Baik, sbelumnya anda perlu cek dlu tulisan seblumnya disini, ini kita akan membhas hal yang lebih spesifik yaitu bagaimana tshoot network ospf. Untuk tshoot ospf ada 2 cara yaitu dengan protokol traceoptions, sama mengguakan command show. Untuk traceoptions ini sama dengan fitur debug pada pada cisco 🙂 Oke dsni pertama saya akan bhas sedkit mengenai protokol traceoptions ini, pertama anda perlu melakukan configurasi terlebih dahulu untuk bisa mengaktikannya. config ini dilakukan pada R5 pada topology seblumnya.
|
1 2 3 4 5 6 7 |
root@JuniperX# show protocols ospf { traceoptions { file trace-ospf-r5; flag error detail; flag event; } |
Anda bisa mengaktifkan berbgai fitur traceoptions dengan under command flag seperti berikut:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
root@JuniperX# set protocols ospf traceoptions flag ? Possible completions: all Trace everything database-description Trace database description packets error Trace errored packets event Trace OSPF state machine events flooding Trace LSA flooding general Trace general events graceful-restart Trace graceful restart hello Trace hello packets ldp-synchronization Trace synchronization between OSPF and LDP lsa-ack Trace LSA acknowledgment packets lsa-analysis Trace LSA analysis lsa-request Trace LSA request packets lsa-update Trace LSA update packets normal Trace normal events nsr-synchronization Trace NSR synchronization events on-demand Trace demand circuit extensions packet-dump Dump the contents of selected packet types packets Trace all OSPF packets policy Trace policy processing restart-signaling Trace restart signaling route Trace routing information spf Trace SPF calculations state Trace state transitions task Trace routing protocol task processing timer Trace routing protocol timer processing |
Nah untuk mengecek log yang tersimpan ada bisa lakukan dengan show log nama-file-log, misa sperti berikut.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
root@JuniperX# run show log r5/trace-ospf-r5 | last Dec 23 05:49:14.310484 OSPF packet ignored: area mismatch (0.0.0.1) from 10.45.45.4 on intf em5.45 area 0.0.0.4 Dec 23 05:49:14.310580 OSPF rcvd Hello 10.45.45.4 -> 224.0.0.5 (em5.45 IFL 95 area 0.0.0.4) Dec 23 05:49:14.310588 Version 2, length 44, ID 4.4.4.4, area 0.0.0.1 Dec 23 05:49:14.310594 checksum 0xace5, authtype 0 Dec 23 05:49:14.310603 mask 255.255.255.0, hello_ivl 10, opts 0x12, prio 128 Dec 23 05:49:14.310609 dead_ivl 40, DR 10.45.45.4, BDR 0.0.0.0 Dec 23 05:49:22.458372 OSPF packet ignored: area mismatch (0.0.0.1) from 10.45.45.4 on intf em5.45 area 0.0.0.4 Dec 23 05:49:22.458452 OSPF rcvd Hello 10.45.45.4 -> 224.0.0.5 (em5.45 IFL 95 area 0.0.0.4) Dec 23 05:49:22.458459 Version 2, length 44, ID 4.4.4.4, area 0.0.0.1 Dec 23 05:49:22.458463 checksum 0xace5, authtype 0 Dec 23 05:49:22.458469 mask 255.255.255.0, hello_ivl 10, opts 0x12, prio 128 Dec 23 05:49:22.458474 dead_ivl 40, DR 10.45.45.4, BDR 0.0.0.0 Dec 23 05:49:31.337121 OSPF packet ignored: area mismatch (0.0.0.1) from 10.45.45.4 on intf em5.45 area 0.0.0.4 Dec 23 05:49:31.337218 OSPF rcvd Hello 10.45.45.4 -> 224.0.0.5 (em5.45 IFL 95 area 0.0.0.4) Dec 23 05:49:31.337224 Version 2, length 44, ID 4.4.4.4, area 0.0.0.1 Dec 23 05:49:31.337228 checksum 0xace5, authtype 0 Dec 23 05:49:31.337233 mask 255.255.255.0, hello_ivl 10, opts 0x12, prio 128 ---(more 95%)---[abort] |
