Rev | Author | # | Line |
---|---|---|---|
10 | DanielLawson | 1 | !!Setting up BGP on the MetaNET |
2 | |||
3 | BGP peering on the MetaNET will eventually involve two route-servers. For | ||
4 | now, you can peer with deuterium on its own. If you really want to, you | ||
5 | can peer with other MetaNET nodes, thats up to you and them to negotiate. | ||
6 | |||
7 | For BGP peering to work, both neighbors need to have entries for each other, | ||
8 | describing their remote-as, and including things such as prefix-lists for | ||
9 | route filtering. | ||
10 | |||
11 | Deuterium has the AS 64900. Its neighbor IP is 192.168.66.10 | ||
12 | |||
13 | We'll setup a test network with the AS 64899. Its internal IP range is | ||
14 | 10.255.255.0/24, and its routers IP address is 10.255.255.1 | ||
15 | __NOTE__ AS 64899 and the IP range 10.255.255.0/24 are EXAMPLEs only. DO NOT attempt to use these. Please get your own IP range and AS allocated. | ||
16 | Read the section later on the registry to see how to obtain your AS number | ||
17 | |||
18 | In our /etc/zebra/bgpd.conf we have the usual garbage at the top: hostname, | ||
19 | password, enable passwd etc. | ||
20 | |||
21 | __NOTE__ Make sure you EDIT this bgp config before trying to run it. There is a cleaner formatted version at the bottom of | ||
22 | this page. You *will* need to change your AS number (router bgp ...), your router-id, and the networks you wish to advertise - both in the network line, and in the prefix-list line. | ||
23 | |||
24 | |||
25 | Then we set up a bgp router process: | ||
26 | |||
13 | DanielLawson | 27 | <pre> |
10 | DanielLawson | 28 | ! the following sets up a bgp router process with the local AS of 64899 |
29 | router bgp 64899 | ||
30 | ! this assigns the bgp router-id of 10.255.255.1 to this router | ||
31 | bgp router-id 10.255.255.1 | ||
32 | ! we want to advertise this network to our bgp peers | ||
33 | network 10.255.255.0/24 | ||
34 | |||
35 | ! this sets up deuterium (as 64900) as a neighbor on 192.168.66.10 | ||
36 | neighbor 192.168.66.10 remote-as 64900 | ||
37 | neighbor 192.168.66.10 ebgp-multihop | ||
38 | ! these commands apply the prefix-lists below | ||
39 | neighbor 192.168.66.10 prefix-list as-64899 out | ||
40 | neighbor 192.168.66.10 prefix-list as-64900 in | ||
41 | ! | ||
42 | ! these prefix lists limit which ip ranges we will send out | ||
43 | ip prefix-list as-64899 seq 5 permit 10.255.255.0/24 | ||
44 | ! and allow in. | ||
45 | ip prefix-list as-64900 seq 5 permit 10.0.0.0/8 le 32 | ||
46 | </pre> | ||
14 | DanielLawson | 47 | |
10 | DanielLawson | 48 | |
49 | A word on prefix lists. The prefix-list for as-64899 will only permit | ||
50 | 10.255.255.0/24 - it wont allow any other networks. If you had two networks | ||
51 | you wished to advertise, you could that with | ||
52 | |||
13 | DanielLawson | 53 | <pre> |
10 | DanielLawson | 54 | ip prefix-list as-64899 seq 5 permit 10.255.255.0/24 |
55 | ip prefix-list as-64899 seq 10 permit 10.255.1.0/24 | ||
13 | DanielLawson | 56 | </pre> |
10 | DanielLawson | 57 | |
58 | Also, note that the prefix-list for as-64900 has 'le 32' at the end. | ||
59 | This allows a range of prefixes to match - it will match prefixes | ||
60 | from 10.0.0.0/8 down to /32. This effectively matches all metanet routes, | ||
61 | including the host route for deuterium (10.66.10.1/32) | ||
62 | |||
63 | |||
64 | Once you've set your end up, and you've updated your details in the metanet | ||
65 | registry, deuterium (and eventually hoiho) will update their config, and | ||
66 | very shortly you should be peering with the route servers. | ||
67 | |||
68 | !!MetaNET Registry: | ||
69 | |||
70 | Go to http://www.tla/maint if you are on the MetaNET already. If you aren't, | ||
71 | go to http://www.meta.net.nz/maint. You will need a password for this, | ||
72 | which you will need to get off one of the MetaNET admins. | ||
73 | |||
74 | Fill in all your informtion in the Personal Information field. You'll get | ||
75 | an IP block allocated to you - you can allocate blocks under this to other | ||
76 | people if you want. EG, if you own 10.66.0.0/16, you can allocated /24's under | ||
77 | that to other people. Fill in the domains/ nameservers etc pages too. | ||
78 | |||
79 | AS Allocations. This will automatically allocate you the next available AS. | ||
80 | Don't ask for a specific one - you wont get it. Make sure you add in the | ||
81 | MetaNET IP of your bgp speaker. This is your 192.168 address. | ||
82 | |||
83 | IP to AS Allocation. In here, you specify which netblocks you will be advertising. You | ||
84 | should only be able to advertise netblocks which are under your control. This | ||
