https://www.deuxpi.ca/blog/quagga-re.html
In relation with the Réseau Libre project, I wanted to test a routerinstallation using Quagga instead of simply running the standalone babelddaemon. Some of the advantages are a common location and syntax for routingconfiguration, support for multiple routing routing protocols (so we can easilymix Babel with OLSR with BGP, for example) and get the vtysh command-line toolto access information.
The current stable version of Quagga integrates the babeld code, but Babel isnot a high priority so it does not tend to follow the new versions. The Quaggadevelopers balance this limitation with a separate release line of the Quaggacode, named Quagga RE. By using this code, we can get recent versions of babeldintegrated into Quagga.
This page describes how Quagga RE has been installed on the gelato.deuxpi.camesh router. The Debian quagga package was previously installed on this serverso the configuration data, init scripts and user IDs are expected to be reusedwith minor modifications. I guess it could be possible to simply install andimmediately remove (without purging) the quagga package to get a functional installation.
Get the code
git clone https://github.com/Quagga-RE/quagga-RE.git
git checkout RE-0.99.17.12We can use the information from the Debian Quagga package to fetch most of the dependencies.
sudo apt-get build-dep quagga
sudo apt-get install libgcrypt11-devPatch on recent versions of GNU Readline
Apply the patch to fix compilation issuesin vtysh.
Build
Here we replicate the configurations options as they are set in thedebian/rules script of the Debian package.
cd quagga-RE
./bootstrap.sh
./configure --prefix=/usr \
--enable-exampledir=/usr/share/doc/quagga/examples/ \
--localstatedir=/var/run/quagga \
--sbindir=/usr/lib/quagga \
--sysconfdir=/etc/quagga \
--enable-snmp \
--enable-vtysh \
--enable-isisd \
--enable-watchquagga \
--enable-ospf-te \
--enable-opaque-lsa \
--enable-ipv6 \
--enable-ospfclient=yes \
--enable-ospfapi=yes \
--enable-multipath=64 \
--enable-user=quagga \
--enable-group=quagga \
--enable-vty-group=quaggavty \
--enable-configfile-mask=0640 \
--enable-logfile-mask=0640 \
--enable-rtadv \
--enable-gcc-rdynamic \
--with-libpam
make
sudo make install
sudo /etc/init.d/quagga startDifferences between Quagga and Quagga RE
One of the major benefits of using Quagga RE for Babel is the support forspecifying IPv4 and IPv6 distribution lists independently. In the stableversion of Quagga, I only managed to distribute IPv6 routes. Here is thecurrent version of /etc/quagga/babeld.conf, which is very basic:
password ********
!
access-list vty permit 127.0.0.0/8
access-list vty deny any
!
line vty
access-class vty
!
log file /var/log/quagga/babeld.log
!
router babel
network eth1
network mesh
redistribute connected
redistribute kernel
redistribute static
distribute-list global-v4 in eth1
distribute-list global-v4 in mesh
distribute-list local-v4 out eth1
distribute-list local-v4 out mesh
ipv6 distribute-list global in eth1
ipv6 distribute-list global in mesh
ipv6 distribute-list local out eth1
ipv6 distribute-list local out mesh
!
interface eth1
babel wired
babel split-horizon
!
interface mesh
babel wired
!
access-list local-v4 permit 172.16.0.0/12
access-list local-v4 deny any
!
access-list global-v4 deny 0.0.0.0/32
access-list global-v4 deny 192.168.0.0/16
access-list global-v4 deny 72.0.72.144/32
access-list global-v4 permit any
!
ipv6 access-list local permit 2001:470:b2a7::/48
ipv6 access-list local permit fd64:2c08:9fa7::/48
ipv6 access-list local permit 2001:1928:1:9::/48
ipv6 access-list local permit 2607:f2c0:f00e:4d00:227:22ff:fe73:cf9f/128
ipv6 access-list local deny any
!
ipv6 access-list global deny ::/4
ipv6 access-list global deny 2001:470:b2a7::/48
ipv6 access-list global permit any
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
