Difference between revisions of "TCP/IP: Quagga Bagaimana cara menggunakan"
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
| Line 2: | Line 2: | ||
You have to activate the Quagga daemons matching the routing protocols you want to set on your router. | You have to activate the Quagga daemons matching the routing protocols you want to set on your router. | ||
| − | zebra: | + | |
| − | bgpd: | + | zebra: |
| − | ospfd: | + | bgpd: |
| − | ospf6d: | + | ospfd: |
| − | ripd: | + | ospf6d: |
| − | ripngd: Interface declaration and static routing | + | ripd: |
| − | BGP routing protocol | + | ripngd: Interface declaration and static routing |
| − | OSPF routing protocol | + | BGP routing protocol |
| − | OSPF IPv6 routing protocol | + | OSPF routing protocol |
| − | RIP v2 routing protocol | + | OSPF IPv6 routing protocol |
| − | RIP Ipv6 routing protocol | + | RIP v2 routing protocol |
| + | RIP Ipv6 routing protocol | ||
| + | |||
In the example below, the zebra and IPv4 OSPF daemon have been activated. | In the example below, the zebra and IPv4 OSPF daemon have been activated. | ||
| − | #vim /etc/quagga/daemons | + | #vim /etc/quagga/daemons |
| − | zebra=yes | + | |
| − | bgpd=no | + | zebra=yes |
| − | ospfd=yes | + | bgpd=no |
| − | ospf6d=no | + | ospfd=yes |
| − | ripd=no | + | ospf6d=no |
| − | ripngd=no | + | ripd=no |
| + | ripngd=no | ||
Restart the Quagga service: | Restart the Quagga service: | ||
| − | #/etc/init.d/quagga restart | + | #/etc/init.d/quagga restart |
| − | Stopping Quagga daemons (prio:0): ospfd zebra (bgpd) (ripd) (ripngd) (ospf6d) (isisd). | + | |
| − | Removing all routes made by zebra. | + | Stopping Quagga daemons (prio:0): ospfd zebra (bgpd) (ripd) (ripngd) (ospf6d) (isisd). |
| − | Nothing to flush. | + | Removing all routes made by zebra. |
| − | Loading capability module if not yet done. | + | Nothing to flush. |
| − | Starting Quagga daemons (prio:10): zebra ospfd. | + | Loading capability module if not yet done. |
| + | Starting Quagga daemons (prio:10): zebra ospfd. | ||
You can check the Quagga daemons status: | You can check the Quagga daemons status: | ||
| − | #ps -ef | grep quagga | + | #ps -ef | grep quagga |
| − | UID PID PPID C STIME TTY TIME CMD | + | |
| − | quagga 4632 1 0 22:25 ? 00:00:00 /usr/lib/quagga/ospfd --daemon | + | UID PID PPID C STIME TTY TIME CMD |
| − | quagga 4636 1 0 22:25 ? 00:00:00 /usr/lib/quagga/zebra --daemon | + | quagga 4632 1 0 22:25 ? 00:00:00 /usr/lib/quagga/ospfd --daemon |
| + | quagga 4636 1 0 22:25 ? 00:00:00 /usr/lib/quagga/zebra --daemon | ||
| + | |||
If a Quagga daemon doesn't stop properly, you can kill it manually and start the quagga service: | If a Quagga daemon doesn't stop properly, you can kill it manually and start the quagga service: | ||
| − | #kill -9 "UID number" | + | #kill -9 "UID number" |
| − | #/etc/init.d/quagga start | + | #/etc/init.d/quagga start |
| Line 49: | Line 55: | ||
Each daemon is associated with a specific file name: | Each daemon is associated with a specific file name: | ||
| − | zebra: | + | zebra: |
| − | bgpd: | + | bgpd: |
| − | ospfd: | + | ospfd: |
| − | ospf6d: | + | ospf6d: |
| − | ripd: | + | ripd: |
| − | ripngd: zebra.conf | + | ripngd: zebra.conf |
| − | bgpd.conf | + | bgpd.conf |
| − | ospfd.conf | + | ospfd.conf |
| − | ospf6d.conf | + | ospf6d.conf |
| − | ripd.conf | + | ripd.conf |
| − | ripngd.conf | + | ripngd.conf |
| + | |||
To create the config files, copy the sample config files as follows: | To create the config files, copy the sample config files as follows: | ||
In our example, as we activated the zebra and ospfd daemons; we need to create the zebra.conf and ospfd.conf files. | In our example, as we activated the zebra and ospfd daemons; we need to create the zebra.conf and ospfd.conf files. | ||
| − | #cp /usr/share/doc/quagga/examples/zebra.conf.sample /etc/quagga/zebra.conf | + | #cp /usr/share/doc/quagga/examples/zebra.conf.sample /etc/quagga/zebra.conf |
| − | #cp /usr/share/doc/quagga/examples/ospfd.conf.sample /etc/quagga/ospfd.conf | + | #cp /usr/share/doc/quagga/examples/ospfd.conf.sample /etc/quagga/ospfd.conf |
| + | |||
Another way to do it is to create two empty files called /etc/quagga/ospfd.conf and /etc/quagga/zebra.conf. But in this case you cannot telnet a daemon, you need to configure the telnet permissions with vtsh (see below). | Another way to do it is to create two empty files called /etc/quagga/ospfd.conf and /etc/quagga/zebra.conf. But in this case you cannot telnet a daemon, you need to configure the telnet permissions with vtsh (see below). | ||
