1. static route

1.1. 構成図

以下のような構成で動作確認を行います。 環境構築方法に関しては、インストール VMwareを参照下さい。

         lo0+--------+e0/0
 10.1.1.1/32| Cisco | .1    192.168.13.0/24
        ----+   R1   +--------┐
            |       |         │
            +---+----+        │.3 eth0
            e0/1│.1      +---+----+
                │        | Vyatta|   lo0 10.3.3.3/32
 192.168.12.0/24│        |   R3   +----
                │        |       | 
            e0/1│.2      +---+----+
            +---+----+        │.3 eth1
            | Cisco |         │
        ----+   R2   +--------┘
 10.2.2.2/32|       | .2    192.168.23.0/24
         lo0+--------+e0/0

1.2. static route 設定

R1, R3に以下のような設定を投入し、互いのLoopback Interface同士が疎通可能になるようにします。

 [R1]
ip route 10.3.3.3 255.255.255.255 192.168.13.3

 [R3]
set protocols static route 10.1.1.1/32 next-hop 192.168.13.1

R1, R3のLoopback Interface同士が疎通可能になった事を確認します。

vyatta@R3:~$ ping 10.1.1.1
PING 10.1.1.1 (10.1.1.1) 56(84) bytes of data.
64 bytes from 10.1.1.1: icmp_req=1 ttl=255 time=14.6 ms
64 bytes from 10.1.1.1: icmp_req=2 ttl=255 time=15.9 ms
^C
--- 10.1.1.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1012ms
rtt min/avg/max/mdev = 14.601/15.268/15.936/0.678 ms
vyatta@R3:~$

2. OSPF

2.1. 構成図

以下のような構成で動作確認を行います。 R2, R3間のみArea 23とし、それ以外はArea 0とします。 R1, R2間のリンクダウンに備え、R2, R3でvirtual linkを確立します。

 Area 0  lo0+--------+e0/0  Area 0
 10.1.1.1/32| Cisco | .1    192.168.13.0/24
        ----+   R1   +--------┐
            |       |         │
            +---+----+        │.3 eth0
            e0/1│.1      +---+----+      Area 0
 Area 0         │        | Vyatta|   lo0 10.3.3.3/32
 192.168.12.0/24│        |   R3   +----
                │        |       | 
            e0/1│.2      +---+----+
            +---+----+        │.3 eth1
            | Cisco |         │
        ----+   R2   +--------┘
 10.2.2.2/32|       | .2    192.168.23.0/24
 Area 0  lo0+--------+e0/0  Area 23

2.2. OSPF 設定

以下のようなOSPF設定を投入します。

 [R1]
router ospf 1
 log-adjacency-changes
 passive-interface default
 no passive-interface Ethernet0/0
 no passive-interface Ethernet0/1
 network 10.1.1.1 0.0.0.0 area 0
 network 192.168.12.1 0.0.0.0 area 0
 network 192.168.13.1 0.0.0.0 area 0

 [R2]
router ospf 1
 log-adjacency-changes
 area 23 virtual-link 10.3.3.3
 passive-interface default
 no passive-interface Ethernet0/0
 no passive-interface Ethernet0/1
 network 10.2.2.2 0.0.0.0 area 0
 network 192.168.12.2 0.0.0.0 area 0
 network 192.168.23.2 0.0.0.0 area 23

 [R3]
set protocols ospf area 0 netowrk 192.168.13.0/24
set protocols ospf area 0 netowrk 10.3.3.3/32
set protocols ospf area 23 netowrk 192.168.23.0/24
set protocols ospf area 23 virtual-link 10.2.2.2

2.3. OSPF 正常系 動作確認

OSPFによるルーティングがなされているかどうか確認します。 以下のように、VyattaはCisco IOSと全く同じコマンドでOSPF情報を確認する事ができます。

vyatta@R3:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
       I - ISIS, B - BGP, > - selected route, * - FIB route

