Header Navigation

Monday, April 25, 2016

Nokia-Juniper-Cisco Part-1 - OSPF Routing Protocol Configuration

Hello everyone, maybe you have experience implement with many vendor and many kinds of router, or yours service provider using more than 1 brand device in your network. I try to simulate this use-case. To make you easy to integrate with other vendor (for vendor network engineer), and to help you manage your operator domain (for operator network engineer). In my lab, I try to simulate 3 Device Router from 3 Vendor, they are Cisco CRS, Juniper MX, and Nokia 7750 SR. I want to try NE40 Huawei, but I don't have the virtual version. So I don't put it in this.. Maybe soon :)
Overview
Open Shortest Path First (OSPF) si  TCP/IP internet routing protocol that's classified as an Interior Gateway Protocol (IGP).
OSPF protocol is based on link-state or SPF technology. This is a departure from the Bellman-Ford base used by traditional TCP/IP internet routing protocols. - RFC2328.
Each router maintains a database describing the Autonomous System's topology when using a link-state routing protocol, . The database is referred as link-state database. Each router participate in link-state has an identical database that identify attached router interface and reachable neighbors, then it's distributed throughout the Autonomous System with flood them.
When all routers using OSPF protocol, they will run the exact same algorithm, parallelly .  Information that they get from link-state database, help them build short-path tree with itself as root.  Then they calculate the route to each destination in the Autonomous System based short-path tree. based on short-path tree.
For this posting I'll not explain about OSPF too much, because this post focusing to help you how to configure OSPF, For better knowing about OSPF, please refer to RFC site (ietef).

Before We configure the router, We need some information like Interface IP, Loopback IP, Available port that want to use, additional information like hostname, OS version. This information is needed to make integration successfully and network engineer aware with their environment in live/production network. You get this information from your consulting engineer, or any person that have responsibility with IP Planning and Design. Below the Information about loopback IP address for each node and the hostname for the router.

We use loopback ip for several reason, such as for tldp target IP, ibgp neighbor target IP, ldp transport that using system/loopback interface, and others.
This lab has The topology like below:


For the first time to build this configuration, I will let us know, What must we do with new router. This  is just minimal or we can say, this simple configuration. You may enhance more based on your purpose. Hope this tutorial can help you to know how OSPF work on your router. Basic configuration inform us, what must we do with  new box router,  and How create interface configuration,

A. Preconfiguration
This step inform how must we do when we start the router. Because the limitation of this VNF, there are some router that I cannot make card configuration and port. So It has many different with Router that came with hardware (Physical Hardware Router)


1. LAB-PE1-SR
Login: admin
Password:

This simulation software is the property of Alcatel. It may not
be sold, leased, loaned or licensed to any non-Alcatel entity.
A:vRR#
A:vRR#

A:vRR# show card

===============================================================================
Card Summary
===============================================================================
Slot   Provisioned Type                            Admin Operational   Comments
     Equipped Type (if different)            State State
-------------------------------------------------------------------------------
1      (not provisioned)                           up    unprovisioned
     iom3-xp-b
A      sfm4-12                                     up    up/active
B      sfm4-12                                     up    down/standby
     (not equipped)
===============================================================================
A:vRR# configure card 1 card-type "iom3-xp-b"
*A:vRR# show mda

===============================================================================
MDA Summary
===============================================================================
Slot  Mda   Provisioned Type                         Admin     Operational
 Equipped Type (if different)            State     State
-------------------------------------------------------------------------------
1     1     (not provisioned)                        up        unprovisioned
    m5-1gb-sfp-b
===============================================================================

*A:vRR# configure card 1 mda 1 mda-type "m5-1gb-sfp-b"
*A:vRR# show card state

===============================================================================
Card State
===============================================================================
Slot/  Provisioned Type                  Admin Operational   Num   Num Comments
Id         Equipped Type (if different)  State State         Ports MDA
-------------------------------------------------------------------------------
1      iom3-xp-b                         up    up                  2
1/1    m5-1gb-sfp-b                      up    up            5
A      sfm4-12                           up    up                      Active
B      sfm4-12                           up    down                    Standby
     (not equipped)
===============================================================================
*A:vRR#

2. LAB-PE2-MX
login: root

--- JUNOS 14.1R1.10 built 2014-06-07 09:37:07 UTC

root@% cli
root>

root> configure
Entering configuration mode

[edit]


root# set system root-authentication plain-text-password
New password:
Retype new password:

[edit]
root# commit
commit complete

[edit]
root#
3. LAB-PE3-CRS
!!!!!!!!!!!!!!!!!!!! NO root-system username is configured. Need to configure root-system username. !!!!!!!!!!!!!!!!!!!!

   --- Administrative User Dialog ---


  Enter root-system username: achyar
  Enter secret:
Use the 'admin' mode 'configure' command to modify this configuration.