Finally, give user and group ownership to respectively quagga and quaggavty to the files inside the /etc/quagga directory: | Finally, give user and group ownership to respectively quagga and quaggavty to the files inside the /etc/quagga directory: | ||
| − | #chown quagga.quaggavty /etc/quagga/*.conf | + | #chown quagga.quaggavty /etc/quagga/*.conf |
| − | #chmod 640 /etc/quagga/*.conf | + | #chmod 640 /etc/quagga/*.conf |
| + | |||
Restart the Quagga service: | Restart the Quagga service: | ||
| − | #/etc/init.d/quagga restart | + | #/etc/init.d/quagga restart |
| + | |||
Top of the page | Top of the page | ||
| Line 86: | Line 96: | ||
The ospfd daemon is listening to the 127.0.0.1 and 192.168.1.104 IP addresses. | The ospfd daemon is listening to the 127.0.0.1 and 192.168.1.104 IP addresses. | ||
| − | ospfd_options=" --daemon -A 127.0.0.1 192.168.1.104" | + | |
| + | ospfd_options=" --daemon -A 127.0.0.1 192.168.1.104" | ||
The zebra daemon is listening to all the Linux interfaces IP addresses. We recommend using this setting. If you want to filter who can access to your router, configure access lists on the router software. | The zebra daemon is listening to all the Linux interfaces IP addresses. We recommend using this setting. If you want to filter who can access to your router, configure access lists on the router software. | ||
| − | zebra_options=" --daemon " | + | |
| + | zebra_options=" --daemon " | ||
Here is the recommended debian.conf file: | Here is the recommended debian.conf file: | ||
| − | #vim /etc/quagga/debian.conf | + | #vim /etc/quagga/debian.conf |
| − | # If this option is set the /etc/init.d/quagga script automatically loads | + | # If this option is set the /etc/init.d/quagga script automatically loads |
| − | # the config via "vtysh -b" when the servers are started. | + | # the config via "vtysh -b" when the servers are started. |
| − | # Check /etc/pam.d/quagga if you intend to use "vtysh"! | + | # Check /etc/pam.d/quagga if you intend to use "vtysh"! |
| − | # | + | # |
| − | vtysh_enable=yes | + | vtysh_enable=yes |
| − | zebra_options=" --daemon -A " | + | zebra_options=" --daemon -A " |
| − | bgpd_options=" --daemon -A " | + | bgpd_options=" --daemon -A " |
| − | ospfd_options=" --daemon -A " | + | ospfd_options=" --daemon -A " |
| − | ospf6d_options="--daemon -A " | + | ospf6d_options="--daemon -A " |
| − | ripd_options=" --daemon -A " | + | ripd_options=" --daemon -A " |
| − | ripngd_options="--daemon -A " | + | ripngd_options="--daemon -A " |
| − | isisd_options=" --daemon -A " | + | isisd_options=" --daemon -A " |
The "vtysh_enable=yes" setting is required to access the Quaggga router via vtysh. (see vtysh section). | The "vtysh_enable=yes" setting is required to access the Quaggga router via vtysh. (see vtysh section). | ||
| Line 112: | Line 124: | ||
Restart the Quagga service | Restart the Quagga service | ||
| − | #/etc/init.d/quagga restart | + | #/etc/init.d/quagga restart |
| + | |||
Top of the page | Top of the page | ||
| Line 120: | Line 133: | ||
As indicated in the Quagga introduction, you can access the daemons by telnetting their port number because each daemon has its own configuration file and terminal interface. | As indicated in the Quagga introduction, you can access the daemons by telnetting their port number because each daemon has its own configuration file and terminal interface. | ||
| − | zebra: | + | zebra: 2601 |
| − | ripd: | + | ripd: 2602 |
| − | ripng: | + | ripng: 2603 |
| − | ospfd: | + | ospfd: 2604 |
| − | bgpd: | + | bgpd: 2605 |
| − | ospf6d: | + | ospf6d: 2606 |
| − | + | ||
| − | |||
| − | |||
| − | |||
| − | |||
By instance, to access the ospfd daemon: | By instance, to access the ospfd daemon: | ||
| − | #telnet localhost 2604 | + | #telnet localhost 2604 |
| + | |||
As it's not very practical to configure your router by telnetting its daemons separately, vtysh has been created to configure everything in one single interface. | As it's not very practical to configure your router by telnetting its daemons separately, vtysh has been created to configure everything in one single interface. | ||
To use vtysh, you must first create its configuration file as follows: | To use vtysh, you must first create its configuration file as follows: | ||
| − | #cp /usr/share/doc/quagga/examples/vtysh.conf.sample /etc/quagga/vtysh.conf | + | #cp /usr/share/doc/quagga/examples/vtysh.conf.sample /etc/quagga/vtysh.conf |
| − | /etc/quagga/vtysh.conf | + | /etc/quagga/vtysh.conf |
| − | ! | + | ! |
| − | ! Sample | + | ! Sample |
| − | ! | + | ! |
| − | ! service integrated-vtysh-config | + | ! service integrated-vtysh-config |
| − | hostname quagga-router | + | hostname quagga-router |
| − | username root nopassword | + | username root nopassword |
