Hi How can I run two asn on one router? Example: ISP1 | --------------- | AS1 - AS2 | --------------- | ISP2 ISP1 is connected to AS1, ISP2 is connected to AS2. How can I configure connection AS1-AS2 with bgp protocol on localhost (neighbor ip and source address)? -- Miłosz
On Sat, Mar 24, 2012 at 09:00:34AM +0100, Mi??osz Oller wrote:
Hi
Hi.
How can I run two asn on one router?
Example:
ISP1 | --------------- | AS1 - AS2 | --------------- | ISP2
ISP1 is connected to AS1, ISP2 is connected to AS2. How can I configure connection AS1-AS2 with bgp protocol on localhost (neighbor ip and source address)?
What about local option of bgp protocol? http://bird.network.cz/?get_doc&f=bird-6.html#ss6.1
Here is my config file: log syslog all; router id 91.aaa.aaa.1; protocol device { scan time 15; } protocol kernel { export all; scan time 15; } protocol static { route 91.aaa.aaa.0/24 reject; route 91.kkk.kkk.0/22 reject; } filter bgp_out { if net = 91.aaa.aaa.0/24 then accept; else reject; } protocol bgp bgp_bdi { description "BDI"; import all; local as 57zzz; neighbor 83.bbb.bbb.21 as 12nnn; source address 83.bbb.bbb.22; export filter { if source = RTS_STATIC then { bgp_path.prepend(57zzz); accept; } reject; }; } protocol bgp bgp_vop { description "Vop"; import all; export filter { if source = RTS_STATIC then { accept; } reject; }; local as 57zzz; neighbor 109.xxx.xxx.77 as 50yyy; source address 109.xxx.xxx.78; default bgp_local_pref 200; } Now I want add second ASN, which must communicate with 57zzz. -- Miłosz Dnia 2012-03-24, sob o godzinie 15:49 +0400, Oleg pisze:
On Sat, Mar 24, 2012 at 09:00:34AM +0100, Mi??osz Oller wrote:
Hi
Hi.
How can I run two asn on one router?
Example:
ISP1 | --------------- | AS1 - AS2 | --------------- | ISP2
ISP1 is connected to AS1, ISP2 is connected to AS2. How can I configure connection AS1-AS2 with bgp protocol on localhost (neighbor ip and source address)?
What about local option of bgp protocol? http://bird.network.cz/?get_doc&f=bird-6.html#ss6.1
On Sat, 24 Mar 2012, Oleg wrote:
On Sat, Mar 24, 2012 at 09:00:34AM +0100, Mi??osz Oller wrote:
How can I run two asn on one router?
Example:
ISP1 | --------------- | AS1 - AS2 | --------------- | ISP2
ISP1 is connected to AS1, ISP2 is connected to AS2. How can I configure connection AS1-AS2 with bgp protocol on localhost (neighbor ip and source address)?
What about local option of bgp protocol? http://bird.network.cz/?get_doc&f=bird-6.html#ss6.1
The documentation (or the wiki, I don't recall) mentions that you *may* have to handle some AS_PATH details manually. That means it can be done, but the documentation is annoyingly vague about what you have to do to get it to work well (and safely). Anyway, you already have to handle mostly everything manually anyway as far as enforcing route/attribute sanity on BGP import and export. bird automates very little as far as eBGP sanity checking goes: it validades the BGP wire protocol, handles AS4_PATH transparently (annoyingly still documented as "not supported" in one of the bgp protocol headers), and probably a few other details, but that's it. Look at the BGP filtering example in the Wiki, that thing should be part of the official documentation, as it ends up documenting stuff that you _must_ always do in iBGP/eBGP filters... -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh
On Sat, Mar 24, 2012 at 10:23:37AM -0300, Henrique de Moraes Holschuh wrote:
On Sat, 24 Mar 2012, Oleg wrote:
On Sat, Mar 24, 2012 at 09:00:34AM +0100, Mi??osz Oller wrote:
How can I run two asn on one router?
