Tag Archives: JN0-343

Notas estudo JNCIS-ENT parte 17

Nota: Este Post faz parte do guide de Routing.

[email protected]# run show isis interface
IS-IS interface database:
Interface L CirID Level 1 DR Level 2 DR L1/L2 Metric
em0.0 3 0x2 R2.00 R2.02 1000/10
em1.0 3 0x3 R2.03 R2.00 10/10
lo0.0 0 0x1 Passive Passive 0/0

Campos do output do comando show isis interface:
interface-name (detail output only) – Displays the name of the interface;
Index (detail output only) – Displays the interface index assigned by the junOS OS kernel;
State (detail output only) – Displays the internal implementation information;
Circuit ID (detail output only) – Displays the circuit identifier;
Circuit type (detail output only) – Displays the circuit type, which can be 1 —Level 1 only, 2 —Level 2 only, or 3 — Level 1 and Level 2;
LSP interval (detail output only) – Displays the interface’s link-state PDU interval;
Sysid (detail output only) – Displays the system identifier;
Interface (brief output only) – Displays the interface through which the adjacency is made.
Level 1 DR/Level 2 DR (brief output only) – Displays the Level 1 or Level 2 DIS;
L1/L2 Metric: Displays the interface’s metric for Level 1 and Level 2. If no information is present, the metric is 0;
Adjacencies (detail output only) – Displays the number of adjacencies established on the interface;
Priority (detail output only) – Displays the priority value for this interface;
Metric (detail output only) – Displays the metric value for this interface;
Hello(s) (detail output only) – Displays the interface’s hello interval; and
Hold(s) (detail output only) – Displays the interface’s hold time.

[email protected]# run show isis database
IS-IS level 1 link-state database:
LSP ID Sequence Checksum Lifetime Attributes
R1.00-00 0x1d 0xc00e 737 L1
R2.00-00 0x1a 0x1c02 341 L1 L2 Attached
R2.03-00 0x13 0x225d 341 L1 L2
3 LSPs

IS-IS level 2 link-state database:
LSP ID Sequence Checksum Lifetime Attributes
R1.00-00 0x5 0xa4c4 699 L1 L2
R2.00-00 0x21 0x6045 761 L1 L2
R2.02-00 0x16 0x4b30 341 L1 L2
R2.03-00 0x3 0 0 L1 L2
R3.00-00 0x1b 0x5e41 1013 L1 L2
5 LSPs

Campos do output do comando show isis database:
LSP ID – Displays the link-state PDU identifier;
Sequence – Displays the sequence number of the link-state PDU;
Checksum – Displays the checksum value of the link-state PDU;
Lifetime (secs) – Displays the remaining lifetime of the link-state PDU, in seconds;
IP prefix (detail and extensive output only) – Displays the prefix advertised by the link-state PDU;
IS neighbor (detail output only) – Displays an IS-IS neighbor of the advertising system; and
Metric (detail and extensive output only) – Displays the metric of the prefix or neighbor.

[email protected]# run show isis adjacency
Interface System L State Hold (secs) SNPA
em0.0 R3 2 Up 23 0:ab:44:8:f8:0
em1.0 R1 1 Up 25 0:ab:ae:99:e3:0

Interface – Displays the interface through wh ich the neighbor is reachable.
System (brief output only) – Displays the system identifier, printed as a name if possible.
L – Displays the level, which can be 1 —Level 1 only; 2 —Level 2 only;
or 3 —Level 1 and Level 2. An exclamation point ( ! ) preceding the level number indicates that the adjacency is missing an IP address.
State – Displays the state of the adjacency. It can be Up, Down, New , One-way, Initializing, or Rejected .
Hold (secs) (brief/standard output only) – Displays the remaining hold time of the adjacency. Note that the show isis adjacency command returns brief output by default.
SNPA (brief output only) – Displays the SNPA (MAC address of the next hop).

[email protected]# run show isis adjacency detail
R3
Interface: em0.0, Level: 2, State: Up, Expires in 24 secs
Priority: 64, Up/Down transitions: 1, Last transition: 00:14:29 ago
Circuit type: 3, Speaks: IP, IPv6, MAC address: 0:ab:44:8:f8:0
Topologies: Unicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R2.02, IP addresses: 10.1.23.3

R1
Interface: em1.0, Level: 1, State: Up, Expires in 26 secs
Priority: 64, Up/Down transitions: 3, Last transition: 03:04:35 ago
Circuit type: 3, Speaks: IP, IPv6, MAC address: 0:ab:ae:99:e3:0
Topologies: Unicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R2.03, IP addresses: 10.1.12.1

Campos do output do comando show isis adjacency detail:
Expires in (detail output only): Displays the time until the adjacency expires, in seconds;
Priority (detail output only): Displays the priority to become the DIS;
Up/Down transitions (detail output only): Displays the count of adjacency status changes from up to down or from down to up;
Last transition (detail output only): Displays the time of the last up or down transition;
Circuit type (detail output only): Displays the bit mask of levels on this interface, which can be 1 —Level 1 router, 2 —Level 2 router, or 1/2 —both Level 1 and Level 2 routers;
Speaks (detail output only): Displays the protocols supported by the neighbor; and
IP addresses (detail output only): Displays the IP address of the neighbor.

[email protected]# run show isis spf log
IS-IS level 1 SPF log:
Start time Elapsed (secs) Count Reason
Fri Jul 25 19:01:08 0.000200 3 Lost adjacency R3 on em0.0
Fri Jul 25 19:01:16 0.000189 2 Multi area attachment change
Fri Jul 25 19:15:55 0.000791 1 Periodic SPF
Fri Jul 25 19:19:08 0.000194 1 Updated LSP R3.00-00
Fri Jul 25 19:33:52 0.000201 1 Periodic SPF
Fri Jul 25 19:46:27 0.000353 1 Periodic SPF
Fri Jul 25 19:58:41 0.000201 1 Periodic SPF
Fri Jul 25 20:12:13 0.000216 1 Periodic SPF
Fri Jul 25 20:24:59 0.000187 1 Periodic SPF
Fri Jul 25 20:36:44 0.000276 1 Periodic SPF
Fri Jul 25 20:49:43 0.000207 1 Periodic SPF
Fri Jul 25 21:03:50 0.000207 1 Periodic SPF
Fri Jul 25 21:15:21 0.000252 1 Periodic SPF
Fri Jul 25 21:25:16 0.000215 1 Updated LSP R1.00-00
Fri Jul 25 21:25:26 0.000209 1 Updated LSP R1.00-00
Fri Jul 25 21:25:30 0.000123 1 Updated LSP R1.00-00
Fri Jul 25 21:25:41 0.000222 1 Updated LSP R1.00-00
Fri Jul 25 21:31:15 0.000191 3 Multi area attachment change
Fri Jul 25 21:32:21 0.000180 3 Multi area attachment change
Fri Jul 25 21:38:59 0.000193 1 Updated LSP R1.00-00