| − | ! | + | ! |
Apply correct permissions and restart Quagga: | Apply correct permissions and restart Quagga: | ||
| − | #chown quagga.quaggavty /etc/quagga/*.conf | + | #chown quagga.quaggavty /etc/quagga/*.conf |
| − | #chmod 640 /etc/quagga/*.conf | + | #chmod 640 /etc/quagga/*.conf |
| − | #/etc/init.d/quagga restart | + | #/etc/init.d/quagga restart |
| + | |||
In the example above the "service integrated-vtysh-config" setting has been disabled (recommended). In this case, when you save the config under vtysh, it will be stored in separate files depending on the protocols you activated. | In the example above the "service integrated-vtysh-config" setting has been disabled (recommended). In this case, when you save the config under vtysh, it will be stored in separate files depending on the protocols you activated. | ||
Below, an example where the Quagga configuration is saved under vtysh. (The zebra and ospfd daemons have been enabled.) | Below, an example where the Quagga configuration is saved under vtysh. (The zebra and ospfd daemons have been enabled.) | ||
| − | #vtysh | + | #vtysh |
| − | quagga-router#write | + | quagga-router#write |
| − | Configuration saved to /etc/quagga/zebra.conf | + | Configuration saved to /etc/quagga/zebra.conf |
| − | Configuration saved to /etc/quagga/ospfd.conf | + | Configuration saved to /etc/quagga/ospfd.conf |
If you activate "service integrated-vtysh-config", the configuration under vtysh will be saved in one file called Quagga.conf in the /etc/quagga/ directory. | If you activate "service integrated-vtysh-config", the configuration under vtysh will be saved in one file called Quagga.conf in the /etc/quagga/ directory. | ||
With this setting, when you access a daemon via telnet, the daemon will look first to the Quagga.conf file before looking for its own file. This means that, when you telnet a device, there can be a difference between what you see after the "show run" command and the content of the associated file, for example zebra.conf. | With this setting, when you access a daemon via telnet, the daemon will look first to the Quagga.conf file before looking for its own file. This means that, when you telnet a device, there can be a difference between what you see after the "show run" command and the content of the associated file, for example zebra.conf. | ||
| − | #vtysh | + | #vtysh |
| − | quagga-router#write | + | quagga-router#write |
| − | Configuration saved to /etc/quagga/Quagga.conf | + | Configuration saved to /etc/quagga/Quagga.conf |
It is recommended to disable "service integrated-vtysh-config" because if this setting is enabled and in case of a syntax error in the Quagga.conf file, this can lead to all your daemons being unable to start up. This will not be case when "service integrated-vtysh-config" is disabled because the configurations are stored in separate files. | It is recommended to disable "service integrated-vtysh-config" because if this setting is enabled and in case of a syntax error in the Quagga.conf file, this can lead to all your daemons being unable to start up. This will not be case when "service integrated-vtysh-config" is disabled because the configurations are stored in separate files. | ||
| Line 182: | Line 193: | ||
Copyright 1996-2005 Kunihiro Ishiguro, et al. | Copyright 1996-2005 Kunihiro Ishiguro, et al. | ||
| − | quagga-router# | + | quagga-router# |
If you want to run a Quagga command from the Linux shell: | If you want to run a Quagga command from the Linux shell: | ||
| Line 201: | Line 212: | ||
See a picture of the Linux kernel routing. | See a picture of the Linux kernel routing. | ||
| − | #echo "1" > /proc/sys/net/ipv4/ip_forward | + | #echo "1" > /proc/sys/net/ipv4/ip_forward |
| + | |||
The command above will add the "1" value inside the /proc/sys/net/ipv4/ip_forward file and thus activate the IP forwarding. | The command above will add the "1" value inside the /proc/sys/net/ipv4/ip_forward file and thus activate the IP forwarding. | ||
If you want to keep the IP forwarding after a Linux reboot: | If you want to keep the IP forwarding after a Linux reboot: | ||
| − | #echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf | + | #echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf |
| + | |||
It is possible to check the ip_forwarding status under the Quagga router: | It is possible to check the ip_forwarding status under the Quagga router: | ||
| − | #show ip forwarding | + | #show ip forwarding |
| + | |||
IP forwarding is on | IP forwarding is on | ||
Revision as of 14:00, 6 November 2013
1. QUAGGA DAEMONS:
You have to activate the Quagga daemons matching the routing protocols you want to set on your router.
