Picobgp - A simple deamon for routing advertising

325 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
325
On SlideShare
0
From Embeds
0
Number of Embeds
33
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Picobgp - A simple deamon for routing advertising

  1. 1. picobgp ● non-compliant-bgp ● routing advertising ● tolopogy update ● tiny and easy to use for picobgp v0.2CC-BY: Claudio Mignanti (2012)
  2. 2. picobgp - Take over of your vpnpicobgp was written to automatically setup routing inside a vpn,but can be used also in a generic net.Suppose that you have some vpn peers, serverA and yourlaptop.Now serverA is also part of a local lan, say 10.0.8.0/24 and youwant that your laptop can reach all the serverA-lan withminimus effort.picobgp can help you!
  3. 3. 192.168.6.1 192.168.6.2 10.0.8.9
  4. 4. vpn0: 192.168.6.1 vpn0:192.168.6.2 eth0: 10.0.8.9
  5. 5. vpn0: 192.168.6.1 # pbgp -i vpn0 vpn0:192.168.6.2# pbgp -i vpn0 -s 10.0.8.0/24 eth0: 10.0.8.9
  6. 6. picobgp - command argspicobgp DOESNT support Supported args in v0.2 are:configuration with files but onlyby cmdline args. -1 one-shot advertisingSupported args in v0.1 are: (useful inside script)-i <interface> -c Specify the outgoing interface cascade-s x.x.x.x/y annunce the subnet received. Specify the subnet This option can lead to routing (option can be repeated for loop!each subnet) KEEP your network in tree forms!!!
  7. 7. and dont forgot to..... enable routing on your serversecho 1 | sudo tee /proc/sys/net/ipv4/ip_forward
  8. 8. # pbgp -i eth0 -s 10.1.1.9/29eth1: 10.1.1.1 # pbgp -i eth1 -s 192.168.1.0/24 # pbgp -i eth0 -s 10.1.1.0/29eth0: 192.168.1.2 NetbookB cannot access 10.1.1.9/29 # pbgp -i eth0 A more complex example
  9. 9. # pbgp -i eth0 -s 10.1.1.9/29 eth1: 10.1.1.1 # pbgp -i eth1 -s 192.168.1.0/24 # pbgp -c -i eth0 -s 10.1.1.0/29 eth0: 192.168.1.2 ServerB announce also ServerA subnet # pbgp -i eth0On v0.1+ the -c option allow the propagation of subnets
  10. 10. picobgp as daemonDaemon mode un-supported for choice.# ./pbgp -cs 1.1.1.0/24 & >/dev/null 2>&1is what you are looking for...Do you like to know why this choice?
  11. 11. picobgp inside scriptsWe want to annouce a given subnet if a host inside thesubnet reply to ping#!/bin/bashwhile 1; do ping -c 1 192.168.1.9 && pbgp -1s 192.168.1.0/24 sleep 5done-1 option is one-shot and die mode (thanks Clauz for the idea)
  12. 12. Behind the sceneThe bgpmsg struct is In update_rt() function thisinizialized with the program structure is used to inizializeargs and than spammed on a struct rtentry and theniface broadcast address passed to a ioctl thatevery 3 seconds. manipolate the kernel route table.typedef struct sbgpmsg { ioctl (sd, SIOCADDRT, &rtentry); struct in_addr addr; struct in_addr netmask; If a subnet is not spammed struct in_addr loc_addr; for more that 10 secs the time_t l_update; route entry is deleted.} bgpmsg;
  13. 13. whats next?!?!??!KNOW ISSUE for v0.1: TODO:* msg are broadcast using ideas?255.255.255.255 and is notusing the effective broadcastaddress of the passedinterface* DELRT show be bogus
  14. 14. Use picobgp for redundant gatewayHostA has 10.0.1.9 inside itLAN 10.0.1.0/24 and the gwsare 10.0.1.1 and 10.0.1.2We want to setup the route

×