I had an interesting situation in a lab environment the other day. It seems Juniper has been tweaking how OSPF works with their routers with some interesting consequences.
Here’s the layout of the test network:
Juniper OSPF Lab Network
All pretty simple and straightforward. R1 is the Area 0, or backbone, router. R2 is the ABR, and R3 is in a stub area. R2 will advertise the default route 0.0.0.0/0 into Area 1 which appears on R3:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
root@R3> show route inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[OSPF/10] 00:02:42, metric 11 > to 10.10.130.2 via em0.114 10.10.128.1/32 *[Direct/0] 00:03:32 > via lo0.0 10.10.130.0/24 *[Direct/0] 00:03:32 > via em0.114 10.10.130.1/32 *[Local/0] 00:03:32 Local via em0.114 224.0.0.5/32 *[OSPF/10] 00:03:34, metric 1 MultiRecv root@R3> |
So there’s the stub area summary route and all is fine. Now, here’s a question for the experts : what happens on R3 if the interface on R1 goes down? – Nothing, right? Well, let’s try it and take a look:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
root@R1> edit Entering configuration mode [edit] root@R1# edit interfaces em0.124 [edit interfaces em0 unit 124] root@R1# show vlan-id 124; family inet { address 10.20.130.1/24; } [edit interfaces em0 unit 124] root@R1#set disable [edit interfaces em0 unit 124] root@R1# commit commit complete [edit interfaces em0 unit 124] root@R1# |
And now we wait for a minute and take another look at R3:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
root@R3> show route inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 10.10.128.1/32 *[Direct/0] 00:07:51 > via lo0.0 10.10.130.0/24 *[Direct/0] 00:07:51 > via em0.114 10.10.130.1/32 *[Local/0] 00:07:51 Local via em0.114 224.0.0.5/32 *[OSPF/10] 00:07:53, metric 1 MultiRecv root@R3> |
Uhhh, wait a minute. Where did my default route go? R3 can’t reach stuff outside of Area 1 – not even R2’s interface in Area 0 – 10.20.130.2. What’s going on here?
It turns out that this is a feature from Juniper called Active Backbone Detection. It’s reasoning is that if the Area Border Router ( ABR – R2 here ) loses it’s connectivity into the backbone Area 0 then it will drop it’s summary route into any Stub or NSSA areas. This can be a little bit disturbing and quite surprising if you’re not ready for it.
In some circumstances, this might be useful. If there is two ABRs into the stub area, and one loses it’s connection into the backbone, then you will probably want it to stop advertising it’s default route. Something like this:
Two ABRs connecting the stubby Area 1 to the backbone
In this case, backbone detection will be useful – otherwise you’ll need to do some other shenanigans to keep everything working if an ABR loses it’s backbone connection.
The other way around the problem is to apply an undocumented command on R2 to disable the backbone detection mechanism:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
root@R2> edit Entering configuration mode [edit] root@R2# edit protocols ospf [edit protocols ospf] root@R2# show area 0.0.0.0 { interface em0.124; interface lo0.0; interface em0.314; } area 0.0.0.1 { stub default-metric 10 no-summaries; interface em0.114; } [edit protocols ospf] root@R2# set no- ^ 'no-' is ambiguous. Possible completions: no-nssa-abr Disable full NSSA functionality at ABR no-rfc-1583 Disable RFC1583 compatibility [edit protocols ospf] root@R2# set no-active-backbone [edit protocols ospf] root@R2# show no-active-backbone; area 0.0.0.0 { interface em0.124; interface lo0.0; interface em0.314; } area 0.0.0.1 { stub default-metric 10 no-summaries; interface em0.114; } [edit protocols ospf] root@R2# commit commit complete [edit protocols ospf] root@R2# |
Notice how Junos wouldn’t do auto completion for the option. It’s really not documented. Now let’s check what R3 thinks of this:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
root@R3> show route inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[OSPF/10] 00:00:20, metric 11 > to 10.10.130.2 via em0.114 10.10.128.1/32 *[Direct/0] 00:21:03 > via lo0.0 10.10.130.0/24 *[Direct/0] 00:21:03 > via em0.114 10.10.130.1/32 *[Local/0] 00:21:03 Local via em0.114 224.0.0.5/32 *[OSPF/10] 00:21:05, metric 1 MultiRecv root@R3> |
Great! problem solved.
Now go back to work.
