Home > System Tutorial > LINUX > Turn your CentOS into an OSPF router

Turn your CentOS into an OSPF router

王林
Release: 2024-01-10 09:10:22
forward
996 people have browsed it
Introduction Quagga is an open source routing software suite that turns Linux into a router that supports major routing protocols such as RIP, OSPF, BGP and IS-IS. It has full support for IPv4 and IPv6 and supports route/prefix filtering. Quagga can be a lifesaver in case your production router ever goes down and you don't have a spare but are waiting for a replacement. With proper configuration, Quagga can even function as a production router.

将你的 CentOS 变成 OSPF 路由器

In this tutorial, we will connect two branch office networks assuming there is a dedicated line connection between them (for example, 192.168.1.0/24 and 172.17.1.0/24).

将你的 CentOS 变成 OSPF 路由器

Our CentOS is on both ends of said private link. The two host names are set to "site-A-RTR" and "site-B-RTR' respectively. The following are the details of the IP addresses.
•Site-A: 192.168.1.0/24
•Site-B: 172.16.1.0/24
•Peer-to-peer network between two Linux routers: 10.10.10.0/30

Quagga includes several daemons that work together. In this tutorial, we will focus on setting up the following daemons.
1.Zebra: Core daemon, responsible for kernel interface and static routing.
2.Ospfd: IPv4 OSPF daemon.

Installing Quagga on CentOS

We use yum to install Quagga.

# yum install quagga
Copy after login

In CentOS7, SELinux will prevent quagga from writing configuration files to /usr/sbin/zebra by default. This SELinux policy will interfere with the installation process we will introduce next, so we need to disable this policy. For this, either turning off SELinux (not recommended here) or enabling "zebrawriteconfig" as follows will work. If you are using CentOS 6 please skip this step.

# setsebool -P zebra_write_config 1
Copy after login

If this modification is not made, we will see the following error when we try to save the configuration in the Quagga command line.

Can't open configuration file /etc/quagga/zebra.conf.OS1Uu5.
Copy after login

After installing Quagga, we need to configure the necessary peer IP addresses and update OSPF settings. Quagga comes with a command line called vtysh. The Quagga commands used in vtysh are similar to those of major router manufacturers such as Cisco and Juniper.

Step 1: Configure Zebra

We first create the Zebra configuration file and enable the Zebra daemon.

# cp /usr/share/doc/quagga-XXXXX/zebra.conf.sample /etc/quagga/zebra.conf
# service zebra start
# chkconfig zebra on 
Copy after login

Start vtysh command line:

#vtysh
Copy after login

First, we configure the log file for Zebra. Enter the following command to enter the global configuration mode of vtysh:

site-A-RTR# configure terminal
Copy after login

Specify the log file location, then exit the mode:

site-A-RTR(config)# log file /var/log/quagga/quagga.log
site-A-RTR(config)# exit
Copy after login

Save configuration permanently:

site-A-RTR# write
Copy after login

Next, we need to identify the available interfaces and configure their IP addresses as needed.

site-A-RTR# show interface
Copy after login
Interface eth0 is up, line protocol detection is disabled
. . . . .
Interface eth1 is up, line protocol detection is disabled
. . . . .
Copy after login

Configure eth0 parameters:

site-A-RTR# configure terminal
site-A-RTR(config)# interface eth0
site-A-RTR(config-if)# ip address 10.10.10.1/30
site-A-RTR(config-if)# description to-site-B
site-A-RTR(config-if)# no shutdown
Copy after login

Continue to configure eth1 parameters:

site-A-RTR(config)# interface eth1
site-A-RTR(config-if)# ip address 192.168.1.1/24
site-A-RTR(config-if)# description to-site-A-LAN
site-A-RTR(config-if)# no shutdown
Copy after login

Now verify the configuration:

site-A-RTR(config-if)# do show interface
Copy after login
Interface eth0 is up, line protocol detection is disabled
. . . . .
  inet 10.10.10.1/30 broadcast 10.10.10.3
. . . . .
Interface eth1 is up, line protocol detection is disabled
. . . . .
  inet 192.168.1.1/24 broadcast 192.168.1.255
. . . . .
Copy after login
site-A-RTR(config-if)# do show interface description
Copy after login
Interface      Status  Protocol  Description
eth0           up      unknown   to-site-B
eth1           up      unknown   to-site-A-LAN
Copy after login

Save configuration permanently:

site-A-RTR(config-if)# do write
Copy after login

Repeat the above steps to configure the IP address on site-B.

If all goes well, you should be able to ping the peer IP address 10.10.10.2 on site-B from site-A's server.

Note: Once the Zebra daemon is started, any changes in the vtysh command line will take effect immediately. Therefore there is no need to restart the Zebra daemon after changing the configuration.

Step 2: Configure OSPF

We first create the OSPF configuration file and start the OSPF daemon:

# cp /usr/share/doc/quagga-XXXXX/ospfd.conf.sample /etc/quagga/ospfd.conf
# service ospfd start
# chkconfig ospfd on
Copy after login

Now start the vtysh command line to continue OSPF configuration:

# vtysh
Copy after login

Enter routing configuration mode:

site-A-RTR# configure terminal
site-A-RTR(config)# router ospf
Copy after login

Optional configuration routing id:

site-A-RTR(config-router)# router-id 10.10.10.1
Copy after login

Network added in OSPF:

site-A-RTR(config-router)# network 10.10.10.0/30 area 0
site-A-RTR(config-router)# network 192.168.1.0/24 area 0
Copy after login

Save configuration permanently:

site-A-RTR(config-router)# do write
Copy after login

Repeat OSPF configuration similar to above on site-B:

site-B-RTR(config-router)# network 10.10.10.0/30 area 0
site-B-RTR(config-router)# network 172.16.1.0/24 area 0
site-B-RTR(config-router)# do write
Copy after login

The OSPF neighbor should now be started. As long as ospfd is running, any OSPF-related configuration changes made through vtysh will take effect immediately without restarting ospfd.

verify

1. Pass ping test

First you should be able to ping the same LAN subnet as site-B from site-A. Make sure your firewall is not blocking ping traffic.

[root@site-A-RTR ~]# ping 172.16.1.1 -c 2
Copy after login

2. Check routing table

The necessary routes should appear in both the kernel and Quagga reason tables.

[root@site-A-RTR ~]# ip route
Copy after login
10.10.10.0/30 dev eth0  proto kernel  scope link  src 10.10.10.1
172.16.1.0/30 via 10.10.10.2 dev eth0  proto zebra  metric 20
192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.1
Copy after login
[root@site-A-RTR ~]# vtysh
site-A-RTR# show ip route
Copy after login
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
      I - ISIS, B - BGP, > - selected route, * - FIB route
 
O>* 10.10.10.0/30 [110/10] is directly connected, eth0, 00:14:29
C>* 10.10.10.0/30 is directly connected, eth0
C>* 127.0.0.0/8 is directly connected, lo
O>* 172.16.1.0/30 [110/20] via 10.10.10.2, eth0, 00:14:14
C>* 192.168.1.0/24 is directly connected, eth1
Copy after login

3. Verify OSPF neighbors and routes

In the vtysh command line, you can check whether the necessary neighbors are online and whether appropriate routes have been learned.

[root@site-A-RTR ~]# vtysh
site-A-RTR# show ip ospf neighbor
Copy after login

In this tutorial, we will focus on configuring basic OSPF using Quagga. In general, Quagga allows us to easily configure dynamic routing protocols such as OSPF, RIP or BGP on an ordinary Linux machine. Quagga-enabled machines can communicate and exchange routing information with other routers on your network. Because it supports the major open standard routing protocols, it may be the first choice in many situations. What's more, Quagga's command line interface is nearly identical to that of major router vendors such as Cisco and Juniper, which makes deploying and maintaining Quagga machines very easy.


The above is the detailed content of Turn your CentOS into an OSPF router. For more information, please follow other related articles on the PHP Chinese website!

source:linuxprobe.com
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template