IS-IS level 2 SPF log:
Start time Elapsed (secs) Count Reason
Fri Jul 25 18:55:55 0.000060 1 Updated LSP R2.00-00
Fri Jul 25 19:01:08 0.000126 7 Lost adjacency R3 on em0.0
Fri Jul 25 19:01:09 0.000174 2 Updated LSP R2.00-00
Fri Jul 25 19:01:16 0.000388 1 Updated LSP R3.00-00
Fri Jul 25 19:13:30 0.000202 1 Periodic SPF
Fri Jul 25 19:26:28 0.000536 1 Periodic SPF
Fri Jul 25 19:38:54 0.000185 1 Periodic SPF
Fri Jul 25 19:52:54 0.000195 1 Periodic SPF
Fri Jul 25 20:07:49 0.000206 1 Periodic SPF
Fri Jul 25 20:19:58 0.000199 1 Periodic SPF
Fri Jul 25 20:34:46 0.000226 1 Periodic SPF
Fri Jul 25 20:46:44 0.000184 1 Periodic SPF
Fri Jul 25 21:00:02 0.000180 1 Periodic SPF
Fri Jul 25 21:14:24 0.000211 1 Periodic SPF
Fri Jul 25 21:25:16 0.000101 6 Topologies changed for adjacency R1 on em1.0
Fri Jul 25 21:25:30 0.000090 2 Purging LSP R1.00-00
Fri Jul 25 21:25:36 0.000063 1 Updated LSP R1.00-00
Fri Jul 25 21:31:15 0.000301 3 Lost adjacency R3 on em0.0
Fri Jul 25 21:32:21 0.000266 5 Topologies changed for adjacency R3 on em0.0
Fri Jul 25 21:39:21 0.000218 3 Lost adjacency R1 on em1.0

Campos do output do comando show isis spf log:
Node: Displays the system ID of a node;
Metric : Displays the metric to the node;
Interface: Displays the interface of the next hop;
Via : Displays the system ID of the next hop;
SNPA: Displays the SNPA (MAC address of the next hop);
Start time (log output only): Displays the time that the SPF computation started;
Elapsed time (log output only): Displays the length of time required to complete the SPF computation in seconds;
Count (log output only): Displays the number of times the SPF was triggered; and
Reason (log output only): Displays the reason that the SPF computation was completed.

[email protected]# run show isis statistics
IS-IS statistics for R2:
PDU type Received Processed Drops Sent Rexmit
LSP 75 75 0 186 0
IIH 5404 54 1567 12380 0
CSNP 0 0 0 2784 0
PSNP 7 7 0 0 0
Unknown 0 0 0 0 0
Totals 5486 136 1567 15350 0

Total packets received: 5486 Sent: 15350

SNP queue length: 0 Drops: 0
LSP queue length: 0 Drops: 0
SPF runs: 76
Fragments rebuilt: 112
LSP regenerations: 50
Purges initiated: 7

Campos do output do comando show isis statistics:
PDU type : Displays the PDU type.
Received : Displays the number of PDUs received since IS-IS started or since the statistics were zeroed.
Processed: Displays the number of PDUs received minus the number dropped.
Drops: Displays the number of dropped PDUs.
Sent: Displays the number of PDUs transmitted since IS-IS started or since the statistics were zeroed.
Rexmit : Displays the number of PDUs retransmitted since IS-IS started or since the statistics were zeroed.
Total packets received/sent: Displays the total number of PDUs received and transmitted since IS-IS started or since the statistics were zeroed.
SNP queue length : Displays the number of CSNPs and PSNPs sitting on the sequence number packets (SNP) queue waiting for processing. This value is almost always 0.
LSP queue length : Displays the number of link-state PDUs sitting on the link-state PDU queue waiting for processing. This value is almost always 0.
SPF runs : Displays the number of SPF calculations performed. If this number is incrementing rapidly, it indicates that the network is unstable.
Fragments rebuilt: Displays the number of link-state PDU fragments that the local system has computed.
LSP regenerations: Displays the number of link-state PDUs that were regenerated. A link-state PDU is regenerated when it is nearing the end of its lifetime and it has not changed.
Purges initiated: Displays the number of purges that the system initiated. A purge is initiated if the software decides that a link-state PDU must be removed from the network.

[email protected]# run show isis route
IS-IS routing table Current version: L1: 36 L2: 40
IPv4/IPv6 Routes
—————-
Prefix L Version Metric Type Interface NH Via
10.10.10.1/32 1 36 10 int em1.0 IPV4 R1
10.10.10.3/32 2 40 10 int em0.0 IPV4 R3

Campos do output do comando show isis route:
Current version: Displays the number of the current version of the IS-IS routing table.
L1: Displays the version of the Level 1 SPF that was run.
L2: Displays the version of the Level 2 SPF that was run.
Prefix : Displays the destination of the route.
L : Displays the level, which can be 1 —Level 1 only; 2 —Level 2 only; and 3 —Level 1 and Level 2.
Version: Displays the version (or run) of SPF that generated the route.
Metric : Displays the metric value associated with the route.
Type: Displays the metric type. It can be int (internal) or ext (external).
Interface: Displays the interface to the next hop.
Via : Displays the system ID of the next hop, displayed as a name if possible.

[email protected]# run show isis database extensive
IS-IS level 1 link-state database:

R1.00-00 Sequence: 0x1d, Checksum: 0xc00e, Lifetime: 700 secs
IS neighbor: R2.03 Metric: 10
Two-way fragment: R2.03-00, Two-way first fragment: R2.03-00
IP prefix: 10.1.12.0/24 Metric: 10 Internal Up
IP prefix: 10.10.10.1/32 Metric: 0 Internal Up

Header: LSP ID: R1.00-00, Length: 141 bytes
Allocated length: 284 bytes, Router ID: 10.10.10.1
Remaining lifetime: 700 secs, Level: 1, Interface: 66
Estimated free bytes: 164, Actual free bytes: 143
Aging timer expires in: 700 secs
Protocols: IP, IPv6

Packet: LSP ID: R1.00-00, Length: 141 bytes, Lifetime : 1198 secs
Checksum: 0xc00e, Sequence: 0x1d, Attributes: 0x1 <L1>
NLPID: 0x83, Fixed length: 27 bytes, Version: 1, Sysid length: 0 bytes
Packet type: 18, Packet version: 1, Max area: 0

