Quagga

From Gentoo Wiki
Jump to: navigation, search

Quagga is a free software routing suite. Quagga supports static routing, and dynamic routing protocols.

The Quagga routing suite consists of 2 parts:

  • zebra daemon
  • routing processes (RIP,OSPF,BGP,IS-IS,Babel,OLSR,LDP,BFD)

The zebra daemon is a abstraction layer between the kernel and the running routing processes. Each routing protocol has its own specific daemon.

Quagga installed on a physical host acts as a dedicated router. Quagga updates the kernel routing table. It modifies interface IP addressing, sets static routes and enables dynamic routing.

Quagga can modify, add and change the physical host interface configuration and routing table, without the need user having privileged root access to a dedicated machine. Quagga is basically a another tool for iproute2 and sys-apps/net-tools, with advanced IP networking functionalities.

All routing daemons listed communicate with the zebra daemon, not directly with the kernel.

ripd ripngd ospfd ospfv6d bgpd isisd babeld olsrd ldpd bfdd iproute2 net-tools ethtool other tool
zebra
UNIX/Linux kernel IP networking
lo eth0 wlan0 other interface

Installation

USE flags

USE flags for net-misc/quagga A free routing daemon replacing Zebra supporting RIP, OSPF and BGP

bgpclassless Apply unofficial patch to enable classless prefixes for BGP. Patch and information to be found at http://hasso.linux.ee/doku.php/english:network:quagga local
caps Use Linux capabilities library to control privilege global
doc Add extra documentation (API, Javadoc, etc). It is recommended to enable per package instead of globally global
fpm Enable Forwarding Plane Manager support local
ipv6 Add support for IP version 6 global
multipath Enable multipath routes support for any number of routes local
nhrpd Build Next Hop Resolution Protocol daemon local
ospfapi Enable OSPFAPI support for client applications accessing the OSPF link state database local
pam Add support for PAM (via sys-libs/pam) to the Quagga Virtual Terminal Interface Shell (vtysh); if the readline USE flag is disabled, this flag is ignored local
protobuf Enable support for dev-libs/protobuf local
readline Enable support for sys-libs/readline to provide the Quagga Virtual Terminal Interface Shell (vtysh) local
snmp Add support for the Simple Network Management Protocol if available global
tcp-zebra Enable TCP zserv interface on port 2600 for Zebra/protocol-daemon communication. Unix domain sockets are chosen otherwise local

Emerge

root #emerge --ask net-misc/quagga

Configuration

OpenRC

Add quagga to the default runlevel:

root #rc-update add quagga default

Before starting zebra you have to configure it, by creating a /etc/quagga/zebra.conf file:

root #bzcat /usr/share/doc/quagga-0.99.22.4/samples/zebra.conf.sample.bz2 > /etc/quagga/zebra.conf

Start zebra daemon:

root #/etc/init.d/quagga start

Verify zebra is running:

root #netstat -tulpen | grep zebra
tcp        0      0 0.0.0.0:2601            0.0.0.0:*               LISTEN      114        21947582   23564/zebra

Usage

Following section describes a very basic configuration example, how to configure a additional IP address 192.168.0.100/32 on a loopback interface lo, then finally to test in using iproute2.

A short overview of commands used:

Action Command
Login to zebra
user $telnet localhost 2601
Show help using the ? key.
Router>?
Show basic IP networking information
Router>show ip route
Get privileged access
Router>enable
Get into "edit" mode
Router#conf t
Configure IP address on a loopback interface
Router(config-if)#ip address 192.168.0.100/32
Show current configuration
Router#show int lo
Save quagga configuration
Router#wr
Display configured IP address using iproute2
user $ip add

Following IP networking settings have been used:

IP networking settings
Interface IP address Netmask Gateway CIDR
lo 127.0.0.1 255.0.0.0 127.0.0.1 127.0.0.1/8
eth0 (none) (none) (none) (none)
wlan0 192.168.0.10 255.255.255.0 192.168.0.1 192.168.0.10/24

Display configured IP settings using iproute2:

user $ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether 63:nt:00:r0:ck:55 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
    link/ether de:ad:be:ef:de:ad brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.10/24 brd 192.168.0.255 scope global wlan0

Show the Linux IP routing table:

user $ip route
default via 192.168.0.1 dev wlan0  metric 2005
127.0.0.0/8 dev lo  scope host
127.0.0.0/8 via 127.0.0.1 dev lo
192.168.0.0/24 dev wlan0  proto kernel  scope link  src 192.168.0.10  metric 2005

Login

The default quagga configuration has following user credentials for login:

root # grep -v ! /etc/quagga/zebra.conf
hostname Router
password zebra
enable password zebra

Use these credentials to Login to local zebra daemon:

user $telnet localhost 2601
Connected to localhost.
Escape character is '^]'.

