LAB on BGP
These are my notes made during my lab practical as part of my LPIC3 Diploma course in Linux Clustering. They are in “rough format”, presented as they were written.
LPIC3 Syllabus for BGP
364.4 Network High Availability
Weight: 5
Description: Candidates should be able to configure redundant networking connections and manage VLANs.
Furthermore, candidates should have a basic understanding of BGP.
Key Knowledge Areas:
• Understand and configure bonding network interface
• Network bond modes and algorithms (active-backup, blance-tlb, balance-alb,
802.3ad, balance-rr, balance-xor, broadcast)
• Configure switch configuration for high availability, including RSTP
• Configure VLANs on regular and bonded network interfaces
• Persist bonding and VLAN configuration
• Understand the principle of autonomous systems and BGP to manage external
redundant uplinks
• Awareness of traffic shaping and control capabilities of Linux
Partial list of the used files, terms and utilities:
• bonding.ko (including relevant module options)
• /etc/network/interfaces
• /etc/sysconfig/networking-scripts/ifcfg-*
• /etc/systemd/network/*.network
• /etc/systemd/network/*.netdev
• nmcli
• /sys/class/net/bonding_masters
• /sys/class/net/bond*/bonding/miimon
• /sys/class/net/bond*/bonding/slaves
• ifenslave
• ip
Network Overview
The network for this BGP LAB comprises two virtual KVM machines, installed with CentOS 7 and housed on a KVM virtual machine system on a Linux Ubuntu host:
router1 10.0.8.100 and
router2 10.0.9.100
Our Internet will effectively be the laptop, with an IP of 192.168.122.1
This interface is defined on the laptop as a KVM bridge.
Border Gateway Protocol BGP
Installation of BGP and Dependencies
Make sure SELinux is disabled. Check with:
root@asus:/home/kevin# sestatus
SELinux status: disabled
root@asus:/home/kevin#
If you are using CentOS 7, you need to apply the following policy change for SELinux. Otherwise, SELinux will prevent Zebra daemon from writing to its configuration directory.
[root@router1 ~]# setsebool -P zebra_write_config 1
setsebool: SELinux is disabled.
[root@router1 ~]#
If not disabled, open /etc/selinux/config
and change
SELINUX=enforcing
to
SELINUX=disabled
Then reboot.
yum install readline-devel
[root@router1 ~]# yum install readline-devel
Failed to set locale, defaulting to C.UTF-8
Installing:
readline-devel x86_64 7.0-10.el8 baseos 204 k
Installing dependencies:
ncurses-c++-libs x86_64 6.1-7.20180224.el8 baseos 58 k
ncurses-devel x86_64 6.1-7.20180224.el8 baseos 527 k
Transaction Summary
=======================================================================================================================================
Install 3 Packages
Installed:
ncurses-c++-libs-6.1-7.20180224.el8.x86_64 ncurses-devel-6.1-7.20180224.el8.x86_64 readline-devel-7.0-10.el8.x86_64
Complete!
[root@router1 ~]#
[root@router2 ~]# yum install quagga
Loaded plugins: fastestmirror, langpacks
Installing:
quagga x86_64 0.99.22.4-5.el7_4 base 1.2 M
Installing for dependencies:
net-snmp x86_64 1:5.7.2-49.el7_9.1 updates 325 k
net-snmp-agent-libs x86_64 1:5.7.2-49.el7_9.1 updates 707 k
perl-Data-Dumper x86_64 2.145-3.el7 base 47 k
Transaction Summary
Running transaction
Installing : 1:net-snmp-agent-libs-5.7.2-49.el7_9.1.x86_64 1/4
Installing : perl-Data-Dumper-2.145-3.el7.x86_64 2/4
Installing : 1:net-snmp-5.7.2-49.el7_9.1.x86_64 3/4
Installing : quagga-0.99.22.4-5.el7_4.x86_64 4/4
Verifying : perl-Data-Dumper-2.145-3.el7.x86_64 1/4
Verifying : quagga-0.99.22.4-5.el7_4.x86_64 2/4
Verifying : 1:net-snmp-agent-libs-5.7.2-49.el7_9.1.x86_64 3/4
Verifying : 1:net-snmp-5.7.2-49.el7_9.1.x86_64 4/4
Installed:
quagga.x86_64 0:0.99.22.4-5.el7_4
Dependency Installed:
net-snmp.x86_64 1:5.7.2-49.el7_9.1 net-snmp-agent-libs.x86_64 1:5.7.2-49.el7_9.1 perl-Data-Dumper.x86_64 0:2.145-3.el7
Complete!
[root@router2 ~]#
[root@router2 ~]# systemctl enable zebra
Created symlink from /etc/systemd/system/multi-user.target.wants/zebra.service to /usr/lib/systemd/system/zebra.service.
[root@router2 ~]#
[root@router2 ~]# systemctl start zebra
[root@router2 ~]# systemctl status zebra
● zebra.service – GNU Zebra routing manager
Loaded: loaded (/usr/lib/systemd/system/zebra.service; enabled; vendor preset: disabled)
Active: active (running) since Fr 2021-05-14 15:13:55 CEST; 4s ago
Process: 20902 ExecStart=/usr/sbin/zebra -d $ZEBRA_OPTS -f /etc/quagga/zebra.conf (code=exited, status=0/SUCCESS)
Process: 20901 ExecStartPre=/sbin/ip route flush proto zebra (code=exited, status=0/SUCCESS)
Main PID: 20904 (zebra)
CGroup: /system.slice/zebra.service
└─20904 /usr/sbin/zebra -d -A 127.0.0.1 -f /etc/quagga/zebra.conf
Mai 14 15:13:55 router2 systemd[1]: Starting GNU Zebra routing manager…
Mai 14 15:13:55 router2 systemd[1]: Can’t open PID file /run/quagga/zebra.pid (yet?) after start: No such file or directory
Mai 14 15:13:55 router2 systemd[1]: Started GNU Zebra routing manager.
[root@router2 ~]#
[root@router2 ~]# systemctl enable bgpd
Created symlink from /etc/systemd/system/multi-user.target.wants/bgpd.service to /usr/lib/systemd/system/bgpd.service.
[root@router2 ~]# systemctl status bgpd
● bgpd.service – BGP routing daemon
Loaded: loaded (/usr/lib/systemd/system/bgpd.service; enabled; vendor preset: disabled)
Active: inactive (dead)
[root@router2 ~]# systemctl start bgpd
[root@router2 ~]# systemctl status bgpd
● bgpd.service – BGP routing daemon
Loaded: loaded (/usr/lib/systemd/system/bgpd.service; enabled; vendor preset: disabled)
Active: inactive (dead)
Condition: start condition failed at Fr 2021-05-14 15:14:41 CEST; 1s ago
ConditionPathExists=/etc/quagga/bgpd.conf was not met
[root@router2 ~]#
Next we do the same on router1
BGP Router Configuration with Quagga
In order to configure the BGP routing, we use the vtysh shell.
First copy the sample BGP configuration file:
cp /usr/share/doc/quagga-*/bgpd.conf.sample /etc/quagga/bgpd.conf
Quagga offers a dedicated command-line shell called vtysh, where you can type commands which are compatible with those supported by router vendors such as Cisco and Juniper.
Do the following on both routers:
After the file has been copied, enter the shell: vtysh
the prompt will appear, in this case:
[root@router1 ~]# vtysh
Hello, this is Quagga (version 0.99.22.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
router1# show running-config
Building configuration…
Current configuration:
!
hostname router2
!
interface eth0
ipv6 nd suppress-ra
!
interface eth1
ipv6 nd suppress-ra
!
interface lo
!
line vty
!
end
router1#
Now we specify the log file for Zebra by using the following commands (still in the vtysh shell):
router1# configure terminal
router1(config)# log file /var/log/quagga/quagga.log
router1(config)# exit
router1# write
Building Configuration…
Configuration saved to /etc/quagga/zebra.conf
[OK]
router1# exit
[root@router1 ~]#
If you are using CentOS 7, you need to apply the following policy change for SELinux. Otherwise, SELinux will prevent Zebra daemon from writing to its configuration directory.
[root@router1 ~]# setsebool -P zebra_write_config 1
setsebool: SELinux is disabled.
[root@router1 ~]#
do the same on both routers.
[root@router1 ~]# cp /usr/share/doc/quagga-*/bgpd.conf.sample /etc/quagga/bgpd.conf
[root@router1 ~]# cd /etc
[root@router1 etc]# cd quagga/
[root@router1 quagga]# ls
bgpd.conf vtysh.conf zebra.conf zebra.conf.sav
[root@router1 quagga]#
[root@router1 quagga]#
[root@router1 quagga]# cat zebra.conf
!
! Zebra configuration saved from vty
! 2021/05/14 15:35:50
!
hostname router2
log file /var/log/quagga/quagga.log
!
interface eth0
ipv6 nd suppress-ra
!
interface eth1
ipv6 nd suppress-ra
!
interface lo
!
!
!
line vty
!
[root@router1 quagga]# cat bgpd.conf
! -*- bgp -*-
!
! BGPd sample configuratin file
!
! $Id: bgpd.conf.sample,v 1.1 2002/12/13 20:15:29 paul Exp $
!
hostname bgpd
password zebra
!enable password please-set-at-here
!
!bgp mulitple-instance
!
router bgp 7675
! bgp router-id 10.0.0.1
! network 10.0.0.0/8
! neighbor 10.0.0.2 remote-as 7675
! neighbor 10.0.0.2 route-map set-nexthop out
! neighbor 10.0.0.2 ebgp-multihop
! neighbor 10.0.0.2 next-hop-self
!
! access-list all permit any
!
!route-map set-nexthop permit 10
! match ip address all
! set ip next-hop 10.0.0.1
!
!log file bgpd.log
!
log stdout
[root@router1 quagga]#
Configuring BGP Peering
installing on ubuntu laptop
root@asus:~# apt-get install quagga
Reading package lists… Done
echo “net.ipv4.conf.all.forwarding=1” | sudo tee -a /etc/sysctl.conf
root@asus:~# echo “net.ipv4.conf.all.forwarding=1” | sudo tee -a /etc/sysctl.conf
net.ipv4.conf.all.forwarding=1
root@asus:~#
check with
sysctl -p
root@asus:~# sysctl -p
net.ipv4.conf.all.forwarding = 1
root@asus:~#
apt install quagga-doc
copy the required files for configuring this routing suite.
babeld.conf
bgpd.conf
bgpd.conf
isisd.conf
ospf6d.conf
ospfd.conf
ripd.conf
ripngd.conf
vtysh.conf
zebra.conf
These configuration files are not placed initially in /etc/quagga/ so you need to copy these files from /usr/share/doc/quagga-core/examples to /etc/quagga:
root@asus:/usr/share/doc/quagga-core/examples# cp /usr/share/doc/quagga-core/examples/vtysh.conf.sample /etc/quagga/vtysh.conf
root@asus:/usr/share/doc/quagga-core/examples# cp /usr/share/doc/quagga-core/examples/zebra.conf.sample /etc/quagga/zebra.conf
root@asus:/usr/share/doc/quagga-core/examples# cp /usr/share/doc/quagga-core/examples/bgpd.conf.sample /etc/quagga/bgpd.conf
root@asus:/usr/share/doc/quagga-core/examples# sudo chown quagga:quagga /etc/quagga/*.conf
root@asus:/usr/share/doc/quagga-core/examples# sudo chown quagga:quaggavty /etc/quagga/vtysh.conf
root@asus:/usr/share/doc/quagga-core/examples# sudo chmod 640 /etc/quagga/*.conf
root@asus:/usr/share/doc/quagga-core/examples#
to write logs:
root@asus:~# mkdir /var/log/quagga/
root@asus:~# chown quagga:quagga /var/log/quagga/
root@asus:~# touch /var/log/zebra.log
root@asus:~# chown quagga:quagga /var/log/zebra.log
root@asus:~#
Next, we configure peering IP addresses on the external interface to be used.
[root@router1 ~]# vtysh
Hello, this is Quagga (version 0.99.22.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
router1# show interface
Interface eth0 is up, line protocol detection is disabled
index 2 metric 1 mtu 1500
flags: <UP,BROADCAST,RUNNING,MULTICAST>
HWaddr: 52:54:00:9f:8b:c0
inet 192.168.122.8/24 broadcast 192.168.122.255
inet6 fe80::127d:ea0d:65b7:30e5/64
Interface eth1 is up, line protocol detection is disabled
index 3 metric 1 mtu 1500
flags: <UP,BROADCAST,RUNNING,MULTICAST>
HWaddr: 52:54:00:19:4f:66
inet 10.0.8.100/8 broadcast 10.255.255.255
inet6 fe80::c466:3844:d978:b3d8/64
Interface lo is up, line protocol detection is disabled
index 1 metric 1 mtu 65536
flags: <UP,LOOPBACK,RUNNING>
inet 127.0.0.1/8
inet6 ::1/128
router1#
For BGP peering, we first copy the sample configuration file from “/usr/share/doc” to “/etc”. Then, we will start and enable the bgp service. After all this is done, we configure the BGP session.
1) Let’s prepare the BGP daemon (BGPd)’s configuration file.
cp /usr/share/doc/quagga-XXXXXXX/bgpd.conf.sample /etc/quagga/bgpd.conf
root@asus:~# cat /etc/quagga/bgpd.conf
!
! Zebra configuration saved from vty
! 2021/05/14 17:40:00
!
hostname bgpd
password zebra
log file /var/log/quagga/quagga.log
log stdout
!
router bgp 7675
bgp router-id 192.168.178.22
!
address-family ipv6
exit-address-family
exit
!
line vty
!
[root@router2 quagga]# vtysh
Hello, this is Quagga (version 0.99.22.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
router2# configure terminal
router2(config)# router bgp 65102
router2(config-router)#
router2(config-router)# network 10.0.9.0/24
router2(config-router)# exit
router2(config)# exit
router2# wr
Building Configuration…
Configuration saved to /etc/quagga/zebra.conf
Configuration saved to /etc/quagga/bgpd.conf
[OK]
router2#
to test your configuration, you can manually bind the address to your loopback interface:
[root@router1 ~]# ip addr add 10.0.8.201 dev lo
Note I have set the following additional loopback IPs for the 3 BGP routers:
asus: 192.168.122.200
router1: 10.0.8.201
router2: 10.0.9.202
These will need to be permanently configured to survive reboot.
You can then manually check the route to ensure that it’s a local one:
ip route get 10.0.8.201
[root@router1 ~]# ip route get 10.0.8.201
local 10.0.8.201 dev lo src 10.0.8.201
cache <local>
[root@router1 ~]#
As this address was manually added, the configuration will not persist after the networking services are restarted or the system is rebooted.
[root@router1 ~]# vtysh
Hello, this is Quagga (version 0.99.22.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
router1# conf t
router1(config)#
router1(config)#
router1(config)#
router1(config)#
router1(config)# route-map RM_SET_SRC permit 10
router1(config-route-map)#
router1(config-route-map)#
router1(config-route-map)#
router1(config-route-map)# set src 10.0.8.201
router1(config-route-map)# ip protocol bgp route-map RM_SET_SRC
router1(config)# exit
router1# write
Building Configuration…
Configuration saved to /etc/quagga/zebra.conf
Can’t backup old configuration file /etc/quagga/bgpd.conf.sav.
[OK]
router1#
router1# show route-map RM_SET_SRC
ZEBRA:
route-map RM_SET_SRC, permit, sequence 10
Match clauses:
Set clauses:
src 10.0.8.201
Call clause:
Action:
Exit routemap
BGP:
route-map RM_SET_SRC, permit, sequence 10
Match clauses:
Set clauses:
Call clause:
Action:
Exit routemap
router1#
Private AS Numbers
64512 – 65534 16 Reserved for Private Usage
we will use:
65100 asus
65101 router1
65102 router2
on router1:
nano /etc/quagga/bgpd.conf
! -*- bgp -*-
!
! BGPd sample configuratin file
!
! $Id: bgpd.conf.sample,v 1.1 2002/12/13 20:15:29 paul Exp $
!
hostname router1
password zebra
enable password zebra
!enable password please-set-at-here
!
bgp mulitple-instance
!
router bgp 65101
bgp router-id 10.0.8.100
network 10.0.8.0/24
bgp log-neighbor-changes
neighbor 192.168.122.1 remote-as 65100
! neighbor 10.0.0.2 route-map set-nexthop out
! neighbor 10.0.0.2 ebgp-multihop
! neighbor 10.0.0.2 next-hop-self
!
access-list all permit any
!
!route-map set-nexthop permit 10
! match ip address all
! set ip next-hop 10.0.0.1
!
log file /var/log/quagga/bgpd.log
!
log stdout
nano /etc/quagga/zebra.conf
GNU nano 2.3.1 File: /etc/quagga/zebra.conf
!
! Zebra configuration saved from vty
! 2021/05/14 15:35:50
!
hostname router1
log file /var/log/quagga/quagga.log
!
!interface eth0
! ipv6 nd suppress-ra
!
interface eth1
ipv6 nd suppress-ra
!
interface lo
!
!
!
line vty
!
on router2:
nano /etc/quagga/bgpd.conf
! -*- bgp -*-
!
! BGPd sample configuratin file
!
! $Id: bgpd.conf.sample,v 1.1 2002/12/13 20:15:29 paul Exp $
!
hostname router2
password zebra
enable password zebra
!enable password please-set-at-here
!
bgp mulitple-instance
!
router bgp 65102
bgp router-id 10.0.9.100
network 10.0.9.0/24
bgp log-neighbor-changes
neighbor 192.168.122.1 remote-as 65100
! neighbor 10.0.0.2 route-map set-nexthop out
! neighbor 10.0.0.2 ebgp-multihop
! neighbor 10.0.0.2 next-hop-self
!
access-list all permit any
!
!route-map set-nexthop permit 10
! match ip address all
! set ip next-hop 10.0.0.1
!
log file /var/log/quagga/bgpd.log
!
log stdout
nano /etc/quagga/zebra.conf
GNU nano 2.3.1 File: /etc/quagga/zebra.conf
!
! Zebra configuration saved from vty
! 2021/05/14 15:35:50
!
hostname router2
log file /var/log/quagga/quagga.log
!
!interface eth0
! ipv6 nd suppress-ra
!
interface eth1
ipv6 nd suppress-ra
!
interface lo
!
!
!
line vty
!
on asus laptop:
GNU nano 5.2 /etc/quagga/bgpd.conf
!
! Zebra configuration saved from vty
! 2021/05/14 17:40:00
!
hostname bgpd
password zebra
log file /var/log/quagga/quagga.log
log stdout
!
router bgp 65100
bgp router-id 192.168.122.1
!
address-family ipv6
exit-address-family
exit
!
line vty
!
also on asus:
nano /etc/quagga/bgpd.conf
! -*- bgp -*-
!
! BGPd sample configuratin file
!
! $Id: bgpd.conf.sample,v 1.1 2002/12/13 20:15:29 paul Exp $
!
hostname bgpd
password zebra
enable password zebra
!enable password please-set-at-here
!
bgp mulitple-instance
!
router bgp 65100
bgp router-id 192.168.122.1
network 192.168.122.0/24
bgp log-neighbor-changes
neighbor 10.0.8.100 remote-as 65101
! neighbor 10.0.0.2 route-map set-nexthop out
! neighbor 10.0.0.2 ebgp-multihop
! neighbor 10.0.0.2 next-hop-self
!
neighbor 10.0.9.100 remote-as 65102
! neighbor 10.0.0.2 route-map set-nexthop out
! neighbor 10.0.0.2 ebgp-multihop
! neighbor 10.0.0.2 next-hop-self
!
access-list all permit any
!
!route-map set-nexthop permit 10
! match ip address all
! set ip next-hop 10.0.0.1
!
log file /var/log/quagga/bgpd.log
!
log stdout
Start BGP Services
Next we start the quagga services: bgpd and zebra on all the routers in this LAB ie asus, router1 and router2:
start the services bgpd and zebra:
root@asus:~#
root@asus:~# systemctl start bgpd
root@asus:~# systemctl start zebra
root@asus:~# systemctl status bgpd
● bgpd.service – BGP routing daemon
Loaded: loaded (/lib/systemd/system/bgpd.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2021-05-14 16:39:41 CEST; 8s ago
Docs: man:bgpd
Process: 244632 ExecStartPre=/bin/chmod -f 640 /etc/quagga/bgpd.conf (code=exited, status=0/SUCCESS)
Process: 244633 ExecStartPre=/bin/chown -f quagga:quagga /etc/quagga/bgpd.conf (code=exited, status=0/SUCCESS)
Process: 244634 ExecStart=/usr/sbin/bgpd -d -A 127.0.0.1 -f /etc/quagga/bgpd.conf (code=exited, status=0/SUCCESS)
Main PID: 244635 (bgpd)
Tasks: 1 (limit: 21460)
Memory: 3.0M
CGroup: /system.slice/bgpd.service
└─244635 /usr/sbin/bgpd -d -A 127.0.0.1 -f /etc/quagga/bgpd.conf
Mai 14 16:39:41 asus systemd[1]: Starting BGP routing daemon…
Mai 14 16:39:41 asus systemd[1]: Started BGP routing daemon.
root@asus:~# systemctl status zebra
● zebra.service – GNU Zebra routing manager
Loaded: loaded (/lib/systemd/system/zebra.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2021-05-14 16:39:41 CEST; 12s ago
Docs: man:zebra
Process: 244626 ExecStartPre=/sbin/ip route flush proto zebra (code=exited, status=0/SUCCESS)
Process: 244627 ExecStartPre=/bin/chmod -f 640 /etc/quagga/vtysh.conf /etc/quagga/zebra.conf (code=exited, status=0/SUCCESS)
Process: 244628 ExecStartPre=/bin/chown -f quagga:quagga /etc/quagga/zebra.conf (code=exited, status=0/SUCCESS)
Process: 244629 ExecStartPre=/bin/chown -f quagga:quaggavty /etc/quagga/vtysh.conf (code=exited, status=0/SUCCESS)
Process: 244630 ExecStart=/usr/sbin/zebra -d -A 127.0.0.1 -f /etc/quagga/zebra.conf (code=exited, status=0/SUCCESS)
Main PID: 244631 (zebra)
Tasks: 1 (limit: 21460)
Memory: 2.2M
CGroup: /system.slice/zebra.service
└─244631 /usr/sbin/zebra -d -A 127.0.0.1 -f /etc/quagga/zebra.conf
Mai 14 16:39:41 asus systemd[1]: Starting GNU Zebra routing manager…
Mai 14 16:39:41 asus systemd[1]: Started GNU Zebra routing manager.
root@asus:~#
normally on a router they would also be enabled to start on boot:
sudo systemctl is-enabled zebra.service
sudo systemctl is-enabled bgpd.service
sudo systemctl enable zebra.service
sudo systemctl enable bgpd.service
Disable unnecessary services:
systemctl status ospfd
systemctl is-enabled ospfd
systemctl is-enabled ospf6d
systemctl is-enabled ripd
systemctl is-enabled ripngd
systemctl is-enabled isisd
systemctl disable ospfd
systemctl disable ospf6d
systemctl disable ripd
systemctl disable ripngd
systemctl disable isisd
Do this on all the BGP routers for all AS systems in this LAB.
Connect to the vtysh, bgpd and zebra terminal as follows:
vtysh
sudo telnet localhost 2605
sudo telnet localhost 2601
[root@router2 quagga]# systemctl start bgpd
[root@router2 quagga]# systemctl status bgpd
● bgpd.service – BGP routing daemon
Loaded: loaded (/usr/lib/systemd/system/bgpd.service; enabled; vendor preset: disabled)
Active: active (running) since So 2021-05-16 00:36:13 CEST; 4s ago
Process: 4404 ExecStart=/usr/sbin/bgpd -d $BGPD_OPTS -f /etc/quagga/bgpd.conf (code=exited, status=0/SUCCESS)
Main PID: 4405 (bgpd)
CGroup: /system.slice/bgpd.service
└─4405 /usr/sbin/bgpd -d -A 127.0.0.1 -f /etc/quagga/bgpd.conf
Mai 16 00:36:13 router2 systemd[1]: Starting BGP routing daemon…
Mai 16 00:36:13 router2 systemd[1]: Can’t open PID file /run/quagga/bgpd.pid (yet?) after start: No such file or directory
Mai 16 00:36:13 router2 systemd[1]: Started BGP routing daemon.
[root@router2 quagga]#
[root@router2 quagga]#
[root@router2 quagga]# systemctl start zebra
[root@router2 quagga]# systemctl status zebra
● zebra.service – GNU Zebra routing manager
Loaded: loaded (/usr/lib/systemd/system/zebra.service; enabled; vendor preset: disabled)
Active: active (running) since Fr 2021-05-14 15:31:57 CEST; 1 day 9h ago
Process: 710 ExecStart=/usr/sbin/zebra -d $ZEBRA_OPTS -f /etc/quagga/zebra.conf (code=exited, status=0/SUCCESS)
Process: 673 ExecStartPre=/sbin/ip route flush proto zebra (code=exited, status=0/SUCCESS)
Main PID: 726 (zebra)
CGroup: /system.slice/zebra.service
└─726 /usr/sbin/zebra -d -A 127.0.0.1 -f /etc/quagga/zebra.conf
Mai 14 15:31:56 router2 systemd[1]: Starting GNU Zebra routing manager…
Mai 14 15:31:57 router2 systemd[1]: Can’t open PID file /run/quagga/zebra.pid (yet?) after start: No such file or directory
Mai 14 15:31:57 router2 systemd[1]: Started GNU Zebra routing manager.
[root@router2 quagga]#
How to Verify if BGP is Working
[root@router1 quagga]# vtysh -c “show bgp neighbors”
BGP neighbor is 192.168.122.1, remote AS 65100, local AS 65101, external link
BGP version 4, remote router ID 0.0.0.0
BGP state = Active
Last read 00:26:14, hold time is 180, keepalive interval is 60 seconds
Message statistics:
Inq depth is 0
Outq depth is 0
Sent Rcvd
Opens: 12 0
Notifications: 0 0
Updates: 0 0
Keepalives: 0 0
Route Refresh: 0 0
Capability: 0 0
Total: 12 0
Minimum time between advertisement runs is 30 seconds
For address family: IPv4 Unicast
Community attribute sent to this neighbor(both)
0 accepted prefixes
Connections established 0; dropped 0
Last reset never
Local host: 192.168.122.8, Local port: 46514
Foreign host: 192.168.122.1, Foreign port: 179
Nexthop: 192.168.122.8
Nexthop global: fe80::127d:ea0d:65b7:30e5
Nexthop local: ::
BGP connection: non shared network
Next connect timer due in 22 seconds
Read thread: off Write thread: off
[root@router1 quagga]#
[root@router2 quagga]# vtysh -c “show bgp neighbors”
BGP neighbor is 192.168.122.1, remote AS 65100, local AS 65102, external link
BGP version 4, remote router ID 0.0.0.0
BGP state = Connect
Last read 00:19:52, hold time is 180, keepalive interval is 60 seconds
Message statistics:
Inq depth is 0
Outq depth is 0
Sent Rcvd
Opens: 8 0
Notifications: 0 0
Updates: 0 0
Keepalives: 0 0
Route Refresh: 0 0
Capability: 0 0
Total: 8 0
Minimum time between advertisement runs is 30 seconds
For address family: IPv4 Unicast
Community attribute sent to this neighbor(both)
0 accepted prefixes
Connections established 0; dropped 0
Last reset never
Next connect timer due in 50 seconds
Read thread: on Write thread: on
[root@router2 quagga]#
root@asus:/etc/quagga# vtysh -c “show bgp neighbors”
BGP neighbor is 10.0.8.100, remote AS 65101, local AS 65100, external link
BGP version 4, remote router ID 0.0.0.0
BGP state = Active
Last read 00:27:14, hold time is 180, keepalive interval is 60 seconds
Message statistics:
Inq depth is 0
Outq depth is 0
Sent Rcvd
Opens: 327 0
Notifications: 0 0
Updates: 0 0
Keepalives: 0 0
Route Refresh: 0 0
Capability: 0 0
Total: 327 0
Minimum time between advertisement runs is 3 seconds
For address family: IPv4 Unicast
Community attribute sent to this neighbor(all)
0 accepted prefixes
Connections established 0; dropped 0
Last reset never
External BGP neighbor may be up to 1 hops away.
Local host: 10.0.8.1, Local port: 43840
Foreign host: 10.0.8.100, Foreign port: 179
Nexthop: 10.0.8.1
Nexthop global: ::
Nexthop local: ::
BGP connection: non shared network
Next connect timer due in 4 seconds
Read thread: off Write thread: off
BGP neighbor is 10.0.9.100, remote AS 65102, local AS 65100, external link
BGP version 4, remote router ID 0.0.0.0
BGP state = Active
Last read 00:27:14, hold time is 180, keepalive interval is 60 seconds
Message statistics:
Inq depth is 0
Outq depth is 0
Sent Rcvd
Opens: 244 0
Notifications: 0 0
Updates: 0 0
Keepalives: 0 0
Route Refresh: 0 0
Capability: 0 0
Total: 244 0
Minimum time between advertisement runs is 3 seconds
For address family: IPv4 Unicast
Community attribute sent to this neighbor(all)
0 accepted prefixes
Connections established 0; dropped 0
Last reset never
External BGP neighbor may be up to 1 hops away.
Local host: 10.0.9.1, Local port: 33062
Foreign host: 10.0.9.100, Foreign port: 179
Nexthop: 10.0.9.1
Nexthop global: ::
Nexthop local: ::
BGP connection: non shared network
Next connect timer due in 4 seconds
Read thread: off Write thread: off
root@asus:/etc/quagga#
next check the ip routing tables
vtysh -c “show ip bgp”
[root@router1 quagga]# vtysh -c “show ip bgp”
BGP table version is 0, local router ID is 10.0.8.100
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale, R Removed
Origin codes: i – IGP, e – EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.0.8.0/24 0.0.0.0 0 32768 i
Total number of prefixes 1
[root@router1 quagga]#
[root@router2 quagga]# vtysh -c “show ip bgp”
BGP table version is 0, local router ID is 10.0.9.100
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale, R Removed
Origin codes: i – IGP, e – EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.0.9.0/24 0.0.0.0 0 32768 i
Total number of prefixes 1
[root@router2 quagga]#
root@asus:/etc/quagga# vtysh -c “show ip bgp”
BGP table version is 0, local router ID is 192.168.122.1
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Origin codes: i – IGP, e – EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*> 192.168.122.0 0.0.0.0 0 32768 i
Displayed 1 out of 1 total prefixes
root@asus:/etc/quagga#
Some Basic Quagga Router Commands
Login to router:
either
vtysh
[root@router2 quagga]# vtysh
Hello, this is Quagga (version 0.99.22.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
router2#
or
telnet localhost 2601
(latter requires the password)
[root@router2 quagga]# telnet localhost 2601
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
Hello, this is Quagga (version 0.99.22.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
User Access Verification
Password:
router2>
show basic help:
router2#?
router2#
clear Reset functions
configure Configuration from vty interface
copy Copy from one file to another
debug Enable debug messages for specific or all part.
disable Turn off privileged mode command
end End current mode and change to enable mode
exit Exit current mode and down to previous mode
list Print command list
no Negate a command or set its defaults
ping Send echo messages
quit Exit current mode and down to previous mode
show Show running system information
ssh Open an ssh connection
start-shell Start UNIX shell
telnet Open a telnet connection
terminal Set terminal line parameters
traceroute Trace route to destination
undebug Disable debugging functions (see also ‘debug’)
write Write running configuration to memory, network, or terminal
router2#
display advanced help
note this is different to the basic help, with just “?” – here you enter “show ?”
router2# show ?
debugging Zebra configuration
history Display the session command history
interface Interface status and configuration
ip IP information
ipv6 IPv6 information
logging Show current logging configuration
memory Memory statistics
route-map route-map information
running-config running configuration
startup-config Contentes of startup configuration
table default routing table to use for all clients
thread Thread information
version Displays zebra version
work-queues Work Queue information
zebra Zebra informationClient information
router2#
display advanced help for a specific command:
eg
show ip ?
router2# show ip ?
access-list List IP access lists
forwarding IP forwarding status
mroute IP Multicast routing table
prefix-list Build a prefix list
protocol IP protocol filtering status
route IP routing table
router2#
display ip routing info:
router2# show ip route
Codes: K – kernel route, C – connected, S – static, R – RIP,
O – OSPF, I – IS-IS, B – BGP, A – Babel,
> – selected route, * – FIB route
K>* 0.0.0.0/0 via 192.168.122.1, eth0
C>* 10.0.0.0/8 is directly connected, eth1
C>* 127.0.0.0/8 is directly connected, lo
C>* 192.168.122.0/24 is directly connected, eth0
router2#
router2#
enter privileged command mode:
(note the different prompt when logging in via telnet localhost 2601 compared to vtysh)
use enable or ena:
[root@router2 quagga]# telnet localhost 2601
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
Hello, this is Quagga (version 0.99.22.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
User Access Verification
Password:
router2>
router2> enable
Password:
router2#
display current interface config:
show int eth0
router2# show int eth0
Interface eth0 is up, line protocol detection is disabled
index 2 metric 1 mtu 1500
flags: <UP,BROADCAST,RUNNING,MULTICAST>
HWaddr: 52:54:00:f8:98:3d
inet 192.168.122.12/24 broadcast 192.168.122.255
inet6 fe80::127d:ea0d:65b7:30e5/64
inet6 fe80::6e18:9a8a:652c:1700/64
router2#
save current config:
wr
router2# wr
Configuration saved to /etc/quagga/zebra.conf
router2#
enter edit mode:
Router#conf t
router2# conf t
router2(config)#
To exit configure mode
end
router2# conf t
router2(config)#
router2(config)#
router2(config)#
router2(config)# end
router2#
To display current configuration use the show running-config command:
sh run
router2# sh run
Current configuration:
!
hostname router2
password zebra
enable password zebra
log file /var/log/quagga/quagga.log
!
interface eth0
ipv6 nd suppress-ra
!
interface eth1
ipv6 nd suppress-ra
!
interface lo
!
ip forwarding
!
!
line vty
!
end
router2#
router1# show ip bgp neighbors
BGP neighbor is 192.168.122.1, remote AS 65100, local AS 65101, external link
BGP version 4, remote router ID 0.0.0.0
BGP state = Active
Last read 01:06:19, hold time is 180, keepalive interval is 60 seconds
Message statistics:
Inq depth is 0
Outq depth is 0
Sent Rcvd
Opens: 34 0
Notifications: 0 0
Updates: 0 0
Keepalives: 0 0
Route Refresh: 0 0
Capability: 0 0
Total: 34 0
Minimum time between advertisement runs is 30 seconds
For address family: IPv4 Unicast
Community attribute sent to this neighbor(both)
0 accepted prefixes
Connections established 0; dropped 0
Last reset never
Local host: 192.168.122.11, Local port: 58120
Foreign host: 192.168.122.1, Foreign port: 179
Nexthop: 192.168.122.11
Nexthop global: fe80::127d:ea0d:65b7:30e5
Nexthop local: ::
BGP connection: non shared network
Next connect timer due in 109 seconds
Read thread: off Write thread: off
router1#
to exit router:
exit
router2# exit
Connection closed by foreign host.
[root@router2 quagga]#