IMPORTANT:  READ CAREFULLY
Welcome to the Demo Version of Cisco IOS XRv (the "Software").
The Software is subject to and governed by the terms and conditions
of the End User License Agreement and the Supplemental End User
License Agreement accompanying the product, made available at the
time of your order, or posted on the Cisco website at
www.cisco.com/go/terms (collectively, the "Agreement").
As set forth more fully in the Agreement, use of the Software is
strictly limited to internal use in a non-production environment
solely for demonstration and evaluation purposes.  Downloading,
installing, or using the Software constitutes acceptance of the
Agreement, and you are binding yourself and the business entity
that you represent to the Agreement.  If you do not agree to all
of the terms of the Agreement, then Cisco is unwilling to license
the Software to you and (a) you may not download, install or use the
Software, and (b) you may return the Software as more fully set forth
in the Agreement.


Please login with any configured user/password, or cisco/cisco


User Access Verification

Username: achyar
Password:

B. Create Hostname
After creating the configuration, you may create the hostname for each router:
1. LAB-PE1-SR
A:vRR# configure system name LAB-PE-1-SR
*A:LAB-PE-1-SR#
2. LAB-PE2-MX
[edit]
root# set system host-name LAB-PE-2-MX

[edit]
root# commit
commit complete

[edit]
root@LAB-PE-2-MX# 
3. LAB-PE3-CRS
 RP/0/0/CPU0:ios#
RP/0/0/CPU0:ios#configure
Tue Apr 12 15:34:34.746 UTC
RP/0/0/CPU0:ios(config)#
RP/0/0/CPU0:ios(config)#
RP/0/0/CPU0:ios(config)#hostname LAB-PE-3-CRS
RP/0/0/CPU0:ios(config)#commit
Tue Apr 12 15:34:56.374 UTC
RP/0/0/CPU0:Apr 12 15:34:56.494 : ike[228]: %SECURITY-IKE-4-WARNING : You may want to configure a domain-name
RP/0/0/CPU0:LAB-PE-3-CRS(config)#

C. Loopback Configuration
After create the hostname, you may set-up your loopback configuration in each router
1. LAB-PE1-SR
When you set-up in NOKIA 7750-SR loopback, there is special feature or maybe we can call it special requirement. The loopback0 is configured under system interface. For other loopback you may use name depend your own
A:LAB-PE-1-SR# configure router interface "system"
A:LAB-PE-1-SR>config>router>if# address 192.168.20.1/32
*A:LAB-PE-1-SR>config>router>if# exit all
*A:LAB-PE-1-SR># /admin save
After save configuration then verifying
A:LAB-PE-1-SR# show router interface

===============================================================================
Interface Table (Router: Base)
===============================================================================
Interface-Name                   Adm         Opr(v4/v6)  Mode    Port/SapId
   IP-Address                                                    PfxState
-------------------------------------------------------------------------------
system                           Up          Up/--       Network system
   192.168.20.1/32                                               n/a
-------------------------------------------------------------------------------
Interfaces : 1
===============================================================================
A:LAB-PE-1-SR#
2. LAB-PE2-MX
root@LAB-PE-2-MX# ... 0 family inet address 192.168.20.2/32

[edit]
root@LAB-PE-2-MX# edit interfaces

[edit interfaces]
root@LAB-PE-2-MX# show
lo0 {
 unit 0 {
  family inet {
   address 192.168.20.2/32;
  }
 }
}

[edit interfaces]
root@LAB-PE-2-MX# show | display set
set interfaces lo0 unit 0 family inet address 192.168.20.2/32

[edit interfaces]
root@LAB-PE-2-MX#
Before, commit/execute, juniper give feature to check the configuration before, or you may check the configuration before commit, with show | compare, or commit check, if the check was successfully, you may do commit to execute and save
[edit]
root@LAB-PE-2-MX# commit
commit complete
Then do verifying after commit
root@LAB-PE-2-MX# run show interfaces terse | match inet
ge-0/0/0.0              up    up   inet     192.168.10.9/30
pfe-0/0/0.16383         up    up   inet
           inet6
pfh-0/0/0.16383         up    up   inet
lo0.0                   up    up   inet     192.168.20.2        --> 0/0
lo0.16384               up    up   inet     127.0.0.1           --> 0/0
lo0.16385               up    up   inet     128.0.0.4           --> 0/0
           inet6    fe80::5201:f:fc02:0

[edit]
root@LAB-PE-2-MX#
3. LAB-PE3-CRS
RP/0/0/CPU0:LAB-PE-3-CRS(config)#interface loopback0
RP/0/0/CPU0:LAB-PE-3-CRS(config-if)#ipv4 address 192.168.20.3/32
RP/0/0/CPU0:LAB-PE-3-CRS(config-if)#commit
Then Verifying
RP/0/0/CPU0:LAB-PE-3-CRS#show ipv4 interface brief
Thu Apr 14 06:27:55.825 UTC