Example:
ISP1 | --------------- | AS1 - AS2 | --------------- | ISP2
ISP1 is connected to AS1, ISP2 is connected to AS2. How can I configure connection AS1-AS2 with bgp protocol on localhost (neighbor ip and source address)?
What about local option of bgp protocol? http://bird.network.cz/?get_doc&f=bird-6.html#ss6.1
The documentation (or the wiki, I don't recall) mentions that you *may* have to handle some AS_PATH details manually. That means it can be done, but the documentation is annoyingly vague about what you have to do to get it to work well (and safely).
Running two sessions with different local AS numbers is possible, but it si definitely an advanced topic and not an expected use case. Probably the most elegant way would be to have two routing tables, one for each local AS (BGP sessions with that local AS connected to that table) and these tables connected with a pipe with filters like (for direction from A to B): bgp_path.append(A); if B ~ bgp_path then reject; (although B ~ bgp_path -> reject would be perhaps better in import filter of BGP protocols of A) Obviously, the issue is a lot simpler if you do not want redistribute routes from one BGP neighbor to another one.
Anyway, you already have to handle mostly everything manually anyway as far as enforcing route/attribute sanity on BGP import and export. bird automates very little as far as eBGP sanity checking goes: it validades the BGP wire protocol, handles AS4_PATH transparently (annoyingly still documented as "not supported" in one of the bgp protocol headers)
Where? I cannot find that.
and probably a few other details, but that's it. Look at the BGP filtering example in the Wiki, that thing should be part of the official documentation, as it ends up documenting stuff that you _must_ always do in iBGP/eBGP filters...
This is generally a mechanism / policy split. BIRD as a BGP daemon implements standard BGP behavior specified by appropriate BGP RFCs, while things like eBGP sanity checks and usual filtering are more like best practices for a BGP policy. These BGP practices differ and evolve regardless of the BGP code/implementation, so it is natural to have such examples in wiki. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Dnia 2012-03-25, nie o godzinie 23:20 +0200, Ondrej Zajicek pisze:
Running two sessions with different local AS numbers is possible, but it si definitely an advanced topic and not an expected use case. Probably the most elegant way would be to have two routing tables, one for each local AS (BGP sessions with that local AS connected to that table) and these tables connected with a pipe with filters like (for direction from A to B):
bgp_path.append(A); if B ~ bgp_path then reject;
(although B ~ bgp_path -> reject would be perhaps better in import filter of BGP protocols of A)
Obviously, the issue is a lot simpler if you do not want redistribute routes from one BGP neighbor to another one.
Is it something like in Wiki - BGP Example 2? I have two upstream peers: A (ISP1) and B (ISP2), and two local ASN: C and D (one router). Now AS C connects with A and B - this configuration works ok. But I must add ASN D. ASN A will connect with D, B with C, and C with D. Like this: A - {D - C} - B -- Miłosz
I have run a bird router with two ASNs for a limited time at one point. The way I had to run it was to have 3 routing tables, one for the first ASN, one for the second ASN, and finally one for the port on the router that was being connected to my customer equipment / network. I also needed to look up multihomed linux routing on a lot of sources to find the correct ways of adding incoming traffic rules to make sure that traffic that came in on one connection left on the same connection. It seemed like a relatively easy project, but it took me days bashing my head against various walls getting it completely set up and stable. I have various static routes that needed to be put in place to make it all work. -----Original Message----- From: "Miłosz Oller" <milosz@sys-com.pl> Sent: Sunday, March 25, 2012 5:47pm To: "Ondrej Zajicek" <santiago@crfreenet.org> Cc: "Henrique de Moraes Holschuh" <hmh@hmh.eng.br>, "Oleg" <lego12239@yandex.ru>, bird-users@trubka.network.cz Subject: Re: One router - Two ASN Dnia 2012-03-25, nie o godzinie 23:20 +0200, Ondrej Zajicek pisze:
Running two sessions with different local AS numbers is possible, but it si definitely an advanced topic and not an expected use case. Probably the most elegant way would be to have two routing tables, one for each local AS (BGP sessions with that local AS connected to that table) and these tables connected with a pipe with filters like (for direction from A to B):
bgp_path.append(A); if B ~ bgp_path then reject;
(although B ~ bgp_path -> reject would be perhaps better in import filter of BGP protocols of A)
Obviously, the issue is a lot simpler if you do not want redistribute routes from one BGP neighbor to another one.
