[j-nsp] ERX and OSPF advertising

Goldschmidt, Bernd bernd.goldschmidt at siemens.com
Tue Nov 8 12:51:19 EST 2005 

Hello, 

I'm not 100% sure if there is no known issue, but best 
practise is and what we do in a lot of networks, to 
advertise the customer routes via static routes to null 0
and redistribute these static routes into OSPF.

This will be not so stressing for the OSPF process as these 
summary adresses.


Here an example:
----------------
(no summary statements at router ospf)
ip route x.x.25.0 255.255.255.0 null 0
ip route x.x.96.0 255.255.255.0 null 0
...
access-list "red_pool" permit ip x.x.25.0 0.0.3.255 any
access-list "red_pool" permit ip x.x.96.0 0.0.3.255 any
...
! (plus all other static routes that need to redistrbuted in OSPF)
access-list "red_pool" deny ip any any
! 
! 
route-map "red_pool" permit 10
 match ip address "red_pool"
...
router ospf 1
...
 reditribute static route-map "red_pool"



This runs very stable.

Is there a chance to run BGP for transport of the customer routes?
This is more scalable.

Gruß
Bernd.

 

> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net 
> [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Kim Onnel
> Sent: Tuesday, November 08, 2005 12:32 PM
> To: juniper-nsp at puck.nether.net
> Subject: [j-nsp] ERX and OSPF advertising
> 
> Hello,
> 
> we have an ERX that is terminating the PPP sessions of around 
> 10k users, so
> we have like 10k directly connected routes in the routing 
> table, when we
> advertise them to the gateway,
> 
> we do that with the summary-address command, before that we used
> redistribution of connected subnets using a route-map that 
> supress /32, but
> we were advised to use the summ-add becasue the route-map 
> will kell the box,
> what we're seeing is self-reloading and processing problems 
> on the ERX, is
> there any known issue around this, ospf on Junose, whats the 
> preferred way
> to do it ?
> 
> Regards
> 
> ERX#sh run | b router ospf
> Please wait..............
> router ospf 1
> graceful-restart restart-time 0
> graceful-restart notify-time 0
> summary-address xxx.xxx.25.0 255.255.255.0 <http://255.255.255.0>
> summary-address xxx.xxx.96.0 255.255.255.0 <http://255.255.255.0>
> summary-address xxx.xxx.148.0 255.255.255.0 <http://255.255.255.0>
> summary-address xxx.xxx.149.0 255.255.255.0 <http://255.255.255.0>
> summary-address xxx.xxx.150.0 255.255.254.0 <http://255.255.254.0>
> summary-address xxx.xxx.150.0 255.255.255.0 <http://255.255.255.0>
> summary-address xxx.xxx.152.0 255.255.255.0 <http://255.255.255.0>
> summary-address xxx.xxx.153.0 255.255.255.0 <http://255.255.255.0>
> summary-address xxx.xxx.154.0 255.255.254.0 <http://255.255.254.0>
> summary-address xxx.xxx.156.0 255.255.255.0 <http://255.255.255.0>
> summary-address xxx.xxx.157.0 255.255.255.0 <http://255.255.255.0>
> summary-address xxx.xxx.158.0 255.255.255.0 <http://255.255.255.0>
> summary-address xxx.xxx.159.0 255.255.255.0 <http://255.255.255.0>
> summary-address xxx.xxx.227.0 255.255.255.128 <http://255.255.255.128>
> summary-address xxx.xxx.241.0 255.255.255.0 <http://255.255.255.0>
> summary-address xxx.xxx.249.128 255.255.255.128 
> <http://255.255.255.128>
> summary-address xxx.xxx.192.0 255.255.255.0 <http://255.255.255.0>
> summary-address xxx.xxx.193.0 255.255.255.0 <http://255.255.255.0>
> summary-address xxx.xxx.194.0 255.255.255.0 <http://255.255.255.0>
> summary-address xxx.xxx.248.0 255.255.255.0 <http://255.255.255.0>
> ! Area 0.0.0.0 <http://0.0.0.0>
> address xxx.xxx.110.83 area 0.0.0.0 <http://0.0.0.0>
> address xxx.xxx.110.83 priority 0
> address 172.31.1.140 <http://172.31.1.140> area 0.0.0.0 
> <http://0.0.0.0>
> !
> redistribute static
> redistribute connected route-map connected
> !
> 
> ERX#sh route-map connected
> route-map connected, permit, sequence 10
> Match clauses:
> match access-list 120
> 
> 
> ERX#sh ip access-list 120
> IP Access List 120:
> deny ip any host 255.255.255.255 <http://255.255.255.255> (25 Matches)
> check=1722 log
> permit ip any any (1697 Matches) check=1697
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>

More information about the juniper-nsp mailing list