headers
David H | 17 May 2013 00:14
Picon

[quagga-users 13282] Pulling local linux routes into zebra for bgp redistribution?

I'm in the process of setting up Quagga for use as an RTBH router and am trying to make it as simple as possible for staff to add routes to be injected.  At first I was going to do just bgpd but I need to apply different communities under certain conditions, so I added zebra and am doing redistribute static with a route map on the bgpd side.  Now I can go into zebra and add static routes and they get populated to bgp and off to the border routers and upstreams just fine, but looking to make that easier.  I noticed on linux that "ip route show" lists routes I've added for blocking in zebra, for example:

blackhole 1.2.3.4  proto zebra

I was curious if there's a linux command I could use to add those routes myself and then zebra would pick them up?  That would make it very easy to script an interface for our noc staff to use to quickly blackhole or block someone.  Perhaps something like "ip route add blackhole 1.2.3.4/32 proto zebra"?  I did that and it ended up in the routing table of the kernel but not in zebra and therefore not in bgpd.  Or if no option there, is there a command line method of adding a static route to zebra that doesn't require going into the telnet vty interface, conf t, etc.?

On a side note, I noticed someone requesting route tag support back in 2004 (http://lists.quagga.net/pipermail/quagga-users/2004-October/002857.html) and occassionally since then.  Any chance that feature is being worked on?  It would make RTBH router deployment a lot easier.  Since I need to tag different routes with different communities based on whether they're for blackholing or remote blocking, I'm having to do some very creative prefix lists with length restrictions to make sure the right type of routes are tagged the right way.

Thanks,

Dave
_______________________________________________
Quagga-users mailing list
Quagga-users@...
http://lists.quagga.net/mailman/listinfo/quagga-users
Permalink | Reply | 1 comment |
headers
Charlet, Ricky | 16 May 2013 23:22
Picon
Favicon

[quagga-users 13281] Q: seeking a `clear ip ospf process` command

Howdy,
        I was looking for an equivalent of `clear ip ospf process` which would restart ospfd. Is there any similar
thing in quagga?  I see a few `clear bgp ...` thingies.

--
Ricky Charlet
Software Dev / Routing Dude: Aries team, Roseville CA
ricky.charlet@...<mailto:ricky.charlet@...>
USA: 916.785.2090
Permalink | Reply | 0 comments |
headers
mironto | 16 May 2013 10:19
Picon
Favicon

[quagga-users 13277] kernel crash running quagga

Hello,

 

yesterday around 16:10 CET we experienced kernel crash on a box running quagga and peering to Cogent. According to our findings we suspect some malicious/malformed/unsupported IPv6 updates. Our other upsream peering on exactly the same box did not experience any problems.

 

We are running quagga 0.99.20 on debian squeeze 3.0.28 x86_64.

 

Anybody else experienced similar issues with Cogent or other ISP?

 

Thanks.

 

Miro

_______________________________________________
Quagga-users mailing list
Quagga-users@...
http://lists.quagga.net/mailman/listinfo/quagga-users
Permalink | Reply | 0 comments |
headers
CPN | 15 May 2013 23:58
Favicon

[quagga-users 13274] Drop packets problem

Hi ALL...

I have quagga (version 0.99.15) and i have two backbone. I having 
problem when the packet in at backbone A and out backbone B, the linux 
is droping the packet.

Someone know what can happening?

regards,
Cristian
Permalink | Reply | 3 comments |
headers
Balaji venkat Venkataswami | 8 May 2013 21:18
Picon

[quagga-users 13271] Request for latest documentation of Quagga BGP

Dear all,

Does the BGP daemon support more than what the official documentation says it does ?

If so, is there any other documentation available that has an updated list of commands supported ?

If not then fine.

thanks and regards,
balaji venkat

PS : I looked at www.nongnu.org/Quagga documentation.
_______________________________________________
Quagga-users mailing list
Quagga-users@...
http://lists.quagga.net/mailman/listinfo/quagga-users
Permalink | Reply | 0 comments |
headers
Bulent Malik | 7 May 2013 22:40
Picon

[quagga-users 13270] Re: Quagga-users Digest, Vol 115, Issue 6

>>Subject: [quagga-users 13159] Re: bgpd crash on freebsd 8.3, 0.99.21
>>	from the fbsd ports
>>Message-ID: <20130222054111.GD8239@...>
>>Content-Type: text/plain; charset=us-ascii

>>Hi!

>> This looks like a rather severe issue.  Can you:
>> - try with 0.99.22 (should work without modifications on FreeBSD)

>I'll check.

>> - attach a debugger to get a backtrace

>I'll investigate.

>> Also, does this happen reliably?

>It happened twice in the last few days, never before.
>It only happened on one of four systems, to one transit.

>The other quagga instances running the same or older versions.

Hello guys

Is there result or soluton about that ?
Permalink | Reply | 1 comment |
headers
Ace Slash | 4 May 2013 02:03
Picon

[quagga-users 13268] Advice on hardware/OS for BGP router

Hi,

I have to set up 2 quagga that will have to handle 2 BGP (full table)
neighbors, an IBGP session between them and some ospf, like this :
                                     ||
       Datacenter A                  ||                   Datacenter B
                                     ||
  AS ISP 1      AS ISP 2             ||              AS ISP 1      AS ISP 2
         |      |                    ||                     |      |
         |      |                    ||                     |      |
         |      |                    ||                     |      |
         |      |                  Our AS                   |      |
     +---+------+---+                ||                 +---+------+---+
     |              |                ||                 |              |
     |   Quagga A   |                ||                 |   Quagga B   |
     |              |/___________IBGP  OSPF____________\|              |
     +------+-------+                ||                 +------+-------+
            |                        ||                        |
            |OSPF                    ||                        |OSPF
            |                        ||                        |
            V                        ||                        V

They will serve some fairly busy network (outgoing = 150Mbps average
and incoming = 50Mbps at peak hour).

I have some old Dell 1425 with 3Ghz QuadCore CPU/8GB RAM/Intergrated
Intel 82541GI network card + Intel PCI 82546GB quad port card and I'm
wondering if they can handle it... and if they can, if I should
install a freebsd or a Linux on those (I'm more comfortable with Linux
but if there is a significant gain from freebsd, I may consider it).

If I need something better than those 1425, please give me some advice
on what kind of hardware I should look for.

Thank you for your time,
Regards,
A.
Permalink | Reply | 1 comment |
headers
Arpit Gupta | 3 May 2013 22:08
Picon

[quagga-users 13267] Problem with quagga/zebra, symbol lookup error


When I run /etc/init.d/quagga restart (or start)

I am getting this message
"..
Loading capbility module if not done already
Starting quagga daemons (prio:10): zebra/usr/lib/quagga/zebra: symbol lookup error: /usr/lib/quagga/zebra: undefined symbol: setsockopt_ipv6_multicast_hops
"

I am using quagga version 0.99.20.1

The same thing is working over other VMs except this one. All my VM use Ubunutu 12.04.
I tried rebooting. reinstalling quagga etc. 

I also tried various combinations, without zebra enabled in daemons file its works fine, as soon as I enable zebra, it gives this error. It will be great if I can get some help form the community. Also let me know what information I should share to assist debugging this issue.  

--
Thanks &  Regards,
Arpit Gupta
http://sites.google.com/site/lotuseaterarpit/ 
_______________________________________________
Quagga-users mailing list
Quagga-users@...
http://lists.quagga.net/mailman/listinfo/quagga-users
Permalink | Reply | 0 comments |
headers
sidlo.marek-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org | 2 May 2013 03:08
Picon

[quagga-users 13257] Analyze in/out traffic by ASN with quagga

Hello.

I have quagga installed with 2 peers and I'd like to analyze incoming 
and outgoing traffic by ASN.

I found only pmacctd which can simulate netflow. In the manual there is 
something about to configure to work with quagga, but I can't do it:
[...]
http://wiki.pmacct.net/OfficialExamples
X. Quickstart guide to setup a NetFlow agent/probe
[...]

