728x90

더보기

vMX image : vmxvfp-19.1R1.6-domestic-VFP , vmxvcp-19.1R1.6-domestic-VCP

EVE-NG : version 2.0.3-110

PE1- P - PE2 : OSPF, LDP ,MPLS 

PE1 - PE2  : MP-BGP

CE - PE : EBGP

vMX trial licence가 필요함. 아래링크참조해서 라이센스 입력

www.juniper.net/kr/kr/dm/free-vmx-trial/

 

vMX 평가판 다운로드 - 주니퍼 네트웍스

 

www.juniper.net

 

CE-A config

root@CE-A# show | display set
set version 20190319.203446_builder.r1013243
set system root-authentication encrypted-password "$6$uVQJh3a3$gyooY5wDjzk/K9aCGuRpzyMgE/Cl1rJMi"
set system host-name CE-A
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set chassis network-services enhanced-ip
set interfaces ge-0/0/2 unit 0 family inet address 10.0.10.2/24
set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM606ED64D1F
set interfaces lo0 unit 0 family inet address 192.168.11.1/32

# static 을 bgp로 redistribution 하기 위한 정책 적용
set policy-options policy-statement static-to-bgp term 10 from protocol static
set policy-options policy-statement static-to-bgp term 10 then accept
set policy-options policy-statement static-to-bgp term 20 then reject

set routing-options static route 11.11.11.0/24 discard

set routing-options router-id 192.168.11.1
set routing-options autonomous-system 65101

#PE와 BGP 설정
set protocols bgp group my-ext-group type external
set protocols bgp group my-ext-group peer-as 65512
set protocols bgp group my-ext-group neighbor 10.0.10.1

# static redistribution 정책 적용
set protocols bgp export static-to-bgp 

CE-B config

root@CE-B# show | display set
set version 20190319.203446_builder.r1013243
set system root-authentication encrypted-password "$6$DKPBY8rA$PgT5FW/8LqOtFDOgXEefFkFwVNKzASvxE"
set system host-name CE-B
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set chassis network-services enhanced-ip
set interfaces ge-0/0/4 unit 0 family inet address 10.0.11.2/24
set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM606ED6634D

# static 을 bgp로 redistribution 하기 위한 정책 적용
set policy-options policy-statement static-to-bgp term 10 from protocol static
set policy-options policy-statement static-to-bgp term 10 then accept
set policy-options policy-statement static-to-bgp term 20 then reject

set routing-options static route 22.22.22.0/24 discard
set routing-options autonomous-system 65101

# PE와 bgp 설정
set protocols bgp group my-ext-group type external
set protocols bgp group my-ext-group peer-as 65512
set protocols bgp group my-ext-group neighbor 10.0.11.1

# static redistribution 설정
set protocols bgp export static-to-bgp

PE-1 config

root@PE-1# show | display set
set version 20190319.203446_builder.r1013243
set system root-authentication encrypted-password "$6$FeXrUQwk$3BJw3SM4ZI4WyDnaJmXHt.BigV25NqOkA"
set system host-name PE-1
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set chassis network-services enhanced-ip
set interfaces ge-0/0/1 unit 0 family inet address 10.0.10.1/24
set interfaces ge-0/0/3 unit 0 family inet address 172.22.210.1/24
set interfaces ge-0/0/3 unit 0 family mpls
set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM606ED678E3
set interfaces lo0 unit 0 family inet address 192.168.1.1/32

# import/export 적책 설정
set policy-options policy-statement export-vpn-a term 1 from protocol bgp
set policy-options policy-statement export-vpn-a term 1 then community add vpn-a
set policy-options policy-statement export-vpn-a term 1 then accept
set policy-options policy-statement export-vpn-a term 2 then reject
set policy-options policy-statement import-vpn-a term 1 from protocol bgp
set policy-options policy-statement import-vpn-a term 1 from community vpn-a
set policy-options policy-statement import-vpn-a term 1 then accept
set policy-options policy-statement import-vpn-a term 2 then reject

# RT 설정
set policy-options community vpn-a members target:65512:101

# CE용 VRF 설정
set routing-instances VPN-A instance-type vrf
set routing-instances VPN-A interface ge-0/0/1.0
set routing-instances VPN-A route-distinguisher 192.168.1.1:1
set routing-instances VPN-A vrf-import import-vpn-a ## import 정책적용
set routing-instances VPN-A vrf-export export-vpn-a ## export 정책적용
set routing-instances VPN-A vrf-target target:65512:101

