Stylify

Showing posts with label Routing. Show all posts

IP Forwarding Control and Special Interfaces

5:05 AM

Control | IP Forwarding | Routing | Special Interfaces

0 comments

IP forwarding essentially turns a gateway into a router that is capable of forwarding IP datagrams between directly attached physical or virtual interfaces. In firewall setups, it is often desirable to disable IP forwarding during bootup and firewall initialization for security purposes, not to leave a gateway vulnerable during the booting routine before the firewall inspection engine resumes forwarding control. It is also a good idea to make sure IP forwarding is disabled before the firewall terminates at system shutdown. Example 3-2 demonstrates how you can enable/disable IPv4 and multicast forwarding via sysctl parameters. This is possible for IPv6 as well.

Example 3-2. Linux IP Forwarding-Related sysctl Variables

[root@callisto:~#] sysctl -a | grep forwarding

net.ipv4.conf.pimreg.mc_forwarding = 1

net.ipv4.conf.pimreg.forwarding = 1

net.ipv4.conf.ipsec0.mc_forwarding = 0

net.ipv4.conf.ipsec0.forwarding = 1

net.ipv4.conf.eth1.mc_forwarding = 1

net.ipv4.conf.eth1.forwarding = 1

net.ipv4.conf.eth0.mc_forwarding = 1

net.ipv4.conf.eth0.forwarding = 1

net.ipv4.conf.lo.mc_forwarding = 0

net.ipv4.conf.lo.forwarding = 1

net.ipv4.conf.default.mc_forwarding = 0

net.ipv4.conf.default.forwarding = 1

net.ipv4.conf.all.mc_forwarding = 1

net.ipv4.conf.all.forwarding = 1

VLAN Subinterface Support and Trunk Termination (802.1Q)

If you are connecting a UNIX gateway's Ethernet interfaces to a switch or router, you can use this interface to act as an access link or uplink. This interface can also connect multiple VLAN subinterfaces and act as a pipe (trunk) for all these interfaces.

For VLAN tagging, two methods exist: the Cisco System proprietary Inter-Switch Link (ISL) flavor, and the standardized IEEE 802.1Q method. In fact, what we call an uplink is a special case of trunk carrying only one (untagged) VLAN, usually the default VLAN of the switch. Therefore, a UNIX gateway can route between these VLANs ("router on a stick") or form a pipe to a Cisco neighbor using the same subinterface scheme and VLAN tagging. They form logical interfaces on both Cisco and UNIX gateways.

Note that VLANs result in separated broadcast/multicast domains with Media Access Control (MAC) layer isolation. They are a popular way of separating customer access and services in data centers or service provider server segments and are also widely deployed to segment enterprise entities into multiple VLAN realms that can span hundreds of switches.

To support large VLAN switched environments with a lot of trunks, Cisco has developed the proprietary VLAN Trunking Protocol (VTP), which enables switching hierarchies to flood VLAN information on trunk ports. In fact, VLANs are the Ethernet equivalent of a subinterface concept similar to the features Frame Relay provides on serial WAN interfaces or ATM on dedicated ATM interfaces. However, you need to be aware of VLAN security issues, especially if customers are directly connected to the access port of a switch (MAC-level access). In this case, there exists the possibility of VLAN security penetration and denial-of-service (DoS) attacks under certain circumstances, such as heavy load, MAC address spoofing, malicious VLAN labeling from access ports, trunk and spanning-tree manipulation, and so on. This is especially a matter of concern in cable provider access networks and modern metro networks.

All UNIX operating systems under discussion in this chapter support the standardized IEEE 802.1Q VLAN tagging mechanism as long as this option is enabled in the kernel. (See Appendix A for more information.) VTP is not supported under UNIX. The actual configuration of VLAN interfaces usually happens via the ifconfig command on BSD and via the vconfig command on Linux.

VLAN tagging adds protocol overhead (4 octets in the case of 802.1Q) to the Ethernet frame. This has to be accounted for by manually reducing the maximum frame size via the ifconfig command. Otherwise the network interface card (NIC) driver will silently discard the giant frame. In fact, these giants (also called jumbo frames) are a general caveat in Multiprotocol Label Switching (MPLS) and IP Security (IPSec) setups as well. Tagging always adds overhead. You can alter the maximum transmission unit (MTU) by typing ifconfig {interface} mtu 1496 on Linux or BSD.

NOTE

It is often necessary to alter the MAC address of an Ethernet interface. In particular, cable broadband providers control and provision access via MAC addresses. Whether changing the "burned-in" address is possible or not depends on the hardware and the NIC driver (and therefore the availability of special utilities for this particular purpose). It is not a general feature of the ifconfig command you can rely on.

Alias or Secondary Interfaces

Secondary (alias) interfaces can satisfy the requirements to support multiple addresses on one physical interface. This can also be accomplished with VLANs, as discussed in the VLAN section, with the benefit of MAC layer separation. With an alias address configured, the interface essentially listens to relevant traffic on two segments or a second address within the same broadcast domain. This feature has been supported for a long time on almost all operating systems and is popular for virtual web servers. It is referred to as secondary addresses on Cisco routers and virtual interfaces on Sun Solaris. Examples follow in Chapter 5.

Ethernet Channel Bonding

5:01 AM

Bonding | Chanel | Ethernet | Routing | Tutorial

0 comments

Ethernet channel bonding describes the physical bundling of multiple full-duplex Fast/Giga Ethernet interfaces (usually two or four) to a virtual pipe of multiplied bandwidth. The resulting channel is transparent to Layer 2 configuration issues and can sustain single- or multiple-link failures of the constituting links.

Experimental channel-bonding drivers for Linux and BSD for selected Fast Ethernet NICs are available. Channel bonding proves particularly useful when using quad Fast Ethernet NICs. In the Cisco context, this feature is referred to as Fast/Giga EtherChannel; in the Sun Solaris world, it is known as Fast/Giga Ethernet trunking. It offers some scalability and resilience between 100-Mbps and -Gbps interfaces, especially when the platform architecture (system bus) is not capable of driving full-duplex Gigabit Ethernet interfaces. Channel bonding in the UNIX world is often deployed in context with cluster architecture approaches such as Beowulf (http://www.beowulf.org/software/bonding.html). A FreeBSD kernel patch for channel bonding is available as well (http://people.freebsd.org/~wpaul/FEC/) via the NetGraph facility (see Appendix B, "The FreeBSD Netgraph Facility"). It compiled on my system without a glitch. I cannot offer advice and reports beyond this statement because of equipment constraints. On Linux, you have to enable the bonding driver support in the kernel Network Device Support section. It is essential to compile this as a module!

Interface Cloning

Usually special interfaces (pseudo interfaces) such as tunnels require provisioning at kernel compile-time. However, as a feature of modern UNIX operating systems, these can be added dynamically at runtime when required via, for example, the ifconfig create command sequence on BSD or certain dedicated user-space utilities. This has nothing in common with the interface-cloning approaches used by Cisco IOS Software (cloning from a template). Cloned routes are a different concept as well and are discussed in Chapter 8, "Static Routing Concepts."

ECMP (Equal-Cost Multi-Path)

ECMP is an important requirement to enable per-packet/per-destination (per-flow) multipath traffic balancing over multiple equal-cost interfaces. This is of a different nature than the previously discussed interface bonding and is important with regard to load-balancing/sharing and redundancy architectures. The term equal cost refers to an identical metric from the point of view of involved static or dynamic routing schemes.

In contrast to Cisco routers, UNIX IP stacks intrinsically have no perception of per-destination load sharing and generally act on a per-packet basis if not configured otherwise (such as in policy routing). Cisco IOS Software defaults to per-destination (per-flow) traffic balancing, as does Cisco Express Forwarding (CEF).

Driver Support for LAN/WAN Interface Cards

The following list offers a quick overview of important interface types supported by popular UNIX operating systems:

10/100-Mbps Ethernet and 4/16-Mbps Token Ring adapters have been supported for a long time on all discussed operating systems.

Although an intriguing concept, 100-Mbps Token Ring has never really generated enough customer interest to penetrate the market.

Gigabit Ethernet support is sufficiently available as well, but you must take into consideration the performance capabilities of the gateway's bus architecture to feed traffic to these high-performance full-duplex cards. At the time of this writing, 10Gigabit adapters make no sense on these systems and will be more of a feature of 64-bit architectures.

Fibre Channel adapters are available as well, and they are used primarily to build storage-area networks (SANs).

Wireless network cards (IEEE 802.11B) are supported for the most prominent chipsets, especially the Cisco Aeronet product line, with the newer 802.11G driver support catching up in Linux 2.6.x and FreeBSD 5.x.

An attractive feature of the discussed UNIX operating systems is the option to use various PCI/ISA WAN interface cards. These flavors include clear-channel or channelized E1 synchronous serial adapters, T3 adapters, PRI cards, and ATM interfaces. These cards come in various flavors with regard to clocking, channelized or clear-channel operation, CSU/DSU integration, duplex transmission, and fractional bandwidths. Well-known producers of these adapters are Sangoma, Cyclades, ImageStream, Stallion, Prosum, and Fore Systems (now Marconi). Usually the vendors provide firmware updates, kernel modules, and utilities for BSD, Linux, and sometimes Sun Solaris. Some of these cards are also gaining popularity for use in software private branch exchange (PBX) systems for enterprise fax and telephony services (FXS/FXO/E1/PRI/BRI interfaces).

Encapsulation Support for WAN Interface Cards

The WAN interfaces I am aware of essentially support the following Layer 2 encapsulations:

Frame Relay

X.25

ATM

HDLC

PPP

The supported features with regard to ATM and Frame Relay vary depending on the vendor of these interface cards. I discuss certain aspects in Chapter 4, "Gateway WAN/Metro Interfaces," in a restricted fashion because of limited access to test equipment.

Support for Bridging Interfaces

Running a UNIX workstation in bridging mode offers two interesting possibilities.

The first is the ability to reduce the traffic on the broadcast domain by bridge segmentation. Because of the availability of cheap switches, this is rarely done anymore.

Second, and more interesting, is the ability to add a transparent IP-filtering and traffic-shaping bridge that is nearly impossible to attack from a remote IP address. It is able to inspect all forwarded frames without configured IP addresses on the interfaces; therefore, IP masquerading (Network Address Translation, or NAT) is not possible. It is okay to assign an IP address for administrative purposes, but you must bear in mind that it is the purpose of a bridge to forward all traffic, not just IP datagrams. You can either use protocol types for filtering non-IP protocols or use the blocknonip option of the OpenBSD brconfig(8) utility. Bridging requires that the interfaces be in promiscuous mode; therefore, the NICs will experience heavier load.

Loop protection in the bridging context is crude. Only Linux supports the 802.1D spanning-tree algorithm, but usually there exists no or only rudimentary Spanning Tree Protocol (STP) support. UNIX gateways were never designed to act as bridges or switches in complicated switch hierarchies/topologies. Therefore, you should prevent loops by design and not rely on the bridging code and its crude loop-protection mechanism to prevent disaster.

Linux and BSD-like operating systems support bridging modes on Ethernet-type interfaces. FreeBSD has expanded the bridging concept to support clustering and VLAN trunks. You will learn more about this feature in Chapter 5. Example 3-3 shows an example of enabling bridging support with a single FreeBSD kernel configuration line.

Example 3-3. BSD Kernel Bridging Support

options BRIDGE # for all BSD OSs

TCP Tuning

The Transport Control Protocol (TCP) is a far more complicated transport protocol than the User Datagram Protocol (UDP) because of its reliable (connection-oriented) character, more complex header, windowing mechanism, and three-way handshaking. Therefore, most IP stacks allow manipulation of TCP behavior to a large extent. This becomes more and more an issue because, unfortunately, several heavy-load protocols such as HTTP are based on TCP segments for transport. Example 3-4 demonstrates several TCP-related kernel configuration options.

Example 3-4. TCP sysctl Parameters

[root@callisto:~#] sysctl -a | grep tcp

net.ipv4.tcp_low_latency = 0

net.ipv4.tcp_frto = 0

net.ipv4.tcp_tw_reuse = 0

net.ipv4.tcp_adv_win_scale = 2

net.ipv4.tcp_app_win = 31

net.ipv4.tcp_rmem = 4096 87380 174760

net.ipv4.tcp_wmem = 4096 16384 131072

net.ipv4.tcp_mem = 48128 48640 49152

net.ipv4.tcp_dsack = 1

net.ipv4.tcp_ecn = 0

net.ipv4.tcp_reordering = 3

net.ipv4.tcp_fack = 1

net.ipv4.tcp_orphan_retries = 0

net.ipv4.tcp_max_syn_backlog = 1024

net.ipv4.tcp_rfc1337 = 0

net.ipv4.tcp_stdurg = 0

net.ipv4.tcp_abort_on_overflow = 0

net.ipv4.tcp_tw_recycle = 0

net.ipv4.tcp_syncookies = 0

net.ipv4.tcp_fin_timeout = 60

net.ipv4.tcp_retries2 = 15

net.ipv4.tcp_retries1 = 3

net.ipv4.tcp_keepalive_intvl = 75

net.ipv4.tcp_keepalive_probes = 9

net.ipv4.tcp_keepalive_time = 7200

net.ipv4.tcp_max_tw_buckets = 180000

net.ipv4.tcp_max_orphans = 8192

net.ipv4.tcp_synack_retries = 5

net.ipv4.tcp_syn_retries = 5

net.ipv4.tcp_retrans_collapse = 1

net.ipv4.tcp_sack = 1

net.ipv4.tcp_window_scaling = 1

net.ipv4.tcp_timestamps = 1

Tunnel Support

The open-source operating systems under consideration offer a large variety of kernel- and user-space tunnel solutions, with or without protocol transparency, and with or without encryption/compression. The most widely known are as follows:

IPSec (standard)

IP-IP (standard)

GRE/Mobile IP (standard)

PPTP (standard)

L2TP (standard)

CIPE (no standard, kernel and user space)

VTun (no standard, user space)

Stunnel (HTTPS) (no standard, user space)

As of this writing, not all of the operating systems support all of these approaches. FreeBSD, for example, only offers early user-space Generic Routing Encapsulation (GRE) support. The safest bet still is to use the same solution for both tunnel endpoints.

What most tunnel solutions have in common is the fact that they reduce the available maximum transmission unit (MTU) size because of encapsulation overhead. You must take this into consideration to prevent fragmentation troubles or breaking path MTU discovery (PMTU).

Multicast Support

Linux and BSD operating systems are easily multicast-enabled with two kernel configuration entries. For a detailed discussion of kernel-space and user-space multicast tools, see Chapter 14, "Multicast Architectures."

Example 3-5 shows related kernel configuration lines for BSD, and Example 3-6 shows the relevant sysctl Linux parameters.

