Protocols

Troubleshooting
Routing Problems
4-1
Copyright 2005 Juniper Networks, Inc.
Proprietary and Confidential
www.juniper.net
Interior Gateway Protocol Overview

lo0: 192.168.255.1/32
Router A
lo0: 192.168.255.2/32
IGP
adjacencies
Router C
Router B
R-A can reach
192.168.255.1,
cost 0
Flooded
LSAs/LSPs
build linkstate
database
lo0: 192.168.255.3/32
The IGP functions to provide internal reachability

Provides routes to the loopback addresses of internal
routers for IBGP peering
IGPs promote connectivity; they lack administrative
controls needed to enforce an ASs routing policy
Normally, link-state routing is deployed
Optimal convergence and bandwidth usage

Based on reliable flooding of link-state updates
Builds a replicated network topology database at all stations within

an OSPF area or IS-IS level and uses SPF to find optimal paths
2006 Juniper Networks, Inc. All rights reserved.
OSPF Protocol Overview

OSPF is a link-state IGP that routes packets
within a single AS
OSPF reliably floods LSAs to distribute link-state
information once an adjacency is formed
Each router uses these LSAs to create a
complete database for the network
OSPF uses the SPF algorithm within the
database to calculate the best route to every
node in the network
OSPF is defined in:
RFC 2328, OSPF Version 2
RFC 1587, The OSPF NSSA Option
OSPF Areas
Areas
Single AS can be divided into smaller groups called areas
Reduces the LSDB because LSA flooding is now
constrained to the area
Routers maintain a separate LSDB on a per-area basis
Each LSDB within an area still must be identical on all
routers
Special OSPF area called the backbone area

Backbone area (0.0.0.0) distributes routing information
between areas
All other OSPF areas must connect to the backbone area
All user traffic from one area to another must traverse
the backbone
OSPF Router Terminology

Internal router has all OSPF links in the same
area
Within area 0, also called a backbone router
Backbone router
Any router with a link to area 0
ABRs
Routers that belong to more than one area are
called area border routers
Connect OSPF areas to the backbone area 0
ASBRs
Routers that inject routing information from outside
the OSPF domain are called AS boundary routers
The Designated Router

OSPF elects a single router to represent a broadcast segment
Significantly reduces OSPF traffic on segment
Minimizes OSPF processes
D
R
OSPF Neighbors versus Adjacencies

user@host> show ospf neighbor extensive
Address
Intf
State
ID
Pri Dead
172.16.30.254
ge-0/0/0.0
Full
10.250.240.8
128
30
area 0.0.0.5, opt 0x42, DR 172.16.30.254, BDR 172.16.30.253
Up 00:10:50, adjacent 00:10:50
172.16.30.253
ge-0/0/0.0
Full
10.250.240.35
128
area 0.0.0.5, opt 0x42, DR 172.16.30.254, BDR 172.16.30.253
Up 00:10:50, adjacent 00:10:52
30
172.16.30.252
ge-0/0/0.0
2Way
10.250.240.32
area 0.0.0.5, opt 0x42, DR 172.16.30.254, BDR 172.16.30.253
Up 00:08:10
38
64
What Is IS-IS?
An IGP based on the SPF algorithm
Uses link-state information to make routing
decisions
Developed for routing ISO CLNP packets

IP was added later
Defined in ISO/IEC 10589, RFCs 1142, 1195, and
2763
IS-IS Concepts
IS-IS network is a single AS
End systems: Network entities (that is, hosts) that

send and receive packets
Intermediate systems: Network entities (that is,
routers) that send and receive packets and relay
(that is, forward) packets
Protocol data units (PDUs): Term for IS-IS packets
A single AS can be divided into smaller groups

called areas, which are organized hierarchically
Level 1 intermediate systems route within an area
or toward a Level 2 system
Attached bit
Level 2 intermediate systems route between areas

and toward other ASs
IS-IS Areas
In IS-IS, links
separate
areas
L1
L1
L1/L2
L1
L1/L2
L2
L1
L1
L1/L2
L2
L1
10
OSPF Areas
In OSPF,
routers
separate areas
ABR
ABR
ABR
11
IS-IS versus OSPF

Both IS-IS and OSPF:
Maintain link-state databases and construct a
shortest
path tree
Dijkstra algorithm
Use hello packets to form and maintain adjacencies

