Introduction to dynamic routing with Quagga

Download Report

Transcript Introduction to dynamic routing with Quagga 

Introduction to dynamic
routing on Linux with Quagga
FVLUG – July 23, 2007
Wim Kerkhoff – [email protected]
Overview






Short introduction to dynamic routing
Introduce Quagga
Installing Quagga on Debian
Example Quagga configurations
Demo
Using Quagga in production
Static Routing
 Simplist and most common method
 Manually configured by humans
 Can’t handle network changes such
as outages
 Doesn’t scale with many network
devices
 Requires least amount of expertise
 Generally used on hosts (PCs,
printers, etc) and simple NAT routers
Dynamic Routing Protocols
 Applications that automatically discover
network destinations
 First they learn what network routes are
directly connected
 Then chat with neighbouring routers to
learn what they know
 The entire network learns about changes
within minutes or even seconds
 Generally used on Internet backbone
routers and in organizations with many
routers
Common routing protocols
 RIP – old one, based on hop count. Timer
system can result in slow convergence
 OSPF – also uses multicast. Calculates
shortest path using costs assigned to each
link. Easy to setup but less knobs then BGP.
Used inside organization
 BGP – uses TCP session. Can do filtering,
route-maps, mangling, etc. Normally used
for communicating with other organizations
and based on policy
Remember: Routing != Forwarding
 Routing directs forwarding
 Routing is the process of selecting paths in
a network
 Forwarding is the relaying of packets
through one network segment to another
by nodes
 So a network device can perform routing,
forwarding, or both
 So you’ll have a broken router if
/proc/sys/net/ipv4/ip_forward is set to 0
even with a beautiful quagga config
What is Quagga?
 Open source routing software
 Forked 4 years ago from Zebra to
form a much better and healthier decentralized community
 Similar syntax and look to Cisco IOS
 No control over OS, unlike IOS
Quagga features








RIPv1 and v2 (IPv4)
RIPng (IPv6)
OSPFv2
OSPFv3
BGPv4 with multiprotocol extension
VTY shell – Cisco like
SNMP
IPv6
Supported Platforms




GNU/Linux 2.2.x and higher
FreeBSD 4.x and higher
NetBSD 1.6 and higher
OpenBSD 2.5 and higher
System Architecture
bgpd
ripd
ospfd
Zebra routing
table manager
Linux Kernel routing table
Routing protocol
daemons
Vtysh
shell
Install / configuration overview
 Install Debian
 apt-get install quagga tcpdump iproute
 Add set VTYSH_PAGER=cat to ~/.bashrc
 Update /etc/quagga/daemons
(zebra,ospfd,bgpd)
 echo username root nopassword > vtysh.conf
 touch zebra.conf ospfd.conf bgpd.conf
 /etc/init.d/quagga start
to start configuring
 Don’t forget to copy run start like on IOS
 Reboot and ensure convergence
 Vtysh
Demo
Internet - 0.0.0.0/0
ISP - 192.168.21.254/24
NAT boundary
Lo – 10.3.3.2/32
Eth0 – 192.168.21.8
Lo – 10.3.3.1/32
Eth1 – 10.3.2.1/30
Eth0 – 10.3.2.2/30
R2
R1
OSPF area 0
Router 1 Configuration
interface eth0
ip address 192.168.21.8/24
!
interface eth1
ip address 10.3.2.1/30
!
interface lo
ip address 10.3.3.1/32
!
router ospf
ospf router-id 10.3.3.1
redistribute connected
network 10.3.2.0/30 area 0.0.0.0
default-information originate always
!
ip route 0.0.0.0/0 192.168.21.254
!
ip forwarding
Router 2 Configuration
interface eth0
ip address 10.3.2.2/30
!
interface lo
ip address 10.3.3.2/32
!
router ospf
ospf router-id 10.3.3.2
redistribute connected
network 10.3.2.0/30 area 0.0.0.0
!
ip forwarding
Routing table on Router 2
quagga2:~# vtysh
Hello, this is Quagga (version 0.99.5).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
quagga2# show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
O>*
O
C>*
O>*
C>*
C>*
O>*
0.0.0.0/0 [110/1] via 10.3.2.1, eth0, 1d20h22m
10.3.2.0/30 [110/10] is directly connected, eth0, 1d20h33m
10.3.2.0/30 is directly connected, eth0
10.3.3.1/32 [110/20] via 10.3.2.1, eth0, 1d20h22m
10.3.3.2/32 is directly connected, lo
127.0.0.0/8 is directly connected, lo
192.168.21.0/24 [110/20] via 10.3.2.1, eth0, 1d20h22m
OSPF neighbour details
quagga2# show ip ospf neighbor detail
Neighbor 10.3.3.1, interface address 10.3.2.1
In the area 0.0.0.0 via interface eth0
Neighbor priority is 1, State is Full, 11 state changes
Most recent state change statistics:
Progressive change 1d20h25m ago
Regressive change 1d20h25m ago, due to 1-WayReceived
DR is 10.3.2.2, BDR is 10.3.2.1
Options 2 *|-|-|-|-|-|E|*
Dead timer due in 38.944s
Database Summary List 0
Link State Request List 0
Link State Retransmission List 0
Thread Inactivity Timer on
Thread Database Description Retransmision off
Thread Link State Request Retransmission on
Thread Link State Update Retransmission on
Production tips?
 Make sure you have backups of /etc/quagga,
/etc/network/interfaces, and iptables rules
 Keep templates
 Monitor the router as if it was a server: disk
space, memory, load, etc
 Have redundant routers so that you can
perform OS updates safely with 0 downtime
 Be consistent – stick to your templates
 Run lean & mean – K.I.S.S.
 Be secure
 But make sure you can somehow access the
box even if routing is broken
 Stick to a single protocol if possible
Interior uses of OSPF and BGP
 Managing multiple ISP links (failover /
load balancing)
 Multisites using VPNs and/or private
links
 Failover between servers
Want to experiment?
 Setting up 30 machines to simulate a
30 router network is tough
 Virtualize using Xen, VMWare,
OpenVZ etc
 Linksys WRT54G with DDWRT/OpenWRT
Worthy competitor to $60k Cisco?
 Yes!
 2 x 1U servers with onboard dual GigE
 Servers can be under $1500 each and
perform just fine for 99% of situations
 Need more ports? VLAN trunking to
managed Layer2 switch
 Commodity memory and processors are dirt
cheap and as fast as expensive ASICs
 Each full BGP table needs approx 128 MB
physical RAM
Documentation
 Documentation exists for quagga
 Wiki.quagga.net has more useful examples
 But it’s geared towards quagga itself and
not dynamic routing
 Understanding routing protocols is critical
 Having experience with configuring
RIP/OSPF/BGP on Cisco via CLI helps a lot
 CLI has built-in usage info using the ? mark
like in Cisco IOS
 Zebra/Quagga mailing list archives
 Any Cisco OSPF/BGP syntax guides and
examples
 Google 
Questions/Discussion