Category Archives: Systems/Linux

Running OSPF on your Ubuntu Server……

I was wondering if there was a possibility to this.  I really do not see much of a reason for other than the neatness factor.  I was looking over some old RIP information and seeing that version 1 would run on some older windows server 2000 machines I wondered if it were possible to pass OSPF routes to a Linux based server.  There is a Program called Quagga which will emulate almost a stripped down looking IOS as a Daemon within Linux.  Neat stuff!   You can run OSPFv2, OSPFv3, RIP , BGP and RIPng.  So if I wanted a more specific route through OSPF rather than having a default route on my servers it is possible.  Of if I wanted to have some sort of secondary process of OSPF on my cores or routers only to do the routing on my servers it would be possible.  So heres a step by step way I configured it just to test.

First install Quagga

apt-get install quagga

Next specify which of the routing protocols you want to use for Qugga
In this case this post is dedicated towards OSPF. But theres all sorts of
flexibility here

burnyd@dynamips:~$ cat /etc/quagga/daemons
# This file tells the quagga package which daemons to start.
#
# Entries are in the format: <daemon>=(yes|no|priority)
# 0, “no” = disabled
# 1, “yes” = highest priority
# 2 .. 10 = lower priorities
# Read /usr/share/doc/quagga/README.Debian for details.
#
# Sample configurations for these daemons can be found in
# /usr/share/doc/quagga/examples/.
#
# ATTENTION:
#
# When activation a daemon at the first time, a config file, even if it is
# empty, has to be present *and* be owned by the user and group “quagga”, else
# the daemon will not be started by /etc/init.d/quagga. The permissions should
# be u=rw,g=r,o=.
# When using “vtysh” such a config file is also needed. It should be owned by
# group “quaggavty” and set to ug=rw,o= though. Check /etc/pam.d/quagga, too.
#
zebra=yes
bgpd=no
ospfd=no
ospf6d=no
ripd=no
ripngd=no
isisd=no

change this to

zebra=yes
bgpd=no
ospfd=yes
ospf6d=no
ripd=no
ripngd=no
isisd=no

I would recommend restarting Quagga just in case.

burnyd@dynamips:~$ sudo /etc/init.d/quagga restart

Now copy the “sample Daemons” and put then in /etc/quagga Depending on what Distro these could be located in other places but since this is Ubuntu 11.04 it is located in the following..

/usr/share/doc/quagga/examples/zebra.conf.sample

We need to take zebra.conf.sample and ospfd.conf.sample and move them into the path of /etc/quagga

burnyd@dynamips:~$ sudo cp /usr/share/doc/quagga/examples/zebra.conf.sample /etc/quagga/zebra.conf
burnyd@dynamips:~$ sudo cp /usr/share/doc/quagga/examples/ospfd.conf.sample /etc/quagga/ospfd.conf

then add permissions.

burnyd@dynamips:~$ sudo chmod 770 /etc/quagga/zebra.conf

burnyd@dynamips:~$ sudo chmod 770 /etc/quagga/ospfd.conf

Next make sure to forward traffic from Quagga over your ethernet device, otherwise this will not work!

sudo su -c “echo 1 > /proc/sys/net/ipv4/ip_forward”

restart Quagga again..

Next go ahead and telnet to your local host on port 2064.  I cannot recall what the default password is since I changed it.  But it should be located within /etc/quagga/ospfd.conf where you can change it with a file editor.

burnyd@dynamips:~$ telnet localhost

Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.

Hello, this is Quagga (version 0.99.17).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

User Access Verification

Password:
ospfd> en
ospfd#

At this point this looks like a stripped down IOS for the most part. I have Eth0 at 192.168.2.211 on my data network / vlan. I am running OSPF on that interface on a few of my devices here both on my core switch and my Wanrouter. So those used to OSPF I have to advertise Eth0 to OSPF.

I first have to specify the interface I want to run OSPF over

ospfd(config)# int eth0
ospfd(config-if)# ospf network broadcast

then specify my ospf options.

ospfd# conf t
ospfd(config)#router ospf
ospfd(config-router)#network 192.168.2.0/24 area 0.0.0.0

So I go ahead and check my regular routing table on dynamips box and….

burnyd@dynamips:~$ netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.17.245 192.168.2.253 255.255.255.255 UGH 0 0 0 eth0
2.2.2.2 192.168.2.253 255.255.255.255 UGH 0 0 0 eth0
1.1.1.1 192.168.2.254 255.255.255.255 UGH 0 0 0 eth0
192.168.7.0 192.168.2.254 255.255.255.0 UG 0 0 0 eth0
192.168.6.0 192.168.2.254 255.255.255.0 UG 0 0 0 eth0
192.168.4.0 192.168.2.254 255.255.255.0 UG 0 0 0 eth0
192.168.3.0 192.168.2.254 255.255.255.0 UG 0 0 0 eth0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.1.0 192.168.2.254 255.255.255.0 UG 0 0 0 eth0
10.10.1.0 192.168.2.254 255.255.255.0 UG 0 0 0 eth0
192.168.9.0 192.168.2.254 255.255.255.0 UG 0 0 0 eth0
192.168.8.0 192.168.2.254 255.255.255.0 UG 0 0 0 eth0
0.0.0.0 192.168.2.254 0.0.0.0 UG 0 0 0 eth0
burnyd@dynamips:~$

ospfd# sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
2.2.2.2 1 Full/Backup 33.075s 192.168.2.253 eth0:192.168.2.211 0 0 0
1.1.1.1 1 Full/DR 38.384s 192.168.2.254 eth0:192.168.2.211 0 0 0

On my Core switch and wan router..

