We use BGP quite heavily at work, and even though I'm not interacting with that directly, it feels like it's something very useful to learn at least on some basic level. The most effective and fun way of learning technology is finding some practical application, so I decided to see if it could help to improve networking management for my Virtual Machines.
My setup is fairly simple: I have a host that runs bhyve VMs and I have a desktop system from where I ssh to VMs, both hosts run FreeBSD. All VMs are connected to each other through a bridge and have a common network 10.0.1/24. The point of this exercise is to be able to ssh to these VMs from desktop without adding static routes and without adding vmhost's external interfaces to the VMs bridge.
I've installed openbgpd on both hosts and configured it like this:
vmhost: /usr/local/etc/bgpd.conf
AS 65002
router-id 192.168.87.48
fib-update no
network 10.0.1.1/24
neighbor 192.168.87.41 {
descr "desktop"
remote-as 65001
}
Here, router-id is set vmhost's IP address in my home network (192.168.87/24), fib-update no is set to forbid routing table update, which I initially set for testing, but keeping it as vmhost is not supposed to learn new routes from desktop anyway. network announces my VMs network and neighbor describes my desktop box.
Now the desktop box:
desktop: /usr/local/etc/bgpd.conf
AS 65001
router-id 192.168.87.41
fib-update yes
neighbor 192.168.87.48 {
descr "vmhost"
remote-as 65002
}
It's pretty similar to vmhost's bgpd.conf, but no networks are announced here, and fib-update is set to yes because the whole point is to get VM routes added.
Both hosts have to have the openbgpd service enabled:
/etc/rc.conf.local
openbgpd_enable="YES"
Now start the service (or wait until next reboot) using service openbgpd start and check if neighbors are there:
vmhost: bgpctl show summary
$ bgpctl show summary
Neighbor AS MsgRcvd MsgSent OutQ Up/Down State/PrfRcvd
desktop 65001 1089 1090 0 09:03:17 0
$
desktop: bgpctl show summary
$ bgpctl show summary
Neighbor AS MsgRcvd MsgSent OutQ Up/Down State/PrfRcvd
vmhost 65002 1507 1502 0 09:04:58 1
$
Get some detailed information about the neighbor:
desktop: bgpctl sh nei vmhost
$ bgpctl sh nei vmhost
BGP neighbor is 192.168.87.48, remote AS 65002
Description: vmhost
BGP version 4, remote router-id 192.168.87.48
BGP state = Established, up for 09:06:25
Last read 00:00:21, holdtime 90s, keepalive interval 30s
Neighbor capabilities:
Multiprotocol extensions: IPv4 unicast
Route Refresh
Graceful Restart: Timeout: 90, restarted, IPv4 unicast
4-byte AS numbers
Message statistics:
Sent Received
Opens 3 3
Notifications 0 2
Updates 3 6
Keepalives 1499 1499
Route Refresh 0 0
Total 1505 1510
Update statistics:
Sent Received
Updates 0 1
Withdraws 0 0
End-of-Rib 1 1
Local host: 192.168.87.41, Local port: 179
Remote host: 192.168.87.48, Remote port: 13528
$
By the way, as you can see, bgpctl supports shortened commands, e.g. sh nei instead of show neighbor.
Now look for that VMs route:
desktop: bgpctl show rib
$ sudo bgpctl show rib
flags: * = Valid, > = Selected, I = via IBGP, A = Announced, S = Stale
origin: i = IGP, e = EGP, ? = Incomplete
flags destination gateway lpref med aspath origin
*> 10.0.1.0/24 192.168.87.48 100 0 65002 i
$
So that VMs network, 10.0.1/24, it's there! Now check if the system routing table was updated and has this route:
desktop
$ route -n get 10.0.1.45
route to: 10.0.1.45
destination: 10.0.1.0
mask: 255.255.255.0
gateway: 192.168.87.48
fib: 0
interface: re0
flags:
recvpipe sendpipe ssthresh rtt,msec mtu weight expire
0 0 0 0 1500 1 0
$ ping -c 1 10.0.1.45
PING 10.0.1.45 (10.0.1.45): 56 data bytes
64 bytes from 10.0.1.45: icmp_seq=0 ttl=63 time=0.192 ms
--- 10.0.1.45 ping statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.192/0.192/0.192/0.000 ms
$
Whoa, things work as expected!
