[quagga-users 942] Re: Route Question!

Jeff S Wheeler jsw at five-elements.com
Fri Nov 21 22:48:03 GMT 2003


It's time for another edition of BGP tutorial...

                        <AS-21372>
                      80.246.193.6/30
                             |
                         VLAN 361
                             |
                      192.168.0.0/24
 <3600>-fa0/1----fa0/1-<2924>-fa0/2----eth0-<linux>
                             |
                         VLAN 360
                             |
                      80.72.68.121/30
                        <AS-20876>

You didn't specify what subnets you use on your own network, so we'll
pretend that your network is 192.168.0.0/24. If you have customer
subnets, you may want to include those in your next post. Also, we still
don't know your AS number, so we'll pretend you are AS-40000.
 
> works well and i don't understand can i untagg more than one tagged vlan
> on same port this on cisco catalyst switch

You can only have one untagged VLAN on a port. Personally, I use VLAN 1
as the untagged VLAN on my dot1q trunks, and I try not to actually put
anything on VLAN 1. Some equipment has special uses for it. Foundry has
some configuration bugs which affect your ability to add or remove ports
from VLAN 1 in some situations. So, avoid VLAN 1.

All your other VLANs should be dot1q tagged on your trunk ports. Your
routers should all support tagging. Your Cisco 3600 may be doing dot1q
in software, though; which is not fast. Either way, it is not powerful
enough for 50+ Mb/sec.

Below is a basic configuration for both zebra and bgpd. You will have to
tailor them to your needs a bit, or post further. You'll also need the
dot1q module, which is in the kernel source tree now. Upon boot, you
should get a message like the following if you have it loaded...:

802.1Q VLAN Support v1.7 Ben Greear <greearb at candelatech.com>
All bugs added by David S. Miller <davem at redhat.com>

You then use the vconfig(8) program to setup your 802.1q interfaces. You
can obtain it at http://www.candelatech.com/~greear/vlan/vlan.1.8.tar.gz
or read about it at http://www.candelatech.com/~greear/vlan.html. Be
sure you are using the Intel PRO/100 or PRO/1000 driver! The old Linux
driver is much slower, and may not work with 802.1q out of the box!

-- 
Jeff S Wheeler <jsw at five-elements.com>

/etc/zebra/zebra.conf
!
hostname router
password .......... set via telnet localhost zebra
enable password ....... set via telnet localhost zebra
log file /var/log/zebra/zebra.log # create /var/log/zebra directory
service password-encryption
!
interface lo
 ip address 127.0.0.1/8
!
interface dummy0
 description loopback interface for iBGP sessions; get some /32s
 ip address 192.168.1.1/32
!
interface eth0.0100
 description this is your ethernet
 ip address 192.168.0.1/24
!
interface eth0.0360
 description AS-20876 evronet
 ip address 80.72.68.121/30
!
interface eth0.0361
 description AS-21372 netissat
 ip address 80.246.193.6/30
!
ip route 192.168.1.2/32 192.168.0.2 # route to your cisco's loopback
!
line vty
!