Use a two-level hierarchy
Provide for address summarization between areas
Elect a designated router
Have authentication capabilities
An excellent comparison of the two protocols

is at http://www.nanog.org/mtg-0006/katz.html
12
Neighbors and Adjacencies

IS-IS adjacency rules:
Level 1 routers never
form an adjacency with
a Level 2 router
The reverse is also true
For Level 1 adjacencies,

area IDs must be the
same
For Level 2 adjacencies,
area IDs can be
different
Adjacencies formed
among all systems on
broadcast medium
Level 2 Hello
L2
L1
L2
L1
L1/L2
L1
Level 1 Hello
13
The Designated Intermediate System

IS-IS elects a designated intermediate system (DIS)
on broadcast, multiaccess networks, based on
priority
Separate DIS is elected for L1 and L2 (could be the same
router)
The IS-IS network is considered a routercalled a

pseudo-node
Each router advertises a single link to the pseudo-node,

including the DIS
Each router forms an adjacency with each of its
neighbors on a broadcast, multiaccess network
DIS characteristics:
DIS acts as representative of the pseudo-node
DIS advertises the pseudo-node to all attached routers
No backup DIS in IS-IS

14
Displaying IGP Route Information

The show ospf route and show isis route
commands display routes learned from and
advertised to that IGP
Includes routes for interfaces running that IGP
user@host> show ospf route ?
Possible completions:
<[Enter]>
Execute
abr
Display
asbr
Display
detail
Display
extern
Display
instance
Name of
inter
Display
intra
Display
logical-router
Name of
this command
OSPF routes to area border routers
OSPF routes to AS border routers
detailed output
external OSPF routes
OSPF instance
interarea OSPF routes
intraarea OSPF routes
logical router, or 'all
user@host> show ospf route detail

Prefix
Route/Path/NextHop Type Metric
addr/Label
192.168.0.1/32
Intra
Router
IP
1
area 0.0.0.0, options 0x0x0, origin 192.168.0.1
Next hop i/f
NH
so-0/1/2.0
. . .
15
Displaying IGP Interface Parameters

Use show ospf interface or show isis
interface to display the IGP parameters
associated with an interface
userb@host> show ospf interface
Interface
State
Area
at-0/1/0.100
PtToPt
0.0.0.0
so-0/2/0.0
PtToPt
0.0.0.0
user@host> show isis interface
IS-IS interface database:
Interface
L CirID Level 1 DR
lo0.0
0
0x1 Disabled
so-0/1/0.0
2
0x1 Disabled
so-0/1/1.0
2
0x1 Disabled
so-0/1/2.0
2
0x1 Disabled
DR ID
0.0.0.0
0.0.0.0
Level 2 DR
Passive
Point to Point
Point to Point
Point to Point
BDR ID
0.0.0.0
0.0.0.0
Nbrs
0
0
L1/L2 Metric
0/0
10/10
10/10
10/10
16
Displaying Adjacency Information

Use show ospf neighbor or show isis
adjacency commands to display adjacency
information
user@host> show ospf neighbor
Address
Intf
192.168.254.225 ge-1/2/0.0
192.168.254.230 ge-1/2/0.0
192.168.254.229 ge-1/2/0.0
10.1.1.129
ge-2/0/0.0
10.1.1.131
ge-2/0/0.0
10.1.2.1
ge-2/1/0.0
10.1.2.81
ge-2/1/0.0
user@host> show isis adjacency
IS-IS adjacency database:
Interface
System
so-0/1/2.0
Denver
so-0/1/3.0
SanFran
so-0/2/2.0
Toronto
so-0/2/3.0
Amsterdam
State
2Way
Full
Full
Full
Full
Full
Full
ID
10.250.240.32
10.250.240.8
10.250.240.35
10.250.240.12
10.250.240.11
10.250.240.9
10.250.240.10
L
2
2
2
2
State
Up
Up
Up
Up
Pri Dead
128
36
128
38
128
33
128
23
128
24
128
32
128
33
Hold (secs) SNPA

24
28
23
26
17
Clearing Adjacencies
Clearing adjacencies:
Use the clear ospf neighbor command to
clear OSPF adjacencies:
user@host> clear ospf neighbor 192.168.254.225
Use the clear isis adjacency command to

clear IS-IS adjacencies:
user@host> clear isis adjacency Toronto
18
Troubleshooting OSPF Adjacencies

OSPF:
No neighbor
Physical and data-link-layer connectivity
Mismatched IP subnet/mask (on multiaccess links), area
number, area type, authentication, hello or dead
interval, or network type
Stuck in two-way state

