Multiple Table interface Problem
Stefano Bonino
stefano.bonino at lepida.it
Thu Nov 22 14:10:45 CET 2012
Dear all,
we have some problem trying to attach an interface to a particular routing
table.
We have created the routing table 60 in the kernel here
*
odorizzi at vpn1:~$ cat /etc/iproute2/rt_tables
#
# reserved values
#
255 local
254 main
253 default
0 unspec
#
# local
#
#1 inr.ruhep
60 auslre
*
we have sync the bird configuration as reported
# Turn on global debugging of all protocols
#debug protocols all;
# The direct protocol automatically generates device routes to
# all network interfaces. Can exist in as many instances as you wish
# if you want to populate multiple routing tables with device routes.
protocol direct {
interface "-vlan*", "-eth1", "-eth2","eth0";
}
protocol direct {
table auslre;
# interface "vlan60";
interface "eth1", "eth2";
}
# This pseudo-protocol performs synchronization between BIRD's routing
# tables and the kernel. If your kernel supports multiple routing tables
# (as Linux 2.2.x does), you can run multiple instances of the kernel
# protocol and synchronize different kernel tables with different BIRD
tables.
protocol kernel {
learn; # Learn all alien routes from the kernel
persist; # Don't remove routes on bird shutdown
scan time 20; # Scan kernel routing table every 20 seconds
import all; # Default is import all
export all; # Default is export none
# kernel table 32367; # Kernel table to synchronize with (default:
main)
}
protocol kernel {
learn; # Learn all alien routes from the kernel
persist; # Don't remove routes on bird shutdown
scan time 20; # Scan kernel routing table every 20 seconds
import all; # Default is import all
export all; # Default is export none
kernel table 60; # Kernel table to synchronize with (default: main)
table auslre;
}
# This pseudo-protocol watches all interface up/down events.
protocol device {
scan time 10; # Scan interfaces every 10 seconds
table auslre;
primary "eth1" 192.168.0.1;
primary 192.168.0.0/30;
primary "eth2" 172.16.0.1;
primary 172.16.0.0/30;
}
# Static routes (again, there can be multiple instances, so that you
# can disable/enable various groups of static routes on the fly).
protocol static {
# disabled; # Disable by default
table auslre; # Connect to a non-default table
preference 1000; # Default preference of routes
debug { states, routes, filters, interfaces, events, packets };
debug all;
route 0.0.0.0/0 via 192.168.0.2;