zebra: bgpd: ospfd: ospf6d: ripd: ripngd: Interface declaration and static routing BGP routing protocol OSPF routing protocol OSPF IPv6 routing protocol RIP v2 routing protocol RIP Ipv6 routing protocol
In the example below, the zebra and IPv4 OSPF daemon have been activated.
#vim /etc/quagga/daemons
zebra=yes bgpd=no ospfd=yes ospf6d=no ripd=no ripngd=no
Restart the Quagga service:
#/etc/init.d/quagga restart
Stopping Quagga daemons (prio:0): ospfd zebra (bgpd) (ripd) (ripngd) (ospf6d) (isisd). Removing all routes made by zebra. Nothing to flush. Loading capability module if not yet done. Starting Quagga daemons (prio:10): zebra ospfd.
You can check the Quagga daemons status:
#ps -ef | grep quagga
UID PID PPID C STIME TTY TIME CMD quagga 4632 1 0 22:25 ? 00:00:00 /usr/lib/quagga/ospfd --daemon quagga 4636 1 0 22:25 ? 00:00:00 /usr/lib/quagga/zebra --daemon
If a Quagga daemon doesn't stop properly, you can kill it manually and start the quagga service:
#kill -9 "UID number" #/etc/init.d/quagga start
2. CONFIGURATION FILES: (/etc/quagga/*.conf files)
You must create a configuration file (even if it is empty) each time you activate a Quagga daemon. Each daemon is associated with a specific file name:
zebra: bgpd: ospfd: ospf6d: ripd: ripngd: zebra.conf bgpd.conf ospfd.conf ospf6d.conf ripd.conf ripngd.conf
To create the config files, copy the sample config files as follows: In our example, as we activated the zebra and ospfd daemons; we need to create the zebra.conf and ospfd.conf files.
#cp /usr/share/doc/quagga/examples/zebra.conf.sample /etc/quagga/zebra.conf #cp /usr/share/doc/quagga/examples/ospfd.conf.sample /etc/quagga/ospfd.conf
Another way to do it is to create two empty files called /etc/quagga/ospfd.conf and /etc/quagga/zebra.conf. But in this case you cannot telnet a daemon, you need to configure the telnet permissions with vtsh (see below).
Finally, give user and group ownership to respectively quagga and quaggavty to the files inside the /etc/quagga directory:
#chown quagga.quaggavty /etc/quagga/*.conf #chmod 640 /etc/quagga/*.conf
Restart the Quagga service:
#/etc/init.d/quagga restart
Top of the page
3. DEBIAN.CONF FILE
By default, the Quagga daemons are listening only to the loopback interface 127.0.0.1. It means that you can telnet a daemon only on its loopback address 127.0.0.1 and thus cannot access it remotely.
If you want to telnet a Quagga daemon remotely you can, in the /etc/quagga/debian.conf file. Either indicate one or several IP addresses or remove the -A option meaning that you can telnet a daemon on any of its IP addresses.