Normal for DR-other neighbors
Stuck in exchange start

Mismatched IP MTU
19
Troubleshooting IS-IS Adjacencies

Compatible IP parameters are not always
required
Multiaccess OSPF interfaces always require matched IP
properties for adjacency formation
Recent JUNOS software releases prevent IS-IS adjacency
formation on multiaccess links when IP paramters are not
matched
If no adjacency, check for:

Physical and data-link-layer connectivity
Mismatched areas (if L1 router) and levels
Failure to support minimum MTU of 1492
Lack of, or malformed, ISO-NET
No NET configured
Failure to include lo0 as an IS-IS interface
20
Displaying Database Entries

Use the show ospf database or show isis
database commands to display entries in the LSDB
user@host> show isis database
IS-IS level 1 link-state database:
LSP ID
Sequence Checksum Lifetime Attributes
host.00-00
0x3
0x48ba
1132 L1 L2
1 LSPs
IS-IS level 2 link-state database:
LSP ID
Sequence Checksum Lifetime Attributes
Denver.00-00
0x6
0xb978
1154 L1 L2
host.00-00
0x4
0x140c
1154 L1 L2
wash-dc.00-00
0x1d7
0x7f37
683 L1 L2
Atlanta.00-00
0x1d3
0xe603
1024 L1 L2
Atlanta.02-00
0x9
0xea81
1175 L1 L2
Houston.00-00
0x1c8
0x8b1c
677 L1 L2
Dallas.00-00
0x1ca
0x1571
1103 L1 L2
NewYork.00-00
0x1dd
0x178a
779 L1 L2
8 LSPs
21
Clearing Database Entries

Use the clear ospf database or the clear
isis database commands to clear the LSDB
Normally existing LSAs/LSPs are simply reflooded

over existing adjacencies
OSPF version supports a purge option that forces a
refresh of all LSAs
user@host> clear ospf database ?

<[Enter]>
Execute this command
instance
Particular OSPF instance
logical-router
Name of logical router or 'all'
purge
Purge database entries rather than
deleting them
|
Pipe through a command
lab@San_Jose-3> clear ospf database purge
22
IGP Tracing
Trace your IGP to gain insight into what the
protocol is doing
A typical OSPF tracing configuration:
[edit protocols ospf]
user@host# show
traceoptions {
file ospf-trace;
flag error detail;
flag hello detail;
flag lsa-update detail;
}
Monitor the resulting ospf-trace log file using

the monitor start log-file-name or the show
log log-file-name commands
23
What Is BGP?
BGP:
Is an interdomain routing protocol that
communicates prefix reachability
Is a path-vector protocol
Views the Internet as a collection of autonomous
systems
Supports CIDR
Exchanges routing information between peers
Is defined in RFC 1771
24
BGP Fundamentals
Each BGP update contains one path
advertisement and attributes
Many prefixes can share the same path
Routes consist of destination prefixes with an

AS path and other BGP-specific attributes
BGP compares the AS path and other
attributes to choose the best path
BGP withdraws unreachable routes
25
BGP Neighbor States

TCP connectivity:
Idle
Connect
Active
BGP connectivity:
OpenSent
OpenConfirm
Established
26
BGP Peering
BGP sessions are established between peers
BGP speakers
Two types of peering sessions:

EBGP (external) peers with different ASs
IBGP (internal) peers within the same AS
IGP connects BGP speakers within the AS
IGP advertises internal routes
27
EBGP and IBGP

ISP-X AS 2
EBGP
EBGP
IBGP
IBGP
OSPF
OSPF
Customer AS 1
EBGP
IBGP
IBGP
No AS number;
uses default route
to the Internet
Customer 2
ISP-Y AS 3
28
IBGP Loopback Interfaces

IBGP peering is often done using loopback
interfaces
More stable
Not tied to a single physical path
The AS needs an IGP so that IBGP speakers

can reach each others loopback addresses
lo0: 192.168.255.1/32
Router A
Full-Mesh
Full-Mesh
IBGP
IBGP
Router C
lo0: 192.168.255.2/32
Router B
lo0: 192.168.255.3/32
AS 1
29
BGP Route Advertisement Rules

Advertise only the active BGP routes to peers
BGP next-hop attribute must be reachable for
route to be active
Never forward IBGP routes to IBGP peers

