User Tools

Site Tools


documentation:examples:simple_bgp-rip-ospf_lab_with_bird

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
documentation:examples:simple_bgp-rip-ospf_lab_with_bird [2020/12/15 01:28] olivierdocumentation:examples:simple_bgp-rip-ospf_lab_with_bird [2022/02/21 17:06] (current) – [Testing] olivier
Line 1: Line 1:
-====== BGP/OSPF/RIP/ lab with bird======+====== BGP/OSPF/RIP/BABEL lab with bird======
  
 This Labs is done from one BSDRP VM and it explains how to use BSDRP using bird 2. This Labs is done from one BSDRP VM and it explains how to use BSDRP using bird 2.
Line 9: Line 9:
 Here is the logical and physical view: Here is the logical and physical view:
  
-{{:documentation:examples:simple_bgp_rip_ospf_with_bird.png|}}+{{:documentation:examples:bird_jails.png|}}
  
 ===== Router configuration ===== ===== Router configuration =====
Line 19: Line 19:
  
 ==== Host ==== ==== Host ====
 +
 +Unhide bpf interface to jails to be able to use tcpdump inside them.
  
 <code> <code>
 sysrc hostname=host \ sysrc hostname=host \
-  cloned_interfaces="epair0 epair1 epair2 epair3" \+  cloned_interfaces="epair0 epair1 epair2 epair3 epair4" \
   kld_list="ipsec"   kld_list="ipsec"
 cat > /etc/devfs.rules <<'EOF' cat > /etc/devfs.rules <<'EOF'
Line 39: Line 41:
 tenant -c -j jail3 -i epair1b,epair2a tenant -c -j jail3 -i epair1b,epair2a
 tenant -c -j jail4 -i epair2b,epair3a tenant -c -j jail4 -i epair2b,epair3a
-tenant -c -j jail5 -i epair3b+tenant -c -j jail5 -i epair3b,epair4a 
 +tenant -c -j jail6 -i epair4b
  
 </code> </code>
Line 125: Line 128:
 ipv6_gateway_enable=YES ipv6_gateway_enable=YES
 ifconfig_epair0b="inet 192.168.12.2/24" ifconfig_epair0b="inet 192.168.12.2/24"
-ifconfig_epair0b_ipv6="inet6 2001:db8:10::2/64"+ifconfig_epair0b_ipv6="inet6 2001:db8:12::2/64"
 ifconfig_epair1a="inet 192.168.23.2/24" ifconfig_epair1a="inet 192.168.23.2/24"
 ifconfig_epair1a_ipv6="inet6 2001:db8:23::2/64" ifconfig_epair1a_ipv6="inet6 2001:db8:23::2/64"
Line 171: Line 174:
             import all;             import all;
             export all;             export all;
 +            next hop self;
         };         };
 } }
Line 184: Line 188:
             import all;             import all;
             export all;             export all;
 +            next hop self;
         };         };
 } }
Line 334: Line 339:
 } }
  
-protocol static static4 +protocol babel 
-    ipv4; +  interface "epair3a" { type wired; }; 
-    route 192.168.50.0/24 via 192.168.45.5;+  ipv4 { import all; export all;}
 +  ipv6 { import all; export all;};
 } }
  
-protocol static static6 { 
-    ipv6; 
-    route 2001:db8:50::/64 via 2001:db8:45::5; 
-} 
 EOF EOF
 </code> </code>
Line 353: Line 355:
 gateway_enable=YES gateway_enable=YES
 ipv6_gateway_enable=YES ipv6_gateway_enable=YES
-cloned_interfaces=lo1 
 ifconfig_epair3b="inet 192.168.45.5/24" ifconfig_epair3b="inet 192.168.45.5/24"
 ifconfig_epair3b_ipv6="inet6 2001:db8:45::5/64" ifconfig_epair3b_ipv6="inet6 2001:db8:45::5/64"
-ifconfig_lo1="inet 192.168.50.5/24" +ifconfig_epair4a="inet 192.168.56.5/24" 
-ifconfig_lo1_ipv6="inet6 2001:db8:50::5/64"+ifconfig_epair4a_ipv6="inet6 2001:db8:56::5/64"
 bird_enable=yes bird_enable=yes
 EOF EOF
Line 391: Line 392:
         ipv6;         ipv6;
 } }
 +
 +protocol babel {
 +  interface "epair3b" { type wired; };
 +  ipv4 { import all; export all;};
 +  ipv6 { import all; export all;};
 +}
 +
 protocol static static4 { protocol static static4 {
 +    ipv4;
 +    route 192.168.60.0/24 via 192.168.56.6;
 +}
 +
 +protocol static static6 {
 +    ipv6;
 +    route 2001:db8:60::/64 via 2001:db8:56::6;
 +}
 +
 +EOF
 +</code>
 +
 +
 +==== Jail 6 ====
 +
 +<code>
 +cat > /etc/jails/jail6/rc.conf <<EOF
 +hostname="jail6"
 +gateway_enable=YES
 +ipv6_gateway_enable=YES
 +cloned_interfaces=lo1
 +ifconfig_epair4b="inet 192.168.56.6/24"
 +ifconfig_epair4b_ipv6="inet6 2001:db8:56::6/64"
 +ifconfig_lo1="inet 192.168.60.6/24"
 +ifconfig_lo1_ipv6="inet6 2001:db8:60::6/64"
 +bird_enable=yes
 +EOF
 +
 +cat > /etc/jails/jail6/local/bird.conf <<EOF
 +# Configure logging
 +log syslog all;
 +log "/var/log/bird.log" all;
 +log stderr all;
 +
 +# Override router ID
 +router id 192.168.10.6;
 +
 +# Sync bird routing table with kernel
 +protocol kernel kernel4 {
 +    ipv4 {
 +        export all;
 +    };
 +}
 +protocol kernel kernel6 {
 +    ipv6 {
 +        export all;
 +    };
 +}
 +
 +protocol device {
 +        scan time 10;
 +}
 +
 +# Include directly connected networks
 +protocol direct {
         ipv4;         ipv4;
-        route 0.0.0.0/0 via 192.168.45.4;+        ipv6; 
 +
 +protocol static static4 { 
 +        ipv4; 
 +        route 0.0.0.0/0 via 192.168.56.5;
 } }
 protocol static static6 { protocol static static6 {
         ipv6;         ipv6;
-        route ::/0 via 2001:db8:45::4;+        route ::/0 via 2001:db8:56::5;
 } }
  
