반응형
[root@bb-cent-78 ~]# cat /usr/share/doc/quagga-0.99.22.4/bgpd.conf.sample ! -*- bgp -*- ! ! BGPd sample configuratin file ! ! $Id: bgpd.conf.sample,v 1.1 2002/12/13 20:15:29 paul Exp $ ! hostname bgpd password zebra !enable password please-set-at-here ! !bgp mulitple-instance ! router bgp 7675 ! bgp router-id 10.0.0.1 ! network 10.0.0.0/8 ! neighbor 10.0.0.2 remote-as 7675 ! neighbor 10.0.0.2 route-map set-nexthop out ! neighbor 10.0.0.2 ebgp-multihop ! neighbor 10.0.0.2 next-hop-self ! ! access-list all permit any ! !route-map set-nexthop permit 10 ! match ip address all ! set ip next-hop 10.0.0.1 ! !log file bgpd.log ! log stdout |
-quagga 설치
yum install quagga
- static routing or dynamic routing
zebra : static
bgpd : bgp dynamic routing
- 데몬 실행
systemctl start zebra
systemctl start bgpd
- 부팅시 자동 실행
systemctl enable zebra
systemctl enable bgpd
- default config 위치
[root@bb-cent-78 quagga-0.99.22.4]# cat /usr/share/doc/quagga-0.99.22.4/bgpd.conf.sample ! -*- bgp -*- ! ! BGPd sample configuratin file ! ! $Id: bgpd.conf.sample,v 1.1 2002/12/13 20:15:29 paul Exp $ ! hostname bgpd password zebra !enable password please-set-at-here ! !bgp mulitple-instance ! router bgp 7675 ! bgp router-id 10.0.0.1 ! network 10.0.0.0/8 ! neighbor 10.0.0.2 remote-as 7675 ! neighbor 10.0.0.2 route-map set-nexthop out ! neighbor 10.0.0.2 ebgp-multihop ! neighbor 10.0.0.2 next-hop-self ! ! access-list all permit any ! !route-map set-nexthop permit 10 ! match ip address all ! set ip next-hop 10.0.0.1 ! !log file bgpd.log ! log stdout [root@bb-cent-78 quagga-0.99.22.4]# cat /usr/share/doc/quagga-0.99.22.4/zebra.conf.sample ! -*- zebra -*- ! ! zebra sample configuration file ! ! $Id: zebra.conf.sample,v 1.1 2002/12/13 20:15:30 paul Exp $ ! hostname Router password zebra enable password zebra ! ! Interface's description. ! !interface lo ! description test of desc. ! !interface sit0 ! multicast ! ! Static default route sample. ! !ip route 0.0.0.0/0 203.181.89.241 ! !log file zebra.log |
- static/bgp config file path( path 아래 conf파일을 두면, vtysh에서 사용할수 있습니다.
root@bb-cent-78 quagga-0.99.22.4]# cd /etc/quagga/ [root@bb-cent-78 quagga]# ll total 8 -rw-r--r--. 1 root root 566 Nov 1 11:54 bgpd.conf -rw-r-----. 1 quagga quaggavt 0 Nov 1 09:04 vtysh.conf -rw-r-----. 1 quagga quagga 20 Nov 1 09:04 zebra.conf |
- vtysh에서 config 및 show command
bb-cent-78# show run Building configuration... Current configuration: ! hostname bb-cent-78 hostname bgpd log stdout ! password zebra ! interface dummy0 ipv6 nd suppress-ra ! interface ens192 ipv6 nd suppress-ra ! interface ip_vti0 ipv6 nd suppress-ra ! interface lo ! interface lo1 ipv6 nd suppress-ra ! router bgp 7675 bgp router-id 192.168.1.1 network 172.16.0.0/16 network 192.168.10.0/24 neighbor 10.27.34.75 remote-as 7675 ! line vty ! end |
tcpdump
