JANOG 53 NETCON 問題解説 Level1-10
JANOG 53 にスタッフ(NETCON委員)として参加させていただきました。
作成した問題について、回答と解説を記載します。
Level1-10 OSPF Priority問題
技術要素
・OSPF
構成解説
・CSR1000v x 4
問題文
R3から 4.4.4.4 に ping が飛びません。
R3に 4.4.4.4/32 の経路を学習させて、以下の表示のように疎通が取れるようにして下さい。
R3>ping 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/12/58 ms
R3>traceroute 4.4.4.4
Type escape sequence to abort.
Tracing the route to 4.4.4.4
VRF info: (vrf in name/id, vrf out name/id)
1 192.168.23.2 43 msec 0 msec 0 msec
2 192.168.12.1 43 msec 1 msec 1 msec
3 123.0.0.2 9 msec * 2 msec制約 ・R4にはログインできません
・R2のみ設定を変更できます
問題解説
R3で ping 4.4.4.4 / show ip route 4.4.4.4 / show ip route を実行してみます。
R3>ping 4.4.4.4 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds: ..... Success rate is 0 percent (0/5)
R3>sh ip route 4.4.4.4 % Network not in table
R3>sh ip route (略) Gateway of last resort is not set
3.0.0.0/32 is subnetted, 1 subnets C 3.3.3.3 is directly connected, Loopback0 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 10.0.0.0/24 is directly connected, GigabitEthernet2 L 10.0.0.15/32 is directly connected, GigabitEthernet2 192.168.23.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.23.0/24 is directly connected, GigabitEthernet3 L 192.168.23.3/32 is directly connected, GigabitEthernet3 |
R3は 4.4.4.4/32 をBGPで学習しておらず、connected のルートしかありません。
R3でBGPネイバーが確立できているのか、確認します。
R3>sh ip bgp su (略)
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 1.1.1.1 4 100 0 0 1 0 0 never Idle 2.2.2.2 4 100 0 0 1 0 0 never Idle |
R1/R2とのiBGPネイバーが確立できていないようです。
R2側も確認してみます。
R2>sh ip bgp su (略)
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 1.1.1.1 4 100 0 0 1 0 0 never Idle 3.3.3.3 4 100 0 0 1 0 0 never Idle
R2>sh ip route (略)
Gateway of last resort is not set
2.0.0.0/32 is subnetted, 1 subnets C 2.2.2.2 is directly connected, Loopback0 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 10.0.0.0/24 is directly connected, GigabitEthernet2 L 10.0.0.15/32 is directly connected, GigabitEthernet2 192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.12.0/24 is directly connected, GigabitEthernet3 L 192.168.12.2/32 is directly connected, GigabitEthernet3 192.168.23.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.23.0/24 is directly connected, GigabitEthernet4 L 192.168.23.2/32 is directly connected, GigabitEthernet4 |
R2も同様に、R1/R3とiBGPネイバーが確立できておらず、
ルーティングテーブル上には connected のルートしかありません。
R1側も確認してみます。
R1>show ip bgp summary (略)
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 2.2.2.2 4 100 0 0 1 0 0 never Idle 3.3.3.3 4 100 0 0 1 0 0 never Idle 123.0.0.2 4 200 9 8 3 0 0 00:04:45 1
R1>sh ip route (略)
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets C 1.1.1.1 is directly connected, Loopback0 4.0.0.0/32 is subnetted, 1 subnets B 4.4.4.4 [20/0] via 123.0.0.2, 00:03:36 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 10.0.0.0/24 is directly connected, GigabitEthernet2 L 10.0.0.15/32 is directly connected, GigabitEthernet2 123.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 123.0.0.0/30 is directly connected, GigabitEthernet4 L 123.0.0.1/32 is directly connected, GigabitEthernet4 192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.12.0/24 is directly connected, GigabitEthernet3 L 192.168.12.1/32 is directly connected, GigabitEthernet3 |
R1は R4とは eBGPネイバーを確立できており、4.4.4..4/32 をBGPで学習しています。
R2・R3とは iBGPネイバーを確立できていません。
R2のBGP設定を確認してみます。
R2#sh run | sec bgp router bgp 100 bgp router-id 2.2.2.2 bgp log-neighbor-changes network 2.2.2.2 mask 255.255.255.255 neighbor 1.1.1.1 remote-as 100 neighbor 3.3.3.3 remote-as 100
R2#sh ip route 1.1.1.1 % Network not in table
R2#sh ip route 3.3.3.3 % Network not in table |