# CE와 EBGP 설정, as-override
set routing-instances VPN-A protocols bgp group my-ext-group type external
set routing-instances VPN-A protocols bgp group my-ext-group peer-as 65101
set routing-instances VPN-A protocols bgp group my-ext-group as-override
set routing-instances VPN-A protocols bgp group my-ext-group neighbor 10.0.10.2

set routing-options router-id 192.168.1.1
set routing-options autonomous-system 65512
set protocols ldp interface ge-0/0/3.0
set protocols ldp interface lo0.0

# PE와 BGP 설정
set protocols bgp group PE-PE type internal
set protocols bgp group PE-PE local-address 192.168.1.1
set protocols bgp group PE-PE family inet unicast
set protocols bgp group PE-PE family inet-vpn unicast
set protocols bgp group PE-PE local-as 65512
set protocols bgp group PE-PE neighbor 192.168.1.3

set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols ospf area 0.0.0.0 interface ge-0/0/3.0 interface-type p2p
set protocols mpls interface lo0.0
set protocols mpls interface ge-0/0/3.0

PE-2 config

root@PE-2# show | display set
set version 20190319.203446_builder.r1013243
set system root-authentication encrypted-password "$6$pzuS08KF$SevcYY3KewZraLtshsbGEPRFPXjjbmfXd"
set system host-name PE-2
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set interfaces ge-0/0/3 unit 0 family inet address 172.22.212.1/24
set interfaces ge-0/0/3 unit 0 family mpls
set interfaces ge-0/0/5 unit 0 family inet address 10.0.11.1/24
set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM606ED63CAE
set interfaces lo0 unit 0 family inet address 192.168.1.3/32

# import/export 적책 설정
set policy-options policy-statement export-vpn-a term 1 from protocol bgp
set policy-options policy-statement export-vpn-a term 1 then community add vpn-a
set policy-options policy-statement export-vpn-a term 1 then accept
set policy-options policy-statement export-vpn-a term 2 then reject
set policy-options policy-statement import-vpn-a term 1 from protocol bgp
set policy-options policy-statement import-vpn-a term 1 from community vpn-a
set policy-options policy-statement import-vpn-a term 1 then accept
set policy-options policy-statement import-vpn-a term 2 then reject

# RT 설정
set policy-options community vpn-a members target:65512:101

# CE용 VRF 설정
set routing-instances VPN-A instance-type vrf
set routing-instances VPN-A interface ge-0/0/5.0
set routing-instances VPN-A route-distinguisher 192.168.1.1:1
set routing-instances VPN-A vrf-import import-vpn-a   ## import 정책적용
set routing-instances VPN-A vrf-export export-vpn-a   ## export 정책적용
set routing-instances VPN-A vrf-target target:65512:101

# CE와 EBGP 설정, as-override
set routing-instances VPN-A protocols bgp group my-ext-group type external 
set routing-instances VPN-A protocols bgp group my-ext-group peer-as 65101
set routing-instances VPN-A protocols bgp group my-ext-group as-override
set routing-instances VPN-A protocols bgp group my-ext-group neighbor 10.0.11.2

set routing-options router-id 192.168.1.3
set routing-options autonomous-system 65512
set protocols ldp interface ge-0/0/3.0
set protocols ldp interface lo0.0

# PE와 BGP 설정
set protocols bgp group PE-PE type internal
set protocols bgp group PE-PE local-address 192.168.1.3
set protocols bgp group PE-PE family inet unicast
set protocols bgp group PE-PE family inet-vpn unicast
set protocols bgp group PE-PE local-as 65512
set protocols bgp group PE-PE neighbor 192.168.1.1

set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols ospf area 0.0.0.0 interface ge-0/0/3.0 interface-type p2p
set protocols mpls interface lo0.0
set protocols mpls interface ge-0/0/3.0

