Use Linux to create a router

xiaoxiao2021-03-06  113

As a newly rising operating system, Linux has gradually been accepted by the majority of users due to its stable performance, source opening and price advantage. Now Linux's main use of martial arts is in the server field, but after proper configuration, it can also act as an important role of the Internet's physical cornerstone-router.

The router is a communication node in the communication subnet. Each router calculates and maintains a routing table, and thereby guides the data report to the next stop in the optimal path, this is the so-called route. In this way, through all the routers of all routers on the Internet, the datagram can reach the destination along a "best" path. With the assistance of GNU Software Zebra, we can create a Linux machine to a functionally fully supported RIPv1, RIPv2, RIPNG, OSPFv2, OSPFv3, BGP - 4 and BGP - 4 TCP / IP protocols. Now let's take a look at the operation mode and basic principles of OSPF and BGP protocol, then introduce Zebra installation configuration method, let your Linux machine becomes a router that supports OSPF with BGP.

BGP / OSPF overview

Today, many companies have a number of networks, and if the types of these networks are not the same, they need to be interconnected with routers. The router is a computer connected to two or more networks, which generates and maintains a routing table based on the routing protocol and follows the packets in the routing table. These routers have a network structure inside the company, knowing that the group is sent to all the details of the destination, but it does not understand the network structure of other companies. A series of routers and networks managed in the same mechanism are called autonomous systems (AS). Different mechanisms can use different routing algorithms; however, all routers in the same autonomous system use the same router protocol to facilitate the interchange of various routers in the autonomous system to maintain mutual connectivity. Each autonomous system has a 16-bit "Autonomous System (AS) number as a flag, just like an IP address, it is assigned by a specialized agency.

The router within the autonomous system is called "internal gateway", and the protocol used is called "internal gateway protocol". The internal gateway protocol is generally divided into two categories, one is the distance vector protocol, such as RIP, EIGRP protocol; another class is a link status protocol such as an OSPF protocol. The link status routing protocol is different from the distance vector protocol. The router with link state routing protocol is not exchanged to the distance to the destination, but maintained a network topology map. Then the database is represented by the database, where the entry corresponds to a link of the network. The router calculates "Best Routing" according to the information of the database, thereby the forwarding of the package. When the network topology changes, simply refer to the corresponding record instead of the entire database to notify other nodes. Each router can continue to work properly after modifying and recalculate the route.

Since the documentation of the Open Shortest Path Priority Agreement must be publicly published, it is "Open" (Open); it is also because it uses the "shortest path priority" (SPF) algorithm to calculate a node to all other nodes. The shortest path, the name is OSPF. OSPF has many advantages such as multi-dimensional system and multiple paths, so it is the internal gateway protocol recommended by the Internet, and RIP is hit into the cold palace due to its own limitations. Now, in performance, the internal gateway protocol that can be associated with OSPF is a proprietary protocol, but OSPF's "open" itself is a loud sign, because no one wants to be subject to a supplier .

As mentioned earlier, the router within the autonomous system does not have to know the internal structure details of other autonomous systems, thereby effectively saving the router's memory and CPU time, and increases the utilization of network bandwidth. However, what should I do if I want to communicate with other companies (autonomous systems)? It is very simple, we can specify a router connected to other autonomous systems to "external gateways" in the autonomous system, through it into other autonomous systems. The protocol used by the router is called "external gateway protocol", such as the Boundary Gateway Protocol (BGP). The two neighboring gateways must first interchange "Neighbor Detection" packets, whether negotiation is willing to be "neighbor". Become a neighbor, means that the two autonomous systems agreed to transfer both parties. After the agreement, the two neighbors exchange "neighboring accessibility message" to monitor the work of the links between them. Next, it is the most important job, with the "Network Accessibility Packet" to exchange information from the network that the adjacent machines can achieve, thereby realizing connectivity between autonomous systems. In the eyes of the external gateway, only external gateways and connects to their links. So since, communication within the autonomous system is handled by internal gateway, and the communication between the autonomous system is handled by external gateway - a sight of a hierarchy routing has been shown In front of us, in fact, the Internet is consisting of a large number of autonomous systems. Establish a high-end router

Many people feel relatively unfamiliar with the router, in fact, the Linux system used as a firewall is already a router, but it is still a bit "simple". However, our goal is to create a "advanced" router with Linux, which must be able to take advantage of the dynamic routing protocol (the protocols mentioned above are dynamic routing protocols). These protocols enable the router to exchange related information, thus sharing those paths used in the network - routing. This is important for large networks (such as internet), because it is simply unrealistic to use static routes (that is, manual computing settings).

For example, even in the case where it is preferable-ie, a boundary gateway protocol (BGP) routing table contains at least 100,000 or more entries. At this time, it is unbearable to handle this static route. Obviously, even our network is smaller than the Internet, such as a large company network, we still like the dynamic routing protocol.