Example 3-5. Multicast Configuration Options on BSD

options MROUTING # mrouted (DVMRP)

options PIM # PIM-SMv2/PIM-DM

Example 3-6. sysctl Multicast Parameter

[root@callisto:~#] sysctl -a | grep igmp

net.ipv4.igmp_max_memberships = 20

[root@callisto:~#] sysctl -a | grep mc

net.ipv4.conf.pimreg.mc_forwarding = 1

net.ipv4.conf.ipsec0.mc_forwarding = 0

net.ipv4.conf.eth1.mc_forwarding = 1

net.ipv4.conf.eth0.mc_forwarding = 1

net.ipv4.conf.lo.mc_forwarding = 0

net.ipv4.conf.default.mc_forwarding = 0

net.ipv4.conf.all.mc_forwarding = 1

net.ipv4.neigh.pimreg.mcast_solicit = 3

net.ipv4.neigh.ipsec0.mcast_solicit = 0

net.ipv4.neigh.eth1.mcast_solicit = 3

net.ipv4.neigh.eth0.mcast_solicit = 3

net.ipv4.neigh.lo.mcast_solicit = 3

net.ipv4.neigh.default.mcast_solicit = 3

[root@callisto:~#] sysctl -a | grep pim

net.ipv4.conf.pimreg.arp_filter = 0

net.ipv4.conf.pimreg.tag = 0

net.ipv4.conf.pimreg.log_martians = 0

net.ipv4.conf.pimreg.bootp_relay = 0

net.ipv4.conf.pimreg.medium_id = 0

net.ipv4.conf.pimreg.proxy_arp = 0

net.ipv4.conf.pimreg.accept_source_route = 1

net.ipv4.conf.pimreg.send_redirects = 1

net.ipv4.conf.pimreg.rp_filter = 0

net.ipv4.conf.pimreg.shared_media = 1

net.ipv4.conf.pimreg.secure_redirects = 1

net.ipv4.conf.pimreg.accept_redirects = 1

net.ipv4.conf.pimreg.mc_forwarding = 1

net.ipv4.conf.pimreg.forwarding = 1

net.ipv4.neigh.pimreg.locktime = 100

net.ipv4.neigh.pimreg.proxy_delay = 80

net.ipv4.neigh.pimreg.anycast_delay = 100

net.ipv4.neigh.pimreg.proxy_qlen = 64

net.ipv4.neigh.pimreg.unres_qlen = 3

net.ipv4.neigh.pimreg.gc_stale_time = 60

net.ipv4.neigh.pimreg.delay_first_probe_time = 5

net.ipv4.neigh.pimreg.base_reachable_time = 30

net.ipv4.neigh.pimreg.retrans_time = 100

net.ipv4.neigh.pimreg.app_solicit = 0

net.ipv4.neigh.pimreg.ucast_solicit = 3

net.ipv4.neigh.pimreg.mcast_solicit = 3

Firewall and Traffic-Shaping Support

Mature and feature-rich firewalling and masquerading (NAT) support exists for Linux (netfilter/iptables) and BSD (pf, ipf, ipfw). The kernel configuration examples in Appendix A are self-explanatory and commented appropriately. On BSD systems, I do not recommend installing two different firewall systems at the same time unless you have good reasons to do so, such as traffic conditioning. All operating systems under discussion offer sophisticated traffic-shaping and traffic-queuing engines, both in kernel space (ALTQ, dummydev, ipfw) and user space (VTun). These features intrinsically influence traffic leaving an interface of the gateway, not entering. In addition, Linux supports advanced quality of service (QoS) mechanisms (TC, DiffServ, RSVP) to make queuing decisions deviating from the default first in, first out (FIFO) behavior. It is also possible to use a routing table-based or firewall-based classifier.

The IPv6 Protocol Stack

All test platforms provide a full IPv6 stack with accompanying tools. However, discussion of IPv6 goes beyond the scope of this book.

OSPF (Open Shortest Path First)

4:20 AM

0 comments

OSPFv2

OSPF (Open Shortest Path First) is the most popular among the link-state routing protocols. The current IPv4 version, OSPFv2, is widely deployed throughout carrier, ISP, and enterprise networks. OSPFv3 essentially is an IPv6-enabled OSPF. It is a well documented protocol in terms of standards, books, guides, and white paper density.

The knowledge level is high among those who deploy and operate OSPFv2. Integrated IS-IS, however, is catching up in popularity, although those familiar with its addressing already appreciate its simplicity. OSPF is multicast-based (224.0.0.5 = AllSPFRouters, 224.0.0.6 = AllDRouters).

OSPF facilitates 11 different LSA types. This is the biggest obstacle and source for confusion that OSPF apprentices face. OSPF and IS-IS both support Equal-Cost Multi-Path (ECMP), an important feature for optimal link utilization. OSPF uses an arbitrary metric (cost) that is based on link bandwidth in the Cisco implementation.

The Cisco IOS implementation will do equal-cost load balancing for up to six equal-cost routes for OSPF and IS-IS. This condition is characterized by including all routes in the forwarding table. Route tagging and authentication are additional features of modern implementations. Traffic-engineering extensions to OSPF (OSPF-TE) via TE-LSAs are available as well. Traffic engineering in combination with leaf-area concepts is particularly difficult to implement, given the intrinsic behavior of link-state routing protocols.

Lab 9-4: Leaf-Area Design Featuring GateD and Cisco IOS

The topology used in this lab is presented in Figure 9-3. Although this is a rather complex lab, do not get intimidated beforehand.

Three additional Cisco Routers—laurel, hardy and chaplin—are introduced. Each of them has a loopback address configured that is used as the router ID for the OSPF router process configurations as well.

All three UNIX gateways are running GateD. For demonstration of the area concept, four distinct areas have been introduced:

A backbone area 0
A regular leaf area 5
A total stub leaf area 7
An NSSA leaf area 1 (This area also uses a network range statement for a summary ABR advertisement into the backbone area.)

Examples 9-10 through 9-18 present the Cisco IOS Software and GateD configurations, the kernel routing table, as well as ospf_monitor output and output from the GateD interactive user interface (GII). The ospf_monitor utility requires a start file in the examples named /etc/ospf.mon.

I am aware of the fact that these example listings are somewhat lengthy. Keep in mind that they mostly present status output and serve the purpose that you do not have to rebuild every lab to get the most out of it.

CAUTION

GateD's OSPF operation did not like Linux alias interfaces (eth1:1) in the config file. This appears to be rather a parser (the colon) than an implementation problem. This is the reason why it was removed from Figure 9-3. It will be reintroduced when configuring the same lab with Zebra instances. The use of this notation is deprecated anyway on Linux and will most likely disappear pretty soon.

Example 9-10 shows castor's GateD configuration and accompanying output. The export proto ospfase{} clause is required for route export (redistribution in Cisco terminology). The export of connected interface routes (=direct) and static routes is equivalent to the Cisco IOS experience. The redistribution of kernel routes exports prefixes added via the kernel interface (usually added manually). Remember that these are separate entities on a UNIX gateway.

What are ASE routes exactly? They are autonomous system external routes. This is consistent with Cisco IOS notation. According to Cisco IOS notation, a router that redistributes routes into OSPF is referred to as an autonomous system boundary router (ASBR); the same applies to redistributed routes.

The GateD interactive interface command show ip walkdown 0/0 shows GateD's view of direct, static, connected, kernel, and OSPF routes. The show kernel capabilities are especially important when adding static routes to the gated.cfg file, because not all options (blackhole, reject, hide, and so on) are supported by all operating systems. GateD also communicates this via syslog statements to /var/log/messages.

NOTE

Example 9-10 also presents an overview of OSPF-related timers, which might prove useful to track down adjacency problems. If you have difficulties understanding general OSPF concepts, turn to the "Recommended Reading" section; this book does not offer an in-depth introduction to OSPF or IS-IS.

Example 9-10. Castor GateD Configuration and Output

[root@castor:~#] cat /etc/gated.cfg

routerid 192.168.2.7;

rip off;

ospf yes{

        backbone{

                networks{

                        192.168.2.0  mask 255.255.255.0;

                        192.168.7.0  mask 255.255.255.0;

                        192.168.80.0 mask 255.255.255.0;

                };

                interface xl0 ed0 vlan8;

        };

};

export proto ospfase{

       proto static;

       proto direct;

       proto kernel;

};



[root@castor:~#] netstat -rn -f inet

Routing tables



Internet:

Destination        Gateway            Flags    Refs      Use  Netif Expire

default            192.168.2.254      UGSc        2       15    xl0

127                127.0.0.1          URc         0        0    lo0

127.0.0.1          127.0.0.1          UH          0       38    lo0

192.168.1          192.168.2.254      UGc         1       45    xl0

192.168.1.254      192.168.2.254      UGH         0       34    xl0

192.168.2          link#1             UC          1        0    xl0

192.168.2.254      52:54:05:e3:e4:2f  UHLW        9       19    xl0    398

192.168.7          link#2             UC          1        0    ed0

192.168.7.254      00:00:0c:1a:a9:a8  UHLW        5       68    ed0    490

192.168.13/29      192.168.7.254      UGc         0       11    ed0

192.168.14         192.168.2.254      UGc         0        0    xl0

192.168.16/23      192.168.7.254      UGc         0        0    ed0

192.168.19         192.168.2.254      UGc         0        0    xl0

192.168.80         link#14            UC          1        0  vlan8

192.168.80.254     52.54.5.e3.e4.2f   UHLW        0        0  vlan8    120

192.168.201.1      192.168.2.254      UGH         0        0    xl0

192.168.201.2      192.168.7.254      UGH         0        0    ed0

192.168.201.3      192.168.7.254      UGH         1       14    ed0

192.168.201.4      192.168.2.254      UGH         0        0    xl0

111.11.117         192.168.2.254      UGc         0        0    xl0

224.0.0.5          127.0.0.1          UH          0        0    lo0

224.0.0.6          127.0.0.1          UH          0        0    lo0



[root@castor:~#] telnet localhost 616

Trying 127.0.0.1...

Connected to localhost (127.0.0.1).

Escape character is '^]'.

Password?

100 Gated Interactive Interface. Version gated-public-3_6



GateD-castor> show interface

100 #ind name     address         mtu       flags

100 #1   xl0      192.168.2.7     1500/1436 Up Broadcast Multicast Simplex Allmulti

100 #2   ed0      192.168.7.7     1500/1436 Up Broadcast Multicast Simplex Allmulti

100 #13  lo0      127.0.0.1       16384/16320 Up Loopback Multicast

100 #14  vlan8    192.168.80.1    1496/1432 Up Broadcast Multicast Simplex



GateD-castor> show ip walkdown 0/0

100 Ker         0.0.0.0/0  192.168.2.254   IGP (Id 1)

100 Sta             127/8  127.0.0.1       IGP (Id 1)

100 Dir       127.0.0.1/32 127.0.0.1       IGP (Id 1)

100 OSP       192.168.1/24 192.168.2.254   IGP (Id 1)

100 Ker     192.168.1.2/32 192.168.2.254   IGP (Id 1)

100 OSP   192.168.1.254/32 192.168.2.254   IGP (Id 1)

100 Dir       192.168.2/24 192.168.2.7     IGP (Id 1)

100 Dir       192.168.7/24 192.168.7.7     IGP (Id 1)

100 OSP      192.168.13/29 192.168.7.254   IGP (Id 1)

100 OSP      192.168.14/24 192.168.2.254   IGP (Id 1)

100 OSP      192.168.16/23 192.168.7.254   IGP (Id 1)

100 OSP      192.168.19/24 192.168.2.254   IGP (Id 1)

100 Dir      192.168.80/24 192.168.80.1    IGP (Id 1)

100 OSP   192.168.201.1/32 192.168.2.254   IGP (Id 1)

100 OSP   192.168.201.2/32 192.168.7.254   IGP (Id 1)

100 OSP   192.168.201.3/32 192.168.7.254   IGP (Id 1)

100 OSP   192.168.201.4/32 192.168.2.254   IGP (Id 1)

100 OSP      111.11.117/24 192.168.2.254   IGP (Id 1)



GateD-castor> show ip route 192.168.16.0/23

100 Route 192.168.16 - 255.255.254 entries 1 Announced 1 Depth 0 <>

100   Proto Next Hop        Source Gwt      Preference/2 Metric/2 etc...

100 * OSPF  192.168.7.254   ---             10/0    7/-1          0        22:16:49 IGP 

(Id 1) 



GateD-castor> show timer

100 Name                           Task     Last   Next   Intrvl Jitter flags

100 AGE                  IF       00:00s 00:05s 00:00s 00:00s 

100 Retransmit           OSPF     00:04s 00:01s 00:05s 00:00s <>

100 Adjacency            OSPF     00:00s 00:15s 00:00s 00:00s 

100 Hello                OSPF     00:09s 00:01s 00:10s 00:00s 

100 Retransmit           OSPF     00:00s 00:05s 00:05s 00:00s <>

100 Adjacency            OSPF     00:00s 00:09s 00:00s 00:00s 

100 Hello                OSPF     00:00s 00:10s 00:10s 00:00s 

100 Retransmit           OSPF     00:01s 00:04s 00:05s 00:00s <>

100 Adjacency            OSPF     00:00s 00:14s 00:00s 00:00s 

100 Hello                OSPF     00:01s 00:09s 00:10s 00:00s 

100 Lock                 OSPF     00:01s 00:04s 00:05s 00:00s <>

100 Ack                  OSPF     00:06s 00:00s 00:00s 00:00s 

100 LSDBAseAge           OSPF     00:24s 00:37s 01:01s 00:00s <>

100 LSDBSumAge           OSPF     02:44s 12:16s 15:00s 00:00s <>

100 LSDBIntAge           OSPF     03:48s 11:12s 15:00s 00:00s <>

100 LSAGenInt            OSPF     22:34s 07:26s 30:00s 00:00s <>

100 LSAGenAse            OSPF     00:05s 00:02s 00:07s 00:00s <>

100 AseQueue             OSPF     19:33s 00:00s 00:00s 00:00s 

100 IfCheck              KRT      00:11s 00:49s 01:00s 00:00s <>

100 Timeout              KRT      00:00s 00:00s 00:00s 00:00s 

100 Age                  Redirect 00:00s 00:49s 00:00s 00:00s 

100 Startup              SMUX     00:11s 00:49s 01:00s 00:00s <>



GateD-castor> show kernel

100 Kernel options: <> Support: 

100 IP forwarding: 1 UDP checksums 1

100 The time is 22:18:47

Example 9-11 introduces the powerful ospf_monitor utility with its accompanying configuration file and the resulting monitoring output. It is part of the GateD binaries. The configuration file just includes remote hosts, which should be monitored. The especially helpful thing about ospf_monitor is that it offers a rich set of queries for local and remote hosts running GateD. At the beginning of Example 9-11, the ospf_monitor help facility explains the abbreviated queries used.

Example 9-11. Callisto ospf_monitor Output for Remote Host Castor

[root@callisto:~#] cat /etc/ospf.mon

192.168.1.254   ganymed

192.168.1.1     callisto

192.168.2.7     castor

192.168.1.2     pollux



[root@callisto:~#] ospf_monitor /etc/ospf.mon



[ 1 ] dest command params > ?