TLVs:
Area address: 49.0001 (3)
Speaks: IP
Speaks: IPV6
IP router id: 10.10.10.1
IP address: 10.10.10.1
Hostname: R1
IS neighbor: R2.03, Internal, Metric: default 10
IS extended neighbor: R2.03, Metric: default 10
IP address: 10.1.12.1
Local interface index: 64, Remote interface index: 0
IP prefix: 10.1.12.0/24, Internal, Metric: default 10, Up
IP prefix: 10.10.10.1/32, Internal, Metric: default 0, Up
IP extended prefix: 10.1.12.0/24 metric 10 up
IP extended prefix: 10.10.10.1/32 metric 0 up
No queued transmissions

Campos do output do comando show isis database extensive:
LSP ID : Displays the link-state PDU identifier;
Sequence : Displays the sequence number of the link-state PDU;
Checksum : Displays the checksum value of the link-state PDU;
Lifetime (in seconds): Displays the remaining lifetime of the link-state PDU, in seconds;
IP prefix (detail and extensive output only): Displays the prefix advertised by this link-state PDU;
IS neighbor (detail output only): Displays an IS-IS neighbor of the advertising system; and
Metric (detail and extensive output only): Displays the metric of the prefix or neighbor.

IP Configuration is Not necessary

O IS-IS permite formar adjacencias entre neighbors que não estejam configurados com a mesma subnet, isto porque não se baseia no IP.

Troubleshooting No adjacency

Mismatched Areas
MTU minimo 1492
Sem NET configurado

Referências:

Notas estudo JNCIS-ENT parte 1

Notas estudo JNCIS-ENT parte 2

Notas estudo JNCIS-ENT parte 3

Notas estudo JNCIS-ENT parte 4

Notas estudo JNCIS-ENT parte 5

Notas estudo JNCIS-ENT parte 6

Notas estudo JNCIS-ENT parte 7

Notas estudo JNCIS-ENT parte 8

Notas estudo JNCIS-ENT parte 9

Notas estudo JNCIS-ENT parte 10

Notas estudo JNCIS-ENT parte 11

Notas estudo JNCIS-ENT parte 12

Notas estudo JNCIS-ENT parte 13

Notas estudo JNCIS-ENT parte 14

Notas estudo JNCIS-ENT parte 15

Notas estudo JNCIS-ENT parte 16

Notas estudo JNCIS-ENT parte 16

Nota: Este Post faz parte do guide de Routing.

Appendix B IS-IS

IS-IS Protocol

Protocolo IGP, usa informação link-state e o algoritmo SPF a semelhança do OSPF

ISO

Protocolo desenvolvido pelo International Organization for Standardization (ISO) para o ISO’s Connectionless
Network Protocol (CLNP), descrito no ISO 10589

Dual IS-IS

Extensão do IS-IS para suportar a transição de TCP/IP para OSI. Também conhecido como integrated IS-IS. O Protocolo foi desenhado para suportar CLNP e IP, podendo opera-los em simultâneo.

Single Algorithm

Apenas e usado um algoritmo em ambos os ambientes (IP ou CLNP)

Link-State PDUs

Os pacotes IS-IS standard são alterados para suportar multiplos Network Layer Protocols
Nem todos os junOS devices suportam CLNP ou CLNS routing

A level-1 router cria LSPs level-1
A level-2 router cria LSPs level-2
A level-1-2 router cria LSPs level-1 e LSP level-2

Operation IS-IS

IS-IS consiste num AS com end systems (ESs) e intermediate systems (ISs)

IS-IS Areas

Existem 2 Levels: Level 1 e Level 2
Level 1: Roteia dentro da mesma area
Level 2: Roteia entre areas e interliga com outros ASs

Um router pode assumir a função de L1, L2 ou L1/L2
Um router L1/L2 funciona como um ABR semelhante ao OSPF. Este activa o bit no PDUS Level 1 indicando que e um backbone border router, os routers L1 criam uma default route a apontar para o router L1/L2 mais perto (metrica)

Cada router e identificado com Network Entity Title (NET), o NET e um NSAP onde o n-selector e 0

NSAP and Addressing

NSAP: Network Service Access Point
Total length between 8 and 20 bytes
Area Address: variable length field (up to 13 bytes)
System ID: defines an ES or IS in an area.
NSEL: N-selector. identifies a network service user (transport entity or the IS network entity itself)

NET: the address of the network entity itself

Formato NSAP Address
First 8 bits – escolher um numero (tipicamente 49)
Next 16 bits – area
Next 48 bits – router loopback address
Final 8 bits – zero

Exemplo 1:
NSAP:49.0001.1921.6800.1001.00
Router:192.168.1.1(loopback)in Area 1

Exemplo 2:
NSAP:49.0001.1921.6801.0010
192.168.10.10  -> 192.168.010.010  -> system ID 1921.6801.0010
Router:192.168.10.10(loopback)in Area 1

IS-IS PDUs

IS-IS uses the following PDUs to exchange protocol information:

IS-IS Hello (IIH) PDUs – IS-IS broadcasts these PDUs to discover the identity of neighboring IS-IS systems and to
determine whether the neighbors are Level 1 or Level 2 ISs.
Link-state PDUs – These PDUs contain information about the state of adjacencies to neighboring IS-IS systems. Link-state PDUs are flooded periodically throughout an area.
Complete sequence number PDUs (CSNPs) – CSNPs contain a complete description of all link-state PDUs in the IS-IS database. IS-IS periodically sends CSNPs on all links, and the receiving systems use the information in the CSNP to update and synchronize their link-state PDU databases. The designated router multicasts CSNPs on broadcast links in place of sending explicit acknowledgments for each link-state PDU.
Partial sequence number PDUs (PSNPs) – A receiver multicasts these PDUs when it detects that it is missing a link-state PDU or when its link-state PDU database is out of date. The receiver sends a PSNP to the system that transmitted the CSNP, effectively requesting that the missing link-state PDU be transmitted. That router, in turn, forwards the missing link-state PDU to the requesting router.
TLVs – IS-IS PDUs use TLV encoding as the basic structure for all routing information. TLV encoding requires that the
length of any field be defined explicitly when the field is used in a PDU.

