Tags Archives: zebra

How To Install Quagga

To quote from Wikipedia:

 

Quagga is a network routing software suite providing implementations of Open Shortest Path First (OSPF), Routing Information Protocol (RIP), Border Gateway Protocol (BGP) and IS-IS for Unix-like platforms, particularly Linux, Solaris, FreeBSD and NetBSD.

 

The Quagga architecture consists of a core daemon (zebra) which is an abstraction layer to the underlying Unix kernel and presents the Zserv API over a Unix-domain socket or TCP socket to Quagga clients.

 

The Zserv clients typically implement a routing protocol and communicate routing updates to the zebra daemon. Existing Zserv clients are:

 

ospfd, implementing Open Shortest Path First (OSPFv2)
isisd, implementing Intermediate System to Intermediate System (IS-IS)
ripd, implementing Routing Information Protocol (RIP) version 1 and 2;
ospf6d, implementing Open Shortest Path First (OSPFv3) for IPv6
ripngd, implementing Routing Information Protocol (RIPng) for IPv6
bgpd, implementing Border Gateway Protocol (BGPv4+), including address family support for IP multicast and IPv6
pimd, implementing Protocol Independent Multicast (PIM-SSM) for Source-specific multicast

 

Additionally, the Quagga architecture has a rich development library to facilitate the implementation of protocol and client software with consistent configuration and administrative behavior.

 

Google has contributed to improvements to the IS-IS protocol and added BGP multipath support.

 

 

The Quagga routing package is comprised of 2 modules:

 

the Zebra daemon, and the Routing Processes (RIP,OSPF,BGP,IS-IS,Babel,OLSR,LDP,BFD)

 

Zebra daemon

 

The zebra daemon is an abstraction layer that sits between system kernel and the running routing processes. Each routing protocol operates its own routing daemon.

 

Quagga is responsible for updating the kernel routing table, setting static routes and managing dynamic routing.  Quagga can also be used to modify the physical host interface and routing table.

 

Routing Processes

 

All the Quagga routing daemons (ripd, ripngd, ospfd, ospfv6d, bgpd, isisd, babeld, olsrd, ldpd & bfdd)
communicate with the zebra daemon rather than directly with the kernel.

 

The Quagga daemons can be configured individually via a network-usable CLI called a “vty”.

 

After installing Quagga, you have to configure each daemon’s port number to connect to them.

 

Add the following entries to /etc/services:

 

zebrasrv 2600/tcp # zebra service
zebra 2601/tcp # zebra vty
ripd 2602/tcp # RIPd vty
ripngd 2603/tcp # RIPngd vty
ospfd 2604/tcp # OSPFd vty
bgpd 2605/tcp # BGPd vty
ospf6d 2606/tcp # OSPF6d vty
ospfapi 2607/tcp # ospfapi
isisd 2608/tcp # ISISd vty
pimd 2611/tcp # PIMd vty
nhrpd 2612/tcp # nhrpd vty

 

 

The vty CLI provides a similar though not identical interface to that of other routing software.

 

Quagga also includes a tool called “vtysh”‘ which is a single CLI interface to all Quagga daemons. vtysh accepts commands which are compatible or similar to those supported by router vendors such as Cisco and Juniper.

 

 

For detailed information about using Quagga see the official documentation at: https://www.quagga.net/docs/quagga.html

 

The Installation Process for Quagga

 

root@intel:~# apt install quagga
Reading package lists… Done
Building dependency tree
Reading state information… Done
quagga is already the newest version (1.2.4-4build1).
The following packages were automatically installed and are no longer required:
libphonenumber7 libprotobuf17
Use ‘sudo apt autoremove’ to remove them.
0 upgraded, 0 newly installed, 0 to remove and 4 not upgraded.
root@intel:~#

 

 

root@intel:~# apt install quagga-doc
Reading package lists… Done
Building dependency tree

………
done

 

 

 

root@intel:~# cp /usr/share/doc/quagga-core/examples/vtysh.conf.sample /etc/quagga/vtysh.conf
root@intel:~# cp /usr/share/doc/quagga-core/examples/zebra.conf.sample /etc/quagga/zebra.conf
root@intel:~# cp /usr/share/doc/quagga-core/examples/bgpd.conf.sample /etc/quagga/bgpd.conf
root@intel:~# sudo chown quagga:quagga /etc/quagga/*.conf
root@intel:~# sudo chown quagga:quaggavty /etc/quagga/vtysh.conf
root@intel:~# sudo chmod 640 /etc/quagga/*.conf
root@intel:~#

 

 

Enable packet forwarding and disable rp_filter, by uncommenting /etc/sysctl.conf:

 

nano /etc/sysctl.conf

 

net.ipv4.ip_forward=1

 

 

 

then to reload the values from the sysctl.conf

 

run:

 

root@intel:~# sysctl -p
net.ipv4.ip_forward = 1
root@intel:~#

 

 

Then set up the logging:

 

root@intel:~# mkdir /var/log/quagga/
root@intel:~# chown quagga:quagga /var/log/quagga/
root@intel:~# touch /var/log/zebra.log
root@intel:~# chown quagga:quagga /var/log/zebra.log
root@intel:~#

 

 

start the services and verify:

 

systemctl start zebra
systemctl start bgpd
systemctl status zebra
systemctl status bgpd

 

 

The bgbd service will automatically start the zebra service as this bdpd is dependent on it.

 

However, note that if you want to fully stop Quagga, you have to manually stop the zebra service too.

 

root@intel:~# systemctl start zebra
root@intel:~# systemctl start bgpd
root@intel:~# systemctl status zebra
● zebra.service – GNU Zebra routing manager
Loaded: loaded (/lib/systemd/system/zebra.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2021-06-01 14:25:05 CEST; 40ms ago
Docs: man:zebra
Process: 50339 ExecStartPre=/sbin/ip route flush proto zebra (code=exited, status=0/SUCCESS)
Process: 50354 ExecStartPre=/bin/chmod -f 640 /etc/quagga/vtysh.conf /etc/quagga/zebra.conf (code=exited, status=0/SUCCESS)
Process: 50355 ExecStartPre=/bin/chown -f quagga:quagga /etc/quagga/zebra.conf (code=exited, status=0/SUCCESS)
Process: 50356 ExecStartPre=/bin/chown -f quagga:quaggavty /etc/quagga/vtysh.conf (code=exited, status=0/SUCCESS)
Process: 50357 ExecStart=/usr/sbin/zebra -d -A 127.0.0.1 -f /etc/quagga/zebra.conf (code=exited, status=0/SUCCESS)
Main PID: 50358 (zebra)
Tasks: 1 (limit: 9344)
Memory: 3.3M
CGroup: /system.slice/zebra.service
└─50358 /usr/sbin/zebra -d -A 127.0.0.1 -f /etc/quagga/zebra.conf

Jun 01 14:25:05 intel systemd[1]: Starting GNU Zebra routing manager…
Jun 01 14:25:05 intel systemd[1]: Started GNU Zebra routing manager.
root@intel:~# systemctl status bgpd
● bgpd.service – BGP routing daemon
Loaded: loaded (/lib/systemd/system/bgpd.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2021-06-01 14:25:05 CEST; 3s ago
Docs: man:bgpd
Process: 50361 ExecStartPre=/bin/chmod -f 640 /etc/quagga/bgpd.conf (code=exited, status=0/SUCCESS)
Process: 50362 ExecStartPre=/bin/chown -f quagga:quagga /etc/quagga/bgpd.conf (code=exited, status=0/SUCCESS)
Process: 50363 ExecStart=/usr/sbin/bgpd -d -A 127.0.0.1 -f /etc/quagga/bgpd.conf (code=exited, status=0/SUCCESS)
Main PID: 50364 (bgpd)
Tasks: 1 (limit: 9344)
Memory: 4.0M
CGroup: /system.slice/bgpd.service
└─50364 /usr/sbin/bgpd -d -A 127.0.0.1 -f /etc/quagga/bgpd.conf

Jun 01 14:25:05 intel systemd[1]: Starting BGP routing daemon…
Jun 01 14:25:05 intel systemd[1]: Started BGP routing daemon.
root@intel:~#

 

 

Check that the services will start on reboot:

 

Check whether the services start at system startup:

 

systemctl is-enabled zebra.service
systemctl is-enabled bgpd.service

 

root@intel:~# systemctl is-enabled zebra.service
enabled
root@intel:~# systemctl is-enabled bgpd.service
enabled
root@intel:~#

 

 

Disable unnecessary services:

systemctl status ospfd

systemctl is-enabled ospfd
systemctl is-enabled ospf6d
systemctl is-enabled ripd
systemctl is-enabled ripngd
systemctl is-enabled isisd

systemctl disable ospfd
systemctl disable ospf6d
systemctl disable ripd
systemctl disable ripngd
systemctl disable isisd

 

then run again:

 

systemctl is-enabled ospfd
systemctl is-enabled ospf6d
systemctl is-enabled ripd
systemctl is-enabled ripngd
systemctl is-enabled isisd

 

 

root@intel:~# systemctl status ospfd
● ospfd.service – OSPF routing daemon
Loaded: loaded (/lib/systemd/system/ospfd.service; enabled; vendor preset: enabled)
Active: inactive (dead)
Condition: start condition failed at Sun 2021-05-30 14:43:26 CEST; 1 day 23h ago
Docs: man:ospfd

 

Mai 30 14:43:26 intel systemd[1]: Condition check resulted in OSPF routing daemon being skipped.
root@intel:~#
root@intel:~# systemctl is-enabled ospfd
enabled
root@intel:~# systemctl is-enabled ospf6d
enabled
root@intel:~# systemctl is-enabled ripd
enabled
root@intel:~# systemctl is-enabled ripngd
enabled
root@intel:~# systemctl is-enabled isisd
enabled
root@intel:~# systemctl disable ospfd
Synchronizing state of ospfd.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install disable ospfd

 

Removed /etc/systemd/system/multi-user.target.wants/ospfd.service.
root@intel:~# systemctl disable ospf6d
Synchronizing state of ospf6d.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install disable ospf6d
Removed /etc/systemd/system/multi-user.target.wants/ospf6d.service.
root@intel:~# systemctl disable ripd
Synchronizing state of ripd.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install disable ripd
Removed /etc/systemd/system/multi-user.target.wants/ripd.service.
root@intel:~# systemctl disable ripngd
Synchronizing state of ripngd.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install disable ripngd
Removed /etc/systemd/system/multi-user.target.wants/ripngd.service.
root@intel:~# systemctl disable isisd
Synchronizing state of isisd.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install disable isisd
Removed /etc/systemd/system/multi-user.target.wants/isisd.service.
root@intel:~# systemctl is-enabled ospfd
disabled
root@intel:~# systemctl is-enabled ospf6d
disabled
root@intel:~# systemctl is-enabled ripd
disabled
root@intel:~# systemctl is-enabled ripngd
disabled
root@intel:~# systemctl is-enabled isisd
disabled
root@intel:~#

 

 

Test connections to the vtysh, bgpd and zebra terminals:

 

vtysh
telnet localhost 2605
telnet localhost 2601

 

 

root@intel:~# vtysh

 

Hello, this is Quagga (version 1.2.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

 

intel#
intel#
intel#
intel# exit
root@intel:~# telnet localhost 2605
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.

 

Hello, this is Quagga (version 1.2.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

 

User Access Verification

 

Password:
Password:
Password:
% Bad passwords, too many failures!
Connection closed by foreign host.
root@intel:~# telnet localhost 2601
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.

 

Hello, this is Quagga (version 1.2.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

 

User Access Verification

 

Password:
Password:
Password:
% Bad passwords, too many failures!
Connection closed by foreign host.
root@intel:~#

 

 

This completes the basic installation of Quagga.

 

 

Next steps are to configure the logins for the above admin systems and then configure the router for BGP.

 

 

Configure Quagga VTY

 

 

Add your Linux user account to the quaggavty group. This lets you to access the Quagga VTY command-line interface:

 

adduser <user> quaggavty

 

root@intel:~# adduser kevin quaggavty
Adding user `kevin’ to group `quaggavty’ …
Adding user kevin to group quaggavty
Done.
root@intel:~#

 

 

vty uses “more” for pagination. However this can be switched to “less”, by adding the following environment variable to your ~/.profile or ~/.bash_profile configuration file:

 

export VTYSH_PAGER=”less -FX”

 

The -F argument is used to prevent less from activating if the output is smaller than one screen in size, and -X is used to prevent the screen being unnecessarily cleared.

 

kevin@intel:~$ cat ~/.profile
# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

 

# if running bash
if [ -n “$BASH_VERSION” ]; then
# include .bashrc if it exists
if [ -f “$HOME/.bashrc” ]; then
. “$HOME/.bashrc”
fi
fi

# set PATH so it includes user’s private bin directories
PATH=”$HOME/bin:$HOME/.local/bin:$PATH”

export VTYSH_PAGER=”less -FX”

 

kevin@intel:~$

 

 

Finally, run the vtysh command in order to connect.

 

 

Quagga uses commands which are generally the same or similar to Cisco IOS

 

 

kevin@intel:~$ vtysh

 

Hello, this is Quagga (version 1.2.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

 

intel#

 

 

use ? to list basic level help:

 

intel# ?
clear Reset functions
configure Configuration from vty interface
copy Copy from one file to another
debug Debugging functions (see also ‘undebug’)
disable Turn off privileged mode command
enable Turn on privileged mode command
end End current mode and change to enable mode
exit Exit current mode and down to previous mode
list Print command list
no Negate a command or set its defaults
ping Send echo messages
quit Exit current mode and down to previous mode
show Show running system information
ssh Open an ssh connection
start-shell Start UNIX shell
telnet Open a telnet connection
terminal Set terminal line parameters
test Test
traceroute Trace route to destination
undebug Disable debugging functions (see also ‘debug’)
write Write running configuration to memory, network, or terminal
intel#

 

To enter configuration mode in vtysh use either

 

configure terminal

 

or

 

conf t

 

 

intel# configure terminal
intel(config)#
intel(config)# exit
intel#
intel# conf t
intel(config)#

 

 

You can then enter ? again and list the configuration level help:

 

 

intel(config)# ?
access-list Add an access list entry
bgp BGP information
debug Debugging functions
default Configure defaults of settings
dump Dump packet
enable Modify enable password parameters
end End current mode and change to enable mode
exit Exit current mode and down to previous mode
fpm fpm connection remote ip and port
hostname Set system’s network name
interface Select an interface to configure
ip IP information
ipv6 IP information
key Authentication key management
line Configure a terminal line
list Print command list
log Logging control
nhrp Next Hop Resolution Protocol functions
no Negate a command or set its defaults
password Assign the terminal connection password
route-map Create route-map or enter route-map command mode
router Enable a routing process
router-id Manually set the router-id
service Set up miscellaneous service
show Negate a command or set its defaults
table Configure target kernel routing table
undebug Disable debugging functions (see also ‘debug’)
username
vrf Enable a VRF
intel(config)#

 

To Configure Quagga Using vtysh

 

NOTE: This is included here for reference. Carry out the further configuration steps described further below before attempting this step!

 

Example of a basic BGP configuration:

 

vtysh> configure terminal
vtysh(config)> router bgp <your-asn>
vtysh(config-router)> neighbor <neighbor-ip> remote-as <neighbor-asn>
vtysh(config-router)> neighbor <neighbor-ip> interface <interface>
vtysh(config-router)> exit
vtysh(config)> exit

 

To display current BGP status:

 

intel# show ip bgp summary
No IPv4 neighbor is configured
intel#

 

 

 

 

 

How To Configure BGP on Quagga

 

 

First, check that Zebra is running. Zebra is the routing daemon for Quagga.

 

root@intel:~# netstat -tulpen | grep zebra
tcp 0 0 127.0.0.1:2601 0.0.0.0:* LISTEN 127 1232049 50358/zebra
root@intel:~#

 

 

 

Enable packet forwarding (ip_forwarding):

 

root@intel:/home/kevin# sysctl -a | grep net.ipv6.conf.default.forwarding
net.ipv6.conf.default.forwarding = 0
root@intel:/home/kevin# sysctl -a | grep net.ipv4.ip_forward
net.ipv4.ip_forward = 1
net.ipv4.ip_forward_update_priority = 1
net.ipv4.ip_forward_use_pmtu = 0
root@intel:/home/kevin# sysctl -a | grep net.ipv6.conf.all.forwarding
net.ipv6.conf.all.forwarding = 0

 

root@intel:/home/kevin#
root@intel:/home/kevin# echo “net.ipv4.ip_forward=1” >> /etc/sysctl.conf
root@intel:/home/kevin# echo “net.ipv6.conf.default.forwarding=1” >> /etc/sysctl.conf
root@intel:/home/kevin# echo “net.ipv6.conf.all.forwarding=1” >> /etc/sysctl.conf

 

root@intel:/home/kevin# sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.ip_forward = 1
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
root@intel:/home/kevin#

 

NOTE: if you are running a firewall such as iptables, also check that the firewall configuration is not blocking packet forwarding!

 

 

Disable the Linux rp_filter strict mode:

 

 

rp_filter is a network security mechanism in the Linux kernel. It checks packet source addresses and the source network interface.

 

Possible settings for rp_filter:

 

0 (disabled): allow all packets.

 

Packets that do not have entries in routing table and so cannot be handled correctly will instead be processed by userspace applications, so setting to 0 should be no problem here.

 

1 (strict): if the packets do not come in on the “best” network interface (or in other words, your server replies to the packet on a different network interface), then the packet will be dropped.

 

2 (relaxed): Linux will only drop packets which have a source address not in the routing table or else does not know how to respond properly to.

 

NOTE: Using different network interfaces for source and reply is common with DN42, so you should ensure you DON’T set rp_filter to 1!

 

ALSO NOTE: Firewalls such as ufw may be configured for Conntrack. Conntrack filters incoming packets from addresses it hasn’t seen before, which is effectively applying a strict rp_filter. So you may need to disable this setting.

 

 

echo “net.ipv4.conf.default.rp_filter=2” >> /etc/sysctl.conf
echo “net.ipv4.conf.all.rp_filter=2” >> /etc/sysctl.conf
sysctl -p

 

root@intel:/home/kevin# echo “net.ipv4.conf.default.rp_filter=2” >> /etc/sysctl.conf
root@intel:/home/kevin# echo “net.ipv4.conf.all.rp_filter=2” >> /etc/sysctl.conf
root@intel:/home/kevin# sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.ip_forward = 1
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
net.ipv4.conf.default.rp_filter = 2
net.ipv4.conf.all.rp_filter = 2
root@intel:/home/kevin#

 

 

Install and  Configure a VPN Tunnel Software Package for DN42

 

For peering in DN42 VPN tunneling software is required. This is because DN42 nodes are spread across the world, and tunneling provides encryption and protection against interception and hacking. Also, DN42 uses private addresses that will be automatically dropped by firewalls on the Internet.

 

Furthermore, if you do not use a VPN your ISP may assume you are operating IP Spoofing, which is a clear violation of ISP ToS and can have catastrophic technical consequences.

 

Continue Reading

LPIC3 DIPLOMA Linux Clustering – LAB NOTES: Lesson BGP

LAB on BGP 

 

These are my notes made during my lab practical as part of my LPIC3 Diploma course in Linux Clustering. They are in “rough format”, presented as they were written.

 

 

LPIC3 Syllabus for BGP

 

364.4 Network High Availability
Weight: 5
Description: Candidates should be able to configure redundant networking connections and manage VLANs.

Furthermore, candidates should have a basic understanding of BGP.

Key Knowledge Areas:
• Understand and configure bonding network interface
• Network bond modes and algorithms (active-backup, blance-tlb, balance-alb,
802.3ad, balance-rr, balance-xor, broadcast)
• Configure switch configuration for high availability, including RSTP
• Configure VLANs on regular and bonded network interfaces
• Persist bonding and VLAN configuration
• Understand the principle of autonomous systems and BGP to manage external
redundant uplinks
• Awareness of traffic shaping and control capabilities of Linux
 

Partial list of the used files, terms and utilities:
• bonding.ko (including relevant module options)
• /etc/network/interfaces
• /etc/sysconfig/networking-scripts/ifcfg-*
• /etc/systemd/network/*.network
• /etc/systemd/network/*.netdev
• nmcli
• /sys/class/net/bonding_masters
• /sys/class/net/bond*/bonding/miimon
• /sys/class/net/bond*/bonding/slaves
• ifenslave
• ip

 

Network Overview

 

The network for this BGP LAB comprises two virtual KVM machines, installed with CentOS 7 and housed on a KVM virtual machine system on a Linux Ubuntu host:

 

router1 10.0.8.100 and
router2 10.0.9.100

 

Our Internet will effectively be the laptop, with an IP of 192.168.122.1

 

This interface is defined on the laptop as a KVM bridge.

 

 

Border Gateway Protocol BGP

 

 

Installation of BGP and Dependencies

 

 

 

Make sure SELinux is disabled. Check with:

 

 

root@asus:/home/kevin# sestatus
SELinux status: disabled
root@asus:/home/kevin#

 

 

 

If you are using CentOS 7, you need to apply the following policy change for SELinux. Otherwise, SELinux will prevent Zebra daemon from writing to its configuration directory.

[root@router1 ~]# setsebool -P zebra_write_config 1
setsebool: SELinux is disabled.
[root@router1 ~]#

 

If not disabled, open /etc/selinux/config

 

and change

 

SELINUX=enforcing

 

to

 

SELINUX=disabled

 

 

Then reboot.

 

 

 

yum install readline-devel

 

[root@router1 ~]# yum install readline-devel
Failed to set locale, defaulting to C.UTF-8

 

Installing:
readline-devel x86_64 7.0-10.el8 baseos 204 k
Installing dependencies:
ncurses-c++-libs x86_64 6.1-7.20180224.el8 baseos 58 k
ncurses-devel x86_64 6.1-7.20180224.el8 baseos 527 k

Transaction Summary
=======================================================================================================================================
Install 3 Packages

Installed:
ncurses-c++-libs-6.1-7.20180224.el8.x86_64 ncurses-devel-6.1-7.20180224.el8.x86_64 readline-devel-7.0-10.el8.x86_64

Complete!
[root@router1 ~]#

 

[root@router2 ~]# yum install quagga
Loaded plugins: fastestmirror, langpacks
Installing:
quagga x86_64 0.99.22.4-5.el7_4 base 1.2 M
Installing for dependencies:
net-snmp x86_64 1:5.7.2-49.el7_9.1 updates 325 k
net-snmp-agent-libs x86_64 1:5.7.2-49.el7_9.1 updates 707 k
perl-Data-Dumper x86_64 2.145-3.el7 base 47 k

 

Transaction Summary

 

Running transaction
Installing : 1:net-snmp-agent-libs-5.7.2-49.el7_9.1.x86_64 1/4
Installing : perl-Data-Dumper-2.145-3.el7.x86_64 2/4
Installing : 1:net-snmp-5.7.2-49.el7_9.1.x86_64 3/4
Installing : quagga-0.99.22.4-5.el7_4.x86_64 4/4
Verifying : perl-Data-Dumper-2.145-3.el7.x86_64 1/4
Verifying : quagga-0.99.22.4-5.el7_4.x86_64 2/4
Verifying : 1:net-snmp-agent-libs-5.7.2-49.el7_9.1.x86_64 3/4
Verifying : 1:net-snmp-5.7.2-49.el7_9.1.x86_64 4/4

 

Installed:
quagga.x86_64 0:0.99.22.4-5.el7_4

 

Dependency Installed:
net-snmp.x86_64 1:5.7.2-49.el7_9.1 net-snmp-agent-libs.x86_64 1:5.7.2-49.el7_9.1 perl-Data-Dumper.x86_64 0:2.145-3.el7

Complete!
[root@router2 ~]#

 

[root@router2 ~]# systemctl enable zebra
Created symlink from /etc/systemd/system/multi-user.target.wants/zebra.service to /usr/lib/systemd/system/zebra.service.
[root@router2 ~]#
[root@router2 ~]# systemctl start zebra
[root@router2 ~]# systemctl status zebra
● zebra.service – GNU Zebra routing manager
Loaded: loaded (/usr/lib/systemd/system/zebra.service; enabled; vendor preset: disabled)
Active: active (running) since Fr 2021-05-14 15:13:55 CEST; 4s ago
Process: 20902 ExecStart=/usr/sbin/zebra -d $ZEBRA_OPTS -f /etc/quagga/zebra.conf (code=exited, status=0/SUCCESS)
Process: 20901 ExecStartPre=/sbin/ip route flush proto zebra (code=exited, status=0/SUCCESS)
Main PID: 20904 (zebra)
CGroup: /system.slice/zebra.service
└─20904 /usr/sbin/zebra -d -A 127.0.0.1 -f /etc/quagga/zebra.conf

 

Mai 14 15:13:55 router2 systemd[1]: Starting GNU Zebra routing manager…
Mai 14 15:13:55 router2 systemd[1]: Can’t open PID file /run/quagga/zebra.pid (yet?) after start: No such file or directory
Mai 14 15:13:55 router2 systemd[1]: Started GNU Zebra routing manager.
[root@router2 ~]#

 

[root@router2 ~]# systemctl enable bgpd
Created symlink from /etc/systemd/system/multi-user.target.wants/bgpd.service to /usr/lib/systemd/system/bgpd.service.
[root@router2 ~]# systemctl status bgpd
● bgpd.service – BGP routing daemon
Loaded: loaded (/usr/lib/systemd/system/bgpd.service; enabled; vendor preset: disabled)
Active: inactive (dead)
[root@router2 ~]# systemctl start bgpd
[root@router2 ~]# systemctl status bgpd
● bgpd.service – BGP routing daemon
Loaded: loaded (/usr/lib/systemd/system/bgpd.service; enabled; vendor preset: disabled)
Active: inactive (dead)
Condition: start condition failed at Fr 2021-05-14 15:14:41 CEST; 1s ago
ConditionPathExists=/etc/quagga/bgpd.conf was not met
[root@router2 ~]#

 

Next we do the same on router1

 

BGP Router Configuration with Quagga 

 

In order to configure the BGP routing, we use the vtysh shell.

 

First copy the sample BGP configuration file:

 

cp /usr/share/doc/quagga-*/bgpd.conf.sample /etc/quagga/bgpd.conf

 

Quagga offers a dedicated command-line shell called vtysh, where you can type commands which are compatible with those supported by router vendors such as Cisco and Juniper.

 

Do the following on both routers:

 

After the file has been copied, enter the shell: vtysh

 

the prompt will appear, in this case:

 

[root@router1 ~]# vtysh

 

Hello, this is Quagga (version 0.99.22.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

 

router1# show running-config
Building configuration…

 

Current configuration:

!
hostname router2
!
interface eth0
ipv6 nd suppress-ra
!
interface eth1
ipv6 nd suppress-ra
!
interface lo
!
line vty
!
end
router1#

 

Now we specify the log file for Zebra by using the following commands (still in the vtysh shell):

 

router1# configure terminal
router1(config)# log file /var/log/quagga/quagga.log
router1(config)# exit
router1# write
Building Configuration…
Configuration saved to /etc/quagga/zebra.conf
[OK]
router1# exit
[root@router1 ~]#

 

If you are using CentOS 7, you need to apply the following policy change for SELinux. Otherwise, SELinux will prevent Zebra daemon from writing to its configuration directory.

[root@router1 ~]# setsebool -P zebra_write_config 1
setsebool: SELinux is disabled.
[root@router1 ~]#

 

do the same on both routers.

[root@router1 ~]# cp /usr/share/doc/quagga-*/bgpd.conf.sample /etc/quagga/bgpd.conf
[root@router1 ~]# cd /etc
[root@router1 etc]# cd quagga/
[root@router1 quagga]# ls
bgpd.conf vtysh.conf zebra.conf zebra.conf.sav
[root@router1 quagga]#
[root@router1 quagga]#
[root@router1 quagga]# cat zebra.conf
!
! Zebra configuration saved from vty
! 2021/05/14 15:35:50
!
hostname router2
log file /var/log/quagga/quagga.log
!
interface eth0
ipv6 nd suppress-ra
!
interface eth1
ipv6 nd suppress-ra
!
interface lo
!
!
!
line vty
!
[root@router1 quagga]# cat bgpd.conf
! -*- bgp -*-
!
! BGPd sample configuratin file
!
! $Id: bgpd.conf.sample,v 1.1 2002/12/13 20:15:29 paul Exp $
!
hostname bgpd
password zebra
!enable password please-set-at-here
!
!bgp mulitple-instance
!
router bgp 7675
! bgp router-id 10.0.0.1
! network 10.0.0.0/8
! neighbor 10.0.0.2 remote-as 7675
! neighbor 10.0.0.2 route-map set-nexthop out
! neighbor 10.0.0.2 ebgp-multihop
! neighbor 10.0.0.2 next-hop-self
!
! access-list all permit any
!
!route-map set-nexthop permit 10
! match ip address all
! set ip next-hop 10.0.0.1
!
!log file bgpd.log
!
log stdout
[root@router1 quagga]#

 

 

Configuring BGP Peering

 

 

installing on ubuntu laptop

root@asus:~# apt-get install quagga
Reading package lists… Done

 

echo “net.ipv4.conf.all.forwarding=1” | sudo tee -a /etc/sysctl.conf

root@asus:~# echo “net.ipv4.conf.all.forwarding=1” | sudo tee -a /etc/sysctl.conf
net.ipv4.conf.all.forwarding=1
root@asus:~#

check with

sysctl -p

root@asus:~# sysctl -p
net.ipv4.conf.all.forwarding = 1
root@asus:~#

apt install quagga-doc

 

copy the required files for configuring this routing suite.

babeld.conf
bgpd.conf
bgpd.conf
isisd.conf
ospf6d.conf
ospfd.conf
ripd.conf
ripngd.conf
vtysh.conf
zebra.conf

 

 

These configuration files are not placed initially in /etc/quagga/ so you need to copy these files from /usr/share/doc/quagga-core/examples to /etc/quagga:

 

 

root@asus:/usr/share/doc/quagga-core/examples# cp /usr/share/doc/quagga-core/examples/vtysh.conf.sample /etc/quagga/vtysh.conf
root@asus:/usr/share/doc/quagga-core/examples# cp /usr/share/doc/quagga-core/examples/zebra.conf.sample /etc/quagga/zebra.conf
root@asus:/usr/share/doc/quagga-core/examples# cp /usr/share/doc/quagga-core/examples/bgpd.conf.sample /etc/quagga/bgpd.conf
root@asus:/usr/share/doc/quagga-core/examples# sudo chown quagga:quagga /etc/quagga/*.conf
root@asus:/usr/share/doc/quagga-core/examples# sudo chown quagga:quaggavty /etc/quagga/vtysh.conf
root@asus:/usr/share/doc/quagga-core/examples# sudo chmod 640 /etc/quagga/*.conf
root@asus:/usr/share/doc/quagga-core/examples#

 

to write logs:

root@asus:~# mkdir /var/log/quagga/
root@asus:~# chown quagga:quagga /var/log/quagga/
root@asus:~# touch /var/log/zebra.log
root@asus:~# chown quagga:quagga /var/log/zebra.log
root@asus:~#

 

 

Next, we configure peering IP addresses on the external interface to be used.

 

[root@router1 ~]# vtysh

 

Hello, this is Quagga (version 0.99.22.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

 

router1# show interface
Interface eth0 is up, line protocol detection is disabled
index 2 metric 1 mtu 1500
flags: <UP,BROADCAST,RUNNING,MULTICAST>
HWaddr: 52:54:00:9f:8b:c0
inet 192.168.122.8/24 broadcast 192.168.122.255
inet6 fe80::127d:ea0d:65b7:30e5/64
Interface eth1 is up, line protocol detection is disabled
index 3 metric 1 mtu 1500
flags: <UP,BROADCAST,RUNNING,MULTICAST>
HWaddr: 52:54:00:19:4f:66
inet 10.0.8.100/8 broadcast 10.255.255.255
inet6 fe80::c466:3844:d978:b3d8/64
Interface lo is up, line protocol detection is disabled
index 1 metric 1 mtu 65536
flags: <UP,LOOPBACK,RUNNING>
inet 127.0.0.1/8
inet6 ::1/128
router1#

 

For BGP peering, we first copy the sample configuration file from “/usr/share/doc” to “/etc”. Then, we will start and enable the bgp service. After all this is done, we configure the BGP session.

 

1) Let’s prepare the BGP daemon (BGPd)’s configuration file.

 

cp /usr/share/doc/quagga-XXXXXXX/bgpd.conf.sample /etc/quagga/bgpd.conf

 

 

root@asus:~# cat /etc/quagga/bgpd.conf
!
! Zebra configuration saved from vty
! 2021/05/14 17:40:00
!
hostname bgpd
password zebra
log file /var/log/quagga/quagga.log
log stdout
!
router bgp 7675
bgp router-id 192.168.178.22
!
address-family ipv6
exit-address-family
exit
!
line vty

 

 

 

 

 

[root@router2 quagga]# vtysh

 

 

Hello, this is Quagga (version 0.99.22.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

 

 

router2# configure terminal
router2(config)# router bgp 65102
router2(config-router)#
router2(config-router)# network 10.0.9.0/24
router2(config-router)# exit
router2(config)# exit
router2# wr
Building Configuration…
Configuration saved to /etc/quagga/zebra.conf
Configuration saved to /etc/quagga/bgpd.conf
[OK]
router2#

 

to test your configuration, you can manually bind the address to your loopback interface:

 

 

[root@router1 ~]# ip addr add 10.0.8.201 dev lo

 

Note I have set the following additional loopback IPs for the 3 BGP routers: 

 

 

asus: 192.168.122.200

 

router1: 10.0.8.201

 

router2: 10.0.9.202

 

These will need to be permanently configured to survive reboot.

 

You can then manually check the route to ensure that it’s a local one:

 

ip route get 10.0.8.201

 

[root@router1 ~]# ip route get 10.0.8.201
local 10.0.8.201 dev lo src 10.0.8.201
cache <local>
[root@router1 ~]#

 

 

As this address was manually added, the configuration will not persist after the networking services are restarted or the system is rebooted.

 

 

[root@router1 ~]# vtysh

 

Hello, this is Quagga (version 0.99.22.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

 

router1# conf t
router1(config)#
router1(config)#
router1(config)#
router1(config)#
router1(config)# route-map RM_SET_SRC permit 10
router1(config-route-map)#
router1(config-route-map)#
router1(config-route-map)#
router1(config-route-map)# set src 10.0.8.201
router1(config-route-map)# ip protocol bgp route-map RM_SET_SRC
router1(config)# exit
router1# write
Building Configuration…
Configuration saved to /etc/quagga/zebra.conf
Can’t backup old configuration file /etc/quagga/bgpd.conf.sav.
[OK]
router1#

 

router1# show route-map RM_SET_SRC
ZEBRA:
route-map RM_SET_SRC, permit, sequence 10
Match clauses:
Set clauses:
src 10.0.8.201
Call clause:
Action:
Exit routemap
BGP:
route-map RM_SET_SRC, permit, sequence 10
Match clauses:
Set clauses:
Call clause:
Action:
Exit routemap
router1#

 

 

 

 

 

Private AS Numbers

 

64512 – 65534 16 Reserved for Private Usage

 

we will use:

 

65100 asus
65101 router1
65102 router2

 

 

on router1:

 

nano /etc/quagga/bgpd.conf

 

! -*- bgp -*-
!
! BGPd sample configuratin file
!
! $Id: bgpd.conf.sample,v 1.1 2002/12/13 20:15:29 paul Exp $
!
hostname router1
password zebra
enable password zebra
!enable password please-set-at-here
!
bgp mulitple-instance
!
router bgp 65101
bgp router-id 10.0.8.100
network 10.0.8.0/24
bgp log-neighbor-changes

neighbor 192.168.122.1 remote-as 65100
! neighbor 10.0.0.2 route-map set-nexthop out
! neighbor 10.0.0.2 ebgp-multihop
! neighbor 10.0.0.2 next-hop-self
!
access-list all permit any
!
!route-map set-nexthop permit 10
! match ip address all
! set ip next-hop 10.0.0.1
!
log file /var/log/quagga/bgpd.log
!
log stdout

 

nano /etc/quagga/zebra.conf

GNU nano 2.3.1 File: /etc/quagga/zebra.conf

!
! Zebra configuration saved from vty
! 2021/05/14 15:35:50
!
hostname router1
log file /var/log/quagga/quagga.log
!
!interface eth0
! ipv6 nd suppress-ra
!
interface eth1
ipv6 nd suppress-ra
!
interface lo
!
!
!
line vty
!

 

on router2:

 

nano /etc/quagga/bgpd.conf

 

! -*- bgp -*-
!
! BGPd sample configuratin file
!
! $Id: bgpd.conf.sample,v 1.1 2002/12/13 20:15:29 paul Exp $
!
hostname router2
password zebra
enable password zebra
!enable password please-set-at-here
!
bgp mulitple-instance
!
router bgp 65102
bgp router-id 10.0.9.100
network 10.0.9.0/24
bgp log-neighbor-changes

neighbor 192.168.122.1 remote-as 65100
! neighbor 10.0.0.2 route-map set-nexthop out
! neighbor 10.0.0.2 ebgp-multihop
! neighbor 10.0.0.2 next-hop-self
!
access-list all permit any
!
!route-map set-nexthop permit 10
! match ip address all
! set ip next-hop 10.0.0.1
!
log file /var/log/quagga/bgpd.log
!
log stdout

 

nano /etc/quagga/zebra.conf

 

GNU nano 2.3.1 File: /etc/quagga/zebra.conf

!
! Zebra configuration saved from vty
! 2021/05/14 15:35:50
!
hostname router2
log file /var/log/quagga/quagga.log
!
!interface eth0
! ipv6 nd suppress-ra
!
interface eth1
ipv6 nd suppress-ra
!
interface lo
!
!
!
line vty
!

 

on asus laptop:

 

GNU nano 5.2 /etc/quagga/bgpd.conf
!
! Zebra configuration saved from vty
! 2021/05/14 17:40:00
!
hostname bgpd
password zebra
log file /var/log/quagga/quagga.log
log stdout
!
router bgp 65100
bgp router-id 192.168.122.1
!
address-family ipv6
exit-address-family
exit
!
line vty
!

 

also on asus:

 

nano /etc/quagga/bgpd.conf

 

! -*- bgp -*-
!
! BGPd sample configuratin file
!
! $Id: bgpd.conf.sample,v 1.1 2002/12/13 20:15:29 paul Exp $
!
hostname bgpd
password zebra
enable password zebra
!enable password please-set-at-here
!
bgp mulitple-instance
!
router bgp 65100
bgp router-id 192.168.122.1
network 192.168.122.0/24
bgp log-neighbor-changes

neighbor 10.0.8.100 remote-as 65101
! neighbor 10.0.0.2 route-map set-nexthop out
! neighbor 10.0.0.2 ebgp-multihop
! neighbor 10.0.0.2 next-hop-self
!

neighbor 10.0.9.100 remote-as 65102
! neighbor 10.0.0.2 route-map set-nexthop out
! neighbor 10.0.0.2 ebgp-multihop
! neighbor 10.0.0.2 next-hop-self
!

access-list all permit any
!
!route-map set-nexthop permit 10
! match ip address all
! set ip next-hop 10.0.0.1
!
log file /var/log/quagga/bgpd.log
!
log stdout

 

Start BGP Services

 

Next we start the quagga services: bgpd and zebra on all the routers in this LAB ie asus, router1 and router2:

 

start the services bgpd and zebra:

 

root@asus:~#
root@asus:~# systemctl start bgpd
root@asus:~# systemctl start zebra
root@asus:~# systemctl status bgpd
● bgpd.service – BGP routing daemon
Loaded: loaded (/lib/systemd/system/bgpd.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2021-05-14 16:39:41 CEST; 8s ago
Docs: man:bgpd
Process: 244632 ExecStartPre=/bin/chmod -f 640 /etc/quagga/bgpd.conf (code=exited, status=0/SUCCESS)
Process: 244633 ExecStartPre=/bin/chown -f quagga:quagga /etc/quagga/bgpd.conf (code=exited, status=0/SUCCESS)
Process: 244634 ExecStart=/usr/sbin/bgpd -d -A 127.0.0.1 -f /etc/quagga/bgpd.conf (code=exited, status=0/SUCCESS)
Main PID: 244635 (bgpd)
Tasks: 1 (limit: 21460)
Memory: 3.0M
CGroup: /system.slice/bgpd.service
└─244635 /usr/sbin/bgpd -d -A 127.0.0.1 -f /etc/quagga/bgpd.conf

Mai 14 16:39:41 asus systemd[1]: Starting BGP routing daemon…
Mai 14 16:39:41 asus systemd[1]: Started BGP routing daemon.
root@asus:~# systemctl status zebra
● zebra.service – GNU Zebra routing manager
Loaded: loaded (/lib/systemd/system/zebra.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2021-05-14 16:39:41 CEST; 12s ago
Docs: man:zebra
Process: 244626 ExecStartPre=/sbin/ip route flush proto zebra (code=exited, status=0/SUCCESS)
Process: 244627 ExecStartPre=/bin/chmod -f 640 /etc/quagga/vtysh.conf /etc/quagga/zebra.conf (code=exited, status=0/SUCCESS)
Process: 244628 ExecStartPre=/bin/chown -f quagga:quagga /etc/quagga/zebra.conf (code=exited, status=0/SUCCESS)
Process: 244629 ExecStartPre=/bin/chown -f quagga:quaggavty /etc/quagga/vtysh.conf (code=exited, status=0/SUCCESS)
Process: 244630 ExecStart=/usr/sbin/zebra -d -A 127.0.0.1 -f /etc/quagga/zebra.conf (code=exited, status=0/SUCCESS)
Main PID: 244631 (zebra)
Tasks: 1 (limit: 21460)
Memory: 2.2M
CGroup: /system.slice/zebra.service
└─244631 /usr/sbin/zebra -d -A 127.0.0.1 -f /etc/quagga/zebra.conf

 

Mai 14 16:39:41 asus systemd[1]: Starting GNU Zebra routing manager…
Mai 14 16:39:41 asus systemd[1]: Started GNU Zebra routing manager.
root@asus:~#

 

normally on a router they would also be enabled to start on boot:

 

sudo systemctl is-enabled zebra.service
sudo systemctl is-enabled bgpd.service
sudo systemctl enable zebra.service
sudo systemctl enable bgpd.service

 

Disable unnecessary services:

systemctl status ospfd

systemctl is-enabled ospfd
systemctl is-enabled ospf6d
systemctl is-enabled ripd
systemctl is-enabled ripngd
systemctl is-enabled isisd

systemctl disable ospfd
systemctl disable ospf6d
systemctl disable ripd
systemctl disable ripngd
systemctl disable isisd

 

 

Do this on all the BGP routers for all AS systems in this LAB.

 

Connect to the vtysh, bgpd and zebra terminal as follows:

 

vtysh
sudo telnet localhost 2605
sudo telnet localhost 2601

 

 

 

 

 

[root@router2 quagga]# systemctl start bgpd
[root@router2 quagga]# systemctl status bgpd
● bgpd.service – BGP routing daemon
Loaded: loaded (/usr/lib/systemd/system/bgpd.service; enabled; vendor preset: disabled)
Active: active (running) since So 2021-05-16 00:36:13 CEST; 4s ago
Process: 4404 ExecStart=/usr/sbin/bgpd -d $BGPD_OPTS -f /etc/quagga/bgpd.conf (code=exited, status=0/SUCCESS)
Main PID: 4405 (bgpd)
CGroup: /system.slice/bgpd.service
└─4405 /usr/sbin/bgpd -d -A 127.0.0.1 -f /etc/quagga/bgpd.conf

Mai 16 00:36:13 router2 systemd[1]: Starting BGP routing daemon…
Mai 16 00:36:13 router2 systemd[1]: Can’t open PID file /run/quagga/bgpd.pid (yet?) after start: No such file or directory
Mai 16 00:36:13 router2 systemd[1]: Started BGP routing daemon.
[root@router2 quagga]#
[root@router2 quagga]#

 

 

[root@router2 quagga]# systemctl start zebra
[root@router2 quagga]# systemctl status zebra
● zebra.service – GNU Zebra routing manager
Loaded: loaded (/usr/lib/systemd/system/zebra.service; enabled; vendor preset: disabled)
Active: active (running) since Fr 2021-05-14 15:31:57 CEST; 1 day 9h ago
Process: 710 ExecStart=/usr/sbin/zebra -d $ZEBRA_OPTS -f /etc/quagga/zebra.conf (code=exited, status=0/SUCCESS)
Process: 673 ExecStartPre=/sbin/ip route flush proto zebra (code=exited, status=0/SUCCESS)
Main PID: 726 (zebra)
CGroup: /system.slice/zebra.service
└─726 /usr/sbin/zebra -d -A 127.0.0.1 -f /etc/quagga/zebra.conf

 

 

Mai 14 15:31:56 router2 systemd[1]: Starting GNU Zebra routing manager…
Mai 14 15:31:57 router2 systemd[1]: Can’t open PID file /run/quagga/zebra.pid (yet?) after start: No such file or directory
Mai 14 15:31:57 router2 systemd[1]: Started GNU Zebra routing manager.
[root@router2 quagga]#

 

 

How to Verify if BGP is Working

 

[root@router1 quagga]# vtysh -c “show bgp neighbors”
BGP neighbor is 192.168.122.1, remote AS 65100, local AS 65101, external link
BGP version 4, remote router ID 0.0.0.0
BGP state = Active
Last read 00:26:14, hold time is 180, keepalive interval is 60 seconds
Message statistics:
Inq depth is 0
Outq depth is 0
Sent Rcvd
Opens: 12 0
Notifications: 0 0
Updates: 0 0
Keepalives: 0 0
Route Refresh: 0 0
Capability: 0 0
Total: 12 0
Minimum time between advertisement runs is 30 seconds

 

For address family: IPv4 Unicast
Community attribute sent to this neighbor(both)
0 accepted prefixes

 

Connections established 0; dropped 0
Last reset never
Local host: 192.168.122.8, Local port: 46514
Foreign host: 192.168.122.1, Foreign port: 179
Nexthop: 192.168.122.8
Nexthop global: fe80::127d:ea0d:65b7:30e5
Nexthop local: ::
BGP connection: non shared network
Next connect timer due in 22 seconds
Read thread: off Write thread: off

 

[root@router1 quagga]#

 

 

 

[root@router2 quagga]# vtysh -c “show bgp neighbors”
BGP neighbor is 192.168.122.1, remote AS 65100, local AS 65102, external link
BGP version 4, remote router ID 0.0.0.0
BGP state = Connect
Last read 00:19:52, hold time is 180, keepalive interval is 60 seconds
Message statistics:
Inq depth is 0
Outq depth is 0
Sent Rcvd
Opens: 8 0
Notifications: 0 0
Updates: 0 0
Keepalives: 0 0
Route Refresh: 0 0
Capability: 0 0
Total: 8 0
Minimum time between advertisement runs is 30 seconds

 

For address family: IPv4 Unicast
Community attribute sent to this neighbor(both)
0 accepted prefixes

 

Connections established 0; dropped 0
Last reset never
Next connect timer due in 50 seconds
Read thread: on Write thread: on

 

[root@router2 quagga]#

 

 

root@asus:/etc/quagga# vtysh -c “show bgp neighbors”
BGP neighbor is 10.0.8.100, remote AS 65101, local AS 65100, external link
BGP version 4, remote router ID 0.0.0.0
BGP state = Active
Last read 00:27:14, hold time is 180, keepalive interval is 60 seconds
Message statistics:
Inq depth is 0
Outq depth is 0
Sent Rcvd
Opens: 327 0
Notifications: 0 0
Updates: 0 0
Keepalives: 0 0
Route Refresh: 0 0
Capability: 0 0
Total: 327 0
Minimum time between advertisement runs is 3 seconds

 

For address family: IPv4 Unicast
Community attribute sent to this neighbor(all)
0 accepted prefixes

 

Connections established 0; dropped 0
Last reset never
External BGP neighbor may be up to 1 hops away.
Local host: 10.0.8.1, Local port: 43840
Foreign host: 10.0.8.100, Foreign port: 179
Nexthop: 10.0.8.1
Nexthop global: ::
Nexthop local: ::
BGP connection: non shared network
Next connect timer due in 4 seconds
Read thread: off Write thread: off

 

BGP neighbor is 10.0.9.100, remote AS 65102, local AS 65100, external link
BGP version 4, remote router ID 0.0.0.0
BGP state = Active
Last read 00:27:14, hold time is 180, keepalive interval is 60 seconds
Message statistics:
Inq depth is 0
Outq depth is 0
Sent Rcvd
Opens: 244 0
Notifications: 0 0
Updates: 0 0
Keepalives: 0 0
Route Refresh: 0 0
Capability: 0 0
Total: 244 0
Minimum time between advertisement runs is 3 seconds

 

For address family: IPv4 Unicast
Community attribute sent to this neighbor(all)
0 accepted prefixes

 

Connections established 0; dropped 0
Last reset never
External BGP neighbor may be up to 1 hops away.
Local host: 10.0.9.1, Local port: 33062
Foreign host: 10.0.9.100, Foreign port: 179
Nexthop: 10.0.9.1
Nexthop global: ::
Nexthop local: ::
BGP connection: non shared network
Next connect timer due in 4 seconds
Read thread: off Write thread: off

 

root@asus:/etc/quagga#

 

 

next check the ip routing tables

 

vtysh -c “show ip bgp”

 

[root@router1 quagga]# vtysh -c “show ip bgp”
BGP table version is 0, local router ID is 10.0.8.100
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale, R Removed
Origin codes: i – IGP, e – EGP, ? – incomplete

 

Network Next Hop Metric LocPrf Weight Path
*> 10.0.8.0/24 0.0.0.0 0 32768 i

 

Total number of prefixes 1
[root@router1 quagga]#

 

 

 

[root@router2 quagga]# vtysh -c “show ip bgp”
BGP table version is 0, local router ID is 10.0.9.100
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale, R Removed
Origin codes: i – IGP, e – EGP, ? – incomplete

 

Network Next Hop Metric LocPrf Weight Path
*> 10.0.9.0/24 0.0.0.0 0 32768 i

 

Total number of prefixes 1
[root@router2 quagga]#

 

 

root@asus:/etc/quagga# vtysh -c “show ip bgp”
BGP table version is 0, local router ID is 192.168.122.1
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed

Origin codes: i – IGP, e – EGP, ? – incomplete

Network Next Hop Metric LocPrf Weight Path

*> 192.168.122.0 0.0.0.0 0 32768 i

 

Displayed 1 out of 1 total prefixes
root@asus:/etc/quagga#

 

 

 

 

Some Basic Quagga Router Commands

 

Login to router:

 

either

 

vtysh

 

[root@router2 quagga]# vtysh

 

Hello, this is Quagga (version 0.99.22.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

 

router2#

 

 

or

 

telnet localhost 2601

 

(latter requires the password)

 

 

[root@router2 quagga]# telnet localhost 2601
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.

 

Hello, this is Quagga (version 0.99.22.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

 

User Access Verification

 

Password:
router2>

 

 

show basic help:

 

router2#?
router2#
clear Reset functions
configure Configuration from vty interface
copy Copy from one file to another
debug Enable debug messages for specific or all part.
disable Turn off privileged mode command
end End current mode and change to enable mode
exit Exit current mode and down to previous mode
list Print command list
no Negate a command or set its defaults
ping Send echo messages
quit Exit current mode and down to previous mode
show Show running system information
ssh Open an ssh connection
start-shell Start UNIX shell
telnet Open a telnet connection
terminal Set terminal line parameters
traceroute Trace route to destination
undebug Disable debugging functions (see also ‘debug’)
write Write running configuration to memory, network, or terminal
router2#

 

 

display advanced help

 

note this is different to the basic help, with just “?” – here you enter “show ?”

 

 

router2# show ?
debugging Zebra configuration
history Display the session command history
interface Interface status and configuration
ip IP information
ipv6 IPv6 information
logging Show current logging configuration
memory Memory statistics
route-map route-map information
running-config running configuration
startup-config Contentes of startup configuration
table default routing table to use for all clients
thread Thread information
version Displays zebra version
work-queues Work Queue information
zebra Zebra informationClient information
router2#

 

 

display advanced help for a specific command:

 

eg

 

show ip ?

 

router2# show ip ?
access-list List IP access lists
forwarding IP forwarding status
mroute IP Multicast routing table
prefix-list Build a prefix list
protocol IP protocol filtering status
route IP routing table
router2#

 

 

display ip routing info:

 

router2# show ip route
Codes: K – kernel route, C – connected, S – static, R – RIP,
O – OSPF, I – IS-IS, B – BGP, A – Babel,
> – selected route, * – FIB route

 

K>* 0.0.0.0/0 via 192.168.122.1, eth0
C>* 10.0.0.0/8 is directly connected, eth1
C>* 127.0.0.0/8 is directly connected, lo
C>* 192.168.122.0/24 is directly connected, eth0
router2#
router2#

 

 

enter privileged command mode:

 

(note the different prompt when logging in via telnet localhost 2601 compared to vtysh)

 

use enable or ena:

 

[root@router2 quagga]# telnet localhost 2601
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.

 

Hello, this is Quagga (version 0.99.22.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

 

User Access Verification

 

Password:
router2>
router2> enable
Password:
router2#

 

 

display current interface config:

 

show int eth0

router2# show int eth0
Interface eth0 is up, line protocol detection is disabled
index 2 metric 1 mtu 1500
flags: <UP,BROADCAST,RUNNING,MULTICAST>
HWaddr: 52:54:00:f8:98:3d
inet 192.168.122.12/24 broadcast 192.168.122.255
inet6 fe80::127d:ea0d:65b7:30e5/64
inet6 fe80::6e18:9a8a:652c:1700/64
router2#

 

 

save current config:

 

wr

 

router2# wr
Configuration saved to /etc/quagga/zebra.conf
router2#

 

 

 

enter edit mode:

 

Router#conf t

 

router2# conf t
router2(config)#

 

 

To exit configure mode

 

end

 

router2# conf t
router2(config)#
router2(config)#
router2(config)#
router2(config)# end
router2#

 

 

To display current configuration use the show running-config command:

 

sh run

 

router2# sh run

 

Current configuration:
!
hostname router2
password zebra
enable password zebra
log file /var/log/quagga/quagga.log
!
interface eth0
ipv6 nd suppress-ra
!
interface eth1
ipv6 nd suppress-ra
!
interface lo
!
ip forwarding
!
!
line vty
!
end
router2#

 

 

 

router1# show ip bgp neighbors
BGP neighbor is 192.168.122.1, remote AS 65100, local AS 65101, external link
BGP version 4, remote router ID 0.0.0.0
BGP state = Active
Last read 01:06:19, hold time is 180, keepalive interval is 60 seconds
Message statistics:
Inq depth is 0
Outq depth is 0
Sent Rcvd
Opens: 34 0
Notifications: 0 0
Updates: 0 0
Keepalives: 0 0
Route Refresh: 0 0
Capability: 0 0
Total: 34 0
Minimum time between advertisement runs is 30 seconds

 

For address family: IPv4 Unicast
Community attribute sent to this neighbor(both)
0 accepted prefixes

 

Connections established 0; dropped 0
Last reset never
Local host: 192.168.122.11, Local port: 58120
Foreign host: 192.168.122.1, Foreign port: 179
Nexthop: 192.168.122.11
Nexthop global: fe80::127d:ea0d:65b7:30e5
Nexthop local: ::
BGP connection: non shared network
Next connect timer due in 109 seconds
Read thread: off Write thread: off

 

router1#

 

 

to exit router:

 

exit

 

router2# exit
Connection closed by foreign host.
[root@router2 quagga]#

 

Continue Reading