Re: [Vyatta-users] Routing between interfaces
Hi there, Thank you for your email. I am currently away on reservist and will only be back on the 3rd March 2008. My access to email during this period will be limited. If there is any urgent matter that require attention, please contact Choon Kiat ([EMAIL PROTECTED]) during this period and cc me in the email. Warmest regards, Daren Tay Senior MIS Hardware Zone Pte Ltd ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Problem sending prefixes to my upstream provider
Connected means defined directly on an interface on your router. because 117.120.0.0/21 is defined directly on a router interface (eth1) your static route will never work. A connected route takes preference over a static one. because of this, the route is not installed in the routing table so your attempt to advertise: policy { policy-statement BGP_EXPORT { term 1 { from { protocol: static network4: 117.120.0.0/21 } then { action: accept WIll never work. What you should do is change it to look like this: policy { policy-statement BGP_EXPORT { term 1 { from { protocol: connected network4: 117.120.0.0/21 } then { action: accept And it should work. -- Aubrey Wells Senior Engineer Shelton | Johns Technology Group A Vyatta Ready Partner www.sheltonjohns.com On Feb 29, 2008, at 3:31 PM, Poh Yong Hwang wrote: Hi, Thanks for your advise but could you elaborate more on what do you mean by connected? Care to give me an example? Thanks! Yongsan On Fri, Feb 29, 2008 at 9:42 PM, Aubrey Wells [EMAIL PROTECTED] wrote: For bgp to advertise a prefix you must have a valid route in your local RIB. That static route isn't valid because you're pointing a locally connected route to another local route. Since the /21 is a directly connected route, get rid of the static route and change your from protocol to connected and that should work. Aubrey Wells (iPhone) Senior Engineer Shelton | Johns www.sheltonjohns.com On Feb 29, 2008, at 2:53 AM, Poh Yong Hwang [EMAIL PROTECTED] wrote: Hi, I have problem sending prefixes to my upstream provider based on the docs on Originating route to eBGP neighbours. My prefixes is as follows 117.120.0.0/21 and here is my detail configuration: protocols { bgp { bgp-id: 203.192.163.146 local-as: 7595 import: export: BGP_EXPORT peer 203.192.163.145 { import: export: multihop: 1 peer-port: 179 local-port: 179 local-ip: 203.192.163.146 as: 10026 next-hop: 203.192.163.146 holdtime: 90 delay-open-time: 0 client: false confederation-member: false disable: false ipv4-unicast: true ipv4-multicast: false ipv6-unicast: false ipv6-multicast: false md5-key: } } static { disable: false route 117.120.0.0/21 { next-hop: 203.192.163.146 metric: 1 } } } policy { policy-statement BGP_EXPORT { term 1 { from { protocol: static network4: 117.120.0.0/21 } then { action: accept } } } } interfaces { restore: false loopback lo { description: } ethernet eth0 { disable: false discard: false description: hw-id: 00:30:48:83:08:ae duplex: auto speed: auto address 203.192.163.146 { prefix-length: 30 disable: false } } ethernet eth1 { disable: false discard: false description: hw-id: 00:30:48:83:08:af duplex: auto speed: auto address 117.120.0.5 { prefix-length: 21 disable: false } } } service { ssh { port: 22 protocol-version: v2 } webgui { http-port: 80 https-port: 443 } } firewall { log-martians: enable send-redirects: disable receive-redirects: disable ip-src-route: disable broadcast-ping: disable syn-cookies: enable } system { host-name: vyatta domain-name: name-server 202.79.210.197 time-zone: GMT ntp-server 69.59.150.135 login { user root { full-name: authentication { encrypted-password: $1$$Ht7gBYnxI1xCdO/JOnodh. } } user vyatta { full-name: authentication { encrypted-password: $1$$Ht7gBYnxI1xCdO/JOnodh. } } } package { auto-sync: 1
Re: [Vyatta-users] Problem sending prefixes to my upstream provider