IIH PDU Types

LAN hello PDUs – Pode ser divido entre Level 1 and Level 2 hello PDUs, o formato é idêntico. Num broadcast medium os hellos Level 1 e Level 2 usam
o multicast 01-80-C2-00-00-14 ou 01-80-C2-00-00-15, respectivamente.

point-to-point hello PDUs

Hello Transmission

DIS router – envia hellos a cada 3 segundos
non-DIS router – envia hellos a cada 9 segundos
PDU Fields

Circuit type – Defines the router as Level 1, Level 2, or a Level 1 and Level 2 router
Source ID – Identifies the system ID of the router that originated the hello PDU
Holding time – Specifies the period a neighbor should wait to receive the next hello PDU before declaring the originating router dead
PDU length – Specifies the length of the entire PDU in octets
Priority – Provides a value between 0 and 127 used for DIS election
LAN ID – Identifies the system ID or the DIS plus one more octet (the pseudo-node ID) to differentiate this LAN ID from another LAN ID that might have the same designated router

PSNPs

Um receiver multicast PSNPs quando detecta a falta de um link-state PDU ou link-state database está desatualizada

CSNPs

Contem uma descrição completa de todos os link-state PDUs na database. O IS-IS envia CSNPs periodicamente por todos os links.
O designated router multicast CNSPs em links broadcast em vez de enviar ACK explicitamente por cada link-state PDU

IS-IS Information Objects

OS PDUs usam TLV encoding como estrutura básica de toda a routing information. IS-IS ignora TLVs desconhecidos

Consultar TLV do IS-IS no URL http://www.iana.org/assignments/isis-tlv-codepoints/isis-tlv-codepoints.xhtml

IS-IS Adjacency Rules

Router Level 1 nunca forma adjacência com router Level 2 ou vice-versa
Para adjacências Level 1 a AREA deve ser igual
Para adjacências Level 2 a AREA deve ser diferente

DIS Election

O processo de eleição e garantido atribuindo a priority (entre 0 a 127) a cada interface em Level 1 ou Level 2.
Priority by default e 64 para ambos os Levels, se a priority for 0 o router fica fora do processo de seleção. As interfaces NonBroadcast tem por default priority 0
Router com a maior priority torna-se Designated Router, em caso de empate o router com o subnetwork point of attachment (SNPA) (que e o MAC-address) mais alto ganha a eleição.

Pseudo-Node

Mesmo conceito do OSPF

DIS Characteristics

não existe o conceito de Backup DR, se o IS-IS DIS falhar e eleito um novo. E feito preempt caso exista um router com uma best priority ou SNPA (MAC address) + alto

IS-IS Metrics

O IS-IS usa 1023 como default metric máxima, este valor é definido pelo network administrator.
Qualquer single link pode ter o valor máximo 63,a métrica é o suma dos custos dos links.

Level 1
Internal route preference: 15
External route preference: 160
Wide metrics are enabled, Narrow metrics are enabled
Level 2
Internal route preference: 18
External route preference: 165
Wide metrics are enabled, Narrow metrics are enabled

IS-IS define 3 metrics ou costs opcionais:

delay cost
cost metric
error cost

IS-IS mantém o mapeamento desta 4 métricas para o QoS option no CLNP packet header. O IS-IS usa estes mapeamentos para calcular rotas

Wide Metrics

O IS-IS também usa Wide metrics. E possível definir uma métrica ate 2^24. As Wide Metrics permite um network diameter ate 256 hops.
Este diameter resulta num maximum total path de 2^32.
By default o junOS envia as wide metrics e standard (Narrow) metrics, a wide metric e 63 caso seja usado em simultâneo a standard metric.
Para beneficiar das wide metric pode ser desativado as standard usando wide-metrics-only per level.

set protocols isis level 1 wide-metrics-only

Configuring IS-IS

set protocols isis interface ge-0/0/0.0 level 1 disable
set protocols isis interface at-0/1/1.100 level 2 disable

By default todas as interfaces especificadas no IS-IS são consideradas como Level 1 e Level 2

set interface ge-0/1/0.0 family iso
set interface ge-0/1/0.0 family inet address 10.0.24.1/24

set interface lo0.0 family inet address 192.168.2.1/32
set interface lo0.0 family iso address 49.0001.0192.0168.0201.00

Para usar o IS-IS, deve ser configurado o network entity title (NET) em uma das interfaces (preferencialmente o loopback), e configurar o iso family em todas as interfaces que desejamos executar IS-IS.

O junOS suporta ter múltiplas ISO NETs na interface loopback do router.

Referências:

Notas estudo JNCIS-ENT parte 1

Notas estudo JNCIS-ENT parte 2

Notas estudo JNCIS-ENT parte 3

Notas estudo JNCIS-ENT parte 4

Notas estudo JNCIS-ENT parte 5

Notas estudo JNCIS-ENT parte 6

Notas estudo JNCIS-ENT parte 7

Notas estudo JNCIS-ENT parte 8

Notas estudo JNCIS-ENT parte 9

Notas estudo JNCIS-ENT parte 10

Notas estudo JNCIS-ENT parte 11

Notas estudo JNCIS-ENT parte 12

Notas estudo JNCIS-ENT parte 13

Notas estudo JNCIS-ENT parte 14

Notas estudo JNCIS-ENT parte 15

Notas estudo JNCIS-ENT parte 15

Nota: Este Post faz parte do guide de Routing.

VRRP Defined

RFC 2338

Terms and Concepts

VRRP Router
Master Router
Backup Routers
Virtual Router

VRRP Communications

VRRP version 2
Usa Multicast 224.0.0.18
Default advertisement 1 segundo
E possível usar subsecond usando o comando fast-interval (o valor pode variar entre 100-999 milisegundos)
O MAC-ADDRESS do VIP tem o formato 00-00-5E-00-01-VRID
O Master state e elegido através da priority mais alta (entre 1 -255), by default e 100
Caso o router tenha o próprio VIP configurado como IP da interface deve ser configurado a priority 255 e ativado automaticamente o preempt.
Em ambientes onde o router não tem o próprio VIP como IP é possível desativar o preempt

VRRP States

Initialize
Master
Backup
Transition – Estado apenas transitório entre Backup e Master. Neste estado não existe forwarding

VRRP Configuration

set interfaces ge-0/0/4.0 family inet addres 172.25.100.2/24 vrrp-group 10 virtual-address 172.25.100.1 priority 200

outras opções:

track
accept-data – Permite que o master responda a ICMP com destino ao VIP. Caso o master tenha o proprio VIP responde by default a ICMP
authenticatioon-type – 3 types:none,simple,MD5
authenticatioon-key
no-preempt

É possível usar o inherit da config quando existem múltiplos grupos VRRP na mesma interface física usando assim algumas das mesmas características.
Com a opcao vrrp-inheret-from as características usadas são:advertise-interval, authentication-key, authentication-type, fast-interval, no-preempt, preempt, track interface, e track route

Unified ISSU

Apenas suportado em chassis com 2 REs e com os serviços GRES e NSR activos. Ambos os REs devem executar a mesma versão de software

