zebra 사용법

Zebra to set up a Linux BGP/OSPF router

You’ve no doubt heard of routers from giants such as

Cisco and Nortel, but what about Linux? While Linux

has become an increasingly viable option as a server,

few realize its potential as a full-featured router.

With GNU Zebra, your Linux box can act as a router

supporting TCP/IP protocols such as RIPv1, RIPv2,

RIPng, OSPFv2, OSPFv3, BGP-4, and BGP-4+. I’m going to

show you how to install, configure, and use Zebra to

turn a Linux box into an OSPF and BGP router.

Building an advanced router

If you have set up a Linux box as a firewall, you have

already built a simple Linux router. However, we’re

going to look at using Linux to build an advanced

router that can communicate using dynamic routing

protocols. These protocols allow routers to speak to

each other and share information of paths through a

network. This is incredibly important in large

networks (such as the Internet), where static routing

is impractical.

For example, even with route summarization (where only

the largest possible block is advertised), a single

Border Gateway Protocol (BGP) routing table still

contains over 100,000 entries. The sheer number of

entries, combined with the rate of change, makes

static route assignment impossible. The need for

dynamic routing protocols is obvious, even with

networks smaller than the Internet, such as large

corporate networks.

While BGP, an External Gateway Protocol (EGP), is the

workhorse of the Internet, others are better suited

for use on smaller internetworks. The Open Shortest

Path First (OSPF) protocol is an Internal Gateway

Protocol (IGP) and is one of the most widely used. GNU

Zebra is an open source software package that allows

you to run BGP and/or OSPF on Linux.

Installing Zebra

You can download the latest source version of Zebra

from Zebra.org. Distribution-specific packages are

also available from a number of sources, including

Redhat and Debian. If you’re installing from source,

you will find that the standard installation procedure

is applicable. Simply extract the package and run:

./configure

make

make install

The configuration script will detect what IP stacks

are installed on your system and automatically

configure support for them. In today’s environment,

this will most likely mean just IPv4, but IPv6 users

will be pleased to know that Zebra will detect and

support it as well.

Once you have installed the program, it may be

necessary to add some lines to /etc/services. Zebra’s

daemons operate on their own virtual terminal lines

(VTYs), so your system needs to know what they are.

Here are the lines you should add:

zebrasrv 2600/tcp # zebra service

zebra 2601/tcp # zebra vty

ripd 2602/tcp # RIPd vty

ripngd 2603/tcp # RIPngd vty

ospfd 2604/tcp # OSPFd vty

bgpd 2605/tcp # BGPd vty

ospf6d 2606/tcp # OSPF6d vty

Configuring Zebra

If you’re familiar with the Cisco IOS, you shouldn’t

have any problems getting Zebra up and running in a

short amount of time. Each of Zebra’s daemons uses a

separate VTY to allow dynamic configuration through a

Telnet session. So, if you need to configure OSPF,

simply Telnet to port 2604 on the Linux box. To modify

the kernel’s routing table or to configure

redistribution between routing protocols, you should

Telnet to port 2601. This is the Zebra daemon, which

acts as a kernel manager handling communication

between the other daemons and the system itself.

Let’s take a look at how we would get OSPF and BGP up

and running on a test server. Zebra’s daemons use

plain text files to store their configurations. For

our OSPF/BGP router there will be three files used:

zebra.conf, ospfd.conf, and bgpd.conf. The zebra.conf

file, for instance, will look something like this:

! Zebra configuration saved from vty

! 2002/02/28 01:46:12

!

hostname LinuxRouter

password zebra

enable password z3bRa

log file /var/log/zebra/zebra.log

!

interface eth0

description Interface to External Network

ip address 10.0.0.1/24

!

interface eth1

description Interface to Internal Network

ip address 192.168.66.1/24

The exclamation points serve as comment markers or

spacers. The rest of the configuration should be more

or less self-explanatory. There are a number of

different types of network interfaces (Ethernet, ISDN,

etc.), and Zebra can use any that are recognized by

the Linux kernel.

