[原]使用Quagga测试Neutron BGP动态路由(by quqi99)
quqi99发表于 2016-07-05 18:59:00
作者:张华 发表于:2016-07-05
版权声明:可以任意转载,转载时请务必以超链接形式标明文章原始出处和作者信息及本版权声明
( http://blog.csdn.net/quqi99 )
网络拓扑
快速安装一个OpenStack IPv6环境
juju destroy-environment --force zhhuabj
juju-deployer -c bundles/ipv6/next-ipv6.yaml -d xenial-mitaka
juju-deployer -c bundles/ipv6/next-ipv6.yaml -d xenial-mitaka
sudo add-apt-repository cloud-archive:mitaka
sudo apt-get update
sudo apt-get install --upgrade python-neutronclient
sudo apt-get update
sudo apt-get install --upgrade python-neutronclient
创建网络
neutron address-scope-create --shared address-scope-ip6 6
neutron subnetpool-create --address-scope address-scope-ip6 --shared --pool-prefix 2001:db8:1::/48 --default-prefixlen 64 --max-prefixlen 64 --is-default true default-pool-ip6
neutron subnetpool-create --address-scope address-scope-ip6 --pool-prefix 2001:db8:4321:42::/64 --default-prefixlen 64 public-pool
neutron net-create --provider:network_type flat --provider:physical_network physnet1 --router:external=True ext_net
neutron subnet-create --name public-ip6 --ip_version 6 --subnetpool public-pool ext_net
neutron net-create private
neutron subnet-create --name subnet6 --ip_version 6 --use-default-subnetpool --ipv6-address-mode slaac --ipv6-ra-mode slaac private
neutron router-create router1
neutron router-interface-add router1 subnet6
neutron router-gateway-set router1 ext_net
neutron address-scope-create --shared address-scope-ip4 4
neutron subnetpool-create --address-scope address-scope-ip4 --shared --pool-prefix 192.168.21.0/24 --default-prefixlen 24 subnet-pool-ip4
neutron subnet-create --name subnet-ip4-private --subnetpool subnet-pool-ip4 private
neutron router-interface-add router1 subnet-ip4-private
./tools/sec_groups.sh
nova keypair-add --pub-key ~/.ssh/id_rsa.pub mykey
NET_ID=$(neutron net-list |grep 'private' |awk '{print $2}')
nova boot --poll --key-name mykey --image trusty --flavor 2 --nic net-id=$NET_ID i1
nova floating-ip-create
nova floating-ip-associate i1 <FLOATING_IP>
neutron subnetpool-create --address-scope address-scope-ip6 --shared --pool-prefix 2001:db8:1::/48 --default-prefixlen 64 --max-prefixlen 64 --is-default true default-pool-ip6
neutron subnetpool-create --address-scope address-scope-ip6 --pool-prefix 2001:db8:4321:42::/64 --default-prefixlen 64 public-pool
neutron net-create --provider:network_type flat --provider:physical_network physnet1 --router:external=True ext_net
neutron subnet-create --name public-ip6 --ip_version 6 --subnetpool public-pool ext_net
neutron net-create private
neutron subnet-create --name subnet6 --ip_version 6 --use-default-subnetpool --ipv6-address-mode slaac --ipv6-ra-mode slaac private
neutron router-create router1
neutron router-interface-add router1 subnet6
neutron router-gateway-set router1 ext_net
neutron address-scope-create --shared address-scope-ip4 4
neutron subnetpool-create --address-scope address-scope-ip4 --shared --pool-prefix 192.168.21.0/24 --default-prefixlen 24 subnet-pool-ip4
neutron subnet-create --name subnet-ip4-private --subnetpool subnet-pool-ip4 private
