This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
how_route_lacnic_ipv4_block_with_oneprovider [2018/02/17 13:00] admin |
how_route_lacnic_ipv4_block_with_oneprovider [2019/05/31 00:40] (current) admin |
||
---|---|---|---|
Line 1: | Line 1: | ||
You need **have public IPv4** for the tunnel type in this howto. **One server with BGP session options** and talk to oneprovider to enable the option (it's not free, the price is on demand, here +50€/month). | You need **have public IPv4** for the tunnel type in this howto. **One server with BGP session options** and talk to oneprovider to enable the option (it's not free, the price is on demand, here +50€/month). | ||
- | Our ASN for the exemple is ASN 266671, announced route is: 45.225.75.0/24, oneprovider ASN is 61272 | + | Our ASN for the exemple is ASN 266671, announced route is: 45.225.75.0/24, oneprovider ASN is 9009 |
Here we use limited MTU to work over PPP (GPON) | Here we use limited MTU to work over PPP (GPON) | ||
Line 12: | Line 12: | ||
{{:lacnic-2.png?direct|}} | {{:lacnic-2.png?direct|}} | ||
- | == /etc/quagga/zebra.conf == | + | == /etc/bird/bird6.conf == |
- | ! | + | router id 37.120.157.227; |
- | ! Zebra configuration saved from vty | + | |
- | ! 2017/12/17 00:41:25 | + | protocol bgp ONEPROVIDER |
- | ! | + | { |
- | hostname XXXX | + | local as 266671; |
- | password XXXXXXXX | + | source address 2A0D:5600:X:2; |
- | log file /var/log/bgpd.log | + | import none; |
- | log stdout | + | export all; |
- | ! | + | graceful restart on; |
- | line vty | + | multihop 2; |
- | ! | + | neighbor 2A0D:5600:X::1 as 9009; |
+ | } | ||
+ | |||
+ | protocol static | ||
+ | { | ||
+ | route 2803:1920::/32 via 2A0D:5600:X::2; | ||
+ | } | ||
+ | |||
+ | protocol device | ||
+ | { | ||
+ | scan time 5; | ||
+ | } | ||
+ | |||
+ | == /etc/bird/bird.conf == | ||
+ | router id 185.64.105.21; | ||
+ | |||
+ | protocol bgp ONEPROVIDER | ||
+ | { | ||
+ | local as 266671; | ||
+ | source address 185.64.105.21; | ||
+ | import none; | ||
+ | export all; | ||
+ | graceful restart on; | ||
+ | multihop 2; | ||
+ | neighbor 185.64.105.1 as 9009; | ||
+ | } | ||
+ | |||
+ | protocol static | ||
+ | { | ||
+ | route 45.225.75.0/24 via 185.64.105.21; | ||
+ | } | ||
+ | |||
+ | protocol device | ||
+ | { | ||
+ | scan time 5; | ||
+ | } | ||
+ | |||
+ | == should show == | ||
+ | bird> show proto all | ||
+ | name proto table state since info | ||
+ | ONEPROVIDER BGP master up 14:14:14 Established | ||
+ | Preference: 100 | ||
+ | Input filter: REJECT | ||
+ | Output filter: ACCEPT | ||
+ | Routes: 0 imported, 1 exported, 0 preferred | ||
+ | Route change stats: received rejected filtered ignored accepted | ||
+ | Import updates: 2 0 2 0 0 | ||
+ | Import withdraws: 0 0 --- 2 0 | ||
+ | Export updates: 1 0 0 --- 1 | ||
+ | Export withdraws: 0 --- --- --- 0 | ||
+ | BGP state: Established | ||
+ | Neighbor address: 185.64.105.1 | ||
+ | Neighbor AS: 9009 | ||
+ | Neighbor ID: 91.216.163.254 | ||
+ | Neighbor caps: refresh restart-aware AS4 | ||
+ | Session: external multihop AS4 | ||
+ | Source address: 185.64.105.21 | ||
+ | Hold timer: 155/240 | ||
+ | Keepalive timer: 52/80 | ||
+ | |||
+ | static1 Static master up 14:13:47 | ||
+ | Preference: 200 | ||
+ | Input filter: ACCEPT | ||
+ | Output filter: REJECT | ||
+ | Routes: 1 imported, 0 exported, 1 preferred | ||
+ | Route change stats: received rejected filtered ignored accepted | ||
+ | Import updates: 1 0 0 0 1 | ||
+ | Import withdraws: 0 0 --- 0 0 | ||
+ | Export updates: 0 0 0 --- 0 | ||
+ | Export withdraws: 0 --- --- --- 0 | ||
+ | |||
+ | device1 Device master up 14:13:47 | ||
+ | Preference: 240 | ||
+ | Input filter: ACCEPT | ||
+ | Output filter: REJECT | ||
+ | Routes: 0 imported, 0 exported, 0 preferred | ||
== /etc/quagga/bgpd.conf == | == /etc/quagga/bgpd.conf == | ||
! | ! | ||
- | ! Zebra configuration saved from vty | + | hostname hades |
- | ! 2017/12/17 00:41:25 | + | password Ddnv6ovqSEwtdiL9q89KKAmV |
- | ! | + | |
- | hostname XXXXXXXXXXXX | + | |
- | password XXXXXXXXXXXX | + | |
log file /var/log/bgpd.log | log file /var/log/bgpd.log | ||