opsi pipe last adalah untuk menampilkan log2 terakhir. lalu bagaima klo kita pengen melihat secara real-time seperti opsi debug pada cisco, pada juniper juga anda bisa melakjukannya di mode operational dengan perinta monitor start nama-file log sperti berikut
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
root@JuniperX# run monitor start r5/trace-ospf-r5 [edit logical-systems r5] root@JuniperX# *** r5/trace-ospf-r5 *** Dec 23 05:52:51.166482 OSPF packet ignored: area mismatch (0.0.0.1) from 10.45.45.4 on intf em5.45 area 0.0.0.4 Dec 23 05:52:51.166659 OSPF rcvd Hello 10.45.45.4 -> 224.0.0.5 (em5.45 IFL 95 area 0.0.0.4) Dec 23 05:52:51.166669 Version 2, length 44, ID 4.4.4.4, area 0.0.0.1 Dec 23 05:52:51.166677 checksum 0xace5, authtype 0 Dec 23 05:52:51.166686 mask 255.255.255.0, hello_ivl 10, opts 0x12, prio 128 Dec 23 05:52:51.166693 dead_ivl 40, DR 10.45.45.4, BDR 0.0.0.0 [edit logical-systems r5] root@JuniperX# run monitor stop r5/trace-ospf-r5 |
nah, anda setalah beberapa saat anda melakukan monitor start, bisa ada log, makan akan ditampilkan langsung. jadi anda bisa cek satu persatu log yang ditampilkan. coba anda lihat log diatas, ada informasi area mismatch dari ip 10.45.45.4, ini adalah router R4 yaitu router p2p R5. langkah selanjutnya anda bisa cek konfigurasi di R5, apakah areanya salah, ini perlu anda sesuaikan dengan design yang anda buat 🙂
jika anda sudah memperbaiki confignya, jangan lupa commit, dan bila diperlukan lakukan perinta clear ospf database pada router R5 atau router yang mempunya masalah. setelah itu coba anda monitor lagi.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
root@JuniperX# *** r5/trace-ospf-r5 *** Dec 23 05:59:18.920304 OSPF Interface event job created at restart phase 0. Dec 23 05:59:18.920479 Interface lo0.5 area 0.0.0.1 event WaitTimer Dec 23 05:59:18.920773 OSPF Interface event job processed 1 events. Dec 23 05:59:18.920786 OSPF Interface event job deleted. Dec 23 05:59:18.960214 OSPF Interface event job created at restart phase 0. Dec 23 05:59:18.960279 Interface em5.45 area 0.0.0.1 event WaitTimer Dec 23 05:59:18.960443 OSPF Interface event job processed 1 events. Dec 23 05:59:18.960453 OSPF Interface event job deleted. Dec 23 05:59:18.961857 OSPF programmed periodic xmit from 10.45.45.5 to 224.0.0.5 (IFL 95, area 0.0.0.1, ID 0.0.0.0, rtbl idx 0) interval 10 0 Dec 23 05:59:18.964081 OSPF Interface event job created at restart phase 0. Dec 23 05:59:18.964171 Interface em5.45 area 0.0.0.1 event NeighborChange Dec 23 05:59:18.964201 OSPF Interface event job processed 1 events. Dec 23 05:59:18.964213 OSPF Interface event job deleted. Dec 23 05:59:18.965074 OSPF programmed periodic xmit from 10.45.45.5 to 224.0.0.5 (IFL 95, area 0.0.0.1, ID 0.0.0.0, rtbl idx 0) interval 10 0 Dec 23 05:59:19.084141 RPD_OSPF_NBRUP: OSPF neighbor 10.45.45.4 (realm ospf-v2 em5.45 area 0.0.0.1) state changed from Loading to Full due to LoadDone (event reason: OSPF loading completed) |