Is it something like in Wiki - BGP Example 2? I have two upstream peers: A (ISP1) and B (ISP2), and two local ASN: C and D (one router). Now AS C connects with A and B - this configuration works ok. But I must add ASN D. ASN A will connect with D, B with C, and C with D. Like this: A - {D - C} - B -- Miłosz
Have you sample bird configuration? -- Miłosz Oller CEO ul. Cegielniana 8, 89-501 Tuchola GSM: + 48 603 030 347 http://sys-com.pl NIP: 561-154-09-00 REGON: 340779520 Możesz nam zaufać, jesteśmy sprawdzoną firmą! Sprawdź naszą rzetelność na http://www.rzetelnafirma.pl/5C9EY1P6 Ta wiadomość i jakiekolwiek pliki przesłane wraz z nią, są poufne i przeznaczone wyłącznie do użytku osób i jednostek, do których wiadomość została adresowana. Jeśli wiadomość została otrzymana pomyłkowo, prosimy zawiadomić administratora systemu. Ta wiadomość zawiera informacje poufne i jest przeznaczona wyłącznie dla wymienionej osoby. Jeśli nie jesteś wymienionym adresatem tej wiadomości, nie powinieneś jej rozpowszechniać, rozsyłać ani kopiować. Prosimy o natychmiastowe powiadomienie, za pośrednictwem poczty elektronicznej, nadawcy o pomyłkowym otrzymaniu tej wiadomości i usunięcie jej z komputera. Jeśli nie jesteś zamierzonym odbiorcą tej wiadomości, informujemy, że jej ujawnianie, kopiowanie, przesyłanie lub podejmowanie jakichkolwiek działań w związku z treścią tej wiadomości jest surowo wzbronione. Dnia 2012-03-26, pon o godzinie 17:13 -0700, dspazman@epicup.com pisze:
I have run a bird router with two ASNs for a limited time at one point.
The way I had to run it was to have 3 routing tables, one for the first ASN, one for the second ASN, and finally one for the port on the router that was being connected to my customer equipment / network. I also needed to look up multihomed linux routing on a lot of sources to find the correct ways of adding incoming traffic rules to make sure that traffic that came in on one connection left on the same connection.
It seemed like a relatively easy project, but it took me days bashing my head against various walls getting it completely set up and stable. I have various static routes that needed to be put in place to make it all work.
-----Original Message----- From: "Miłosz Oller" <milosz@sys-com.pl> Sent: Sunday, March 25, 2012 5:47pm To: "Ondrej Zajicek" <santiago@crfreenet.org> Cc: "Henrique de Moraes Holschuh" <hmh@hmh.eng.br>, "Oleg" <lego12239@yandex.ru>, bird-users@trubka.network.cz Subject: Re: One router - Two ASN
Dnia 2012-03-25, nie o godzinie 23:20 +0200, Ondrej Zajicek pisze:
Running two sessions with different local AS numbers is possible, but it si definitely an advanced topic and not an expected use case. Probably the most elegant way would be to have two routing tables, one for each local AS (BGP sessions with that local AS connected to that table) and these tables connected with a pipe with filters like (for direction from A to B):
bgp_path.append(A); if B ~ bgp_path then reject;
(although B ~ bgp_path -> reject would be perhaps better in import filter of BGP protocols of A)
Obviously, the issue is a lot simpler if you do not want redistribute routes from one BGP neighbor to another one.
