document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-01-13 22:30:37 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1767 from geekpi/master

Browse Source 
translate
This commit is contained in:
geekpi 2014-10-03 10:45:33 +08:00
commit 866acbd3b1
2 changed files with 224 additions and 223 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

223
sources/tech/20140928 How to turn your CentOS box into an OSPF router using Quagga.md
View File

@ -1,223 +0,0 @@
How to turn your CentOS box into an OSPF router using Quagga
================================================================================
[Quagga][1] is an open source routing software suite that can be used to turn your Linux box into a fully-fledged router that supports major routing protocols like RIP, OSPF, BGP or ISIS router. It has full provisions for IPv4 and IPv6, and supports route/prefix filtering. Quagga can be a life saver in case your production router is down, and you don't have a spare one at your disposal, so are waiting for a replacement. With proper configurations, Quagga can even be provisioned as a production router.
In this tutorial, we will connect two hypothetical branch office networks (e.g., 192.168.1.0/24 and 172.17.1.0/24) that have a dedicated link between them.
![](https://farm4.staticflickr.com/3861/15172727969_13cb7f037f_b.jpg)
Our CentOS boxes are located at both ends of the dedicated link. The hostnames of the two boxes are set as 'site-A-RTR' and 'site-B-RTR' respectively. IP address details are provided below.
- **Site-A**: 192.168.1.0/24
- **Site-B**: 172.16.1.0/24
- **Peering between 2 Linux boxes**: 10.10.10.0/30
The Quagga package consists of several daemons that work together. In this tutorial, we will focus on setting up the following daemons.
1. **Zebra**: a core daemon, responsible for kernel interfaces and static routes.
1. **Ospfd**: an IPv4 OSPF daemon.
### Install Quagga on CentOS ###
We start the process by installing Quagga using yum.
# yum install quagga
On CentOS 7, SELinux prevents /usr/sbin/zebra from writing to its configuration directory by default. This SELinux policy interferes with the setup procedure we are going to describe, so we want to disable this policy. For that, either [turn off SELinux][2] (which is not recommended), or enable the 'zebra_write_config' boolean as follows. Skip this step if you are using CentOS 6.
# setsebool -P zebra_write_config 1
Without this change, we will see the following error when attempting to save Zebra configuration from inside Quagga's command shell.
Can't open configuration file /etc/quagga/zebra.conf.OS1Uu5.
After Quagga is installed, we configure necessary peering IP addresses, and update OSPF settings. Quagga comes with a command line shell called vtysh. The Quagga commands used inside vtysh are similar to those of major router vendors such as Cisco or Juniper.
### Phase 1: Configuring Zebra ###
We start by creating a Zebra configuration file, and launching Zebra daemon.
# cp /usr/share/doc/quagga-XXXXX/zebra.conf.sample /etc/quagga/zebra.conf
# service zebra start
# chkconfig zebra on
Launch vtysh command shell:
# vtysh
First, we configure the log file for Zebra. For that, enter the global configuration mode in vtysh by typing:
site-A-RTR# configure terminal
and specify log file location, then exit the mode:
site-A-RTR(config)# log file /var/log/quagga/quagga.log
site-A-RTR(config)# exit
Save configuration permanently:
site-A-RTR# write
Next, we identify available interfaces and configure their IP addresses as necessary.
site-A-RTR# show interface
----------
Interface eth0 is up, line protocol detection is disabled
. . . . .
Interface eth1 is up, line protocol detection is disabled
. . . . .
Configure eth0 parameters:
site-A-RTR# configure terminal
site-A-RTR(config)# interface eth0
site-A-RTR(config-if)# ip address 10.10.10.1/30
site-A-RTR(config-if)# description to-site-B
site-A-RTR(config-if)# no shutdown
Go ahead and configure eth1 parameters:
site-A-RTR(config)# interface eth1
site-A-RTR(config-if)# ip address 192.168.1.1/24
site-A-RTR(config-if)# description to-site-A-LAN
site-A-RTR(config-if)# no shutdown
Now verify configuration:
site-A-RTR(config-if)# do show interface
----------
Interface eth0 is up, line protocol detection is disabled
. . . . .
inet 10.10.10.1/30 broadcast 10.10.10.3
. . . . .
Interface eth1 is up, line protocol detection is disabled
. . . . .
inet 192.168.1.1/24 broadcast 192.168.1.255
. . . . .
----------
site-A-RTR(config-if)# do show interface description
----------
Interface Status Protocol Description
eth0 up unknown to-site-B
eth1 up unknown to-site-A-LAN
Save configuration permanently:
site-A-RTR(config-if)# do write
Repeat the IP address configuration step on site-B server as well.
If all goes well, you should be able to ping site-B's peering IP 10.10.10.2 from site-A server.
Note that once Zebra daemon has started, any change made with vtysh's command line interface takes effect immediately. There is no need to restart Zebra daemon after configuration change.
### Phase 2: Configuring OSPF ###
We start by creating an OSPF configuration file, and starting the OSPF daemon:
# cp /usr/share/doc/quagga-XXXXX/ospfd.conf.sample /etc/quagga/ospfd.conf
# service ospfd start
# chkconfig ospfd on
Now launch vtysh shell to continue with OSPF configuration:
# vtysh
Enter router configuration mode:
site-A-RTR# configure terminal
site-A-RTR(config)# router ospf
Optionally, set the router-id manually:
site-A-RTR(config-router)# router-id 10.10.10.1
Add the networks that will participate in OSPF:
site-A-RTR(config-router)# network 10.10.10.0/30 area 0
site-A-RTR(config-router)# network 192.168.1.0/24 area 0
Save configuration permanently:
site-A-RTR(config-router)# do write
Repeat the similar OSPF configuration on site-B as well:
site-B-RTR(config-router)# network 10.10.10.0/30 area 0
site-B-RTR(config-router)# network 172.16.1.0/24 area 0
site-B-RTR(config-router)# do write
The OSPF neighbors should come up now. As long as ospfd is running, any OSPF related configuration change made via vtysh shell takes effect immediately without having to restart ospfd.
In the next section, we are going to verify our Quagga setup.
### Verification ###
#### 1. Test with ping ####
To begin with, you should be able to ping the LAN subnet of site-B from site-A. Make sure that your firewall does not block ping traffic.
[root@site-A-RTR ~]# ping 172.16.1.1 -c 2
#### 2. Check routing tables ####
Necessary routes should be present in both kernel and Quagga routing tables.
[root@site-A-RTR ~]# ip route
----------
10.10.10.0/30 dev eth0 proto kernel scope link src 10.10.10.1
172.16.1.0/30 via 10.10.10.2 dev eth0 proto zebra metric 20
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.1
----------
[root@site-A-RTR ~]# vtysh
site-A-RTR# show ip route
----------
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
O 10.10.10.0/30 [110/10] is directly connected, eth0, 00:14:29
C>* 10.10.10.0/30 is directly connected, eth0
C>* 127.0.0.0/8 is directly connected, lo
O>* 172.16.1.0/30 [110/20] via 10.10.10.2, eth0, 00:14:14
C>* 192.168.1.0/24 is directly connected, eth1
#### 3. Verifying OSPF neighbors and routes ####
Inside vtysh shell, you can check if necessary neighbors are up, and proper routes are being learnt.
[root@site-A-RTR ~]# vtysh
site-A-RTR# show ip ospf neighbor
![](https://farm3.staticflickr.com/2943/15160942468_d348241bd5_z.jpg)
In this tutorial, we focused on configuring basic OSPF using Quagga. In general, Quagga allows us to easily configure a regular Linux box to speak dynamic routing protocols such as OSPF, RIP or BGP. Quagga-enabled boxes will be able to communicate and exchange routes with any other router that you may have in your network. Since it supports major open standard routing protocols, it may be a preferred choice in many scenarios. Better yet, Quagga's command line interface is almost identical to that of major router vendors like Cisco or Juniper, which makes deploying and maintaining Quagga boxes very easy.
Hope this helps.
