Re: [Vyatta-users] Routing between interfaces
Hi there, Thank you for your email. I am currently away on reservist and will only be back on the 3rd March 2008. My access to email during this period will be limited. If there is any urgent matter that require attention, please contact Choon Kiat ([EMAIL PROTECTED]) during this period and cc me in the email. Warmest regards, Daren Tay Senior MIS Hardware Zone Pte Ltd ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Problem sending prefixes to my upstream provider
Connected means defined directly on an interface on your router.
because 117.120.0.0/21 is defined directly on a router interface
(eth1) your static route will never work. A connected route takes
preference over a static one. because of this, the route is not
installed in the routing table so your attempt to advertise:
policy {
policy-statement BGP_EXPORT {
term 1 {
from {
protocol: static
network4: 117.120.0.0/21
}
then {
action: accept
WIll never work. What you should do is change it to look like this:
policy {
policy-statement BGP_EXPORT {
term 1 {
from {
protocol: connected
network4: 117.120.0.0/21
}
then {
action: accept
And it should work.
--
Aubrey Wells
Senior Engineer
Shelton | Johns Technology Group
A Vyatta Ready Partner
www.sheltonjohns.com
On Feb 29, 2008, at 3:31 PM, Poh Yong Hwang wrote:
Hi,
Thanks for your advise but could you elaborate more on what do you
mean by connected? Care to give me an example?
Thanks!
Yongsan
On Fri, Feb 29, 2008 at 9:42 PM, Aubrey Wells
[EMAIL PROTECTED] wrote:
For bgp to advertise a prefix you must have a valid route in your
local RIB. That static route isn't valid because you're pointing a
locally connected route to another local route. Since the /21 is a
directly connected route, get rid of the static route and change
your from protocol to connected and that should work.
Aubrey Wells (iPhone)
Senior Engineer
Shelton | Johns
www.sheltonjohns.com
On Feb 29, 2008, at 2:53 AM, Poh Yong Hwang [EMAIL PROTECTED]
wrote:
Hi,
I have problem sending prefixes to my upstream provider based on
the docs on Originating route to eBGP neighbours. My prefixes is as
follows 117.120.0.0/21 and here is my detail configuration:
protocols {
bgp {
bgp-id: 203.192.163.146
local-as: 7595
import:
export: BGP_EXPORT
peer 203.192.163.145 {
import:
export:
multihop: 1
peer-port: 179
local-port: 179
local-ip: 203.192.163.146
as: 10026
next-hop: 203.192.163.146
holdtime: 90
delay-open-time: 0
client: false
confederation-member: false
disable: false
ipv4-unicast: true
ipv4-multicast: false
ipv6-unicast: false
ipv6-multicast: false
md5-key:
}
}
static {
disable: false
route 117.120.0.0/21 {
next-hop: 203.192.163.146
metric: 1
}
}
}
policy {
policy-statement BGP_EXPORT {
term 1 {
from {
protocol: static
network4: 117.120.0.0/21
}
then {
action: accept
}
}
}
}
interfaces {
restore: false
loopback lo {
description:
}
ethernet eth0 {
disable: false
discard: false
description:
hw-id: 00:30:48:83:08:ae
duplex: auto
speed: auto
address 203.192.163.146 {
prefix-length: 30
disable: false
}
}
ethernet eth1 {
disable: false
discard: false
description:
hw-id: 00:30:48:83:08:af
duplex: auto
speed: auto
address 117.120.0.5 {
prefix-length: 21
disable: false
}
}
}
service {
ssh {
port: 22
protocol-version: v2
}
webgui {
http-port: 80
https-port: 443
}
}
firewall {
log-martians: enable
send-redirects: disable
receive-redirects: disable
ip-src-route: disable
broadcast-ping: disable
syn-cookies: enable
}
system {
host-name: vyatta
domain-name:
name-server 202.79.210.197
time-zone: GMT
ntp-server 69.59.150.135
login {
user root {
full-name:
authentication {
encrypted-password: $1$$Ht7gBYnxI1xCdO/JOnodh.
}
}
user vyatta {
full-name:
authentication {
encrypted-password: $1$$Ht7gBYnxI1xCdO/JOnodh.
}
}
}
package {
auto-sync: 1
Re: [Vyatta-users] Problem sending prefixes to my upstream provider
Hi,
Thanks! It works now!
Basically it is really now a simple setup where my eth0 is connected to my
upstream and my eth1 will eventually be connected to a layer3 switch which
are able to do IP VLAN and the rest of my servers will be connected to a
layer2 switch. So will my config works in this case?
So the docs talking about Originating a route to eBGP Neighbours where it
uses static instead of connected is not really correct? Sorry, trying to
understand the difference between using a static route compared to using a
connected method.
Thanks!
Yongsan
On Sat, Mar 1, 2008 at 4:35 AM, Aubrey Wells [EMAIL PROTECTED]
wrote:
Connected means defined directly on an interface on your router. because
117.120.0.0/21 is defined directly on a router interface (eth1) your
static route will never work. A connected route takes preference over a
static one. because of this, the route is not installed in the routing table
so your attempt to advertise:
policy {
policy-statement BGP_EXPORT {
term 1 {
from {
protocol: static
network4: 117.120.0.0/21
}
then {
action: accept
WIll never work. What you should do is change it to look like this:
policy {
policy-statement BGP_EXPORT {
term 1 {
from {
protocol: connected
network4: 117.120.0.0/21
}
then {
action: accept
And it should work.
*
--*
*Aubrey Wells*
*Senior Engineer*
Shelton | Johns Technology Group
A Vyatta Ready Partner
www.sheltonjohns.com
On Feb 29, 2008, at 3:31 PM, Poh Yong Hwang wrote:
Hi,
Thanks for your advise but could you elaborate more on what do you mean by
connected? Care to give me an example?
Thanks!
Yongsan
On Fri, Feb 29, 2008 at 9:42 PM, Aubrey Wells [EMAIL PROTECTED]
wrote:
For bgp to advertise a prefix you must have a valid route in your local
RIB. That static route isn't valid because you're pointing a locally
connected route to another local route. Since the /21 is a directly
connected route, get rid of the static route and change your from protocol
to connected and that should work.
Aubrey Wells (iPhone)
Senior Engineer
Shelton | Johns
www.sheltonjohns.com
On Feb 29, 2008, at 2:53 AM, Poh Yong Hwang [EMAIL PROTECTED] wrote:
Hi,
I have problem sending prefixes to my upstream provider based on the
docs on Originating route to eBGP neighbours. My prefixes is as follows
117.120.0.0/21 and here is my detail configuration:
protocols {
bgp {
bgp-id: 203.192.163.146
local-as: 7595
import:
export: BGP_EXPORT
peer 203.192.163.145 {
import:
export:
multihop: 1
peer-port: 179
local-port: 179
local-ip: 203.192.163.146
as: 10026
next-hop: 203.192.163.146
holdtime: 90
delay-open-time: 0
client: false
confederation-member: false
disable: false
ipv4-unicast: true
ipv4-multicast: false
ipv6-unicast: false
ipv6-multicast: false
md5-key:
}
}
static {
disable: false
route 117.120.0.0/21 {
next-hop: 203.192.163.146
metric: 1
}
}
}
policy {
policy-statement BGP_EXPORT {
term 1 {
from {
protocol: static
network4: 117.120.0.0/21
}
then {
action: accept
}
}
}
}
interfaces {
restore: false
loopback lo {
description:
}
ethernet eth0 {
disable: false
discard: false
description:
hw-id: 00:30:48:83:08:ae
duplex: auto
speed: auto
address 203.192.163.146 {
prefix-length: 30
disable: false
}
}
ethernet eth1 {
disable: false
discard: false
description:
hw-id: 00:30:48:83:08:af
duplex: auto
speed: auto
address 117.120.0.5 {
prefix-length: 21
disable: false
}
}
}
service {
ssh {
port: 22
protocol-version: v2
}
webgui {
http-port:
Re: [Vyatta-users] Problem sending prefixes to my upstream provider
On Fri, Feb 29, 2008 at 1:15 PM, Poh Yong Hwang [EMAIL PROTECTED] wrote: So the docs talking about Originating a route to eBGP Neighbours where it uses static instead of connected is not really correct? Sorry, trying to understand the difference between using a static route compared to using a connected method. Think of a connected route as one that's exists because you've defined an interface, and you're connected to that network. And interface of 192.168.2.3/24 with have a connected route of 192.168.2.0/24. A static route is one you define that's for a network that's remote to the router. Justin ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Booting from Live-CD
That's actually a harder problem - you can do it by changing where the system looks for configuration on boot, install to disk and then modify the files to change what's mounted and where the system looks for the configuration, or build from scratch and create your own LiveCD with the changes in it. In VC4, look in /etc/init.d/vyatta-ofr, /etc/default/vyatta, and /etc/default/vyatta-cfg. If you make the changes that let the system find the configuration on a flash drive, be sure to submit them back to the hackers list (or should that be forum??) for inclusion for others as well :-) Best, Justin On Tue, Feb 26, 2008 at 9:23 PM, Christopher Johnson [EMAIL PROTECTED] wrote: Is there anyway, other than floppy disk, to have the OFR get a configuration file on boot from CDROM? I'd love for it to be able to read from a USB thumb drive, load it from a TFTP site (use the standard boot methods to do so) or in anyway to get a configuration file into the system with out me being at the console. This is glendale VC4, Alpha 1, soon to be Alpha 2. Best, -Chris P.S. I did try load of an URL, and it died. ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Booting from Live-CD