Is it something like in Wiki - BGP Example 2? I have two upstream peers: A (ISP1) and B (ISP2), and two local ASN: C and D (one router). Now AS C connects with A and B - this configuration works ok. But I must add ASN D. ASN A will connect with D, B with C, and C with D. Like this: A - {D - C} - B
No, I don't. I don't use it anymore. But it was similar to this: http://lartc.org/howto/lartc.rpdb.multiple-links.html on the Linux side, and then using the multiple bird tables as in the examples. -----Original Message----- From: "Miłosz Oller" <milosz@sys-com.pl> Sent: Tuesday, March 27, 2012 9:45am To: bird-users@atrey.karlin.mff.cuni.cz Subject: Re: One router - Two ASN Have you sample bird configuration? -- Miłosz Oller CEO ul. Cegielniana 8, 89-501 Tuchola GSM: + 48 603 030 347 http://sys-com.pl NIP: 561-154-09-00 REGON: 340779520 Możesz nam zaufać, jesteśmy sprawdzoną firmą! Sprawdź naszą rzetelność na http://www.rzetelnafirma.pl/5C9EY1P6 Ta wiadomość i jakiekolwiek pliki przesłane wraz z nią, są poufne i przeznaczone wyłącznie do użytku osób i jednostek, do których wiadomość została adresowana. Jeśli wiadomość została otrzymana pomyłkowo, prosimy zawiadomić administratora systemu. Ta wiadomość zawiera informacje poufne i jest przeznaczona wyłącznie dla wymienionej osoby. Jeśli nie jesteś wymienionym adresatem tej wiadomości, nie powinieneś jej rozpowszechniać, rozsyłać ani kopiować. Prosimy o natychmiastowe powiadomienie, za pośrednictwem poczty elektronicznej, nadawcy o pomyłkowym otrzymaniu tej wiadomości i usunięcie jej z komputera. Jeśli nie jesteś zamierzonym odbiorcą tej wiadomości, informujemy, że jej ujawnianie, kopiowanie, przesyłanie lub podejmowanie jakichkolwiek działań w związku z treścią tej wiadomości jest surowo wzbronione. Dnia 2012-03-26, pon o godzinie 17:13 -0700, dspazman@epicup.com pisze:
I have run a bird router with two ASNs for a limited time at one point.
The way I had to run it was to have 3 routing tables, one for the first ASN, one for the second ASN, and finally one for the port on the router that was being connected to my customer equipment / network. I also needed to look up multihomed linux routing on a lot of sources to find the correct ways of adding incoming traffic rules to make sure that traffic that came in on one connection left on the same connection.
It seemed like a relatively easy project, but it took me days bashing my head against various walls getting it completely set up and stable. I have various static routes that needed to be put in place to make it all work.
-----Original Message----- From: "Miłosz Oller" <milosz@sys-com.pl> Sent: Sunday, March 25, 2012 5:47pm To: "Ondrej Zajicek" <santiago@crfreenet.org> Cc: "Henrique de Moraes Holschuh" <hmh@hmh.eng.br>, "Oleg" <lego12239@yandex.ru>, bird-users@trubka.network.cz Subject: Re: One router - Two ASN
Dnia 2012-03-25, nie o godzinie 23:20 +0200, Ondrej Zajicek pisze:
Running two sessions with different local AS numbers is possible, but it si definitely an advanced topic and not an expected use case. Probably the most elegant way would be to have two routing tables, one for each local AS (BGP sessions with that local AS connected to that table) and these tables connected with a pipe with filters like (for direction from A to B):
bgp_path.append(A); if B ~ bgp_path then reject;
(although B ~ bgp_path -> reject would be perhaps better in import filter of BGP protocols of A)
Obviously, the issue is a lot simpler if you do not want redistribute routes from one BGP neighbor to another one.
Is it something like in Wiki - BGP Example 2? I have two upstream peers: A (ISP1) and B (ISP2), and two local ASN: C and D (one router). Now AS C connects with A and B - this configuration works ok. But I must add ASN D. ASN A will connect with D, B with C, and C with D. Like this: A - {D - C} - B
Hi How should be configured neighbor and source address with two ASNs? Localhost IP? -- Miłosz
participants (5)
-
dspazman@epicup.com -
Henrique de Moraes Holschuh -
Miłosz Oller -
Oleg -
Ondrej Zajicek