R2はiBGPネイバーとしてしている 1.1.1.1 / 3.3.3.3 に到達性がありません。
このためiBGPネイバーが確立できていないものと思われます。
R2でBGP以外にルーティングプロトコルが動作しているか、show ip protocols を見てみます。
R2#show ip protocols *** IP Routing is NSF aware ***
Routing Protocol is "application" Sending updates every 0 seconds Invalid after 0 seconds, hold down 0, flushed after 0 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Maximum path: 32 Routing for Networks: Routing Information Sources: Gateway Distance Last Update Distance: (default is 4)
Routing Protocol is "ospf 1" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Router ID 2.2.2.2 Number of areas in this router is 1. 1 normal 0 stub 0 nssa Maximum path: 4 Routing for Networks: 2.2.2.2 0.0.0.0 area 0 192.168.12.0 0.0.0.255 area 0 192.168.23.0 0.0.0.255 area 0 Routing Information Sources: Gateway Distance Last Update Distance: (default is 110)
Routing Protocol is "bgp 100" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set IGP synchronization is disabled Automatic route summarization is disabled Neighbor(s): Address FiltIn FiltOut DistIn DistOut Weight RouteMap 1.1.1.1 3.3.3.3 Maximum path: 1 Routing Information Sources: Gateway Distance Last Update Distance: external 20 internal 200 local 200 |
OSPFが動作しているようです。
OSPFの各種状態、設定内容を見てみます。
R2#show ip ospf interface brief Interface PID Area IP Address/Mask Cost State Nbrs F/C Lo0 1 0 2.2.2.2/32 1 LOOP 0/0 Gi4 1 0 192.168.23.2/24 1 DROTH 0/1 Gi3 1 0 192.168.12.2/24 1 DROTH 0/1
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface 3.3.3.3 0 2WAY/DROTHER 00:00:34 192.168.23.3 GigabitEthernet4 1.1.1.1 0 2WAY/DROTHER 00:00:37 192.168.12.1 GigabitEthernet3
R2#show running-config | section ospf ip ospf priority 0 ip ospf priority 0 router ospf 1 router-id 2.2.2.2 network 2.2.2.2 0.0.0.0 area 0 network 192.168.12.0 0.0.0.255 area 0 network 192.168.23.0 0.0.0.255 area 0
R2#show running-config interface g3 (略)
interface GigabitEthernet3 ip address 192.168.12.2 255.255.255.0 ip ospf priority 0
R2#show running-config interface g4 (略)
interface GigabitEthernet4 ip address 192.168.23.2 255.255.255.0 ip ospf priority 0 |
G3/G4で ip ospf priority 0 が設定されており、R1/R3とFULL状態になっていません。
show ip ospf neighbor の表示結果から、R1のG3とR3のG3も ip ospf priority 0 が設定されているため、
DRが選出されず、DROTHER同士で 2 way 関係になっているように見えます。
DROTHER同士で 2 way の関係になっている状態では、LSAを交換しないため
LSDBを構成できずルートが学習できません。
OSPF DR/BDR 2way
]R1/R3の設定は変更できないので、R2のG3/G4の ip ospf priority の値を 1 以上にして、
R2がDRになる必要があります。
DR/BDRはセグメントごとに選出されるので、G3とG4の両方を設定する必要があります。
R2で ip ospf priority 0 を無効にして、priority をデフォルトの 1 に戻してみます。
R2 int range g3-4 no ip ospf priority 0 |
R2#sh ip ospf interface brief Interface PID Area IP Address/Mask Cost State Nbrs F/C Lo0 1 0 2.2.2.2/32 1 LOOP 0/0 Gi4 1 0 192.168.23.2/24 1 DR 1/1 Gi3 1 0 192.168.12.2/24 1 DR 1/1
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface 3.3.3.3 0 FULL/DROTHER 00:00:31 192.168.23.3 GigabitEthernet4 1.1.1.1 0 FULL/DROTHER 00:00:34 192.168.12.1 GigabitEthernet3 |
R2がDRとなり、アジャセンシーが確立されFULL状態になりました。
ルーティングテーブルも確認してみます。
R2#sh ip route ospf (略)
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets O 1.1.1.1 [110/2] via 192.168.12.1, 00:01:15, GigabitEthernet3 3.0.0.0/32 is subnetted, 1 subnets O 3.3.3.3 [110/2] via 192.168.23.3, 00:01:16, GigabitEthernet4 |
OSPFで 1.1.1.1/32 と 3.3.3.3/32 を学習しています。iBGPネイバーの状態も確認してみます。
R2#sh ip bgp su (略)
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 1.1.1.1 4 100 7 6 5 0 0 00:01:22 2 3.3.3.3 4 100 8 8 5 0 0 00:01:19 1 |
iBGPネイバーが構成されました。
R3側を確認してみます。
R3>sh ip route (略)