Hello, this is Quagga (version 0.99.22.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

User Access Verification

Password:
Router>

Using help

Show basic mode commands, use the ? key for help:

Router>?
  echo      Echo a message back to the vty
  enable    Turn on privileged mode command
  exit      Exit current mode and down to previous mode
  help      Description of the interactive help system
  list      Print command list
  quit      Exit current mode and down to previous mode
  show      Show running system information
  terminal  Set terminal line parameters
  who       Display who is on vty

After choosing initial entry command show, continue using ? key to display further possible commands:

Router>show ?
  debugging    Zebra configuration
  history      Display the session command history
  interface    Interface status and configuration
  ip           IP information
  ipv6         IPv6 information
  logging      Show current logging configuration
  memory       Memory statistics
  table        default routing table to use for all clients
  thread       Thread information
  version      Displays zebra version
  work-queues  Work Queue information
Router>show ip ?
  forwarding   IP forwarding status
  mroute       IP Multicast routing table
  prefix-list  Build a prefix list
  protocol     IP protocol filtering status
  route        IP routing table
Router>show ip route

The help function is setup like a tree, where using the ? key displays further levels of commands.

Show routing table

Compare output shown below to the Linux ip route, shows exactly the same IP routing table:

Router>show ip route
K>* 0.0.0.0/0 via 192.168.0.1, wlan0
K * 127.0.0.0/8 via 127.0.0.1, lo inactive
C>* 127.0.0.0/8 is directly connected, lo
C>* 192.168.0.10/24 is directly connected, wlan0
user $ip route
default via 192.168.0.1 dev wlan0
127.0.0.0/8 dev lo  scope host
127.0.0.0/8 via 127.0.0.1 dev lo
192.168.0.0/24 dev wlan0  proto kernel scope link src 192.168.0.10

In the upper example some lines have been skipped. The additional Codes line is shown below:

Router>show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, A - Babel,
       > - selected route, * - FIB route

K>* 0.0.0.0/0 via 192.168.0.1, wlan0
K * 127.0.0.0/8 via 127.0.0.1, lo inactive
C>* 127.0.0.0/8 is directly connected, lo
C>* 192.168.0.10/24 is directly connected, wlan0

Privileged mode

The privileged mode is used to add, change, modify interface IP settings. To get into privileged mode use enable, the default password zebra:

Router>ena
Password:
Note
The prompt will change from > to # if using privileged mode

Run once again help in privileged mode, notice different commands available in this mode:

Router#?
  clear      Reset functions
  configure  Configuration from vty interface
  copy       Copy configuration
  debug      Debugging functions (see also 'undebug')
  disable    Turn off privileged mode command
  echo       Echo a message back to the vty
  end        End current mode and change to enable mode.
  exit       Exit current mode and down to previous mode
  help       Description of the interactive help system
  list       Print command list
  logmsg     Send a message to enabled logging destinations
  no         Negate a command or set its defaults
  quit       Exit current mode and down to previous mode
  show       Show running system information
  terminal   Set terminal line parameters
  who        Display who is on vty
  write      Write running configuration to memory, network, or terminal

Show configuration

To display current configuration use the show running-config command:

Router#sh run

Current configuration:
!
hostname Router
password zebra
enable password zebra
!
interface eth0
!
interface lo
!
interface wlan0
!
!
!
line vty
!
end

Configure IP address

Get into edit mode:

Router#conf t
Router(config)#

Chose the IP loopback interface:

Router(config)#int lo
Router(config-if)# 

Configure the IP address 192.168.0.100/32 on loopback interface:

Router(config-if)#ip add 192.168.0.100/32
Note
192.168.0.100/32 is in the same IP network as the wlan0 interface 192.168.0.0/24

Exit configure mode

End the edit mode mode session:

