Recently, I need to study about Calico over Kubernetis. In fact, I like Flannel rather than this. However, this Calico is also best practice. During start this Calico, I read about the Brid. In this post, I will how to install and configure this Bird.
1. What is Bird?
In this site, it is explained "what kinds of dynamic routing is supported?". It is working on Linux also. In my environment, I will use Ubuntu.
2. Install the Bird
I will follow this instruction, It show the best way to install like below. I will use first one.
To add the repository for bird, I refer to this instruction,
| # sudo add-apt-repository ppa:cz.nic-labs/bird # sudo apt-get update # apt-get install bird |
After then, I can verify the version like below.
3. Configuration for Bird for the system
There are servaral configuration to work as the router or switch. First I will edit the system file "/etc/sysctl.conf".
| # vi /etc/sysctl.conf # Uncomment the next line to enable packet forwarding for IPv4 net.ipv4.ip_forward=1 # sysctl -p /etc/sysctl.conf net.ipv4.ip_forward = 1 |
I will edit some configure for logging in "/etc/bird/bird.conf". In this file, it is look like below default. I will follow this instruction.
| # Change this into your BIRD router ID. It's a world-wide unique identification # of your router, usually one of router's IPv4 addresses. router id 198.51.100.1; # The Kernel protocol is not a real routing protocol. Instead of communicating # with other routers in the network, it performs synchronization of BIRD's # routing tables with the OS kernel. protocol kernel { scan time 60; import none; # export all; # Actually insert routes into the kernel routing table } # The Device protocol is not a real routing protocol. It doesn't generate any # routes and it only serves as a module for getting information about network # interfaces from the kernel. protocol device { scan time 60; } # logging log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug }; log stderr all; log "/var/log/bird.log" all; |
The bold above will be added. However, sometimes you will get the error message like below. Thus In my case I will update file properties.
| # chmod 777 /var/log/bird.log |
Now I can start this bird.
| # systemctl restart bird # systemctl enable bird # ps aux | grep -i bird bird 796 0.0 0.2 15724 2556 ? Ss 07:33 0:00 /usr/sbin/bird6 -f -u bird -g bird root 1167 0.0 0.1 14856 1116 pts/0 S+ 07:37 0:00 grep --color=auto -i bird |
4. Configure the simple BGP routing
This is my environment. I have 2 instance, which have IP address like below. I need to edit "/etc/bird/bird.conf" file
In the default configuration, there is something important variable.
| protocol kernel { scan time 60; import none; # export all; # Actually insert routes into the kernel routing table } # The Device protocol is not a real routing protocol. It doesn't generate any # routes and it only serves as a module for getting information about network # interfaces from the kernel. protocol device { scan time 60; } |
For the Simple BGP configuration, I will follow this sample instruction. I will try to configure I-BGP which mean each host has same as number.
| Host #1 | Host #2 |
| # BGP Routing Protocol protocol static static_bgp { route 1.1.1.1:255.255.255.255 via 10.10.0.159; route 1.1.1.2:255.255.255.255 via 10.10.0.159; } protocol bgp { import all; export where proto = "static_bgp"; local as 65001; neighbor 10.10.0.205 as 65001; } |
# BGP Routing Protocol protocol static static_bgp { route 2.2.2.1:255.255.255.255 via 10.10.0.205; route 2.2.2.2:255.255.255.255 via 10.10.0.205; } protocol bgp { import all; export where proto = "static_bgp"; local as 65001; neighbor 10.10.0.159 as 65001; } |
In my senario, I will announce the loopback IP address into the BGP routing protocol. "export" is look like "redestribute" option. In the above there is some important option "import" and "export". In this instruction, there is some explain like below.
I need to install into the BGP routing table which received. I need to edit "import all". Now I can verify the status with "birdc" command.
|
Host #1 |
Host #2 |
|
root@ip-10-10-0-159:~# birdc BIRD 1.6.8 ready. bird> show route 1.1.1.1/32 via 10.10.0.159 on ens5 [static_bgp 12:08:06] * (200) 2.2.2.2/32 via 10.10.0.205 on ens5 [bgp1 12:08:11] * (100) [AS65002i] 1.1.1.2/32 via 10.10.0.159 on ens5 [static_bgp 12:08:06] * (200) 2.2.2.1/32 via 10.10.0.205 on ens5 [bgp1 12:08:11] * (100) [AS65002i] |
root@ip-10-10-0-205:~# birdc BIRD 1.6.8 ready. bird> show route 2.2.2.2/32 via 10.10.0.205 on ens5 [static_bgp 12:07:51] * (200) 1.1.1.1/32 via 10.10.0.159 on ens5 [bgp1 12:08:11] * (100) [AS65001i] 2.2.2.1/32 via 10.10.0.205 on ens5 [static_bgp 12:07:51] * (200) 1.1.1.2/32 via 10.10.0.159 on ens5 [bgp1 12:08:11] * (100) [AS65001i] |
I can see the BGP routing table "1.1.1.1", "1.1.1.2", "2.2.2.1" and "2.2.2.2" are updated. Also I can see the status with "show protocols all" command
|
bird> show protocols all name proto table state since info kernel1 Kernel master up 12:08:06 Preference: 10 Input filter: ACCEPT Output filter: REJECT Routes: 0 imported, 0 exported, 0 preferred Route change stats: received rejected filtered ignored accepted Import updates: 0 0 0 0 0 Import withdraws: 0 0 --- 0 0 Export updates: 6 0 6 --- 0 Export withdraws: 0 --- --- --- 0 device1 Device master up 12:08:06 Preference: 240 Input filter: ACCEPT Output filter: REJECT Routes: 0 imported, 0 exported, 0 preferred Route change stats: received rejected filtered ignored accepted Import updates: 0 0 0 0 0 Import withdraws: 0 0 --- 0 0 Export updates: 0 0 0 --- 0 Export withdraws: 0 --- --- --- 0 static_bgp Static master up 12:08:06 Preference: 200 Input filter: ACCEPT Output filter: REJECT Routes: 2 imported, 0 exported, 2 preferred Route change stats: received rejected filtered ignored accepted Import updates: 2 0 0 0 2 Import withdraws: 0 0 --- 0 0 Export updates: 0 0 0 --- 0 Export withdraws: 0 --- --- --- 0 bgp1 BGP master up 12:08:11 Established Preference: 100 Input filter: ACCEPT Output filter: (unnamed) Routes: 2 imported, 2 exported, 2 preferred Route change stats: received rejected filtered ignored accepted Import updates: 2 0 0 0 2 Import withdraws: 0 0 --- 0 0 Export updates: 4 2 0 --- 2 Export withdraws: 0 --- --- --- 0 BGP state: Established Neighbor address: 10.10.0.205 Neighbor AS: 65002 Neighbor ID: 10.10.0.205 Neighbor caps: refresh enhanced-refresh restart-aware llgr-aware AS4 Session: external AS4 Source address: 10.10.0.159 Hold timer: 186/240 Keepalive timer: 52/80 |
5. Installing over the Kernal Routing table
Even if bird has the routing table, I can not see the routing table over the system.
|
root@ip-10-10-0-159:~# netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 10.10.0.1 0.0.0.0 UG 0 0 0 ens5 10.10.0.0 0.0.0.0 255.255.255.0 U 0 0 0 ens5 10.10.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 ens5 |
Because of this, It is not easy to verify the status if this routing work or not. I need to edit "/etc/bird/bird.conf"
|
protocol kernel { scan time 60; import all; export all; } |
After then, the routing table will be like below.
|
Host #1 |
Host #2 |
|
root@ip-10-10-0-159:~# netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 10.10.0.1 0.0.0.0 UG 0 0 0 ens5 1.1.1.1 10.10.0.159 255.255.255.255 UGH 0 0 0 ens5 1.1.1.2 10.10.0.159 255.255.255.255 UGH 0 0 0 ens5 2.2.2.1 10.10.0.205 255.255.255.255 UGH 0 0 0 ens5 2.2.2.2 10.10.0.205 255.255.255.255 UGH 0 0 0 ens5 10.10.0.0 0.0.0.0 255.255.255.0 U 0 0 0 ens5 10.10.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 ens5 |
root@ip-10-10-0-205:~# netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 10.10.0.1 0.0.0.0 UG 0 0 0 ens5 1.1.1.1 10.10.0.159 255.255.255.255 UGH 0 0 0 ens5 1.1.1.2 10.10.0.159 255.255.255.255 UGH 0 0 0 ens5 2.2.2.1 10.10.0.205 255.255.255.255 UGH 0 0 0 ens5 2.2.2.2 10.10.0.205 255.255.255.255 UGH 0 0 0 ens5 10.10.0.0 0.0.0.0 255.255.255.0 U 0 0 0 ens5 10.10.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 ens5 |
I will use the AWS instance. To verify I need to change the option, "source and destination checking option". This option will drop the packet when the source and destination does not match.
And then, I can transfer ICMP packet like below.
| Host #1 | Host #2 |
 |
 |
This is the simple BGP routing with Bird. If I have chance to learn more deep-dive. I will handle about it next time.
Reference
[ 1 ] https://bird.network.cz/
[ 2 ] https://gitlab.labs.nic.cz/labs/bird
[ 3 ] https://launchpad.net/~cz.nic-labs/+archive/ubuntu/bird
[ 4 ] https://bird.network.cz/pipermail/bird-users/2011-September/002425.html
[ 5 ] https://blog.marquis.co/configuring-bgp-using-bird-on-ubuntu-14-04lts/
[ 6 ] https://skyenet.tech/bird/
'Network Engineering > OpenSource' 카테고리의 다른 글
| How to configure Simple Internal BGP with Route Reflector over FRRouting (include Installation)? (0) | 2020.06.03 |
|---|---|
| How to configure Internal BGP and Router Reflector with Bird? (0) | 2020.05.11 |
| How to outbound external connection of GN3 devices over remote server? (0) | 2019.06.14 |
| How to Configuration VXLAN in Ubuntu 16.04 (0) | 2018.08.16 |
| How to Configure “ipvsadm” in Ubuntu (0) | 2018.08.10 |