Zebra Configuration Notes Prepared for ECE453, Fall 2002 Hairong Qi 09/14/02 Step 1: ------- - Download zebra from www.zebra.org and install it by ./configure --disable-ipv6 make make install - Make sure you've erased zebra*.rpm by rpm -e zebra* Apparently, the zebra package uses IPv6 and if used on lab computers, address family error would occur. By default, zebra is installed at /usr/local, the executables are at /usr/local/sbin, and the configuration files are at /usr/local/etc. Step 2: ------- In /etc/services, make sure the following port numbers are setup correctly: zebrasrv 2600/tcp # zebra service zebra 2601/tcp # zebra vty ripd 2602/tcp # RIPd vty ripngd 2603/tcp # RIPngd vty ospfd 2604/tcp # OSPFd vty bgpd 2605/tcp # BGPd vty ospf6d 2606/tcp # OSPF6d vty Step 3: ------- - make sure ip-forwarding is enabled. vi /etc/sysconfig/network add "FORWARD_IPV4=yes" Step 4: - configure zebra ------------------------- - make sure you have zebra.conf ready cd /usr/local/etc cp zebra.conf.sample zebra.conf - start zebra daemon (the default configuration file is at /usr/local/etc) /usr/local/sbin/zebra -d - connect to zebra telnet localhost zebra Password: zebra Router> list Router> show ip forwarding IP forwarding is on Router> show ip route C>* 127.0.0.0/8 is directly connected, lo C>* 192.168.3.0/24 is directly connected, eth0 C>* 192.168.4.0/24 is directly connected, eth1 Router> show interface (outputs similar to "ifconfig") Interface lo ... Interface eth0 ... Interface eth1 ... Router> enable (like su to root) Password: zebra Router# list (list commands that can be used at the current level) Router# configure terminal (to configure zebra) ! set password, not recommended Router(config)# password (change password) Router(config)# enable password Router(config)# exit (in order to run "show" command) Router# show running-config (check if passwd is correctly set) ! set hostname Router# configure terminal Router(config)# hostname r6.ece.utk.edu r6.ece.utk.edu(config)# exit r6.ece.utk.edu# show running-config r6.ece.utk.edu# copy running-config startup-config (this is important) (it permanently copies the configuration to /usr/local/etc/zebra.conf) (you need to remember to run this command before you exit.) (otherwise, the next time you reboot your computer, everything would be lost.) ! specify log file name r6.ece.utk.edu# configure terminal r6.ece.utk.edu(config)# log file /var/log/zebra.log Step 5: - understanding ospfd ----------------------------- - For OSPF to run on the router, you must configure a backbone area on at least one interface. OSPF uses flooding to exchange link-state updates between routers. Any change in routing information is flooded to all routers in the network. Areas are introduced to put a boundary on the explosion of link-state updates. Flooding and calculation of the Dijkstra algorithm on a router is limited to changes within an area. All routers within an area have the exact link-state database. Routers that belong to multiple areas, called area border routers (ABR), have the duty of disseminating routing information or routing changes between areas. An area is interface specific. A router that has all of its interfaces within the same area is called an internal router (IR). A router that has interfaces in multiple areas is called an area border router (ABR). Routers that act as gateways (redistribution) between OSPF and other routing protocols (IGRP, EIGRP, IS-IS, RIP, BGP, Static) or other instances of the OSPF routing process are called autonomous system border routers (ASBR). Any router can be an ABR or an ASBR. - All OSPF interfaces have a cost, which is a routing metric that is used in the OSPF link-state calculation. Routes with lower total path metrics are preferred over those with higher path metrics. When several equal-cost routes to a destination exist, traffic is distributed equally among them. - OSPF routers constantly track the status of their neighbors, sending and receiving "hello" packets indicating that the neighbor is still functioning, and sending and receiving link-state advertisement and acknowledgment packets. OSPF sends packets and expects to receive packets at specified intervals. Step 6: - configure ospfd -------------------------------------- - assume zebra is already running at the background - make sure the ospfd configuration file is at /usr/local/etc cd /usr/local/etc cp ospfd.conf.sample ospfd.conf - start ospfd daemon /usr/local/sbin/ospfd -d - connect to ospfd telnet localhost ospfd Password: zebra ospfd> list ospfd> enable (in order to configure ospfd) ospfd# configure terminal ospfd# show ip ospf interface lo is up, line protocol is up OSPF not enabled on this interface eth0 is up, line protocol is up OSPF not enabled on this interface eth1 is up, line protocol is up OSPF not enabled on this interface ospfd# show ip ospf neighbor none ospfd# show ip ospf database OSPF Router with ID (192.168.3.6) ospfd# configure terminal ospfd(config)# log file /var/log/ospfd.log - configure router ! start ospf router ospfd(config)# router ospf ! router-id is a 32 bit number that uniquely identifies each ! router on the network. we set it to be the lowest ip of the ! router ospfd(config-router)# router-id 192.168.3.6 ! redistribute the connection does two things: ! First, it tells ospf to tell other routers about the network ! this router is connected to ! Secondly, it applies the route-map called 'NWROUTE' to any ! routes we might want to export to other routers. It is this route ! map that prevents us from massively damage things. It only allows ! us to export routes in the 192.168.0.0/16 network ospfd(config-router)# redistribute connected route-map NWROUTE ! configure the network area ospfd(config-router)# network 192.168.1.x/24 area 0 ospfd(config-router)# network 192.168.2.x/24 area 0 ! passive-interface means no ospf on this interface, this is for ! security reason ospfd(config-router)# passive-interface lo ospfd(config-router)# exit - configure access list ospfd(config)# access-list net-192 permit 192.168.0.0/16 - configure route map ospfd(config)# route-map NWROUTE permit 192 ospfd(config-route-map)# match ip address net-192 - configure interface ospfd(config)# interface eth0 ospfd(config-if)# description tunnel to 192.168.3.x ospfd(config-if)# ip ospf network point-to-point ospfd(config-if)# ip ospf cost 100 Some commonly used LINUX commands: 1) ps -aux check the currently running process see if you can find ospfd and zebra that you started 2) less filename to list the content of the file