SRX Services Gateway
Highlighted
SRX Services Gateway

OSPF routing failover issue

[ Edited ]
Friday

Please bear with me, I'm still trying to get to grips with JunOS/SRX.

 

Site A, with a VDSL connection as its primary connection, and an RF connection as its backup

Site A's connection to our 'core' network is via the primary connection using a VPN - the termination point is Site B

Site A's backup connection into our 'core' network is via the RF connection - the entry point is another site, Site C

 

All sites are in area 0.0.0.0.

 

Here's the config. I have that I thought would work:-

 

interfaces {
    ge-0/0/0 {
        unit 0 {
            family inet {
                address 192.168.111.254/24;
            }
        }
    }
    ge-0/0/1 {
        unit 0 {
            family inet {
                address 192.168.0.6/30;
            }
        }
    }
    pt-1/0/0 {
        EDITED OUT 
    }
    pp0 {
        EDITED OUT
    }
    st0 {
        unit 0 {
            family inet {
                address 172.16.0.54/30;
            }
        }
    }
}
routing-options {
    static {
        route 0.0.0.0/0 next-hop pp0.0;
    }
    router-id 192.168.111.254;
}
protocols {
    ospf {
        traceoptions {
            file OSPF;
            flag error;
            flag hello;
        }
        preference 10;
        external-preference 150;
        reference-bandwidth 10g;
        area 0.0.0.0 {
            interface ge-0/0/0.0 {
                passive;
            }
            interface ge-0/0/1.0 {
                metric 2000;
            }
            interface st0.0;
        }
    }
}

 

In theory, what should happen I hope, is that OSPF routes traffic via the st0.0 interface, which it does, but if the underlying VDSL connection should drop or just the tunnel, traffic should then be routed via the secondary RF (ge-0/0/1.0) interface, hence the metric of 2000, however this does not happen. I have tried changing the interface-type for both ge-0/0/1.0 and st0.0 to p2p and then combinations, but nothing helps. I have similar scenarios at 2 other sites and both failover without an issue, although they use ADSL and VDSL respectively as their secondary connections.

 

Can anyone point out where I'm going wrong please?

 

 

3 REPLIES
SRX Services Gateway

Re: OSPF routing failover issue

[ Edited ]
Friday

Extra notes:-

 

Relevant site B config:

 

interface st0.111;

 

Relevant site C config:

 

interface ge-0/0/4.0 {
                interface-type p2p;
            }

 

I think I have my interface types in a muddle, but I'm struggling to sort it, especially without disconnecting myself from the remote site.

 

 

SRX Services Gateway

Re: OSPF routing failover issue

Friday

Hello there,


@EMTSU wrote:

if the underlying VDSL connection should drop or just the tunnel, traffic should then be routed via the secondary RF (ge-0/0/1.0) interface, hence the metric of 2000, however this does not happen

  


 Could You please clarify what exactly does not happen? I see Your 0/0 route points to pp0 interface, so my guesses are:

1/ when tunnel drops, everything goes out of pp0 

2/ when tunnel drops, the inter-site traffic still tries to go into a dead tunnel and is blackholed

3/ anything else?

 


@EMTSU wrote:
protocols {
    ospf {
<skip>
        area 0.0.0.0 {
<skip>
            interface ge-0/0/1.0 {
                metric 2000;
            }

 

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 

Relevant site C config:

 

interface ge-0/0/4.0 {
                interface-type p2p;
            }

 

 


The above OSPF interface config mismatch won't get You an OSPF adjacency up. You need to use either p2p or default (broadcast) ON BOTH sides.

 Finally, do You inject Your site B and C routes as OSPF external Type 2, by any chance? If yes, then interface metric won't have any effect. You need to inject them as OSPF external Type 1 for the interface metric to work.

HTH

Thx

Alex

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
SRX Services Gateway

Re: OSPF routing failover issue

[ Edited ]
8 hours ago

Thank you so much for your reply Alex, I do appreciate it. My apologies for the slow reply.

 

Just to note, all relevant interface IP addresses are /30 addresses.

 

In answer to your questions:- 

 

1) Correct

2) Correct

3) Not that I have observed

4) So, if I harmonize all interfaces to P2P will this get my setup working as I'd like?

5) I don't believe any routes are injected

 

When I simulated the Primary (VDSL with VPN) connection going down I physically disconnected the cable, I did not drop the tunnel or simply deactivate the st interface.