SRX Services Gateway
SRX Services Gateway

OSPF Configuration Problem with SRX

10.12.09   |  
‎10-12-2009 08:10 AM

Hi All,

 

I am implementing OSPF between SRX 210 and SRX 240. I have put FE interface of SRX 210 and ge interface of srx 240 in OSPF area 0. Now the problem is SRX 210 initiated OSPF and showing neighbor but SRX 240 is not showing neigbor. I have checked my policies as well. Pls help me out.

7 REPLIES
SRX Services Gateway

Re: OSPF Configuration Problem with SRX

10.12.09   |  
‎10-12-2009 11:49 AM
Did you add ospf under securirty zone or interface hostinbound traffic protocols? You have to allow  all routing protocols this way.
best regards,

Screenie.
Juniper Ambassador,
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
SRX Services Gateway

Re: OSPF Configuration Problem with SRX

10.12.09   |  
‎10-12-2009 10:19 PM
Yes I did that still its not working..
SRX Services Gateway

Re: OSPF Configuration Problem with SRX

10.13.09   |  
‎10-13-2009 06:10 AM

can you send us

> show conf protocols

> show conf security zones 

from both devices

 

 

Highlighted
SRX Services Gateway

Re: OSPF Configuration Problem with SRX

10.22.09   |  
‎10-22-2009 07:22 AM

are your physical interfaces configured directly with layer-3 units?  or are you using the ethernet-switching family and using a vlan.x l3 interface?

 

if you're using vlan.x l3 interfaces, there's an issue with the lower-end SRX's -- the vlan interfaces don't see incoming ip-multicast, so ospf and vrrp are broken on them.  supposed to be working in 9.5r3 and 9.6r3..supposedly..

 

 

SRX Services Gateway

Re: OSPF Configuration Problem with SRX

11.28.09   |  
‎11-28-2009 08:06 PM

I am having the exact same problem only with 2 SRX 210 units.

 

Both are running Junos 10.0R1.8

 

 

The interfaces are in the security zone with a host services all,

The interfaces configured directly as L3 interfaces "unit 0 family inet"

 

I can ping between the units and a monitor traffic detail between he units looks like OSPF is sending but the multicast hello is never received.

 

 

11:58:08.892411 Out IP (tos 0xc0, ttl   1, id 45013, offset 0, flags [none], proto: OSPF (89), length: 64) 10.0.8.9 > 224.0.0.5: OSPFv2, Hello, length 44
        Router-ID 10.10.10.5, Backbone Area, Authentication Type: none (0)
        Options [External]
          Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.252, Priority 128
          Designated Router 10.0.8.9

SRX Services Gateway

Re: OSPF Configuration Problem with SRX

12.15.09   |  
‎12-15-2009 10:54 AM

I just deployed two SRX210 using OSPF between them. I had an issue with the MTU size being different on the ge-0/0/0 interface, it was set to 1700 bytes, apparently by default. This meant that the neighbor wouldn't show as full.

regards

 

Aindriu

SRX Services Gateway

Re: OSPF Configuration Problem with SRX

03.06.11   |  
‎03-06-2011 03:07 AM

i have created full mesh active backup SRX 650 cluster and created reth2 and reth3 in untrust zone which is connected to CPE1 and CPE2 routers (J-4350). i am running OSPF between full mesh topology .. However i am not able to exchage the routes between CPE routers and SRX when the reths are in untrust. However when i have put the reth in trust zones ..it seemed to worked..

 

The ospf neigbhourship is in full state but when the user is pinging the WAN interfaces of the routers its returning RTOs..