85 | step is important as it gives the route servers information about which routes | ||
86 | to accept from you. | ||
87 | |||
88 | |||
89 | !!BGP Diagnostics | ||
90 | |||
91 | |||
92 | If you telnet to localhost port bgpd, and enter enable mode, you can inspect | ||
93 | some parts of the bgp router process | ||
94 | |||
13 | DanielLawson | 95 | <pre> |
10 | DanielLawson | 96 | show ip bgp |
97 | BGP table version is 0, local router ID is 10.66.1.1 | ||
98 | Status codes: s suppressed, d damped, h history, * valid, > best, i - internal | ||
99 | Origin codes: i - IGP, e - EGP, ? - incomplete | ||
100 | |||
12 | CraigBox | 101 | Network Next Hop Metric !LocPrf Weight Path |
10 | DanielLawson | 102 | *> 10.1.12.0/24 192.168.1.12 0 64900 64914 i |
103 | *> 10.21.1.0/24 192.168.21.1 0 64900 64902 ? | ||
104 | *> 10.25.0.0/24 192.168.66.10 0 64900 64911 i | ||
105 | *> 10.25.16.0/24 192.168.66.10 0 64900 64911 i | ||
106 | *> 10.50.1.0/24 192.168.50.1 0 64900 64905 i | ||
107 | *> 10.66.1.0/24 0.0.0.0 32768 i | ||
108 | *> 10.66.2.0/24 192.168.66.2 20 0 64900 ? | ||
109 | *> 10.66.10.1/32 192.168.66.10 0 64900 i | ||
110 | *> 10.100.1.0/24 192.168.100.1 0 64900 64901 i | ||
111 | *> 10.144.1.0/24 192.168.144.1 0 64900 64906 i | ||
112 | *> 10.144.3.0/24 192.168.144.3 0 64900 64907 i | ||
113 | *> 10.230.1.0/24 192.168.230.1 0 64900 64915 i | ||
114 | |||
115 | Total number of prefixes 12 | ||
13 | DanielLawson | 116 | </pre> |
14 | DanielLawson | 117 | |
10 | DanielLawson | 118 | |
119 | So this shows all the routes I have received, the next hop ip (gateway ip), | ||
120 | any metrics that have been applied, weights, and the path - which shows which | ||
121 | AS I received the routes through. | ||
122 | Note that there is one entry which has a metric of 20. This is being received via OSPF, which sets the default metric to 20, by deuterium's OSPF | ||
123 | routing process, and is being redistributed via BGP to my node. | ||
124 | |||
13 | DanielLawson | 125 | <pre> |
10 | DanielLawson | 126 | # show ip bgp 10.66.10.1 |
127 | BGP routing table entry for 10.66.10.1/32 | ||
128 | Paths: (1 available, best #1, table Default-IP-Routing-Table) | ||
129 | Not advertised to any peer | ||
130 | 64900 | ||
131 | 192.168.66.10 from 192.168.66.10 (10.66.10.1) | ||
132 | Origin IGP, localpref 100, valid, external, best | ||
133 | Last update: Thu Mar 6 14:11:26 2003 | ||
13 | DanielLawson | 134 | </pre> |
10 | DanielLawson | 135 | |
136 | This shows the bgp entry for the route to 10.66.10.1/32 | ||
137 | It shows the remote AS, and the path it takes, as well as some information | ||
138 | about it | ||
139 | |||
140 | We have one metanet node that is connected via a tunnel to one of the other | ||
141 | nodes. It is participating the BGP peering, and you will receive routes to it. | ||
142 | |||
13 | DanielLawson | 143 | <pre> |
10 | DanielLawson | 144 | # show ip bgp 10.25.16.0 |
145 | BGP routing table entry for 10.25.16.0/24 | ||
146 | Paths: (1 available, best #1, table Default-IP-Routing-Table) | ||
147 | Not advertised to any peer | ||
148 | 64900 64911 | ||
149 | 192.168.66.10 from 192.168.66.10 (10.66.10.1) | ||
150 | Origin IGP, localpref 100, valid, external, best | ||
151 | Last update: Thu Mar 6 14:11:26 2003 | ||
13 | DanielLawson | 152 | </pre> |
10 | DanielLawson | 153 | |
154 | As you can see, there are two AS's in the AS list. This is because all traffic | ||
155 | to 10.25.16.0 is routed via 192.168.66.10 (deuterium), as 10.25.16.0 connets | ||
156 | to the metanet via a tunnel to deuterium. | ||
157 | |||
158 | To check your route is being seen by other machines on the wand network you might | ||
159 | want to check http://www.feet.net.nz/route.php | ||
14 | DanielLawson | 160 | sample config: |
10 | DanielLawson | 161 | |
13 | DanielLawson | 162 | <pre> |
10 | DanielLawson | 163 | ! |
164 | hostname bgpd | ||
165 | password metanet | ||
166 | enable password metanet | ||
167 | log file /var/log/zebra/bgpd.log | ||
168 | ! | ||
169 | router bgp <YOUR AS NUMBER> | ||
170 | bgp router-id <IP ADDRESS OF YOUR ROUTER> | ||
171 | network <YOUR 10.* NETWORK>/24 | ||
172 | neighbor 192.168.66.10 remote-as 64900 | ||
173 | neighbor 192.168.66.10 ebgp-multihop | ||
174 | neighbor 192.168.66.10 prefix-list as-<YOUR AS> out | ||
175 | neighbor 192.168.66.10 prefix-list as-64900 in | ||
176 | ! | ||
177 | ip prefix-list as-<YOUR AS> seq 5 permit <YOUR 10.* NETWORK>/24 | ||
178 | ip prefix-list as-64900 seq 5 permit 10.0.0.0/8 le 32 | ||
13 | DanielLawson | 179 | </pre> |
11 | DanielLawson | 180 | |
181 | See [BGPNotes] for other general notes |
lib/blame.php:177: Warning: Invalid argument supplied for foreach() (...repeated 2 times)