Here are two examples:
The ospfd daemon is listening to the 127.0.0.1 and 192.168.1.104 IP addresses.
ospfd_options=" --daemon -A 127.0.0.1 192.168.1.104"
The zebra daemon is listening to all the Linux interfaces IP addresses. We recommend using this setting. If you want to filter who can access to your router, configure access lists on the router software.
zebra_options=" --daemon "
Here is the recommended debian.conf file:
#vim /etc/quagga/debian.conf
# If this option is set the /etc/init.d/quagga script automatically loads # the config via "vtysh -b" when the servers are started. # Check /etc/pam.d/quagga if you intend to use "vtysh"! # vtysh_enable=yes zebra_options=" --daemon -A " bgpd_options=" --daemon -A " ospfd_options=" --daemon -A " ospf6d_options="--daemon -A " ripd_options=" --daemon -A " ripngd_options="--daemon -A " isisd_options=" --daemon -A "
The "vtysh_enable=yes" setting is required to access the Quaggga router via vtysh. (see vtysh section).
Restart the Quagga service
#/etc/init.d/quagga restart
Top of the page
4. VTYSH
As indicated in the Quagga introduction, you can access the daemons by telnetting their port number because each daemon has its own configuration file and terminal interface.
zebra: 2601 ripd: 2602 ripng: 2603 ospfd: 2604 bgpd: 2605 ospf6d: 2606
By instance, to access the ospfd daemon:
#telnet localhost 2604
As it's not very practical to configure your router by telnetting its daemons separately, vtysh has been created to configure everything in one single interface.
To use vtysh, you must first create its configuration file as follows:
#cp /usr/share/doc/quagga/examples/vtysh.conf.sample /etc/quagga/vtysh.conf
/etc/quagga/vtysh.conf ! ! Sample ! ! service integrated-vtysh-config hostname quagga-router username root nopassword !
Apply correct permissions and restart Quagga:
#chown quagga.quaggavty /etc/quagga/*.conf #chmod 640 /etc/quagga/*.conf #/etc/init.d/quagga restart
In the example above the "service integrated-vtysh-config" setting has been disabled (recommended). In this case, when you save the config under vtysh, it will be stored in separate files depending on the protocols you activated. Below, an example where the Quagga configuration is saved under vtysh. (The zebra and ospfd daemons have been enabled.)
#vtysh quagga-router#write Configuration saved to /etc/quagga/zebra.conf Configuration saved to /etc/quagga/ospfd.conf
If you activate "service integrated-vtysh-config", the configuration under vtysh will be saved in one file called Quagga.conf in the /etc/quagga/ directory. With this setting, when you access a daemon via telnet, the daemon will look first to the Quagga.conf file before looking for its own file. This means that, when you telnet a device, there can be a difference between what you see after the "show run" command and the content of the associated file, for example zebra.conf.
#vtysh quagga-router#write Configuration saved to /etc/quagga/Quagga.conf
It is recommended to disable "service integrated-vtysh-config" because if this setting is enabled and in case of a syntax error in the Quagga.conf file, this can lead to all your daemons being unable to start up. This will not be case when "service integrated-vtysh-config" is disabled because the configurations are stored in separate files.
Check that the default "vtysh_enable=yes" setting are configured in your /etc/quagga/debian.conf file. You can read the previous paragraph about the debian.conf file to get more information.
Then it's useful to add the "VTYSH_PAGER=more" setting in your /etc/environment file, otherwise you will see an unfriendly "(END)" blinking in the left-down corner of the screen each time your enter a command and will need to press the "q" key to continue.
- echo VTYSH_PAGER=more > /etc/environment
Log off and log on to enable the environment setting. You can now access the Quagga router with the vtysh command:
- vtysh
Hello, this is Quagga (version 0.99.6). Copyright 1996-2005 Kunihiro Ishiguro, et al.
quagga-router#
If you want to run a Quagga command from the Linux shell:
- vtysh -c "command"
For instance, vtysh -c "show ip route" will display the Quagga routing table.
You can use Ping and traceroute to perform connectivity checks from the vtysh prompt. Of course, these two programs need to be installed on the Linux machine. Ping is generally installed by default but traceroute often not. To install traceroute:
- apt-get install traceroute
Top of the page
5. IP FORWARDING:
IP forwarding is required to transfer packets between the network interfaces of a Linux system. See a picture of the Linux kernel routing.
#echo "1" > /proc/sys/net/ipv4/ip_forward
The command above will add the "1" value inside the /proc/sys/net/ipv4/ip_forward file and thus activate the IP forwarding. If you want to keep the IP forwarding after a Linux reboot:
#echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
It is possible to check the ip_forwarding status under the Quagga router:
#show ip forwarding
IP forwarding is on
In this case the IP forwarding is activated.
Top of the page.
6. SPEED/DUPLEX:
It is not possible to set the duplex and speed settings on the Quagga plateform. You have to configure them at the Linux level. Use the interface configuration tutorial for assistance.
Top of the page.