[j-nsp] Preventing direct routes from forming OSPF summaries
Tore Anderson
tore.anderson at redpill-linpro.com
Thu Aug 30 09:42:46 EDT 2012
I have a OSPFv3 network that looks something like this (simplified):
+-----+ +-----+
|MX240|xe-0/0/0 ---(area 0)--- xe-0/0/0|MX240|
+-----+ +-----+
xe-0/1/0 xe-0/1/0
| |
(area 1) +------+ (area 1)
\------ xe-0/0/0|EX4500|xe-1/0/0 ------/
+------+
||||||
(production stuff)
I thought it was nice and fault-tolerant, which it was - until I wanted
to configure route summarisation on the MX-es. Area 1 is an NSSA
allocated a range of IP addresses, which I configured as an area-range
on both MX-es.
I noticed that if the OSPF session between one MX and the EX goes down,
that MX will continue to install the summary discard route, effectively
blackholing all traffic destined for area 1. It will advertise this
summary to other area 0 neighbors (not drawn above) too, sucking even
more traffic into the blackhole. The reason for this appears to be that
the downlink interfaces to the EX are numbered using addresses that's
part of the configured area-range, so if the physical interface doesn't
go down, the direct route is still there and triggering the
summarisation of the area-range.
Is there a clever way to avoid this? I'm thinking along the lines of a
knob that would make it so that a summary wouldn't pop into existence
unless an active *ospf* route from inside the area-range exists.
Best regards,
--
Tore Anderson
Redpill Linpro AS - http://www.redpill-linpro.com
More information about the juniper-nsp
mailing list