Nota: Este Post faz parte do guide de Routing.
Chapter 1 Protocol-Independent Routing
Configure Static Routing
set routing-options rib inet6.0 static route 0::/0 next-hop 3001::1 preference 250
set routing-options static route 0.0.0.0/0 next-hop 172.30.25.1 qualified-next-hop 172.30.25.5 preference 7
reject – Drop e envia ICMP packet
discard – Drop e não envia ICMP packet
resolve –
qualified-next-hop –
next-table – permite especificar uma segunda tabela onde e efetuada um 2 lookup
no-readvertise – não redistribui a rota num protocolo de routing dinamico
!A default preference tem o valor 5, caso não seja explicitamente configurada uma excepcao
set routing-options static defaults preference 250
set routing-options static route 172.28.102.0/24 next-hop 10.210.11.190 no-readvertise
Algumas das opções sobre a hierarquia routing-options static x.x.x.x/y
as-path
community
metric
preference
Configuring Aggregate Routes
set routing-options aggregate defauls community 1:888
set routing-options aggregate route 172.29.0.0/22
set routing-options aggregate route 172.25.0.0/16 community 1:999 discard
Algumas das opções sobre a hierarquia routing-options aggregate
as-path
community
metric
policy
preference
show route <prefix> exact detail
Generated Routes
A semelhança das Aggregate Routes, estas ficam activas quando existe pelo menos contributing route (rota mais especifica no range)
user@R1> show route 0/0 exact detail
inet.0: 14 destinations, 14 routes (14 active, 0 holddown, 0 hidden)
0.0.0.0/0 (1 entry, 1 announced)
*Aggregate Preference: 130
Next hop type: Router, Next hop index: 546
Next-hop reference count: 4
Next hop: 172.30.25.1 via ge-0/0/1.100, selected
State: <Active Int Ext>
Local AS: 65400
Age: 1:03:46
Task: Aggregate
Announcement bits (2): 0-KRT 2-OSPF
AS path: I
Flags: Generate Depth: 0 Active
Contributing Routes (1):
10.0.0.0/16 proto BGP
A diferença entre Aggregate e Generated Routes e que as Generated route recebe o next-hop da primary contributing route (route com menor preference), em caso múltiplas rotas com a mesma preference será a rota com a menor number prefix)
Para a rota se qualificar para uma contributing route, deverá ter um forwarding next-hop válido caso contrário será a hidden route
user@R1> show route hidden
inet.0: 7 destinations, 7 routes (6 active, 0 holddown, 1 hidden)
+ = Active Route, – = Last Active, * = Both
0.0.0.0/0 [Aggregate] 00:17:30
Reject
Uma generated route costuma ser referenciada com route of last resort
set policy-options term match-bgp-prefix from protocol bgp
set policy-options term match-bgp-prefix from route-filter 10.0.0.0/16 exact
set policy-options term match-bgp-prefix then accept
set policy-options term else-reject then reject
!O comando protocol aggregate é também usado para Generated Routes
set policy-options policy-statement match-contributing-prefix term match-default from protocol aggregate
set policy-options policy-statement match-contributing-prefix term match-default from route-filter 0.0.0.0/0 exact
set policy-options policy-statement match-contributing-prefix term match-default then accept
set routing-options generate defaults preference 130
set routing-options generate route 0.0.0.0/0 policy match-contributing-prefix
set protocolos ospf export export-default
set protocolos ospf area 0.0.0.0 interface ge-0/0/2.0
set protocolos ospf area 0.0.0.0 interface ge-0/0/3.0
set protocolos ospf area 0.0.0.0 interface lo0.0
Martian Addresses
0.0.0.0/8
127.0.0.0/8
128.0.0.0/16
191.255.0.0/16
192.0.0.0/24
223.255.255.0/24
240.0.0.0/4
Adding Additional Prefixes
set routing-options martians 23.0.0.0/8 orlonger
set routing-options martians 32.0.0.0/8 orlonger
Os possíveis match type:
exact
longer
orlonger
prefix-length-range
through
upto
!Omite a tabela default, mostra apenas as novas entradas
show route martians
show route martians table inet.0
user@R1> show route martians table inet.0
inet.0:
0.0.0.0/0 exact — allowed
0.0.0.0/8 orlonger — disallowed
127.0.0.0/8 orlonger — disallowed
128.0.0.0/16 orlonger — disallowed
191.255.0.0/16 orlonger — disallowed
192.0.0.0/24 orlonger — disallowed
223.255.255.0/24 orlonger — disallowed
240.0.0.0/4 orlonger — disallowed
23.0.0.0/8 orlonger — disallowed
31.0.0.0/8 orlonger — disallowed
36.0.0.0/8 orlonger — disallowed
user@R1# set routing-options martians 240/4 orlonger allow
user@R1> show route martians table inet.0
inet.0:
0.0.0.0/0 exact — allowed
0.0.0.0/8 orlonger — disallowed
127.0.0.0/8 orlonger — disallowed
128.0.0.0/16 orlonger — disallowed
191.255.0.0/16 orlonger — disallowed
192.0.0.0/24 orlonger — disallowed
223.255.255.0/24 orlonger — disallowed
240.0.0.0/4 orlonger — allowed
23.0.0.0/8 orlonger — disallowed
31.0.0.0/8 orlonger — disallowed
36.0.0.0/8 orlonger — disallowed
Routing Instances
Master routing instance
Rever os seguints links:
https://www.cocheno.com/2014/06/notas-estudo-jncia-junos-parte-2/
https://www.cocheno.com/2014/06/notas-estudo-jncia-junos-parte-4/
Sharing Routes Between Routing Tables
Permite instalar routes em varias tabelas
Outra meio de partilhar rotas e usar e possível usar instance-import, instance-export e auto-export para partilhar rotas multiplas instâncias de routing
Defining RIB Group
O RIB Group permite colocar route information em múltiplas tabelas.