Hi, Thanks! It works now! Basically it is really now a simple setup where my eth0 is connected to my upstream and my eth1 will eventually be connected to a layer3 switch which are able to do IP VLAN and the rest of my servers will be connected to a layer2 switch. So will my config works in this case? So the docs talking about Originating a route to eBGP Neighbours where it uses static instead of connected is not really correct? Sorry, trying to understand the difference between using a static route compared to using a connected method. Thanks! Yongsan On Sat, Mar 1, 2008 at 4:35 AM, Aubrey Wells [EMAIL PROTECTED] wrote: Connected means defined directly on an interface on your router. because 117.120.0.0/21 is defined directly on a router interface (eth1) your static route will never work. A connected route takes preference over a static one. because of this, the route is not installed in the routing table so your attempt to advertise: policy { policy-statement BGP_EXPORT { term 1 { from { protocol: static network4: 117.120.0.0/21 } then { action: accept WIll never work. What you should do is change it to look like this: policy { policy-statement BGP_EXPORT { term 1 { from { protocol: connected network4: 117.120.0.0/21 } then { action: accept And it should work. * --* *Aubrey Wells* *Senior Engineer* Shelton | Johns Technology Group A Vyatta Ready Partner www.sheltonjohns.com On Feb 29, 2008, at 3:31 PM, Poh Yong Hwang wrote: Hi, Thanks for your advise but could you elaborate more on what do you mean by connected? Care to give me an example? Thanks! Yongsan On Fri, Feb 29, 2008 at 9:42 PM, Aubrey Wells [EMAIL PROTECTED] wrote: For bgp to advertise a prefix you must have a valid route in your local RIB. That static route isn't valid because you're pointing a locally connected route to another local route. Since the /21 is a directly connected route, get rid of the static route and change your from protocol to connected and that should work. Aubrey Wells (iPhone) Senior Engineer Shelton | Johns www.sheltonjohns.com On Feb 29, 2008, at 2:53 AM, Poh Yong Hwang [EMAIL PROTECTED] wrote: Hi, I have problem sending prefixes to my upstream provider based on the docs on Originating route to eBGP neighbours. My prefixes is as follows 117.120.0.0/21 and here is my detail configuration: protocols { bgp { bgp-id: 203.192.163.146 local-as: 7595 import: export: BGP_EXPORT peer 203.192.163.145 { import: export: multihop: 1 peer-port: 179 local-port: 179 local-ip: 203.192.163.146 as: 10026 next-hop: 203.192.163.146 holdtime: 90 delay-open-time: 0 client: false confederation-member: false disable: false ipv4-unicast: true ipv4-multicast: false ipv6-unicast: false ipv6-multicast: false md5-key: } } static { disable: false route 117.120.0.0/21 { next-hop: 203.192.163.146 metric: 1 } } } policy { policy-statement BGP_EXPORT { term 1 { from { protocol: static network4: 117.120.0.0/21 } then { action: accept } } } } interfaces { restore: false loopback lo { description: } ethernet eth0 { disable: false discard: false description: hw-id: 00:30:48:83:08:ae duplex: auto speed: auto address 203.192.163.146 { prefix-length: 30 disable: false } } ethernet eth1 { disable: false discard: false description: hw-id: 00:30:48:83:08:af duplex: auto speed: auto address 117.120.0.5 { prefix-length: 21 disable: false } } } service { ssh { port: 22 protocol-version: v2 } webgui { http-port:
Re: [Vyatta-users] Problem sending prefixes to my upstream provider
On Fri, Feb 29, 2008 at 1:15 PM, Poh Yong Hwang [EMAIL PROTECTED] wrote: So the docs talking about Originating a route to eBGP Neighbours where it uses static instead of connected is not really correct? Sorry, trying to understand the difference between using a static route compared to using a connected method. Think of a connected route as one that's exists because you've defined an interface, and you're connected to that network. And interface of 192.168.2.3/24 with have a connected route of 192.168.2.0/24. A static route is one you define that's for a network that's remote to the router. Justin ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Booting from Live-CD
That's actually a harder problem - you can do it by changing where the system looks for configuration on boot, install to disk and then modify the files to change what's mounted and where the system looks for the configuration, or build from scratch and create your own LiveCD with the changes in it. In VC4, look in /etc/init.d/vyatta-ofr, /etc/default/vyatta, and /etc/default/vyatta-cfg. If you make the changes that let the system find the configuration on a flash drive, be sure to submit them back to the hackers list (or should that be forum??) for inclusion for others as well :-) Best, Justin On Tue, Feb 26, 2008 at 9:23 PM, Christopher Johnson [EMAIL PROTECTED] wrote: Is there anyway, other than floppy disk, to have the OFR get a configuration file on boot from CDROM? I'd love for it to be able to read from a USB thumb drive, load it from a TFTP site (use the standard boot methods to do so) or in anyway to get a configuration file into the system with out me being at the console. This is glendale VC4, Alpha 1, soon to be Alpha 2. Best, -Chris P.S. I did try load of an URL, and it died. ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Booting from Live-CD
