Re: Using old thin clients as a BGP testbed

2007-01-25 Thread unixgeek 
Does anyone know of organizations that will allow BGP peering sessions
(using private AS numbers) to be established for such test systems
described on this thread? The application here is for use in teaching
an advance routing class @ a community college here in Ohio.

Thanks!
Glenn


On Thu, January 25, 2007 4:54 pm, Claudio Jeker wrote:
> On Thu, Jan 25, 2007 at 02:54:54PM -0500, Dan Farrell wrote:
>
>> I'm in the same position as yourself and I've been in testing and
>> production with a set of old Compaq PII-450 workstations with 192 MB RAM
>>  apiece... they run like a charm with four full tables, with plenty of
>> RAM left over. One of them actually died on me, and I've been lazy
>> about pulling out one of the other five identical models I have in
>> storage to replace it.
>>
>> It took 10 minutes each to load OBSD on the two and another 40 minutes
>> putting the configuration together (that part's dependent on your OBGP,
>> CARP, and general BGP skills) and voila... nice little routeservers.
>>
>>
>
> For a BGP testlab almost anything will do as long as it has enough RAM or
>  you limit the number of prefixes to a few 10'000. I runned bgpd on
> soekris boxes, sparcs and even mack68k without any troubles. There should
> be even enough RAM to run ospfd as well :)
>
> For production systems just use a fast CPU and good network cards (if you
>  are routing) plus add between 512M-1GB of RAM.
>
> --
> :wq Claudio

Re: Version 4.0 release

2006-10-10 Thread unixgeek 
  I would think that there would be some sense of "urgency" to get the new
rthreads implementation up-an-running (at least for the i386 and AMD64
platforms) otherwise OpenBSD will become less and less viable as a
general purpose server platform (I like OpenBSD a lot) and really hate
to see this happen...

Just my $0.02
Glenn



> I'm not saying OpenBSD is a bad operating system. Far from it. However I
> would only use it for routers, firewalls, bridges, etc... Anything that has
> to do with networking because after all, OpenBSD's networking is great.
> Outside these areas OpenBSD is just too slow and doesn't support
> enough hardware.
>
> Asking for code submission if you want feature x or y doesn't really
> float my boat. I only do some high level programming and I know nothing
> about kernel internals. I use it where it fits me and equals customer
> benefit. If it doesn't I need to search for something else. We are all
> specialized in our field, you can't ask a butcher to do a heart operation
> even if they both handle meat all the time.
>
> Please note that this is all IMHO.
>
>
> Glenn

ObenBGP Prefix Limit in v3.9

2006-03-04 Thread unixgeek 
 Is there a new default prefix limit in OpenBSD (v3.9)?? I got the
follwoing messages below when trying out the snapshot this weekend, I
don't remembere seeing anything like this in V3.8
Glenn

"Mar  2 20:59:34 www bgpd[238]: neighbor 2001:4830:e2:25::1 (AS30071):
prefix limit reached"

State of Rthreads in OpenBSD 3.9

2006-02-14 Thread unixgeek 
Is the new Rthreads library functional enought 3.9 that it can be used for
'experimental' purposes? Has there been anything documented yet as to it's
used?
Thanks!
Glenn

Looking Glass for OpenBGP in 3.9?

2006-02-11 Thread unixgeek 
I read somewhere that there was a 'Looking Glass' implementaion 'in the
works' for OpenBSD/OpenBGP 3.9. I was wondering if that was the case?
Thanks,
Glenn

Re: OpenBGP & IPv6

2006-01-10 Thread unixgeek 
The works for me perring with the OCCAID network:
   www:occaid.net
 and Hurricane Electric's Tunnel Broker Service:
   http://tunnelbroker.net

 Both Cisco based equipmentthere must be something else wrong in the
configuration...
Glenn

> Hi,
>
>> Try:
>>
>> announce IPv4 unicast
>> announce IPv6 unicast
>
> Nothing does :(
>
>
> --
> Sylvain COUTANT
>
> ADVISEO
> http://www.adviseo.fr/
> http://www.open-sp.fr/

Re: OpenBGP & IPv6

2006-01-07 Thread unixgeek 
Try:

announce IPv4 unicast
announce IPv6 unicast
Glenn


> I was just about to create a new thread when I read :
>
>>  I have not seen it discussed much on the list, but OpenBGP works *very*
>> well and is easy to setup using Hurricane Electrics free (ipv6-in-ipv4)
>
> I try to setup a BGP peering with upstream and I have (v3.8) :
>
> Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6): state change
> Idle -> Connect, reason: Start
> Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6): state change
> Connect -> OpenSent, reason: Connection opened
> Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6): state change
> OpenSent -> OpenConfirm, reason: OPEN message received
> Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6): received
> notification: error in OPEN message, unsupported capabil
> ity
> Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6):
> parse_notification: capa_len 16 exceedsremaining msg length
> Jan  7 10:11:19 r2 bgpd[31645]: neighbor 2001:x:21 (x-v6): state change
> OpenConfirm -> Idle, reason: NOTIFICATION received
>
>
> Upstream told me about capability : "We do 'inet6.unicast' only". Upstream
> router is a Juniper.
>
> Relevant configuration is :
>
> network 2001:1b58::/32
>
> group "Upstream" {
> set localpref   xxx
> announceself
>
> neighbor x.x.x.x {
> remote-as   x
> descr   x-v4
> }
>
> neighbor 2001:x:0021 {
> remote-as   x
> descr   x-v6
> }
> }
>
>
> Any idea what I've done wrong again ?
>
>
> BR,
>
> --
> Sylvain COUTANT
>
> ADVISEO
> http://www.adviseo.fr/
> http://www.open-sp.fr/