Interface                      IP-Address      Status                Protocol
Loopback0                      192.168.20.3    Up                    Up
MgmtEth0/0/CPU0/0              unassigned      Shutdown              Down
GigabitEthernet0/0/0/0         unassigned      Shutdown              Down
GigabitEthernet0/0/0/1         unassigned      Shutdown              Down
GigabitEthernet0/0/0/2         unassigned      Shutdown              Down
GigabitEthernet0/0/0/3         unassigned      Shutdown              Down
RP/0/0/CPU0:LAB-PE-3-CRS#


D. Port Configuration (NOKIA 7750 SR Only)
Nokia 7750 - SR has a port that not binding with interface. It different than other 2 routers, where the port bind to interface. So when you work with NOKIA IP Product you need configure the port first then configure the interface.
A:LAB-PE-1-SR# configure port 1/1/1
*A:LAB-PE-1-SR>config>port# description "to_LAB-PE-2-MX - ge-0/0/0"
*A:LAB-PE-1-SR>config>port# no shutdown
*A:LAB-PE-1-SR>config>port# info
----------------------------------------------
  description "to_LAB-PE-2-MX - ge-0/0/0"
  ethernet
  exit
  no shutdown
----------------------------------------------
*A:LAB-PE-1-SR>config>port#

A:LAB-PE-1-SR# configure port 1/1/3
A:LAB-PE-1-SR>config>port# description "to_LAB-PE-3-CRS - Gi0/0/0/2"
*A:LAB-PE-1-SR>config>port# no shutdown
*A:LAB-PE-1-SR>config>port# info
----------------------------------------------
  description "to_LAB-PE-3-CRS - Gi0/0/0/2"
  ethernet
  exit
  no shutdown
----------------------------------------------
*A:LAB-PE-1-SR>config>port#

Verifying

A:LAB-PE-1-SR# show port 1

===============================================================================
Ports on Slot 1
===============================================================================
Port        Admin Link Port    Cfg  Oper LAG/ Port Port Port   C/QS/S/XFP/
Id          State      State   MTU  MTU  Bndl Mode Encp Type   MDIMDX
-------------------------------------------------------------------------------
1/1/1       Up    Yes  Up      8936 8936    - netw null xcme   GIGE-LX  10KM
1/1/2       Down  No   Down    8936 8936    - netw null xcme   GIGE-LX  10KM
1/1/3       Up    Yes  Up      8936 8936    - netw null xcme   GIGE-LX  10KM
1/1/4       Down  No   Down    8936 8936    - netw null xcme   GIGE-LX  10KM
1/1/5       Down  No   Down    8936 8936    - netw null xcme   GIGE-LX  10KM
===============================================================================
A:LAB-PE-1-SR# show port 1 description

===============================================================================
Port Descriptions on Slot 1
===============================================================================
Port Id        Description
-------------------------------------------------------------------------------
1/1/1          to_LAB-PE-2-MX - ge-0/0/0
1/1/2          10/100/Gig Ethernet SFP
1/1/3          to_LAB-PE-3-CRS - Gi0/0/0/2
1/1/4          10/100/Gig Ethernet SFP
1/1/5          10/100/Gig Ethernet SFP
===============================================================================
A:LAB-PE-1-SR# 

E. Interface Configuration
After NOKIA 7750 - SR port configuration, you may create interface configuration in each node
1. LAB-PE1-SR
A:LAB-PE-1-SR# configure router interface to_LAB-PE-2-MX
*A:LAB-PE-1-SR>config>router>if$ address 192.168.10.10/30
*A:LAB-PE-1-SR>config>router>if$ port 1/1/1
*A:LAB-PE-1-SR>config>router>if$ info
----------------------------------------------
   address 192.168.10.10/30
   port 1/1/1
   no shutdown
----------------------------------------------
*A:LAB-PE-1-SR>config>router>if$ exit all
*A:LAB-PE-1-SR# configure router interface to_LAB-PE-3-CRS
*A:LAB-PE-1-SR>config>router>if$ address 192.168.10.6/30
*A:LAB-PE-1-SR>config>router>if$ port 1/1/3
*A:LAB-PE-1-SR>config>router>if$ no shutdown
*A:LAB-PE-1-SR>config>router>if$ info
----------------------------------------------
   address 192.168.10.6/30
   port 1/1/3
   no shutdown
----------------------------------------------
*A:LAB-PE-1-SR>config>router>if$ exit all 
After create configuration and do /admin save, then verifying
A:LAB-PE-1-SR# /show router interface

