bsd/ospf | bsd/ospf-n-bgp | bsd/bgp | cisco/ospf | cisco/ospf-n-bgp | cisco/bgp
this guide elaborates on the previously used OSPF network
Here we have four OSPF routers (router1, obsd1, obsd2, router3) and three BGP nodes (obsd1,2,3). Instead of populating a global default route, we would rather like to emulate another scenario. Although the two OSPF networks have their respective default route re-distributed, what if there’s no BGP transit point that offers a global default route?
We want the three networks to be able to communicate with each other, what do?…
The following setup shows how to replicate that PoC without this final step. There is a trick!
vpcs*
ip 10.1.1.1/24 10.1.1.254 ip 10.3.3.1/24 10.3.3.254 save
workstation (libvirt)
since there’s no NAT done within the PoC (beside libvirt’s), we need to enforce the routes
route add -net 10.0.0.0/24 gw 192.168.122.179 route add -net 10.1.1.0/24 gw 192.168.122.179 route add -net 10.2.2.0/24 gw 192.168.122.179 route add -net 10.3.3.0/24 gw 192.168.122.179 route add -net 1.2.3.0/24 gw 192.168.122.179
obsd*
hostname obsd1
hostname obsd2
hostname obsd3
echo obsd1 > /etc/myname
echo obsd2 > /etc/myname
echo obsd3 > /etc/myname
vi /etc/hostname.vio0
inet 1.2.3.1/24
inet 1.2.3.2/24
inet 1.2.3.3/24
vi /etc/hostname.vio1
inet 10.1.1.254/24
inet 10.2.2.254/24
dhcp
apply and enable forwarding
sh /etc/netstart sysctl net.inet.ip.forwarding=1 sysctl net.inet6.ip6.forwarding=1 echo net.inet.ip.forwarding=1 >> /etc/sysctl.conf echo net.inet6.ip6.forwarding=1 >> /etc/sysctl.conf
two out of three BGP routers redistribute their routes to their respective OSPF area 0
obsd1,2
vi /etc/ospfd.conf
# obsd1
router-id 1.2.3.1
redistribute connected
redistribute default
area 0.0.0.0 {
interface vio1
}
# obsd2
router-id 1.2.3.2
redistribute connected
redistribute default
area 0.0.0.0 {
interface vio1
}
chmod 600 /etc/ospfd.conf
vi /etc/bgpd.conf
obsd1
AS 65001
router-id 1.2.3.1
connect-retry 30
log updates
network 10.1.1.0/24
network 10.0.0.0/24
neighbor 1.2.3.2 {
remote-as 65002
announce IPv4
}
neighbor 1.2.3.3 {
remote-as 65003
announce IPv4
}
allow from any
allow to any
obsd2
AS 65002
router-id 1.2.3.2
connect-retry 30
log updates
network 10.2.2.0/24
network 10.3.3.0/24
neighbor 1.2.3.1 {
remote-as 65001
announce IPv4
}
neighbor 1.2.3.3 {
remote-as 65003
announce IPv4
}
allow from any
allow to any
obsd3
AS 65003
router-id 1.2.3.3
connect-retry 30
log updates
network 192.168.122.0/24
neighbor 1.2.3.1 {
remote-as 65001
announce IPv4
}
neighbor 1.2.3.2 {
remote-as 65002
announce IPv4
}
allow from any
allow to any
start and enable OSPFD at boot-time
obsd1,2
ospfd -d ^C rcctl enable ospfd rcctl restart ospfd
start and enable BGPD at boot-time
bgpd -nf /etc/bgpd.conf
obsd*
rcctl enable bgpd
rcctl restart bgpd
service should be up and listening 179/tcp
netstat -an -f inet | grep .179
check status and terminate
rcctl check bgpd
pgrep bgpd
ps auxww | grep bgpd
rcctl stop bgpd
foreign routes should show up
netstat -rn -f inet tail -f /var/log/daemon bgpctl show bgpctl show neighbor bgpctl show rib bgpctl show rib detail bgpctl show rib detail 10.1.1.0/24 bgpctl show fib bgp bgpctl show table
vpcs1
ping 10.3.3.1 trace 10.3.3.1 ping 192.168.122.1 trace 192.168.122.1
this one won’t work because BGP routers obsd1 and obsd2 don’t know about the public network at all
#ping 1.1.1.1 #trace 1.1.1.1
vpcs2
ping 192.168.122.1 trace 192.168.122.1
Routing with OpenBSD using OpenOSPFD and OpenBGPD https://www.openbsd.org/papers/linuxtag06-network.pdf