\documentclass{ictlab} % Copyright (c) 2003 by Nick Urbanik . % This material may be distributed only subject to the terms and % conditions set forth in the Open Publication License, v1.0 or later % (the latest version is presently available at % http://www.opencontent.org/openpub/). \RCS $Revision: 1.1 $ \usepackage{verbatim,key,alltt,amstext} \usepackage[hang,bf,nooneline]{caption2} \ifx\pdftexversion\undefined \else \usepackage[pdfpagemode=None,pdfauthor={Nick Urbanik}]{hyperref} \fi \renewcommand*{\subject}{Workshop Series} \newcommand*{\labTitle}{% Implementing RIP2 Routers using PCs with Linux and Zebra} \providecommand*{\BGP}{\acro{BGP}\xspace} \providecommand*{\IOS}{\acro{IOS}\xspace} \providecommand*{\KDE}{\acro{KDE}\xspace} \providecommand*{\VTI}{\acro{VTI}\xspace} \begin{document} % \Large \section{Background} \label{sec:background} A Cisco router may cost more than a small company wants to spend. It is possible to use an old Pentium computer as a fully-fledged router that implements the routing protocols \RIP, \OSPF and \BGP, for both \IP{}v4 and \IP{}v6. An additional advantage is that the router can be configured with commands that are very similar to those used in Cisco's \IOS, so that administrators familiar with Cisco can feel at home. Students may also use it to practice router configuration at home when they do not have access to a Cisco router of their own. \subsection{Setting Up the Router} We will use Red Hat version 8.0, although any Linux distribution would be fine, as long as the Zebra software is not too old. The locations where you can download the software are given below, but you can also buy a boxed set of Red Hat 8.0 from a number of shops in the Golden Shopping Centre. \subsection{Required Hardware} \label{sec:required-hardware} You will need hardware that meets the following requirements: \begin{itemize} \item A computer, Pentium (any speed), or above, with \item At least 64\,MB RAM \item At least 2\,GB hard disk \item Two network cards, preferably different brands, but two network cards of the same type will still work (with a small additional amount of testing) \end{itemize} Install both network cards before the installation, if possible, though (with a small additional effort), you can install the network cards later. \subsection{Determine your Network Topology} Draw a diagram like the one above, showing the connections, network interfaces, and decide on your IP addresses, netmasks, and networks. \subsection{Installing Red Hat Linux} I will not repeat details from the excellent book, \emph{The Official Red Hat Linux x86 Installation Guide}, currently (23 January 2002) available at: \url{http://www.redhat.com/docs/manuals/linux/RHL-8.0-Manual/install-guide/}, and packaged in convenient form in the boxed set. Please refer to this book for details. You may also ask Nick Urbanik \texttt{} for any other questions you may have about installation. If your hard disk is less than 6GB in size, please do not choose ``Everything'' when installing, but restrict your installation to include just one of Gnome or \KDE, and some other options, proportional to the amount of disk space you have, and in relation to what you intend to use the computer for, in addition to its use as a router. During the installation process, please create an ordinary account for yourself as well as the root account. \subsection{Installing the Zebra routing software} The software package is called \texttt{zebra-0.93a-3.i386.rpm}. You will find it in the directory \texttt{/RedHat/RPMS/zebra-0.93a-3.i386.rpm} on the third Red Hat 8.0 \CDROM. You can install it like this: \begin{enumerate} \item Open a terminal window with System Tools $\to$ Terminal \item Check if the software package is installed with the command: \begin{alltt} $ \textbf{rpm -q zebra} \end{alltt}%$ If the answer is, ``package zebra is not installed'', then continue, otherwise it is already installed, and you can skip to the next section. \item Open a second terminal window \item Become \texttt{root} in that terminal with the command: \begin{alltt} $ \textbf{su -} \end{alltt}%$ \item Enter your root password, and you should end up with a prompt like this: \texttt{\#}. Later in this document, I will say, ``at your root prompt,'' and I will mean, click on this window and type the command. Otherwise, you will click on your first prompt (one that is not owned by root, and has a prompt with a \texttt{\$}) \item