Para iniciar o processo deve ser executado o comando request system software-in-service-upgrade no master RE

Para verificar o estados dos FPCs após o ultimo Unified ISSU:

[email protected]>  show chassis in-service-upgrade
Item           Status                  Reason
FPC 0          Online
FPC 1          Online
FPC 2          Online
PIC 0        Online
PIC 1        Online
FPC 3          Offline                 Offlined by CLI command
FPC 4          Online
PIC 1        Online
FPC 5          Online
PIC 0        Online
FPC 6          Online
PIC 3        Online
FPC 7          Online

!Cancelar o processo de upgrade (unified ISSU)
[email protected]>  request system abort software-in-service-upgrade

 
Appendix A IPv6

Alguns dos benefícios do IPv6
More efficient routing
Quality of service (QoS)
Elimination of the NAT requirement
Network Layer security with end-to-end IPsec
Ease of management using stateless address autoconfiguration
Improved header format to reduce header overhead

O header IPv6 tem 40 bytes (fixos) e inclui os seguintes campos:

Version: 4-bit field containing the number 6, indicating IPv6
Traffic class: 8-bit field that determines the traffic priority
Flow label: 20-bit field used for QoS management
Payload length: 16-bit field indicates the size of the payload in octets
Next header: 8-bit field indicating the next encapsulated protocol
Hop limit : 8-bit field replaces the time-to-live (TTL) field in IPv4
Source address : 128 bits
Destination address: 128 bits

IPv6 Defines Six Extension Headers

As extensões possíveis no header:

Hop-by-hop options: Signifies that the options need to be examined by each node along the path of a packet
Routing: Provides a list of intermediate nodes that should be visited on the path to the packet’s destination
Fragment: Signals when a packet has been fragmented by the source
Destination options: Options examined only by the destination node , and capable of appearing twice in a packet
Authentication header: Used with IPsec to verify  authenticity of a packet
Encrypted security payload: Used with IPsec and carries encrypted data for secure communication

IPv6 Address Types

3 Tipos de endereços IPv6:
• Unicast
• Multicast
• Anycast

Prefix Notation

O RFC4291 define as ultimas regras sobre prefix notation

::/128 : unspecified;
::1/128: This prefix notation should be used for the loopback;
FF00::/8 : Multicast
FE80::/10: Local-Link

Special Addresses
Link-Local Unicast Addresses – Prefix (10bits) + SubnetID (54bits) + Interface ID (64bits)
Site-Local Unicast Addresses – Enderecos Privatos a semelhanca do RFC1918 em IPv4. Prefix (10bits) + SubnetID (54bits) + Interface ID (64bits)
Global Unicast Addresses – Enderecos roteados na Internet. FP (3bits) + GlobalRouting Prefix (45bits) + SID (16bits) + Interface ID (64bits)

Stateless Autoconfiguration

Permitir atribuir IP automaticamente sem a necessidade de DHCP.

Stateless autoconfiguration consiste em varios elementos:

• Extended unique identifier (EUI)
• Router advertisement message
• Router solicitation message
• Prefix list

Neighbor Discovery (ND)

É o processo de tracking dos neighbors no mesmo local link.
O ND é opcional nos devices IPv6.
Após o host enviar um Router Solicitation (RS) o router confirma enviando um Router Advertisement (RA) com a prefix list. O host o endereçamento no prefix-list para efectuar a autoconfiguracao

Stateful Autoconfiguration

O DHCPv6 e conhecido como stateful, definido no RFC3315

set interfaces ge1/1/0.110 family inet6 address fec0:0:0:2003::1/64

[email protected]# run show interfaces terse ge-1/1/0
Interface               Admin Link Proto    Local                 Remote
ge-1/1/0                up    up
ge-1/1/0.110            up    up   inet     172.16.110.1/24
inet6    fe80::8271:1f00:6ec1:a278/64
fec0:0:0:2003::1/64

[email protected]# run show route table inet6.0

inet6.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
Restart Complete
+ = Active Route, – = Last Active, * = Both

fe80::/64          *[Direct/0] 00:02:24
> via ge-1/1/0.110
fe80::8271:1f00:6ec1:a278/128
*[Local/0] 00:02:24
Local via ge-1/1/0.110
fec0:0:0:2003::/64 *[Direct/0] 00:02:24
> via ge-1/1/0.110
fec0:0:0:2003::1/128
*[Local/0] 00:02:24
Local via ge-1/1/0.110

[email protected]# run show ipv6 neighbors
IPv6 Address                 Linklayer Address  State       Exp Rtr Secure Interface
fec0:0:0:2003::2             80:71:1f:c1:c3:78  reachable   34  yes no      ge-1/1/0.110

IPv6 Multicast Address

No IPv6 o ICMPv6 é usado no multicast group management  para optimizar o tráfego multicast. Este processo é referido como Multicast Listener Discovery (MLD)

Os enderecos multicast segundo o RFC 4291:

• Solicited-node multicast addresses are for Neighbor Solicitation (NS) messages;
• All-nodes multicast addresses are for Router Advertisement (RA) messages; and
• All-routers multicast addresses are for Router Solicitation (RS) messages.

IPv6 Anycast Address

Definido no RFC 2526
Permite que o mesmo IP esteja distribuído, mas apenas um Host irá receber o tráfego

set routing-options rib inet6.0 static route 0::/0 next-hop FEc0:0:0:2003::2 preference 250

OSPFv3 Configuration Example

O processo de selecao do RID no OSPFv3 e identico ao da v2, o RID continua a ser IPv4

Monitoring OSPFv3 Operations

show ospf3 neighbor
show ospf3 interface
show ospf3 database
show ospf3 route

IS-IS Configuration

set interfaces ge1/1/0.110 family iso
set interfaces ge1/1/0.110 family inet6 address fec0:0:0:2003::1/64

set interfaces lo0 unit 0 family iso address 49.0002.1111.1111.1111.00
set interfaces lo0 unit 0 family inet6 address fec0:0:0:1001::1/128

Monitoring IS-IS Operations

[email protected]# run show isis interface
IS-IS interface database:
Interface             L CirID Level 1 DR        Level 2 DR        L1/L2 Metric
ge-1/1/0.110          3   0x1 mxA-1.00          mxA-1.00               10/10
lo0.0                 0   0x1 Passive           Passive                 0/0

[edit]
[email protected]# run show isis adjacency

BGP Configuration

!eBGP Peering
set protocols bgp group ext-65501 type external
set protocols bgp group ext-65501 peer-AS 65501
set protocols bgp group ext-65501 neighbor fec0:0:0:2003::2

Monitoring BGP Operations

show bgp summary

Tunneling IPv6 Traffic

Por vezes e necessário encapsular trafego IPv6 em IPv4.

