2012/9/9 ril.kidd <[email protected]>: > On 09/09/12 20:36, Виталий Туровец wrote: >> >> 2012/9/9 ril.kidd <[email protected]>: >>> >>> On 09/09/12 19:57, Виталий Туровец wrote: >>>> >>>> 2012/9/9 ril.kidd <[email protected]>: >>>>> >>>>> Ok, i have DNS running on one peer (route client) and listening on a >>>>> virtual >>>>> sub-interface (I intend to add more and do anycasting). the other peer >>>>> will >>>>> be a route server. >>>>> It is the route to the virtual IP on the route client that I want to >>>>> propagate to the route server. >>>>> >>>>> bird> sh protocols all >>>>> name proto table state since info >>>>> kernel1 Kernel master up 14:03 >>>>> Preference: 10 >>>>> Input filter: ACCEPT >>>>> Output filter: ACCEPT >>>>> Routes: 0 imported, 0 exported, 0 preferred >>>>> Route change stats: received rejected filtered ignored >>>>> accepted >>>>> Import updates: 0 0 0 0 0 >>>>> Import withdraws: 0 0 --- 0 0 >>>>> Export updates: 0 0 0 --- >>>>> 0 >>>>> Export withdraws: 0 --- --- --- >>>>> 0 >>>>> >>>>> device1 Device master up 14:03 >>>>> Preference: 240 >>>>> Input filter: ACCEPT >>>>> Output filter: REJECT >>>>> Routes: 0 imported, 0 exported, 0 preferred >>>>> Route change stats: received rejected filtered ignored >>>>> accepted >>>>> Import updates: 0 0 0 0 0 >>>>> Import withdraws: 0 0 --- 0 0 >>>>> Export updates: 0 0 0 --- >>>>> 0 >>>>> Export withdraws: 0 --- --- --- >>>>> 0 >>>>> >>>>> RC1p BGP master up 14:04 Established >>>>> Description: Route Client1 Peer >>>>> Preference: 100 >>>>> Input filter: ACCEPT >>>>> Output filter: ACCEPT >>>>> Routes: 0 imported, 0 exported, 0 preferred >>>>> Route change stats: received rejected filtered ignored >>>>> accepted >>>>> Import updates: 0 0 0 0 0 >>>>> Import withdraws: 0 0 --- 0 0 >>>>> Export updates: 0 0 0 --- >>>>> 0 >>>>> Export withdraws: 0 --- --- --- >>>>> 0 >>>>> BGP state: Established >>>>> Neighbor address: 192.168.128.32 >>>>> Neighbor AS: 64496 >>>>> Neighbor ID: 192.168.128.32 >>>>> Neighbor caps: refresh AS4 >>>>> Session: external route-server AS4 >>>>> Source address: 192.168.128.31 >>>>> Hold timer: 179/240 >>>>> Keepalive timer: 37/80 >>>>> >>>>> #Route client bird.conf >>>>> >>>>> router id 192.168.128.21; >>>>> >>>>> #protocol direct { >>>>> # interface "-eth*", "*"; # Restrict network interfaces it works >>>>> with >>>>> #} >>>>> >>>>> protocol kernel { >>>>> # learn; # Learn all alien routes from the >>>>> kernel >>>>> persist; # Don't remove routes on bird >>>>> shutdown >>>>> scan time 20; # Scan kernel routing table every 20 >>>>> seconds >>>>> # import none; # Default is import all >>>>> export all; # Default is export none >>>>> # kernel table 5; # Kernel table to synchronize with >>>>> (default: >>>>> main) >>>>> } >>>>> >>>>> protocol device { >>>>> scan time 10; # Scan interfaces every 10 seconds >>>>> } >>>>> >>>>> protocol bgp RouteSrv { >>>>> # disabled; >>>>> description "Route Server Peer"; >>>>> local as 64496; >>>>> neighbor 192.168.128.20 as 65000; >>>>> import all; >>>>> export all; >>>>> # multihop; >>>>> } >>>>> >>>>> #Route Server bird.conf >>>>> >>>>> router id 192.168.128.20; >>>>> >>>>> # Martian networks >>>>> function net_martian() >>>>> { >>>>> return net ~ [ 169.254.0.0/16+, 172.16.0.0/12+, 192.168.0.0/16+, >>>>> 10.0.0.0/8+, >>>>> 127.0.0.0/8+, 224.0.0.0/4+, 240.0.0.0/4+, 0.0.0.0/32-, >>>>> 0.0.0.0/0{25,32}, >>>>> 0.0.0.0/0{0,7} ]; >>>>> } >>>>> >>>>> #Local networks >>>>> function net_local() >>>>> { >>>>> return net ~ [ 192.168.128.0/24+, 192.168.122.0/24+ ]; >>>>> } >>>>> >>>>> function rt_import(int asn; int set peer_asns; prefix set peer_nets) >>>>> { >>>>> if ! (net ~ peer_nets) then return false; >>>>> if ! (bgp_path.last ~ peer_asns) then return false; >>>>> if bgp_path.first != asn then return false; >>>>> if bgp_path.len > 64 then return false; >>>>> if bgp_next_hop != from then return false; >>>>> return true; >>>>> } >>>>> >>>>> function rt_export_all() >>>>> { >>>>> if proto = "static_bgp" then return true; >>>>> if source != RTS_BGP then return false; >>>>> if net_martian() then return false; >>>>> if bgp_path.len > 64 then return false; >>>>> return true; >>>>> } >>>>> >>>>> #protocol direct { >>>>> # interface "-eth*", "*"; # Restrict network interfaces it works >>>>> with >>>>> #} >>>>> >>>>> protocol kernel { >>>>> # learn; # Learn all alien routes from the >>>>> kernel >>>>> persist; # Don't remove routes on bird >>>>> shutdown >>>>> scan time 20; # Scan kernel routing table every 20 >>>>> seconds >>>>> # import none; # Default is import all >>>>> export all; # Default is export none >>>>> # kernel table 5; # Kernel table to synchronize with >>>>> (default: >>>>> main) >>>>> } >>>>> >>>>> protocol device { >>>>> scan time 10; # Scan interfaces every 10 seconds >>>>> } >>>>> >>>>> filter bgp_in_client >>>>> { >>>>> if ! rt_import(64496, [ 64496 ], [ 192.168.128.0/24, 10.0.0.0/23+ >>>>> ]) >>>>> then >>>>> reject; >>>>> accept; >>>>> } >>>>> >>>>> filter bgp_out_client >>>>> { >>>>> if ! rt_export_all() then reject; >>>>> accept; >>>>> } >>>>> >>>>> >>>>> protocol bgp RC1 { >>>>> # disabled; >>>>> description "Route Client1 Peer"; >>>>> local as 65000; >>>>> neighbor 192.168.128.21 as 64496; >>>>> import filter bgp_in_client; >>>>> export filter bgp_out_client; >>>>> rs client; >>>>> } >>>>> >>>>> [admin@rs ~]# ifconfig -a >>>>> eth0 Link encap:Ethernet HWaddr 00:1A:64:22:5F:E9 >>>>> inet addr:192.168.128.31 Bcast:192.168.128.255 >>>>> Mask:255.255.255.0 >>>>> inet6 addr: fe80::21a:64ff:fe22:5fe9/64 Scope:Link >>>>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >>>>> RX packets:3726 errors:0 dropped:0 overruns:0 frame:0 >>>>> TX packets:1964 errors:0 dropped:0 overruns:0 carrier:0 >>>>> collisions:0 txqueuelen:1000 >>>>> RX bytes:331155 (323.3 KiB) TX bytes:187893 (183.4 KiB) >>>>> Interrupt:17 >>>>> >>>>> lo Link encap:Local Loopback >>>>> inet addr:127.0.0.1 Mask:255.0.0.0 >>>>> inet6 addr: ::1/128 Scope:Host >>>>> UP LOOPBACK RUNNING MTU:16436 Metric:1 >>>>> RX packets:0 errors:0 dropped:0 overruns:0 frame:0 >>>>> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 >>>>> collisions:0 txqueuelen:0 >>>>> RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) >>>>> >>>>> [admin@rc ~]# ifconfig -a >>>>> eth0 Link encap:Ethernet HWaddr 00:1A:64:22:60:01 >>>>> inet addr:192.168.128.33 Bcast:192.168.128.255 >>>>> Mask:255.255.255.0 >>>>> inet6 addr: fe80::21a:64ff:fe22:6001/64 Scope:Link >>>>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >>>>> RX packets:25056 errors:0 dropped:0 overruns:0 frame:0 >>>>> TX packets:10341 errors:0 dropped:0 overruns:0 carrier:0 >>>>> collisions:0 txqueuelen:1000 >>>>> RX bytes:2368094 (2.2 MiB) TX bytes:1065046 (1.0 MiB) >>>>> Interrupt:17 >>>>> >>>>> lo Link encap:Local Loopback >>>>> inet addr:127.0.0.1 Mask:255.0.0.0 >>>>> inet6 addr: ::1/128 Scope:Host >>>>> UP LOOPBACK RUNNING MTU:16436 Metric:1 >>>>> RX packets:22 errors:0 dropped:0 overruns:0 frame:0 >>>>> TX packets:22 errors:0 dropped:0 overruns:0 carrier:0 >>>>> collisions:0 txqueuelen:0 >>>>> RX bytes:1900 (1.8 KiB) TX bytes:1900 (1.8 KiB) >>>>> >>>>> lo:0 Link encap:Local Loopback >>>>> inet addr:10.0.1.1 Mask:255.255.255.255 >>>>> UP LOOPBACK RUNNING MTU:16436 Metric:1 >>>>> >>>>> This worked ok on Ubuntu >>>>> >>>>> >>>>> >>>>> On 09/09/12 18:49, Виталий Туровец wrote: >>>>> >>>>> 2012/9/9 ril.kidd <[email protected]>: >>>>> >>>>> The following commands give me: Peer is not a protocol >>>>> >>>>> >>>>> birdc show protocols all Peer >>>>> birdc show route all protocol Peer >>>>> birdc show route all export Peer >>>>> >>>>> Output from "'# netstat -rn" is: >>>>> Kernel IP routing table >>>>> Destination Gateway Genmask Flags MSS Window >>>>> irtt >>>>> Iface >>>>> 192.168.128.0 0.0.0.0 255.255.255.0 U 0 0 >>>>> 0 >>>>> eth0 >>>>> 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 >>>>> 0 >>>>> eth0 >>>>> 0.0.0.0 192.168.128.28 0.0.0.0 UG 0 0 >>>>> 0 >>>>> eth0 >>>>> >>>>> Well, 1: which routes you expect your bird to propagate to peer? >>>>> 169.254.0.0/16 network. must NOT be routed anyway. >>>>> 2: ports out otput of "show protocols all " command here please. >>>>> 3: show your FULL and UNCUT config file. >>>>> 4: ifconfig -a >>>>> >>>>> >>>>> >>>>> On 09/09/12 17:18, Виталий Туровец wrote: >>>>> >>>>> 2012/9/9 ril.kidd <[email protected]>: >>>>> >>>>> On 09/09/12 16:57, ril.kidd wrote: >>>>> >>>>> Sorry, bird.conf looks like this: >>>>> >>>>> >>>>> router id 192.168.128.21; >>>>> >>>>> #protocol direct { >>>>> # interface "-eth*", "*"; # Restrict network interfaces it works >>>>> with >>>>> #} >>>>> >>>>> protocol kernel { >>>>> # learn; # Learn all alien routes from the >>>>> kernel >>>>> persist; # Don't remove routes on bird >>>>> shutdown >>>>> scan time 20; # Scan kernel routing table every >>>>> 20 >>>>> seconds >>>>> # import none; # Default is import all >>>>> export all; # Default is export none >>>>> # kernel table 5; # Kernel table to synchronize with >>>>> (default: >>>>> main) >>>>> } >>>>> >>>>> protocol device { >>>>> scan time 10; # Scan interfaces every 10 seconds >>>>> } >>>>> >>>>> protocol bgp Peer { >>>>> # disabled; >>>>> description "Peer"; >>>>> local as 64496; >>>>> neighbor 192.168.128.20 as 65000; >>>>> import all; >>>>> export all; >>>>> # multihop; >>>>> } >>>>> >>>>> On 09/09/12 