P config

root@P# show | display set
set version 20190319.203446_builder.r1013243
set system root-authentication encrypted-password "$6$AMdZ8SMO$4Qo31czcjEstpN25WVnn49m14QV6JbkDR"
set system host-name P
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set chassis network-services ip
set interfaces ge-0/0/2 unit 0 family inet address 172.22.210.2/24
set interfaces ge-0/0/2 unit 0 family mpls
set interfaces ge-0/0/4 unit 0 family inet address 172.22.212.2/24
set interfaces ge-0/0/4 unit 0 family mpls
set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM606ED66EC5
set interfaces lo0 unit 0 family inet address 192.168.1.2/32
set routing-options router-id 192.168.1.2
set routing-options autonomous-system 65512

set protocols ldp interface ge-0/0/2.0
set protocols ldp interface ge-0/0/4.0
set protocols ldp interface lo0.0

set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols ospf area 0.0.0.0 interface ge-0/0/2.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/4.0 interface-type p2p

set protocols mpls interface lo0.0
set protocols mpls interface ge-0/0/2.0
set protocols mpls interface ge-0/0/4.0

 

728x90

vMX image :  vmxvfp-19.1R1.6-domestic-VFP , vmxvcp-19.1R1.6-domestic-VCP

EVE-NG :  version  2.0.3-110

 

R1 config

더보기

root@R1# show | display set 
set version 20190319.203446_builder.r1013243
set system root-authentication encrypted-password 
set system host-name R1
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set chassis network-services enhanced-ip
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.2/31
set interfaces ge-0/0/0 unit 0 family mpls
set interfaces ge-0/0/1 unit 0 family inet address 172.16.1.0/31
set interfaces ge-0/0/1 unit 0 family mpls
set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM60596C81C4
set interfaces lo0 unit 0 family inet address 192.168.100.1/32
set routing-options router-id 192.168.100.1
set protocols bgp group R1-R7 type internal
set protocols bgp group R1-R7 local-address 192.168.100.1
set protocols bgp group R1-R7 local-as 65001
set protocols bgp group R1-R7 neighbor 192.168.100.7
set protocols ospf source-packet-routing node-segment ipv4-index 1001
set protocols ospf source-packet-routing srgb start-label 800000
set protocols ospf source-packet-routing srgb index-range 4000
set protocols ospf area 0.0.0.0 interface fxp0.0 disable
set protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/1.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols mpls interface fxp0.0 disable
set protocols mpls interface ge-0/0/0.0 
set protocols mpls interface ge-0/0/1.0

R2 config

더보기

root@R2# show | display set 
set version 20190319.203446_builder.r1013243
set system root-authentication encrypted-password 
set system host-name R2
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set chassis network-services enhanced-ip
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.1/31
set interfaces ge-0/0/0 unit 0 family mpls
set interfaces ge-0/0/1 unit 0 family inet address 172.16.1.6/31
set interfaces ge-0/0/1 unit 0 family mpls
set interfaces ge-0/0/2 unit 0 family inet address 172.16.1.4/31
set interfaces ge-0/0/2 unit 0 family mpls
set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM60596CD12F
set interfaces lo0 unit 0 family inet address 192.168.100.2/32
set routing-options router-id 192.168.100.2
set protocols ospf source-packet-routing node-segment ipv4-index 1002
set protocols ospf source-packet-routing srgb start-label 800000
set protocols ospf source-packet-routing srgb index-range 4000
set protocols ospf area 0.0.0.0 interface fxp0.0 disable
set protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/1.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/2.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols mpls interface fxp0.0 disable
set protocols mpls interface ge-0/0/0.0
set protocols mpls interface ge-0/0/1.0
set protocols mpls interface ge-0/0/2.0

R3 config

더보기

root@R3# show | display set 
set version 20190319.203446_builder.r1013243
set system root-authentication encrypted-password 
set system host-name R3
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set chassis network-services enhanced-ip
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.3/31
set interfaces ge-0/0/0 unit 0 family mpls
set interfaces ge-0/0/1 unit 0 family inet address 172.16.1.10/31
set interfaces ge-0/0/1 unit 0 family mpls
set interfaces ge-0/0/2 unit 0 family inet address 172.16.1.8/31
set interfaces ge-0/0/2 unit 0 family mpls
set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM60596CDE48
set interfaces lo0 unit 0 family inet address 192.168.100.3/32
set routing-options router-id 192.168.100.3
set protocols ospf source-packet-routing node-segment ipv4-index 1003
set protocols ospf source-packet-routing srgb start-label 800000
set protocols ospf source-packet-routing srgb index-range 4000
set protocols ospf area 0.0.0.0 interface fxp0.0 disable
set protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/1.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/2.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols mpls interface fxp0.0 disable
set protocols mpls interface ge-0/0/0.0
set protocols mpls interface ge-0/0/1.0
set protocols mpls interface ge-0/0/2.0

R4 config

더보기

root@R4# show | display set 
set version 20190319.203446_builder.r1013243
set system root-authentication encrypted-password 
set system host-name R4
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set chassis network-services enhanced-ip
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.9/31
set interfaces ge-0/0/0 unit 0 family mpls
set interfaces ge-0/0/1 unit 0 family inet address 172.16.1.7/31
set interfaces ge-0/0/1 unit 0 family mpls
set interfaces ge-0/0/2 unit 0 family inet address 172.16.1.14/31
set interfaces ge-0/0/2 unit 0 family mpls
set interfaces ge-0/0/3 unit 0 family inet address 172.16.1.12/31
set interfaces ge-0/0/3 unit 0 family mpls
set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM60596C8DDF
set interfaces lo0 unit 0 family inet address 192.168.100.4/32
set routing-options router-id 192.168.100.4
set protocols ospf source-packet-routing node-segment ipv4-index 1004
set protocols ospf source-packet-routing srgb start-label 800000
set protocols ospf source-packet-routing srgb index-range 4000
set protocols ospf area 0.0.0.0 interface fxp0.0 disable
set protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/1.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/2.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/3.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols mpls interface fxp0.0 disable
set protocols mpls interface ge-0/0/0.0
set protocols mpls interface ge-0/0/1.0
set protocols mpls interface ge-0/0/2.0
set protocols mpls interface ge-0/0/3.0

R5 config

더보기

root@R5# show | display set 
set version 20190319.203446_builder.r1013243
set system root-authentication encrypted-password 
set system host-name R5
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set chassis network-services enhanced-ip
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.5/31
set interfaces ge-0/0/0 unit 0 family mpls
set interfaces ge-0/0/1 unit 0 family inet address 172.16.1.13/31
set interfaces ge-0/0/1 unit 0 family mpls
set interfaces ge-0/0/2 unit 0 family inet address 172.16.1.16/31
set interfaces ge-0/0/2 unit 0 family mpls
set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM60596CBE1B
set interfaces lo0 unit 0 family inet address 192.168.100.5/32
set routing-options router-id 192.168.100.5
set protocols ospf source-packet-routing node-segment ipv4-index 1005
set protocols ospf source-packet-routing srgb start-label 800000
set protocols ospf source-packet-routing srgb index-range 4000
set protocols ospf area 0.0.0.0 interface fxp0.0 disable
set protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/1.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/2.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols mpls interface fxp0.0 disable
set protocols mpls interface ge-0/0/0.0
set protocols mpls interface ge-0/0/1.0
set protocols mpls interface ge-0/0/2.0

R6 config

더보기

root@R6# show | display set 
set version 20190319.203446_builder.r1013243
set system root-authentication encrypted-password 
set system host-name R6
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set chassis network-services enhanced-ip
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.11/31
set interfaces ge-0/0/0 unit 0 family mpls
set interfaces ge-0/0/1 unit 0 family inet address 172.16.1.15/31
set interfaces ge-0/0/1 unit 0 family mpls
set interfaces ge-0/0/2 unit 0 family inet address 172.16.1.18/31
set interfaces ge-0/0/2 unit 0 family mpls
set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM60596CBDDF
set interfaces lo0 unit 0 family inet address 192.168.100.6/32
set routing-options router-id 192.168.100.6
set protocols ospf source-packet-routing node-segment ipv4-index 1006
set protocols ospf source-packet-routing srgb start-label 800000
set protocols ospf source-packet-routing srgb index-range 4000
set protocols ospf area 0.0.0.0 interface fxp0.0 disable
set protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/1.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/2.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/3.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols mpls interface fxp0.0 disable
set protocols mpls interface ge-0/0/0.0
set protocols mpls interface ge-0/0/1.0
set protocols mpls interface ge-0/0/2.0