! Podem ser usadas diversas import ribs mas apenas uma export rib
set routing-options rib-groups <rib-group-name> export-rib <routing-table-name>
set routing-options rib-groups <rib-group-name> import-rib <routing-table-name>
set routing-options rib-groups <rib-group-name> import-policy <policy-name>
export-rib – indica tabebla de origem das rotas
import-rib – indica tabela onde as rotas devem ser colocadas
import-policy – controla as rotas que serao instaladas na routing table group
O 1′ comando de import-rib deve listar primeiro a primary routing table, esta primary sera onde a routing information sera colocada sem a presenca de uma RIB Group.
Uma vez que só é possível listar uma routing table usando o export-rib, e porque esta routing table deve ser a primary RIB, o comando export-rib é frequentemente omitido da config.
RIB Group Application
Permite incluir static routes, BGP,OSPF, RIP,IS-IS, PIM, MSDP
!
set routing-options rib-groups test import-rib [inet.0 test.inet.0]
set protocols ospf rib-group test
set protocols ospf area 0.0.0.0 interface ge-0/0/1.0
set protocols ospf area 0.0.0.0 interface lo0.0
user@R1> show route table inet.0 protocol ospf
inet.0: 13 destinations, 13 routes (13 active, 0 holddown, 0 hidden)
+ = Active Route, – = Last Active, * = Both
172.20.101.0/24 *[OSPF/150] 00:00:30, metric 0, tag 0
> to 172.20.77.2 via ge-0/0/1.0
172.20.201.0/24 *[OSPF/150] 00:00:30, metric 0, tag 0
> to 172.20.77.2 via ge-0/0/1.0
192.168.2.1/32 *[OSPF/10] 00:00:30, metric 1
> to 172.20.77.2 via ge-0/0/1.0
224.0.0.5/32 *[OSPF/10] 2w1d 02:37:55, metric 1
MultiRecv
user@R1> show route table test.inet.0 protocol ospf
test.inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
+ = Active Route, – = Last Active, * = Both
172.20.101.0/24 *[OSPF/150] 00:00:27, metric 0, tag 0
> to 172.20.77.2 via ge-0/0/1.0
172.20.201.0/24 *[OSPF/150] 00:00:27, metric 0, tag 0
> to 172.20.77.2 via ge-0/0/1.0
192.168.2.1/32 *[OSPF/10] 00:00:27, metric 1
> to 172.20.77.2 via ge-0/0/1.0
224.0.0.5/32 *[OSPF/10] 00:00:27, metric 1
MultiRecv
Notas: Na versão 11.x a tabela test apenas contem as rotas aprendidas via OSPF. Testado nos EX
Routing Between Instances
É possível fazer esta ligação através de uma ligação física, ou neste caso através de uma ligação lógica (logical tunnel)
Para ligar 2 instances através de uma ligação logica, e configurado um tunel para cada instance. E usado a interface no formato lt-fpc/pic/port
set interfaces lt-0/0/0 unit 0 encapsulation ethernet peer-unit 1 family inet
set interfaces lt-0/0/0 unit 1 encapsulation ethernet peer-unit 0 family inet
Nem todos os junOS devices suportam interface logical tunnel, deve ser instalado services PIC ou services module.
Encapsulation types permitidos:Ethernet, Ethernet circuit cross-connect (CCC), Ethernet VPLS, Frame Relay, Frame Relay CCC, VLAN, VLAN CCC, ou VLAN VPLS.
Possível usar as families: IP, IPv6, International Organization for Standardization (ISO), ou MPLS
O peering logical interface deve pertencer a mesma interface logical tunnel derivado do Tunnel Services PIC ou Adaptive Services Module.
Apenas pode existir um peering unit por cada interface logica, p.exemplo o unit 0 não pode ser peer da unit 1 e unit 2
Deve existir pelo menos um statement relativo a uma interface física para activar o logical tunnel
Referências:
Notas estudo JNCIS-ENT parte 1
Notas estudo JNCIS-ENT parte 2
Notas estudo JNCIS-ENT parte 3
Notas estudo JNCIS-ENT parte 4
2 thoughts on “Notas estudo JNCIS-ENT parte 7”