Rate and give feedback:  Feedback Received. Thank You!

Rate and give feedback: 

X

This document helped resolve my issue

Yes No

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:  

E-mail: 

Enter a valid Email ID

Need product assistance? Contact Juniper Support

Submit

This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply.

English  

English

Example: Configuring a Conditional OSPF Default Route Policy on Logical Systems

Requirements

• Connect the logical systems by using logical tunnel (lt) interfaces. See Example: Connecting Logical Systems Within the Same Router Using Logical Tunnel Interfaces.
• Enable OSPF on the interfaces. See Example: Configuring OSPF on Logical Systems Within the Same Router.

Overview

In this example, OSPF area 0 contains three logical systems that are configured on a single physical router. Logical System LS3 has a BGP session with an external peer, for example, an ISP.

The ISP injects a default static route into BGP, which provides the customer network with a default static route to reach external networks. Logical System LS3 exports the default route into OSPF. The route policy on Logical System LS3 is conditional such that if the connection to the external peer goes down, the default route is no longer active in the routing tables of the logical systems in area 0. This policy prevents blackholing of traffic. Blackholing occurs when packets are dropped without notification.

Figure 1 shows the sample network.

Figure 1: OSPF with a Conditional Default Route to an ISP

Configuration

CLI Quick Configuration

To quickly configure this example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy level.

Step-by-Step Procedure

1. Configure the interfaces.
   [edit logical-systems LS3 interfaces]user@R3# set lt-1/2/0 unit 3 description LS3->LS2user@R3# set lt-1/2/0 unit 3 encapsulation ethernetuser@R3# set lt-1/2/0 unit 3 peer-unit 4user@R3# set lt-1/2/0 unit 3 family inet address 10.0.2.1/30user@R3# set lt-1/2/0 unit 5 description LS3->LS1user@R3# set lt-1/2/0 unit 5 encapsulation ethernetuser@R3# set lt-1/2/0 unit 5 peer-unit 0user@R3# set lt-1/2/0 unit 5 family inet address 10.0.1.1/30user@R3# set so-0/0/2 unit 0 description LS3->ISPuser@R3# set so-0/0/2 unit 0 encapsulation ethernetuser@R3# set so-0/0/2 unit 0 peer-unit 7user@R3# set so-0/0/2 unit 0 family inet address 10.0.45.2/30

2. Configure the autonomous system (AS) number.

   [edit logical-systems LS3 routing-options]user@R3# set autonomous-system 65001
3. Configure the BGP session with the ISP device.
   [edit logical-systems LS3 protocols bgp group ext]user@R3# set type externaluser@R3# set peer-as 65000user@R3# set neighbor 10.0.45.1

4. Configure OSPF.

   [edit logical-systems LS3 protocols ospf area 0.0.0.0]user@R3# set interface lt-1/2/0.5user@R3# set interface lt-1/2/0.3

5. Configure the routing policy.

   [edit logical-systems LS3 policy-options policy-statement gendefault]user@R3# set term upstreamroutes from protocol bgpuser@R3# set term upstreamroutes from as-path upstreamuser@R3# set term upstreamroutes from route-filter 0.0.0.0/0 upto /16user@R3# set term upstreamroutes then next-hop 10.0.45.1user@R3# set term upstreamroutes then accept
   user@R3# set term end then reject
   [edit logical-systems LS3 policy-options]user@R3# set as-path upstream "^65000 "

6. Configure the generated route.

   [edit logical-systems LS3 routing-options]user@R3# set generate route 0.0.0.0/0 policy gendefault

7. Apply the export policy to OSPF.

   [edit logical-systems LS3 protocols ospf]user@R3# set export gendefault

8. If you are done configuring the device, commit the configuration.

   [edit]user@R3# commit

Results

Confirm your configuration by issuing the show logical-systems LS3 command.

Verification

Confirm that the configuration is working properly.

• Verifying that the Route to the ISP Is Working
• Verifying That the Static Route Is Redistributed
• Testing the Policy Condition

Verifying that the Route to the ISP Is Working

Purpose

Make sure connectivity is established between Logical System LS3 and the ISP’s router.

Action

Logical system: LS3

PING 10.0.45.1 (10.0.45.1): 56 data bytes
64 bytes from 10.0.45.1: icmp_seq=0 ttl=64 time=1.185 ms
64 bytes from 10.0.45.1: icmp_seq=1 ttl=64 time=1.199 ms
64 bytes from 10.0.45.1: icmp_seq=2 ttl=64 time=1.186 ms

Meaning

The ping command confirms reachability.

Verifying That the Static Route Is Redistributed

Purpose

Make sure that the BGP policy is redistributing the static route into Logical System LS3’s routing table. Also make sure that the OSPF policy is redistributing the static route into the routing tables of Logical System LS1 and Logical System LS2.

Action

inet.0: 9 destinations, 10 routes (9 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[BGP/170] 00:00:25, localpref 100
                      AS path: 65000 I
                    > to 10.0.45.1 via so-0/0/2.0

inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[OSPF/150] 00:03:58, metric 0, tag 0
                    > to 10.0.1.1 via lt-1/2/0.0
10.0.2.0/30        *[OSPF/10] 03:37:45, metric 2
                      to 10.0.1.1 via lt-1/2/0.0
                    > to 10.0.0.2 via lt-1/2/0.2
224.0.0.5/32       *[OSPF/10] 03:38:41, metric 1
                      MultiRecv

inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[OSPF/150] 00:04:04, metric 0, tag 0
                    > to 10.0.2.1 via lt-1/2/0.4
10.0.1.0/30        *[OSPF/10] 03:37:46, metric 2
                      to 10.0.0.1 via lt-1/2/0.1
                    > to 10.0.2.1 via lt-1/2/0.4
224.0.0.5/32       *[OSPF/10] 03:38:47, metric 1
                      MultiRecv

Meaning

The routing tables contain the default 0.0.0.0/0 route. If Logical System LS1 and Logical System LS2 receive packets destined for networks not specified in their routing tables, those packets will be sent to Logical System LS3 for further processing. If Logical System LS3 receives packets destined for networks not specified in its routing table, those packets will be sent to the ISP for further processing.

Testing the Policy Condition

Purpose

Deactivate the interface to make sure that the route is removed from the routing tables if the external network becomes unreachable.

Action

inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.0.2.0/30        *[OSPF/10] 03:41:48, metric 2
                      to 10.0.1.1 via lt-1/2/0.0
                    > to 10.0.0.2 via lt-1/2/0.2
224.0.0.5/32       *[OSPF/10] 03:42:44, metric 1
                      MultiRecv

inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.0.1.0/30        *[OSPF/10] 03:42:10, metric 2
                      to 10.0.0.1 via lt-1/2/0.1
                    > to 10.0.2.1 via lt-1/2/0.4
224.0.0.5/32       *[OSPF/10] 03:43:11, metric 1
                      MultiRecv

Meaning

The routing tables on Logical System LS1 and Logical System LS2 do not contain the default 0.0.0.0/0. This verifies that the default route is no longer present in the OSPF domain. To reactivate the so-0/0/2.0 interface, issue the activate logical-systems LS3 interfaces so-0/0/2 unit 0 family inet address 10.0.45.2/30 configuration-mode command.