Alguns dos mecanismos de transicao
•IPv4-compatible addressing
•Configured tunnels
•6to4
•6over4

!Site A
set interface gr-0/0/0.0 tunnel source 172.16.110.1 destination 172.16.110.2
set interface gr-0/0/0.0 family inet6 address fec0:0:0:1000::1/126
set routing-options rib inet6.0 static route fec0:0:0:2000::/64 next-hop gr-0/0/0.0
set routing-options rib inet6.0 static route fec0:0:0:1001::/64 next-hop gr-0/0/0.0

!Site B
set interface gr-0/0/0.0 tunnel source 172.16.110.2 destination 172.16.110.1
set interface gr-0/0/0.0 family inet6 address fec0:0:0:1000::2/126
set routing-options rib inet6.0 static route fec0:0:0:2000::/64 next-hop gr-0/0/0.0
set routing-options rib inet6.0 static route fec0:0:0:1001::/64 next-hop gr-0/0/0.0

Referências:

Notas estudo JNCIS-ENT parte 1

Notas estudo JNCIS-ENT parte 2

Notas estudo JNCIS-ENT parte 3

Notas estudo JNCIS-ENT parte 4

Notas estudo JNCIS-ENT parte 5

Notas estudo JNCIS-ENT parte 6

Notas estudo JNCIS-ENT parte 7

Notas estudo JNCIS-ENT parte 8

Notas estudo JNCIS-ENT parte 9

Notas estudo JNCIS-ENT parte 10

Notas estudo JNCIS-ENT parte 11

Notas estudo JNCIS-ENT parte 12

Notas estudo JNCIS-ENT parte 13

Notas estudo JNCIS-ENT parte 14

Notas estudo JNCIS-ENT parte 14

Nota: Este Post faz parte do guide de Routing.

Graceful Routing Engine switchover (GRES)

GRES Inactivo –  o PFE é reiniciado e o novo Master faz discover de todo o hardware e interfaces. O novo master faz restart ao processo rpd

GRES Activo – o PFE não é reiniciado e toda a informação do kernel/interfaces e preservada. O GRES reduz o tempo de convergência, mesmo reiniciando o rpd

Após os REs serem sincronizados são trocados keepalives, se o backup RE não receber o keepalive durante um periodo de tempo (tipicamente 2 segundos) faz o switchover, e o PFE liga-se ao novo RE.

{master}
[email protected]>  show chassis routing-engine
Routing Engine status:
Slot 0:
Current state                  Master
Election priority              Master (default)

Routing Engine status:
Slot 1:
Current state                  Backup
Election priority              Backup (default)

Nonstop active routing (NSR) – Preserva a informação do Kernel/interfaces, o processo rpd e também executado no Backup RE. O GRES deve estar activo para o NSR operar corretamente
Bidirectional Forwarding Detection (BFD)
Virtual Router Redundancy Protocol (VRRP)
Unified In-Service Software Upgrade (ISSU) – suportado apenas em devices com 2 REs. O GRES e NSR devem estar activos

Garantir que cada RE tem um IP diferente de OOB Management.
set groups re1 system host-name R1-re1
set groups re1 system backup-router 172.18.66.1
set groups re1 interface fxp0 unit 0 family inet address 172.18.66.51/24

set groups re1 system host-name R1-re0
set groups re1 system backup-router 172.18.66.1
set groups re1 interface fxp0 unit 0 family inet address 172.18.66.50/24

{master}[edit]
[email protected]#  set apply-groups [re0 re1]

Caso seja usado o GRES deve ser configurado commit synchronize

[email protected]#  set chassis commit
warning: graceful-switchover is enabled, commit synchronize should be used
commit complete

{master}
[email protected]#  set system commit synchronize

{master}
[email protected]#  system commit
re0:
configuration check succeeds
re1:
commit complete
re0:
commit complete

Se o GRES não estive activo, e recomendado implementar o RE failover protection. O default keepalive e de 300 segundos

[edit chassis redundancy]
[email protected]# set ?
Possible completions:
+ apply-groups         Groups from which to inherit configuration data
+ apply-groups-except  Don’t inherit configuration data from these groups
> failover             Failover to other Routing Engine
keepalive-time       Time before Routing Engine failover (2..10000 seconds)
> routing-engine       Redundancy options for Routing Engines

É possível realizar o switchover manual usando request chassis routing-engine master

[email protected]> request chassis routing-engine master ?
Possible completions:
acquire              Attempt to become master Routing Engine
release              Request that other Routing Engine become master
switch               Toggle mastership between Routing Engines

Configuring Graceful RE Switchover

set chassis redundancy graceful-switchover

{master}[edit chassis]
[email protected]#

{backup}[edit chassis]
[email protected]#

Monitoring Graceful RE Switchover

!Este comando só e valido no Backup RE
{backup}
[email protected]> show system switchover
Graceful switchover: On
Configuration database: Ready
Kernel database: Ready
Peer state: Steady State

Configuration database – configuration database, ou repository of configuration files, e replicada pelo processo commit synchronize
Kernel and related entries – ksyncd responsável pelo replicação dos estados entre as varias componentes de hardware
PFE state – chassisd efetua a replicaco do estado do PFE

Nonstop Active Routing

Configuring NSR

Usando o NSR as adjacências continuam UP mesmo depois do switchover, ambos os REs executam o processo rpd preservando a informação do kernel e interfaces.
O NSR não usa o helper mode do GR para restaurar a routing information, este requer que ambos os REs usem a mesma versão de software. não é possível ter o GR e NSR activos em simultâneo.