Thanks for the pointer to /etc/init.d/vyatta-ofr and /etc/default/vyatta. What I would likely do is have a config file that has the equivalent of a #include which tries a sequence of locations. /mnt/usb/config/config.boot, /mnt/flash/config/config.boot, /mnt/floppy/config/config.boot,/opt/vyatta/etc/config/config.boot By adding a simple Done or just having the config files overwrite each other in reasonable ways, we end up with a live CDROM that can boot on any machine yet find a configuration file. I'm actually going to have to look into a diskless version of Vyatta at some point. Thanks again for the pointers. Best, -Chris On Fri, Feb 29, 2008 at 6:33 PM, Justin Fletcher [EMAIL PROTECTED] wrote: That's actually a harder problem - you can do it by changing where the system looks for configuration on boot, install to disk and then modify the files to change what's mounted and where the system looks for the configuration, or build from scratch and create your own LiveCD with the changes in it. In VC4, look in /etc/init.d/vyatta-ofr, /etc/default/vyatta, and /etc/default/vyatta-cfg. If you make the changes that let the system find the configuration on a flash drive, be sure to submit them back to the hackers list (or should that be forum??) for inclusion for others as well :-) Best, Justin On Tue, Feb 26, 2008 at 9:23 PM, Christopher Johnson [EMAIL PROTECTED] wrote: Is there anyway, other than floppy disk, to have the OFR get a configuration file on boot from CDROM? I'd love for it to be able to read from a USB thumb drive, load it from a TFTP site (use the standard boot methods to do so) or in anyway to get a configuration file into the system with out me being at the console. This is glendale VC4, Alpha 1, soon to be Alpha 2. Best, -Chris P.S. I did try load of an URL, and it died. ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Booting from Live-CD
That's a nice idea. You'll still have to have a default location from which to start - which is the challenge of diskless systems :-) If On Fri, Feb 29, 2008 at 4:07 PM, Christopher Johnson [EMAIL PROTECTED] wrote: Thanks for the pointer to /etc/init.d/vyatta-ofr and /etc/default/vyatta. What I would likely do is have a config file that has the equivalent of a #include which tries a sequence of locations. /mnt/usb/config/config.boot, /mnt/flash/config/config.boot, /mnt/floppy/config/config.boot,/opt/vyatta/etc/config/config.boot By adding a simple Done or just having the config files overwrite each other in reasonable ways, we end up with a live CDROM that can boot on any machine yet find a configuration file. I'm actually going to have to look into a diskless version of Vyatta at some point. Thanks again for the pointers. Best, -Chris On Fri, Feb 29, 2008 at 6:33 PM, Justin Fletcher [EMAIL PROTECTED] wrote: That's actually a harder problem - you can do it by changing where the system looks for configuration on boot, install to disk and then modify the files to change what's mounted and where the system looks for the configuration, or build from scratch and create your own LiveCD with the changes in it. In VC4, look in /etc/init.d/vyatta-ofr, /etc/default/vyatta, and /etc/default/vyatta-cfg. If you make the changes that let the system find the configuration on a flash drive, be sure to submit them back to the hackers list (or should that be forum??) for inclusion for others as well :-) Best, Justin On Tue, Feb 26, 2008 at 9:23 PM, Christopher Johnson [EMAIL PROTECTED] wrote: Is there anyway, other than floppy disk, to have the OFR get a configuration file on boot from CDROM? I'd love for it to be able to read from a USB thumb drive, load it from a TFTP site (use the standard boot methods to do so) or in anyway to get a configuration file into the system with out me being at the console. This is glendale VC4, Alpha 1, soon to be Alpha 2. Best, -Chris P.S. I did try load of an URL, and it died. ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