O   10.1.1.1/32 [110/11] via 192.168.13.1, 00:05:34
S>* 10.1.1.1/32 [1/0] via 192.168.13.1, eth0
O>* 10.2.2.2/32 [110/11] via 192.168.23.2, eth1, 00:00:35
O   10.3.3.3/32 [110/10] is directly connected, lo, 00:07:55
C>* 10.3.3.3/32 is directly connected, lo
C>* 127.0.0.0/8 is directly connected, lo
O>* 192.168.12.0/24 [110/20] via 192.168.23.2, eth1, 00:00:34
  *                          via 192.168.13.1, eth0, 00:00:34
O   192.168.13.0/24 [110/10] is directly connected, eth0, 00:07:55
C>* 192.168.13.0/24 is directly connected, eth0
O   192.168.23.0/24 [110/10] is directly connected, eth1, 00:07:55
C>* 192.168.23.0/24 is directly connected, eth1
vyatta@R3:~$
vyatta@R3:~$
vyatta@R3:~$ show ip ospf neighbor

    Neighbor ID Pri State           Dead Time Address         Interface            RXmtL RqstL DBsmL
10.1.1.1          1 Full/Backup       34.404s 192.168.13.1    eth0:192.168.13.3        0     0     0
10.2.2.2          1 Full/Backup       38.195s 192.168.23.2    eth1:192.168.23.3        0     0     0
10.2.2.2          1 Full/DROther      38.928s 192.168.23.2    VLINK0                   0     0     0
vyatta@R3:~$

互いに疎通可能である事を確認します。

R1#ping 10.3.3.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/20/32 ms
R1#

2.4. OSPF 異常系 動作確認

R1, R2間でリンクダウンを発生されます。経路が切り替わり、virtual link経由で疎通可能な事を確認します。

R1(config)#interface Ethernet 0/1
R1(config-if)#shutdown
R1(config-if)#
*Mar  1 00:10:41.159: %OSPF-5-ADJCHG: Process 1, Nbr 10.2.2.2 on Ethernet0/1 from FULL to DOWN, Neighbor Down: Interface down or detached
R1(config-if)#
*Mar  1 00:10:43.147: %LINK-5-CHANGED: Interface Ethernet0/1, changed state to administratively down
*Mar  1 00:10:44.147: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/1, changed state to down
R1(config-if)#do ping 10.2.2.2 repeat 100

Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 10.2.2.2, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!.
Success rate is 98 percent (83/84), round-trip min/avg/max = 16/31/56 ms
R1(config-if)#

3. iBGP

3.1. 構成図

以下のような構成で動作確認を行います。 R1, R2, R3間でiBGP neighborを確立します。 フルメッシュ構成ではないので、R3はroute reflectorとして設定する必要があります。

         lo0+--------+e0/0
 10.1.1.1/32| Cisco | .1    192.168.13.0/24
        ----+   R1   +--------┐
            | AS 123|         │
            +--------+        │.3 eth0
                          +---+----+
                          | Vyatta|   lo0 10.3.3.3/32
                          |   R3   +----
                          | AS 123| 
                          +---+----+
            +--------+        │.3 eth1
            | Cisco |         │
        ----+   R2   +--------┘
 10.2.2.2/32| AS 123| .2    192.168.23.0/24
         lo0+--------+e0/0

以下のようなBGP設定を投入します。 なお、IGBはRIPを使用します。

 [R1]
router rip
 version 2
 network 192.168.13.0
 no auto-summary
!
router bgp 123
 no synchronization
 bgp log-neighbor-changes
 network 10.1.1.1 mask 255.255.255.255
 neighbor 192.168.13.3 remote-as 123
 no auto-summary

 [R2]
router rip
 version 2
 network 192.168.23.0
 no auto-summary
!
router bgp 123
 no synchronization
 bgp log-neighbor-changes
 network 10.2.2.2 mask 255.255.255.255
 neighbor 192.168.23.3 remote-as 123
 no auto-summary

 [R3]
vyatta@R3# show protocols
 bgp 123 {
     neighbor 192.168.13.1 {
         remote-as 123
         route-reflector-client
     }
     neighbor 192.168.23.2 {
         remote-as 123
         route-reflector-client
     }
     network 10.3.3.3/32 {
     }
 }
 rip {
     network 192.168.13.0/24
     network 192.168.23.0/24
 }
[edit]
vyatta@R3#

