days, 21 hours, 12 minutes, 15 seconds IS-IS: Corrupted LSPs: 0 IS-IS: L1 LSP Database Overloads: 0 IS-IS: L2 LSP Database Overloads: 0...
Page 437 Chapter 6: Configuring IS-IS IS-IS: Maximum Area Mismatches: 0 IS-IS: Area/Domain Authentication Failures: 0 IS-IS: Level-1 LSPs Sent: 1 Rcvd: 6769 Dropped: 6769 IS-IS: Level-2 LSPs Sent: 1 Rcvd: 6769 Dropped: 6769 IS-IS: LSP checksum errors received: 0 Interface: FastEthernet4/0 IS-IS: Baseline last set 5 days, 0 hours, 3 minutes, 31 seconds IS-IS: Protocol PDUs (in/out): 10421/5862 IS-IS: Level-1 Hellos (in/out/dropped): 610046/610456/0...
Page 438 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Monitoring IS-IS...
Page 439: Part 3 Index
Part 3 Index Index on page 417 Index...
Page 440 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Index...
Page 441: Index
Index aggregate addresses IS-IS..............368 OSPF routing............257 ABRs (area border routers), OSPF area border routers. See ABRs, OSPF configuring area range........256 area commands defined...............242 area..............268 access lists, IP area default-cost..........267 monitoring............82 area nssa............267 access-list command area range............256 IS-IS..............359 area stub.............267 OSPF..............278 area IDs (OSPF packets)..........242 address commands, OSPF area virtual-link commands...
Page 442 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide IS-IS MD5 packet timing........331 Classless Interdomain Routing. See CIDR IS-IS MD5 start and stop timing......331 clear arp command............21 IS-IS, halting............332 clear ip commands managing and replacing IS-IS keys......332 clear ip interface...........41 OSPF..............242 clear ip isis redistribution........359 OSPF modes............247 clear ip ospf redistribution........283...
Page 443 Index dead-interval command..........294 dynamic route redistribution, disabling debounce-time command..........210 in IS-IS..............359 debug commands..........230, 300 in OSPF...............283 debug ip ospf............300 in RIP..............210 debug ip rip............230 debug isis............388 debug-related information, IS-IS......388, 397 default routes E Series routers cost, OSPF............267 IP features..............7 IP routing..............36 IPv6 features............125 IS-IS routing............367 IS-IS features............340...
Page 444 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide hashcheck process.............272 intra-area routes, OSPF..........247 hello interval IP...................3 IS-IS interface..........346, 374 ARP protocol.............7, 18 OSPF interface..........263, 268 assigning router IDs..........29 hello multiplier, IS-IS interface........346 broadcast addressing........23, 24 hello packet validity rate, IS-IS........377 E Series router features...........7 Hello protocol............243 ECMP............49, 150...
Page 445 Index ip source-route............41 IP redirects, enabling...........60 ip speed..............47 ip rip commands............210 ip split-horizon............210 ip rip..............210 ip tcp adjust-mss..........15, 41 ip rip authentication key........210 ip unnumbered..........15, 36 ip rip authentication mode........210 ip unnumbered loopback........39 ip rip bfd-liveness-detection........224 ip unreachables.............61 ip rip receive version......210, 223, 224 no ip interface............41 ip rip send version..........210 See also show ip commands...
Page 446 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide ipv6 nd ns-interval..........196 sa-validate............134 ipv6 nd prefix-advertisement......196 unnumbered............134 ipv6 nd ra-interval..........196 IPv6 routing with IS-IS..........333 ipv6 nd reachable-time.......196, 200 IRDP (ICMP Router Discovery Protocol), enabling ipv6 nd suppress-ra..........196 ICMP messages and<...........59 ipv6 nd suppress-ra-source-link-layer....196 IS (intermediate system)..........326 ipv6 neighbor..........152, 278 hello packet rate..........374...
Page 447 Index route tags and route maps...........333 leakage, OSPF route...........248 configuring..........333 level 1 routing, IS-IS...........326 defined............327 level 2 routing, IS-IS...........326 for default routes.........367 levels of IS-IS routing........326, 346, 368 for IS-IS interfaces........354 license commands for passive interfaces........352 license ipv6 command........134 for redistribution........359, 362 limited broadcast packets..........23 for summary routes........368 line modules...