sip, bisa anda lihat dilog nya RPD_OSPF_NBRUP, ini menandakan ospf sudah up. silahkan anda cek show route sperti berikut:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 |
root@JuniperX# run show route logical-system r5 inet.0: 21 destinations, 21 routes (21 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 1.1.1.1/32 *[OSPF/10] 00:04:02, metric 2 > to 10.45.45.4 via em5.45 2.2.2.2/32 *[OSPF/10] 00:04:02, metric 3 > to 10.45.45.4 via em5.45 3.3.3.3/32 *[OSPF/10] 00:04:02, metric 3 > to 10.45.45.4 via em5.45 4.4.4.0/24 *[OSPF/10] 00:04:02, metric 1 > to 10.45.45.4 via em5.45 4.4.4.4/32 *[OSPF/10] 00:04:02, metric 1 > to 10.45.45.4 via em5.45 5.5.5.5/32 *[Direct/0] 07:42:07 > via lo0.5 6.6.6.6/32 *[OSPF/10] 00:04:02, metric 4 > to 10.45.45.4 via em5.45 7.7.7.7/32 *[OSPF/10] 00:04:02, metric 4 > to 10.45.45.4 via em5.45 10.12.12.0/24 *[OSPF/10] 00:04:02, metric 3 > to 10.45.45.4 via em5.45 10.13.13.0/24 *[OSPF/10] 00:04:02, metric 3 ---(more)---[abort] |
sperti yang anda lihat, routenya sudah ngumpul di R5 🙂
mari kita coba lihat case selanjutnya, misal R4 dan R5, ospf athentication bermasalah. nah berikut contoh lognya.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
Dec 23 06:13:31.897511 RPD_OSPF_NBRDOWN: OSPF neighbor 10.45.45.4 (realm ospf-v2 em5.45 area 0.0.0.1) state changed from Full to Down due to KillNbr (event reason: interface went down) Dec 23 06:13:31.906543 OSPF neighbor 10.45.45.4 (IFL 95, area 0.0.0.1, rtbl idx 0) set, 40 0 Dec 23 06:13:31.928455 OSPF programmed periodic xmit from 10.45.45.5 to 224.0.0.5 (IFL 95, area 0.0.0.1, ID 0.0.0.0, rtbl idx 0) interval 10 0 Dec 23 06:13:31.949023 OSPF programmed periodic xmit from 10.45.45.5 to 224.0.0.5 (IFL 95, area 0.0.0.1, ID 0.0.0.0, rtbl idx 0) interval 10 0 Dec 23 06:13:31.969940 OSPF removed PPM interface IFL 95, addr 10.45.45.5, area 0.0.0.1, ID 0.0.0.0, rtbl idx 0 Dec 23 06:13:31.978306 IFL em5.45 addr (10.45.45.5) ifachange 0x2 Dec 23 06:13:31.978355 Interface em5.45 (10.45.45.5) area 0.0.0.1: speed changed 0 -> 1000000000 Dec 23 06:13:31.978377 OSPF Interface event job created at restart phase 0. Dec 23 06:13:31.978396 Add interface em5.45 area 0.0.0.1 Dec 23 06:13:31.978566 Interface em5.45 area 0.0.0.1 event NeighborChange Dec 23 06:13:31.978580 Interface em5.45 area 0.0.0.1 event Up Dec 23 06:13:31.978596 OSPF Interface event job processed 2 events. Dec 23 06:13:31.978601 OSPF Interface event job deleted. Dec 23 06:13:32.017301 ppmd_ospf_intf_auth_key_select : interface em5.45 Dec 23 06:13:32.018169 OSPF authentication key with key-id 100 active (gen_time : 0, now : 1450851212) Dec 23 06:13:32.018476 OSPF installed PPM interface IFL 95, addr 10.45.45.5, area 0.0.0.1, ID 0.0.0.0, rtbl idx 0 Dec 23 06:13:32.028000 OSPF cannot stop xmit from 10.45.45.5 to 224.0.0.5 (IFL 95, area 0.0.0.1, ID 0.0.0.0, rtbl idx 0) Dec 23 06:13:32.030547 OSPF programmed periodic xmit from 10.45.45.5 to 224.0.0.5 (IFL 95, area 0.0.0.1, ID 0.0.0.0, rtbl idx 0) interval 10 0 Dec 23 06:13:32.062378 OSPF packet ignored: authentication type mismatch (0) from 10.45.45.4 Dec 23 06:13:32.088402 OSPF packet ignored: authentication type mismatch (0) from 10.45.45.4 Dec 23 06:13:40.036932 OSPF packet ignored: authentication type mismatch (0) from 10.45.45.4 Dec 23 06:13:49.889597 OSPF packet ignored: authentication type mismatch (0) from 10.45.45.4 Dec 23 06:13:57.848699 OSPF packet ignored: authentication type mismatch (0) from 10.45.45.4 Dec 23 06:14:07.416716 OSPF packet ignored: authentication type mismatch (0) from 10.45.45.4 |