Prevents loops
Withdraw routes if active BGP routes become

unreachable
30
BGP Routes in Main Routing Table

BGP routes are placed in the JUNOS software
main routing table (inet.0)
Routing table stores:
Routing information learned from update
messages
Routing information that passes sanity check (for
instance, AS loop detection)
Local routing information selected by applying
local policies to routes received in update
messages
31
Monitoring BGP Operation

Several commands display a wide variety of
BGP information, either from the protocol
itself or from BGP routes
user@host> show bgp ?
group
Show the BGP group database
neighbor
Show the BGP neighbor database
summary
Show an overview of the BGP
information
32
Displaying BGP Group Information

View information about BGP groups:
lab@Tokyo> show bgp group
Group Type: Internal
AS: 1
Name: int
Index: 0
Export: [ static ]
Total peers: 1
Established: 1
192.168.16.1+179
inet.0: 5/5/0
Group Type: External
Name: ext
Export: [ agg ]
Total peers: 1
10.0.22.2
Groups: 2
Table
inet.0
Index: 1
Established: 0
Local AS: 1
Flags: <Export Eval>
One peer defined,
session established
Local AS: 1
Flags: <Export Eval>
One peer defined,
session not
established
Peers: 2
External: 1
Internal: 1
Down peers: 1
Tot Paths Act Paths Suppressed
History Damp State
5
5
0
0
0
Flaps: 0
Pending
0
33
Displaying BGP Summary Information

Use the show bgp summary command to
view basic information about all BGP
inet.0
routes
neighbors
lab@Sao_Paulo> show bgp summary
Groups: 2 Peers: 3 Down peers: 1
Table
inet.0
7
7
0
Peer
AS
InPkt
OutPkt
State|#Active/Received/Damped...
192.168.8.1
3
8
11
0/0/0
10.0.8.1
10
0
0
10.0.31.1
2
6
8
0/0/0
inet.2
routes
History Damp State

Pending
0
0
0
OutQ
Flaps Last Up/Dwn
0
2:37 5/5/0
0
0
0
0
17:17 Idle
0 2/2/0
Connection
state
34
Displaying BGP Neighbors

user@host> show bgp neighbor
Peer: 10.0.3.6+4272
AS 1
Local: 10.0.3.7+179
AS 65412
Type: External
State: Established
Flags: <>
Last State: OpenConfirm
Last Event: RecvKeepAlive
Last Error: None
Options: <Preference HoldTime PeerAS Refresh>
Holdtime: 90 Preference: 170
Number of flaps: 0
Error: 'Cease' Sent: 1 Recv: 0
Peer ID: 192.168.28.1
Local ID: 192.168.24.1
Active Holdtime: 90
Keepalive Interval: 30
NLRI advertised by peer: inet-unicast
NLRI for this session: inet-unicast
Peer supports Refresh capability (2)
Table inet.0 Bit: 10001
Send state: in sync
Active prefixes: 0
Received prefixes: 0
Suppressed due to damping: 0
Last traffic (seconds): Received 30
Sent 30
Checked 30
Input messages: Total 13
Updates 0
Refreshes 0
Octets 273
Output messages: Total 14
Updates 0
Refreshes 0
Octets 292
Output Queue[0]: 0
35
Clearing BGP Neighbors

Use the clear bgp neighbor command to
clear BGP sessions
All sessions are cleared when a specific neighbor
address is not specified!
Use the soft or soft-inbound switches to force
readvertisement of prefixes without clearing the
session
Requires BGP refresh capability support
lab@Sydney> clear bgp neighbor
Cleared 2
lab@Sydney> clear bgp neighbor 192.168.12.1 soft-inbound
lab@Sydney>
A soft clear does not destroy the BGP

session
36
Displaying BGP Routes

user@host> show route protocol bgp ?
<[Enter]>
<destination>
IP address and optional prefix length of destination
active-path
Show active paths
advertising-protocol Show information in format intended for particular routing protocol
all
Show all entries, including hidden entries
aspath-regex
BGP AS path regular expression for entries to match
best
Show longest matching route
brief
Display brief output
ccc
Name of entry in MPLS table with a circuit cross-connect interface
+ community
Identifier for community (can include wildcards)
community-name
Name of configured community policy to match
damping
Show entries subjected to particular kind of route damping
detail
Display detailed output
exact
Show routes that match exactly
extensive
Display extensive output
hidden
Show hidden entries
inactive-path
Show inactive paths
inactive-prefix
Show inactive route destinations
label
Label of entry in MPLS routing table
label-switched-path Name of LSP tunnel associated with entries
logical-router
Name of logical router, or 'all'
next-hop
IP address of next hop that is destination for entries
no-community
Show entries with no associated community
output
Show entries sent out a particular interface
range
Show all entries in prefix range
receive-protocol
Show information in format received from particular routing protocol
source-gateway
IP address of source router for entries
table
Name of routing table
terse
Display terse output
37
Viewing BGP Route Details