--------------------------------------------------------------------------------
via: http://xmodulo.com/turn-centos-box-into-ospf-router-quagga.html
作者:[Sarmed Rahman][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://xmodulo.com/author/sarmed
[1]:http://www.nongnu.org/quagga/
[2]:http://xmodulo.com/how-to-disable-selinux.html

224
translated/tech/20140928 How to turn your CentOS box into an OSPF router using Quagga.md Normal file
View File

@ -0,0 +1,224 @@
如何使用Quagga将CentOS放入OSPF路由器中
================================================================================
[Quagga][1]是一个可以将Linux放入支持如RIP、OSPF、BGP和IS-IS等主要路由协议的路由器的一个开源路由软件套件。它具有对IPv4和IPv6的完整规定并支持路由/前缀过滤。Quagga可以是你生命中的救星以防你的生产路由器一旦宕机而你没有备用的设备而只能等待更换。通过适当的配置Quagga甚至可以作为生产路由器。
本教程中我们将连接两个假设之间具有专线连接的分支机构网络例如192.168.1.0/24和172.17.1.0/24
![](https://farm4.staticflickr.com/3861/15172727969_13cb7f037f_b.jpg)
我们的CentOS位于所述专用链路的两端。两台主机名分别设置为“site-A-RTR”和“site-B-RTR'。下面是IP地址的详细信息。
- **Site-A**: 192.168.1.0/24
- **Site-B**: 172.16.1.0/24
- **Peering between 2 Linux boxes**: 10.10.10.0/30
Quagga包括了几个协同工作的守护进程。在本教程中我们将重点建立以下守护进程。
1. **Zebra**: 核心守护进程,负责内核接口和静态路由。
1. **Ospfd**: IPv4 OSPF 守护进程.
### 在CentOS上安装Quagga ###
我们使用yum安装Quagga。
# yum install quagga
在CentOS7SELinux默认会阻止quagga将配置文件写到/usr/sbin/zebra。这个SELinux策略会干涉我们接下来要介绍的安装过程所以我们要禁用此策略。对于这一点无论是[关闭SELinux][2]这里不推荐还是如下启用“zebra_write_config'。如果你使用的是CentOS 6的请跳过此步骤。
# setsebool -P zebra_write_config 1
如果没有这个改变在我们尝试在Quagga命令行中保存配置的时候看到如下错误。
Can't open configuration file /etc/quagga/zebra.conf.OS1Uu5.
安装完Quagga后我们要配置必要的对等IP地址并更新OSPF设置。Quagga自带了一个命令行称为vtysh。vtysh里面用到的Quagga命令与主要的路由器厂商如思科和Juniper是相似的。
### 步骤 1: 配置 Zebra ###
我们首先创建Zebra配置文件并启用Zebra守护进程。
# cp /usr/share/doc/quagga-XXXXX/zebra.conf.sample /etc/quagga/zebra.conf
# service zebra start
# chkconfig zebra on
启动vtysh命令行
# vtysh
首先我们为Zebra被指日志文件。输入下面的命令进入vtysh的全局配置模式
site-A-RTR# configure terminal
指定日志文件位置,接着退出模式:
site-A-RTR(config)# log file /var/log/quagga/quagga.log
site-A-RTR(config)# exit
永久保存配置:
site-A-RTR# write
接下来我们要确定可用的接口并按需配置它们的IP地址。
site-A-RTR# show interface
----------
Interface eth0 is up, line protocol detection is disabled
. . . . .
Interface eth1 is up, line protocol detection is disabled
. . . . .
配置eth0参数
site-A-RTR# configure terminal
site-A-RTR(config)# interface eth0
site-A-RTR(config-if)# ip address 10.10.10.1/30
site-A-RTR(config-if)# description to-site-B
site-A-RTR(config-if)# no shutdown
继续配置eth1参数
site-A-RTR(config)# interface eth1
site-A-RTR(config-if)# ip address 192.168.1.1/24
site-A-RTR(config-if)# description to-site-A-LAN
site-A-RTR(config-if)# no shutdown
现在验证配置:
site-A-RTR(config-if)# do show interface
----------
Interface eth0 is up, line protocol detection is disabled
. . . . .
inet 10.10.10.1/30 broadcast 10.10.10.3
. . . . .
