SRX

Hello,

I have been tasked with creating an OSPF network using 13 SRX 550 Routers.

I have to create a network between seperate geographic locations. Each device is connected together via point to point wireless links.

At each site there is a switch that has to interface with the router. That switch is connected to computers and other network equipment.

There is an existing gateway in the main building which does the DNS, NAT and DHCP.

That gateway would need to interface with the first SRX (R1) then out to each site. In a ring around the premise.

In the event that there is an outage the data would still have a path to the host in the main building.

I need to firgure a way to pass all traffic to all sites. This will need to be broadcast to maintain DHCP.

I have so far OSPF neighbors established but not a way to pass traffic. Do all subnets have to be in a vlan and the OSPF ports in the same vlan? A generic configuration would help guide me in the right direction if anyone can help.

Any help is greatly appreciated.

Sounds like quite the task for someone who has "no clue what I'm doing". 

I would start by reading through all of the below:

https://www.juniper.net/techpubs/en_US/junos11.4/information-products/pathway-pages/config-guide-ospf/config-guide-ospf.html

http://kb.juniper.net/InfoCenter/index?page=content&id=KB16570

The Day One stuff also has some good info and examples.

http://forums.juniper.net/jnet/attachments/jnet/Day1Books/163/1/DO_OSPF_Enterprise.pdf

Thank you very much for the direction. I'll update my progress.

I do understand that this isn't the norm. But I have no choice. The person that was supposed to complete this task is gone and I'm the most able bodied person to do it. I appreciate the help.

Thanks again, I'll follow up with my progress.

Ok, so I've got adjacency on R1 and I can see R2 and R3 with: show ospf neighbor

But on R2 and R3 it shows nothing.

I can now ping all local interfaces. No more 'NO ROUTE TO HOST'.

But I cannot ping R2 and R3 from R1.

lo0.0

R1 10.1.1.1

R2 10.1.1.2

R3 10.1.1.3

vlan

172.23.23.1

R1

ge 0/0/0 172.23.23.1 area 0

ge 0/0/5 172.23.23.2 area 0

R2

ge 0/0/0 172.23.23.3 area 0

R3

ge 0/0/0 172.23.23.4 area 0

R1 0/0/0 goes to R2 0/0/0

R1 0/0/5 goes to R3 0/0/0

If i'm understanding correctly, each site has a an SRX and each SRX has two interfaces - an internal one and and external one.  Each SRX is going to be a ASBR.  It will bridge areas.  The external srx interface on each unit is going to participate in Area 0.  That is the common area where everyone shares all routes.  Behind each SRX each site is going to have it's own area. ie Area 1, 2, 3, etc unique to every site.  Site 1 - area 1, site 2 - area 2.  Those internal areas are going to be part of the internal interface. So each SRX is going to have something like this:

ospf {
    area 0.0.0.0 {
        interface ge-0/0/0.0;
    }

    area 0.0.0.1 {

        stub
        interface ge-0/0/1.0;
    }
}

and don't forget to enable OSPF on both your security zone for each interface.  With that configuration, area 0 will then have an account of all the subnets on the internal interfaces on all the other areas (sites).  But don't forget that all the devices have to have layer 2 connectivity on their area 0 interface to work so yes, all in the same VLAN. So create a common subnet for the Aea 0 subnet like 10.10.0.0/24 and give each srx area 0 interface an IP in this subnet.  Then each site gets it's own private IP like site 1 would be 10.10.1.0/24, site 2 would be 10.10.2.0/24. etc...

Editing to remove old setup data, not pertaining to current state of project.

Made new topic as I feel this one does not represent the problem at hand.