Routing

last person joined: 3 days ago 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.

  • 1.  OSPF down when loop occur on switch

    Posted 06-07-2011 03:40
      |   view attached

    Hi all,

    we  have  3 site conneted with OSPF , on each site we have 2 Routers M120 (junos 8.5R4.3) and 4switch

      

                                                                  Site2router1

                                                                              |

                               site1 Router1 ------   site3Router1   ---- sw1----Sw4

                                                                                    |                     |    \  /     |

                                                                                    |                     |     / \     |

                                     site1 router2  -----   site3 Router2   ---- Sw2----Sw3

                                                                              |

                                                                      site2router2

     

     

     

    we have VRRP configured on in interface connected to switch  ,and ospf configured betwen routers , but not in interface with switch .

     

    the problem : is when   loopoccur  on our switchs of site 3 ( error configuration of STP ) , in routers of site 3 we had : first : VRRP flap (master /buckup) on router2 and,  then OSPF become down with all their neighbor (=>MPLS Down)

     

    Question: Why OSPF come Down  when loop  occur on switchs ?

     

     

    is this a Junos Bug ??

     

    attched file the log messages

     

     

     

    Thank you!

     

    Attachment(s)

    txt
    juniper.txt   10 KB 1 version


  • 2.  RE: OSPF down when loop occur on switch

    Posted 06-09-2011 04:17

    Hello,

    One possible explanation is that due to L2 loop the multicast storm made up of VRRP (ip.dst 224.0.0.18) and OSPF (ip.dst 224.0.0.5|6) packets saturated internal fxp1 link on Your routers and BFD/OSPF/BGP went down.

    224.0.0.18 and 224.0.0.5|6 are from link-local multicast range which is always flooded by switches. 

    You should have a storm-control enabled in your switches and FW filter with policers applied to lo0.0 on your routers to protect from such event in the future.

    HTH

    Rgds

    Alex 



  • 3.  RE: OSPF down when loop occur on switch

    Posted 06-12-2011 01:42

    Hi Aarseniev,

    Thank you for your reply,

    What type of policers should i implement to the routers  ?

     

    Thank you !



  • 4.  RE: OSPF down when loop occur on switch
    Best Answer

    Posted 06-13-2011 02:12

    Hello,

    You should implement a firewall filter with regular policers (not "logical-interface-policer"s, not hierarchical policers) and assign this filter to lo0.0 interface as input.

     

    This free book can help You, please see page 27 onwards for policers and page 99 onwards for security policy/lo0.0 filter examples:

    http://www.juniper.net/us/en/community/junos/training-certification/day-one/fundamentals-series/securing-routing-engine/

     

    HTH

    Rgds

    Alex