Interface eth1 is up, line protocol detection is disabled
. . . . .
inet 192.168.1.1/24 broadcast 192.168.1.255
. . . . .
----------
site-A-RTR(config-if)# do show interface description
----------
Interface Status Protocol Description
eth0 up unknown to-site-B
eth1 up unknown to-site-A-LAN
永久保存配置:
site-A-RTR(config-if)# do write
在site-B上重复上面配置IP地址的步骤。
如果一切顺利你应该可以在site-A的服务器上ping通site-B上的对等IP地址10.10.10.2了。
注意一旦Zebra的守护进程启动了在vtysh命令行中的任何改变都会立即生效。因此没有必要在更改配置后重启Zebra守护进程。
### 步骤 2: 配置OSPF ###
我们首先创建OSPF配置文件并启动OSPF守护进程
# cp /usr/share/doc/quagga-XXXXX/ospfd.conf.sample /etc/quagga/ospfd.conf
# service ospfd start
# chkconfig ospfd on
现在启动vtysh命令行来继续OSPF配置
# vtysh
输入路由配置模式:
site-A-RTR# configure terminal
site-A-RTR(config)# router ospf
可选配置路由id:
site-A-RTR(config-router)# router-id 10.10.10.1
添加在OSPF中的网络:
site-A-RTR(config-router)# network 10.10.10.0/30 area 0
site-A-RTR(config-router)# network 192.168.1.0/24 area 0
永久保存配置:
site-A-RTR(config-router)# do write
在site-B上重复和上面相似的OSPF配置:
site-B-RTR(config-router)# network 10.10.10.0/30 area 0
site-B-RTR(config-router)# network 172.16.1.0/24 area 0
site-B-RTR(config-router)# do write
OSPF的邻居现在应该启动了。只要ospfd在运行通过vtysh的任何OSPF相关配置的改变都会立即生效而不必重启ospfd。
下一章节我们会验证我们的Quagga设置。
### 验证 ###
#### 1. 通过ping测试 ####
首先你应该可以从site-A ping同site-B的LAN子网。确保你的防火墙没有阻止ping的流量。
[root@site-A-RTR ~]# ping 172.16.1.1 -c 2
#### 2. 检查路由表 ####
必要的路由应该同时出现在内核与Quagga理由表中。
[root@site-A-RTR ~]# ip route
----------
10.10.10.0/30 dev eth0 proto kernel scope link src 10.10.10.1
172.16.1.0/30 via 10.10.10.2 dev eth0 proto zebra metric 20
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.1
----------
[root@site-A-RTR ~]# vtysh
site-A-RTR# show ip route
----------
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
O 10.10.10.0/30 [110/10] is directly connected, eth0, 00:14:29
C>* 10.10.10.0/30 is directly connected, eth0
C>* 127.0.0.0/8 is directly connected, lo
O>* 172.16.1.0/30 [110/20] via 10.10.10.2, eth0, 00:14:14
C>* 192.168.1.0/24 is directly connected, eth1
#### 3. 验证OSPF邻居和路由 ####
在vtysh命令行中你可以检查必要的邻居是否在线与是否已经学习了合适的路由。
[root@site-A-RTR ~]# vtysh
site-A-RTR# show ip ospf neighbor
![](https://farm3.staticflickr.com/2943/15160942468_d348241bd5_z.jpg)
本教程中我们将重点放在使用Quagga配置基本的OSPF。在一般情况下Quagga能让我们能够轻松在一台普通的Linux机器上配置动态路由协议如OSPF、RIP或BGP。启用了Quagga的机器可以与你网络中的其他路由器进行通信和交换路由信息。由于它支持主要的开放标准的路由协议它或许是许多情况下的首选。更重要的是Quagga的命令行界面与主要路由器厂商如思科和Juniper几乎是相同的这使得部署和维护Quagga机器变得非常容易。
希望这些对你们有帮助。
--------------------------------------------------------------------------------
via: http://xmodulo.com/turn-centos-box-into-ospf-router-quagga.html
作者:[Sarmed Rahman][a]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://xmodulo.com/author/sarmed
[1]:http://www.nongnu.org/quagga/
[2]:http://xmodulo.com/how-to-disable-selinux.html