Conclusion
As mentioned already, similar result could be achieved without using BGP by using either static routes or bridging interfaces differently, but the purpose of this exercise is to get some basic hands-on experience with BGP. Right now I'm looking into extending my setup in order to try more complex BGP schema. I'm thinking about adding some software switches in front of my VMs or maybe adding a second VM host (if budget allows). You're welcome to comment if you have some ideas how to extend this setup for educational purposes in the context of BGP and networking.
As a side note, I really like openbgpd so far. Its configuration file format is clean and simple, documentation is good, error and information messages are clear, and CLI has intuitive syntax.
ReplyDeleteWhoa! This blog looks just like my old one! It’s on a totally different subject but it has pretty much the same page layout and design. Excellent choice of colors!
how to write a persuasive essay
The development of artificial intelligence (AI) has propelled more programming architects, information scientists, and different experts to investigate the plausibility of a vocation in machine learning. Notwithstanding, a few newcomers will in general spotlight a lot on hypothesis and insufficient on commonsense application. machine learning projects for final year In case you will succeed, you have to begin building machine learning projects in the near future.
DeleteProjects assist you with improving your applied ML skills rapidly while allowing you to investigate an intriguing point. Furthermore, you can include projects into your portfolio, making it simpler to get a vocation, discover cool profession openings, and Final Year Project Centers in Chennai even arrange a more significant compensation.
Data analytics is the study of dissecting crude data so as to make decisions about that data. Data analytics advances and procedures are generally utilized in business ventures to empower associations to settle on progressively Python Training in Chennai educated business choices. In the present worldwide commercial center, it isn't sufficient to assemble data and do the math; you should realize how to apply that data to genuine situations such that will affect conduct. In the program you will initially gain proficiency with the specialized skills, including R and Python dialects most usually utilized in data analytics programming and usage; Python Training in Chennai at that point center around the commonsense application, in view of genuine business issues in a scope of industry segments, for example, wellbeing, promoting and account.
The Nodejs Projects Angular Training covers a wide range of topics including Components, Angular Directives, Angular Services, Pipes, security fundamentals, Routing, and Angular programmability. The new Angular TRaining will lay the foundation you need to specialise in Single Page Application developer. Angular Training
How to write a paper you don't want to write? Order it at https://writeanessayfor.me/
ReplyDeleteIf you're looking for a date but not sure whether the dating site is a safe place, check our VictoriaMilan Review review.
ReplyDeleteThey’re also often on the move a lot, which makes finding time to sit down and write assignments somewhat of a hassle. http://t230oup7yw.dip.jp http://zf9naevowf.dip.jp http://jzyzvw9v2d.dip.jp
ReplyDeleteInteresting blog, here a lot of valuable information is available, it is very useful information.
ReplyDeleteOpenstack Training
Openstack Training Online
Openstack Training in Hyderabad
Poker online situs terbaik yang kini dapat dimainkan seperti Bandar Poker yang menyediakan beberapa situs lainnya seperti http://62.171.128.49/hondaqq/ , kemudian http://62.171.128.49/gesitqq/, http://62.171.128.49/gelangqq/, dan http://62.171.128.49/seniqq. yang paling akhir yaitu http://62.171.128.49/pokerwalet/. Jangan lupa mendaftar di panenqq silakan dicoba bosku serta salam hoki
ReplyDeleteozm page
ReplyDeletePHP Training in Chennai | Certification | Online Training Course | Machine Learning Training in Chennai | Certification | Online Training Course | iOT Training in Chennai | Certification | Online Training Course | Blockchain Training in Chennai | Certification | Online Training Course | Open Stack Training in Chennai |
Certification | Online Training Course
Thanks for one marvelous posting! I enjoyed reading it; you are a great author. I will make sure to bookmark your blog and may come back someday. I want to encourage that you continue your great posts.
ReplyDeleteFull Stack Training in Chennai
Full Stack Course Chennai
Full Stack Training in Bangalore
Full Stack Course in Bangalore
Full Stack Training in Hyderabad
Full Stack Course in Hyderabad
Full Stack Training
Full Stack Course
Full Stack Online Training
Full Stack Online Course
Am really impressed about this blog because this blog is very easy to learn and understand clearly.This blog is very useful for the college students and researchers to take a good notes in good manner,I gained many unknown information.
ReplyDeleteData Science Training In Chennai
Data Science Online Training In Chennai
Data Science Training In Bangalore
Data Science Training In Hyderabad
Data Science Training In Coimbatore
Data Science Training
Data Science Online Training