log stdout | log stdout | ||
! | ! | ||
router bgp 266671 | router bgp 266671 | ||
- | bgp router-id 185.64.105.21 | + | bgp router-id 37.120.157.Z |
- | neighbor 185.64.105.1 remote-as 61272 | + | neighbor 37.120.157.Y remote-as 9009 |
+ | neighbor 2A0D:5600:X::1 remote-as 9009 | ||
! | ! | ||
+ | address-family ipv6 | ||
+ | network 2803:1920::/32 | ||
+ | neighbor 2A0D:5600:X::1 activate | ||
+ | exit-address-family | ||
+ | address-family ipv4 | ||
network 45.225.75.0/24 | network 45.225.75.0/24 | ||
- | neighbor 185.64.105.1 activate | + | neighbor 37.120.157.Y activate |
+ | exit-address-family | ||
exit | exit | ||
! | ! | ||
line vty | line vty | ||
! | ! | ||
- | | ||
- | == command == | ||
- | echo '' > /var/log/bgpd.log | ||
- | mkdir -p /run/quagga | ||
- | chown quagga.quagga /run/quagga /var/log/bgpd.log | ||
- | /usr/sbin/zebra --daemon -A 127.0.0.1 -g quagga -u quagga -f /etc/quagga/zebra.conf | ||
- | sleep 20 | ||
- | /usr/sbin/bgpd --daemon -A 127.0.0.1 -g quagga -u quagga -f /etc/quagga/bgpd.conf | ||
- | == check BGP == | + | == /etc/network/interfaces == |
- | * vtysh | + | source /etc/network/interfaces.d/* |
- | * show ip bgp summary | + | |
- | * Should show: | + | # The loopback network interface |
- | + | auto lo | |
- | BGP router identifier 185.64.105.21, local AS number 266671 | + | iface lo inet loopback |
- | RIB entries 4, using 448 bytes of memory | + | |
- | Peers 1, using 9088 bytes of memory | + | # The primary network interface |
- | Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd | + | allow-hotplug eth0 |
- | 185.64.105.1 4 61272 8 9 0 0 0 00:04:22 2 | + | iface eth0 inet static |
- | Total number of neighbors 1 | + | address 185.64.105.21/24 |
+ | gateway 185.64.105.1 | ||
+ | # dns-* options are implemented by the resolvconf package, if installed | ||
+ | dns-nameservers 91.216.163.2 91.216.163.3 | ||
+ | dns-search op-net.com | ||
+ | |||
+ | #router gateway | ||
+ | | ||
+ | auto eth0:0 | ||
+ | iface eth0:0 inet static | ||
+ | address 45.225.75.1 | ||
+ | netmask 255.255.255.255 | ||
+ | |||
+ | ## Ipv6 configuration | ||
+ | iface eth0 inet6 static | ||
+ | address 2a04:2180:0:2::12b | ||
+ | netmask 64 | ||
+ | gateway 2a04:2180:0:2::1 | ||
+ | dns-nameservers 2a04:2180::101:53 2a04:2180::102:53 | ||
== Setup the tunnel from oneprovider to confiared == | == Setup the tunnel from oneprovider to confiared == | ||
Line 70: | Line 159: | ||
/sbin/modprobe ipip | /sbin/modprobe ipip | ||
/sbin/ip tu ad confiared mode ipip local 185.64.105.21 remote 190.186.245.10 ttl 64 dev eth0 | /sbin/ip tu ad confiared mode ipip local 185.64.105.21 remote 190.186.245.10 ttl 64 dev eth0 | ||
- | /sbin/ip ad ad dev confiared 10.0.0.1 peer 10.0.0.2/32 | + | /sbin/ip ad ad dev confiared 10.0.0.1 peer 45.225.75.2/32 |
/sbin/ip li se dev confiared up | /sbin/ip li se dev confiared up | ||
/sbin/ip link set dev confiared mtu 1280 | /sbin/ip link set dev confiared mtu 1280 | ||
- | /bin/ping 10.0.0.2 & | + | /bin/ping 45.225.75.2 & |
- | /sbin/ip ro ad 45.225.75.0/24 via 10.0.0.2 | + | /sbin/ip ro ad 45.225.75.0/24 via 45.225.75.2 |
| | ||
== service script == | == service script == | ||
Line 142: | Line 231: | ||
/sbin/modprobe ipip | /sbin/modprobe ipip | ||
/bin/ip tu ad oneprovider mode ipip local 190.186.245.10 remote 185.64.105.21 ttl 64 dev eth0 | /bin/ip tu ad oneprovider mode ipip local 190.186.245.10 remote 185.64.105.21 ttl 64 dev eth0 | ||
- | /bin/ip ad ad dev oneprovider 10.0.0.2 peer 10.0.0.1/32 | + | /bin/ip ad ad dev oneprovider 45.225.75.2 peer 10.0.0.1/32 |
/bin/ip li se dev oneprovider up | /bin/ip li se dev oneprovider up | ||
/bin/ip link set dev oneprovider mtu 1280 | /bin/ip link set dev oneprovider mtu 1280 | ||
Line 151: | Line 240: | ||
/bin/ip rule add from 45.225.75.0/24 table confiared | /bin/ip rule add from 45.225.75.0/24 table confiared | ||
/bin/ip route add default via 10.0.0.1 dev oneprovider table confiared | /bin/ip route add default via 10.0.0.1 dev oneprovider table confiared | ||
+ | /bin/ip route add 172.20.0.0/16 dev eth0 table confiared | ||
| | ||