OpenBGP & IPv6

2006-01-06 Thread unixgeek 
 I have not seen it discussed much on the list, but OpenBGP works *very*
well and is easy to setup using Hurricane Electrics free (ipv6-in-ipv4)
tunnel broker service. Kudos to Henning for all the good work that went
into making this available in v3.8!! I will try and create a quick and
dirty web page in the next few days to illustrate how I set this up
incase anyone else is interested in trying out...
Glenn

Re: MPLS-VPN Support in OpenBSD

2006-01-06 Thread unixgeek 
Claudio,
  Thanks for taking the time to give us your insigh on this technology,
I agree that it is a very interesting discussion:) I guess that explains
why there is very little interested in mpls-vpns in open source project
the last several years (except for the work James Leu) is doing...
Glenn



> On Fri, Jan 06, 2006 at 11:12:23PM +0100, Thomas Bvrnert wrote:
>> Thanks Claudio. Is there also an security issue on MPLS VPN ?
>> Or is a normal VPN much secure als MPLS VPN ?
>>
>
> MPLS VPNs are normaly not encrypted. It is just used to tunnel multiple
> networks over a backbone network without touching the traffic.
> So it is possible to bridge networks -- the customer does not realize that
> there is a MPLS VPN in between. This is what some metro networks do.
>
> --
> :wq Claudio

MPLS-VPN Support in OpenBSD

2006-01-05 Thread unixgeek 
Hi,
 I was wondering if there were any plans to add MPLS/VPN support into
OpenBSD? NetBSD had some folks working on the Amaye project
(http://www.ayame.org/) but that seems to have been dormant for a long
time...

Thanks,
Glenn

Re: BGPD Boot-Time Startup Problem

2005-12-15 Thread unixgeek 
The ipv6 newtwork is setup in rc.local:

#Setup ipv6 routing:
echo -n 'Setting Up IPv6 to OCCAID Network'
ifconfig gif0 giftunnel 68.21.68.114 69.72.192.238
ifconfig gif0 inet6 2001:4830:e2:25::2
route add -inet6 2001:4830:e2:25::1 -prefixlen 64 2001:4830:e2:25::2
route add -inet6 default 2001:4830:e2:25::1

 It could well be that on boot-up this is address is not avaiable yet..and
I might need to put in a delay (say startup with cron perhaps)...
Thanks;
Glenn

> On Thu, Dec 15, 2005 at 06:34:04PM -0500, [EMAIL PROTECTED] wrote:
>> When I try and startup OpenBGP at boot time I get the following error
>> message:
>>
>> Dec 15 18:15:45 www bgpd[31059]: neighbor 2001:4830:e2:25::1 (AS30071):
>> session_connect bind: Can't assign requested address
>>
>
> You force a local address bgpd has to bind to via the local-address config
> option. It seems that on bootup the requested address is not yet
> available. It looks like your IPv6 settup is done after bgpd is started.
>
> How do you configure the IPv6 network?
>
>> Is there some type of a problem in synchroniziation at boot time wih
>> remote AS's? Maybe sometime of a delay is needed under certain
>> circunstances...
>>
>
> It mostly depends on when your local address gets available.
>
> --
> :wq Claudio

BGPD Boot-Time Startup Problem

2005-12-15 Thread unixgeek 
When I try and startup OpenBGP at boot time I get the following error
message:

Dec 15 18:15:45 www bgpd[31059]: neighbor 2001:4830:e2:25::1 (AS30071):
session_connect bind: Can't assign requested address

When trying to perr with the OCCAID network (www.occaid.net), running IPV6
however when I start the process up manually (after the computer is
booted):
/usr/sbin/bgpd -f /etc/bgpd.conf

The process connexts and runs just fine:


 BGP neighbor is 2001:4830:e2:25::1, remote AS 30071
 Description: AS30071
  BGP version 4, remote router-id 65.126.230.2
  BGP state = Established, up for 00:12:28
  Last read 00:00:29, holdtime 180s, keepalive interval 60s
  Neighbor capabilities:
Multiprotocol extensions: IPv6 Unicast
Route Refresh

  Message statistics:
  Sent   Received
  Opens1  1
  Notifications0  0
  Updates  0741
  Keepalives  13 14
  Route Refresh0  0
  Total   14756

  Local host:2001:4830:e2:25::2, Local port:   9611
  Remote host:   2001:4830:e2:25::1, Remote port:   179


Is there some type of a problem in synchroniziation at boot time wih
remote AS's? Maybe sometime of a delay is needed under certain
circunstances...

Thanks!
Glenn

Re: anyone tried bgpd vs. he.net/tunnelbroker.net

2005-11-27 Thread unixgeek 

your only workaround is to not send any capability it does not grok.
this is guesswork. you might want to try to not announce v4 unicast
capabilities...


I was wondering exactly how this was specified in the bgpd.conf file?
Since I was trying to do the same thing to connect to he.net and try out
the new ipv6 capabilities of bgpd...
Thanks!
Glenn