neutron router-interface-add router1 subnet-ip4-private
./tools/sec_groups.sh
nova keypair-add --pub-key ~/.ssh/id_rsa.pub mykey
NET_ID=$(neutron net-list |grep 'private' |awk '{print $2}')
nova boot --poll --key-name mykey --image trusty --flavor 2 --nic net-id=$NET_ID i1
nova floating-ip-create
nova floating-ip-associate i1 <FLOATING_IP>
安装Neutron BGP
1, neutron-api/0节点上
sudo vi /etc/neutron/neutron.conf
service_plugins = bgp,router,firewall,lbaas,vpnaas,metering
sudo service neutron-server restart
service_plugins = bgp,router,firewall,lbaas,vpnaas,metering
sudo service neutron-server restart
2, neutron-gateway/0节点上
sudo apt install neutron-bgp-dragent python-ryu
sudo vi /etc/neutron/bgp_dragent.ini
[BGP]
bgp_speaker_driver = neutron.services.bgp.driver.ryu.driver.RyuBgpDriver
bgp_router_id = 10.5.3.191
sudo service neutron-bgp-dragent restart
sudo vi /etc/neutron/bgp_dragent.ini
[BGP]
bgp_speaker_driver = neutron.services.bgp.driver.ryu.driver.RyuBgpDriver
bgp_router_id = 10.5.3.191
sudo service neutron-bgp-dragent restart
配置Neutron BGP
neutron bgp-speaker-create --ip-version 6 --local-as 65001 --advertise-floating-ip-host-routes false bgp1
neutron bgp-speaker-network-add bgp1 ext_net
neutron bgp-speaker-advertiseroute-list bgp1
$ neutron bgp-speaker-advertiseroute-list bgp1
+--------------------+---------------------+
| destination | next_hop |
+--------------------+---------------------+
| 2001:db8:1234::/64 | 2001:db8:4321:42::3 |
+--------------------+---------------------+
neutron bgp-peer-create --peer-ip 2001:db8:4321:42::122 --remote-as 65001 bgppeer
neutron bgp-speaker-peer-add bgp1 bgppeer
AGENT_ID=$(neutron agent-list |grep bgp |awk '{print $2}')
neutron bgp-dragent-speaker-add $AGENT_ID bgp1
neutron bgp-speaker-network-add bgp1 ext_net
neutron bgp-speaker-advertiseroute-list bgp1
$ neutron bgp-speaker-advertiseroute-list bgp1
+--------------------+---------------------+
| destination | next_hop |
+--------------------+---------------------+
| 2001:db8:1234::/64 | 2001:db8:4321:42::3 |
+--------------------+---------------------+
neutron bgp-peer-create --peer-ip 2001:db8:4321:42::122 --remote-as 65001 bgppeer
neutron bgp-speaker-peer-add bgp1 bgppeer
AGENT_ID=$(neutron agent-list |grep bgp |awk '{print $2}')
neutron bgp-dragent-speaker-add $AGENT_ID bgp1
测试使用的Quagga配置/etc/quagga/bgpd.conf
hostname zhhuabj-bastion
password password
log file /var/log/quagga/bgpd.log
log stdout
!
router bgp 65001
no synchronization
bgp router-id 10.5.0.3
neighbor 2001:db8:4321:42::123 remote-as 65001
neighbor 2001:db8:4321:42::123 description opestack-bgp-v6
no auto-summary
no neighbor 2001:db8:4321:42::3 activate
!
address-family ipv6
network 2001:db8:0:2::/64
neighbor 2001:db8:4321:42::123 activate
neighbor 2001:db8:4321:42::123 route-map IPV6-OUT out
exit-address-family
!
ipv6 prefix-list pl-ipv6 seq 10 permit 2001:db8:0:2::/56 le 64
route-map IPV6-OUT permit 10
match ipv6 address prefix-list pl-ipv6
set ipv6 next-hop global 2001:db8:4321:42::122
!
line vty
!