Line 405: Line 472:
 ===== Testing ===== ===== Testing =====
  
 +Jail 1 routing table:
 +<code>
 +root@host:~ # jexec jail1 netstat -rn
 +Routing tables
  
 +Internet:
 +Destination        Gateway            Flags     Netif Expire
 +127.0.0.1          link#16            UH          lo0
 +192.168.10.0/24    link#26            U1          lo1
 +192.168.10.1       link#26            UH          lo1
 +192.168.12.0/24    link#                  epair0a
 +192.168.12.1       link#            UHS         lo0
 +192.168.23.0/24    192.168.12.2       UG1     epair0a
 +192.168.34.0/24    192.168.12.2       UG1     epair0a
 +192.168.45.0/24    192.168.12.2       UG1     epair0a
 +192.168.56.0/24    192.168.12.2       UG1     epair0a
 +192.168.60.0/24    192.168.12.2       UG1     epair0a
 +
 +Internet6:
 +Destination                       Gateway                       Flags     Netif Expire
 +::/96                             ::                          UGRS        lo0
 +::1                               link#16                       UHS         lo0
 +::ffff:0.0.0.0/96                 ::                          UGRS        lo0
 +2001:db8:10::/64                  link#26                                 lo1
 +2001:db8:10::                   link#26                       UHS         lo0
 +2001:db8:12::/64                  link#                       U       epair0a
 +2001:db8:12::                   link#                       UHS         lo0
 +2001:db8:23::/64                  2001:db8:12::               UG1     epair0a
 +2001:db8:34::/64                  2001:db8:12::               UG1     epair0a
 +2001:db8:45::/64                  2001:db8:12::               UG1     epair0a
 +2001:db8:56::/64                  2001:db8:12::               UG1     epair0a
 +2001:db8:60::/64                  2001:db8:12::               UG1     epair0a
 +fe80::/10                         ::                          UGRS        lo0
 +fe80::%epair0a/64                 link#                       U       epair0a
 +fe80::99:d6ff:fe95:710a%epair0a   link#                       UHS         lo0
 +fe80::%lo0/64                     link#16                                 lo0
 +fe80::1%lo0                       link#16                       UHS         lo0
 +fe80::%lo1/64                     link#26                                 lo1
 +fe80::1%lo1                       link#26                       UHS         lo0
 +ff02::/16                         ::                          UGRS        lo0
 +</code>
 +
 +And traceroute from jail1 to jail6:
 +<code>
 +root@host:~ # jexec jail1 traceroute 192.168.60.6
 +traceroute to 192.168.60.6 (192.168.60.6), 64 hops max, 40 byte packets
 +  192.168.12.2 (192.168.12.2)  0.038 ms  0.030 ms  0.014 ms
 +  192.168.23.3 (192.168.23.3)  0.020 ms  0.025 ms  0.014 ms
 +  192.168.34.4 (192.168.34.4)  0.020 ms  0.026 ms  0.016 ms
 +  192.168.45.5 (192.168.45.5)  0.033 ms  0.027 ms  0.020 ms
 +  192.168.60.6 (192.168.60.6)  0.031 ms  0.030 ms  0.020 ms
 +</code>
 +
 +<code>
 +root@host:~ # jexec jail1 ping -c 2 2001:db8:60::6
 +PING6(56=40+8+8 bytes) 2001:db8:12::1 --> 2001:db8:60::6
 +16 bytes from 2001:db8:60::6, icmp_seq=0 hlim=60 time=0.091 ms
 +16 bytes from 2001:db8:60::6, icmp_seq=1 hlim=60 time=0.056 ms
 +
 +--- 2001:db8:60::6 ping6 statistics ---
 +2 packets transmitted, 2 packets received, 0.0% packet loss
 +round-trip min/avg/max/std-dev = 0.056/0.073/0.091/0.018 ms
 +</code>
documentation/examples/simple_bgp-rip-ospf_lab_with_bird.1607992106.txt.gz · Last modified: 2020/12/15 01:28 by olivier

Except where otherwise noted, content on this wiki is licensed under the following license: BSD 2-Clause
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki