5월 31 2024

[eve-ng labs.] Juniper 스위치 OSPF 설정

주니퍼 vEX 스위치 OSPF(open shortest path first) 설정하기.

* 시험환경: eve-ng.
사용 스위치: Juniper vEX 스위치, cisco vIOS 스위치
R1, R2, R3 : 주니퍼 vEX 스위치
Switch-1, Switch-2: 시스코 vIOS 스위치

구성은 아래 처럼.

1. R1 설정(Designated Router)

각 라우터와 연결된 인터페이스 설정

[edit]
root@R1# set interfaces ge-0/0/0 unit 0 family inet address 10.10.1.1/30

[edit]
root@R1# set interfaces ge-0/0/1 unit 0 family inet address 10.10.2.1/30

ospf 설정. cisco의 process id 개념은 없다.

root@R1# set protocols ospf area 0.0.0.0 interface ge-0/0/0

[edit]
root@R1# set protocols ospf area 0.0.0.0 interface ge-0/0/1

2. R2 설정

인터페이스 설정

[edit]
root@R2# set interfaces ge-0/0/0 unit 0 family inet address 10.10.1.2/30

[edit]
root@R2# set interfaces ge-0/0/4 unit 0 family inet address 10.10.3.1/30

[edit]
root@R2# set interfaces ge-0/0/8 unit 0 family inet address 10.10.11.1/30

[edit]
root@R2# set interfaces ge-0/0/9 unit 0 family inet address 10.10.12.1/30

ospf 설정

[edit]
root@R2# set protocols ospf area 0.0.0.0 interface ge-0/0/0

[edit]
root@R2# set protocols ospf area 0.0.0.0 interface ge-0/0/4

[edit]
root@R2# set protocols ospf area 0.0.0.0 interface ge-0/0/8

[edit]
root@R2# set protocols ospf area 0.0.0.0 interface ge-0/0/9

3. R3 설정

인터페이스 설정

[edit]
root@R3# set interfaces ge-0/0/0 unit 0 family inet address 10.10.2.2/30

[edit]
root@R3# set interfaces ge-0/0/4 unit 0 family inet address 10.10.3.2/30

[edit]
root@R3# set interfaces ge-0/0/8 unit 0 family inet address 10.10.13.1/30

[edit]
root@R3# set interfaces ge-0/0/9 unit 0 family inet address 10.10.14.1/30

OSPF 설정

[edit]
root@R3# set protocols ospf area 0.0.0.0 interface ge-0/0/0

[edit]
root@R3# set protocols ospf area 0.0.0.0 interface ge-0/0/4

[edit]
root@R3# set protocols ospf area 0.0.0.0 interface ge-0/0/8

[edit]
root@R3# set protocols ospf area 0.0.0.0 interface ge-0/0/9

4. Switch-1 설정

인터페이스 설정

Switch-1(config)#int gi0/0
Switch-1(config-if)#ip address 10.10.11.2 255.255.255.252
Switch-1(config-if)#int gi0/1
Switch-1(config-if)#ip address 10.10.13.2 255.255.255.252
Switch-1(config-if)#no shutdown
Switch-1(config-if)#end

vPC 사용할 VLAN 설정

Switch-1(config)#vlan 400
Switch-1(config)#vlan 400
Switch-1(config-vlan)#exit
Switch-1(config)#int vlan 400
Switch-1(config-if)#ip address 172.16.100.1 255.255.255.0
Switch-1(config-if)#ip address 172.16.150.1 255.255.255.0 sec
Switch-1(config-if)#ip address 172.16.150.1 255.255.255.0 secondary

Switch-1(config)#int range gi1/0-3
Switch-1(config-if-range)#switchport
Switch-1(config-if-range)#switchport access vlan 400

OSPF 설정

Switch-1(config)#router ospf 100
Switch-1(config-router)#network 10.10.11.0 0.0.0.3 area 0
Switch-1(config-router)#network 10.10.13.0 0.0.0.3 area 0
Switch-1(config-router)#network 172.16.100.0 0.0.0.255 area 0
Switch-1(config-router)#network 172.16.150.0 0.0.0.255 area 0

5. Switch-2 설정

인터페이스 설정

Switch-2(config)#int range gi0/0-1
Switch-2(config-if-range)#no switchport
Switch-2(config-if-range)#int gi0/0
Switch-2(config-if)#ip address 10.10.12.2 255.255.255.252
Switch-2(config-if)#int gi0/1
Switch-2(config-if)#ip address 10.10.14.2 255.255.255.252

vLAN 설정

Switch-2(config)#vlan 420
Switch-2(config-vlan)#int vlan 420
Switch-2(config-if)#ip address 172.17.200.1 255.255.255.0
Switch-2(config-if)#ip address 172.17.250.1 255.255.255.0 se
Switch-2(config-if)#ip address 172.17.250.1 255.255.255.0 secondary

Switch-2(config)#int range gi1/0-3
Switch-2(config-if-range)#switchport
Switch-2(config-if-range)#switchport access vlan 420
Switch-2(config-if-range)#end

OSPF 설정

Switch-2(config)#router ospf 100
Switch-2(config-router)#network 10.10.12.0 0.0.0.3 area 0
Switch-2(config-router)#network 10.10.14.0 0.0.0.3 area 0
Switch-2(config-router)#network 172.17.200.0 0.0.0.255 area 0
Switch-2(config-router)#network 172.17.250.0 0.0.0.255 area 0

6. vPC-1 설정

VPCS> ip 172.16.100.100 255.255.255.0 172.16.100.1
Checking for duplicate address...
VPCS : 172.16.100.100 255.255.255.0 gateway 172.16.100.1

7. vPC-2 설정

VPCS> ip 172.17.250.100 255.255.255.0 172.17.250.1
Checking for duplicate address...
VPCS : 172.17.250.100 255.255.255.0 gateway 172.17.250.1

8. 라우팅 확인.

