Workshop/BGP-configs

From initLab
Revision as of 16:14, 14 March 2016 by Hackman (Talk | contribs) (Commands cheat sheet)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

This page is created to help with the bgp workshop that is organized in the lab.

Bird

basic configuration

Enable the direct protocol. This will make Bird to learn all of your directly attached routes.

protocol direct {
       export all;
}

In the kernel protocol, uncomment the following line:

#     learn;   # Learn all alien routes from the kernel

filter configuration

filter in_filter {
       # do not accept routes for our directly connected network
       if ( net = 185.117.82.112/29 ) then reject;
       accept;
}
filter out_filter {
       # do not export anything that is not our directly connected network
       if ( net = 185.117.82.112/29 ) then accept;
       reject;
}

bgp template

template bgp PEERS {
       debug { states, events };
       local as myas;
       startup hold time 0;
       import keep filtered;  # keep filtered routes in bird, so you can see it in: show route filtered
       import filter in_filter;
       export filter out_filter;
       gateway direct;
}

neighbor configuration

protocol bgp bgp_up1 from lab {
       description "Upstream 1 (cassie) via eth0.111";
       neighbor 10.125.11.1 as 65535;
       source address 10.125.11.2;
}
protocol bgp bgp_up2 from lab {
       description "Upstream 2 (beta) via eth0.211";
       neighbor 10.126.11.1 as 59851;
       source address 10.126.11.2;
}

Commands cheat sheet

show protocols                    - list all configured protocols
show protocol bgp_up2             - get the status information for protocol bgp_up2
show protocol all bgp_up2         - get full status information for protocol bgp_up2
show route export bgp_up2         - list all exported networks to peer bgp_up2
show route all export bgp_up2     - list all exported networks to peer bgp_up2 and their additional parameters
show route for 185.117.82.104     - get the routes for 185.117.82.104
show route all for 185.117.82.104 - get the routes for 185.117.82.104 and its path info
show route filtered               - list all prefixes that are filtered 
show route protocol bgp_up2       - list all prefixes that you receive from peer bgp_up2
show memory                       - get the memory usage of Bird

Quagga

basic configuration

router bgp 65011
 bgp router-id 185.117.82.113
 bgp log-neighbor-changes
 bgp graceful-restart
 network 185.117.82.112/29

neighbors configuration

neighbor 10.125.11.1 remote-as 65535
neighbor 10.125.11.1 description "Upstream 1 (cassie) via eth0.111"
neighbor 10.125.11.1 update-source 10.125.11.2
neighbor 10.125.11.1 soft-reconfiguration inbound
neighbor 10.125.11.1 prefix-list in_filter in
neighbor 10.125.11.1 prefix-list out_filter out
neighbor 10.126.11.1 remote-as 59851
neighbor 10.126.11.1 description "Upstream 2 (beta) via eth0.211"
neighbor 10.126.11.1 update-source 10.125.11.2
neighbor 10.126.11.1 soft-reconfiguration inbound
neighbor 10.126.11.1 prefix-list in_filter in
neighbor 10.126.11.1 prefix-list out_filter out

prefix lists

allow all prefixes except the one I'm advertising

ip prefix-list in_filter seq 1 deny 185.117.82.112/29
ip prefix-list in_filter seq 10 permit any

Export only my directly connected prefix

ip prefix-list out_filter seq 1 permit 185.117.82.112/29
ip prefix-list out_filter seq 10 deny any

Commands cheat sheet

show ip bgp neighbors   - list all configured neighbors and full information about them
show ip prefix-list     - list all prefix lists
show memory             - get a memory usage info

Client container

sysctl net.ipv4.ip_forward=1
ip netns add bgp
ip link add veth0 type veth peer name veth1
ip link set veth1 netns bgp
ip netns exec bgp /bin/bash

iproute2 commands

  • Add a VLAN 111 to eth0
# ip link add link eth0 name eth0.111 type vlan id 111 
  • Bring a device UP
# ip link set up dev eth0
  • Bring a device DOWN
# ip link set down dev eth0
  • Check the route to a destination
# ip route get 8.8.8.8
  • Create a new virtual ethernet pair. Useful for communication with containers.
# ip link add veth0 type veth peer name veth1
  • Create a new network namespace called bgp
# ip netns add bgp
  • Move device veth1 into network namespace bgp
# ip link set veth1 netns bgp
  • Execute a command inside netns bgp. Its easiest if the command is a shell
# ip netns exec bgp /bin/bash