Juniper Lab Environment - Part IV - OSPF Stub and Totally Stubby

This post is a continuation of my last post, which consisted of an OSPF virtual link configuration. The fourth part in this series of blog posts will cover a topology that consists of six vSRXs in my lab network, and a PA-200 that resides at the perimeter of my home network. The goal of this post is to explore the benefits of making area 27 a stub area, and then taking it a step further to make it a totally stubby area. We will then verify connectivity and reach-ability out to the internet from SRX7.

Based on the current configuration (see previous posts), we will see all LSA types:

root@7> show ospf database

    OSPF database, Area 0.0.0.27
 Type       ID               Adv Rtr           Seq      Age  Opt  Cksum  Len
Router   2.2.2.2          2.2.2.2          0x80000005   220  0x22 0x8234  36
Router  *7.7.7.7          7.7.7.7          0x80000003  1742  0x22 0xc439  84
Network *10.10.27.7       7.7.7.7          0x80000001  1747  0x22 0xb40f  32
Summary  10.10.23.0       2.2.2.2          0x80000004  1257  0x22 0x58ad  28
Summary  10.10.34.0       2.2.2.2          0x80000002   813  0x22 0xec0f  28
Summary  10.10.45.0       2.2.2.2          0x80000003   368  0x22 0x7b73  28
ASBRSum  3.3.3.3          2.2.2.2          0x80000003   516  0x22 0xba6a  28
    OSPF AS SCOPE link state database
 Type       ID               Adv Rtr           Seq      Age  Opt  Cksum  Len
Extern   0.0.0.0          3.3.3.3          0x80000001   497  0x22 0xa6ff  36

Now let's make area 27 a stub area, which will prevent all external routes, as well as local redistribution.

SRX7 Configuration:

set protocols ospf area 0.0.0.27 stub

SRX2 Configuration:

set protocols ospf area 0.0.0.27 stub default-metric 10

Here is how the database looks now:

root@7> show ospf database

    OSPF database, Area 0.0.0.27

 Type       ID               Adv Rtr           Seq      Age  Opt  Cksum  Len

Router   2.2.2.2          2.2.2.2          0x80000006     9  0x20 0x9e19  36

Router  *7.7.7.7          7.7.7.7          0x80000005     8  0x20 0x6697  84

Network *10.10.27.7       7.7.7.7          0x80000003     8  0x20 0xcef4  32

Summary  0.0.0.0          2.2.2.2          0x80000001   181  0x20 0xcf5d  28

Summary  10.10.23.0       2.2.2.2          0x80000001   181  0x20 0x7c8e  28

Summary  10.10.34.0       2.2.2.2          0x80000001   181  0x20 0xdf1   28

Summary  10.10.45.0       2.2.2.2          0x80000001   181  0x20 0x9d55  28

Now let's take it one step further to make area 27 a totally stubby area, which will also prevent inter-area routes.

SRX2 Configuration:

set protocols ospf area 0.0.0.27 stub default-metric 10 no-summaries

Here is how the database looks now:

root@7> show ospf database

    OSPF database, Area 0.0.0.27

 Type       ID               Adv Rtr           Seq      Age  Opt  Cksum  Len

Router   2.2.2.2          2.2.2.2          0x8000000a     4  0x20 0x961d  36

Router  *7.7.7.7          7.7.7.7          0x8000000a     3  0x20 0x5c9c  84

Network *10.10.27.7       7.7.7.7          0x80000007     3  0x20 0xc6f8  32

Summary  0.0.0.0          2.2.2.2          0x80000001    19  0x20 0xcf5d  28

root@7> ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=0 ttl=51 time=21.304 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=51 time=11.713 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=51 time=10.351 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=51 time=10.280 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=51 time=12.657 ms
^C
--- 8.8.8.8 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 10.280/13.261/21.304/4.118 ms