Use the detail or extensive switches to display
detailed information for matching routes
user@host> show route 192.168.1/24 extensive
inet.0: 20 destinations, 20 routes (20 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.1.0/24 (1 entry, 1 announced)
TSI:
Path 192.168.1.0 from 10.0.18.2 Vector len 4. Val: 0 1
BGP_Sync_Any dest 192.168.1.0/24 MED 0
*BGP
Preference: 170/-101
Nexthop: 10.0.18.2 via so-0/1/2.0, selected
State: <Active Ext>
Local AS:
1 Peer AS:
10
Age: 47:59
Task: BGP_10.10.0.18.2+1724
Announcement bits (3): 2-KRT 3-BGP.0.0.0.0+179 4-BGP_Sync_Any
AS path: 10 I
Localpref: 100
Router ID: 192.168.0.1
38
BGP Route Advertisement Commands

show route receive-protocol bgp address
Displays routes received by a peer before policy is
applied
user@host> show route receive-protocol bgp 11.1.1.1

Prefix
Nexthop
MED
Lclpref
AS path
10.0.0.0/8
192.168.1.1
100
I
172.16.0.0/12
172.19.1.1
100
I
show route advertising-protocol bgp

address
Displays routes advertised to a specific peer
user@host> show route advertising-protocol bgp 10.1.1.2

Prefix
Nexthop
MED
Lclpref
AS path
10.0.0.0/8
Self
100
I
172.16.0.0/12
Self
100
I
39
Hidden Routes (1 of 2)
200.0.0.3/2
4,
NH=10.0.16
.2
I dig
it!
Who is
10.0.16.2?
Tokyo
IBGP
lo0: 192.168.20.1
AS 1
Hong Kong
lo0: 192.168.16.1
EBGP
AS
10
San Jose
lo0: 192.168.0.1
200.0.0.3/2
4,
NH=10.0.16
.2
Use show route hidden and show route

resolution unresolved to display/diagnose hidden
routes
lab@Tokyo> show route 200.0.3/24 hidden
200.0.3.0/24
[BGP/170] 00:13:52, localpref 100, from 192.168.16.1

AS path: 10 I
Unusable
40
Hidden Routes (2 of 2)
BGP routes can also be hidden because of damping
Restore with clear bgp damping command
lab@Amsterdam> show route 200.0.8/24 hidden

200.0.8.0/24
[BGP ] 00:01:08, localpref 100

AS path: 3 I
> to 10.0.31.2 via so-0/1/2.0
lab@Amsterdam> show route protocol bgp 200.0.8/24 damping suppressed detail

200.0.8.0/24 (1 entry, 0 announced)
BGP
/-101
Source: 10.0.31.2
Next hop: 10.0.31.2 via so-0/1/2.0, selected
State: <Hidden Ext>
. . .
Merit (last update/now): 5984/5626
Default damping parameters used
Last update:
00:01:29 First update:
00:02:04
Flaps: 6
Suppressed. Reusable in:
00:43:40
Preference will be: 170
41
Tracing BGP
A typical BGP tracing configuration:
[edit protocols bgp group ext]
lab@Sao_Paulo# show
type external;
traceoptions {
file ebgp-trace;
flag open detail;
flag update detail;
}
peer-as 10;
neighbor 10.0.8.1;
neighbor 10.0.31.1 {
peer-as 2;
}
Sample output:
[edit protocols bgp group ext]

lab@Sao_Paulo# run monitor start ebgp-trace
*** ebgp-trace ***
Apr 6 16:45:50 bgp_send: sending 45 bytes to 10.0.31.1 (External AS 2)
Apr 6 16:45:50
Apr 6 16:45:50 BGP SEND 10.0.31.2+2541 -> 10.0.31.1+179
Apr 6 16:45:50 BGP SEND message type 1 (Open) length 45
Apr 6 16:45:50 BGP SEND version 4 as 3 holdtime 90 id 192.168.12.1 parmlen 16
Apr 6 16:45:50 BGP SEND MP capability AFI=1, SAFI=1
. . .
42
Policy Overview
Controls routing information transferred into
and out of the routing table
Can ignore or change incoming routing
information
Can suppress or change outgoing routing
information
Policies are made up of match/action pairs

