Stub/totally stub/nssa/totally nssa

Stub area: LSA type 1/2/3 are allowed, LSA type 4/5/7 are not allowed, no ASBR is allowed default route is injected automatically when stub area is configured on ABR

Totally stub area: LSA type 1/2 are allowed,,a default route is injected automatically, this default route is an only allowed type 3 LSA. LSA type 4/5/7 are not allowed.

Not so stub area: LSA type 1/2/3/7 is allowed, LSA type 4/5 are not allowed, ASBR is allowed. default route need to be configured manually with command: area <area id> nssa default-information originate. This default route will be advertisized as LSA type 7

Totally Not So Stub area: LSA type 3/4/5 is not allowed, LSA type 1/2/7 allowed. default route need to be configured manually with command: area <area id> nssa default-information originate. This default route will be advertisized as LSA type 7

Advertisements

When OSPF do recalculation

1, When there is update of LSA type 1 and type 2, recalculation will be done for the entire routing table,  started with shortest path calculation for each area. not just in the area that link state database has changed.

2, When there is update of LSA type 3, network summary, the recalculation will be done partially. Specially, the destination described in the network summary LSA will be recalculated, if the destination is ABR, it may also need to re-examine all external LSA types.

3, When there is update of LSA type 5 or 7, the destination described in the external LSA will be recalculated.

default-information originate in different routing protocols

RIP

To generate a default route into Routing Information Protocol (RIP), use the default-informationoriginate command in router configuration mode. To disable this feature, use the no form of this command.

Example:

router rip 
 version 2
 network 172.17.16.0
 default-information originate route-map condition
!
route-map condition permit 10
 match ip address 10
 set interface s1/0
!
access-list 10 permit 172.17.16.0 0.0.255.255
setinterface Indicates where to forward packets that pass a match clause of a route map for policy routing.

OSPF:

Default routes injected into a normal area can be originated by any OSPF router. The OSPF router does not, by default, generate a default route into the OSPF domain. In order for OSPF to generate a default route, you must use the default-information originate command.

There are two ways to advertise a default route into a normal area. The first is to advertise 0.0.0.0 into the OSPF domain, provided the advertising router already has a default route. The second is to advertise 0.0.0.0 regardless of whether the advertising router already has a default route. The second method can be accomplished by adding the keyword always to the default-information originate command.

Example:

router ospf 2
 network 5.0.0.0 0.255.255.255 area 1
 network 6.0.0.0 0.255.255.255 area 0
 default-information originate
ip route 0.0.0.0 0.0.0.0 6.0.0.3

Because it has a default route, Router originates a type 5 LSA with a link ID of 0.0.0.0. This is the result of the default-information originate command in its OSPF configuration.You can also add the always keyword to the default-information originate command to make a router originate a 0.0.0.0 type 5 LSA even if the router does not have a default route in its routing table.

BGP:

refer to item 6 in

https://yingsnotebook.wordpress.com/2017/03/29/bgp-network-summary-ii/

The default-information originate, redistribution from a different source, and network 0.0.0.0 are all similar in the resulting effect: they will inject the default route into BGP RIB and it will be advertised to all BGP neighbors. The difference is in the origin of the default route that is injected into BGP:

  • default-information originate causes the default route to be artificially generated and injected into the BGP RIB, regardlessly of whether it is present in the routing table.
  • Redistribution and network 0.0.0.0 will inject the default route into BGP only if the default route is currently present in the routing table, and additionally in the case of redistribution, if learned by a specific source protocol we are redistributing from.

The neighbor X.X.X.X default-originate is different in that the default route will be advertised only to this specific BGP neighbor and not to all existing BGP neighbors as with the previous approaches. The default route will not be present in the BGP RIB of the router that is configured with the neighbor X.X.X.X default-originate command and so it won’t be generally advertised to all BGP neighbors. At the same time, this command is similar to the default-information originate in that the default route is artificially generated and does not need to be present in the routing table.

Network summary route in different routing protocols

network summary route in different routing protocol

RIP:

  • auto summary: summary subnets into classful net route
  • ip summary-address: Automatic summary addressing always summarizes to the classful address boundary, while the ip summary-address router configuration command summarizes addresses on a specified interface.
    interface Ethernet1
    ip address 10.1.1.1 255.255.255.0
    ip summary-address rip 10.2.0.0 255.255.0.0
    no ip split-horizon
  • Automatic summary will override the configured summary address feature on a given interface except when both of the following conditions are true:
    •The configured interface summary address and the IP address of the configured interface share the same major network (the classful, nonsubnetted portion of the IP address).
    •Split horizon is not enabled on the interface.

OSPF:
OSPF is link state routing protocol that works on the concept of areas. All areas must have same LSDB (link state database); hence OSPF summarization can only done on the border routers i.e. on ABR (Area border router) and ASBR (Autonomous system boundary router).

  • Inter Area route summarization:
    To summarize routes towards another area, in ABR we can use the following command:
    area [area-id] range [ ip-address ] [mask ] [advertise | not-advertise |cost {cost}]
    It will remove subnets routes from advertising to other area but a summarized route.
  • External route summarization.
    Use the following command to help reduce the size of the routing table and allow an OSPF Autonomous System Boundary Router (ASBR) to advertise one external route as an aggregate for all redistributed routes that are covered by the address.
    summary-address network netmask

BGP:
network summary of BGP can be found here
https://yingsnotebook.wordpress.com/2017/03/27/bgp-network-summary/

BGP network summary II

  1. When generate summarized route, if AS_PATH in all subnets routes are the same, the summarized route will keep the same AS_PATH,
    if subnet routes have different AS_PATH, in generated summarized route AS_PATH will be set as noll.
    In order to keep AS_PATH track in summarized route, AS_SET option can be used in the command:
    aggregate-address 160.0.0.0 255.0.0.0 summary-only as-set
  2. BGP will select the best route to advertise to the peer. it follows the best route selection policy here:
    Local preference > AS_PATH > lowest Orignal code >the lowest multi-exit discriminator > eBGP route over iBGP > IGP metric to the BGP next hop > lowest router ID.

    First of all, routes need to be the valid route before it is qualified to best route selection. A valid route means that Router has route path towards the ip of NEXT_HOP

  3. eBGP will update NEXT_HOP will advertise the route to the peer, but iBGP will keep NEXT_HOP unchange. NEXT_HOP can be modified with command
    neighbor 170.10.20.1 next-hop-self
  4. Back door, if network 160.10.0.0 is learned from both eBGP and OSPF, since eBGP has lower AD, route learned from eBGP will be selected. This is not alway prefered. In that case,we can set backdoor as below
    network 160.10.0.0 backdoor

    Network 160.10.0.0 is treated as a local entry, but is not advertised as a normal network entry.  After this, 160.10.0.0 will use the route learned from OSPF instead of eBGP.

  5. synchronization is enabled by default in order to avoid blackhole in the network.
    it pretends a learned routes from being advertised to other peers if the same route cannot be learned from IGP route.
    There are 2 ways to solve blackhole problem:
    1, synchronization and redistribute all eBGP learned route into IGP route. While synchronizaton pretends a learned routes from being advertised to other peers if the same route cannot be learned from IGP route.
    2, configure iBGP on each router of the network and all iBGP routers build a full mesh peer network.
    This will bring high performance load if the network is too big and each router need run iBGP to maintain a big routing table. This problem is addressed by two ways: Confederation and reflectors.
  6.  Default route

The default-information originate, redistribution from a different source, and network 0.0.0.0 are all similar in the resulting effect: they will inject the default route into BGP RIB and it will be advertised to all BGP neighbors. The difference is in the origin of the default route that is injected into BGP:

  • default-information originate causes the default route to be artificially generated and injected into the BGP RIB, regardlessly of whether it is present in the routing table.
  • Redistribution and network 0.0.0.0 will inject the default route into BGP only if the default route is currently present in the routing table, and additionally in the case of redistribution, if learned by a specific source protocol we are redistributing from.

The neighbor X.X.X.X default-originate is different in that the default route will be advertised only to this specific BGP neighbor and not to all existing BGP neighbors as with the previous approaches. The default route will not be present in the BGP RIB of the router that is configured with the neighbor X.X.X.X default-originate command and so it won’t be generally advertised to all BGP neighbors. At the same time, this command is similar to the default-information originate in that the default route is artificially generated and does not need to be present in the routing table.

BGP network summary

When auto summary enabled:

  •  route advitised by network command, both summarized route and subnet route will be advitised
    1, network command without net mask will be regarded as classified network, summariezed network route will be generated and send to peer,will be matched when there is a subnet route entry in the routing table.
    2, network command with net mask will be matched when there is a subnet route entry in the routing table.
  •  route advertised by redistribute, only summarized route will be advitised. no subnet route entry.

When auto summary disabled:

  • network command with net mask configured need to be used to match route entry in routing table, matching will be precisely for both prefix and network. Only the route that precisely matchs the network command will be advertised
  • redistribute route will following the same rule as network command

Use aggregate command to manually generate a summary net route:

Aggregate command can be used to manually advertise a summary net, when there is ‘summary-only’ configured, then only the summarized net route will be advertised, not any subnet route. But in order to be able to generate aggregate-address, there must be at least one subnet route available in the routing table.

  aggregate-address xx.0.0.0 255.0.0.0 summary-only

MAC address learning problem in Juniper EX switch

Juniper EX switche has one port configured as trunked ports, when there are too many mac address learned from that port,
some of mac address may failed to be learned by the port. This is due to hash index collision that can be fixed by changing the value
of mac-lookup-length

In case you are encoutering the problem that
1, eth port of the host failed to work, and that host is connecting to a switch trunk port via hub/vmware platform,
2, switch port is showing up/up
3, switch port has learned massive mac address from that port, and a lot of learned mac addresses from different vlans are exactly identical

You should consider this may be hash index collision problem that has been reported by Juniper as PR842439. ”

For EX3200, EX4200, EX4500, EX4550, EX6200 and EX8200 Series switches, hash index collisions were causing problems with the learning of MAC addresses in the forwarding database (FDB). You can now increase the maximum number of searchable hash indexes in increments of 4, from 4 to a maximum of 32 entries, using the CLI command "set ethernet-switching-options mac-lookup-length".

By checking it, you may use command
> show system statistics bridge | match “learning failures”
the real problems occur in a repeated Learn log followed immediately by a Deleted log in the mac-learning log:
> show ethernet-switching mac-learning-log

Solution is indicated as the link below:
https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/mac-lookup-length-edit-ethernet-switching-options.html

To summarize:
change mac-lookup-length to a number (8 or 12) higher than default 4