OpenVZ Forum


Home » General » Discussions » Quagga in VE,Part Deux (How to get OSPF working on Node and/or VE)
Quagga in VE,Part Deux [message #39560] Tue, 11 May 2010 15:01
lars.bailey is currently offline  lars.bailey
Messages: 38
Registered: April 2010
Member
Here is how you can simulate two OSPF routers,using the Node server and VPS.


0.0 OSPF Terminology

It would be helpful,if you have some understanding of OSPF terminology,and how its applied with OpenVZ.
You need to know first,the type of OSPF router you need to
setup.
Use this link,as a guide;

http://www.inetdaemon.com/tutorials/internet/ip/routing/ospf /

As a note,I'm not affiliated with this website,it just provides an "easy on the mind" tutorial.

0.0 OSPF setup

To illustrate a "typical" OSPF topology,you will need to set up the Node server,with one or more bridged VPS's.
Each VPS,will require two network interfaces.
One network interface,will be assigned to the "backbone area",
and one,will be the routable subnet.
Setting up a VPS in this manner,represents a truer sense of
an "OSPF router",and will demonstrate dynamic routing.


1.0 Setting up the Node

Remove all static IP addresses,from known network interfaces.
Static addresses will be configured with Quagga.
Remove all references of static routes,including default routing in "/etc/sysconfig/network" and/or "/etc/rc.d/rc.local".
Create an Ethernet bridge,on an available network interface.
Once you have done this,dump the routing table,and flush the
ARP cache.
Install Quagga router.(the rest of this Howto,assumes RPM install of Quagga,and a RedHat distribution)

1.0.1 Configuring Quagga on the Node

My network example will have the Node with a connection towards another AS(global)and has a "backbone area" interface.(vzbr0)
Please understand my following remark.
If you are at home,or have an Internet connection on the Node server,do not enable this interface for OSPF!
You will pass OSPF "hello" packets to your ISP.
Filter out these packets with a firewall program.(Shorewall is good)
Follow the steps outlined here,and you should be okay.

1.0.2 zebra.conf and vtysh.conf

There are two files,that you need to configure.
First is the "zebra.conf" file.
Below is a sample,based on the example network.

---------------------------------

!
hostname my-router
password router
enable password *********
service advanced-vty
log syslog
no banner motd
!
interface lo
!
interface lo:0
!
interface eth0
!
interface eth0:0
!
interface eth1
!
interface eth1:0
!
interface vzbr0
ip address 192.168.99.254/24
!
interface veth101.0
!
interface veth102.0
!
interface veth103.0
!
interface veth104.0
!
---------------------------------------------

The source-route interface(eth0),is DHCP.
The bridged interface(vzbr0),is assigned the subnet of 192.168.99.0/24.
All connected routes(global),will be redistributed via OSPF.

1.0.2.1 vtysh.conf

Although,this is not a requirement for setting up Quagga,it makes it easier to access the Quagga VTY,without having to "telnet" into a specific routing daemon service.
Below is the configuration.

---------------------------------------
service integrated-vtysh-config
hostname my-router
---------------------------------------

If you have your configuration(s) done,start Quagga.

service zebra start

If you get no "failures",check the routing table.
It should reflect the IP addresses configured in Quagga.
If the routing table on your Node is proper,move to configuring OSPF.


2.0 OSPF on the Node
2.1 ospfd.conf

Below,is a sample "ospfd.conf" file.

--------------------------------------

!
hostname ospf-router
password ospf
enable password ********
!
interface vzbr0
ip ospf dead-interval 40
ip ospf hello-interval 10
ip ospf network broadcast
!
router ospf
ospf router-id 1.0.0.1
redistribute connected
network 192.168.99.0/24 area 0.0.0.0
!
--------------------------------------------

Notice,only one subnet is configured for OSPF.
In the example network,we have a global connection,so its prefix is not added to the OSPF network.
These routes will be passed on to other OSPF routers(VPS),via;

redistribute connected

If your "ospfd.conf" file is proper,start the OSPF daemon.

service ospfd start

If you get no "failures",then OSPF is running.
In a terminal shell,type;

tcpdump -n -v -i vzbr0

You should see something to this effect;


OSPF (89), length: 64) 192.168.99.254 > 224.0.0.5: OSPFv2, Hello, length: 44
Router-ID: 1.0.0.1, Backbone Area, Authentication Type: none (0)
Options: [External]
Hello Timer: 10s, Dead Timer 40s, Mask: 255.255.255.0, Priority: 1
Designated Router 192.168.99.254

If you see something like this,pat yourself on the back.
But before you do,type;

tcpdump -n -v -i ethX

on your source-route interface,to make sure you are not dumping "hello" packets in your ISP's lap.