3.2. 動作確認

BGP構成を確認します。VyattaはCisco IOSと全く同じコマンドで、BGP構成を確認できるようです。

vyatta@R3:~$ show ip bgp
attribute-info   dampened-paths   neighbors        rsclient
cidr-only        filter-list      paths            scan
community        flap-statistics  prefix-list      summary
community-info   ipv4             regexp
community-list   memory           route-map
vyatta@R3:~$ show ip bgp
BGP table version is 0, local router ID is 10.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i10.1.1.1/32      192.168.13.1             0    100      0 i
*>i10.2.2.2/32      192.168.23.2             0    100      0 i
*> 10.3.3.3/32      0.0.0.0                  1         32768 i

Total number of prefixes 3
vyatta@R3:~$ show ip bgp 10.1.1.1
BGP routing table entry for 10.1.1.1/32
Paths: (1 available, best #1, table Default-IP-Routing-Table)
  Advertised to non peer-group peers:
  192.168.23.2
  Local, (Received from a RR-client)
    192.168.13.1 (metric 1) from 192.168.13.1 (10.1.1.1)
      Origin IGP, metric 0, localpref 100, valid, internal, best
      Last update: Sat Aug 18 12:03:12 2012

vyatta@R3:~$
vyatta@R3:~$
vyatta@R3:~$ show ip bgp neighbors 192.168.13.1 advertised-routes
BGP table version is 0, local router ID is 10.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.2.2.2/32      192.168.23.2             0    100      0 i
*> 10.3.3.3/32      192.168.13.3             1    100  32768 i

Total number of prefixes 2
vyatta@R3:~$
vyatta@R3:~$ show ip bgp neighbors 192.168.13.1 routes
BGP table version is 0, local router ID is 10.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i10.1.1.1/32      192.168.13.1             0    100      0 i

Total number of prefixes 1
vyatta@R3:~$
vyatta@R3:~$
vyatta@R3:~$ show ip bgp neighbors 192.168.13.1
BGP neighbor is 192.168.13.1, remote AS 123, local AS 123, internal link
  BGP version 4, remote router ID 10.1.1.1
  BGP state = Established, up for 00:09:58
  Last read 11:58:05, hold time is 180, keepalive interval is 60 seconds
  Neighbor capabilities:
    4 Byte AS: advertised
    Route refresh: advertised and received(old & new)
    Address family IPv4 Unicast: advertised and received
  Message statistics:
    Inq depth is 0
    Outq depth is 0
                         Sent       Rcvd
    Opens:                  1          1
    Notifications:          0          0
    Updates:                4          1
    Keepalives:            11         11
    Route Refresh:          0          0
    Capability:             0          0
    Total:                 16         13
  Minimum time between advertisement runs is 5 seconds

 For address family: IPv4 Unicast
  Route-Reflector Client
  Community attribute sent to this neighbor(both)
  1 accepted prefixes

  Connections established 1; dropped 0
  Last reset never
Local host: 192.168.13.3, Local port: 57639
Foreign host: 192.168.13.1, Foreign port: 179
Nexthop: 192.168.13.3
Nexthop global: fe80::20c:29ff:fe4b:acd3
Nexthop local: ::
BGP connection: non shared network
Read thread: on  Write thread: off

vyatta@R3:~$

疎通可能である事を確認します。

R2#traceroute 10.1.1.1 source 10.2.2.2

Type escape sequence to abort.
Tracing the route to 10.1.1.1

  1 192.168.23.3 16 msec 4 msec 60 msec
  2 192.168.13.1 28 msec 40 msec *
R2#

4. eBGP

4.1. 構成図

以下のような構成で動作確認を行います。 R1, R2間はiBGP neighbor、R1, R3間, R2, R3間はeBGP neighrborとして設定します。

         lo0+--------+e0/0
 10.1.1.1/32| Cisco | .1    192.168.13.0/24
        ----+   R1   +--------┐
            | AS 120|         │
            +---+----+        │.3 eth0
            e0/1│.1      +---+----+
                │        | Vyatta|   lo0 10.3.3.3/32
 192.168.12.0/24│        |   R3   +----
                │        | AS 300| 
            e0/1│.2      +---+----+
            +---+----+        │.3 eth1
            | Cisco |         │
        ----+   R2   +--------┘
 10.2.2.2/32| AS 120| .2    192.168.23.0/24
         lo0+--------+e0/0

