Saturday, March 26, 2016

enabling linux machine as router with xorp

xorp is eXtensible Open Router Platform (XORP) router. protocols that it supports are:
  bgp                  Configure BGP inter-domain routing
  fib2mrib             Configure the FIB2MRIB module
  igmp                 Configure the IGMP protocol
  mld                  Configure the MLD protocol
  olsr4                Configure the OLSRv1 IPv4 protocol
  ospf4                Configure the OSPF protocol
  ospf6                Configure the OSPF protocol
  pimsm4               Configure the IPv4 PIM-SM protocol
  pimsm6               Configure the IPv6 PIM-SM protocol
  rip                  RIP configuration
  ripng                RIPng configuration
  static               Configure static routes
  vrrp                 Configure VRRP

---------------------------------------
this is an example about configure ospf that join between mikrotik and xorp

***info****
mikrotik:
- interface: ether3: 192.168.32.1/24
                   ether4: connect to xorp: 192.168.202.7/24
xorp:
- interface: eth0: 192.168.202.13/24: connect to mikrotik
                  eth1: 192.168.20.1/24

*** xorp server ***
1- installation
$ sudo apt-get install xorp
2- create configuration file /etc/xorp/xorp.conf with the following content

interfaces {
    restore-original-config-on-shutdown: false
    interface eth0 {
    description: "Ethernet Interface #1"
    disable: false
    default-system-config
    }
    interface eth1 {
    description: "Ethernet Interface #2"
    disable: false
    default-system-config
    }

}

fea {
    unicast-forwarding4 {
    disable: false
    forwarding-entries {
        retain-on-startup: false
        retain-on-shutdown:    false
    }
    }
}


plumbing {
    mfea4 {
    disable: false
    interface eth0 {
        vif eth0 {
        disable: false
        }
    }
    interface eth1 {
        vif eth1 {
        disable: false
        }
    }
    interface register_vif {
        vif register_vif {
        /* Note: this vif should be always enabled */
        disable: false
        }
    }
    traceoptions {
        flag all {
        disable: false
        }
    }
    }

}

protocols {
    igmp {
    disable: false
    interface eth0 {
        vif eth0 {
        disable: false
        }
    }
    interface eth1 {
        vif eth1 {
        disable: false
        /* version: 2 */
        /* enable-ip-router-alert-option-check: false */
        /* query-interval: 125 */
        /* query-last-member-interval: 1 */
        /* query-response-interval: 10 */
        /* robust-count: 2 */
        }
    }
    traceoptions {
        flag all {
        disable: false
        }
    }
    }
}

protocols {
    pimsm4 {
    disable: false
    interface eth0 {
        vif eth0 {
        disable: false
        }
    }

    interface eth1 {
        vif eth1 {
        disable: false
        /* enable-ip-router-alert-option-check: false */
        /* dr-priority: 1 */
        /* hello-period: 30 */
        /* hello-triggered-delay: 5 */
        /* alternative-subnet 10.40.0.0/16 */
        }
    }

    bootstrap {
        disable: false
        cand-bsr {
        scope-zone 224.0.0.0/4 {
            /* is-scope-zone: false */
            cand-bsr-by-vif-name: "eth0"
            /* cand-bsr-by-vif-addr: 10.10.10.10 */
            /* bsr-priority: 1 */
            /* hash-mask-len: 30 */
        }
        }

        cand-rp {
        group-prefix 224.0.0.0/4 {
            /* is-scope-zone: false */
            cand-rp-by-vif-name: "eth0"
            /* cand-rp-by-vif-addr: 10.10.10.10 */
            /* rp-priority: 192 */
            /* rp-holdtime: 150 */
        }
        }
    }

    switch-to-spt-threshold {
        /* approx. 1K bytes/s (10Kbps) threshold */
        disable: false
        interval: 100
        bytes: 102400
    }

    traceoptions {
        flag all {
        disable: false
        }
    }
    }

}

/*
 * Note: fib2mrib is needed for multicast only if the unicast protocols
 * don't populate the MRIB with multicast-specific routes.
 */
protocols {
    fib2mrib {
    disable: false
    }
}

 protocols {
   ospf4 {
     router-id: 192.168.202.23
     area 0.0.0.0 {
       interface eth0 {
          vif eth0 {
             address 192.168.202.23 {
             }
          }
       }

 interface eth1 {
          vif eth1 {
             address 192.168.20.1 {
             }
          }
       }

     }
   }
 }


3- assign permission for user xorp
$ sudo chown xorp:xorp /etc/xorp/xorp.conf

4- run xorp
$ sudo xorp_rtrmgr -c /etc/xorp/xorp.conf

*** mikrotik ***
/routing ospf interface add interface=ether3
/routing ospf interface add interface=ether4
/routing ospf network add network=192.168.202.0/24 area=0   
/routing ospf network add network=192.168.20.0/24 area=0   


*** verifying ***
 - on mikrotik
 /ip route print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 A S  0.0.0.0/0                          192.168.32.2              1
 1   S  0.0.0.0/0                          192.168.56.1             10
 2 ADo  192.168.20.0/24                    192.168.202.23          110
 3 ADC  192.168.31.0/24    192.168.31.1    ether2                    0
 4 ADC  192.168.32.0/24    192.168.32.1    ether3                    0
 5 ADC  192.168.56.0/24    192.168.56.2    ether1                    0
 6 ADC  192.168.202.0/24   192.168.202.7   ether4                    0

- on xorp
$  sudo -u xorp xorpsh
xorp@ubuntu> show route table ipv4 unicast ospf 
192.168.32.0/24 [ospf(110)/11]
                > to 192.168.202.7 via eth0/eth0




-- note --
you can use xorpsh command to interactively configure xorp and save the configure with you exit from it.
xorp@ubuntu# ?
Possible completions:
  commit               Commit the current set of changes
  create               Alias for the "set" command (obsoleted)
  delete               Delete a configuration element
  edit                 Edit a sub-element
  exit                 Exit from this configuration level
  help                 Provide help with commands
  load                 Load configuration from a file
  quit                 Quit from this level
  run                  Run an operational-mode command
  save                 Save configuration to a file
  set                  Set the value of a parameter or create a new element
  show                 Show the configuration (default values may be suppressed)
  top                  Exit to top level of configuration
  up                   Exit one level of configuration

      

No comments:

Post a Comment