User Tools

Site Tools


documentation:examples:simple_bgp-rip-ospf_lab

BGP/OSPF/RIP/ISIS lab with FRRouting

This Labs is done with BSDRP under qemu and it explains how to use BSDRP using FRRouting (Quagga fork).

Presentation

Network diagram

Here is the logical and physical view:

Setting-up the lab

Downloading BSD Router Project images

Download BSDRP serial image (prevent to have to use an X display) on Sourceforge.

Download Lab scripts

More information on these BSDRP lab scripts available on How to build a BSDRP router lab.

Start the lab with 5 routers, here is an example with VirtualBox:

./BSDRP-lab-vbox.sh -i BSDRP_0.32_full_amd64_serial.img -n 5

Routers configuration

Router 1

sysrc hostname=router1
sysrc cloned_interfaces=lo1
sysrc ipsec_enable=YES
sysrc ipsec_file="/etc/ipsec.conf"
sysrc frr_enable=yes
cat <<EOF > /etc/ipsec.conf
flush ;
add 192.168.12.1 192.168.12.2 tcp 0x1000 -A tcp-md5 "abigpassword" ;
add 192.168.12.2 192.168.12.1 tcp 0x1001 -A tcp-md5 "abigpassword" ;
add -6 2001:db8:12::1 2001:db8:12::2 tcp 0x1002 -A tcp-md5 "abigpassword" ;
add -6 2001:db8:12::2 2001:db8:12::1 tcp 0x1003 -A tcp-md5 "abigpassword" ;
EOF
cat > /usr/local/etc/frr/zebra.conf <<EOF
interface em0
 ip address 192.168.12.1/24
 ipv6 address 2001:db8:12::1/64
interface vtnet0
 ip address 192.168.12.1/24
 ipv6 address 2001:db8:12::1/64
interface lo1
 ip address 192.168.10.1/24
 ipv6 address 2001:db8:10::1/64
EOF
cat > /usr/local/etc/frr/bgpd.conf <<EOF
router bgp 12
 bgp router-id 192.168.10.1
 neighbor 192.168.12.2 remote-as 12
 neighbor 192.168.12.2 password abigpassword
 neighbor 2001:db8:12::2 remote-as 12
 neighbor 2001:db8:12::2 password abigpassword
 !
 address-family ipv4 unicast
  network 192.168.10.0/24
  neighbor 192.168.12.2 soft-reconfiguration inbound
  no neighbor 2001:db8:12::2 activate
 exit-address-family
 !
 address-family ipv6 unicast
  network 2001:db8:10::/64
  neighbor 2001:db8:12::2 activate
  neighbor 2001:db8:12::2 soft-reconfiguration inbound
 exit-address-family
EOF
hostname router1
service netif restart
service ipsec start
service frr start
config save

