Routing
Routing

OSPF ASBR LSA Issues

[ Edited ]
2 weeks ago

Hi Guys, this is my first post here so I just want to say a huge thank you in advance for any help I'm able to get on this!!

 

I'm studying for my JNCIP-SP and I've knocked together a lab which should scale to allow me to cover all topics simultaneously so it's quite large, sorry in advance (Attached is the diagram from my EVE-NG setup). I'm slightly confused by the behaviour of OSPF at the moment. My provider core (represented by the cloud icons, running vMXs) is currently area 0 (had all sorts of issues trying to integrate the 'super' backbone into an existing customer LAN with area 0, so re-designed it) This re-distributes into MP-BGP with RSVP signalled LSPs for transport.

 

The connections between net1 and net3 are area 100 - the 'Branch' vMX has a loopback intf in area 50. What i wanted to do was create a backdoor link between net1 and branch to then set up a sham link to allow type 1 and 2 LSA's to be propagated by the ISP-D ASBR to allow normal metrics to control the use of the MPLS as the primary path.

 

The issue i'm having is that whilst net1, net 3 and Branch see the ISP devices as ASBR's - the ASBRs are not generating type 5 LSA's as expected for the routes learned at the branch office, despite being redistributed from BGP. They show as Summary LSA's in the LSDB. I know the OSPF domain ID can be used to convert the advertisements from type 5 to type 3 if they match - this has not been done and I've even gone to the trouble of explicitly configuring different domain ID's but no luck!

 

I really want to be able to mess around with the NSSA flag, domain ID, sham links etc - so any help understanding what i've done wrong would be great! I've attached config for the net 1 device, the ISP-A and the LSDB. Thanks!! =]

Attachments

5 REPLIES 5
Routing

Re: OSPF ASBR LSA Issues

2 weeks ago

Need to look at the details that you sent, but here are the advertisement rules, which migh help: 

DOMAIN IDs.png

REGARDS!

Yasmin Lara - Juniper Ambassador #QuadE - JNCIE-SP, JNCIE-ENT, JNCIE-DC, JNCIE-SEC
JNCIS-CLOUD, JNCDS-DC, JNCIA-DevOps
Routing

Re: OSPF ASBR LSA Issues

2 weeks ago

Hi Yasmin,

 

Thanks for the quick response! That behaviour is exactly what i'd expect. The two connections to the 'customers' main site are configured with a domain ID of 20 and the Branch site is configured to use a domain ID of 10. The vMX in the branch site has a loopback address of 4.4.4.4 - From the primary site I should see this route as an External LSA, not a summary, right? 

 

Config for the VRF on ISP devices:

 

=========

MAIN SITE

=========

stewart@ISP-A> show configuration routing-instances CustomerA
instance-type vrf;
interface ge-0/0/3.0;
route-distinguisher 39326:1;
vrf-import CustomerA-Import;
vrf-export CustomerA-Export;
routing-options {
router-id 210.210.210.210;
}
protocols {
ospf {
domain-id 20;
export [ CustomerA CustomerA-Import ];
area 0.0.0.0 {
interface ge-0/0/3.0 {
interface-type p2p;
}
}
}
}

=======================

stewart@ISP-C> show configuration routing-instances CustomerA instance-type vrf;
interface ge-0/0/3.0;
route-distinguisher 39326:1;
vrf-import CustomerA-Import;
vrf-export CustomerA-Export;
routing-options {
router-id 212.212.212.212;
}
protocols {
ospf {
domain-id 20;
export CustomerA-Import;
area 0.0.0.0 {
interface ge-0/0/3.0 {
interface-type p2p;
}
}
}
}

===========

BRANCH SITE

===========

stewart@IPS-D> show configuration routing-instances CustomerA
instance-type vrf;
interface ge-0/0/4.0;
route-distinguisher 39326:1;
vrf-import CustomerA-Import;
vrf-export CustomerA-Export;
routing-options {
router-id 213.213.213.213;
}
protocols {
ospf {
domain-id 10;
export CustomerA-Import;
area 0.0.0.0 {
interface ge-0/0/4.0 {
interface-type p2p;
}
}
}
}

 

=====================

 

Despite this, the LSDB shows it as a summary, despite having type 4 ASBR summary's being flooded into area 100 Smiley Sad 