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets O 1.1.1.1 [110/3] via 192.168.23.2, 00:02:09, GigabitEthernet3 2.0.0.0/32 is subnetted, 1 subnets O 2.2.2.2 [110/2] via 192.168.23.2, 00:02:14, GigabitEthernet3 3.0.0.0/32 is subnetted, 1 subnets C 3.3.3.3 is directly connected, Loopback0 4.0.0.0/32 is subnetted, 1 subnets B 4.4.4.4 [200/0] via 1.1.1.1, 00:02:09 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 10.0.0.0/24 is directly connected, GigabitEthernet2 L 10.0.0.15/32 is directly connected, GigabitEthernet2 O 192.168.12.0/24 [110/2] via 192.168.23.2, 00:02:14, GigabitEthernet3 192.168.23.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.23.0/24 is directly connected, GigabitEthernet3 L 192.168.23.3/32 is directly connected, GigabitEthernet3
R3>sh ip route 4.4.4.4 Routing entry for 4.4.4.4/32 Known via "bgp 100", distance 200, metric 0 Tag 200, type internal Last update from 1.1.1.1 00:02:21 ago Routing Descriptor Blocks: * 1.1.1.1, from 1.1.1.1, 00:02:21 ago opaque_ptr 0x7FF9D4E2D080 Route metric is 0, traffic share count is 1 AS Hops 1 Route tag 200 MPLS label: none |
OSPFとBGPで経路を学習し、4.4.4.4/32 への到達性が取れそうです。
ping / traceroute を試してみます。
R3>ping 4.4.4.4 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/12/58 ms
R3>traceroute 4.4.4.4 Type escape sequence to abort. Tracing the route to 4.4.4.4 VRF info: (vrf in name/id, vrf out name/id) 1 192.168.23.2 43 msec 0 msec 0 msec 2 192.168.12.1 43 msec 1 msec 1 msec 3 123.0.0.2 9 msec * 2 msec |
疎通が取れるようになりました。
正解例
以下のようにR2に設定を追加します。
R2 int range g3-4 no ip ospf priority 0 |
初期config
R1
hostname R1 no ip domain lookup
interface Loopback0 ip address 1.1.1.1 255.255.255.255
interface GigabitEthernet3 ip address 192.168.12.1 255.255.255.0 ip ospf priority 0 no shut
interface GigabitEthernet4 ip address 123.0.0.1 255.255.255.252 no shut
router ospf 1 router-id 1.1.1.1 network 1.1.1.1 0.0.0.0 area 0 network 192.168.12.0 0.0.0.255 area 0
router bgp 100 bgp router-id 1.1.1.1 bgp log-neighbor-changes network 1.1.1.1 mask 255.255.255.255 neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 update-source Loopback0 neighbor 2.2.2.2 next-hop-self neighbor 3.3.3.3 remote-as 100 neighbor 3.3.3.3 update-source Loopback0 neighbor 3.3.3.3 next-hop-self neighbor 123.0.0.2 remote-as 200 |
R2
hostname R2 no ip domain lookup
interface Loopback0 ip address 2.2.2.2 255.255.255.255
interface GigabitEthernet3 ip address 192.168.12.2 255.255.255.0 ! ip ospf priority 1 ip ospf priority 0 no shut
interface GigabitEthernet4 ip address 192.168.23.2 255.255.255.0 ! ip ospf priority 1 ip ospf priority 0 no shut
router ospf 1 router-id 2.2.2.2 network 2.2.2.2 0.0.0.0 area 0 network 192.168.12.0 0.0.0.255 area 0 network 192.168.23.0 0.0.0.255 area 0
router bgp 100 bgp router-id 2.2.2.2 bgp log-neighbor-changes network 2.2.2.2 mask 255.255.255.255 neighbor 1.1.1.1 remote-as 100 neighbor 1.1.1.1 update-source Loopback0 neighbor 3.3.3.3 remote-as 100 neighbor 3.3.3.3 update-source Loopback0 |
R3
hostname R3 no ip domain lookup
interface Loopback0 ip address 3.3.3.3 255.255.255.255
interface GigabitEthernet3 ip address 192.168.23.3 255.255.255.0 ! ip ospf priority 1 ip ospf priority 0 no shut
router ospf 1 router-id 3.3.3.3 network 3.3.3.3 0.0.0.0 area 0 network 192.168.23.0 0.0.0.255 area 0
router bgp 100 bgp router-id 3.3.3.3 network 3.3.3.3 mask 255.255.255.255 neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 update-source Loopback0 neighbor 1.1.1.1 remote-as 100 neighbor 1.1.1.1 update-source Loopback0 |
R4
hostname R4 no ip domain lookup
interface Loopback0 ip address 4.4.4.4 255.255.255.255
interface GigabitEthernet3 ip address 123.0.0.2 255.255.255.252 no shut
router bgp 200 bgp router-id 4.4.4.4 neighbor 123.0.0.1 remote-as 100 network 4.4.4.4 mask 255.255.255.255
ip route 0.0.0.0 0.0.0.0 123.0.0.1 |
Comentários