16:53, Crest wrote: >>>>> >>>>> On 09.09.2012 17:50, ril.kidd wrote: >>>>> >>>>> On 09/09/12 16:10, ril.kidd wrote: >>>>> >>>>> hello, >>>>> I have two ubuntu 12.04 linux servers running bird 1.3.8 and peered >>>>> with >>>>> each other. >>>>> The routes from each show in both routing tables. >>>>> >>>>> I installed centos 6.3 on an (identically configured) different set of >>>>> servers and copied the configuration files. I see peering established >>>>> but >>>>> no >>>>> routes in both routing tables. It doesnt work when peered with the >>>>> ubuntu >>>>> servers either. >>>>> Please what may be wrong? Or am I just missing something? >>>>> >>>>> >>>>> Actually, when i do "show route" from birdc> i dont get any results >>>>> >>>>> Sorry my crystal ball is unaligned how about a few bird.conf snippets >>>>> to >>>>> calibrate it? >>>>> >>>>> >>>>> >>>>> What about output from these commands: >>>>> birdc show protocols all Peer >>>>> birdc show route all protocol Peer >>>>> birdc show route all export Peer >>>>> netstat -rn >>>>> ? >>>>> >>>>> >>>>> >>>>> >>>> If i were you, i'd turn on the "kernel" and "device" protocols :) >>>> Your birds don't import any routes from anywhere, wo they wouldn't >>>> propagate anything to peers :) >>>> They just have nothing to :) >>> >>> >>> Thank you. >>> The device protocol is turned on. When I uncomment the learn line unde >>> ther >>> kernel protocol, i get this: >>> >>> #Route Client >>> birdc> show route >>> 0.0.0.0/0 via 192.168.128.28 on eth0 [kernel1 15:43] * (10) >>> >>> #Route Server >>> birdc> show route >>> 0.0.0.0/0 via 192.168.128.28 on eth0 [RC1p 15:33 from >>> 192.168.128.20] ! (100) [AS64496i] >>> >>> >>> 192.168.128.28 is configured as the default gateway on the machine. >>> How do I import the route to the virtual sub-interface? >>> >> Your route should be seen in system's routing table anyway so that >> "netstat -rn" would show it. >> You can add static route by "ip ro add x.x.x.x/xx y.y.y.y" and then >> bird will automatically import it, or you can add a static route >> inside of the bird like described on this page - >> http://bird.network.cz/?get_doc&f=bird-6.html#ss6.9 . >> Anyway, from my point of view, second way is a bit more complicated >> and i always prefer the OS-specific method of adding routes. But it >> may work nicely for you nevertheless :) >> > Ok, thank you. It worked. > However, i wonder why i had to add the route manulaly in CentOS. It was > added automatically in Ubuntu. Also, the static route remains in the routing > table when the virtual interface is down. Is there a way to remove it and > automatically add it when the interface is back up? > >
It definitely is a question to CentOS knowers and not BIRD mailing list :) Please excuse me for small offtopic, but as far as i know bird and all the unices i've had experience with, the combination of my choice is FreeBSD + bird :) It works like a charm. If you need support with this combination, you can mail me directly :) -- ~~~ WBR, Vitaliy Turovets Systems Administrator Corebug.Net +38(093)265-70-55 VITU-RIPE X-NCC-RegID: ua.tv