Router 2

sysrc hostname=router2
sysrc ipsec_enable=YES
sysrc ipsec_file="/etc/ipsec.conf"
sysrc frr_enable=YES
cat <<EOF > /etc/ipsec.conf
flush ;
add 192.168.12.1 192.168.12.2 tcp 0x1000 -A tcp-md5 "abigpassword" ;
add 192.168.12.2 192.168.12.1 tcp 0x1001 -A tcp-md5 "abigpassword" ;
add -6 2001:db8:12::1 2001:db8:12::2 tcp 0x1002 -A tcp-md5 "abigpassword" ;
add -6 2001:db8:12::2 2001:db8:12::1 tcp 0x1003 -A tcp-md5 "abigpassword" ;
EOF
cat > /usr/local/etc/frr/zebra.conf <<EOF
interface em0
 ip address 192.168.12.2/24
 ipv6 address 2001:db8:12::2/64
interface vtnet0
 ip address 192.168.12.2/24
 ipv6 address 2001:db8:12::2/64
interface em1
 ip address 192.168.23.2/24
 ipv6 address 2001:db8:23::2/64
interface vtnet1
 ip address 192.168.23.2/24
 ipv6 address 2001:db8:23::2/64
EOF
cat > /usr/local/etc/frr/ripd.conf <<EOF
key chain rippass
 key 1
  key-string rippassword
!
interface em1
 ip rip authentication key-chain rippass
 ip rip authentication mode md5
!
interface vtnet1
 ip rip authentication key-chain rippass
 ip rip authentication mode md5
!
router rip
 version 2
 network em1
 network vtnet1
 redistribute bgp
 redistribute connected
EOF
cat > /usr/local/etc/frr/ripngd.conf <<EOF
router ripng
 network em1
 network vtnet1
 redistribute bgp
 redistribute connected
EOF
cat > /usr/local/etc/frr/bgpd.conf <<EOF
router bgp 12
 bgp router-id 192.168.10.2
 neighbor 192.168.12.1 remote-as 12
 neighbor 192.168.12.1 password abigpassword
 neighbor 2001:db8:12::1 remote-as 12
 neighbor 2001:db8:12::1 password abigpassword
 !
 address-family ipv4 unicast
  network 192.168.12.0/24
  redistribute rip
  neighbor 192.168.12.1 soft-reconfiguration inbound
  no neighbor 2001:db8:12::1 activate
 exit-address-family
 !
 address-family ipv6 unicast
  network 2001:db8:12::/64
  redistribute ripng
  neighbor 2001:db8:12::1 activate
  neighbor 2001:db8:12::1 soft-reconfiguration inbound
 exit-address-family
EOF
 
hostname router2
service ipsec start
service frr start
config save

Router 3

sysrc hostname=router3
sysrc frr_enable=YES
cat > /usr/local/etc/frr/zebra.conf <<EOF
interface em1
 ip address 192.168.23.3/24
 ipv6 address 2001:db8:23::3/64
interface vtnet1
 ip address 192.168.23.3/24
 ipv6 address 2001:db8:23::3/64
interface em2
 ip address 192.168.34.3/24
 ipv6 address 2001:db8:34::3/64
interface vtnet2
 ip address 192.168.34.3/24
 ipv6 address 2001:db8:34::3/64
EOF
cat > /usr/local/etc/frr/ospfd.conf <<EOF
interface em2
 ip ospf message-digest-key 1 md5 superpass
interface vtnet2
 ip ospf message-digest-key 1 md5 superpass
router ospf
 ospf router-id 3.3.3.3
 redistribute rip
 redistribute connected
 network 192.168.34.0/24 area 0.0.0.0
 area 0.0.0.0 authentication message-digest
EOF
cat > /usr/local/etc/frr/ospf6d.conf <<EOF
router ospf6
 router-id 2.2.2.2
 redistribute ripng
 redistribute connected
 interface em2 area 0.0.0.0
 interface vtnet2 area 0.0.0.0
EOF
cat > /usr/local/etc/frr/ripd.conf <<EOF
key chain rippass
 key 1
  key-string rippassword
!
interface em1
 ip rip authentication key-chain rippass
 ip rip authentication mode md5
!
interface vtnet1
 ip rip authentication key-chain rippass
 ip rip authentication mode md5
!
router rip
 version 2
 network em1
 network vtnet1
 redistribute connected
 redistribute ospf
EOF
cat > /usr/local/etc/frr/ripngd.conf <<EOF
router ripng
 network em1
 network vtnet1
 redistribute connected
 redistribute ospf6
EOF
hostname router3
service frr start