Local commands:

   ?: help

   ?R: remote command information

   d: show configured destinations

   h: show history

   x: exit

   @ : use last destination

   @ : use configured destination

   F : write monitor information to filename

   S: write monitor information to stdout (default)



[ 2 ] dest command params > ?R

Remote-commands:

   a    : show link state advertisement

   c: show cumulative log

   e: show cumulative errors

   l:  dump lsdb (except for ASEs)

   A:  dump ASEs

   W:  dump ASEs with LSIDs

   o: print ospf routing table

   I: show interfaces

   h: show next hops

   N : show neighbors - if r is set will print retrans lst



[ 3 ] dest command params > d

1: 192.168.1.254   ganymed

2: 192.168.1.1     callisto

3: 192.168.2.7     castor

4: 192.168.1.2     pollux



[ 4 ] dest command params > @3 N

   remote-command  sent to 192.168.2.7



          Source <<192.168.2.7      castor>>



Interface: 192.168.2.7     Area: 0.0.0.0

Router Id       Nbr IP Addr     State      Mode   Prio

------------------------------------------------------

192.168.44.1    192.168.2.254   Full       Slave  1



Interface: 192.168.7.7     Area: 0.0.0.0

Router Id       Nbr IP Addr     State      Mode   Prio

------------------------------------------------------

192.168.201.2   192.168.7.254   Full       Slave  1



Interface: 192.168.80.1    Area: 0.0.0.0

Router Id       Nbr IP Addr     State      Mode   Prio

------------------------------------------------------

192.168.44.1    192.168.80.254  Full       Slave  1

done



[ 5 ] dest command params > @3 I

   remote-command  sent to 192.168.2.7



          Source <<192.168.2.7      castor>>



Area: 0.0.0.0

IP Address      Type  State    Cost Pri DR             BDR

----------------------------------------------------------------------

192.168.2.7     Bcast DR Other 1    0   192.168.2.254   None

192.168.7.7     Bcast DR Other 1    0   192.168.7.254   None

192.168.80.1    Bcast DR Other 1    0   192.168.80.254  None

done

[ 7 ] dest command params > @3 h

   remote-command  sent to 192.168.2.7



          Source <<192.168.2.7      castor>>

Next hops:



Address          Type      Refcount  Interface

-------------------------------------------------------------

192.168.2.7      Direct           3  192.168.2.7     xl0

192.168.2.254    Neighbor        30  192.168.2.7     xl0

192.168.7.7      Direct           3  192.168.7.7     ed0

192.168.7.254    Neighbor        16  192.168.7.7     ed0

192.168.80.1     Direct           3  192.168.80.1    vlan8

192.168.80.254   Neighbor         1  192.168.80.1    vlan8

done



[ 8 ] dest command params > @3 o

   remote-command  sent to 192.168.2.7



          Source <<192.168.2.7      castor>>

AS Border Routes:

Router          Cost AdvRouter       NextHop(s)

----------------------------------------------------

Area 0.0.0.0:

192.168.2.7        0 192.168.2.7

192.168.201.2      1 192.168.201.2   192.168.7.254

192.168.44.1       1 192.168.44.1    192.168.2.254

192.168.1.1        2 192.168.1.1     192.168.2.254



Total AS Border routes: 4



Area Border Routes:

Router          Cost AdvRouter       NextHop(s)

----------------------------------------------------

Area 0.0.0.0:

192.168.201.4     13 192.168.201.4   192.168.2.254

192.168.201.2      1 192.168.201.2   192.168.7.254

192.168.1.1        2 192.168.1.1     192.168.2.254

Total Area Border Routes: 3



Summary AS Border Routes:

Router          Cost AdvRouter       NextHop(s)

---------------------------------------------------

192.168.201.1      3 192.168.1.1     192.168.2.254

Total Summary AS Border Routes: 1



Networks:

Destination        Area            Cost Type NextHop         AdvRouter

----------------------------------------------------------------------------

192.168.7          0.0.0.0            1 Net  192.168.7.7     192.168.201.2

192.168.201.2      0.0.0.0            2 Stub 192.168.7.254   192.168.201.2

192.168.16/23      0.0.0.0            7 SNet 192.168.7.254   192.168.201.2

192.168.13.0/29    0.0.0.0            7 SNet 192.168.7.254   192.168.201.2

192.168.201.3      0.0.0.0            8 SNet 192.168.7.254   192.168.201.2

192.168.2          0.0.0.0            1 Net  192.168.2.7     192.168.44.1

192.168.80         0.0.0.0            1 Net  192.168.80.1    192.168.44.1

192.168.1          0.0.0.0            2 Net  192.168.2.254   192.168.44.1

192.168.19         0.0.0.0           13 SNet 192.168.2.254   192.168.1.1

192.168.14         0.0.0.0            3 SNet 192.168.2.254   192.168.1.1

192.168.201.1      0.0.0.0            4 SNet 192.168.2.254   192.168.1.1

192.168.201.4      0.0.0.0           14 SNet 192.168.2.254   192.168.201.4

ASEs:

Destination        Cost E      Tag NextHop         AdvRouter

-----------------------------------------------------------------------------

0.0.0.0              1   1 c0000000 192.168.2.254   192.168.44.1

111.11.117           1   1 c0000000 192.168.2.254   192.168.44.1

192.168.1.254        1   1 c0000000 192.168.2.254   192.168.44.1

Total nets: 12

        Intra Area: 4   Inter Area: 8   ASE: 3

done



[ 10 ] dest command params > @3 e

   remote-command  sent to 192.168.2.7



          Source <<192.168.2.7      castor>>

Packets Received:

   5: Monitor request                    549: Hello

  13: DB Description                       0: Link-State Req

  86: Link-State Update                   20: Link-State Ack



Packets Sent:

   0: Monitor response                   551: Hello

  14: DB Description                       3: Link-State Req

  96: Link-State Update                   28: Link-State Ack



Errors:

   0: IP: bad destination                  0: IP: bad protocol

   0: IP: received my own packet           0: OSPF: bad packet type

   0: OSPF: bad version                    0: OSPF: bad checksum

   0: OSPF: bad area id                    0: OSPF: area mismatch

   0: OSPF: bad virtual link               0: OSPF: bad authentication type

   0: OSPF: bad authentication key         0: OSPF: packet too small

   0: OSPF: packet size > ip length        0: OSPF: transmit error

   0: OSPF: interface down                 0: OSPF: unknown neighbor

   0: HELLO: netmask mismatch              0: HELLO: hello timer mismatch

   0: HELLO: dead timer mismatch           0: HELLO: extern option mismatch

   0: HELLO: router id confusion           0: HELLO: virtual neighbor unknown

   0: HELLO: NBMA neighbor unknown         0: DD: neighbor state low

   0: DD: router id confusion              0: DD: extern option mismatch

   0: DD: unknown LSA type                 0: LS ACK: neighbor state low

   0: LS ACK: bad ack                      0: LS ACK: duplicate ack

   0: LS ACK: Unknown LSA type             0: LS REQ: neighbor state low

   0: LS REQ: empty request                0: LS REQ: bad request

   0: LS UPD: neighbor state low           0: LS UPD: newer self-gen LSA

   0: LS UPD: LSA checksum bad             3: LS UPD: received less recent LSA

   0: LS UPD: unknown LSA type

done



[ 11 ] dest command params > @3 c

   remote-command  sent to 192.168.2.7



          Source <<192.168.2.7      castor>>

IO stats

        Input  Output  Type

             6       0  Monitor request

           561     566  Hello

            13      14  DB Description

             0       3  Link-State Req

            88     100  Link-State Update

            21      28  Link-State Ack

        ASE: 7 checksum sum 387C5



        LSAs originated: 10     received: 73

                Router: 5  ASE: 5



        Area 0.0.0.0:

                Neighbors: 3    Interfaces: 3

                Spf: 11 Checksum sum EE7DB

                DB: rtr: 5 net: 4 sumasb: 6 sumnet: 13



Routing Table:

        Intra Area: 4   Inter Area: 8   ASE: 3

done

Examples 9-12 and 9-13 show the configuration of two virtual links to connect the isolated total stub area 7 to the backbone area via a transit area 5. Virtual links always connect two ABRs; in our example, the two virtual links connect scar/callisto and chaplin. GateD uses different default timer settings than Cisco IOS Software; this explains the additional configuration lines in the callisto gated.conf file to bring the tunnels up. Callisto and scar act as ABRs.

Example 9-12. Callisto GateD Configuration and Output

[root@callisto:~#] cat /etc/gated.conf

routerid 192.168.1.1;

rip off;

ospf yes{

        backbone{

                networks{

                        192.168.1.0  mask 255.255.255.0;

                };

                interface eth1;

                virtuallink neighborid 192.168.201.4 transitarea 5 {

                        hellointerval 10;

                        routerdeadinterval 40;

                        retransmitinterval 5;

                        transitdelay 40;

                };

        };

        area 5{

                networks{

                        192.168.14.0  mask 255.255.255.0;

                };

                interface eth0;

        };

};

static{

        default gateway 192.168.1.254;

};

export proto ospfase{

        proto static{all; };

        proto direct{all; };

        proto kernel{all; };

};



[root@callisto:~#] ip route

192.168.201.2 via 192.168.1.254 dev eth1  proto gated

192.168.201.3 via 192.168.1.254 dev eth1  proto gated

192.168.201.1 via 192.168.14.2 dev eth0  proto gated

192.168.1.2 via 192.168.1.254 dev eth1  proto gated

224.0.0.6 via 127.0.0.1 dev lo  proto gated  scope link

192.168.201.4 via 192.168.14.2 dev eth0  proto gated

224.0.0.5 via 127.0.0.1 dev lo  proto gated  scope link

192.168.1.254 via 192.168.1.254 dev eth1  proto gated

127.0.0.1 dev lo  proto gated  scope link

192.168.13.0/29 via 192.168.1.254 dev eth1  proto gated

192.168.7.0/24 via 192.168.1.254 dev eth1  proto gated

111.11.117.0/24 via 192.168.1.254 dev eth1  proto gated

192.168.19.0/24 via 192.168.14.2 dev eth0  proto gated

192.168.2.0/24 via 192.168.1.254 dev eth1  proto gated

192.168.80.0/24 via 192.168.1.254 dev eth1  proto gated

192.168.1.0/24 dev eth1  proto gated  scope link

192.168.14.0/24 dev eth0  scope link

192.168.16.0/23 via 192.168.1.254 dev eth1  proto gated

unreachable 127.0.0.0/8  proto gated  scope link

default via 192.168.1.254 dev eth1



[root@callisto:~#] netstat -rne

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

192.168.201.2   192.168.1.254   255.255.255.255 UGH   0      0        0 eth1

192.168.201.3   192.168.1.254   255.255.255.255 UGH   0      0        0 eth1

192.168.201.1   192.168.14.2    255.255.255.255 UGH   0      0        0 eth0

192.168.1.2     192.168.1.254   255.255.255.255 UGH   0      0        0 eth1

224.0.0.6       127.0.0.1       255.255.255.255 UGH   0      0        0 lo

192.168.201.4   192.168.14.2    255.255.255.255 UGH   0      0        0 eth0

224.0.0.5       127.0.0.1       255.255.255.255 UGH   0      0        0 lo

192.168.1.254   192.168.1.254   255.255.255.255 UGH   0      0        0 eth1

127.0.0.1       0.0.0.0         255.255.255.255 UH    0      0        0 lo

192.168.13.0    192.168.1.254   255.255.255.248 UG    0      0        0 eth1

192.168.7.0     192.168.1.254   255.255.255.0   UG    0      0        0 eth1

111.11.117.0    192.168.1.254   255.255.255.0   UG    0      0        0 eth1

192.168.19.0    192.168.14.2    255.255.255.0   UG    0      0        0 eth0

192.168.2.0     192.168.1.254   255.255.255.0   UG    0      0        0 eth1

192.168.80.0    192.168.1.254   255.255.255.0   UG    0      0        0 eth1

192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1

192.168.14.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0

192.168.16.0    192.168.1.254   255.255.254.0   UG    0      0        0 eth1

127.0.0.0       -               255.0.0.0       !     0      -        0 -

0.0.0.0         192.168.1.254   0.0.0.0         UG    0      0        0 eth1





[root@callisto:~#] ospf_monitor /etc/ospf.mon

listening on 0.0.0.0.33862

[ 1 ] dest command params > @2 N

   remote-command  sent to 192.168.1.1



          Source <<192.168.1.1      callisto>>



Interface: 192.168.1.1     Area: 0.0.0.0

Router Id       Nbr IP Addr     State      Mode   Prio

------------------------------------------------------

192.168.44.1    192.168.1.254   Full       Slave  1



Interface: 192.168.14.1    Area: 0.0.0.5

Router Id       Nbr IP Addr     State      Mode   Prio

------------------------------------------------------

192.168.201.1   192.168.14.2    Full       Slave  1

192.168.201.2   192.168.14.254  Full       Slave  1



Virtual links:

Interface       Router Id       Nbr IP Addr     State      Mode   Prio

----------------------------------------------------------------------

192.168.14.1    192.168.201.4   192.168.19.2    Full       Slave  0

done



[ 5 ] dest command params > @2 I

   remote-command  sent to 192.168.1.1



          Source <<192.168.1.1      callisto>>



Area: 0.0.0.0

IP Address      Type  State    Cost Pri DR             BDR

----------------------------------------------------------------------

192.168.1.1     Bcast DR Other 1    0   192.168.1.254   None

Area: 0.0.0.5

IP Address      Type  State    Cost Pri DR             BDR

----------------------------------------------------------------------

192.168.14.1    Bcast DR Other 1    0   192.168.14.254  192.168.14.2



Virtual Links:

Transit Area    Router ID       Remote IP       Local IP        Type  State    Cost

-----------------------------------------------------------------------------------

0.0.0.5         192.168.201.4   192.168.19.2    192.168.14.1    Virt  P To P   11

done



[ 7 ] dest command params > @2 h

   remote-command  sent to 192.168.1.1



          Source <<192.168.1.1      callisto>>

Next hops:



Address          Type      Refcount  Interface

-------------------------------------------------------------

192.168.1.1      Direct           3  192.168.1.1     eth1

192.168.1.254    Neighbor        33  192.168.1.1     eth1

192.168.14.1     Direct           3  192.168.14.1    eth0

192.168.14.2     Neighbor        15  192.168.14.1    eth0

192.168.14.254   Neighbor         4  192.168.14.1    eth0

192.168.19.2     Neighbor         1  192.168.14.1    eth0

done



[ 10 ] dest command params > @2 c

   remote-command  sent to 192.168.1.1



          Source <<192.168.1.1      callisto>>

IO stats

        Input  Output  Type

            13       0  Monitor request

          8720    8225  Hello

            75     129  DB Description

            27      34  Link-State Req

           568     479  Link-State Update

           221     315  Link-State Ack

        ASE: 7 checksum sum 381C8



        LSAs originated: 159    received: 359

                Router: 20  SumNet: 104  SumASB: 29  ASE: 6



        Area 0.0.0.0:

                Neighbors: 2    Interfaces: 1

                Spf: 28 Checksum sum 10C3EC

                DB: rtr: 5 net: 4 sumasb: 6 sumnet: 13



        Area 0.0.0.5:

                Neighbors: 2    Interfaces: 1

                Spf: 18 Checksum sum 14C6DE

                DB: rtr: 4 net: 2 sumasb: 9 sumnet: 27



Routing Table:

        Intra Area: 6   Inter Area: 6   ASE: 5

Done



[ 12 ] dest command params > @2 o

   remote-command  sent to 192.168.1.1



          Source <<192.168.1.1      callisto>>

AS Border Routes:

Router          Cost AdvRouter       NextHop(s)

----------------------------------------------------

Area 0.0.0.0:

192.168.2.7        2 192.168.2.7     192.168.1.254

192.168.201.2      3 192.168.201.2   192.168.1.254

192.168.44.1       1 192.168.44.1    192.168.1.254

192.168.1.1        0 192.168.1.1



Area 0.0.0.5:

192.168.201.2      1 192.168.201.2   192.168.14.254

192.168.201.1      1 192.168.201.1   192.168.14.2

192.168.1.1        0 192.168.1.1



Total AS Border routes: 7



Area Border Routes:

Router          Cost AdvRouter       NextHop(s)