ini perlu anda cek, dari log ditas, bisa anda lihat bahwa router ospf tersebut menggunakan authentication antar neighbournya. nah anda perlu cek config di kedua router. katakanlah anda sudah merasa yakin sdh memperbaik dari kedua sisi untuk confignya, namun anda masih menemukan even log seperti berikut
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
Dec 23 06:15:23.371655 OSPF removed PPM interface IFL 95, addr 10.45.45.5, area 0.0.0.1, ID 0.0.0.0, rtbl idx 0 Dec 23 06:15:23.393173 ppmd_ospf_intf_auth_key_select : interface em5.45 Dec 23 06:15:23.393242 OSPF authentication key with key-id 100 active (gen_time : 0, now : 1450851323) Dec 23 06:15:23.393294 OSPF installed PPM interface IFL 95, addr 10.45.45.5, area 0.0.0.1, ID 0.0.0.0, rtbl idx 0 Dec 23 06:15:23.395098 OSPF cannot stop xmit from 10.45.45.5 to 224.0.0.5 (IFL 95, area 0.0.0.1, ID 0.0.0.0, rtbl idx 0) Dec 23 06:15:23.410058 OSPF programmed periodic xmit from 10.45.45.5 to 224.0.0.5 (IFL 95, area 0.0.0.1, ID 0.0.0.0, rtbl idx 0) interval 10 0 Dec 23 06:15:23.423199 OSPF packet ignored: authentication failure (missing key-id). Dec 23 06:15:23.423496 OSPF packet ignored: authentication failure from 10.45.45.4 Dec 23 06:15:23.430713 OSPF packet ignored: authentication failure (missing key-id). Dec 23 06:15:23.430765 OSPF packet ignored: authentication failure from 10.45.45.4 Dec 23 06:15:32.331628 OSPF packet ignored: authentication failure (missing key-id). Dec 23 06:15:32.332001 OSPF packet ignored: authentication failure from 10.45.45.4 Dec 23 06:15:41.316895 OSPF packet ignored: authentication failure (missing key-id). Dec 23 06:15:41.317254 OSPF packet ignored: authentication failure from 10.45.45.4 Dec 23 06:15:51.194717 OSPF packet ignored: authentication failure (missing key-id). Dec 23 06:15:51.194974 OSPF packet ignored: authentication failure from 10.45.45.4 |
log diatas, menunjukkan key-id terjadi kesalahanan, ingat key-id dan key harus benar2 sama. perhatikan config berikut pada R4 dan R5.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
[edit logical-systems r4 protocols] root@JuniperX# show ospf { area 0.0.0.0 { interface em4.14; interface lo0.4; } area 0.0.0.1 { interface em4.45 { authentication { md5 100 key "$9$NAdVY4oGiHmLxUjkqf5RhcSvW"; ## SECRET-DATA } } } } |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
root@JuniperX# top show logical-systems r5 protocols ospf traceoptions { file trace-ospf-r5; flag error detail; flag event; } area 0.0.0.1 { interface em5.45 { authentication { md5 100 key "$9$h3wSyKW87Vb21RNdws4oFn6/uO"; ## SECRET-DATA } } interface lo0.5; } |
okeh cukup ya,, bila ada pertanyaan silahakan comment dibawah ya broh 🙂
good luck!
Komentar