The external gateway protocol BGP is usually used as the backbone of the Internet, while other protocols (such as OSPF) are suitable for small interconnect networks. Open Shortest Path Priority (OSPF) protocol is an application the most widely used internal gateway protocol (IGP). Zebra is an open source package that runs BGP and / or OSPF on Linux.

Install Zebra

You can download Zebra's latest source program from the Zebra.org website, or

It is obtained in Redhat and Debian, but it is not necessarily the latest version. Software installation from the source code, you will find that some ordinary installation processes are used. Introduction is as follows:

./configure

Make

Make Install

The configuration script will search for the IP stack already installed on the system and is automatically set to support them. Currently, IP stacks are likely to me me just refer to IPv4, but IPv6 users don't have to worry because Zebra will also find and support it.

After the program is installed, it is also possible to add some command lines in / etc / services. Zebra's daemon runs under their own virtual terminal connection (VTY), so your system must know these virtual terminals. Here is some of you should increase:

Zebrasrv 2600 / TCP # Zebra Servicezebra 2601 / TCP # zebra Vty

RIPD 2602 / TCP # ripd vty

Ripngd 2603 / TCP # ripngd Vty

Ospfd 2604 / TCP # ospfd Vty

BGPD 2605 / TCP # BGPD Vty

OSPF6D 2606 / TCP # ospf6d vty

Configuring Zebra

If you are already familiar with Cisco iOS, you can master Zebra in a short period of time because you will find that both are very similar. Each daemon of Zebra uses a separate Vty, which can be dynamically configured through a remote login session. So, if you need to set an OSPF, log in to the 2604 port on the Linux remotely; in order to modify the routing table of the kernel, you can log in to the port 2601 remotely, the Zebra daemon acts as a kernel manager Manage other daemons and communication between the system itself.

Now describe how to create and run OSPF and BGP on a server. Zebra's daemon uses a plain text file to store their configuration. For OSPF / BGP routers, three files are used: Zebra.conf, OSPFD.CONF and BGPD.CONF. For example, the Zebra.conf file may be like this:

Zebra configuration saved from Vty

! 2002/02/28 01:46:12

!

Hostname LinuxRouter / * Host named LinuxRouter * /

Password Zebra / * Password is Zebra * /

Enable password z3bra / * The password when entering privileged mode is Z3BRA * /

Log file /var/log/zebra/zebra.log / * address of the log file * /

!

Interface Eth0 / * Ethernet Eth0 * /

Description interface to external network / * Description of the interface * /

IP Address 10.0.0.1/24 / * IP address of this interface * /

!

Interface Eth1 / * Ethernet * /

Description Interface To InterNal Network / * Description of the interface * /

IP Address 192.168.66.1/24/Oxt of the IP address of the interface * /

The exclamation mark here acts as an annotation or separator. Although there are a large number of different network interface types (Ethernet, ISDN, etc.), as long as it is a network interface type that Linux kernels recognizes, Zebra can be used.

The subnet mask has a bit number of network bit (eg / 24), and the default mask is not (such as 255.255.255.0). Note that there are two passwords, one for user mode and the other for privilege mode. This is not only beneficial to non-administrators to provide access rights, but also very important to create a route server or routing probe. All BGP administrators know that these probing mirrors are the key to debug routing issues because they enable you to view routes like an external AS (AS representative autonomous system). BGP routing needs to be used as number, and the AS number is some registration number controlled by the ARIN (US Internet Number Registration).

Next, some necessary procedures will be started. Complete with the following command:

/ usr / sbin / zebra -dk

/ usr / sbin / ospfd -d

/ usr / sbin / bgpd -d

The first command launches Zebra, which is actually used to update the routing table of the kernel. -dk tells the program as a daemon run (D), which is running in the background. K is another option tells Zebra to maintain all configured routing. It is used to ensure that the routing table is not accidentally deleted when you test Zebra. In general, set the route and interface, you need to use the two commands of IFCONFIG and ROUTE. And Zebra can replace this routing management, which is more concise. Set OSPF

At this point, the basic service has already provided, now let us Telnet to the 2604 port of the local machine, start configuring OSPF. To enter the privileged mode, type enable (as in Cisco iOS), then type the privileged mode password. Next, switch to the configuration mode with the configuration terminal command. It is worth mentioning that Zebra can also accept command abbreviations, which is very similar to Cisco, such as Configuration Terminal can be short-written as config t, which greatly shortens the input time, which is more convenient to use. Also, if you enter list and?, It will display a list of currently available commands and attached to some brief interpretation. In addition to this, you can also type Tab for automatic completion of the command. That is to say, if you want to type the command clock, just type the first two letter Cl and press the Tab key, the machine will automatically "complement" this command - premise that the characters you typed are enough to uniquely determine this command. This is a good feature, especially when you are accustomed to this usage.