R7 config

더보기

root@R7# show | display set 
set version 20190319.203446_builder.r1013243
set system root-authentication encrypted-password
set system host-name R7
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set chassis network-services enhanced-ip
set interfaces ge-0/0/0 unit 0 family inet address 172.16.1.19/31
set interfaces ge-0/0/0 unit 0 family mpls
set interfaces ge-0/0/1 unit 0 family inet address 172.16.1.17/31
set interfaces ge-0/0/1 unit 0 family mpls
set interfaces ge-0/0/5 unit 0 family inet address 10.0.2.1/24
set interfaces ge-0/0/6 unit 0 family inet address 10.0.1.1/24
set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM60596CB7F8
set interfaces lo0 unit 0 family inet address 192.168.100.7/32
set policy-options policy-statement BGP-direct term 10 from protocol direct
set policy-options policy-statement BGP-direct term 10 from route-filter 10.0.0.0/8 orlonger
set policy-options policy-statement BGP-direct term 10 then next-hop self
set policy-options policy-statement BGP-direct term 10 then accept
set policy-options policy-statement BGP-direct term 20 then reject
set routing-options router-id 192.168.100.7    
set protocols bgp group R1-R7 type internal
set protocols bgp group R1-R7 local-address 192.168.100.7
set protocols bgp group R1-R7 export BGP-direct
set protocols bgp group R1-R7 local-as 65001
set protocols bgp group R1-R7 neighbor 192.168.100.1
set protocols ospf source-packet-routing node-segment ipv4-index 1007
set protocols ospf source-packet-routing srgb start-label 800000
set protocols ospf source-packet-routing srgb index-range 4000
set protocols ospf area 0.0.0.0 interface fxp0.0 disable
set protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/1.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols mpls interface fxp0.0 disable
set protocols mpls interface ge-0/0/0.0 
set protocols mpls interface ge-0/0/1.0

 -R7 로컬 광고를 위한 policy 적용.

 

set chassis network-services enhanced-ip 설정하고 리부팅 필요.  설정 안하면  commit error 발생.

Segment Routing config

set protocols ospf source-packet-routing node-segment ipv4-index 100x  ------ node segment 레이블 설정
set protocols ospf source-packet-routing srgb start-label 800000  -------------------------- 시작 레이블 설정
set protocols ospf source-packet-routing srgb index-range 4000  --------------------------- 인덱스 범위 설정

 

show ospf neighbor 및 show route summary 명령을 사용하여 OSPF가 제대로 작동하고, 레이블이 있는 OSPF (L-OSPF) 경로가 광고되는지 확인.

inet.3 에  L-OSPF 경로 확인.

inet.3 테이블에 다른 Router loopback 주소가 있으므로 BGP next hop recursive route lookup에  사용가능.

동일한 label 로 swap함. 경로에 있는 모든 라우터가 동일 레이블로 swap한다.

R7 에서 광고받은 경로(10.0.1.0/24)의 protocol next hop 이 192.168.100.7이고 inet.3 테이블 확인.

경로확인 R1 - R2 - R5 - R7

 

R1에서 TE 설정 ( 경로 R1 - R3 - R4 - R5 -R7 )

root@R1# show protocols source-packet-routing | display set 
set protocols source-packet-routing segment-list R7-Primary hop1 ip-address 172.16.1.3
set protocols source-packet-routing segment-list R7-Primary hop2 label 801004
set protocols source-packet-routing segment-list R7-Primary hop3 label 801005
set protocols source-packet-routing segment-list R7-Primary hop4 label 801007

set protocols source-packet-routing source-routing-path Path-to-R7 to 192.168.100.7
set protocols source-packet-routing source-routing-path Path-to-R7 primary R7-Primary

 - 172.16.1.3 은 direct connected neighbor IP

inet.3 에서  label stack 확인가능.