Subnet masking is done with network bits (e.g., /24)

as opposed to the full mask, which in this case would

be 255.255.255.0. Also note that there are two

passwords, one for user mode and one for privileged

mode. This is useful for providing access to

nonadministrators, and it’s critical if you are

creating a route server or looking glass. Any BGP

admin will tell you that looking glasses are a key to

troubleshooting routing issues, as they allow you to

view routes as seen from an outside AS’s point of

view. (AS stands for Autonomous System—basically, a

group of devices under the same policy or

administration.) BGP routing is done by AS numbers,

which are registered numbers controlled by the

American Registry for Internet Numbers (ARIN). For

more on BGP, read “How to use BGP to achieve Internet

redundancy.”

The next step is to start the necessary programs. You

can do this with the following commands:

/usr/sbin/zebra –dk

/usr/sbin/ospfd –d

/usr/sbin/bgpd –d

In the first command, we start zebra, the daemon that

will actually update the kernel’s routing table. The

–dk tells the program to run as a daemon (the d),

basically keeping it in the background. The k is an

additional option that tells Zebra to keep any routes

that are already configured on the box. This is useful

if you are testing Zebra and do not want to wipe out

your routing table accidentally. Normally, routes and

interfaces are configured with a combination of the

ifconfig and route commands. Zebra is a complete

replacement for this form of route management.

Setting up OSPF

Now that the necessary services are running, Telnet to

port 2604 on the local machine to begin the OSPF

configuration. Enter privileged mode by typing enable

(just as you would in the Cisco IOS) and then enter

the privileged mode password. Next, configuration mode

is accessed with the configuration terminal command.

Zebra will also accept abbreviations in keeping with

its similarity to Cisco. Also accepted are the list

and ? entries, which provide a menu of possible

commands and a short explanation.

You will also be pleased to see that tab completion is

supported. This is a nice feature, especially if you

are accustomed to using it. Next, we will need to tell

the daemon what networks are going to be advertised

via OSPF, along with the associated area. OSPF

supports multiple areas to provide scalability. Enter

the OSPF configuration by typing router ospf and then

network 192.168.66.0/24 area 0. This tells the router

that we are going to use OSPF to advertise the

192.168.66.0 network with a subnet mask of

255.255.255.0.

In this example, we are also going to make interface

eth0 a passive interface so that routing updates will

not be sent out of it. This is important for testing

purposes when other routers in that direction may be

listening. You can do this with the command

passive-interface eth0. Once you have made your

changes, exit out of configuration mode by typing end

and then save it with the write file command. Here is

a snapshot of what this will look like:
labrat:~# telnet 0 2604

Trying 0.0.0.0…

Connected to 0.

Escape character is ‘^]’.

Hello, this is zebra (version 0.84b)

Copyright 1996-2000 Kunihiro Ishiguro

User Access Verification

Password:

ospfd> enable

Password:

ospfd# configure terminal

ospfd(config)# router ospf

ospfd(config-router)# network 192.168.66.0/24 area 0

ospfd(config-router)# passive-interface eth0

ospfd(config-router)# end

ospfd# write file

Configuration saved to /etc/zebra/ospfd.conf

Remember that for OSPF or BGP to operate over an

interface, that interface needs to be up. To manually

bring up an interface, log in to port 2601 and execute

a no shut command on the appropriate interface.

Setting up BGP

BGP is configured in much the same way as OSPF. To

begin, open a Telnet session to port 2605. After

executing configure terminal, enter BGP configuration

mode by typing router bgp <AS #>. As mentioned

previously, BGP uses AS numbers to establish neighbor

relationships and route traffic. In our test

environment, we will be using a private AS number,

which can range from 64512 to 65534. The networks to

be advertised by BGP are then installed with the

network command. There are no trailing area options in

BGP, so our command would be network 192.168.66.0/24.

Unlike OSPF, BGP neighbors need to be statically

assigned. You do this as follows: neighbor <neighbor

IP> remote-as <remote AS #>. Here is an example of

what this will look like:

labrat:~# telnet 0 2605

Trying 0.0.0.0…

Connected to 0.

Escape character is ‘^]’.

Hello, this is zebra (version 0.84b)

Copyright 1996-2000 Kunihiro Ishiguro

User Access Verification

Password:

bgpd> enable

Password:

bgpd# configure terminal

bgpd(config)# router bgp 65530

bgpd(config-router)# network 192.168.66.0/24

bgpd(config-router)# neighbor 10.0.0.5 remote-as 65531

bgpd(config-router)# end

bgpd# write file

Configuration saved to /etc/zebra/bgpd.conf