Next, we also need to tell the daemon that will broadcast which networks and related domains will be broadcast through OSPF. OSPF scalability allows it to support multiple domains. Type the Router OSPF to start configuring OSPF, then type NetWork 192.168.66.0/24 Area 0. This tells the router, we will use the OSPF broadcast a subnet mask from 192.168.66.0 networks from 255.255.255.0.

In this example, we let the ETH0 interface becomes a passive (passive) interface to make it unable to send routing updates. This is very important for experiments because other routers in that direction may monitor the route updates to send, turn the interface into a passive (passive) interface, which effectively avoids normal operation of the network. To do this, type the command passive - interface eth0. If you plan to use this router as a work router, there is no need. Once you complete the modification, use the END command to exit from the configuration mode and save it with the Write file command. Here is a snapshot:

Labrat: ~ # Telnet 0 2604 / * Telnet to the 2604 port of the local machine * /

Trying 0.0.0.0 ...

Connected to 0.

Escape Character is '^]'. / * Exit the session with '^]' * /

Hello, this is Zebra (Version 0.84B)

Copyright 1996-2000 Kunihiro Ishiguro

User Access Verification

Password: / * Type this order, such as Zebra * /

OSPFD> Enable / * Enter privileged mode * /

Password: / * Enter a privileged mode password, such as z3bra * /

OSPFD # configure Terminal / * Configure router from the terminal * / OSPFD (config) # Router OSPF / * Configure OSPF * /

OSPFD (Config-router) # network 192.168.66.0/24 Area 0 / * By OSPF Broadcasting Network NetWork 192.168.66.0, / 24 indicates that the subnet mask is 24 bits, and Area 0 points out the domain where the network is located. * /

OSPFD (config-router) # passive-interface eth0 / * sets the ETH0 interface to a passive interface * /

OSPFD (Config-router) # end / * Exit Configuration Mode * /

OSPFD # write file / * Save Change * /

Configuration Saved to /etc/zebra/ospfd.conf

Keep in mind that in order to make OSPF or BGP work on an interface, then the interface must be in the "run" state. To manually run an interface, log in to port 2601 and execute the NO SHUT command on that interface.

Establish BGP

BGP is approximately the same as the OSPF. Start, open a remote login session to the port 2605. After executing Configure Terminal, enter the router BGP

Enter BGP configuration mode. As mentioned earlier, BGP uses AS numbers to establish a neighboring mechanism and route traffic flow. In our trial, we will use a private AS number range between 64512 to 65534 (in other words, this number is intended to be effective inside, and is invalid on the Internet). Use the network command to set those networks broadcast by BGP, such as Network 192.168.66.0/24. Unlike OSPF, the BGP neighboring machine must be static. As described below: Neighbor

Remote-as

. Here is an example:

Labrat: ~ # Telnet 0 2605

Trying 0.0.0.0 ...

Connected to 0.

Escape Character is '^]'.

Hello, this is Zebra (Version 0.84B)

Copyright 1996-2000 Kunihiro Ishiguro

User Access Verification

PASSWORD:

BGPD> enable

PASSWORD:

BGPD # Configure Terminal

BGPD (Config) # Router BGP 65530 / * Configure BGP, 65530 is a self-government number. That is, the system is configured into external gateways on the autonomous system 65530 * /

BGPD (Config-router) # network 192.168.66.0/24 / * Network * /

BGPD (Config-router) # neighbor 10.0.0.5 Remote-AS 65531 / * Static specified router on the autonomous system 65531 on the IP address is 10.0.0.5 for the native clip * /

BGPD (Config-router) # end

BGPD # write file

Configuration Saved to /etc/zebra/bgpd.conf

For OSPF and BGP, there is a lot of options available, limited to space unable to introduce this one. For each protocol, I suggest that you may wish to study first before actual use. To do this, you can refer to the GNU Zebra document, which will give you a lot of help.

Conclude

In the network, there are several ways to route traffic flow. On the router, although useful for various hardware available, the cost is high - people will naturally think that the functional router that is built with the Linux system is replaced. The Zebra route daemon has made this allocate into reality. Because IPv4, IPv6, and other various protocols are supported, Zebra can meet all our routing needs. It still has a benefit is that because Cisco IOS and Zabra are very similar, if you work in the Cisco IOS environment, you can easily transition to the Zebra system; at the same time, you can also accumulate you to use Cisco iOS with ZEBRA. The experience and knowledge of routers. About the Author:

Hanbo, freelance writer, has nearly ten years of C language programming experience, mainly interested in the field of TCP / IP protocol and Linux kernel. Personally, the value of the freelanceness is that in the premise of not affecting the substance, use a common, easy-to-understand way to explain its insights. You can contact him with email: hbzzx2001@yahoo.com.

Full article:

IBM DeveloperWorks

转载请注明原文地址:https://www.9cbs.com/read-125511.html

New Post(0)