Your SlideShare is downloading. ×
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertising
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Picobgp - A simple deamon for routing advertising

174

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
174
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. picobgp ● non-compliant-bgp ● routing advertising ● tolopogy update ● tiny and easy to use for picobgp v0.2CC-BY: Claudio Mignanti (2012)
  • 2. picobgp - Take over of your vpnpicobgp was written to automatically setup routing inside a vpn,but can be used also in a generic net.Suppose that you have some vpn peers, serverA and yourlaptop.Now serverA is also part of a local lan, say 10.0.8.0/24 and youwant that your laptop can reach all the serverA-lan withminimus effort.picobgp can help you!
  • 3. 192.168.6.1 192.168.6.2 10.0.8.9
  • 4. vpn0: 192.168.6.1 vpn0:192.168.6.2 eth0: 10.0.8.9
  • 5. vpn0: 192.168.6.1 # pbgp -i vpn0 vpn0:192.168.6.2# pbgp -i vpn0 -s 10.0.8.0/24 eth0: 10.0.8.9
  • 6. picobgp - command argspicobgp DOESNT support Supported args in v0.2 are:configuration with files but onlyby cmdline args. -1 one-shot advertisingSupported args in v0.1 are: (useful inside script)-i <interface> -c Specify the outgoing interface cascade-s x.x.x.x/y annunce the subnet received. Specify the subnet This option can lead to routing (option can be repeated for loop!each subnet) KEEP your network in tree forms!!!
  • 7. and dont forgot to..... enable routing on your serversecho 1 | sudo tee /proc/sys/net/ipv4/ip_forward
  • 8. # pbgp -i eth0 -s 10.1.1.9/29eth1: 10.1.1.1 # pbgp -i eth1 -s 192.168.1.0/24 # pbgp -i eth0 -s 10.1.1.0/29eth0: 192.168.1.2 NetbookB cannot access 10.1.1.9/29 # pbgp -i eth0 A more complex example
  • 9. # pbgp -i eth0 -s 10.1.1.9/29 eth1: 10.1.1.1 # pbgp -i eth1 -s 192.168.1.0/24 # pbgp -c -i eth0 -s 10.1.1.0/29 eth0: 192.168.1.2 ServerB announce also ServerA subnet # pbgp -i eth0On v0.1+ the -c option allow the propagation of subnets
  • 10. picobgp as daemonDaemon mode un-supported for choice.# ./pbgp -cs 1.1.1.0/24 & >/dev/null 2>&1is what you are looking for...Do you like to know why this choice?
  • 11. picobgp inside scriptsWe want to annouce a given subnet if a host inside thesubnet reply to ping#!/bin/bashwhile 1; do ping -c 1 192.168.1.9 && pbgp -1s 192.168.1.0/24 sleep 5done-1 option is one-shot and die mode (thanks Clauz for the idea)
  • 12. Behind the sceneThe bgpmsg struct is In update_rt() function thisinizialized with the program structure is used to inizializeargs and than spammed on a struct rtentry and theniface broadcast address passed to a ioctl thatevery 3 seconds. manipolate the kernel route table.typedef struct sbgpmsg { ioctl (sd, SIOCADDRT, &rtentry); struct in_addr addr; struct in_addr netmask; If a subnet is not spammed struct in_addr loc_addr; for more that 10 secs the time_t l_update; route entry is deleted.} bgpmsg;
  • 13. whats next?!?!??!KNOW ISSUE for v0.1: TODO:* msg are broadcast using ideas?255.255.255.255 and is notusing the effective broadcastaddress of the passedinterface* DELRT show be bogus
  • 14. Use picobgp for redundant gatewayHostA has 10.0.1.9 inside itLAN 10.0.1.0/24 and the gwsare 10.0.1.1 and 10.0.1.2We want to setup the route

×