[root@bb-cent-78 ~]# tcpdump -i ens192 -n -vv 'tcp port 179' tcpdump: listening on ens192, link-type EN10MB (Ethernet), capture size 262144 bytes 12:08:43.470800 IP (tos 0xc0, ttl 255, id 12488, offset 0, flags [DF], proto TCP (6), length 71) 10.27.34.75.bgp > 10.27.38.43.55026: Flags [P.], cksum 0x0749 (correct), seq 924116750:924116769, ack 2694998625, win 227, options [nop,nop,TS val 172059278 ecr 168332819], length 19: BGP Keepalive Message (4), length: 19 12:08:43.510829 IP (tos 0xc0, ttl 255, id 12489, offset 0, flags [DF], proto TCP (6), length 52) 10.27.34.75.bgp > 10.27.38.43.55026: Flags [.], cksum 0x20c4 (correct), seq 19, ack 20, win 227, options [nop,nop,TS val 172059319 ecr 168392822], length 0 12:09:43.474135 IP (tos 0xc0, ttl 255, id 12490, offset 0, flags [DF], proto TCP (6), length 71) 10.27.34.75.bgp > 10.27.38.43.55026: Flags [P.], cksum 0x325a (correct), seq 19:38, ack 20, win 227, options [nop,nop,TS val 172119282 ecr 168392822], length 19: BGP Keepalive Message (4), length: 19 12:09:43.474677 IP (tos 0xc0, ttl 255, id 12491, offset 0, flags [DF], proto TCP (6), length 52) 10.27.34.75.bgp > 10.27.38.43.55026: Flags [.], cksum 0x4bfc (correct), seq 38, ack 39, win 227, options [nop,nop,TS val 172119283 ecr 168452826], length 0 12:10:43.477399 IP (tos 0xc0, ttl 255, id 12492, offset 0, flags [DF], proto TCP (6), length 71) 10.27.34.75.bgp > 10.27.38.43.55026: Flags [P.], cksum 0x5d6a (correct), seq 38:57, ack 39, win 227, options [nop,nop,TS val 172179286 ecr 168452826], length 19: BGP Keepalive Message (4), length: 19 12:10:43.477951 IP (tos 0xc0, ttl 255, id 12493, offset 0, flags [DF], proto TCP (6), length 52) 10.27.34.75.bgp > 10.27.38.43.55026: Flags [.], cksum 0x770d (correct), seq 57, ack 58, win 227, options [nop,nop,TS val 172179287 ecr 168512829], length 0 12:11:43.480581 IP (tos 0xc0, ttl 255, id 12494, offset 0, flags [DF], proto TCP (6), length 71) 10.27.34.75.bgp > 10.27.38.43.55026: Flags [P.], cksum 0x887b (correct), seq 57:76, ack 58, win 227, options [nop,nop,TS val 172239290 ecr 168512829], length 19: BGP Keepalive Message (4), length: 19 12:11:43.481277 IP (tos 0xc0, ttl 255, id 12495, offset 0, flags [DF], proto TCP (6), length 52) 10.27.34.75.bgp > 10.27.38.43.55026: Flags [.], cksum 0xa21e (correct), seq 76, ack 77, win 227, options [nop,nop,TS val 172239291 ecr 168572832], length 0 12:12:43.483743 IP (tos 0xc0, ttl 255, id 12496, offset 0, flags [DF], proto TCP (6), length 71) 10.27.34.75.bgp > 10.27.38.43.55026: Flags [P.], cksum 0xb38c (correct), seq 76:95, ack 77, win 227, options [nop,nop,TS val 172299294 ecr 168572832], length 19: BGP Keepalive Message (4), length: 19 12:12:43.484535 IP (tos 0xc0, ttl 255, id 12497, offset 0, flags [DF], proto TCP (6), length 52) 10.27.34.75.bgp > 10.27.38.43.55026: Flags [.], cksum 0xcd2f (correct), seq 95, ack 96, win 227, options [nop,nop,TS val 172299295 ecr 168632835], length 0 12:13:43.486826 IP (tos 0xc0, ttl 255, id 12498, offset 0, flags [DF], proto TCP (6), length 71) 10.27.34.75.bgp > 10.27.38.43.55026: Flags [P.], cksum 0xde9d (correct), seq 95:114, ack 96, win 227, options [nop,nop,TS val 172359298 ecr 168632835], length 19: BGP Keepalive Message (4), length: 19 |
반응형
'IT' 카테고리의 다른 글
Analysis releate to IPSEC VPN (0) | 2023.12.13 |
---|---|
DNS resolve 해보기. (0) | 2023.11.15 |
libreswan으로 host간 IPSec VPN 구성 (0) | 2023.11.01 |
Add to interface in Management Profile on Paloalto (0) | 2021.11.20 |
EVE-NG web consol에 login이 안될때.. (0) | 2020.09.19 |