경로확인 R1 - R3 - R4 - R5 - R7

728x90

위와 같은 웹로그인 화면에서 아무리 로그인 시도를 해도 반응이 없을때 

아래 3가지 방법을 시도해보세요

  1. eve-ng 콘솔 또는 ssh 접속후 아래 명령어 입력하여 권한수정

    root@eve-ng:~# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
  2. "df -h"를 사용하여 기존 HDD 용량을 확인하고. 가득 차면 VM Ware에서 새 SCSI 카드 드라이브를 만들어 HDD를 추가

  3. eve-ng 콘솔 또는 ssh 접속후 아래 명령어 입력하여 SQL 데이터페이스를 수정

    root@eve-ng:~# /opt/unetlab/wrappers/unl_wrapper -a restoredb

728x90

- Topology

[R3]-ge-0/0/2--------------ge-0/0/2-[R1]

- OSFP 네이버 ExStart 상태
root@R3# run show ospf neighbor
R3# run show ospf neighbor 
Address          Interface              State     ID               Pri  Dead
10.10.13.1       ge-0/0/2.0             ExStart   1.1.1.1          128    37

ExStart : database sync 중인 상태.  FULL 상태가 아님.

- 트러블슈팅을 위한 traceoption 설정 ( cisco debug command 와 동일하다고 보면됨)

root@R1# set protocols ospf traceoptions file ospf.log
root@R1# set protocols ospf traceoptions flag error detail
root@R1# commit

- OSFP 로그 확인

root@R1# run show log ospf.log
Nov 18 07:06:06.275796 OSPF packet ignored: MTU mismatch from 10.10.13.3 on intf ge-0/0/2.0 area 0.0.0.0
Nov 18 07:06:10.310038 OSPF packet ignored: MTU mismatch from 10.10.13.3 on intf ge-0/0/2.0 area 0.0.0.0
Nov 18 07:06:14.389599 OSPF packet ignored: MTU mismatch from 10.10.13.3 on intf ge-0/0/2.0 area 0.0.0.0
Nov 18 07:06:19.429346 OSPF packet ignored: MTU mismatch from 10.10.13.3 on intf ge-0/0/2.0 area 0.0.0.0    

> MTU mismatch 확인

-라우터 설정 확인

root@R3# show protocols ospf | display set
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols ospf area 0.0.0.0 interface ge-0/0/2.0 interface-type p2p

root@R3# show interfaces ge-0/0/2 | display set 
set interfaces ge-0/0/2 mtu 9000
set interfaces ge-0/0/2 unit 0 family inet address 10.10.13.3/24

root@R1# show protocols ospf | display set
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p
set protocols ospf traceoptions file ospf.log
set protocols ospf traceoptions flag error detail

root@R1# show interfaces ge-0/0/2 | display set    
set interfaces ge-0/0/2 unit 0 family inet address 10.10.13.1/24

R1 ge-0/0/2 MTU : 1500 ( default )
R3 ge-0/0/2 MTU : 9000

- R3 ge-0/0/2 MTU 수정 ( 9000 -> 1500 )

root@R3# delete interfaces ge-0/0/2 mtu 

- 수정 후 OSPF neighbor 확인

@R3# run show ospf neighbor 
Address          Interface              State     ID               Pri  Dead
10.10.13.1       ge-0/0/2.0             Full      1.1.1.1          128    37

 

 

728x90

- Topology

[R3]-ge-0/0/2--------------ge-0/0/2-[R1]

- OSFP 네이버가 맺어지지 않는 상태
root@R3# run show ospf neighbor
--- 네이버 없음 --

- 트러블슈팅을 위한 traceoption 설정 ( cisco debug command 와 동일하다고 보면됨)

root@R1# set protocols ospf traceoptions file ospf.log
root@R1# set protocols ospf traceoptions flag error detail
root@R1# commit

- OSFP 로그 확인

root@R1# run show log ospf.log
Nov 18 06:30:41 trace_on: Tracing to "/var/log/ospf.log" started
Nov 18 06:30:42 OSPF packet ignored: area mismatch (0.0.0.1) from 10.10.13.3 on intf ge-0/0/2.0 area 0.0.0.0
Nov 18 06:30:42 OSPF rcvd Hello 10.10.13.3 -> 224.0.0.5 (ge-0/0/2.0 IFL 335 area 0.0.0.0)
Nov 18 06:30:42 Version 2, length 44, ID 3.3.3.3, area 0.0.0.1
Nov 18 06:30:42 checksum 0xe618, authtype 0
Nov 18 06:30:42 mask 255.255.255.0, hello_ivl 10, opts 0x12, prio 128
Nov 18 06:30:42 dead_ivl 40, DR 0.0.0.0, BDR 0.0.0.0
-> area mismatch 확인