===============================================================================
Interface Table (Router: Base)
===============================================================================
Interface-Name                   Adm         Opr(v4/v6)  Mode    Port/SapId
   IP-Address                                                    PfxState
-------------------------------------------------------------------------------
system                           Up          Up/--       Network system
   192.168.20.1/32                                               n/a
to_LAB-PE-2-MX                   Up          Up/--       Network 1/1/1
   192.168.10.10/30                                              n/a
to_LAB-PE-3-CRS                  Up          Up/--       Network 1/1/3
   192.168.10.6/30                                               n/a
-------------------------------------------------------------------------------
Interfaces : 3
===============================================================================
A:LAB-PE-1-SR# 
2. LAB-PE2-MX
root@LAB-PE-2-MX# set interfaces ge-0/0/0 description "to_LAB-PE-1-SR Port 1/1/1"
root@LAB-PE-2-MX# set interfaces ge-0/0/0 unit 0 family inet address 192.168.10.9/30
root@LAB-PE-2-MX# set interfaces ge-0/0/2 description "to_LAB-PE-3-CRS - Gi0/0/0/0"
root@LAB-PE-2-MX# set interfaces ge-0/0/2 unit 0 family inet address 192.168.10.2/30
root@LAB-PE-2-MX# show | compare
[edit interfaces]
+   ge-0/0/0 {
+       description "to_LAB-PE-1-SR Port 1/1/1";
+       unit 0 {
+           family inet {
+               address 192.168.10.9/30;
+           }
+       }
+   }
+   ge-0/0/2 {
+       description "to_LAB-PE-3-CRS - Gi0/0/0/0";
+       unit 0 {
+           family inet {
+               address 192.168.10.2/30;
+           }
+       }
+   }

[edit]
root@LAB-PE-2-MX# commit
commit complete
Do verifying after commit the candidate configuration
root@LAB-PE-2-MX# run show interfaces terse | match inet
ge-0/0/0.0              up    up   inet     192.168.10.9/30
pfe-0/0/0.16383         up    up   inet
           inet6
pfh-0/0/0.16383         up    up   inet
ge-0/0/2.0              up    up   inet     192.168.10.2/30
lo0.0                   up    up   inet     192.168.20.2        --> 0/0
lo0.16384               up    up   inet     127.0.0.1           --> 0/0
lo0.16385               up    up   inet     128.0.0.4           --> 0/0
           inet6    fe80::5201:f:fc02:0

[edit]
root@LAB-PE-2-MX#
3. LAB-PE3-CRS
RP/0/0/CPU0:LAB-PE-3-CRS(config)#interface GigabitEthernet 0/0/0/0
RP/0/0/CPU0:LAB-PE-3-CRS(config-if)#description "to_LAB-PE-2-MX - ge-0/0/2"
RP/0/0/CPU0:LAB-PE-3-CRS(config-if)#ipv4 address 192.168.10.1/30
RP/0/0/CPU0:LAB-PE-3-CRS(config-if)#no shutdown
RP/0/0/CPU0:LAB-PE-3-CRS(config-if)#show
Wed Apr 13 11:45:22.789 UTC
interface GigabitEthernet0/0/0/0
 description "to_LAB-PE-2-MX - ge-0/0/2"
 ipv4 address 192.168.10.1 255.255.255.252
 no shutdown
!

RP/0/0/CPU0:LAB-PE-3-CRS(config-if)#

RP/0/0/CPU0:LAB-PE-3-CRS(config)#interface gigabitEthernet 0/0/0/2
RP/0/0/CPU0:LAB-PE-3-CRS(config-if)#description "to_LAB-PE-1-SR - Port 1/1/3"
RP/0/0/CPU0:LAB-PE-3-CRS(config-if)#ipv4 address 192.168.10.5/30
RP/0/0/CPU0:LAB-PE-3-CRS(config-if)#no shu
RP/0/0/CPU0:LAB-PE-3-CRS(config-if)#show
Wed Apr 13 11:45:22.789 UTC
interface GigabitEthernet0/0/0/2
 description "to_LAB-PE-1-SR - Port 1/1/3"
 ipv4 address 192.168.10.5 255.255.255.252
 no shutdown
!
 
Then commit, cisco csr will inform you the status after your commit. (it's cisco's strength point) 
RP/0/0/CPU0:LAB-PE-3-CRS(config)#commit
Wed Apr 13 18:18:40.293 UTC
RP/0/0/CPU0:Apr 13 18:18:40.353 : ifmgr[226]: %PKT_INFRA-LINK-3-UPDOWN : Interface GigabitEthernet0/0/0/2, changed state to Down
RP/0/0/CPU0:Apr 13 18:18:40.353 : ifmgr[226]: %PKT_INFRA-LINK-3-UPDOWN : Interface GigabitEthernet0/0/0/0, changed state to Down
RP/0/0/CPU0:LAB-PE-3-CRS(config)#RP/0/0/CPU0:Apr 13 18:18:40.393 : ifmgr[226]: %PKT_INFRA-LINK-3-UPDOWN : Interface GigabitEthernet0/0/0/2, changed state to Up
RP/0/0/CPU0:Apr 13 18:18:40.393 : ifmgr[226]: %PKT_INFRA-LINK-3-UPDOWN : Interface GigabitEthernet0/0/0/0, changed state to Up
 
Verify the interface, after do commit
RP/0/0/CPU0:LAB-PE-3-CRS#show ipv4 interface brief
Thu Apr 14 06:27:55.825 UTC