Match conditions can be protocol specific
43
When to Apply Policy

Apply policy when:
You do not want to import all learned routes into
the routing table
You do not want to advertise all learned routes to
neighboring routers
You want one protocol to receive routes from
another protocol
You want to modify information associated with a
route
44
Import and Export Policies

Perform policy filtering with respect to the
JUNOS software routing table
JUNOS software applies import policy prior to

inclusion in the routing table
JUNOS software applies export policy only to
active routes in the routing table
Neighbors
Routes
Neighbors
Import
Routing
Table
Protocol
Export
Routes
Protocol
PFE
Forwarding
Table
45
Monitoring Policy Operation

Neighbors
Route
Filters
Routes
Import
Policy
Export
Policy
Routing
Table
Neighbors
Routes
Protocol
Protocol
show route receive-protocol bgp neighbor

Show routes before import policy
show route advertising-protocol bgp neighbor
Shows routes after export policy
The show route receive-protocol and show

route advertising-protocol commands:
Display routing updates received before import
and after export policy processing, respectively
Filtered routes are the exception for import policy
Pop-Quiz: How can you monitor the effects of

an import policy?
46
Displaying System Statistics

Displays system-wide, protocol-related
statistics
Useful when investigating rate-limited protocol

traffic or high RE/system board CPU
lab@Sydney> show system statistics ?
<[Enter]>
arp
Address Resolution Protocol
clns
Connectionless Network Service
esis
End System-to-Intermediate System
icmp
Internet Control Message Protocol
icmp6
Internet Control Message Protocol for IPv6
igmp
Internet Gateway Management Protocol
ip
IP version 4 (IPv4)
ip6
IP version 6 (IPv6)
mpls
Multiprotocol Label Switching
. . .
lab@Sydney> show system statistics icmp
icmp:
0 drops due to rate limit
14578 calls to icmp_error
Rate-limited
0 errors not generated because old message was icmp
ICMP
Output histogram:
echo reply: 1
destination unreachable: 14578
0 messages with bad code fields
0 messages less than the minimum length
. . .
47
Displaying System Connections

Display active IP sockets on the Routing Engine
Determines if the local host provides a given service
A BGP session is established

user@host> show system connections
and was initiated by the remote
Active Internet connections (including servers)
system
Proto Recv-Q Send-Q Local Address
Foreign Address
(state)
ip4
0
0 *.*
*.*
ip4
0
0 *.*
*.*
Listening processes
ip4
0
0 *.*
*.*
indicate
what services are
ip4
0
0 *.*
*.*
running, for example port
ip4
0
0 *.*
*.*
23 is Telnet
ip4
2728
0 *.*
*.*
tcp4
0
0 192.168.0.1.2222
192.168.5.1.179
ESTABLISHED
tcp46
0
0 *.179
*.*
LISTEN
tcp4
0
0 *.179
*.*
LISTEN
tcp4
0
0 *.23
*.*
LISTEN
tcp4
0
0 *.22
*.*
LISTEN
tcp4
0
0 *.21
*.*
LISTEN
tcp4
0
0 192.168.0.1.23
10.0.0.2.2093
ESTABLISHED
tcp4
0
0 *.6153
*.*
LISTEN
tcp4
0
0 *.666
*.*
LISTEN
tcp4
0
0 *.31340
*.*
LISTEN
tcp4
0
0 *.31341
*.*
LISTEN
. . .
48
Mapping Port Numbers to Services

What service is associated with that port number?
Display /etc/services; pipe to match to simplify your
search
lab@San_Jose-3> file show /etc/services