-라우터 설정 확인

root@R3# show protocols ospf | display set
set protocols ospf area 0.0.0.1 interface lo0.0 passive
set protocols ospf area 0.0.0.1 interface ge-0/0/1.0 interface-type p2p
set protocols ospf area 0.0.0.1 interface ge-0/0/6.0 interface-type p2p
set protocols ospf area 0.0.0.1 interface ge-0/0/2.0 interface-type p2p

root@R1# show protocols ospf | display set
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/2.0 interface-type p2p
set protocols ospf traceoptions file ospf.log
set protocols ospf traceoptions flag error detail

R1 OSPF area : 0.0.0.0 = 0
R3 OSPF area : 0.0.0.1 = 1

- R3 OSPF area 수정 (0.0.0.1 -> 0.0.0.0 )

root@R3# rename protocols ospf area 1 to area 0

- 수정 후 OSPF neighbor 확인

root@R3# run show ospf neighbor
Address      Interface      State    ID        Pri    Dead
10.10.13.1    ge-0/0/2.0   Full      1.1.1.1   128   39

 

 

 

 

728x90

 

--Service Provider sytple--

set interfaces ge-0/0/0 vlan-tagging
set interfaces ge-0/0/0 encapsulation extended-vlan-bridge
set interfaces ge-0/0/0 unit 100 vlan-id 100
set interfaces ge-0/0/0 unit 200 vlan-id 200


set interfaces ge-0/0/2 vlan-tagging
set interfaces ge-0/0/2 encapsulation extended-vlan-bridge
set interfaces ge-0/0/2 unit 100 vlan-id 100
set interfaces ge-0/0/2 unit 200 vlan-id 200

 

set interfaces irb unit 100 family inet address 10.10.10.1/24
set interfaces irb unit 200 family inet address 20.20.20.1/24


set routing-options router-id 1.1.1.1
set protocols ospf area 0.0.0.0 interface irb.100 passive
set protocols ospf area 0.0.0.0 interface ge-0/0/1.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface irb.200 passive

set interfaces ge-0/0/1 unit 0 family inet address 79.79.79.9/24 


set bridge-domains v100 vlan-id 100     
set bridge-domains v100 interface ge-0/0/0.100
set bridge-domains v100 interface ge-0/0/2.100
set bridge-domains v100 routing-interface irb.100


set bridge-domains v200 vlan-id 200
set bridge-domains v200 interface ge-0/0/0.200
set bridge-domains v200 interface ge-0/0/2.200
set bridge-domains v200 routing-interface irb.200

root@R9# run show bridge domain 

Routing instance        Bridge domain            VLAN ID     Interfaces
default-switch          v100                     100      
                                                             ge-0/0/0.100
                                                             ge-0/0/2.100
default-switch          v200                     200      
                                                             ge-0/0/0.200
                                                             ge-0/0/2.200

--Enterprise sytple--


set interfaces ge-0/0/0 unit 0 family bridge interface-mode trunk
set interfaces ge-0/0/0 unit 0 family bridge vlan-id-list 100
set interfaces ge-0/0/0 unit 0 family bridge vlan-id-list 200

set interfaces ge-0/0/2 unit 0 family bridge interface-mode trunk
set interfaces ge-0/0/2 unit 0 family bridge vlan-id-list 100
set interfaces ge-0/0/2 unit 0 family bridge vlan-id-list 200


set interfaces irb unit 100 family inet address 10.10.10.1/24
set interfaces irb unit 200 family inet address 20.20.20.1/24


set routing-options router-id 1.1.1.1
set protocols ospf area 0.0.0.0 interface irb.100 passive
set protocols ospf area 0.0.0.0 interface ge-0/0/1.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface irb.200 passive

set interfaces ge-0/0/1 unit 0 family inet address 79.79.79.9/24 

 

set bridge-domains v100 vlan-id 100
set bridge-domains v100 routing-interface irb.100
set bridge-domains v200 vlan-id 200     
set bridge-domains v200 routing-interface irb.200
                                        
root@R9# run show bridge domain    

Routing instance        Bridge domain            VLAN ID     Interfaces
default-switch          v100                     100      
                                                             ge-0/0/0.0
                                                             ge-0/0/2.0
default-switch          v200                     200      
                                                             ge-0/0/0.0
                                                             ge-0/0/2.0

+ Recent posts