Curs 3 Quagga Servicii de ret, ea pentru ISP 11 martie 2010 SRISP Curs 3, Quagga 1/28 Outline Rutare Quagga Studiu de caz { Vyatta Keywords ^Intreb˘ari SRISP Curs 3, Quagga 2/28 Ce ^ınseamn˘arutare? I dirijarea pachetelor I adres˘adestinat, ie, masc˘adestinat, ie, next-hop/adres˘ade ies, ire I protocol de rutare, protocol rutat I rute dinamice, rute statice I rute direct conectate, rute nod, rute default SRISP Curs 3, Quagga 3/28 Protocoale de rutare I distance-vector, link-state I IGP, EGP I RIP I OSPF I BGP I IS-IS I EIGRP (proprietar) SRISP Curs 3, Quagga 4/28 Rutere I routing, forwarding I control plane, forwarding plane I tipuri de rutere dup˘acontextul de folosire I conectivitatea la Internet (ISP) I SOHO (Small Office Home Office) I enterprise routers I Juniper (JUNOS), Cisco (CiscoIOS), Huawei SRISP Curs 3, Quagga 5/28 Rutere software I Quagga I BIRD { BIRD Internet Routing Daemon I XORP { eXtensible Open Router Platform I Vyatta (open source router/firewall/VPN) I Debian-based Linux distribution I Quagga, OpenVPN I Cisco Replacement Guide I software firewall: m0n0wall, pfSense I embedded routers: OpenWrt, DD-WRT, FreeWrt, Gargoyle, HyperWRT, Tomato SRISP Curs 3, Quagga 6/28 Outline Rutare Quagga Studiu de caz { Vyatta Keywords ^Intreb˘ari SRISP Curs 3, Quagga 7/28 Quagga I http://www.quagga.net/ I software router / network routing suite I fork din GNU Zebra (inactiv din 2005) I quagga { specie disp˘arut˘ade zebre I GNU GPL I suport pentru I OPSPF (v2, v3) I RIP (v1, v2, ng) I BGP (v4+) I IS-IS I ifconfig, route, netstat SRISP Curs 3, Quagga 8/28 Arhitectur˘a I Zserv API { Zserv clients: ospfd, ripd, ospf6d, ripng, bgpd SRISP Curs 3, Quagga 9/28 Instalare s, i configurare de baz˘a I apt-get install quagga I /etc/quagga/daemons { list˘acu daemonii pornit, i I /etc/quagga/debian.conf { configurare VTY I /etc/init.d/quagga SRISP Curs 3, Quagga 10/28 Configurare daemoni I cp /usr/share/doc/quagga/examples/zebra.conf.sample /etc/quagga/zebra.conf I chown quagga.quaggavty /etc/quagga/*.conf I chmod 640 /etc/quagga/*.conf I VTY { Virtual Terminal (Teletype) Interface I conectare pe telnet I zebra { 2601 I ripd { 2602 I ripng { 2603 I ospfd { 2604 I bgpd { 2605 I ospf6d { 2606 I telnet localhost 2604 SRISP Curs 3, Quagga 11/28 Configurare daemoni 1 router1:∼# netstat -tlpn 2 Active Internet connections(only servers) 3 Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name 4 tcp0 0 127.0.0.1:2601 0.0.0.0:* LISTEN 353/zebra 5 tcp0 0 127.0.0.1:2602 0.0.0.0:* LISTEN 357/ripd 6 tcp0 0 127.0.0.1:2604 0.0.0.0:* LISTEN 361/ospfd 7 tcp0 0 0.0.0.0:22 0.0.0.0:* LISTEN 341/sshd 8 tcp600 :::22 :::* LISTEN 341/sshd SRISP Curs 3, Quagga 12/28 Configurare zebra I (configure terminal) hostname I (configure terminal) interface eth0 I write I list SRISP Curs 3, Quagga 13/28 vtysh I consol˘ade configurare a daemonilor Quagga I cp /usr/share/doc/quagga/examples/vtysh.conf.sample /etc/quagga/vtysh.conf I chown quagga.quaggavty /etc/quagga/*.conf I chmod 640 /etc/quagga/*.conf I vtysh SRISP Curs 3, Quagga 14/28 Caracteristici Linux I reverse search, command line editing I traceroute, ping I modificarea tabelei de rutare de la nivelul nucleului I fiecare protocol are asociat un daemon Unix SRISP Curs 3, Quagga 15/28 Topologie demo SRISP Curs 3, Quagga 16/28 Configurare interfet, e s, i rute statice 1 interface FastEthernet0/1 2 ip address 10.1.3.2 255.255.255.0 1 interface eth0 3 no shutdown 2 ip address 10.1.3.1/24 4 interface FastEthernet0/0 3 link-detect 5 ip address 10.1.4.2 255.255.255.0 4 interface eth1 6 no shutdown 5 ip address 10.1.1.1/24 7 hostname Cisco-2651 6 link-detect 8 ip route 10.1.0.0 