#
# Network services, Internet style
#
# Note that it is presently the policy of IANA to assign a single well-known
# port number for both TCP and UDP; hence, most entries here have two entries
# even if the protocol doesn't support UDP operations.
# Updated from RFC 1700, ``Assigned Numbers'' (October 1994). All ports
# are included.
#
# The latest IANA port assignments can be gotten from
#
http://www.isi.edu/in-notes/iana/assignments/port-numbers
# The Well Known Ports are those from 0 through 1023.
# The Registered Ports are those from 1024 through 49151
# The Dynamic and/or Private Ports are those from 49152 through 65535
#
# Kerberos services are for Kerberos v4, and are unofficial. Sites running
# v5 should uncomment v5 entries and comment v4 entries.
#
# $FreeBSD: src/etc/services,v 1.62.2.3 2000/10/05 07:37:37 sheldonh Exp $
#
From: @(#)services
5.8 (Berkeley) 5/9/91
#
# WELL KNOWN PORT NUMBERS
#
rtmp
1/ddp
#Routing Table Maintenance Protocol
tcpmux
1/tcp
#TCP Port Service Multiplexer
tcpmux
1/udp
#TCP Port Service Multiplexer
nbp
2/ddp
#Name Binding Protocol
compressnet
2/tcp
#Management Utility
. . .
49
Scheduler Slips
The rpd process maintains an
internal scheduler
Manages time-slice sharing

among the various internal
tasks handled by rpd, much as
the kernel scheduler does for all
processes
BGP
Routing
Tables
Routing
Protocol
Process
(rpd)
Scheduler
OSPF
PIM
Others
JUNOS Kernel
Scheduler slips indicate that rpd was not able

to service its internal processes in a timely
manner
An indicator that rpd is too busy
Slips are reported in the syslog
Aug 15 12:32:31 router-01 rpd[309]: RPD_SCHED_SLIP: 10 sec

scheduler
50
Troubleshooting Scheduler Slips

Enable task accounting with the hidden set
task accounting on operational-mode
command
Increases rpd scheduler logging level and provides

details on what tasks are consuming the most CPU
This option is hidden because task accounting adds

additional processing load; be sure to turn accounting off
Looks like OSPF
after
a few
minutes
lab@host> set
task
accounting
on
Hidden
Task accounting enabled.
lab@host> show task accounting
Task accounting is enabled.
Task
Started
Scheduler
128
Memory
2
OSPFv2 I/O./var/run/ppmd_
38
OSPF
57
BFD I/O./var/run/bfdd_con
9
KRT
4
Redirect
1
MGMT_Listen./var/run/rpd_
4
SNMP Subagent./var/run/sn
1
command
s
User Time
0.001
0
0.000
0.000
0.000
0
0
0
0
is the oinker on
this lab box
System Time
0.008
0.000
0.004
0.008
0.000
0.000
0.000
0.001
0.000
Longest Run
0.000
0.000
0.000
0.006
0.000
0.000
0.000
0.000
0.000
51
Protocol Troubleshooting Chart

Chassis, software, interface,
and transmission line are
OK
Yes
Route
presen
t and
active?
IGP
route
?
No
Yes
Yes
Investigat
e
forwardin
g faults
Suspec
t IGP
config
No
Adjacenc
ies up?
BGP
sessi
on
estab
.?
No
Suspec
t
config/
or IGP
Yes
Route
hidden
?
Yes
Suspect
policy/ or
IGP config
No
No
Suspec
t
remote
peer
policy
Suspect
policy/ or
IGP config
52
Protocol Case Study A (1 of 2)

Case study background:
You work for AS 1
Users complain they cannot reach customers in AS
2
What is wrong?
What CLI commands and fault analysis steps can

192.168.28-30/24
help narrow down
a possible cause?
192.168.20-22/24
200.0.1.0/24
AS 2
200.0.0.0/24
AS 1
Hong
Kong
so-0/1/1
Tokyo
2
/
0
/
0
lo0: 192.168.20.1 22.1
/2 fe0
/
2
0
.
1
2
fe
21.1
lo0: 192.168.16.1
OSPF Area 0
192.168.16-19/24
200.0.2.0/24
so-0/1/1
22.2
London
so29. 0/1/0
1
so
lo0: 192.168.28.1
-0/1
29. /0
2
IS-IS Level 2
Amsterdam
lo0: 192.168.24.1
192.168.24-27/2
200.0.5.0/24
53
Protocol Case Study A (2 of 2)

Sample course of action:
1. Determine if routes are present and active
lab@Tokyo-3> show route 192.168.24/21
lab@Tokyo-3> show route 192.168.24/21 hidden
lab@Tokyo-3>
2. Display BGP session status
AS 2 routes are not

present
EBGP session to AS 2 is
established, but no routes
received
lab@Tokyo-3> show bgp summary