R1 에서 ospf 확인

root@R1> show route brief

inet.0: 14 destinations, 14 routes (14 active, 0 holddown, 0 hidden)
Limit/Threshold: 1048576/1048576 destinations
+ = Active Route, - = Last Active, * = Both

10.10.1.0/30       *[Direct/0] 00:58:57
                    >  via ge-0/0/0.0
10.10.1.1/32       *[Local/0] 00:58:57
                       Local via ge-0/0/0.0
10.10.2.0/30       *[Direct/0] 00:58:57
                    >  via ge-0/0/1.0
10.10.2.1/32       *[Local/0] 00:58:57
                       Local via ge-0/0/1.0
10.10.3.0/30       *[OSPF/10] 00:55:33, metric 2
                    >  to 10.10.1.2 via ge-0/0/0.0
                       to 10.10.2.2 via ge-0/0/1.0
10.10.11.0/30      *[OSPF/10] 00:56:22, metric 2
                    >  to 10.10.1.2 via ge-0/0/0.0
10.10.12.0/30      *[OSPF/10] 00:56:22, metric 2
                    >  to 10.10.1.2 via ge-0/0/0.0
10.10.13.0/30      *[OSPF/10] 00:55:33, metric 2
                    >  to 10.10.2.2 via ge-0/0/1.0
10.10.14.0/30      *[OSPF/10] 00:55:33, metric 2
                    >  to 10.10.2.2 via ge-0/0/1.0
172.16.100.0/24    *[OSPF/10] 00:30:12, metric 3
                       to 10.10.1.2 via ge-0/0/0.0
                    >  to 10.10.2.2 via ge-0/0/1.0
172.16.150.0/24    *[OSPF/10] 00:30:12, metric 3
                       to 10.10.1.2 via ge-0/0/0.0
                    >  to 10.10.2.2 via ge-0/0/1.0
172.17.200.0/24    *[OSPF/10] 00:20:29, metric 3
                    >  to 10.10.1.2 via ge-0/0/0.0
                       to 10.10.2.2 via ge-0/0/1.0
172.17.250.0/24    *[OSPF/10] 00:20:24, metric 3
                    >  to 10.10.1.2 via ge-0/0/0.0
                       to 10.10.2.2 via ge-0/0/1.0
224.0.0.5/32       *[OSPF/10] 00:59:14, metric 1
                       MultiRecv
inet6.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
Limit/Threshold: 1048576/1048576 destinations
+ = Active Route, - = Last Active, * = Both
fe80::5200:ff:fe01:0/128
                   *[Local/0] 00:59:14
                       Local via fxp0.0
ff02::2/128        *[INET6/0] 00:59:14
                       MultiRecv

root@R1>

vPC-1에서 R1까지 경로 확인.
R1의 인터페이스에 따라 경로가 다름을 볼 수 있다.

VPCS> trace 10.10.1.1
trace to 10.10.1.1, 8 hops max, press Ctrl+C to stop
 1   172.16.100.1   1.290 ms  1.233 ms  1.840 ms
 2   10.10.11.1   1.576 ms  1.288 ms  1.813 ms
 3   *10.10.1.1   3.230 ms (ICMP type:3, code:3, Destination port unreachable)

VPCS> trace 10.10.2.1
trace to 10.10.2.1, 8 hops max, press Ctrl+C to stop
 1   172.16.100.1   1.256 ms  1.122 ms  1.074 ms
 2   10.10.13.1   2.067 ms  2.257 ms  2.713 ms
 3   *10.10.2.1   11.915 ms (ICMP type:3, code:3, Destination port unreachable)

R1-R2 연결을 끊고 vpc1-R1 경로 확인(아래 그림처럼 연결 끊음)

끊기 전.

VPCS> trace 10.10.1.1
trace to 10.10.1.1, 8 hops max, press Ctrl+C to stop
 1   172.16.100.1   1.215 ms  1.112 ms  1.084 ms
 2   10.10.11.1   3.844 ms  1.542 ms  1.681 ms
 3   *10.10.1.1   3.389 ms (ICMP type:3, code:3, Destination port unreachable)

R2의 ge-0/0/0을 다운시킨 후.

VPCS> trace 10.10.1.1
trace to 10.10.1.1, 8 hops max, press Ctrl+C to stop
 1   172.16.100.1   1.209 ms  1.078 ms  1.121 ms
 2   10.10.13.1   32.137 ms  8.097 ms  3.317 ms
 3   *10.10.1.1   3.840 ms (ICMP type:3, code:3, Destination port unreachable)

R2의 ge-0/0/0, R3의 ge-0/0/8을 다운시킨후, R1까지 경로확인.

VPCS> trace 10.10.1.1
trace to 10.10.1.1, 8 hops max, press Ctrl+C to stop
 1   172.16.100.1   1.588 ms  1.211 ms  1.295 ms
 2   10.10.11.1   1.928 ms  1.493 ms  1.416 ms
 3   10.10.3.2   2.545 ms  2.259 ms  1.781 ms
 4   *10.10.1.1   3.962 ms (ICMP type:3, code:3, Destination port unreachable)

답글 남기기

Your email address will not be published.