SRX Services Gateway
Reply
Contributor
JNSSJNSS
Posts: 28
Registered: ‎03-28-2009
0

OSPF Configuration Problem with SRX

Hi All,

 

I am implementing OSPF between SRX 210 and SRX 240. I have put FE interface of SRX 210 and ge interface of srx 240 in OSPF area 0. Now the problem is SRX 210 initiated OSPF and showing neighbor but SRX 240 is not showing neigbor. I have checked my policies as well. Pls help me out.

Distinguished Expert
Screenie
Posts: 1,089
Registered: ‎01-10-2008
0

Re: OSPF Configuration Problem with SRX

Did you add ospf under securirty zone or interface hostinbound traffic protocols? You have to allow  all routing protocols this way.
best regards,

Screenie.
Juniper Ambassador,
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Contributor
JNSSJNSS
Posts: 28
Registered: ‎03-28-2009
0

Re: OSPF Configuration Problem with SRX

Yes I did that still its not working..
Trusted Contributor
Optimist
Posts: 60
Registered: ‎09-09-2009
0

Re: OSPF Configuration Problem with SRX

can you send us

> show conf protocols

> show conf security zones 

from both devices

 

 

Contributor
jantkowiak
Posts: 19
Registered: ‎10-09-2009
0

Re: OSPF Configuration Problem with SRX

are your physical interfaces configured directly with layer-3 units?  or are you using the ethernet-switching family and using a vlan.x l3 interface?

 

if you're using vlan.x l3 interfaces, there's an issue with the lower-end SRX's -- the vlan interfaces don't see incoming ip-multicast, so ospf and vrrp are broken on them.  supposed to be working in 9.5r3 and 9.6r3..supposedly..

 

 

Visitor
gkorrub
Posts: 1
Registered: ‎11-11-2009
0

Re: OSPF Configuration Problem with SRX

I am having the exact same problem only with 2 SRX 210 units.

 

Both are running Junos 10.0R1.8

 

 

The interfaces are in the security zone with a host services all,

The interfaces configured directly as L3 interfaces "unit 0 family inet"

 

I can ping between the units and a monitor traffic detail between he units looks like OSPF is sending but the multicast hello is never received.

 

 

11:58:08.892411 Out IP (tos 0xc0, ttl   1, id 45013, offset 0, flags [none], proto: OSPF (89), length: 64) 10.0.8.9 > 224.0.0.5: OSPFv2, Hello, length 44
        Router-ID 10.10.10.5, Backbone Area, Authentication Type: none (0)
        Options [External]
          Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.252, Priority 128
          Designated Router 10.0.8.9

Contributor
Hiber
Posts: 35
Registered: ‎09-28-2009
0

Re: OSPF Configuration Problem with SRX

I just deployed two SRX210 using OSPF between them. I had an issue with the MTU size being different on the ge-0/0/0 interface, it was set to 1700 bytes, apparently by default. This meant that the neighbor wouldn't show as full.

regards

 

Aindriu

Contributor
milind.mistry@essar.com
Posts: 53
Registered: ‎12-24-2010
0

Re: OSPF Configuration Problem with SRX

i have created full mesh active backup SRX 650 cluster and created reth2 and reth3 in untrust zone which is connected to CPE1 and CPE2 routers (J-4350). i am running OSPF between full mesh topology .. However i am not able to exchage the routes between CPE routers and SRX when the reths are in untrust. However when i have put the reth in trust zones ..it seemed to worked..

 

The ospf neigbhourship is in full state but when the user is pinging the WAN interfaces of the routers its returning RTOs..

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.