# route 198.51.100.0/25 reject;
# route 10.0.0.0/8 reject;
# route 10.1.1.0:255.255.255.0 via 198.51.100.3;
# route 10.1.2.0:255.255.255.0 via 198.51.100.3;
# route 10.1.3.0:255.255.255.0 via 198.51.100.4;
# route 10.2.0.0/24 via "vlan60";
}
#protocol static {
# debug { states, routes, filters, interfaces, events, packets };
# debug all;
# route 0.0.0.0/0 via 195.62.186.254;
#}
# Pipe protocol connects two routing tables... Beware of loops.
#protocol pipe {
# peer table auslre;
# Define what routes do we export to this protocol / import from it.
# import all; # default is all
# export all; # default is none
# import none; # If you wish to disable imports
# import filter test_filter; # Use named filter
# import where source = RTS_DEVICE; # Use explicit filter
#}
# RIP aka Rest In Pieces...
#protocol rip MyRIP { # You can also use an explicit name
# preference xyzzy;
# debug all;
# port 1520;
# period 7;
# infinity 16;
# garbage time 60;
# interface "*" { mode broadcast; };
# honor neighbor; # To whom do we agree to send the routing table
# honor always;
# honor never;
# passwords {
# password "nazdar";
# };
# authentication none;
# import filter { print "importing"; accept; };
# export filter { print "exporting"; accept; };
#}
protocol ospf ospf_test {
tick 2;
rfc1583compat yes;
area 0.0.0.0 {
stub no;
networks {195.62.186.128/25;
};
interface "eth0" {
type pointopoint;
authentication none;
neighbors {
195.62.186.184 eligible;
};
};
};
}
protocol ospf ospf_auslre {
tick 2;
table auslre;
rfc1583compat yes;
area 0.0.0.0 {
stub no;
networks {192.168.0.0/30;
};
interface "eth1" {
# hello 9;
# retransmit 6;
# cost 10;
# transmit delay 5;
# dead count 5;
# wait 50;
# type broadcast;
type pointopoint;
authentication none;
# password "pass";
neighbors {
192.168.0.2 eligible;
# 10.1.1.4;
};
};
interface "eth2" {
type pointopoint;
authentication none;
};
# interface "arc0" {
# rx buffer large;
# type nonbroadcast;
# poll 14;
# dead 75;
# neighbors {
# 10.1.1.2 eligible;
# 10.1.1.4;
# };
# strict nonbroadcast yes;
# };
# interface "xxx0" {
# passwords {
# password "abc" {
# id 1;
# generate to "22-04-2003 11:00:06";
# accept to "17-01-2004 12:01:05";
# };
# password "def" {
# id 2;
# generate from "22-04-2003 11:00:07";
# accept from "17-01-2003 12:01:05";
# };
# };
# authentication cryptographic;
# };
};
# area 20 {
# stub 1;
# interface "ppp1" {
# hello 8;
# authentication none;
# };
# interface "fr*";
# virtual link 192.168.0.1 {
# password "sdsdffsdfg";
# authentication cryptographic;
# };
# };
}
#protocol bgp {
# disabled;
# description "My BGP uplink";
# local as 65000;
# neighbor 198.51.100.130 as 64496;
# multihop;
# hold time 240;
# startup hold time 240;
# connect retry time 120;
# keepalive time 80; # defaults to hold time / 3
# start delay time 5; # How long do we wait before initial connect
# error wait time 60, 300;# Minimum and maximum time we wait after an
error (when consecutive
# # errors occur, we increase the delay exponentially ...
# error forget time 300; # ... until this timeout expires)
# disable after error; # Disable the protocol automatically when an
error occurs
# next hop self; # Disable next hop processing and always
advertise our local address as nexthop
# path metric 1; # Prefer routes with shorter paths (like Cisco
does)
# default bgp_med 0; # MED value we use for comparison when none is
defined
# default bgp_local_pref 0; # The same for local preference
# source address 198.51.100.14; # What local address we use for the
TCP connection
# password "secret"; # Password used for MD5 authentication
# rr client; # I am a route reflector and the neighor is my client
# rr cluster id 1.0.0.1; # Use this value for cluster id instead of
my router id
# export where source=RTS_STATIC;
# export filter {
# if source = RTS_STATIC then {
# bgp_community = -empty-; bgp_community =
add(bgp_community,(65000,5678));
# bgp_origin = 0;
# bgp_community = -empty-; bgp_community.add((65000,5678));
# if (65000,64501) ~ bgp_community then
# bgp_community.add((0, 1));
# if bgp_path ~ [= 65000 =] then
# bgp_path.prepend(65000);
# accept;
# }
# reject;
# };
#}
but we cannot see that interface inside that routing table.
we tried to force the traffic from/to that interface going to the right
table as reported but without effect.
*
*
*root at vpn1:~# ip rule show*
*0: from all lookup local *
*32764: from all oif eth1 lookup auslre *
*32765: from all iif eth1 lookup auslre *
*32766: from all lookup main *
*32767: from all lookup default*
* *
Do you have any idea how to solve that? Probably we are struggling with the
wrong configuration file bird.conf and we are not able to attached
correctly an interface to a specific routing table.
Thank you very much guys
Bye
Stefano
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20121122/4746c7a4/attachment.html>
More information about the Bird-users
mailing list