----------------------------------------------------

Area 0.0.0.0:

192.168.201.4     11 192.168.201.4   192.168.14.2

192.168.201.2      3 192.168.201.2   192.168.1.254

192.168.1.1        0 192.168.1.1



Area 0.0.0.5:

192.168.201.4     11 192.168.201.4   192.168.14.2

192.168.201.2      1 192.168.201.2   192.168.14.254

192.168.1.1        0 192.168.1.1



Total Area Border Routes: 6



Summary AS Border Routes:

Router          Cost AdvRouter       NextHop(s)

---------------------------------------------------



Networks:

Destination        Area            Cost Type NextHop         AdvRouter

----------------------------------------------------------------------------

192.168.1          0.0.0.0            1 Net  192.168.1.1     192.168.44.1

192.168.14         0.0.0.5            1 Net  192.168.14.1    192.168.201.2

192.168.19         0.0.0.5           11 Net  192.168.14.2    192.168.201.4

192.168.201.1      0.0.0.5            2 Stub 192.168.14.2    192.168.201.1

192.168.2          0.0.0.0            2 Net  192.168.1.254   192.168.44.1

192.168.80         0.0.0.0            2 Net  192.168.1.254   192.168.44.1

192.168.201.2      0.0.0.0            4 Stub 192.168.1.254   192.168.201.2

192.168.16/23      0.0.0.0            9 SNet 192.168.1.254   192.168.201.2

192.168.7          0.0.0.0            3 Net  192.168.1.254   192.168.201.2

192.168.201.3      0.0.0.0           10 SNet 192.168.1.254   192.168.201.2

192.168.13.0/29    0.0.0.0            9 SNet 192.168.1.254   192.168.201.2

192.168.201.4      0.0.0.0           12 SNet 192.168.14.2    192.168.201.4

ASEs:

Destination        Cost E      Tag NextHop         AdvRouter

-----------------------------------------------------------------------------

0.0.0.0              1   1 c0000000 192.168.1.254   192.168.44.1

111.11.117           1   1 c0000000 192.168.1.254   192.168.44.1

192.168.1.254        1   1 c0000000 192.168.1.254   192.168.44.1

192.168.1.2          2   1 c0000000 192.168.1.254   192.168.2.7

192.168.1.1          2   1 c0000000 192.168.1.254   192.168.2.7

Total nets: 12

        Intra Area: 6   Inter Area: 6   ASE: 5

done

Example 9-13. Callisto GateD Diagnostic Output

[root@callisto:~#] telnet localhost 616

Trying 127.0.0.1...

Connected to localhost (127.0.0.1).

Escape character is '^]'.

Password?

100 Gated Interactive Interface. Version gated-public-3_6



GateD-callisto> show kernel

100 Kernel options: <> Support: 

100 IP forwarding: 1 UDP checksums 1

100 The time is 22:43:18



GateD-callisto> show timer

100 Name                           Task     Last   Next   Intrvl Jitter Flags

100 AGE                  IF       00:00s 02:30s 00:00s 00:00s 

100 Retransmit           OSPF     00:00s 00:05s 00:05s 00:00s <>

100 Adjacency            OSPF     00:00s 00:00s 00:00s 00:00s 

100 Hello                OSPF     00:05s 00:05s 00:10s 00:00s 

100 Retransmit           OSPF     00:01s 00:04s 00:05s 00:00s <>

100 Adjacency            OSPF     00:00s 00:15s 00:00s 00:00s 

100 Hello                OSPF     00:06s 00:04s 00:10s 00:00s 

100 Retransmit           OSPF     00:01s 00:04s 00:05s 00:00s <>

100 Adjacency            OSPF     00:00s 00:22s 00:00s 00:00s 

100 Hello                OSPF     00:06s 00:04s 00:10s 00:00s 

100 Lock                 OSPF     00:00s 00:05s 00:05s 00:00s <>

100 Lock                 OSPF     00:01s 00:04s 00:05s 00:00s <>

100 Ack                  OSPF     06:14s 00:00s 00:00s 00:00s 

100 LSDBAseAge           OSPF     00:56s 00:05s 01:01s 00:00s <>

100 LSDBSumAge           OSPF     02:59s 12:01s 15:00s 00:00s <>

100 LSDBIntAge           OSPF     04:03s 10:57s 15:00s 00:00s <>

100 LSAGenSum            OSPF     06:15s 23:45s 30:00s 00:00s <>

100 LSAGenInt            OSPF     07:49s 22:11s 30:00s 00:00s <>

100 LSAGenAse            OSPF     00:06s 00:01s 00:07s 00:00s <>

100 AseQueue             OSPF     128:25s 00:00s 00:00s 00:00s 

100 IfCheck              KRT      00:02s 00:13s 00:15s 00:00s <>

100 Timeout              KRT      00:00s 00:00s 00:00s 00:00s 

100 Age                  Redirect 00:00s 02:58s 00:00s 00:00s 

100 Startup              SMUX     00:26s 00:34s 01:00s 00:00s <>



GateD-callisto> show interface

100 #ind Name     Address         Mtu       Flags

100 #1   lo       127.0.0.1       16436/16372 Up Loopback

100 #2   eth0     192.168.14.1    1500/1436 Up Broadcast Multicast

100 #3   eth1     192.168.1.1     1500/1436 Up Broadcast Multicast

100 #3   eth1     192.168.45.253  1500/1436 Up Broadcast Multicast



GateD-callisto> show ip walkdown 0/0

100 Sta         0.0.0.0/0  192.168.1.254   IGP (Id 1)

100 Sta             127/8  127.0.0.1       IGP (Id 1)

100 Dir       127.0.0.1/32 127.0.0.1       IGP (Id 1)

100 Dir       192.168.1/24 192.168.1.1     IGP (Id 1)

100 ---     192.168.1.1/32 ---

100 OSP     192.168.1.2/32 192.168.1.254   IGP (Id 1)

100 OSP   192.168.1.254/32 192.168.1.254   IGP (Id 1)

100 OSP       192.168.2/24 192.168.1.254   IGP (Id 1)

100 OSP       192.168.7/24 192.168.1.254   IGP (Id 1)

100 OSP      192.168.13/29 192.168.1.254   IGP (Id 1)

100 Dir      192.168.14/24 192.168.14.1    IGP (Id 1)

100 OSP      192.168.16/23 192.168.1.254   IGP (Id 1)

100 OSP      192.168.19/24 192.168.14.2    IGP (Id 1)

100 OSP      192.168.80/24 192.168.1.254   IGP (Id 1)

100 OSP   192.168.201.1/32 192.168.14.2    IGP (Id 1)

100 OSP   192.168.201.2/32 192.168.1.254   IGP (Id 1)

100 OSP   192.168.201.3/32 192.168.1.254   IGP (Id 1)

100 OSP   192.168.201.4/32 192.168.14.2    IGP (Id 1)

100 OSP      111.11.117/24 192.168.1.254   IGP (Id 1)

NOTE

Problems with adjacency establishment (gateways stuck in the two-way state) are often because of a problem of Designated Router/Backup Designated Router (DR/BDR) election. Defining different priority values can resolve this matter.

Example 9-14 presents the GateD configuration and output of the backbone area gateway ganymed with an example for priority statements to influence DR/BDR election.

Example 9-14. Ganymed GateD Configuration and Routing Table

[root@ganymed:~#] cat /etc/gated.cfg

routerid 192.168.44.1;

rip off;

ospf yes{

        backbone{

                networks{

                        192.168.1.0  mask 255.255.255.0;

                        192.168.2.0  mask 255.255.255.0;

                        192.168.80.0 mask 255.255.255.0;

                };

                interface ne3{

                        priority 1;

                };

                interface ne4{

                        priority 1;

                };

                interface vlan0{

                        priority 1;

                };

        };

};

export proto ospfase{

        proto static{all; };

        proto direct{all; };

        proto kernel{all; };

};



[root@ganymed:~#] netstat -rn -f inet

Routing tables



Internet:

Destination        Gateway            Flags     Refs     Use    Mtu  Interface

default            111.11.117.1       UGS         3    26477   1500   ne5

127/8              127.0.0.1          UR          0        0  33224   lo0

127.0.0.1          127.0.0.1          UH          1        2  33224   lo0

192.168.1/24       link#1             UC      -1850        0   1500   ne3

192.168.1.1        52:54:5:e3:51:87   UHL         4    19241   1500   ne3

192.168.1.2        8:0:46:64:74:1b    UHL         1    16446   1500   ne3

192.168.1.254      127.0.0.1          UGHS        0        0  33224   lo0

192.168.2/24       link#2             UC          0        0   1500   ne4

192.168.2.7        0:10:5a:c4:2c:4    UHL         5     4101   1500   ne4

192.168.7/24       192.168.2.7        UG          0       68   1496   ne4

192.168.13.0/29    192.168.2.7        UG          0       11   1500   ne4

192.168.14/24      192.168.1.1        UG         -2        2   1500   ne3

192.168.16/23      192.168.2.7        UG          0        0   1496   ne4

192.168.19/24      192.168.1.1        UG          0        0   1500   ne3

192.168.44.1       192.168.44.1       UH          0        0  33224   lo1

192.168.80/24      link#16            UC          0        0   1496   vlan0

192.168.201.1      192.168.1.1        UGH         0        0   1500   ne3

192.168.201.2      192.168.2.7        UGH         0        0   1496   ne4

192.168.201.3      192.168.2.7        UGH         1       53   1500   ne4

192.168.201.4      192.168.1.1        UGH         0        0   1500   ne3

111.11.117/24      link#3             UC          0        0   1500   ne5

111.11.117.1       0:5:9a:5b:23:fc    UHL         1        0   1500   ne5

224.0.0.5          127.0.0.1          UH          1     3082  33224   lo0

224.0.0.6          127.0.0.1          UH          0        0  33224   lo0

Example 9-15 shows the ABR router configuration of scar featuring a summary-address statement for testing purposes. The area 1 range 192.168.16.0 255.255.254.0 statement in Example 9-15 enables the ABR scar to consolidate contiguous address ranges into one summary advertisement (at bit-boundaries only, of course). Do not confuse it with the summary-address statement, which has a similar effect when redistribution of foreign protocols into OSPF comes into play.

Example 9-15. Scar Configuration and Diagnostic Output

scar# show running-config

...

router ospf 1

 router-id 192.168.201.2

 log-adjacency-changes

 area 1 nssa default-information-originate

 area 1 range 192.168.16.0 255.255.254.0

 area 5 virtual-link 192.168.201.4

 summary-address 172.16.0.0 255.240.0.0

 redistribute connected subnets

 redistribute static subnets

 passive-interface Serial0

 passive-interface Serial1

 passive-interface Serial2

 passive-interface Serial3

 network 192.168.7.0 0.0.0.255 area 0

 network 192.168.13.0 0.0.0.7 area 1

 network 192.168.14.0 0.0.0.255 area 5

 network 192.168.17.0 0.0.0.7 area 1

 network 192.168.201.2 0.0.0.0 area 0

 maximum-paths 2

...

ip route 0.0.0.0 0.0.0.0 192.168.7.7

ip route 0.0.0.0 0.0.0.0 192.168.14.1 200

...



scar# sh ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface

192.168.2.7       0   FULL/DROTHER    00:00:33    192.168.7.7     Ethernet0

192.168.201.1     1   FULL/BDR        00:00:38    192.168.14.2    Ethernet1

192.168.1.1       0   FULL/DROTHER    00:00:30    192.168.14.1    Ethernet1

192.168.201.3     1   FULL/DR         00:00:30    192.168.13.2    TokenRing0



scar# sh ip ospf border-routers

OSPF Process 1 internal Routing Table

Codes: i - Intra-area route, I - Inter-area route



i 192.168.44.1 [11] via 192.168.7.7, Ethernet0, ASBR, Area 0, SPF 40

i 192.168.1.1 [12] via 192.168.7.7, Ethernet0, ABR/ASBR, Area 0, SPF 40

i 192.168.1.1 [10] via 192.168.14.1, Ethernet1, ABR/ASBR, Area 5, SPF 24

i 192.168.201.3 [6] via 192.168.13.2, TokenRing0, ASBR, Area 1, SPF 11

i 192.168.201.1 [10] via 192.168.14.2, Ethernet1, ASBR, Area 5, SPF 24

i 192.168.201.4 [20] via 192.168.14.2, Ethernet1, ABR, Area 0, SPF 40

i 192.168.201.4 [20] via 192.168.14.2, Ethernet1, ABR, Area 5, SPF 24

i 192.168.2.7 [10] via 192.168.7.7, Ethernet0, ASBR, Area 0, SPF 40



scar# sh ip ospf virtual-links

Virtual Link OSPF_VL0 to router 192.168.201.4 is up

  Run as demand circuit

  DoNotAge LSA not allowed (Number of DCbitless LSA is 10).

  Transit area 5, via interface Ethernet1, Cost of using 20

  Transmit Delay is 1 sec, State POINT_TO_POINT,

  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

    Hello due in 00:00:00

    Adjacency State FULL (Hello suppressed)

    Index 2/4, retransmission queue length 0, number of retransmission 2

    First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)

    Last retransmission scan length is 2, maximum is 2

    Last retransmission scan time is 0 msec, maximum is 0 msec



scar# sh ip ospf summary-address

OSPF Process 1, Summary-address

172.16.0.0/255.240.0.0 Metric 16777215, Type 0, Tag 0



scar# sh ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

       * - candidate default, U - per-user static route, o - ODR

       P - periodic downloaded static route



Gateway of last resort is 192.168.7.7 to network 0.0.0.0



     192.168.13.0/29 is subnetted, 1 subnets

C       192.168.13.0 is directly connected, TokenRing0

C    192.168.14.0/24 is directly connected, Ethernet1

     192.168.201.0/32 is subnetted, 4 subnets

O       192.168.201.1 [110/11] via 192.168.14.2, 00:56:24, Ethernet1

O       192.168.201.3 [110/7] via 192.168.13.2, 01:01:52, TokenRing0

C       192.168.201.2 is directly connected, Loopback0

O IA    192.168.201.4 [110/21] via 192.168.14.2, 00:56:24, Ethernet1

O    192.168.80.0/24 [110/11] via 192.168.7.7, 00:56:24, Ethernet0

O E2 111.11.117.0/24 [110/1] via 192.168.7.7, 00:56:14, Ethernet0

C    192.168.7.0/24 is directly connected, Ethernet0

     192.168.17.0/29 is subnetted, 1 subnets

C       192.168.17.0 is directly connected, TokenRing1

     192.168.1.0/24 is variably subnetted, 4 subnets, 2 masks

O E2    192.168.1.1/32 [110/1] via 192.168.7.7, 00:40:20, Ethernet0

O       192.168.1.0/24 [110/12] via 192.168.7.7, 00:56:24, Ethernet0

O E2    192.168.1.2/32 [110/1] via 192.168.7.7, 00:56:14, Ethernet0

O E2    192.168.1.254/32 [110/1] via 192.168.7.7, 00:56:14, Ethernet0

O    192.168.2.0/24 [110/11] via 192.168.7.7, 00:56:24, Ethernet0

O    192.168.19.0/24 [110/20] via 192.168.14.2, 00:56:24, Ethernet1

S*   0.0.0.0/0 [1/0] via 192.168.7.7

O    192.168.16.0/23 is a summary, 01:01:52, Null0



scar# sh ip ospf

 Routing Process "ospf 1" with ID 192.168.201.2

 Supports only single TOS(TOS0) routes

 Supports opaque LSA

 It is an area border and autonomous system boundary router

 Redistributing External Routes from,

    connected, includes subnets in redistribution

    static, includes subnets in redistribution

 SPF schedule delay 5 secs, Hold time between two SPFs 10 secs

 Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs

 Number of external LSA 7. Checksum Sum 0x375CE

 Number of opaque AS LSA 0. Checksum Sum 0x0

 Number of DCbitless external and opaque AS LSA 7

 Number of DoNotAge external and opaque AS LSA 0

 Number of areas in this router is 3. 2 normal 0 stub 1 nssa

 External flood list length 0

    Area BACKBONE(0)

        Number of interfaces in this area is 3

        Area has no authentication

        SPF algorithm executed 40 times

        Area ranges are

        Number of LSA 28. Checksum Sum 0x109802

        Number of opaque link LSA 0. Checksum Sum 0x0

        Number of DCbitless LSA 10

        Number of indication LSA 0

        Number of DoNotAge LSA 0

        Flood list length 0

    Area 1

        Number of interfaces in this area is 2

        It is a NSSA area

        Perform type-7/type-5 LSA translation

        generates NSSA default route with cost 1

        Area has no authentication

        SPF algorithm executed 11 times

        Area ranges are

           192.168.16.0/23 Active(6) Advertise

        Number of LSA 13. Checksum Sum 0x72D48

        Number of opaque link LSA 0. Checksum Sum 0x0

        Number of DCbitless LSA 0

        Number of indication LSA 0

        Number of DoNotAge LSA 0

        Flood list length 0

    Area 5

        Number of interfaces in this area is 1

        Area has no authentication

        SPF algorithm executed 24 times

        Area ranges are

        Number of LSA 42. Checksum Sum 0x149EF2

        Number of opaque link LSA 0. Checksum Sum 0x0

        Number of DCbitless LSA 12

        Number of indication LSA 0

        Number of DoNotAge LSA 0

        Flood list length 0

Examples 9-16, 9-17, and 9-18 present the Cisco IOS configurations of the hardy, laurel, and chaplin routers. These are straightforward standard OSPF configurations featuring a virtual link and different leaf-area types.