255.255.0.0 10.1.3.1 7 hostname quagga-router 9 ip route 10.200.1.4 255.255.255.255 8 ip route 10.1.0.0/16 10.1.3.2 10.1.4.1 9 ip route 10.200.1.4/32 10.1.3.2 10 ip route 10.200.1.1 255.255.255.255 10 ip route 10.200.1.1/32 10.1.1.2 10.1.3.1 SRISP Curs 3, Quagga 17/28 Configurare interfet, e s, i rute statice (2) I show ip route I show interface eth0 I show int description I show ip forwarding SRISP Curs 3, Quagga 18/28 Configurare OSPF 1 router ospf1 1 router ospf 2 network 10.1.0.0 0.0.0.255 area0 2 network 10.2.0.0/24 area0 3 network 10.200.1.1 0.0.0.0 area0 3 network 10.200.1.2/32 area0 4 network 200.0.0.0 0.0.0.255 area0 4 network 200.0.0.0/24 area0 SRISP Curs 3, Quagga 19/28 Rute OSFP ^ınQuagga 1 router1# sh ip route 2 Codes:K- kernel route,C- connected,S- static,R- RIP,O- OSPF, 3I- ISIS,B- BGP, > - selected route,*- FIB route 4 5K* 0.0.0.0/0 via 192.0.2.1, venet0 inactive 6O 10.10.12.0/24[110/10] is directly connected, eth0, 00:03:41 7C >* 10.10.12.0/24 is directly connected, eth0 8O 10.10.14.0/24[110/10] is directly connected, eth1, 00:03:36 9C >* 10.10.14.0/24 is directly connected, eth1 10O >* 10.10.23.0/24[110/20] via 10.10.12.2, eth0, 00:02:46 11O >* 10.10.24.0/24[110/20] via 10.10.12.2, eth0, 00:02:14 12* via 10.10.14.4, eth1, 00:02:14 13O >* 10.10.25.0/24[110/20] via 10.10.12.2, eth0, 00:02:41 14O >* 10.10.35.0/24[110/30] via 10.10.12.2, eth0, 00:01:21 15* via 10.10.14.4, eth1, 00:01:21 16O >* 10.10.45.0/24[110/20] via 10.10.14.4, eth1, 00:02:08 17C >* 127.0.0.0/8 is directly connected, lo 18C >* 127.0.0.1/32 is directly connected, venet0 19C >* 172.10.10.0/32 is directly connected, venet0 20K >* 192.0.2.1/32 is directly connected, venet0 SRISP Curs 3, Quagga 20/28 Rute OSPF ^ınLinux 1 router1:∼# ip r s 2 192.0.2.1 dev venet0 scope link 3 10.10.23.0/24 via 10.10.12.2 dev eth0 proto zebra metric 20 4 10.10.35.0/24 proto zebra metric 30 5 nexthop via 10.10.12.2 dev eth0 weight1 6 nexthop via 10.10.14.4 dev eth1 weight1 7 10.10.14.0/24 dev eth1 proto kernel scope link src 10.10.14.1 8 10.10.45.0/24 via 10.10.14.4 dev eth1 proto zebra metric 20 9 10.10.12.0/24 dev eth0 proto kernel scope link src 10.10.12.1 10 10.10.24.0/24 proto zebra metric 20 11 nexthop via 10.10.12.2 dev eth0 weight1 12 nexthop via 10.10.14.4 dev eth1 weight1 13 10.10.25.0/24 via 10.10.12.2 dev eth0 proto zebra metric 20 14 default via 192.0.2.1 dev venet0 SRISP Curs 3, Quagga 21/28 Outline Rutare Quagga Studiu de caz { Vyatta Keywords ^Intreb˘ari SRISP Curs 3, Quagga 22/28 Vyatta I open source network operating system I hardware x86 I ruter, firewall, VPN I Debian-based, Quagga, OpenVPN I community & comercial subscription SRISP Curs 3, Quagga 23/28 Servicii Vyatta I Community Edition Downloads (Vyatta Community Edition 5) I ISO image I XenServer Image I VMware Virtual Appliance I Software Subscription I Hardware Appliances I Vyatta 514 Appliance (Cisco 1800 Series) I Vyatta 2500 Apliance (Cisco 2800 Series) I Vyatta 3500 Apliance (Cisco 7200 Series) I Network Virtualization Subscription (Xen, VMware, Hyper-V) SRISP Curs 3, Quagga 24/28 Outline Rutare Quagga Studiu de caz { Vyatta Keywords ^Intreb˘ari SRISP Curs 3, Quagga 25/28 Cuvinte cheie I rutare, rute, ruter I /etc/quagga/* I protocoale de rutare I /etc/init.d/quagga I ruter software I VTY I Quagga, Zebra I vtysh I daemoni Quagga I comenzi Cisco vs. Quagga I Zserv API I Vyatta SRISP Curs 3, Quagga 26/28 Link-uri utile I http://openmaniak.com/quagga_tutorial.php I http://www.quagga.net/ I http://www.vyatta.com/ I http://www.vyatta.org/ SRISP Curs 3, Quagga 27/28 Outline Rutare Quagga Studiu de caz { Vyatta Keywords ^Intreb˘ari SRISP Curs 3, Quagga 28/28.