Interface                      IP-Address      Status                Protocol
Loopback0                      192.168.20.3    Up                    Up
MgmtEth0/0/CPU0/0              unassigned      Shutdown              Down
GigabitEthernet0/0/0/0         192.168.10.1    Up                    Up
GigabitEthernet0/0/0/1         unassigned      Shutdown              Down
GigabitEthernet0/0/0/2         192.168.10.5    Up                    Up
GigabitEthernet0/0/0/3         unassigned      Shutdown              Down
RP/0/0/CPU0:LAB-PE-3-CRS# 

When you done with interface configuration, then verify with ping test.
1. LAB-PE1-SR
A:LAB-PE-1-SR# ping 192.168.10.9 rapid count 100
PING 192.168.10.9 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
---- 192.168.10.9 PING Statistics ----
100 packets transmitted, 100 packets received, 0.00% packet loss
round-trip min = 3.75ms, avg = 43.8ms, max = 119ms, stddev = 35.2ms
A:LAB-PE-1-SR# ping 192.168.10.5 rapid count 100
PING 192.168.10.5 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
---- 192.168.10.5 PING Statistics ----
100 packets transmitted, 100 packets received, 0.00% packet loss
round-trip min = 3.77ms, avg = 22.0ms, max = 279ms, stddev = 34.5ms
A:LAB-PE-1-SR# 
2. LAB-PE2-MX
[edit]
root@LAB-PE-2-MX# run ping 192.168.10.10 rapid count 100
PING 192.168.10.10 (192.168.10.10): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
--- 192.168.10.10 ping statistics ---
100 packets transmitted, 100 packets received, 0% packet loss
round-trip min/avg/max/stddev = 4.383/6.486/17.129/2.230 ms

[edit]
root@LAB-PE-2-MX# run ping 192.168.10.1 rapid count 100
PING 192.168.10.1 (192.168.10.1): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
--- 192.168.10.1 ping statistics ---
100 packets transmitted, 100 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.202/3.118/5.889/1.003 ms

[edit]
root@LAB-PE-2-MX# 
3. LAB-PE3-CRS
RP/0/0/CPU0:LAB-PE-3-CRS#ping  192.168.10.2 count 100
Wed Apr 13 23:50:08.340 UTC
Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 192.168.10.2, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (100/100), round-trip min/avg/max = 1/3/9 ms

RP/0/0/CPU0:LAB-PE-3-CRS#ping 192.168.10.6 count 100
Wed Apr 13 23:50:45.308 UTC
Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 192.168.10.6, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (100/100), round-trip min/avg/max = 1/10/259 ms
RP/0/0/CPU0:LAB-PE-3-CRS# 

F. OSPF Configuration
We have done with Interface configuration, let's try the main part for this. The ospf configuration, before read the configuration, there are some rule are applied :
  • OSPF interface type point to point
  • OSPF authentication is md5
  • There is some use-case when you meet the problem with MTU OSPF caused Interface MTU. If you meet the problem like this please refer to this post Interworking ALU-Juniper
Below the OSPF configuration in each router:
1. LAB-PE1-SR
A:LAB-PE-1-SR# configure router ospf 
*A:LAB-PE-1-SR>config>router>ospf# router-id 192.168.20.1
*A:LAB-PE-1-SR>config>router>ospf# area 0
*A:LAB-PE-1-SR>config>router>ospf>area$ interface "system"
*A:LAB-PE-1-SR>config>router>ospf>area$ interface "to_LAB-PE-2-MX"
*A:LAB-PE-1-SR>config>router>ospf>area>if$ interface-type point-to-point
*A:LAB-PE-1-SR>config>router>ospf>area>if$ mtu 1500
*A:LAB-PE-1-SR>config>router>ospf>area>if$ authentication-type message-digest
*A:LAB-PE-1-SR>config>router>ospf>area>if$ message-digest-key 1 md5 3kiEu3l0eAD
*A:LAB-PE-1-SR>config>router>ospf>area>if$ no shutdown
*A:LAB-PE-1-SR>config>router>ospf>area>if$ info
----------------------------------------------
 interface-type point-to-point
 mtu 1500
 authentication-type message-digest
 message-digest-key 1 md5 "pPn0yLXmRNSkrDjSGwVIRm/sg/X2N5uPtsveDJvhowZhMlFulkrTB.GVQMWQK4Oz" hash2
 no shutdown
----------------------------------------------
*A:LAB-PE-1-SR>config>router>ospf>area>if$back
*A:LAB-PE-1-SR>config>router>ospf>area$ interface "to_LAB-PE-3-CRS"
*A:LAB-PE-1-SR>config>router>ospf>area>if$ interface-type point-to-point
*A:LAB-PE-1-SR>config>router>ospf>area>if$ mtu 1500
*A:LAB-PE-1-SR>config>router>ospf>area>if$ authentication-type message-digest
*A:LAB-PE-1-SR>config>router>ospf>area>if$ message-digest-key 1 md5 3kiEu3l0eAD
*A:LAB-PE-1-SR>config>router>ospf>area>if$ no shutdown
*A:LAB-PE-1-SR>config>router>ospf>area>if$ info
----------------------------------------------
 interface-type point-to-point
 mtu 1500
 authentication-type message-digest
 message-digest-key 1 md5 "Ylm/w9TRTiOtMtH4MmgvdaeNTHCuz222AtAM5JZqrC9pZa2vaTf76OJAm2axph88" hash2
 no shutdown
----------------------------------------------
*A:LAB-PE-1-SR>config>router>ospf>area>if$ 
2. LAB-PE2-MX
root@LAB-PE-2-MX# set routing-options router-id 192.168.20.2

root@LAB-PE-2-MX# set protocols ospf area 0 interface ge-0/0/0.0
root@LAB-PE-2-MX# edit protocols ospf area 0

[edit protocols ospf area 0.0.0.0]
root@LAB-PE-2-MX# edit interface ge-0/0/0.0

[edit protocols ospf area 0.0.0.0 interface ge-0/0/0.0]
root@LAB-PE-2-MX#
root@LAB-PE-2-MX# set authentication md5 1 key 3kiEu3l0eAD
root@LAB-PE-2-MX# set interface-type p2p

[edit protocols ospf area 0.0.0.0 interface ge-0/0/0.0]
root@LAB-PE-2-MX# show
interface-type p2p;
authentication {
 md5 1 key "$9$PQ69EhrevLdbfz6/tprevMxNsYoJZDqm"; ## SECRET-DATA
}

[edit protocols ospf area 0.0.0.0 interface ge-0/0/0.0]
root@LAB-PE-2-MX#
[edit protocols ospf area 0.0.0.0 interface ge-0/0/0.0]
root@LAB-PE-2-MX# up
[edit protocols ospf area 0.0.0.0]
root@LAB-PE-2-MX# set interface ge-0/0/2.0
[edit protocols ospf area 0.0.0.0]
root@LAB-PE-2-MX# edit interface ge-0/0/2.0
[edit protocols ospf area 0.0.0.0 interface ge-0/0/2.0]
root@LAB-PE-2-MX# set authentication md5 1 key 3kiEu3l0eAD
[edit protocols ospf area 0.0.0.0 interface ge-0/0/2.0]
root@LAB-PE-2-MX# show
interface-type p2p;
authentication {
 md5 1 key "$9$fz/ChclKMXVw5F/9pulKMW7-Y2aZGj.P"; ## SECRET-DATA
}

[edit protocols ospf area 0.0.0.0 interface ge-0/0/2.0]
root@LAB-PE-2-MX#

[edit]
root@LAB-PE-2-MX# show | compare
[edit]
+  protocols {
+      ospf {
+          area 0.0.0.0 {
+              interface ge-0/0/0.0 {
+               interface-type p2p;
+                  authentication {
+                      md5 1 key "$9$PQ69EhrevLdbfz6/tprevMxNsYoJZDqm"; ## SECRET-DATA
+                  }
+              }
+              interface ge-0/0/2.0 {
+                  interface-type p2p;
+                  authentication {
+                      md5 1 key "$9$fz/ChclKMXVw5F/9pulKMW7-Y2aZGj.P"; ## SECRET-DATA
+                  }
+              }
+          }
+      }
+  }

[edit]
root@LAB-PE-2-MX# commit check
configuration check succeeds

[edit]
root@LAB-PE-2-MX# commit
commit complete

[edit]
root@LAB-PE-2-MX#
root@LAB-PE-2-MX# commit and-quit
commit complete
Exiting configuration mode

root@LAB-PE-2-MX> 
3. LAB-PE3-CRS
RP/0/0/CPU0:LAB-PE-3-CRS(config)#router ospf 0
RP/0/0/CPU0:LAB-PE-3-CRS(config-ospf)#area 0
RP/0/0/CPU0:LAB-PE-3-CRS(config-ospf-ar)#interface GigabitEthernet 0/0/0/0
RP/0/0/CPU0:LAB-PE-3-CRS(config-ospf-ar-if)# network point-to-point
RP/0/0/CPU0:LAB-PE-3-CRS(config-ospf-ar-if)#authentication message-digest
RP/0/0/CPU0:LAB-PE-3-CRS(config-ospf-ar-if)#message-digest-key 1 md5 3kiEu3l0eAD
RP/0/0/CPU0:LAB-PE-3-CRS(config-ospf-ar)#interface gigabitEthernet 0/0/0/2
RP/0/0/CPU0:LAB-PE-3-CRS(config-ospf-ar-if)#network point-to-point
RP/0/0/CPU0:LAB-PE-3-CRS(config-ospf-ar-if)#authentication message-digest
RP/0/0/CPU0:LAB-PE-3-CRS(config-ospf-ar-if)#message-digest-key 1 md5 3kiEu3l0eAD
RP/0/0/CPU0:LAB-PE-3-CRS(config-ospf-ar-if)#exit
RP/0/0/CPU0:LAB-PE-3-CRS(config-ospf-ar)#show
Thu Apr 14 09:04:29.882 UTC
router ospf 0
 area 0
  interface Loopback0
  !
  interface GigabitEthernet0/0/0/0
   authentication message-digest
   message-digest-key 1 md5 encrypted 087247472C0C561B420E2D20
   network point-to-point
  !
  interface GigabitEthernet0/0/0/2
   authentication message-digest
   message-digest-key 1 md5 encrypted 06550428695B5A155512332F
   network point-to-point
  !
 !
!