WANROUTER#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
1.1.1.1 1 FULL/DR 00:00:36 192.168.4.254 Vlan4
1.1.1.1 1 FULL/DR 00:00:30 192.168.3.254 Vlan3
1.1.1.1 1 FULL/DR 00:00:36 192.168.2.254 Vlan2
192.168.2.211 1 FULL/DROTHER 00:00:31 192.168.2.211 Vlan2

cs1#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 1 FULL/BDR 00:00:30 192.168.4.253 Vlan4
2.2.2.2 1 FULL/BDR 00:00:31 192.168.3.253 Vlan3
2.2.2.2 1 FULL/BDR 00:00:37 192.168.2.253 Vlan2
192.168.2.211 1 FULL/DROTHER 00:00:31 192.168.2.211 Vlan2

Advertisements

Configuring LACP with Fedora 14 and a Cisco 2950 switch

This is a write up of how to connect a cisco switch in this case a 2950 to Etherchannel LACP with a Fedora server. I have 14 Ethernet interfaces total. Since I finished up with my VCP lab(fail) and I have two extra interfaces why not etherchannel them together. I am using interface Fa0/3 and Fa0/4 on my 2950 and on my server eth0 and eth14.

With Linux distros like Fedorea,Centos this will work. Other Linux distros the etc interface files are collected in a /etc/interfaces. Fedora puts a config file for each interface. I WOULD HIGHLY SUGGEST not following this remotely, as anyone who has delt with Etherchannel things never go right the first try.

Step one is adding a bond0 interface, in fedora when you vi into a network interface that is not create it will then create the bond0 interface.

vi /etc/sysconfig/network-scripts/ifcfg-bond0

here is what my bond0 configuration looks like.

DEVICE=bond0

BONDING_OPTS=”mode=4 miimon=500 lacp-rate=1″ #mode=4 is LACP(802.3ad)

BOOTPROTO=none

ONBOOT=yes

USERCTL=no

PEERDNS=no

IPV6INIT=no

NM_CONTROLLED=no

TYPE=Ethernet

NETMASK=255.255.255.0

IPADDR=192.168.1.125

GATEWAY=192.168.1.1

DNS1=8.8.8.8

There are plenty of different aggregation methods, mode 4 is for LACP. There are some others which include backup interfaces and a round robin feature.

Next step is go under each of the interfaces and tell them they have a master which is bond0 and they are slaves to bond0. This is similar to saying they have a layer 2 connection over both interfaces. Bond0 is the layer3 in this case.

vi /etc/sysconfig/network-scripts/ifconfig-eth0

DEVICE=”eth0″

BOOTPROTO=none

MASTER=bond0

SLAVE=yes

NM_CONTROLLED=”yes”

ONBOOT=”yes”

TYPE=Ethernet

DEFROUTE=yes

IPV4_FAILURE_FATAL=yes

IPV6INIT=no

NAME=”System eth0″

#UUID=5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03

#IPADDR0=192.168.1.125

#PREFIX0=24

#GATEWAY0=192.168.1.1

#DNS1=8.8.8.8

#HWADDR=00:30:67:AA:37:23

Notice I have commented out the old configuration I had where this was my managment interface. Also notice in line 3 master is bond0 and line 4 slave is yes.

vi /etc/sysconfig/network-scripts/ifconfig-eth14

TYPE=Ethernet

BOOTPROTO=none

MASTER=bond0

SLAVE=yes

DEFROUTE=yes

IPV4_FAILURE_FATAL=no

IPV6INIT=no

NAME=”Auto eth14″

UUID=7399bea9-a957-4ec7-be5b-03b280e7fdd3

ONBOOT=yes

#HWADDR=00:1B:21:B0:74:56

#IPADDR0=155.1.146.100

PREFIX0=24

At this point the configuration is about 75% done on the Server. Next we move to the Cisco Device.

conf t

int range fa0/3 – 4

channel-protocol lacp

channel-group 1 mode active

At this point this will form a Port-channel interface.

AggSwitch#sh ip int po1

Port-channel1 is up, line protocol is up

Chances are it will not be up.

Configuration is done on the Cisco Device.

Moving back to to the server. This is where someone would lose managment remotely, we are going to attempt to bring up the bond.

ifup bond0

if this does not work I would restart /etc/network restart. Or reboot after you should see the following.

[burnyd@dynamips ~]# ifconfig bond0

bond0 Link encap:Ethernet HWaddr 00:30:67:AA:37:23

inet6 addr: fe80::230:67ff:feaa:3723/64 Scope:Link

UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1

RX packets:8169 errors:0 dropped:0 overruns:0 frame:0

TX packets:804 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:947585 (925.3 KiB) TX bytes:140837 (137.5 KiB)