Example 9-16. Hardy Configuration and Diagnostic Output

hardy# sh running-config

...

router ospf 1

 router-id 192.168.201.3

 log-adjacency-changes

 area 1 nssa

 redistribute connected subnets tag 1

 redistribute static subnets tag 1

 network 192.168.13.0 0.0.0.255 area 1

 network 192.168.201.3 0.0.0.0 area 1

 maximum-paths 2

...



hardy# sh ip ospf

 Routing Process "ospf 1" with ID 192.168.201.3

 Supports only single TOS(TOS0) routes

 Supports opaque LSA

 It is an autonomous system boundary router

 Redistributing External Routes from,

    connected, includes subnets in redistribution

    static, includes subnets in redistribution

 SPF schedule delay 5 secs, Hold time between two SPFs 10 secs

 Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs

 Number of external LSA 0. Checksum Sum 0x0

 Number of opaque AS LSA 0. Checksum Sum 0x0

 Number of DCbitless external and opaque AS LSA 0

 Number of DoNotAge external and opaque AS LSA 0

 Number of areas in this router is 1. 0 normal 0 stub 1 nssa

 External flood list length 0

    Area 1

        Number of interfaces in this area is 2

        It is a NSSA area

        Area has no authentication

        SPF algorithm executed 9 times

        Area ranges are

        Number of LSA 13. Checksum Sum 0x7274B

        Number of opaque link LSA 0. Checksum Sum 0x0

        Number of DCbitless LSA 0

        Number of indication LSA 0

        Number of DoNotAge LSA 0

        Flood list length 0



hardy# sh ip ospf interface

Loopback0 is up, line protocol is up

  Internet Address 192.168.201.3/32, Area 1

  Process ID 1, Router ID 192.168.201.3, Network Type LOOPBACK, Cost: 1

  Loopback interface is treated as a stub Host

TokenRing0 is up, line protocol is up

  Internet Address 192.168.13.2/29, Area 1

  Process ID 1, Router ID 192.168.201.3, Network Type BROADCAST, Cost: 6

  Transmit Delay is 1 sec, State DR, Priority 1

  Designated Router (ID) 192.168.201.3, Interface address 192.168.13.2

  Backup Designated router (ID) 192.168.201.2, Interface address 192.168.13.1

  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

    Hello due in 00:00:08

  Index 1/1, flood queue length 0

  Next 0x0(0)/0x0(0)

  Last flood scan length is 2, maximum is 2

  Last flood scan time is 0 msec, maximum is 0 msec

  Neighbor Count is 1, Adjacent neighbor count is 1

    Adjacent with neighbor 192.168.201.2  (Backup Designated Router)

  Suppress hello for 0 neighbor(s)



hardy# sh ip ospf database



       OSPF Router with ID (192.168.201.3) (Process ID 1)





                Router Link States (Area 1)



Link ID         ADV Router      Age         Seq#       Checksum Link count

192.168.201.2   192.168.201.2   516         0x80000019 0xCB5D   2

192.168.201.3   192.168.201.3   688         0x80000009 0x97E1   2



                Net Link States (Area 1)



Link ID         ADV Router      Age         Seq#       Checksum

192.168.13.2    192.168.201.3   688         0x80000005 0x67B5



                Summary Net Link States (Area 1)



Link ID         ADV Router      Age         Seq#       Checksum

192.168.1.0     192.168.201.2   262         0x80000008 0x4044

192.168.2.0     192.168.201.2   262         0x80000003 0x3554

192.168.7.0     192.168.201.2   778         0x80000018 0xC9A6

192.168.14.0    192.168.201.2   1541        0x8000001D 0x72F1

192.168.19.0    192.168.201.2   778         0x80000004 0xD19C

192.168.80.0    192.168.201.2   262         0x80000003 0xD763

192.168.201.1   192.168.201.2   778         0x80000004 0x932C

192.168.201.2   192.168.201.2   1541        0x80000011 0xBB0

192.168.201.4   192.168.201.2   778         0x80000004 0xD9D8



                Type-7 AS External Link States (Area 1)



Link ID         ADV Router      Age         Seq#       Checksum Tag

0.0.0.0         192.168.201.2   516         0x80000003 0x8876   0

Example 9-17. Chaplin Configuration and Diagnostic Output

chaplin# sh running-config

...

router ospf 1

 router-id 192.168.201.4

 log-adjacency-changes

 area 5 virtual-link 192.168.1.1

 area 5 virtual-link 192.168.201.2

 area 7 stub no-summary

 passive-interface Serial0

 passive-interface Serial1

 network 192.168.19.0 0.0.0.255 area 5

 network 192.168.201.4 0.0.0.0 area 7

 maximum-paths 2

...



chaplin# sh ip ospf virtual-links

Virtual Link OSPF_VL1 to router 192.168.1.1 is up

  Run as demand circuit

  DoNotAge LSA not allowed (Number of DCbitless LSA is 10).

  Transit area 5, via interface Ethernet0, Cost of using 20

  Transmit Delay is 1 sec, State POINT_TO_POINT,

  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

    Hello due in 00:00:05

    Adjacency State FULL

    Index 2/3, retransmission queue length 0, number of retransmission 2

    First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)

    Last retransmission scan length is 2, maximum is 2

    Last retransmission scan time is 0 msec, maximum is 0 msec

Virtual Link OSPF_VL0 to router 192.168.201.2 is up

  Run as demand circuit

  DoNotAge LSA not allowed (Number of DCbitless LSA is 10).

  Transit area 5, via interface Ethernet0, Cost of using 20

  Transmit Delay is 1 sec, State POINT_TO_POINT,

  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

    Hello due in 00:00:05

    Adjacency State FULL (Hello suppressed)

    Index 1/2, retransmission queue length 0, number of retransmission 3

    First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)

    Last retransmission scan length is 2, maximum is 2

    Last retransmission scan time is 4 msec, maximum is 4 msec



chaplin# sh ip ospf border-routers



OSPF Process 1 internal Routing Table



Codes: i - Intra-area route, I - Inter-area route



i 192.168.44.1 [21] via 192.168.19.1, Ethernet0, ASBR, Area 0, SPF 14

i 192.168.1.1 [20] via 192.168.19.1, Ethernet0, ABR/ASBR, Area 0, SPF 14

i 192.168.1.1 [20] via 192.168.19.1, Ethernet0, ABR/ASBR, Area 5, SPF 5

i 192.168.201.2 [20] via 192.168.19.1, Ethernet0, ABR/ASBR, Area 0, SPF 14

i 192.168.201.2 [20] via 192.168.19.1, Ethernet0, ABR/ASBR, Area 5, SPF 5

i 192.168.201.1 [10] via 192.168.19.1, Ethernet0, ASBR, Area 5, SPF 5

i 192.168.2.7 [22] via 192.168.19.1, Ethernet0, ASBR, Area 0, SPF 14



chaplin# sh ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

       * - candidate default, U - per-user static route, o - ODR

       P - periodic downloaded static route



Gateway of last resort is 192.168.19.1 to network 0.0.0.0



     192.168.13.0/29 is subnetted, 1 subnets

O IA    192.168.13.0 [110/26] via 192.168.19.1, 01:12:23, Ethernet0

O    192.168.14.0/24 [110/20] via 192.168.19.1, 01:12:23, Ethernet0

     192.168.201.0/32 is subnetted, 4 subnets

O       192.168.201.1 [110/11] via 192.168.19.1, 01:12:23, Ethernet0

O IA    192.168.201.3 [110/27] via 192.168.19.1, 01:12:23, Ethernet0

O       192.168.201.2 [110/21] via 192.168.19.1, 01:12:23, Ethernet0

C       192.168.201.4 is directly connected, Loopback0

O    192.168.80.0/24 [110/22] via 192.168.19.1, 01:12:23, Ethernet0

O E2 111.11.117.0/24 [110/1] via 192.168.19.1, 01:12:13, Ethernet0

O    192.168.7.0/24 [110/23] via 192.168.19.1, 01:12:23, Ethernet0

     192.168.1.0/24 is variably subnetted, 4 subnets, 2 masks

O E2    192.168.1.1/32 [110/1] via 192.168.19.1, 00:56:19, Ethernet0

O       192.168.1.0/24 [110/21] via 192.168.19.1, 01:12:23, Ethernet0

O E2    192.168.1.2/32 [110/1] via 192.168.19.1, 01:12:13, Ethernet0

O E2    192.168.1.254/32 [110/1] via 192.168.19.1, 01:12:13, Ethernet0

O    192.168.2.0/24 [110/22] via 192.168.19.1, 01:12:23, Ethernet0

C    192.168.19.0/24 is directly connected, Ethernet0

O*E2 0.0.0.0/0 [110/1] via 192.168.19.1, 01:12:13, Ethernet0

O IA 192.168.16.0/23 [110/26] via 192.168.19.1, 01:12:23, Ethernet0

Example 9-18. Laurel Configuration and Diagnostic Output

laurel# sh running-config

...

router ospf 1

 router-id 192.168.201.1

 log-adjacency-changes

 redistribute connected subnets

 redistribute static subnets

 passive-interface Serial0

 passive-interface Serial1

 network 192.168.14.0 0.0.0.255 area 5

 network 192.168.19.0 0.0.0.255 area 5

 network 192.168.201.1 0.0.0.0 area 5

...



laurel# sh ip ospf

 Routing Process "ospf 1" with ID 192.168.201.1 and Domain ID 0.0.0.1

 Supports only single TOS(TOS0) routes

 Supports opaque LSA

 It is an autonomous system boundary router

 Redistributing External Routes from,

    connected, includes subnets in redistribution

    static, includes subnets in redistribution

 SPF schedule delay 5 secs, Hold time between two SPFs 10 secs

 Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs

 Number of external LSA 7. Checksum Sum 0x36FD1

 Number of opaque AS LSA 0. Checksum Sum 0x0

 Number of DCbitless external and opaque AS LSA 7

 Number of DoNotAge external and opaque AS LSA 0

 Number of areas in this router is 1. 1 normal 0 stub 0 nssa

 External flood list length 0

    Area 5

        Number of interfaces in this area is 3

        Area has no authentication

        SPF algorithm executed 4 times

        Area ranges are

        Number of LSA 42. Checksum Sum 0x146F0A

        Number of opaque link LSA 0. Checksum Sum 0x0

        Number of DCbitless LSA 12

        Number of indication LSA 0

        Number of DoNotAge LSA 0

        Flood list length 0



laurel# sh ip ospf neighbor



Neighbor ID     Pri   State           Dead Time   Address         Interface

192.168.201.4     1   FULL/DR         00:00:38    192.168.19.2    Ethernet1

192.168.201.2     1   FULL/DR         00:00:30    192.168.14.254  Ethernet0

192.168.1.1       0   FULL/DROTHER    00:00:38    192.168.14.1    Ethernet0

Exercise 9-3: Exporting Loopback Addresses

Why does GateD not export/redistribute ganymed's lo1 interface address 192.168.44.1? If you figure it out, let me know.

Lab 9-5: Leaf-Area Design Featuring Zebra and Cisco IOS Software

This lab features the same topology as Lab 9-4 (Figure 9-3) with the difference that all UNIX gateways are running the Zebra zebra/ospfd now instead of GateD. However, they are implementing the same functionality.

NOTE

The configurations of the Cisco IOS routers are exactly as in Lab 9-4; therefore, they are omitted here.

Examples 9-19 to 9-21 present the Zebra ospfd configurations and relevant show commands for the three UNIX gateways callisto, castor, and ganymed. These examples also show the routing situation from the gateway's routing table point of view. Therefore, we can compare the OSPF RIB link-state database (LSDB) and the UNIX forwarding table.

Example 9-19. Zebra OSPF Configuration and Output on Callisto

[root@callisto:~#] telnet localhost 2604

Trying 127.0.0.1...

Connected to localhost (127.0.0.1).

Escape character is '^]'.

Hello, this is zebra (version 0.94).

Copyright 1996-2002 Kunihiro Ishiguro.