Thanks for the pointer to /etc/init.d/vyatta-ofr and /etc/default/vyatta. What I would likely do is have a config file that has the equivalent of a #include which tries a sequence of locations. /mnt/usb/config/config.boot, /mnt/flash/config/config.boot, /mnt/floppy/config/config.boot,/opt/vyatta/etc/config/config.boot By adding a simple Done or just having the config files overwrite each other in reasonable ways, we end up with a live CDROM that can boot on any machine yet find a configuration file. I'm actually going to have to look into a diskless version of Vyatta at some point. Thanks again for the pointers. Best, -Chris On Fri, Feb 29, 2008 at 6:33 PM, Justin Fletcher [EMAIL PROTECTED] wrote: That's actually a harder problem - you can do it by changing where the system looks for configuration on boot, install to disk and then modify the files to change what's mounted and where the system looks for the configuration, or build from scratch and create your own LiveCD with the changes in it. In VC4, look in /etc/init.d/vyatta-ofr, /etc/default/vyatta, and /etc/default/vyatta-cfg. If you make the changes that let the system find the configuration on a flash drive, be sure to submit them back to the hackers list (or should that be forum??) for inclusion for others as well :-) Best, Justin On Tue, Feb 26, 2008 at 9:23 PM, Christopher Johnson [EMAIL PROTECTED] wrote: Is there anyway, other than floppy disk, to have the OFR get a configuration file on boot from CDROM? I'd love for it to be able to read from a USB thumb drive, load it from a TFTP site (use the standard boot methods to do so) or in anyway to get a configuration file into the system with out me being at the console. This is glendale VC4, Alpha 1, soon to be Alpha 2. Best, -Chris P.S. I did try load of an URL, and it died. ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Booting from Live-CD
That's a nice idea. You'll still have to have a default location from which to start - which is the challenge of diskless systems :-) If On Fri, Feb 29, 2008 at 4:07 PM, Christopher Johnson [EMAIL PROTECTED] wrote: Thanks for the pointer to /etc/init.d/vyatta-ofr and /etc/default/vyatta. What I would likely do is have a config file that has the equivalent of a #include which tries a sequence of locations. /mnt/usb/config/config.boot, /mnt/flash/config/config.boot, /mnt/floppy/config/config.boot,/opt/vyatta/etc/config/config.boot By adding a simple Done or just having the config files overwrite each other in reasonable ways, we end up with a live CDROM that can boot on any machine yet find a configuration file. I'm actually going to have to look into a diskless version of Vyatta at some point. Thanks again for the pointers. Best, -Chris On Fri, Feb 29, 2008 at 6:33 PM, Justin Fletcher [EMAIL PROTECTED] wrote: That's actually a harder problem - you can do it by changing where the system looks for configuration on boot, install to disk and then modify the files to change what's mounted and where the system looks for the configuration, or build from scratch and create your own LiveCD with the changes in it. In VC4, look in /etc/init.d/vyatta-ofr, /etc/default/vyatta, and /etc/default/vyatta-cfg. If you make the changes that let the system find the configuration on a flash drive, be sure to submit them back to the hackers list (or should that be forum??) for inclusion for others as well :-) Best, Justin On Tue, Feb 26, 2008 at 9:23 PM, Christopher Johnson [EMAIL PROTECTED] wrote: Is there anyway, other than floppy disk, to have the OFR get a configuration file on boot from CDROM? I'd love for it to be able to read from a USB thumb drive, load it from a TFTP site (use the standard boot methods to do so) or in anyway to get a configuration file into the system with out me being at the console. This is glendale VC4, Alpha 1, soon to be Alpha 2. Best, -Chris P.S. I did try load of an URL, and it died. ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users