netgo

Recently, I have some chance to study about the FRRouting. At that time, I do not have any Linux server. Thus, I decide that I use AWS Spot instance. After installation, I set up the OSPFv2 environment with simple configuration. However I can not estabilish the OSPF neighbor. 

1. Simple OSPFv2 Configuration of FRRouting

I have 2 hosts which is direct connected each other. In fact, these hosts are located in the same subnet of the VPC.

In FRRouting, I need one of configurations, "network <ip address> area <area-id>" and "ip ospf area <area-id>". In my case, I used "network <ip address> area <area-id>".

2. Multicast for OSPFv2

Have you ever heard about the multicast packet for OSPFv2? It is necessary factor to establish the connection.

On the same broadcast domain, I can see the both packets from the sender. However, I can not see all of things over AWS VPC network. It look like below

AWS does not support multicast default.

2. Enable the multicast feature for AWS VPC

Recently, AWS improve their feature of VPC with transit gateway. In this instruction, AWS show how to enable the multicast, even if there is limitation.

It is only 1 multicast source is possible. Because of this, I can not make success to establish OSPFv2 default. I need to request increase the quota. 

2-1. Create transit gateway with Multicast

The below is the result of creation. There is "Multicast support" option. (Please note that this feature is not opened on all of the regions, In my case, I use Virginia region.)

2-2. Attach the VPC to Transit Gateway.

I need to attach the transit gateway with mulitcast domain to the VPC.

2-3. Associate the subnet in VPC to the transit Gateway.

I have to assign the subnet which make multicast work to multicast domain. This multicast domain is created by transit gateway.

2-4. Register the source and member for multicast.

The definition of the source and memeber is below. 

For the OSPFv2, each host should be source and member. Thus I need 2 source and 2 member. However, I can not make 2 source at this time by limitation of AWS

"224.0.0.5" is the Multicast Group Address for OSPFv2. 

3. The result after enabling Multicast

Even if the multicast does not activate fully. I can verify the multicast effect. Host #1 is source and member. Host #2 is only member. Thus Host #2 can not transfer the mulitcast over VPC network. 

This is the what I learned from the Test.

Reference

[ 1 ] https://docs.aws.amazon.com/vpc/latest/tgw/working-with-multicast.html

[ 2 ] https://docs.aws.amazon.com/vpc/latest/tgw/transit-gateway-quotas.html

[ 3 ] https://docs.aws.amazon.com/vpc/latest/tgw/tgw-multicast-overview.html

A few years ago, I have read about Quagga. It is software router which can install on the Linux such as Ubuntu. I have heard about this FRRouting which is next generation of the Quagga. In this post, I will configure some feature from FRRouting.

1. Installation

I will use Ubuntu 18.04. In this instruction, there are steps to install for Debian Linux. 

By the instruction, It will be work. 

After installation, I can check the the directory created in "/etc/frr/" like below.

2. Crash Log File.

This is the directory, "/var/tmp/frr/<daemon>[-<instance>].<pid>/crashlog" which I have refer.

3. Daemon Configuration.

After I start the FRR with "/etc/init.d/frr start" command, I can check the listen Port. I can see "staticd" and "zebra" daemon are loaded. This is the basic daemon.

When I want to more routing protocol, there are 2 things necessary, configuration file such as bgpd.conf and activate the protocol. 

The configuration sample files are located under the "/usr/share/doc/frr/examples/zebra.conf.sample". (Please not that those file has ownership by "frr". Thus I need to update with "chown frr.frr zebra.conf".)

When I handle the Quagga at first time, There are something difficult to use it. It is "Intergrated-vtysh-config". I need each configuration file to load each routing protocol. This means that I have to edit each file.

I think that FRR improve this part rather than before. Please read this. there are "frr.conf" file.

If this file "frr.conf" is existed, each configuration file will not be loaded. I have to remove "frr.conf" to load each file.

4. How to save configurartion file on VTY Shell mode.

In FRR, VTY Shell (Intergrated mode) is useful. However, there are something import. Basically, the routing protocol works on each daemon with each configuration file. It is not simple to load from common configuration file "frr.conf" to each daemon. This relationship make some consideration about the save file.

I configure "service intergrated-vtysh-config" in frr.conf and try to save with "write intergrated" insted "write file"

4. Enable BGP Feature of FRRouting

In "/etc/frr/daemon" filel there is the step to define the protocol what I want. In my case, I will active BGP Protocol It looks like below.

At this time, I only activate BGP Protocol.

5. Configure Internal BGP with Route Reflector.

In this post, I handle similar environment with bird opensource. I think it will be good comparison. This .

6. Result

After configuration, I can verify the result. It works well like below.

Host #2 and Host #3 are not connected directly. However, there can understand each other.

Reference 

[ 1 ] http://docs.frrouting.org/en/latest/ 

[ 2 ] https://deb.frrouting.org/

[ 3 ] https://blog.naver.com/happy_jhyo/70155768908

[ 4 ] http://docs.frrouting.org/en/latest/vtysh.html

[ 5 ] https://github.com/FRRouting/frr/issues/966

[ 6 ] https://createnetech.tistory.com/55

[ 7 ] https://createnetech.tistory.com/53?category=672584

In this post, I handled the External BGP routing. In this part, I will address Internal BGP routing which is working on the same AS number. This is the my environment

Top of the hosts will be the router as reflector. And the others are reflector-client. For this senario, I will set up the internal BGP routing between "router-reflector and router-reflector-client"

1. Configure Internal BGP routing.

In these configuration, there is something important. "Protocol direct" option is necessary value for this internal BGP routing protocol. Without this option, I can see the result like below. "Unreachable" is shown.

With this option, I can see the correct routing table with "birdc" command

2. Configure Router Reflector 

Now I will edit the TOP host to work as the router. It is simple. I insert the "rr client" option into the BGP configuration like below.

After then, I can see the routing table on Host #1 and Host #2

Now I can send ICMP each other.

Host #1	Host #2

Now I can use the Internal BGP and Router Reflector option.

Reference 

[ 1 ] https://createnetech.tistory.com/52?category=679927

[ 2 ] https://saidvandeklundert.net/2015-06-14-bird-bgp-route-reflection/ 

[ 3 ] www.bird.network.cz/?get_doc&v=20&f=bird-6.html#ss6.3