User Access Verification

Password:



callisto-ospfd# show running-config



Current configuration:

!

hostname callisto-ospfd

password 8 m6eyKycFMHniQ

enable password 8 bjYlnA9YLBWyM

log file /var/log/ospfd.log

service advanced-vty

service password-encryption

!

interface lo

!

interface eth0

!

interface eth1

!

interface ipsec0

!

interface ipsec1

!

interface ipsec2

!

interface ipsec3

!

interface eth1:1

!

interface lo1

!

router ospf

 ospf router-id 192.168.1.1

 compatible rfc1583

 redistribute connected

 redistribute static

 network 192.168.1.0/24 area 0

 network 192.168.14.0/24 area 5

 network 192.168.45.0/24 area 0

 area 5 virtual-link 192.168.201.4

 capability opaque

!

access-list 1 remark vty-protection

access-list 1 permit 127.0.0.1

access-list 1 permit 192.168.1.0 0.0.0.255

!

line vty

 access-class 1

 exec-timeout 15 0

!

end



callisto-ospfd# show ip ospf

 OSPF Routing Process, Router ID: 192.168.1.1

 Supports only single TOS (TOS0) routes

 This implementation conforms to RFC2328

 RFC1583Compatibility flag is enabled

 OpaqueCapability flag is enabled

 SPF schedule delay 5 secs, Hold time between two SPFs 10 secs

 Refresh timer 10 secs

 This router is an ABR, ABR type is: Standard (RFC2328)

 This router is an ASBR (injecting external routing information)

 Number of external LSA 3

 Number of areas attached to this router: 2



 Area ID: 0.0.0.0 (Backbone)

   Number of interfaces in this area: Total: 2, Active: 3

   Number of fully adjacent neighbors in this area: 2

   Area has no authentication

   SPF algorithm executed 12 times

   Number of LSA 29



 Area ID: 0.0.0.5

   Shortcutting mode: Default, S-bit consensus: no

   Number of interfaces in this area: Total: 1, Active: 2

   Number of fully adjacent neighbors in this area: 2

   Area has no authentication

   Number of full virtual adjacencies going through this area: 1

   SPF algorithm executed 12 times

   Number of LSA 35



callisto-ospfd# show ip ospf interface

lo is up, line protocol is up

  OSPF not enabled on this interface

eth0 is up, line protocol is up

  Internet Address 192.168.14.1/24, Area 0.0.0.5

  Router ID 192.168.1.1, Network Type BROADCAST, Cost: 10

  Transmit Delay is 1 sec, State DR, Priority 1

  Designated Router (ID) 192.168.1.1, Interface Address 192.168.14.1

  Backup Designated Router (ID) 192.168.201.2, Interface Address 192.168.14.254

  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

    Hello due in 00:00:04

  Neighbor Count is 2, Adjacent neighbor count is 2

eth1 is up, line protocol is up

  Internet Address 192.168.1.1/24, Area 0.0.0.0

  Router ID 192.168.1.1, Network Type BROADCAST, Cost: 10

  Transmit Delay is 1 sec, State Backup, Priority 1

  Designated Router (ID) 192.168.1.254, Interface Address 192.168.1.254

  Backup Designated Router (ID) 192.168.1.1, Interface Address 192.168.1.1

  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

    Hello due in 00:00:09

  Neighbor Count is 1, Adjacent neighbor count is 1

ipsec0 is up, line protocol is up

  OSPF not enabled on this interface

ipsec1 is down, line protocol is down

  OSPF not enabled on this interface

ipsec2 is down, line protocol is down

  OSPF not enabled on this interface

ipsec3 is down, line protocol is down

  OSPF not enabled on this interface

eth1:1 is down, line protocol is down

  OSPF not enabled on this interface

lo1 is down, line protocol is down

  OSPF not enabled on this interface

VLINK0 is up, line protocol is up

  Internet Address 192.168.14.1/24, Area 0.0.0.0

  Router ID 192.168.1.1, Network Type VIRTUALLINK, Cost: 20

  Transmit Delay is 1 sec, State Point-To-Point, Priority 1

  No designated router on this network

  No backup designated router on this network

  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

    Hello due in 00:00:09

  Neighbor Count is 1, Adjacent neighbor count is 1



callisto-ospfd# show ip ospf neighbor



Neighbor ID    Pri  State           Dead Time   Address         Interface     RXmtL RqstL

 DBsmL

192.168.201.4   1  Full/DROther   00:00:34   192.168.19.2    VLINK0               0

0     0

192.168.201.1   1   Full/DROther  00:00:36   192.168.14.2    eth0:192.168.14.1    0

0     0

192.168.201.2   1   Full/Backup   00:00:36   192.168.14.254  eth0:192.168.14.1    0

0     0

192.168.1.254   1   Full/DR       00:00:38   192.168.1.254   eth1:192.168.1.1     0

0     0



callisto-ospfd# show ip ospf neighbor detail

 Neighbor 192.168.201.4, interface address 192.168.19.2

    In the area 0.0.0.0 via interface VLINK0

    Neighbor priority is 1, State is Full, 4 state changes

    DR is 0.0.0.0, BDR is 0.0.0.0

    Options 98 * | O | DC | -|-|-| E |*

    Dead timer due in 00:00:31

    Database Summary List 0

    Link State Request List 0

    Link State Retransmission List 0

    Thread Inactivity Timer on

    Thread Database Description Retransmision off

    Thread Link State Request Retransmission off

    Thread Link State Update Retransmission on



 Neighbor 192.168.201.1, interface address 192.168.14.2

    In the area 0.0.0.5 via interface eth0

    Neighbor priority is 1, State is Full, 5 state changes

    DR is 192.168.14.1, BDR is 192.168.14.254

    Options 66 * | O | -|-|-|-| E |*

    Dead timer due in 00:00:33

    Database Summary List 0

    Link State Request List 0

    Link State Retransmission List 0

    Thread Inactivity Timer on

    Thread Database Description Retransmision off

    Thread Link State Request Retransmission on

    Thread Link State Update Retransmission on



 Neighbor 192.168.201.2, interface address 192.168.14.254

    In the area 0.0.0.5 via interface eth0

    Neighbor priority is 1, State is Full, 5 state changes

    DR is 192.168.14.1, BDR is 192.168.14.254

    Options 66 * | O | - | - | - | - | E | *

    Dead timer due in 00:00:33

    Database Summary List 0

    Link State Request List 0

    Link State Retransmission List 0

    Thread Inactivity Timer on

    Thread Database Description Retransmision off

    Thread Link State Request Retransmission on

    Thread Link State Update Retransmission on



 Neighbor 192.168.1.254, interface address 192.168.1.254

    In the area 0.0.0.0 via interface eth1

    Neighbor priority is 1, State is Full, 6 state changes

    DR is 192.168.1.254, BDR is 192.168.1.1

    Options 66 * | O |- |- |- |- |E |*

    Dead timer due in 00:00:35

    Database Summary List 0

    Link State Request List 0

    Link State Retransmission List 0

    Thread Inactivity Timer on

    Thread Database Description Retransmision off

    Thread Link State Request Retransmission on

    Thread Link State Update Retransmission on



callisto-ospfd# show ip ospf border-routers

============ OSPF router routing table =============

R    192.168.1.1        IA [40] area: 0.0.0.0, ASBR

                           via 192.168.1.254, eth1

                           via 192.168.14.254, eth0

                           via 192.168.14.2, eth0

R    192.168.1.254         [10] area: 0.0.0.0, ASBR

                           via 192.168.1.254, eth1

R    192.168.2.7           [20] area: 0.0.0.0, ASBR

                           via 192.168.1.254, eth1

                           via 192.168.14.254, eth0

R    192.168.201.1         [10] area: 0.0.0.5, ASBR

                           via 192.168.14.2, eth0

R    192.168.201.2         [30] area: 0.0.0.0, ABR, ASBR

                           via 192.168.1.254, eth1

                           [10] area: 0.0.0.5, ABR, ASBR

                           via 192.168.14.254, eth0

R    192.168.201.4         [20] area: 0.0.0.5, ABR

                           via 192.168.14.2, eth0



callisto-ospfd# show ip ospf database



       OSPF Router with ID (192.168.1.1)



                Router Link States (Area 0.0.0.0)



Link ID         ADV Router      Age  Seq#       CkSum  Link count

192.168.1.1     192.168.1.1      170 0x80000006 0x724f 2

192.168.1.254   192.168.1.254    301 0x80000007 0xeb38 3

192.168.2.7     192.168.2.7      262 0x8000000a 0x8e5a 3

192.168.201.2   192.168.201.2   1887 0x80000004 0x7a3f 3

192.168.201.4   192.168.201.4   1912 0x80000003 0xeafe 2



                Net Link States (Area 0.0.0.0)



Link ID         ADV Router      Age  Seq#       CkSum

192.168.1.254   192.168.1.254    592 0x80000003 0x8a26

192.168.2.254   192.168.1.254    305 0x80000003 0xc4e3

192.168.7.7     192.168.2.7      267 0x80000003 0x6264

192.168.80.254  192.168.1.254    305 0x80000003 0x67f2



                Summary Link States (Area 0.0.0.0)



Link ID         ADV Router      Age  Seq#       CkSum  Route

192.168.13.0    192.168.201.2   1887 0x80000002 0xbbd5 192.168.13.0/29

192.168.14.0    192.168.1.1      683 0x80000003 0x6608 192.168.14.0/24

192.168.14.0    192.168.201.2   1887 0x80000004 0xfe84 192.168.14.0/24

192.168.14.0    192.168.201.4   1912 0x80000002 0x5b1e 192.168.14.0/24

192.168.16.0    192.168.201.2   1887 0x80000002 0xbfc8 192.168.16.0/23

192.168.19.0    192.168.1.1      813 0x80000003 0x93cb 192.168.19.0/24

192.168.19.0    192.168.201.2   1887 0x80000002 0x3046 192.168.19.0/24

192.168.19.0    192.168.201.4   1912 0x80000002 0xbfbe 192.168.19.0/24

192.168.201.1   192.168.1.1     1513 0x80000002 0x575a 192.168.201.1/32

192.168.201.1   192.168.201.2   1887 0x80000002 0xf1d5 192.168.201.1/32

192.168.201.1   192.168.201.4   1912 0x80000002 0xe5df 192.168.201.1/32

192.168.201.3   192.168.201.2   1887 0x80000002 0xb514 192.168.201.3/32

192.168.201.4   192.168.201.4   1912 0x80000002 0x6369 192.168.201.4/32



                ASBR-Summary Link States (Area 0.0.0.0)



Link ID         ADV Router      Age  Seq#       CkSum

192.168.1.1     192.168.201.2   1887 0x80000002 0x7a16

192.168.1.1     192.168.201.4   1912 0x80000002 0xd2b1

192.168.201.1   192.168.1.1      253 0x80000003 0x3d73

192.168.201.1   192.168.201.2   1887 0x80000002 0xd9ed

192.168.201.1   192.168.201.4   1912 0x80000002 0xcdf7

192.168.201.2   192.168.1.1      843 0x80000003 0x337c

192.168.201.2   192.168.201.4   1912 0x80000002 0x2892



                Router Link States (Area 0.0.0.5)



Link ID         ADV Router      Age  Seq#       CkSum  Link count

192.168.1.1     192.168.1.1      171 0x80000007 0xa1d3 1

192.168.201.1   192.168.201.1   1789 0x80000004 0x521e 3

192.168.201.2   192.168.201.2   1885 0x80000003 0x715a 1

192.168.201.4   192.168.201.4   1913 0x80000004 0xebce 1



                Net Link States (Area 0.0.0.5)



Link ID         ADV Router      Age  Seq#       CkSum

192.168.14.1    192.168.1.1      191 0x80000004 0x8f0b

192.168.19.2    192.168.201.4   1913 0x80000002 0xa572

                Summary Link States (Area 0.0.0.5)



Link ID         ADV Router      Age  Seq#       CkSum  Route

192.168.1.0     192.168.1.1      833 0x80000003 0xf585 192.168.1.0/24

192.168.1.0     192.168.201.2   1885 0x80000002 0x5b23 192.168.1.0/24

192.168.1.0     192.168.201.4   1913 0x80000002 0x4f2d 192.168.1.0/24

192.168.2.0     192.168.1.1     1393 0x80000003 0x4f21 192.168.2.0/24

192.168.2.0     192.168.201.2   1885 0x80000002 0xeb9b 192.168.2.0/24

192.168.2.0     192.168.201.4   1913 0x80000002 0xa8c8 192.168.2.0/24

192.168.7.0     192.168.201.2   1885 0x80000004 0x4c3e 192.168.7.0/24

192.168.7.0     192.168.201.4   1913 0x80000002 0x0d69 192.168.7.0/24

192.168.13.0    192.168.201.2   1885 0x80000002 0xbbd5 192.168.13.0/29

192.168.13.0    192.168.201.4   1913 0x80000002 0x7803 192.168.13.0/29

192.168.16.0    192.168.201.2   1885 0x80000002 0xbfc8 192.168.16.0/23

192.168.16.0    192.168.201.4   1913 0x80000002 0x7cf5 192.168.16.0/23

192.168.80.0    192.168.1.1     1653 0x80000002 0xf32f 192.168.80.0/24

192.168.80.0    192.168.201.2   1885 0x80000002 0x8eaa 192.168.80.0/24

192.168.80.0    192.168.201.4   1913 0x80000002 0x4bd7 192.168.80.0/24

192.168.201.2   192.168.201.2   1885 0x80000002 0x834d 192.168.201.2/32

192.168.201.2   192.168.201.4   1913 0x80000002 0x407a 192.168.201.2/32

192.168.201.3   192.168.201.2   1885 0x80000002 0xb514 192.168.201.3/32

192.168.201.3   192.168.201.4   1913 0x80000002 0x7241 192.168.201.3/32

192.168.201.4   192.168.201.2   1885 0x80000002 0x3882 192.168.201.4/32

192.168.201.4   192.168.201.4   1913 0x80000002 0x6369 192.168.201.4/32



                ASBR-Summary Link States (Area 0.0.0.5)



Link ID         ADV Router      Age  Seq#       CkSum

192.168.1.1     192.168.201.2   1885 0x80000002 0x4339

192.168.1.1     192.168.201.4   1913 0x80000002 0xd2b1

192.168.1.254   192.168.1.1      763 0x80000003 0xf189

192.168.1.254   192.168.201.2   1885 0x80000002 0xf295

192.168.1.254   192.168.201.4   1913 0x80000002 0x4b31

192.168.2.7     192.168.201.2   1885 0x80000002 0x3356

192.168.2.7     192.168.201.4   1913 0x80000002 0xef83

192.168.201.2   192.168.201.4   1913 0x80000002 0x2892



                AS External Link States



Link ID         ADV Router      Age  Seq#       CkSum  Route

172.16.7.0      192.168.2.7     1218 0x80000002 0x92f4 E2 172.16.7.0/24 [0x0]

192.168.44.0    192.168.1.254   1726 0x80000003 0x03ba E2 192.168.44.0/24 [0x0]

111.11.117.0    192.168.1.254    694 0x80000003 0x7c5c E2 111.11.117.0/24 [0x0]



callisto-ospfd# show ip ospf route

============ OSPF network routing table ============

N    192.168.1.0/24        [10] area: 0.0.0.0

                           directly attached to eth1

N    192.168.2.0/24        [20] area: 0.0.0.0

                           via 192.168.1.254, eth1

N    192.168.7.0/24        [20] area: 0.0.0.0

                           via 192.168.14.254, eth0

N IA 192.168.13.0/29       [16] area: 0.0.0.0

                           via 192.168.14.254, eth0

N    192.168.14.0/24       [10] area: 0.0.0.5

                           directly attached to eth0

N IA 192.168.16.0/23       [16] area: 0.0.0.0

                           via 192.168.14.254, eth0

N    192.168.19.0/24       [20] area: 0.0.0.5

                           via 192.168.14.2, eth0

N    192.168.80.0/24       [20] area: 0.0.0.0

                           via 192.168.1.254, eth1

N    192.168.201.1/32      [11] area: 0.0.0.5

                           via 192.168.14.2, eth0

N    192.168.201.2/32      [11] area: 0.0.0.0

                           via 192.168.14.254, eth0

N IA 192.168.201.3/32      [17] area: 0.0.0.0

                           via 192.168.14.254, eth0

N IA 192.168.201.4/32      [21] area: 0.0.0.0

                           via 192.168.14.2, eth0



============ OSPF router routing table =============

R    192.168.1.1        IA [40] area: 0.0.0.0, ASBR

                           via 192.168.1.254, eth1

                           via 192.168.14.254, eth0

                           via 192.168.14.2, eth0

R    192.168.1.254         [10] area: 0.0.0.0, ASBR

                           via 192.168.1.254, eth1

R    192.168.2.7           [20] area: 0.0.0.0, ASBR

                           via 192.168.1.254, eth1

                           via 192.168.14.254, eth0

R    192.168.201.1         [10] area: 0.0.0.5, ASBR

                           via 192.168.14.2, eth0

R    192.168.201.2         [30] area: 0.0.0.0, ABR, ASBR

                           via 192.168.1.254, eth1

                           [10] area: 0.0.0.5, ABR, ASBR

                           via 192.168.14.254, eth0

R    192.168.201.4         [20] area: 0.0.0.5, ABR

                           via 192.168.14.2, eth0



============ OSPF external routing table ===========

N E2 172.16.7.0/24         [20/20] tag: 0

                           via 192.168.1.254, eth1

                           via 192.168.14.254, eth0

N E2 192.168.44.0/24       [10/20] tag: 0

                           via 192.168.1.254, eth1

N E2 111.11.117.0/24       [10/20] tag: 0

                           via 192.168.1.254, eth1



[root@callisto:~#] telnet localhost 2601

Trying 127.0.0.1...