/etc/zebra/bgpd.conf
hostname router
password .... see above, set via telnet localhost bgpd
enable password .... see above
log file /var/log/zebra/bgpd.log
service password-encryption
!
router bgp 40000
 bgp router-id 192.168.1.1
 network 192.168.0.0/24 route-map network_internal
 neighbor 192.168.1.2 remote-as 40000
 neighbor 192.168.1.2 description iBGP session to cisco
 neighbor 192.168.1.2 update-source 192.168.1.1
 neighbor 192.168.1.2 maximum-prefix 170000
 neighbor 80.72.68.122 remote-as 20876
 neighbor 80.72.68.122 description evronet transit on eth0.0360
 neighbor 80.72.68.122 update-source 80.72.68.121
 neighbor 80.72.68.122 soft-reconfiguration inbound
 neighbor 80.72.68.122 maximum-prefix 170000
 neighbor 80.72.68.122 route-map eBGP_AS20876_in in
 neighbor 80.72.68.122 route-map eBGP_AS20876_out out
 neighbor 80.246.193.5 remote-as 21372
 neighbor 80.246.193.5 description netissat transit on eth0.0361
 neighbor 80.246.193.5 update-source 80.246.193.6
 neighbor 80.246.193.5 soft-reconfiguration inbound
 neighbor 80.246.193.5 maximum-prefix 170000
 neighbor 80.246.193.5 route-map eBGP_AS21372_in in
 neighbor 80.246.193.5 route-map eBGP_AS21372_out out
!
ip prefix-list our_networks_internal seq 100 permit 192.168.0.0/24
ip prefix-list bogons seq 110 permit 2.0.0.0/8
ip prefix-list bogons seq 120 permit 5.0.0.0/8
ip prefix-list bogons seq 130 permit 7.0.0.0/8
ip prefix-list bogons seq 140 permit 10.0.0.0/8
ip prefix-list bogons seq 150 permit 23.0.0.0/8
ip prefix-list bogons seq 160 permit 27.0.0.0/8
ip prefix-list bogons seq 170 permit 31.0.0.0/8
ip prefix-list bogons seq 180 permit 36.0.0.0/7
ip prefix-list bogons seq 190 permit 39.0.0.0/8
ip prefix-list bogons seq 200 permit 41.0.0.0/8
ip prefix-list bogons seq 210 permit 42.0.0.0/8
ip prefix-list bogons seq 220 permit 49.0.0.0/8
ip prefix-list bogons seq 230 permit 50.0.0.0/8
ip prefix-list bogons seq 240 permit 58.0.0.0/7
ip prefix-list bogons seq 250 permit 70.0.0.0/7
ip prefix-list bogons seq 260 permit 72.0.0.0/5
ip prefix-list bogons seq 270 permit 85.0.0.0/8
ip prefix-list bogons seq 280 permit 86.0.0.0/7
ip prefix-list bogons seq 290 permit 88.0.0.0/5
ip prefix-list bogons seq 300 permit 96.0.0.0/3
ip prefix-list bogons seq 310 permit 169.254.0.0/16
ip prefix-list bogons seq 320 permit 172.16.0.0/12
ip prefix-list bogons seq 330 permit 173.0.0.0/8
ip prefix-list bogons seq 340 permit 174.0.0.0/7
ip prefix-list bogons seq 350 permit 176.0.0.0/5
ip prefix-list bogons seq 360 permit 184.0.0.0/6
ip prefix-list bogons seq 370 permit 189.0.0.0/8
ip prefix-list bogons seq 380 permit 190.0.0.0/8
ip prefix-list bogons seq 390 permit 192.0.2.0/24
ip prefix-list bogons seq 400 permit 192.168.0.0/16
ip prefix-list bogons seq 410 permit 197.0.0.0/8
ip prefix-list bogons seq 420 permit 198.18.0.0/15
ip prefix-list bogons seq 430 permit 223.0.0.0/8
ip prefix-list bogons seq 440 permit 224.0.0.0/3
!
ip community-list customer permit 40000:13
ip community-list internal permit 40000:15
ip community-list privpeer permit 40000:17
ip community-list pubpeer permit 40000:18
ip community-list transit permit 40000:19
!
route-map network_internal permit 100
 match ip address prefix-list our_networks_internal
 set local-preference 700
 set community 40000:15
!
route-map network_internal deny 999
!
route-map eBGP_AS20876_in deny 90
 match ip address prefix-list bogons
!
route-map eBGP_AS20876_in permit 100
 set local-preference 100
 set community 40000:19
 set ip next-hop 80.72.68.122
!
route-map eBGP_AS20876_in deny 999
!
route-map eBGP_AS20876_out deny 90
 match ip address prefix-list bogons
!
route-map eBGP_AS20876_out permit 100
 match community internal
 set ip next-hop 80.72.68.121
 set community none
!
route-map eBGP_AS20876_out deny 999
!
route-map eBGP_AS21372_in deny 90
 match ip address prefix-list bogons
!
route-map eBGP_AS21372_in permit 100
 set local-preference 100
 set community 40000:19
 set ip next-hop 80.246.193.5
!
route-map eBGP_AS21372_in deny 999
!
route-map eBGP_AS21372_out deny 90
 match ip address prefix-list bogons
!
route-map eBGP_AS21372_out permit 100
 match community internal
 set ip next-hop 80.246.193.6
 set community none
!
route-map eBGP_AS21372_out deny 999
!
line vty
 exec-timeout 1440 0
!




More information about the Quagga-users mailing list