{master}
[email protected]# set routing-options nonstop-routing

!Activar o commit synchronize
[email protected]#  set system commit ?
Possible completions:
+ apply-groups         Groups from which to inherit configuration data
+ apply-groups-except  Don’t inherit configuration data from these groups
synchronize          Synchronize commit on both Routing Engines by default

 Monitoring NSR

{master}
[email protected]> show task replication
Stateful Replication: Enabled
RE mode: Master
Protocol        Synchronization Status
OSPF            Complete
BGP                Complete

{master}
[email protected]>  request routing-engine login other-routing-engine

— junOS 10.1R1.8 built 2010-02-12 18:31:54 UTC
{backup}
[email protected]>  show ospf neighbor
Address          Interface              State     ID               Pri  Dead
10.1.1.2         fe-0/0/1.0             Full      192.168.100.2    128     0
10.1.2.2         fe-0/0/2.0             Full      192.168.100.3    128     0
{backup}
[email protected]>  show bgp summary
Groups: 1 Peers: 2 Down peers: 0
Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending
inet.0                10         10          0          0          0          0
Peer                     AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn
State|#Active/Received/Accepted/Damped…
192.168.100.2         64700         55         54       0       0       24:29 5/5/5/0
0/0/0/0
192.168.100.3         64700         54         52       0       0       23:53 5/5/5/0
0/0/0/0

{backup}
[email protected]>  show route protocol ospf
inet.0: 21 destinations, 34 routes (19 active, 0 holddown, 0 hidden)
+ = Active Route, – = Last Active, * = Both
192.168.100.2/32   *[OSPF/10] 00:39:47, metric 1
> to 10.1.1.2 via fe-0/0/1.0
192.168.100.3/32   *[OSPF/10] 00:39:47, metric 1
> to 10.1.2.2 via fe-0/0/2.0
224.0.0.5/32       *[OSPF/10] 00:44:22, metric 1
MultiRecv

Bidirectional Forwarding Detection

Mecanismo para detectar falhas de links em menos de 1 segundo, chamado de subsecond.

Protocolos suportados:OSPF, IS-IS, RIP, BGP, RSVP, PIM, Static routes

Após o BFD ser negociado a sessão entre os 2 neighbors são trocados keepalives monitorizando assim o link. Após falha no BFD o protocolo de routing e notificado. Os timers do protocolo de routing são substituídos pelos do BFD.

não e recomendado que os timers sejam inferiores a 300msec, ainda com este valor e possível detectar falhas em 900msec (3*timer)

Configuring BFD

set protocols ospf area 0 interface ge-0/0/1.0 bfd-liveness-detection minimum-interval 300
set protocols bgp group my-ebgp-group bfd-liveness-detection minimum-interval 300
set protocols bgp group my-ebgp-group neighbor 172.18.1.1 peer-as 65510

Podem ser definidos diferentes intervalos para o send/receive, e possivel usar o comando minimum-interval para ambos

BFD usa periodic packet management (PPM) no PFE. PPM faz off load de algum processamento do RE para o PFE, by default o PPM está activo nas plataformas onde é suportado.

O BFD não traz benefícios em SONET, ATM, pois estes media types ja tem mecanismos semelhantes. Em Ethernet é possível usar o Ethernet OAM, ao contrario do BFD este opera em Layer 2.

By default, as sessões BFD são adaptive pelo que timers podem ser alterados. Se for definido um minimum interval e se o neighbor usar um valor superior, então a sessão BFD usa o valor superior.

[edit protocols]
[email protected]# set ospf area 0 interface ge-0/0/1.0 bfd-liveness-detection ?
Possible completions:
+ apply-groups         Groups from which to inherit configuration data
+ apply-groups-except  Don’t inherit configuration data from these groups
> authentication       Authentication options
> detection-time       Detection-time options
full-neighbors-only  Setup BFD sessions only to Full neighbors
minimum-interval     Minimum transmit and receive interval (milliseconds)
minimum-receive-interval  Minimum receive interval (1..255000 milliseconds)
multiplier           Detection time multiplier (1..255)
no-adaptation        Disable adaptation
> transmit-interval    Transmit-interval options
version              BFD protocol version number

[edit protocols]
[email protected]# set bgp bfd-liveness-detection ?
Possible completions:
+ apply-groups         Groups from which to inherit configuration data
+ apply-groups-except  Don’t inherit configuration data from these groups
> authentication       Authentication options
> detection-time       Detection-time options
holddown-interval    Time to hold the session-UP notification to the client
minimum-interval     Minimum transmit and receive interval (milliseconds)
minimum-receive-interval  Minimum receive interval (1..255000 milliseconds)
multiplier           Detection time multiplier (1..255)
no-adaptation        Disable adaptation
> transmit-interval    Transmit-interval options
version              BFD protocol version number

O BFD pode ser definido ao nivel do protocol, group, ou neighbor, a prioridade das definições e pela ordem apresentada.

Monitoring BFD

show bfd session

Para desativar o adaptive mode usar o comando no-adaptation

[email protected]> show bgp neighbor 172.18.1.1
Peer: 172.18.1.1+179 AS 65510  Local: 172.18.1.2+49363 AS 64700
Type: External    State: Established    Flags: <Sync>
Last State: OpenConfirm   Last Event: RecvKeepAlive
Last Error: None
Export: [ adv-aggregates ]
Options: <Preference AdvertiseInactive GracefulRestart PeerAS Refresh>
Options: <BfdEnabled>
Holdtime: 90 Preference: 170
Number of flaps: 0
Peer ID: 10.10.10.10      Local ID: 192.168.1.1      Active Holdtime: 90
Keepalive Interval: 30         Peer index: 0
BFD: enabled, up
[Trimmed]

Referências:

Notas estudo JNCIS-ENT parte 1

Notas estudo JNCIS-ENT parte 2

Notas estudo JNCIS-ENT parte 3

Notas estudo JNCIS-ENT parte 4

Notas estudo JNCIS-ENT parte 5

Notas estudo JNCIS-ENT parte 6

Notas estudo JNCIS-ENT parte 7

Notas estudo JNCIS-ENT parte 8

Notas estudo JNCIS-ENT parte 9

Notas estudo JNCIS-ENT parte 10

Notas estudo JNCIS-ENT parte 11

Notas estudo JNCIS-ENT parte 12

Notas estudo JNCIS-ENT parte 13

Notas estudo JNCIS-ENT parte 13

Nota: Este Post faz parte do guide de Routing.

Chapter 5 IP Tunneling

O junOS não suporta IPX ou AppleTalk.

O GRE permite encapsular trafego non-IP, IPX, AppleTalk e IP.

GRE adiciona 24 bytes ao header e usa o protocol type 47
IP-IP adiciona 20 bytes ao header

Os tuneis IP-IP só suporta IP traffic, RFC2003

Os tunneling services podem ser realizados por software ou hardware.
A nomenclatura do tipo de interface irá depender onde se encontra inserida a tunneling services interface card

Tipos de interfaces:
GRE – interface gr-x/y/z
IP-IP – interface ip-x/y/z

O GRE suporta o mecanismo de Keepalive para monitorizar o estado do tunnel.

set protocols oam gre-tunnel interface gr-1/0/10.1 keepalive-time 10 hold-time 30

Os Keepalives sao suportados nos M e MX Series

Quando 2 devices iniciam um sessão TCP determinam o maximum segment size (MSS) permitido no path end-to-end. Tipicamente o valor do MTU é de 1500,mas quando é usado GRE ou IP-IP existe um overhead adicional.
Usando GRE (Max MTU 1476), se o host enviar um pacote superior a 1476, o pacote é fragmentado tipicamente por um dos pontos do tunel.