Mount the \CDROM after inserting it like this: \begin{alltt} # \textbf{mount /dev/cdrom} \end{alltt} \item Now change to the directory \texttt{/mnt/cdrom/RedHat/RPMS} with the command: \begin{alltt} # \textbf{cd /mnt/cdrom/RedHat/RPMS} \end{alltt} \item Install the software package using the rpm command: \begin{alltt} # \textbf{rpm -Uhv zebra-0.93a-3.i386.rpm} \end{alltt} \item Unmount the \CDROM with: \begin{alltt} # \textbf{umount /dev/cdrom} \end{alltt} \item Now remove the \CDROM. \end{enumerate} \subsection{Set up Configuration Files for Zebra} The next step is to create configuration files for zebra, telling it what passwords to use: For this step, you will need to use a text editor. Linux provides a large number of choices, and it will depend on your installation what is available. The editors that may be available on your system include: \texttt{emacs}, \texttt{gedit}, \texttt{nedit}, \texttt{pico}, \texttt{gvim}, \texttt{vi}, \texttt{kate}, \texttt{xemacs} and others. Use any one of these to create two files: \texttt{/etc/zebra/zebra.conf} \texttt{and /etc/zebra/ripd.conf} containing the two lines: \begin{alltt} password zebra enable password zebra \end{alltt} \begin{enumerate} \item At the root prompt, start an editor on each of these two files in turn, type in the content, and save each file. \end{enumerate} \subsection{Turn on the Router Services} The router software runs as a service. A service starts automatically when the computer boots, and continues to run till the computer is shut down. Here is how to set it up, at the root prompt The chkconfig program ensures that the service will start the next time the computer boots. The \texttt{service} command can control the immediate starting and stopping of the service. \begin{enumerate} \item \texttt{\# \textbf{chkconfig zebra on}} \item \texttt{\# \textbf{chkconfig ripd on}} \item \texttt{\# \textbf{service zebra start}} \item \texttt{\# \textbf{service ripd start}} \end{enumerate} \subsection{You Have Completed the Setup} All the previous steps only need to be performed once. You will not need to do this today in this workshop, since it has been done already. The remaining steps are for actually configuring the router, and this is what you will do today. \subsection{The Virtual Terminal Interface, and Differences from Cisco IOS} To configure the router, you will connect to two TCP ports on the router using the telnet program. This terminal connection is called a virtual terminal interface (\VTI). A major difference from Cisco \IOS is that Zebra provides a separate service for \texttt{zebra}, that manages the interfaces, and a service for each other service, such as \RIP, and each has its own separate \VTI. Here, we access the \emph{zebra} interface by the command: \begin{alltt} $ \textbf{telnet localhost 2601} \end{alltt}%$ and give the password ``zebra'', which you provided in the file \texttt{/etc/zebra/zebra.conf}. To access the \RIP service, we do: \begin{alltt} $ \textbf{telnet localhost 2602} \end{alltt}%$ You provided the passwords in the file \texttt{/etc/zebra/ripd.conf}. \section{An Example Session Setting Up the Computer in the Middle} \begin{figure}[htb] \centering% \includegraphics[width=\linewidth]{zebra-router-connections} \caption{The arrangement with three computers.} \label{fig:the-connections-between-three-routers.} \end{figure} Here I provide a session, setting up routing on the computer in the middle of the diagram in figure~\vref{fig:the-connections-between-three-routers.}. Note that in this example session, routing has already been set up on the other two computers. I provide this without much comment; the Cisco experts here can explain what is happening better than I can. Perform all the remaining activities using your normal account; do not use the root account. Perform all this activity sitting at the computer you are setting up. Note that the procedure for setting up the other two computers is very similar, but the \IP addresses and networks will differ, according to the diagram. \subsection{Setting up the Network Interfaces with the Zebra Service on Port 2601} \begin{alltt} $ \textbf{telnet localhost 2601} Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Hello, this is zebra (version 0.93a). Copyright 1996-2002 Kunihiro Ishiguro. User Access Verification Password: \textbf{\emph{zebra}} localhost.localdomain> \textbf{enable} Password: \textbf{\emph{zebra}} localhost.localdomain# \textbf{config