以下のようなBGP設定を投入します。 Vyattaでも問題なくmetric, local prefereceなどの制御が可能である事を確認します。

 [R1]
router rip
 version 2
 passive-interface default
 no passive-interface Ethernet0/1
 network 10.0.0.0
 network 192.168.12.0
 no auto-summary
!
router bgp 120
 no synchronization
 bgp log-neighbor-changes
 network 10.1.1.1 mask 255.255.255.255
 neighbor 10.2.2.2 remote-as 120
 neighbor 10.2.2.2 update-source Loopback0
 neighbor 192.168.13.3 remote-as 300
 no auto-summary

 [R2]
router rip
 version 2
 passive-interface default
 no passive-interface Ethernet0/1
 network 10.0.0.0
 network 192.168.12.0
 no auto-summary
!
router bgp 120
 no synchronization
 bgp log-neighbor-changes
 network 10.2.2.2 mask 255.255.255.255
 neighbor 10.1.1.1 remote-as 120
 neighbor 10.1.1.1 update-source Loopback0
 neighbor 192.168.23.3 remote-as 300
 no auto-summary

 [R3]
vyatta@R3# show protocols
 bgp 300 {
     neighbor 192.168.13.1 {
         remote-as 120
         route-map {
             export RMAP-TO-R1
             import RMAP-FROM-R1
         }
     }
     neighbor 192.168.23.2 {
         remote-as 120
     }
     network 10.3.3.3/32 {
     }
 }
[edit]
vyatta@R3# show policy
 prefix-list PREFIX-R1-LOOPBACK {
     rule 10 {
         action permit
         prefix 10.1.1.1/32
     }
 }
 route-map RMAP-FROM-R1 {
     rule 10 {
         action permit
         match {
             ip {
                 address {
                     prefix-list PREFIX-R1-LOOPBACK
                 }
             }
         }
         set {
             local-preference 200
         }
     }
 }
 route-map RMAP-TO-R1 {
     rule 10 {
         action permit
         set {
             metric 500
         }
     }
 }
[edit]
vyatta@R3#

なお、設定変更がBGP neighborまで伝達されない場合は、以下コマンドでBGP neighborを再起動できます。 (soft resetの方法は現在調査中です)。

vyatta@R3:~$ reset ip bgp all
vyatta@R3:~$
*Mar  1 00:43:55.843: %BGP-3-NOTIFICATION: received from neighbor 192.168.13.3 6/4 (cease) 0 bytes
*Mar  1 00:43:55.847: %BGP-5-ADJCHANGE: neighbor 192.168.13.3 Down BGP Notification received
vyatta@R3:~$
*Mar  1 00:44:06.931: %BGP-5-ADJCHANGE: neighbor 192.168.13.3 Up
vyatta@R3:~$

4.2. 動作確認

想定通りのattributeが付与されているかを確認します。 prefix-list, route-map設定に癖はあるものの、想定通りのLocPrfが付与されている事が確認できました。

vyatta@R3:~$ show ip bgp
BGP table version is 0, local router ID is 10.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*  10.1.1.1/32      192.168.23.2                           0 120 i
*>                  192.168.13.1             0    200      0 120 i
*> 10.2.2.2/32      192.168.23.2             0             0 120 i
*> 10.3.3.3/32      0.0.0.0                  1         32768 i

Total number of prefixes 3
vyatta@R3:~$

MEDも想定通りに伝播されています。

R1#show ip bgp
BGP table version is 7, local router ID is 10.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.1.1.1/32      0.0.0.0                  0         32768 i
r>i10.2.2.2/32      10.2.2.2                 0    100      0 i
*>i10.3.3.3/32      192.168.23.3             1    100      0 300 i
*                   192.168.13.3           500             0 300 i
R1#