Router(config-if)#end
Router#

Verify configuration

Show running configuration:

Router#show run
Current configuration:
!
hostname Router
password zebra
enable password zebra
!
interface eth0
!
interface lo
 ip address 192.168.0.100/32
!
interface wlan0
!
!
!
line vty
!
end

Show loopback interface configuration:

Router#sh int lo
Interface lo is up, line protocol detection is disabled
  index 1 metric 1 mtu 65536
  flags: <UP,LOOPBACK,RUNNING>
  inet 127.0.0.1/8 broadcast 127.255.255.255
  inet 192.168.0.100/32

Show routing table:

Router#show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, A - Babel,
       > - selected route, * - FIB route

K>* 0.0.0.0/0 via 192.168.0.1, wlan0
K * 127.0.0.0/8 via 127.0.0.1, lo inactive
C>* 127.0.0.0/8 is directly connected, lo
C>* 192.168.0.10/24 is directly connected, wlan0
C>* 192.168.0.100/24 is directly connected, lo

Save configuration

Save running configuration:

Router#write
Configuration saved to /etc/quagga/zebra.conf

Exit router

Exit quagga:

Router#exit

Test connectivity

Verify IP configuration using iproute2. Notice the additional IP address setup on loopback interface:

user $ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
       valid_lft forever preferred_lft forever
    inet 192.168.0.100/32 scope global lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether 63:nt:00:r0:ck:55 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
    link/ether de:ad:be:ef:de:ad brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.10/24 brd 192.168.0.255 scope global wlan0
       valid_lft forever preferred_lft forever

Now you can verify this IP address is reachable in the network:

user $ping 192.168.0.100
PING 192.168.0.100 (192.168.0.100) 56(84) bytes of data.
64 bytes from 192.168.0.100: icmp_seq=1 ttl=64 time=0.047 ms
[...]
--- 192.168.0.100 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.040/0.042/0.047/0.007 ms

Review the /etc/quagga/zebra.conf file:

FILE /etc/quagga/zebra.conf
!
Zebra configuration saved from vty 2013/12/20 05:22:17

hostname Router password zebra enable password zebra

interface eth0

interface lo

ip address 192.168.0.100/32

interface wlan0

line vty

Advanced usage

Each dynamic routing protocol (BGP,RIP,OSPF,...) has a separate startup script in /etc/init.d/

List services available in /etc/init.d/

root #rc-service -l | egrep 'bgp|rip|ospf'
bgpd
ospf6d
ospfd
ripd
ripngd

Initial configuration

For each routing protocol extract initial configuration:

root #bzcat /usr/share/doc/quagga-*/samples/ripd.conf.sample.bz2 > /etc/quagga/ripd.conf

Start service

root #rc-service ripd start

Management

Each routing deamon can be accessed on different TCP/UDP port for management purposes like for configuration changes, adding new routing information etc:

user $egrep 'ripd|ripngd|ospfd|bgpd' /etc/services
discp-server    2602/tcp        ripd            # discp server
discp-server    2602/udp        ripd
servicemeter    2603/tcp        ripngd          # Service Meter
servicemeter    2603/udp        ripngd
nsc-ccs         2604/tcp        ospfd           # NSC CCS
nsc-ccs         2604/udp        ospfd
nsc-posa        2605/tcp        bgpd            # NSC POSA
nsc-posa        2605/udp        bgpd

Start local management session with the routing daemon:

user $telnet localhost 2602
Trying ::1...
Connected to localhost.
Escape character is '^]'.

Hello, this is Quagga (version 0.99.22.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.


User Access Verification

Password:
ripd>

Using help

Inspect the internal help , use the ? key:

ripd#?
  clear      Reset functions
  configure  Configuration from vty interface
  copy       Copy configuration
  debug      Debugging functions (see also 'undebug')
  disable    Turn off privileged mode command
  echo       Echo a message back to the vty
  end        End current mode and change to enable mode.
  exit       Exit current mode and down to previous mode
  help       Description of the interactive help system
  list       Print command list
  logmsg     Send a message to enabled logging destinations
  no         Negate a command or set its defaults
  quit       Exit current mode and down to previous mode
  show       Show running system information
  terminal   Set terminal line parameters
  who        Display who is on vty
  write      Write running configuration to memory, network, or terminal

See also

External resources