 

stewart@net2> show ospf database

OSPF database, Area 0.0.0.0
Type ID Adv Rtr Seq Age Opt Cksum Len
Summary *1.1.1.1 2.2.2.2 0x80000001 334 0x22 0x2907 28
Summary *2.2.2.2 2.2.2.2 0x80000002 19 0x22 0xee3d 28
Summary *3.3.3.3 2.2.2.2 0x80000001 334 0x22 0xcc5b 28
Summary *10.1.2.0 2.2.2.2 0x80000002 362 0x22 0x9e8a 28
Summary *10.1.3.0 2.2.2.2 0x80000001 334 0x22 0x9f88 28
Summary *10.2.3.0 2.2.2.2 0x80000002 362 0x22 0x879f 28
Summary *10.2.150.0 2.2.2.2 0x80000002 362 0x22 0x3063 28
Summary *150.150.150.150 2.2.2.2 0x80000001 345 0x22 0x4891 28

OSPF database, Area 0.0.0.100
Type ID Adv Rtr Seq Age Opt Cksum Len
Router 1.1.1.1 1.1.1.1 0x80000005 339 0x22 0xa7f3 84
Router *2.2.2.2 2.2.2.2 0x80000005 336 0x22 0xb85 84
Router 3.3.3.3 3.3.3.3 0x80000005 338 0x22 0x671e 84
Summary 4.4.4.4 1.1.1.1 0x80000002 21 0x22 0xc461 28
Summary 4.4.4.4 3.3.3.3 0x80000002 21 0x22 0x8895 28
Summary 10.1.210.0 1.1.1.1 0x80000002 359 0x22 0xc398 28
Summary *10.2.150.0 2.2.2.2 0x80000002 362 0x22 0x3063 28
Summary 10.3.200.0 1.1.1.1 0x80000001 257 0x22 0x3033 28
Summary 10.3.200.0 3.3.3.3 0x80000003 307 0x22 0xdb7f 28
Summary 10.3.212.0 3.3.3.3 0x80000002 355 0x22 0x59f6 28
Summary *150.150.150.150 2.2.2.2 0x80000001 345 0x22 0x4891 28
Summary 192.168.200.0 1.1.1.1 0x80000001 257 0x22 0x41c1 28
Summary 192.168.200.0 3.3.3.3 0x80000001 307 0x22 0xf00c 28
Summary 200.200.200.200 1.1.1.1 0x80000001 257 0x22 0x759d 28
Summary 200.200.200.200 3.3.3.3 0x80000001 307 0x22 0x25e7 28
ASBRSum 210.210.210.210 1.1.1.1 0x80000001 348 0x22 0x8566 28
ASBRSum 212.212.212.212 3.3.3.3 0x80000001 343 0x22 0xecee 28

OSPF database, Area 0.0.0.150
Type ID Adv Rtr Seq Age Opt Cksum Len
Router *2.2.2.2 2.2.2.2 0x80000002 350 0x22 0xe64 48
Router 150.150.150.150 150.150.150.150 0x80000004 351 0x22 0x3084 60
Summary *1.1.1.1 2.2.2.2 0x80000001 334 0x22 0x2907 28
Summary *2.2.2.2 2.2.2.2 0x80000001 471 0x22 0xf03c 28
Summary *3.3.3.3 2.2.2.2 0x80000001 334 0x22 0xcc5b 28
Summary *10.1.2.0 2.2.2.2 0x80000002 362 0x22 0x9e8a 28
Summary *10.1.3.0 2.2.2.2 0x80000001 334 0x22 0x9f88 28
Summary *10.2.3.0 2.2.2.2 0x80000002 362 0x22 0x879f 28
Summary 10.2.160.0 150.150.150.150 0x80000002 372 0x22 0x58de 28

Routing
Solution
Accepted by topic author Stewart.dunwell
2 weeks ago

Re: OSPF ASBR LSA Issues

2 weeks ago

Hi Stewart,

 

Can you please add the OSPF domain-id in the VRF Export policy.

 

Ref Link: https://www.juniper.net/documentation/en_US/junos/topics/topic-map/l3-vpns-routing-between-ce-pe.htm...

 

The community for OSPF routes should be something like this to advertise the domain-id with OSPF routes

 

community export-target-VPN-B members [ target:10.255.14.216:11 domain-id:192.0.2.1:0 ]

 

PS: Please mark my response as solution if it answers your query, kudos are appreciated as well.

 

Thanks

Vishal

Routing

Re: OSPF ASBR LSA Issues

2 weeks ago

Vishal you're a star - thanks!!

 

I thought applying the domain-id within the VRF would be enough, must have missed the bit about an additional named-community! Thanks again =]

Routing

Re: OSPF ASBR LSA Issues

2 weeks ago
Glad I could help! Good Luck with your JNCIP-SP Thanks Vishal