Router 4

sysrc hostname=router4
sysrc frr_enable=YES
cat > /usr/local/etc/frr/zebra.conf <<EOF
interface em2
 ip address 192.168.34.4/24
 ipv6 address 2001:db8:34::4/64
interface vtnet2
 ip address 192.168.34.4/24
 ipv6 address 2001:db8:34::4/64
interface em3
 ip address 192.168.45.4/24
 ipv6 address 2001:db8:45::4/64
interface vtnet3
 ip address 192.168.45.4/24
 ipv6 address 2001:db8:45::4/64
EOF
cat > /usr/local/etc/frr/ospfd.conf <<EOF
interface em2
 ip ospf message-digest-key 1 md5 superpass
interface vtnet2
 ip ospf message-digest-key 1 md5 superpass
router ospf
 ospf router-id 4.4.4.4
 redistribute isis
 redistribute connected
 network 192.168.34.0/24 area 0.0.0.0
 area 0.0.0.0 authentication message-digest
EOF
cat > /usr/local/etc/frr/ospf6d.conf <<EOF
router ospf6
 router-id 4.4.4.4
 redistribute isis
 redistribute connected
 interface em2 area 0.0.0.0
 interface vtnet2 area 0.0.0.0
EOF
cat > /etc/local/frr/isisd.conf <<EOF
interface em3
 ip router isis BSDRP
 ipv6 router isis BSDRP
 isis circuit-type level-2-only
interface vtnet3
 ip router isis BSDRP
 ipv6 router isis BSDRP
 isis circuit-type level-2-only
router isis BSDRP
 net 49.0000.0000.0004.00
 metric-style wide
 redistribute ipv4 ospf level-2
 redistribute ipv6 ospf6 level-2
 redistribute ipv4 connected level-2
 redistribute ipv6 connected level-2
EOF
hostname router4
service frr start

Router 5

sysrc hostname=router5
sysrc cloned_interfaces=lo1
sysrc frr_enable=YES
cat > /usr/local/etc/frr/zebra.conf <<EOF
interface em3
 ip address 192.168.45.5/24
 ipv6 address 2001:db8:45::5/64
interface vtnet3
 ip address 192.168.45.5/24
 ipv6 address 2001:db8:45::5/64
interface lo1
 ip address 192.168.50.5/24
 ipv6 address 2001:db8:50::5/64
EOF
cat > /etc/local/frr/isisd.conf <<EOF
interface em3
 ip router isis BSDRP
 ipv6 router isis BSDRP
 isis circuit-type level-2-only
interface vtnet3
 ip router isis BSDRP
 ipv6 router isis BSDRP
 isis circuit-type level-2-only
interface lo1
 ip router isis BSDRP
 ipv6 router isis BSDRP
router isis BSDRP
 net 49.0000.0000.0005.00
 metric-style wide
EOF
hostname router5
service netif restart
service frr start

Final testing

Ping router5 loopback from router1 loopback:

[root@router1]~# ping -c 4 -S 192.168.10.1 192.168.50.5
PING 192.168.50.5 (192.168.50.5) from 192.168.10.1: 56 data bytes
64 bytes from 192.168.50.5: icmp_seq=0 ttl=62 time=0.281 ms
64 bytes from 192.168.50.5: icmp_seq=1 ttl=62 time=0.229 ms
64 bytes from 192.168.50.5: icmp_seq=2 ttl=62 time=0.213 ms
64 bytes from 192.168.50.5: icmp_seq=3 ttl=62 time=0.258 ms
 
--- 192.168.50.5 ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.213/0.245/0.281/0.026 ms
 
[root@router1]~# ping6 -c 4 -S 2001:db8:10::1 2001:db8:50::5
PING6(56=40+8+8 bytes) 2001:db8:10::1 --> 2001:db8:50::5
16 bytes from 2001:db8:50::5, icmp_seq=0 hlim=62 time=0.382 ms
16 bytes from 2001:db8:50::5, icmp_seq=1 hlim=62 time=0.237 ms
16 bytes from 2001:db8:50::5, icmp_seq=2 hlim=62 time=0.278 ms
16 bytes from 2001:db8:50::5, icmp_seq=3 hlim=62 time=0.237 ms
 
--- 2001:db8:50::5 ping6 statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.237/0.283/0.382/0.059 ms

Don't forget to “force” the source IP address to use the loopback, otherwise router1 will use the output NIC IP address as source.

documentation/examples/simple_bgp-rip-ospf_lab.txt · Last modified: 2017/11/08 16:04 by olivier