Se um dos hosts activar o don’t fragment (DF) bit, o route faz drop ao pacotes tipicamente enviando um ICMP informando o sender para usar pacotes mais pequenos.
Para evitar este problema, pode ser alterar o MTU do tunnel, no junOS também é possível activar a config clear-dont-fragment que remove o bit set permitindo assim a fragmentação.

Defining the Tunnel Interface

set interfaces gr-0/0/0.0 family inet
set interfaces gr-0/0/0.0 tunnel source 192.168.1.1
set interfaces gr-0/0/0.0 tunnel destination 192.168.2.1

Outras opções:

copy-tos-to-outer-ip-header – by default o GRE não copia o ToS para outer IP header
allow-fragmentation – by default o GRE faz drop se o MTU for superior a do egress interface
reassemble-packets –  activar o reassemble de pacotes, apenas em interfaces GRE
key – permite identificar individualmente um flow dentro do tunel
clear-dont-fragment-bit – É removido o DF bit mesmo que os pacotes não excedam o MTU

Opcoes para activar/desativar o PMTUD
[edit system internet-options]
[email protected]# set ?
Possible completions:

gre-path-mtu-discovery  Enable path MTU discovery for GRE tunnels
ipip-path-mtu-discovery  Enable path MTU discovery for IP-IP tunnels
no-gre-path-mtu-discovery  Don’t enable path MTU discovery for GRE tunnels
no-ipip-path-mtu-discovery  Don’t enable path MTU discovery for IP-IP tunnels

O PMTUD é uma técnica para determinar o MTU no path entre 2 endpoints para que não exista fragmentação.
O PMTUD activa o DF bit no outgoing packets. Se um device intermédio no path tiver um MTU menor, faz drop ao pacote e envia um ICMP Fragmentation Needed (type 3, Code 4) contendo o MTU. Assim permite ao host reduzir o MTU. O Tunnel endpoint repete o processo de discovery até o MTU ser o pequeno o suficiente para não existir fragmentação em transito.

Required Routes

set routing-options static route 192.168.1.1/32 next-hop 172.18.2.1
set routing-options static route 172.20.110.0/24 next-hop gr-0/0/0.0

[email protected]> show route 192.168.1.1
inet.0: 19 destinations, 19 routes (19 active, 0 holddown, 0 hidden)
Restart Complete
+ = Active Route, – = Last Active, * = Both
192.168.1.1/32     *[Static/5] 5d 21:02:26
> to 172.18.2.1 via ge-0/0/3.0
[email protected]> show route 172.20.110.0/24
inet.0: 19 destinations, 19 routes (19 active, 0 holddown, 0 hidden)
Restart Complete
+ = Active Route, – = Last Active, * = Both
172.20.110.0/24    *[Static/5] 10:43:01
> via gr-0/0/0.0

Chapter 6 High Availability

Supported High Availability Features

Graceful restart (GR) – O data plane (forwarding) não e interrompido. Permite ao router passar os estados intermédios de convergência sem o conhecimento do resto da rede.
Graceful Routing Engine switchover (GRES) – Preserva a informacao do Kernel/interfaces mas não o Control Plane
Nonstop active routing (NSR) – Preserva a informação do Kernel/interfaces, o processo rpd e tambem executado no Backup RE. O GRES deve estar activo para o NSR operar corretamente
Bidirectional Forwarding Detection (BFD)
Virtual Router Redundancy Protocol (VRRP)
Unified In-Service Software Upgrade (ISSU) – suportado apenas em devices com 2 REs. O GRES e NSR devem estar activos

Graceful restart (GR)

No caso de o processo rpd ser reiniciado, o beneficio de usar GR e que este evento e comunicado aos neighbors adjacentes da condição.
Assim o router continua a fazer forwarding de tráfego durante o período de restart.Os neighbors deste router são conhecidos como helper routers, pois escondem o evento de restart dos restantes neighbors (diretamente ligados).
Por outras palavras o evento não é visível na restante rede, não sendo o router que o originou removido da topologia de rede.

O GR ocorre apenas se as seguintes condições estão reunidas:

Topologia de rede estável
O neighbor ou peer cooperam
Se o restarting router não estiver já a cooperar com outro restart em progresso
O grace period não expira
Protocolos Suportados pelo GR: OSPF, IS-IS, BGP, RIP, RSVP, LDP, MSDP, PIM

O router deve ter o GR activo para suportar os ambos os modos:restarting router mode e helper router mode
By default os devices operam como helper router mode e não como restaring router mode.

Configuring GR

!Desativar o graceful restarting globalmente
set routing-options graceful-restart disable

!Ativar o restarting mode
set protocols bgp graceful-restart
set protocols bgp my-group type-internal local-address 192.168.1.1
set protocols bgp my-group type-internal neighbor 192.168.1.2
set protocols bgp my-group type-internal neighbor 192.168.2.2 graceful-restart disable

O GR helper mode pode ser desativado per-protocol, per-group, ou per-neighbor

[edit protocols]
[email protected]# set ospf graceful-restart ?
Possible completions:
+ apply-groups         Groups from which to inherit configuration data
+ apply-groups-except  Don’t inherit configuration data from these groups
disable              Disable OSPF graceful restart capability
helper-disable       Disable graceful restart helper capability
no-strict-lsa-checking  Do not abort graceful helper mode upon LSA changes
notify-duration      Time to send all max-aged grace LSAs (1..3600 seconds)
restart-duration     Time for all neighbors to become full (1..3600 seconds)

[edit protocols]
[email protected]# set bgp graceful-restart ?
Possible completions:
<[Enter]>            Execute this command
+ apply-groups         Groups from which to inherit configuration data
+ apply-groups-except  Don’t inherit configuration data from these groups
disable              Disable graceful restart
restart-time         Restart time used when negotiating with a peer (1..600)
stale-routes-time    Maximum time for which stale routes are kept (1..600)
|                    Pipe through a command

Referências:

Notas estudo JNCIS-ENT parte 1

Notas estudo JNCIS-ENT parte 2

Notas estudo JNCIS-ENT parte 3

Notas estudo JNCIS-ENT parte 4

Notas estudo JNCIS-ENT parte 5

Notas estudo JNCIS-ENT parte 6

Notas estudo JNCIS-ENT parte 7

Notas estudo JNCIS-ENT parte 8

Notas estudo JNCIS-ENT parte 9

Notas estudo JNCIS-ENT parte 10

Notas estudo JNCIS-ENT parte 11

Notas estudo JNCIS-ENT parte 12