Connected to localhost (127.0.0.1).

Escape character is '^]'.

Hello, this is zebra (version 0.94).

Copyright 1996-2002 Kunihiro Ishiguro.

User Access Verification

Password:



callisto-zebra# show running-config



Current configuration:

!

hostname callisto-zebra

password 8 UUXADe4FP7VQU

enable password 8 6SyP71b.8BZnk

log file /var/log/zebra.log

service advanced-vty

service password-encryption

!

interface lo

!

interface eth0

 multicast

!

interface eth1

 multicast

!

interface ipsec0

!

interface ipsec1

!

interface ipsec2

!

interface ipsec3

!

interface eth1:1

 multicast

!

access-list 1 remark vty-protection

access-list 1 permit 127.0.0.1

access-list 1 permit 192.168.1.0 0.0.0.255

!

!

line vty

 access-class 1

 exec-timeout 15 0

!

end



callisto-zebra# show ip route

Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,

       B - BGP, > - selected route, * - FIB route



K>* 0.0.0.0/0 via 192.168.1.254, eth1

K * 127.0.0.0/8 is directly connected, lo

C>* 127.0.0.0/8 is directly connected, lo

O>* 172.16.7.0/24 [110/20] via 192.168.1.254, eth1, 01:07:00

  *                        via 192.168.14.254, eth0, 01:07:00

O   192.168.1.0/24 [110/10] is directly connected, eth1, 01:14:03

K * 192.168.1.0/24 is directly connected, eth1

C * 192.168.1.0/24 is directly connected, ipsec0

C>* 192.168.1.0/24 is directly connected, eth1

O>* 192.168.2.0/24 [110/20] via 192.168.1.254, eth1, 01:13:53

O>* 192.168.7.0/24 [110/20] via 192.168.14.254, eth0, 01:07:01

O>* 192.168.13.0/29 [110/16] via 192.168.14.254, eth0, 01:07:01

O   192.168.14.0/24 [110/10] is directly connected, eth0, 01:14:03

K * 192.168.14.0/24 is directly connected, eth0

C>* 192.168.14.0/24 is directly connected, eth0

O>* 192.168.16.0/23 [110/16] via 192.168.14.254, eth0, 01:07:01

O>* 192.168.19.0/24 [110/20] via 192.168.14.2, eth0, 01:07:11

O>* 192.168.44.0/24 [110/20] via 192.168.1.254, eth1, 01:13:52

O>* 192.168.80.0/24 [110/20] via 192.168.1.254, eth1, 01:09:05

O>* 192.168.201.1/32 [110/11] via 192.168.14.2, eth0, 01:07:11

O>* 192.168.201.2/32 [110/11] via 192.168.14.254, eth0, 01:07:01

O>* 192.168.201.3/32 [110/17] via 192.168.14.254, eth0, 01:07:01

O>* 192.168.201.4/32 [110/21] via 192.168.14.2, eth0, 01:06:51

O>* 111.11.117.0/24 [110/20] via 192.168.1.254, eth1, 01:13:52



[root@callisto:~#] ip route

192.168.201.2 via 192.168.14.254 dev eth0  proto zebra  metric 11 equalize

192.168.201.3 via 192.168.14.254 dev eth0  proto zebra  metric 17 equalize

192.168.201.1 via 192.168.14.2 dev eth0  proto zebra  metric 11 equalize

192.168.201.4 via 192.168.14.2 dev eth0  proto zebra  metric 21 equalize

192.168.13.0/29 via 192.168.14.254 dev eth0  proto zebra  metric 16 equalize

192.168.7.0/24 via 192.168.14.254 dev eth0  proto zebra  metric 20 equalize

172.16.7.0/24  proto zebra  metric 20 equalize

        nexthop via 192.168.1.254  dev eth1 weight 1

        nexthop via 192.168.14.254  dev eth0 weight 1

111.11.117.0/24 via 192.168.1.254 dev eth1  proto zebra  metric 20 equalize

192.168.19.0/24 via 192.168.14.2 dev eth0  proto zebra  metric 20 equalize

192.168.2.0/24 via 192.168.1.254 dev eth1  proto zebra  metric 20 equalize

192.168.80.0/24 via 192.168.1.254 dev eth1  proto zebra  metric 20 equalize

192.168.1.0/24 dev eth1  scope link

192.168.1.0/24 dev ipsec0  proto kernel  scope link  src 192.168.1.1

192.168.14.0/24 dev eth0  scope link

192.168.44.0/24 via 192.168.1.254 dev eth1  proto zebra  metric 20 equalize

192.168.16.0/23 via 192.168.14.254 dev eth0  proto zebra  metric 16 equalize

127.0.0.0/8 dev lo  scope link

default via 192.168.1.254 dev eth1



[root@callisto:~#] netstat -rne

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

192.168.201.2   192.168.14.254  255.255.255.255 UGH   11     0        0 eth0

192.168.201.3   192.168.14.254  255.255.255.255 UGH   17     0        0 eth0

192.168.201.1   192.168.14.2    255.255.255.255 UGH   11     0        0 eth0

192.168.201.4   192.168.14.2    255.255.255.255 UGH   21     0        0 eth0

192.168.13.0    192.168.14.254  255.255.255.248 UG    16     0        0 eth0

192.168.7.0     192.168.14.254  255.255.255.0   UG    20     0        0 eth0

172.16.7.0      192.168.1.254   255.255.255.0   UG    20     0        0 eth1

111.11.117.0    192.168.1.254   255.255.255.0   UG    20     0        0 eth1

192.168.19.0    192.168.14.2    255.255.255.0   UG    20     0        0 eth0

192.168.2.0     192.168.1.254   255.255.255.0   UG    20     0        0 eth1

192.168.80.0    192.168.1.254   255.255.255.0   UG    20     0        0 eth1

192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1

192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 ipsec0

192.168.14.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0

192.168.44.0    192.168.1.254   255.255.255.0   UG    20     0        0 eth1

192.168.16.0    192.168.14.254  255.255.254.0   UG    16     0        0 eth0

127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo

0.0.0.0         192.168.1.254   0.0.0.0         UG    0      0        0 eth1

Note that one static route, 172.16.7.0/24, has been added to demonstrate administrative distance assignment to a route in Example 9-20.

Example 9-20. Zebra OSPF Configuration and Output on Castor

[root@castor:~#] netstat -rn -f inet

Routing tables



Internet:

Destination        Gateway            Flags    Refs      Use  Netif Expire

default            192.168.2.254      UGSc        2        0    xl0

127.0.0.1          127.0.0.1          UH          0     4154    lo0

172.16.7/24        link#1             UC1         0        0    xl0

192.168.1          192.168.2.254      UG1c        1       99    xl0

192.168.2          link#1             UC          1        0    xl0

192.168.2.254      52:54:05:e3:e4:2f  UHLW        7       96    xl0   1162

192.168.7          link#2             UC          1        0    ed0

192.168.7.254      00:00:0c:1a:a9:a8  UHLW       10      219    ed0    522

192.168.13/29      192.168.7.254      UG1c        0        3    ed0

192.168.14         192.168.7.254      UG1c        0        0    ed0

192.168.16/23      192.168.7.254      UG1c        0        0    ed0

192.168.19         192.168.7.254      UG1c        0        0    ed0

192.168.44         192.168.2.254      UG1c        0        0    xl0

192.168.80         link#14            UC          1        0  vlan8

192.168.80.254     52.54.5.e3.e4.2f   UHLW        0        0  vlan8    264

192.168.201.1      192.168.7.254      UGH1        0        0    ed0

192.168.201.2      192.168.7.254      UGH1        0        0    ed0

192.168.201.3      192.168.7.254      UGH1        0       80    ed0

192.168.201.4      192.168.7.254      UGH1        0        0    ed0

111.11.117         192.168.2.254      UG1c        0        0    xl0



[root@castor:~#] telnet localhost 2601

Trying 127.0.0.1...

Connected to localhost.nerdzone.org.

Escape character is '^]'.

Hello, this is zebra (version 0.93a).

Copyright 1996-2002 Kunihiro Ishiguro.

User Access Verification

Password:



castor-zebra# show running-config



Current configuration:

!

hostname castor-zebra

password 8 bJFoEOB0obLL6

enable password 8 4DwwIFdKLWvU.

log file /var/log/zebra.log

service advanced-vty

service password-encryption

!

interface xl0

 ip address 192.168.2.7/24

 multicast

 ipv6 nd suppress-ra

!

interface ed0

 ip address 192.168.7.7/24

 multicast

 ipv6 nd suppress-ra

!

interface lp0

 ipv6 nd suppress-ra

!

interface ppp0

 ipv6 nd suppress-ra

!

interface ppp1

 ipv6 nd suppress-ra

!

interface sl0

 ipv6 nd suppress-ra

!

interface sl1

 ipv6 nd suppress-ra

!

interface ds0

!

interface stf0

 ipv6 nd suppress-ra

!

interface faith0

 ipv6 nd suppress-ra

!

interface vlan0

 ipv6 nd suppress-ra

!

interface vlan1

 ipv6 nd suppress-ra

!

interface lo0

!

interface vlan8

 multicast

 ipv6 nd suppress-ra

!

interface gif0

 ipv6 nd suppress-ra

!

ip route 172.16.7.0/24 xl0 22

!

access-list 1 remark vty-protection

access-list 1 permit 127.0.0.1

access-list 1 permit 192.168.1.0 0.0.0.255

!

!

line vty

 access-class 1

 exec-timeout 15 0

!

end



castor-zebra# show ip route

Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,

 I - IS-IS,

       B - BGP, > - selected route, * - FIB route



K>* 0.0.0.0/0 via 192.168.2.254, xl0

C>* 127.0.0.0/8 is directly connected, lo0

S>* 172.16.7.0/24 [22/0] is directly connected, xl0

O>* 192.168.1.0/24 [110/20] via 192.168.2.254, xl0, 01:28:22

  *                         via 192.168.80.254, vlan8, 01:28:22

O   192.168.2.0/24 [110/10] is directly connected, xl0, 01:28:22

C>* 192.168.2.0/24 is directly connected, xl0

O   192.168.7.0/24 [110/10] is directly connected, ed0, 01:28:32

C>* 192.168.7.0/24 is directly connected, ed0

O>* 192.168.13.0/29 [110/16] via 192.168.7.254, ed0, 01:27:31

O>* 192.168.14.0/24 [110/20] via 192.168.7.254, ed0, 01:27:41

O>* 192.168.16.0/23 [110/16] via 192.168.7.254, ed0, 01:27:21

O>* 192.168.19.0/24 [110/30] via 192.168.7.254, ed0, 01:26:27

O>* 192.168.44.0/24 [110/20] via 192.168.2.254, xl0, 01:28:21

  *                          via 192.168.80.254, vlan8, 01:28:21

O   192.168.80.0/24 [110/10] is directly connected, vlan8, 01:28:22

C>* 192.168.80.0/24 is directly connected, vlan8

O>* 192.168.201.1/32 [110/21] via 192.168.7.254, ed0, 01:26:27

O>* 192.168.201.2/32 [110/11] via 192.168.7.254, ed0, 01:27:41

O>* 192.168.201.3/32 [110/17] via 192.168.7.254, ed0, 01:27:31

O>* 192.168.201.4/32 [110/31] via 192.168.7.254, ed0, 01:26:07

O>* 111.11.117.0/24 [110/20] via 192.168.2.254, xl0, 01:28:21

  *                          via 192.168.80.254, vlan8, 01:28:21



[root@castor:~#] telnet localhost 2604

Trying 127.0.0.1...

Connected to localhost.nerdzone.org.

Escape character is '^]'.

Hello, this is zebra (version 0.93a).

Copyright 1996-2002 Kunihiro Ishiguro.

User Access Verification

Password:



castor-ospfd# show running-config



Current configuration:

!

hostname castor-ospfd

password 8 4DwwIFdKLWvU.

enable password 8 dV8x4MhxDAuaw

log file /var/log/ospfd.log

service advanced-vty

service password-encryption

!

interface xl0

!

interface ed0

!

interface lp0

 ip ospf network point-to-point

!

interface sl0

 ip ospf network point-to-point

!

interface sl1

 ip ospf network point-to-point

!

interface ds0

!

interface stf0

!

interface faith0

!

interface vlan0

!

interface vlan1

!

interface lo0

!

interface ppp0

 ip ospf network point-to-point

!

interface ppp1

 ip ospf network point-to-point

!

interface vlan8

!

interface lo1

!

router ospf

 ospf router-id 192.168.2.7

 compatible rfc1583

 redistribute connected

 redistribute static

 network 192.168.2.0/24 area 0

 network 192.168.7.0/24 area 0

 network 192.168.80.0/24 area 0

 capability opaque

!

access-list 1 remark vty-protection

access-list 1 permit 127.0.0.1

access-list 1 permit 192.168.1.0 0.0.0.255

!

line vty

 access-class 1

 exec-timeout 15 0

!

end



castor-ospfd# show ip ospf neighbor



Neighbor ID     Pri   State           Dead Time   Address         Interface          

 RXmtL RqstL DBsmL

192.168.1.254     1   Full/DR         00:00:40    192.168.2.254   xl0:192.168.2.7     0   

  0     0

192.168.201.2     1   Full/Backup     00:00:36    192.168.7.254   ed0:192.168.7.7     0   

  0     0

192.168.1.254     1   Full/DR         00:00:40    192.168.80.254  vlan8:192.168.80.1