terminal} localhost.localdomain(config)# \textbf{int eth0} ! change the 3 that follows to 2 for leftmost, 4 for rightmost computer: localhost.localdomain(config-if)# \textbf{ip add 192.168.3.1/24} localhost.localdomain(config-if)# \textbf{no shutdown} localhost.localdomain(config-if)# \textbf{exit} localhost.localdomain(config)# \textbf{int eth1} ! change the 2.2 that follows to 1.2 for leftmost, 3.2 for rightmost PC: localhost.localdomain(config-if)# \textbf{ip add 192.168.2.2/24} localhost.localdomain(config-if)# \textbf{no shutdown} localhost.localdomain(config-if)# \textbf{exit} localhost.localdomain(config)# \textbf{exit} localhost.localdomain# \textbf{show running-config} Current configuration: ! hostname localhost.localdomain password zebra enable password zebra ! interface lo ! interface eth0 ip address 192.168.3.1/24 ! interface eth1 ip address 192.168.2.2/24 ! ! line vty ! end localhost.localdomain# exit Connection closed by foreign host. \end{alltt}%$ \section{Setting up RIP2 with the ripd Service on Port 2602} \begin{alltt} $ \textbf{telnet localhost 2602} Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Hello, this is zebra (version 0.93a). Copyright 1996-2002 Kunihiro Ishiguro. User Access Verification Password: \textbf{\emph{zebra}} localhost.localdomain> \textbf{enable} Password: \textbf{\emph{zebra}} localhost.localdomain# \textbf{show ip rip} localhost.localdomain# \textbf{configure terminal} localhost.localdomain(config)#\textbf{ router rip} ! Following two networks differ for each computer--see the diagram localhost.localdomain(config-router)# \textbf{net 192.168.2.0/24} localhost.localdomain(config-router)# \textbf{net 192.168.3.0/24} localhost.localdomain(config-rouyester)# \textbf{exit} localhost.localdomain(config)# \textbf{exit} localhost.localdomain# \textbf{show ip rip} Codes: R - RIP, C - connected, O - OSPF, B - BGP (n) - normal, (s) - static, (d) - default, (r) - redistribute, (i) - interface Network Next Hop Metric From Time R(n) 192.168.1.0/24 192.168.2.1 2 192.168.2.1 02:47 C(i) 192.168.2.0/24 0.0.0.0 1 self C(i) 192.168.3.0/24 0.0.0.0 1 self R(n) 192.168.4.0/24 192.168.3.2 2 192.168.3.2 02:49 localhost.localdomain# \textbf{exit} Connection closed by foreign host. \end{alltt}%$ \section{Viewing the routing Table using the route command:} \begin{alltt} $ \textbf{route -n} Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.4.0 192.168.3.2 255.255.255.0 UG 2 0 0 eth0 192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.1.0 192.168.2.1 255.255.255.0 UG 2 0 0 eth1 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo \end{alltt}%$ \section{Viewing the Network Devices using the ifconfig command:} \begin{alltt} $ \textbf{ifconfig} eth0 Link encap:Ethernet HWaddr 00:08:02:37:30:79 inet addr:192.168.3.1 Bcast:192.168.3.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:17055 errors:0 dropped:0 overruns:0 frame:0 TX packets:227 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:2647631 (2.5 Mb) TX bytes:16638 (16.2 Kb) Interrupt:5 Base address:0xc000 eth1 Link encap:Ethernet HWaddr 00:60:97:08:1F:51 inet addr:192.168.2.2 Bcast:192.168.2.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:4771 errors:0 dropped:0 overruns:0 frame:0 TX packets:2800 errors:0 dropped:0 overruns:0 carrier:4 collisions:0 txqueuelen:100 RX bytes:385382 (376.3 Kb) TX bytes:267336 (261.0 Kb) Interrupt:10 Base address:0x1040 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:6449 errors:0 dropped:0 overruns:0 frame:0 TX packets:6449 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:384312 (375.3 Kb) TX bytes:384312 (375.3 Kb) \end{alltt} \section{Viewing the Addresses and Routing table using the ip command} \begin{alltt} $ \textbf{ip address} 1: lo: mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo 2: eth0: mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:08:02:37:30:79 brd ff:ff:ff:ff:ff:ff inet 192.168.3.1/24 brd 192.168.3.255 scope global eth0 3: eth1: mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:60:97:08:1f:51 brd ff:ff:ff:ff:ff:ff inet 192.168.2.2/24 brd 192.168.2.255 scope global eth1 $ \textbf{ip route} 192.168.4.0/24 via 192.168.3.2 dev eth0 proto zebra metric 2 192.168.3.0/24 dev eth0 proto kernel scope link src 192.168.3.1 192.168.2.0/24 dev eth1 proto kernel scope link src 192.168.2.2 192.168.1.0/24 via 192.168.2.1 dev eth1 proto zebra metric 2 127.0.0.0/8 dev lo scope link \end{alltt} \end{document}