RP/0/0/CPU0:LAB-PE-3-CRS(config-ospf-ar)#
RP/0/0/CPU0:LAB-PE-3-CRS(config-ospf-ar)#commit
Thu Apr 14 09:05:11.869 UTC
RP/0/0/CPU0:LAB-PE-3-CRS(config-ospf-ar)#
RP/0/0/CPU0:LAB-PE-3-CRS(config-ospf-ar)#
RP/0/0/CPU0:sadas(config)#commit
Thu Apr 14 13:54:08.181 UTC
RP/0/0/CPU0:Apr 14 13:54:08.251 
RP/0/0/CPU0:LAB-PE-3-CRS(config)#end
RP/0/0/CPU0:LAB-PE-3-CRS# 
After create OSPF configuration and commit, you should check, ospf interface, and make sure ospf neighbor is establish. And Loopback interface in each node is reachable from others Node that connect using OSPF.
1. LAB-PE1-SR
===============================================================================
Dest Prefix[Flags]                            Type    Proto     Age        Pref
   Next Hop[Interface Name]                                    Metric
-------------------------------------------------------------------------------
192.168.10.0/30                               Remote  OSPF      00h28m47s  10
    192.168.10.9                                                 101
192.168.10.4/30                               Local   Local     00h28m53s  0
    to_LAB-PE-3-CRS                                              0
192.168.10.8/30                               Local   Local     00h28m53s  0
    to_LAB-PE-2-MX                                               0
192.168.20.1/32                               Local   Local     00h29m55s  0
    system                                                       0
192.168.20.2/32                               Remote  OSPF      00h28m47s  10
    192.168.10.9                                                 100
192.168.20.3/32                               Remote  OSPF      00h28m47s  10
    192.168.10.5                                                 101
-------------------------------------------------------------------------------
No. of Routes: 6
Flags: n = Number of times nexthop is repeated
    B = BGP backup route available
    L = LFA nexthop available
    S = Sticky ECMP requested
===============================================================================
A:LAB-PE-1-SR#

Ping to other loopback node

A:LAB-PE-1-SR# ping 192.168.20.2 rapid count 100
PING 192.168.20.2 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
---- 192.168.20.2 PING Statistics ----
100 packets transmitted, 100 packets received, 0.00% packet loss
round-trip min = 4.05ms, avg = 51.2ms, max = 143ms, stddev = 47.6ms
A:LAB-PE-1-SR# ping 192.168.20.3 rapid count 100
PING 192.168.20.3 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
---- 192.168.20.3 PING Statistics ----
100 packets transmitted, 100 packets received, 0.00% packet loss
round-trip min = 3.58ms, avg = 19.2ms, max = 76.3ms, stddev = 22.6ms
A:LAB-PE-1-SR# 
2. LAB-PE2-MX
root@LAB-PE-2-MX> show ospf interface
Interface           State   Area            DR ID           BDR ID          Nbrs
ge-0/0/0.0          PtToPt  0.0.0.0         0.0.0.0         0.0.0.0            1
ge-0/0/2.0          PtToPt  0.0.0.0         0.0.0.0         0.0.0.0            1
lo0.0               DR      0.0.0.0         192.168.20.2    0.0.0.0            0

root@LAB-PE-2-MX> show ospf neighbor
Address          Interface              State     ID               Pri  Dead
192.168.10.10    ge-0/0/0.0             Full      192.168.20.1       1    35
192.168.10.1     ge-0/0/2.0             Full      192.168.20.3       1    34

root@LAB-PE-2-MX> show route

inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

192.168.10.0/30    *[Direct/0] 1d 03:12:50
  > via ge-0/0/2.0
192.168.10.2/32    *[Local/0] 1d 03:12:50
  Local via ge-0/0/2.0
192.168.10.4/30    *[OSPF/10] 04:08:24, metric 2
  > to 192.168.10.1 via ge-0/0/2.0
192.168.10.8/30    *[Direct/0] 1d 03:12:50
  > via ge-0/0/0.0
192.168.10.9/32    *[Local/0] 1d 03:12:50
  Local via ge-0/0/0.0
192.168.20.1/32    *[OSPF/10] 00:31:36, metric 1
  > to 192.168.10.10 via ge-0/0/0.0
192.168.20.2/32    *[Direct/0] 1d 14:57:56
  > via lo0.0
192.168.20.3/32    *[OSPF/10] 04:08:24, metric 2
  > to 192.168.10.1 via ge-0/0/2.0
224.0.0.5/32       *[OSPF/10] 04:08:34, metric 1
  MultiRecv

root@LAB-PE-2-MX>

Ping other loopback node
root@LAB-PE-2-MX> ping 192.168.20.1 rapid count 100
PING 192.168.20.1 (192.168.20.1): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
--- 192.168.20.1 ping statistics ---
100 packets transmitted, 100 packets received, 0% packet loss
round-trip min/avg/max/stddev = 4.410/10.242/271.507/26.441 ms

root@LAB-PE-2-MX> ping 192.168.20.3 rapid count 100
PING 192.168.20.3 (192.168.20.3): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
--- 192.168.20.3 ping statistics ---
100 packets transmitted, 100 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.175/3.710/12.814/1.556 ms

root@LAB-PE-2-MX> 
3. LAB-PE3-CRS
RP/0/0/CPU0:LAB-PE-3-CRS#show ospf interface brief
Thu Apr 14 13:55:30.885 UTC