0    0     0



castor-ospfd# show ip ospf border-routers

============ OSPF router routing table =============

R    192.168.1.1           [20] area: 0.0.0.0, ABR, ASBR

                           via 192.168.2.254, xl0

                           via 192.168.80.254, vlan8

R    192.168.1.254         [10] area: 0.0.0.0, ASBR

                           via 192.168.2.254, xl0

                           via 192.168.80.254, vlan8

R    192.168.201.1      IA [20] area: 0.0.0.0, ASBR

                           via 192.168.7.254, ed0

R    192.168.201.2         [10] area: 0.0.0.0, ABR, ASBR

                           via 192.168.7.254, ed0

R    192.168.201.4         [30] area: 0.0.0.0, ABR

                           via 192.168.7.254, ed0



castor-ospfd# show ip ospf route

============ OSPF network routing table ============

N    192.168.1.0/24        [20] area: 0.0.0.0

                           via 192.168.2.254, xl0

                           via 192.168.80.254, vlan8

N    192.168.2.0/24        [10] area: 0.0.0.0

                           directly attached to xl0

N    192.168.7.0/24        [10] area: 0.0.0.0

                           directly attached to ed0

N IA 192.168.13.0/29       [16] area: 0.0.0.0

                           via 192.168.7.254, ed0

N IA 192.168.14.0/24       [20] area: 0.0.0.0

                           via 192.168.7.254, ed0

N IA 192.168.16.0/23       [16] area: 0.0.0.0

                           via 192.168.7.254, ed0

N IA 192.168.19.0/24       [30] area: 0.0.0.0

                           via 192.168.7.254, ed0

N    192.168.80.0/24       [10] area: 0.0.0.0

                           directly attached to vlan8

N IA 192.168.201.1/32      [21] area: 0.0.0.0

                           via 192.168.7.254, ed0

N    192.168.201.2/32      [11] area: 0.0.0.0

                           via 192.168.7.254, ed0

N IA 192.168.201.3/32      [17] area: 0.0.0.0

                           via 192.168.7.254, ed0

N IA 192.168.201.4/32      [31] area: 0.0.0.0

                           via 192.168.7.254, ed0



============ OSPF router routing table =============

R    192.168.1.1           [20] area: 0.0.0.0, ABR, ASBR

                           via 192.168.2.254, xl0

                           via 192.168.80.254, vlan8

R    192.168.1.254         [10] area: 0.0.0.0, ASBR

                           via 192.168.2.254, xl0

                           via 192.168.80.254, vlan8

R    192.168.201.1      IA [20] area: 0.0.0.0, ASBR

                           via 192.168.7.254, ed0

R    192.168.201.2         [10] area: 0.0.0.0, ABR, ASBR

                           via 192.168.7.254, ed0

R    192.168.201.4         [30] area: 0.0.0.0, ABR

                           via 192.168.7.254, ed0



============ OSPF external routing table ===========

N E2 192.168.44.0/24       [10/20] tag: 0

                           via 192.168.2.254, xl0

                           via 192.168.80.254, vlan8

N E2 111.11.117.0/24       [10/20] tag: 0

                           via 192.168.2.254, xl0

                           via 192.168.80.254, vlan8

Example 9-21. Zebra OSPF Configuration and Output on Ganymed

ganymed-ospfd# show running-config

...

router ospf

 ospf router-id 192.168.1.254

 compatible rfc1583

 redistribute connected

 redistribute static

 network 192.168.1.0/24 area 0

 network 192.168.2.0/24 area 0

 network 192.168.45.0/24 area 0

 network 192.168.80.0/24 area 0

 capability opaque

...



[root@ganymed:~#] netstat -rn -f inet

Routing tables



Internet:

Destination        Gateway            Flags     Refs     Use    Mtu  Interface

default            111.11.117.1       UGS         1     8314   1500   ne5

127/8              127.0.0.1          UGRS        0        0  33224   lo0

127.0.0.1          127.0.0.1          UH          4      714  33224   lo0

172.16.7/24        192.168.2.7        UG1         0        0   1500   ne4

192.168.1/24       link#1             UC          0        0   1500   ne3

192.168.1.1        52:54:5:e3:51:87   UHL         5     2806   1500   ne3

192.168.1.2        8:0:46:64:74:1b    UHL         1    11211   1500   ne3

192.168.1.254      127.0.0.1          UGHS        0        0  33224   lo0

192.168.2/24       link#2             UC          0        0   1500   ne4

192.168.2.7        0:10:5a:c4:2c:4    UHL         6     6466   1500   ne4

192.168.7/24       192.168.2.7        UG1         1      130   1500   ne4

192.168.13.0/29    192.168.2.7        UG1         0        3   1500   ne4

192.168.14/24      192.168.1.1        UG1         0        0   1500   ne3

192.168.16/23      192.168.2.7        UG1         0        0   1500   ne4

192.168.19/24      192.168.1.1        UG1         0        0   1500   ne3

192.168.44.1       192.168.44.1       UH          0        0  33224   lo1

192.168.80/24      link#16            UC          0        0   1496   vlan0

192.168.80.1       0:10:5a:c4:2c:4    UHL         0        0   1496   vlan0

192.168.201.1      192.168.1.1        UGH1        0        0   1500   ne3

192.168.201.2      192.168.2.7        UGH1        0        0   1500   ne4

192.168.201.3      192.168.2.7        UGH1        1       87   1500   ne4

192.168.201.4      192.168.1.1        UGH1        0        1   1500   ne3

111.11.117/24      link#3             UC          0        0   1500   ne5

111.11.117.1       0:5:9a:5b:23:fc    UHL         1        0   1500   ne5



ganymed-zebra# sh ip route

Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,

       B - BGP, > - selected route, * - FIB route



K>* 0.0.0.0/0 via 111.11.117.1, ne5

K * 127.0.0.0/8 via 127.0.0.1 inactive

C>* 127.0.0.0/8 is directly connected, lo0

O>* 172.16.7.0/24 [110/20] via 192.168.2.7, ne4, 01:35:14

  *                        via 192.168.80.1, vlan0, 01:35:14

O   192.168.1.0/24 [110/10] is directly connected, ne3, 01:50:01

C>* 192.168.1.0/24 is directly connected, ne3

O   192.168.2.0/24 [110/10] is directly connected, ne4, 01:50:00

C>* 192.168.2.0/24 is directly connected, ne4

O>* 192.168.7.0/24 [110/20] via 192.168.2.7, ne4, 01:35:15

  *                         via 192.168.80.1, vlan0, 01:35:15

O>* 192.168.13.0/29 [110/26] via 192.168.2.7, ne4, 01:34:25

  *                          via 192.168.80.1, vlan0, 01:34:25

O>* 192.168.14.0/24 [110/20] via 192.168.1.1, ne3, 01:40:11

O>* 192.168.16.0/23 [110/26] via 192.168.2.7, ne4, 01:34:15

  *                          via 192.168.80.1, vlan0, 01:34:15

O>* 192.168.19.0/24 [110/30] via 192.168.1.1, ne3, 01:33:11

C>* 192.168.44.0/24 is directly connected, lo1

O   192.168.80.0/24 [110/10] is directly connected, vlan0, 01:35:15

C>* 192.168.80.0/24 is directly connected, vlan0

O>* 192.168.201.1/32 [110/21] via 192.168.1.1, ne3, 01:33:11

O>* 192.168.201.2/32 [110/21] via 192.168.2.7, ne4, 01:34:35

  *                           via 192.168.80.1, vlan0, 01:34:35

O>* 192.168.201.3/32 [110/27] via 192.168.2.7, ne4, 01:34:25

  *                           via 192.168.80.1, vlan0, 01:34:25

O>* 192.168.201.4/32 [110/31] via 192.168.1.1, ne3, 01:33:01

C>* 111.11.117.0/24 is directly connected, ne5



ganymed-ospfd# show ip ospf

 OSPF Routing Process, Router ID: 192.168.1.254

 Supports only single TOS (TOS0) routes

 This implementation conforms to RFC2328

 RFC1583Compatibility flag is enabled

 OpaqueCapability flag is enabled

 SPF schedule delay 5 secs, Hold time between two SPFs 10 secs

 Refresh timer 10 secs

 This router is an ASBR (injecting external routing information)

 Number of external LSA 3

 Number of areas attached to this router: 1



 Area ID: 0.0.0.0 (Backbone)

   Number of interfaces in this area: Total: 3, Active: 6

   Number of fully adjacent neighbors in this area: 3

   Area has no authentication

   SPF algorithm executed 15 times

   Number of LSA 29



ganymed-ospfd# show ip ospf neighbor



Neighbor ID     Pri   State           Dead Time   Address         Interface          

 RXmtL RqstL DBsmL

192.168.1.1      1   Full/Backup     00:00:33    192.168.1.1     ne3:192.168.1.254    0   

  0     0

192.168.2.7      1   Full/Backup     00:00:3 1   192.168.2.7     ne4:192.168.2.254    0   

  0     0

192.168.2.7      1  Full/Backup      00:00:31    192.168.80.1    vlan0:192.168.80.254 0   

  0     0



ganymed-ospfd# show ip ospf border-routers

============ OSPF router routing table =============

R    192.168.1.1           [10] area: 0.0.0.0, ABR, ASBR

                           via 192.168.1.1, ne3

R    192.168.2.7           [10] area: 0.0.0.0, ASBR

                           via 192.168.2.7, ne4

                           via 192.168.80.1, vlan0

R    192.168.201.1      IA [20] area: 0.0.0.0, ASBR

                           via 192.168.1.1, ne3

R    192.168.201.2         [20] area: 0.0.0.0, ABR, ASBR

                           via 192.168.2.7, ne4

                           via 192.168.80.1, vlan0

R    192.168.201.4         [30] area: 0.0.0.0, ABR

                           via 192.168.1.1, ne3



ganymed-ospfd# show ip ospf route

============ OSPF network routing table ============

N    192.168.1.0/24        [10] area: 0.0.0.0

                           directly attached to ne3

N    192.168.2.0/24        [10] area: 0.0.0.0

                           directly attached to ne4

N    192.168.7.0/24        [20] area: 0.0.0.0

                           via 192.168.2.7, ne4

                           via 192.168.80.1, vlan0

N IA 192.168.13.0/29       [26] area: 0.0.0.0

                           via 192.168.2.7, ne4

                           via 192.168.80.1, vlan0

N IA 192.168.14.0/24       [20] area: 0.0.0.0

                           via 192.168.1.1, ne3

N IA 192.168.16.0/23       [26] area: 0.0.0.0

                           via 192.168.2.7, ne4

                           via 192.168.80.1, vlan0

N IA 192.168.19.0/24       [30] area: 0.0.0.0

                           via 192.168.1.1, ne3

N    192.168.80.0/24       [10] area: 0.0.0.0

                           directly attached to vlan0

N IA 192.168.201.1/32      [21] area: 0.0.0.0

                           via 192.168.1.1, ne3

N    192.168.201.2/32      [21] area: 0.0.0.0

                           via 192.168.2.7, ne4

                           via 192.168.80.1, vlan0

N IA 192.168.201.3/32      [27] area: 0.0.0.0

                           via 192.168.2.7, ne4

                           via 192.168.80.1, vlan0

N IA 192.168.201.4/32      [31] area: 0.0.0.0

                           via 192.168.1.1, ne3



============ OSPF router routing table =============

R    192.168.1.1           [10] area: 0.0.0.0, ABR, ASBR

                           via 192.168.1.1, ne3

R    192.168.2.7           [10] area: 0.0.0.0, ASBR

                           via 192.168.2.7, ne4

                           via 192.168.80.1, vlan0

R    192.168.201.1      IA [20] area: 0.0.0.0, ASBR

                           via 192.168.1.1, ne3

R    192.168.201.2         [20] area: 0.0.0.0, ABR, ASBR

                           via 192.168.2.7, ne4

                           via 192.168.80.1, vlan0

R    192.168.201.4         [30] area: 0.0.0.0, ABR

                           via 192.168.1.1, ne3



============ OSPF external routing table ===========

N E2 172.16.7.0/24         [10/20] tag: 0

                           via 192.168.2.7, ne4

                           via 192.168.80.1, vlan0

ECMP—Manipulating Metric and Distance

ECMP is a capability of the underlying operating system. It can be achieved via equal-cost static routes independently of dynamic routing protocols. Still, the question arises whether the resulting load-sharing behavior is packet-based or flow-based.

NOTE

The only ECMP-capable operating system I have tested is Linux (enable ECMP when compiling), which does per-flow balancing, unless forced to alter its behavior by the equalize flag of the IP utility.

Link-state protocols such as OSPF and IS-IS were designed to support ECMP, depending on the implementation. GateD is capable of ECMP; however, you must alter the MULTIPATH definition in the sources to enable this feature (see Example 9-22). In my GateD lab, ECMP is disabled.

Example 9-22. GateD ECMP Configuration

./gated-public-3_6/src/gated/rt_table.h:



/*

 * The number of multipath routes supported by the forwarding engine.

 */

#ifndef RT_N_MULTIPATH

#define RT_N_MULTIPATH  6

#endif  /* RT_N_MULTIPATH */

Zebra ospfd is capable of ECMP as well; isisd is not yet capable of ECMP. Including ECMP support has to be decided at compile time (configure --enable-multipath=6). It is highly recommended that you read the ECMP RFCs (RFC 2991 and RFC 2992) for a better grasp of this delicate matter.

Keep in mind that load balancing is done only on outbound traffic; be aware of what really resembles a flow when testing your setup, so as not to misjudge the behavior of a correct configuration! Example 9-23 shows an example combination of the ECMP-capable Linux kernel and the Zebra ospfd.

Example 9-23. Linux ECMP in Action

[root@callisto:~#] ip route

192.168.201.2 via 192.168.14.254 dev eth0  proto zebra  metric 11 equalize

192.168.17.0/29 via 192.168.14.254 dev eth0  proto zebra  metric 16 equalize

192.168.13.0/29 via 192.168.14.254 dev eth0  proto zebra  metric 16 equalize

192.168.7.0/24 via 192.168.14.254 dev eth0  proto zebra  metric 20 equalize

111.11.117.0/24 via 192.168.1.254 dev eth1  proto zebra  metric 20 equalize

192.168.2.0/24 via 192.168.1.254 dev eth1  proto zebra  metric 20 equalize

192.168.80.0/24 via 192.168.1.254 dev eth1  proto zebra  metric 20 equalize

192.168.1.0/24 dev eth1  scope link

192.168.201.0/24  proto zebra  metric 20 equalize

        nexthop via 192.168.14.254  dev eth0 weight 1

        nexthop via 192.168.1.254  dev eth1 weight 1

192.168.14.0/24 dev eth0  scope link

192.168.44.0/24 via 192.168.1.254 dev eth1  proto zebra  metric 20 equalize

192.168.45.0/24 via 192.168.1.254 dev eth1  proto zebra  metric 20 equalize

127.0.0.0/8 dev lo  scope link

default via 192.168.1.254 dev eth1

Stylify

IP Forwarding Control and Special Interfaces

5:05 AM

Ethernet Channel Bonding

5:01 AM

OSPF (Open Shortest Path First)

4:20 AM

OSPFv2

Lab 9-4: Leaf-Area Design Featuring GateD and Cisco IOS

Example 9-10. Castor GateD Configuration and Output

Example 9-11. Callisto ospf_monitor Output for Remote Host Castor

Example 9-12. Callisto GateD Configuration and Output

Example 9-13. Callisto GateD Diagnostic Output

Example 9-14. Ganymed GateD Configuration and Routing Table

Example 9-15. Scar Configuration and Diagnostic Output

Example 9-16. Hardy Configuration and Diagnostic Output

Example 9-17. Chaplin Configuration and Diagnostic Output

Example 9-18. Laurel Configuration and Diagnostic Output

Exercise 9-3: Exporting Loopback Addresses

Lab 9-5: Leaf-Area Design Featuring Zebra and Cisco IOS Software

Example 9-19. Zebra OSPF Configuration and Output on Callisto

Example 9-20. Zebra OSPF Configuration and Output on Castor

Example 9-21. Zebra OSPF Configuration and Output on Ganymed

ECMP—Manipulating Metric and Distance

Example 9-22. GateD ECMP Configuration

Example 9-23. Linux ECMP in Action

This Month's Favs

5:05 AM

5:01 AM

4:20 AM