How to analyze the traffic by ASN using quagga? In the CISCO there is 
netflow v9 in which we can analyze the traffic by ASN, how to do it in 
Linux using quagga?

Regards,

--

-- 
Mark.
Permalink | Reply | 8 comments |
headers
André Gustavo N. Lopes | 24 Apr 2013 20:42
Picon

[quagga-users 13255] vtysh in config mode

is there a way of opening vtysh in config mode?

--

-- 
André Gustavo N. Lopes
Equipe TI Onda Empresas
Tel: +55(41)3331-8282
Fax: +55(41)3331-8256

Onda Empresas
www.ondaempresas.com.br
Serviços e Soluções em Data Center, TI e Telecom

"Este endereço de e-mail se destina exclusivamente ao uso profissional. Todo o conteúdo nele inserido
é de responsabilidade exclusiva de seu remetente e não reflete, necessariamente, a opinião ou o ponto
de vista oficial do Onda Provedor de Serviços S/A.

A mensagem, incluindo seus anexos, pode conter informações legais privilegiadas e/ou confidenciais,
não podendo ser retransmitida, arquivada, divulgada ou copiada sem autorização expressa do
remetente. Caso tenha recebido esta mensagem por engano, por favor, informe o remetente e em seguida
apague-a do seu computador."
Permalink | Reply | 1 comment |
headers
André Gustavo N. Lopes | 23 Apr 2013 01:58
Picon

[quagga-users 13252] vtysh wrapper

Hi,

I really like the idea of keep track of what is changing on my config
files, specially with quagga.
This is very useful where several people manage the environment, and can
be a lifesaver finding the last working config.

I use SVN to accomplish this, so whenever I remember, I am commiting my
stuff to my svn server.

Whenever I remember is not always good enough, so I decided to code a
vtysh wrapper, to do it automatically.
It's just an idea yet, but it may help someone else, and new ideas can
be sugested.

I spend just a little time coding and reviewing, so please don't be too
strict reading the code =)

See below

#!/bin/bash

# no control-c, control-z
trap '' SIGINT
trap '' SIGQUIT
trap '' SIGTSTP

# execute vtysh command
vt(){
        local m="$ <at> "
        sudo vtysh -c $m
}

# save
save(){
        vt write
        echo -e "\tTODO: checkout running-config to svn"
        echo -e "\tTODO: checkout saved config to svn"
}

# commit the current status, before change anything
echo -e "TODO: first things first:"
echo -e "\tTODO:checkout running-config to svn"
echo -e "\tTODO:checkout saved config to svn"
echo

# enables history internally (up, down keys) and show prompt
while IFS="" read -r -e -d $'\n' -p "vtysh # " c ; do

        # take action
        case $c in
                "quit")
                        read -e -p "save config? " save
                        [ $save == "y" ] && save
                        exit ;;

                # ideas
                "compare")      ;;

                "rollback")     ;;

                "whatelse?")    ;;

                # send to vtysh
                *)
                        vt $c
                        ;;

        esac
        history -s "$c"
done

Cya.

--

-- 
André Gustavo N. Lopes
Equipe TI Onda Empresas
Tel: +55(41)3331-8282
Fax: +55(41)3331-8256

Onda Empresas
www.ondaempresas.com.br
Serviços e Soluções em Data Center, TI e Telecom

"Este endereço de e-mail se destina exclusivamente ao uso profissional. Todo o conteúdo nele inserido
é de responsabilidade exclusiva de seu remetente e não reflete, necessariamente, a opinião ou o ponto
de vista oficial do Onda Provedor de Serviços S/A.

A mensagem, incluindo seus anexos, pode conter informações legais privilegiadas e/ou confidenciais,
não podendo ser retransmitida, arquivada, divulgada ou copiada sem autorização expressa do
remetente. Caso tenha recebido esta mensagem por engano, por favor, informe o remetente e em seguida
apague-a do seu computador."
Permalink | Reply | 2 comments |

Gmane