3.0 OSPF in a VPS

Create a VPS.
Create an "eth0" and "eth1" interface,for the VPS.
Add the VETHxxx.0 adapter,to the bridge. Do not add VETHxxx.1 to the bridge.
Install Quagga in the VPS.
Before you can run Quagga,you need to do this first.
Please read this document.

http://wiki.openvz.org/Quagga_in_VE

If you understand the Author's warning,perform the following;

vzctl set CTID --capability net_admin:on --save
vzctl set CTID --capability net_raw:on --save
vzctl set CTID --capability sys_admin:on --save

Now,configure Quagga.
If you're smart,copy the "zebra.conf,vtysh.conf,and ospfd.conf",from the Node to the VPS.
Edit for your needs.
Below is a sample.

-------------------------------------------------
!
hostname vps-router
password vps
enable password ******
service advanced-vty
log syslog
no banner motd
!
interface lo
!
interface lo:0
!
interface eth0
ip address 192.168.99.101/24
!
interface eth1
ip address 192.168.101.1/24
!
----------------------------------------

If your "zebra.conf" is proper,enter into the VPS,and start Quagga.

service zebra start

If you have no "failures",check the routing table.
You should only show the two IP subnets configured for the network interfaces.(no default route)
Edit the "ospfd.conf" file,for the VPS.

---------------------------------------

!
hostname ospf-router
password ospf
enable password *******
!
interface eth0
ip ospf dead-interval 40
ip ospf hello-interval 10
ip ospf network broadcast
!
router ospf
ospf router-id 101.0.0.0
redistribute connected
network 192.168.99.0/24 area 0.0.0.0
network 192.168.101.0/24 area 0.0.0.101
!
-------------------------------------------

If your OSPF configuration is proper,start the OSPF daemon.

service ospfd start

If you get no "failures",pat yourself on the back again,OPSF is running in the VPS.
From within the VPS,type;

tcpdump -n -v -i eth0

and you should see something like this;

OSPF (89), length: 68) 192.168.99.254 > 224.0.0.5: OSPFv2, Hello, length: 48
Router-ID: 1.0.0.1, Backbone Area, Authentication Type: none (0)
Options: [External]
Hello Timer: 10s, Dead Timer 40s, Mask: 255.255.255.0, Priority: 1
Designated Router 192.168.99.254, Backup Designated Router 192.168.99.101
Neighbor List:
101.0.0.0
20:21:21.767343 IP (tos 0xc0, ttl 1, id 37692, offset 0, flags [none], proto: OSPF (89), length: 68) 192.168.99.101 > 224.0.0.5: OSPFv2, Hello, length: 48
Router-ID: 101.0.0.0, Backbone Area, Authentication Type: none (0)
Options: [External]
Hello Timer: 10s, Dead Timer 40s, Mask: 255.255.255.0, Priority: 1
Designated Router 192.168.99.254, Backup Designated Router 192.168.99.101
Neighbor List:
1.0.0.1

What is important here,is that you see "neighboring" routers.
The Node sees 101.0.0.1,which is the VPS.
The VPS,sees 1.0.0.1,which is the Node server.
Either one,should have each others routing table.
If the Node server and VPS have exchanged routing info,you have OSPF networking between the Node and VPS.
Go back and make sure the daemons will start on boot-up.
Use "chkconfig".

4.0 Gathering OSPF info

To check the status of OSPF,in a terminal shell,type;

vtysh

At the prompt,type;

show ip ospf

Below,is the summary report for the Node

OSPF Routing Process, Router ID: 1.0.0.1
Supports only single TOS (TOS0) routes
This implementation conforms to RFC2328
RFC1583Compatibility flag is disabled
OpaqueCapability flag is disabled
SPF schedule delay 1 secs, Hold time between two SPFs 1 secs
Refresh timer 10 secs
This router is an ASBR (injecting external routing information)
Number of external LSA 1. Checksum Sum 0x0000d378
Number of opaque AS LSA 0. Checksum Sum 0x00000000
Number of areas attached to this router: 1

Area ID: 0.0.0.0 (Backbone)
Number of interfaces in this area: Total: 1, Active: 1
Number of fully adjacent neighbors in this area: 1
Area has no authentication
SPF algorithm executed 7 times
Number of LSA 4
Number of router LSA 2. Checksum Sum 0x0000e932
Number of network LSA 1. Checksum Sum 0x00005ec3
Number of summary LSA 1. Checksum Sum 0x00002af0
Number of ASBR summary LSA 0. Checksum Sum 0x00000000
Number of NSSA LSA 0. Checksum Sum 0x00000000
Number of opaque link LSA 0. Checksum Sum 0x00000000
Number of opaque area LSA 0. Checksum Sum 0x00000000

This is the VPS summary report

OSPF Routing Process, Router ID: 101.0.0.0
Supports only single TOS (TOS0) routes
This implementation conforms to RFC2328
RFC1583Compatibility flag is disabled
OpaqueCapability flag is disabled
SPF schedule delay 1 secs, Hold time between two SPFs 1 secs
Refresh timer 10 secs
This router is an ABR, ABR type is: Standard (RFC2328)
This router is an ASBR (injecting external routing informa
...

Previous Topic: quagga on openvz _HELP
Next Topic: Globally connected VE containers
Goto Forum:
  


Current Time: Tue Mar 19 08:15:56 GMT 2024

Total time taken to generate the page: 0.02760 seconds