* Indicates MADJ interface, (P) Indicates fast detect hold down state

Interfaces for OSPF 0

Interface          PID   Area            IP Address/Mask    Cost  State Nbrs F/C
Lo0                0     0               192.168.20.3/32    1     LOOP  0/0
Gi0/0/0/0          0     0               192.168.10.1/30    1     P2P   1/1
Gi0/0/0/2          0     0               192.168.10.5/30    1     P2P   1/1
RP/0/0/CPU0:LAB-PE-3-CRS#show ospf neighbor
Thu Apr 14 13:55:36.475 UTC

* Indicates MADJ interface

Neighbors for OSPF 0

Neighbor ID     Pri   State           Dead Time   Address         Interface
192.168.20.2    128   FULL/  -        00:00:31    192.168.10.2    GigabitEthernet0/0/0/0
 Neighbor is up for 00:00:48
192.168.20.1    1     FULL/  -        00:00:33    192.168.10.6    GigabitEthernet0/0/0/2
 Neighbor is up for 00:37:55

Total neighbor count: 2
RP/0/0/CPU0:LAB-PE-3-CRS#show route
Thu Apr 14 13:55:47.754 UTC

Codes: C - connected, S - static, R - RIP, B - BGP, (>) - Diversion path
    D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
    N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
    E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
    i - ISIS, L1 - IS-IS level-1, L2 - IS-IS level-2
    ia - IS-IS inter area, su - IS-IS summary null, * - candidate default
    U - per-user static route, o - ODR, L - local, G  - DAGR, l - LISP
    A - access/subscriber, a - Application route
    M - mobile route, (!) - FRR Backup path

Gateway of last resort is not set

C    192.168.10.0/30 is directly connected, 00:00:59, GigabitEthernet0/0/0/0
L    192.168.10.1/32 is directly connected, 00:00:59, GigabitEthernet0/0/0/0
C    192.168.10.4/30 is directly connected, 19:37:07, GigabitEthernet0/0/0/2
L    192.168.10.5/32 is directly connected, 19:37:07, GigabitEthernet0/0/0/2
O    192.168.10.8/30 [110/2] via 192.168.10.2, 00:00:59, GigabitEthernet0/0/0/0
O    192.168.20.1/32 [110/1] via 192.168.10.6, 00:38:01, GigabitEthernet0/0/0/2
O    192.168.20.2/32 [110/1] via 192.168.10.2, 00:00:59, GigabitEthernet0/0/0/0
L    192.168.20.3/32 is directly connected, 1d15h, Loopback0
RP/0/0/CPU0:LAB-PE-3-CRS#

Ping othe loopback node

RP/0/0/CPU0:LAB-PE-3-CRS#
RP/0/0/CPU0:LAB-PE-3-CRS#ping  192.168.20.1 count 100
Thu Apr 14 13:57:59.215 UTC
Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 192.168.20.1, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (100/100), round-trip min/avg/max = 1/10/279 ms
RP/0/0/CPU0:LAB-PE-3-CRS#ping  192.168.20.2 count 100
Thu Apr 14 13:58:05.155 UTC
Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 192.168.20.2, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (100/100), round-trip min/avg/max = 1/5/19 ms
RP/0/0/CPU0:LAB-PE-3-CRS# 

Then done, OSPF Configuration was established. If you have  problem or may correction with this configuration, free welcome to discuss on comment box or you can mail me :). Hope this configuration can help you to build your network with ospf protocol. Thank you

G. Reference


  • Anonimous. 2013. JNCIS-SP Study Guide Part-1.USA:Juniper Networks, Inc
  • Mobeen Tahir, Mark Ghattas, Dawit Birhanu, Syed Natif Nawaz. 2009. Cisco IOS XR Fundamental. Indianapolis:ciscopress
  • Warnock Glenn, Nathoo Amin.2011. Alcatel-Lucent network routing specialist II (NRS II) self-study guide preparing for the NRS II certification exams. Indianapolis:Wiley 


  • 3 comments:

    1. Thank you for taking time to provide us some of the useful and exclusive information with us.
      Regards,
      ccna Training in Chennai | ccna course in Chennai | ccna Training institute in Chennai

      ReplyDelete
    2. Terima kasih mas Achyar. Boleh request mas, mpls dan service epipe dan vpls nya :D

      ReplyDelete