Page 448 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide mesh group, setting (IS-IS).........377 next-hop verification message digests............272 configuring message-digest-key md5 command......294 example............31 metric steps for............34 IS-IS global default..........364 overview...............31 IS-IS interface............346 no area command............268 OSPF default............287 no ipv6 command............151 setting..............29 nonbroadcast networks..........244 metric commands nonstop forwarding.
Page 449 Index ECMP..............248 physical addresses............7 enabling..............251 ping command.............62, 131 interaction with BGP/MPLS VPNs......292 point-to-point circuits, IS-IS........355 link-local states...........302 Point-to-Point Protocol. See PPP MD5 authentication..........272 point-to-point-over-LAN circuits, IS-IS......355 metrics, default...........287 PPP (Point-to-Point Protocol) MIB..............248 host access routes..........39 monitoring............300 primary IP addresses...........11 neighbor histories..........319 primary IP interface.............56 neighbor uptime tracking........319 priority...
Page 450 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide retransmission interval, IS-IS........346 router type, IS-IS............367 retransmission throttle interval, IS-IS......346 routes retransmit interval summarizing IS-IS..........368 and transmit delay........264, 268 summarizing RIP..........207 OSPF............264, 268 using IS-IS............385 retransmit-interval command........295 using OSPF............291 RIB (routing information base]........25 using RIP............224 RIP (Routing Information Protocol)......205 routing information base.
Page 451 Index maximum number of parallel routes....283 show arp command.............83 network..............263 show clns commands priority............246, 264 show clns............403 See also OSPF show clns interface..........406 routing, RIP..............205 show clns neighbors...........408 debounce interval..........210 show clns protocol..........409 maximum number of parallel routes....210 show clns traffic..........410 purging the routing table........210 show forwarding-table route-holddown......83 route specificity..........220...
Page 452 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide show ipv6 udp statistics........183 static routes............138, 180 show license ipv6..........183 establishing............29 show ipv6 ospf commands........254 monitoring............107 show ipv6 ospf............302 verifying next hops for..........31 show ipv6 ospf database........302 stopping IS-IS MD5 packets........331 show ipv6 ospf interface........302 stub areas, OSPF..........245, 268 show ipv6 ospf internal-statistics......302 subnet addressing............9...
Page 453 Index technical support contacting JTAC..........xxiii validating source addresses........40, 137 text and syntax conventions........xxii verifying next hops for static routes......31 time-to-live command..........229 virtual links, OSPF........245, 247, 268 timeout command............68 virtual-router command..........17 timers IS-IS graceful restart........333, 381 RIP..............220 timers commands timers..............220 timers spf............287 TLV (type-length-value) for resolution of IS-IS dynamic hostname...............377 topology...
Page 454 JUNOSe 11.0.x IP, IPv6, and IGP Configuration Guide Index...

This manual is also suitable for:

Ip - configuration guide v11.1.x Ipv6 - configuration guide v11.1.x Junose 11.1

Juniper IGP - CONFIGURATION GUIDE V11.1.X Configuration Manual

About the Documentation

Part 1 Internet Protocol

Chapter 1 Configuring IP

Internet Protocol

Internet Protocol

Configuring IP

Configuring Ipv6

Configuring Neighbor Discovery

Part 2 Internet Protocol Routing

Chapter 5 Configuring OSPF

Chapter 6 Configuring IS-IS

Chapter 4 Configuring RIP

Configuring OSPF

Quick Links

Related Manuals for Juniper IGP - CONFIGURATION GUIDE V11.1.X

Summary of Contents for Juniper IGP - CONFIGURATION GUIDE V11.1.X