Groups: 2 Peers: 2 Down peers: 0
Table
History Damp State
inet.0
5
5
0
0
0
Peer
AS
InPkt
OutPkt
OutQ
Flaps Last Up/Dwn
#Active/Received/Damped...
192.168.16.1
1
12
17
0
0
5:13
0/0/0
10.0.22.2
2
24
25
0
0
8:28
0/0/0
Pending
0
State|
5/5/0
0/0/0
And the survey says
54
Protocol Case Study B (1 of 2)

Release 5.x
Release 6.x
Tokyo
lo0: 192.168.20.1
so-0/1/1
22.1
so-0/1/1
22.2
London
lo0: 192.168.28.1
lab@London> ping 10.0.22.1 rapid count 20000 size 4000

PING 10.0.22.1 (10.0.22.1): 4000 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Case study background:
A co-worker opens a ticket for a faulty SONET link when

a few packets are lost during rapid/large ping stress
testing
Local loopback tests pass at both ends
The SONET transmission line has been tested and
returned as no trouble found
What is wrong?
What CLI commands and fault analysis steps can help

narrow down a possible cause?
55
Protocol Case Study B (2 of 2)

Sample course of action:
1. Display protocol statistics on the RE
Interesting
lab@Tokyo> show system statistics icmp
icmp:
21 drops due to rate limit
0 calls to icmp_error
0 errors not generated because old message was icmp
Output histogram:
echo reply: 29447
0 messages with bad code fields
0 messages less than the minimum length
0 messages with bad checksum
0 messages with bad source address
0 messages with bad length
0 echo drops with broadcast or multicast destinaton address
0 timestamp drops with broadcast or multicast destination address
Definitely a lot
Input histogram:
echo reply: 5775
of ICMP going
echo: 29447
on
29447 message responses generated
And the survey says

56

Protocols

Caricato da

Informazioni sul documento

Descrizione originale:

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Protocols

Caricato da

Copyright:

Formati disponibili

Troubleshooting

Proprietary and Confidential

Interior Gateway Protocol Overview

The IGP functions to provide internal reachability

Normally, link-state routing is deployed

Optimal convergence and bandwidth usage

Builds a replicated network topology database at all stations within

2006 Juniper Networks, Inc. All rights reserved.

OSPF Protocol Overview

2006 Juniper Networks, Inc. All rights reserved.

Special OSPF area called the backbone area

OSPF Router Terminology

The Designated Router

2006 Juniper Networks, Inc. All rights reserved.

OSPF Neighbors versus Adjacencies

2006 Juniper Networks, Inc. All rights reserved.

Developed for routing ISO CLNP packets

2006 Juniper Networks, Inc. All rights reserved.

End systems: Network entities (that is, hosts) that

A single AS can be divided into smaller groups

Level 2 intermediate systems route between areas

2006 Juniper Networks, Inc. All rights reserved.

2006 Juniper Networks, Inc. All rights reserved.

IS-IS versus OSPF

Use hello packets to form and maintain adjacencies

An excellent comparison of the two protocols

Neighbors and Adjacencies

For Level 1 adjacencies,

The Designated Intermediate System

The IS-IS network is considered a routercalled a

Each router advertises a single link to the pseudo-node,

DIS acts as representative of the pseudo-node

DIS advertises the pseudo-node to all attached routers

No backup DIS in IS-IS

Displaying IGP Route Information

user@host> show ospf route detail

Next hop i/f

2006 Juniper Networks, Inc. All rights reserved.

Displaying IGP Interface Parameters

2006 Juniper Networks, Inc. All rights reserved.

Displaying Adjacency Information

2006 Juniper Networks, Inc. All rights reserved.

Hold (secs) SNPA

Use the clear isis adjacency command to

2006 Juniper Networks, Inc. All rights reserved.

Troubleshooting OSPF Adjacencies

Stuck in two-way state

Stuck in exchange start

2006 Juniper Networks, Inc. All rights reserved.

Troubleshooting IS-IS Adjacencies

If no adjacency, check for:

Displaying Database Entries

2006 Juniper Networks, Inc. All rights reserved.

Clearing Database Entries

Normally existing LSAs/LSPs are simply reflooded

user@host> clear ospf database ?

Monitor the resulting ospf-trace log file using

2006 Juniper Networks, Inc. All rights reserved.

Routes consist of destination prefixes with an

2006 Juniper Networks, Inc. All rights reserved.

BGP Neighbor States

2006 Juniper Networks, Inc. All rights reserved.

Two types of peering sessions: