Introduction to dynamic routing on Linux with Quagga FVLUG – July 23, 2007 Wim Kerkhoff – wim@nyetwork.org

Overview Short introduction to dynamic routing Introduce Quagga Installing Quagga on Debian Example Quagga configurations Demo Using Quagga in production

Static Routing Simplist and most common method Manually configured by humans Can’t handle network changes such as outages Doesn’t scale with many network devices Requires least amount of expertise Generally used on hosts (PCs, printers, etc) and simple NAT routers

Dynamic Routing Protocols Applications that automatically discover network destinations First they learn what network routes are directly connected Then chat with neighbouring routers to learn what they know The entire network learns about changes within minutes or even seconds Generally used on Internet backbone routers and in organizations with many routers

Common routing protocols RIP – old one, based on hop count. Timer system can result in slow convergence OSPF – also uses multicast. Calculates shortest path using costs assigned to each link. Easy to setup but less knobs then BGP. Used inside organization BGP – uses TCP session. Can do filtering, route-maps, mangling, etc. Normally used for communicating with other organizations and based on policy

Remember: Routing != Forwarding Routing directs forwarding Routing is the process of selecting paths in a network Forwarding is the relaying of packets through one network segment to another by nodes So a network device can perform routing, forwarding, or both So you’ll have a broken router if /proc/sys/net/ipv4/ip_forward is set to 0 even with a beautiful quagga config

What is Quagga? Open source routing software Forked 4 years ago from Zebra to form a much better and healthier de-centralized community Similar syntax and look to Cisco IOS No control over OS, unlike IOS

Quagga features RIPv1 and v2 (IPv4) RIPng (IPv6) OSPFv2 OSPFv3 BGPv4 with multiprotocol extension VTY shell – Cisco like SNMP IPv6

Supported Platforms GNU/Linux 2.2.x and higher FreeBSD 4.x and higher NetBSD 1.6 and higher OpenBSD 2.5 and higher

System Architecture

Install / configuration overview Install Debian apt-get install quagga tcpdump iproute Add set VTYSH_PAGER=cat to ~/.bashrc Update /etc/quagga/daemons (zebra,ospfd,bgpd) echo username root nopassword > vtysh.conf touch zebra.conf ospfd.conf bgpd.conf /etc/init.d/quagga start Vtysh to start configuring Don’t forget to copy run start like on IOS Reboot and ensure convergence

Demo

Router 1 Configuration interface eth0 ip address 192.168.21.8/24 ! interface lo ip address 10.3.3.1/32 router ospf ospf router-id 10.3.3.1 redistribute connected network 10.3.2.0/30 area 0.0.0.0 default-information originate always ip route 0.0.0.0/0 192.168.21.254 ip forwarding

Router 2 Configuration interface eth0 ip address 10.3.2.2/30 ! interface lo ip address 10.3.3.2/32 router ospf ospf router-id 10.3.3.2 redistribute connected network 10.3.2.0/30 area 0.0.0.0 ip forwarding

Routing table on Router 2 quagga2:~# vtysh Hello, this is Quagga (version 0.99.5). Copyright 1996-2005 Kunihiro Ishiguro, et al. quagga2# show ip route Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - ISIS, B - BGP, > - selected route, * - FIB route O>* 0.0.0.0/0 [110/1] via 10.3.2.1, eth0, 1d20h22m O 10.3.2.0/30 [110/10] is directly connected, eth0, 1d20h33m C>* 10.3.2.0/30 is directly connected, eth0 O>* 10.3.3.1/32 [110/20] via 10.3.2.1, eth0, 1d20h22m C>* 10.3.3.2/32 is directly connected, lo C>* 127.0.0.0/8 is directly connected, lo O>* 192.168.21.0/24 [110/20] via 10.3.2.1, eth0, 1d20h22m

OSPF neighbour details quagga2# show ip ospf neighbor detail Neighbor 10.3.3.1, interface address 10.3.2.1 In the area 0.0.0.0 via interface eth0 Neighbor priority is 1, State is Full, 11 state changes Most recent state change statistics: Progressive change 1d20h25m ago Regressive change 1d20h25m ago, due to 1-WayReceived DR is 10.3.2.2, BDR is 10.3.2.1 Options 2 *|-|-|-|-|-|E|* Dead timer due in 38.944s Database Summary List 0 Link State Request List 0 Link State Retransmission List 0 Thread Inactivity Timer on Thread Database Description Retransmision off Thread Link State Request Retransmission on Thread Link State Update Retransmission on

Production tips? Make sure you have backups of /etc/quagga, /etc/network/interfaces, and iptables rules Keep templates Monitor the router as if it was a server: disk space, memory, load, etc Have redundant routers so that you can perform OS updates safely with 0 downtime Be consistent – stick to your templates Run lean & mean – K.I.S.S. Be secure But make sure you can somehow access the box even if routing is broken Stick to a single protocol if possible

Interior uses of OSPF and BGP Managing multiple ISP links (failover / load balancing) Multisites using VPNs and/or private links Failover between servers

Want to experiment? Setting up 30 machines to simulate a 30 router network is tough Virtualize using Xen, VMWare, OpenVZ etc Linksys WRT54G with DD-WRT/OpenWRT

Worthy competitor to $60k Cisco? Yes! 2 x 1U servers with onboard dual GigE Servers can be under $1500 each and perform just fine for 99% of situations Need more ports? VLAN trunking to managed Layer2 switch Commodity memory and processors are dirt cheap and as fast as expensive ASICs Each full BGP table needs approx 128 MB physical RAM

Documentation Documentation exists for quagga Wiki.quagga.net has more useful examples But it’s geared towards quagga itself and not dynamic routing Understanding routing protocols is critical Having experience with configuring RIP/OSPF/BGP on Cisco via CLI helps a lot CLI has built-in usage info using the ? mark like in Cisco IOS Zebra/Quagga mailing list archives Any Cisco OSPF/BGP syntax guides and examples Google 

Questions/Discussion