debug bgp events
debug bgp filters
!debug bgp fsm
!debug bgp keepalives
debug bgp updates验证
启动quagga后(sudo service quagga restart),看到的日志如下:
1, quagga端:
2016/07/05 08:28:28 BGP: [Event] BGP connection from host 2001:db8:4321:42::123
2016/07/05 08:28:28 BGP: [Event] Make dummy peer structure until read Open packet
2016/07/05 08:28:28 BGP: 2001:db8:4321:42::123 [Event] Transfer accept BGP peer to real (state Active)
2016/07/05 08:28:28 BGP: 2001:db8:4321:42::123 [Event] Accepting BGP peer delete
2016/07/05 08:28:28 BGP: 2001:db8:4321:42::123 rcvd UPDATE w/ attr: , origin i, mp_nexthop 2001:db8:4321:42::3, localpref 100, path
2016/07/05 08:28:28 BGP: 2001:db8:4321:42::123 rcvd 2001:db8:1::/64
2016/07/05 08:28:29 BGP: 2001:db8:4321:42::123 send UPDATE 2001:db8:0:2::/642016-07-05 08:28:28.808 20308 INFO bgpspeaker.peer [-] Connection to peer: 2001:db8:4321:42::122 established
2016-07-05 08:28:28.813 20308 INFO neutron.services.bgp.driver.ryu.driver [-] BGP Peer 10.5.0.3 for remote_as=65001 is UP.
2016-07-05 08:28:29.817 20308 INFO neutron.services.bgp.driver.ryu.driver [-] Best path change observed. cidr=2001:db8:0:2::/64, nexthop=2001:db8:4321:42::122, remote_as=65001, is_withdraw=False3, quagga端
ubuntu@zhhuabj-bastion:~$ sudo vtysh
Hello, this is Quagga (version 0.99.22.4).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
zhhuabj-bastion# show bgp summary
BGP router identifier 10.5.0.3, local AS number 65001
RIB entries 3, using 336 bytes of memory
Peers 1, using 4560 bytes of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2001:db8:4321:42::123
4 65001 10 13 0 0 0 00:02:08 1
Total number of neighbors 1
0ubuntu@zhhuabj-bastion:~/openstack-charm-testing$ route -n -6 |grep 2001:db8:1
2001:db8:1::/64 2001:db8:4321:42::3 UG 1024 0 0 eth0
5, neutron-gateway/0端的路由已生成
$ sudo ip netns exec qrouter-331456bd-90ae-4534-804c-6b26831f693f route -n -6 |grep 2001:db8:1
2001:db8:1::/64 :: U 256 1 1847 qr-66b111db-bc
2001:db8:1::/128 :: Un 0 1 0 lo
2001:db8:1::1/128 :: Un 0 2 9879 lo
ubuntu@juju-zhhuabj-machine-12:~$ sudo ip netns exec qrouter-331456bd-90ae-4534-804c-6b26831f693f ip addr show qg-1c2e76c0-38
6: qg-1c2e76c0-38@if15: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether fa:16:3e:18:eb:25 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.5.150.0/16 brd 10.5.255.255 scope global qg-1c2e76c0-38
valid_lft forever preferred_lft forever
inet 10.5.150.1/32 brd 10.5.150.1 scope global qg-1c2e76c0-38
valid_lft forever preferred_lft forever
inet6 2001:db8:4321:42::3/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fe18:eb25/64 scope link
valid_lft forever preferred_lft forever
ubuntu@juju-zhhuabj-machine-12:~$ sudo ip netns exec qrouter-331456bd-90ae-4534-804c-6b26831f693f ip addr show qr-66b111db-bc
5: qr-66b111db-bc@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1458 qdisc noqueue state UP group default qlen 1000
link/ether fa:16:3e:db:f3:0b brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 2001:db8:1::1/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fedb:f30b/64 scope link
valid_lft forever preferred_lft forever
参考
[1] https://cloudbau.github.io/openstack/neutron/networking/2016/05/17/neutron-ipv6.html
[2] http://docs.openstack.org/mitaka/networking-guide/adv-config-bgp-dynamic-routing.html
[3] https://wiki.openstack.org/wiki/Neutron/DynamicRouting/TestingDynamicRouting
[4] http://xmodulo.com/ipv6-bgp-peering-filtering-quagga-bgp-router.html
[5] http://wp.mindless.gr/2011/07/dual_stack_bgp_configuration_quagga/
[6] https://www.hostvirtual.com/kb/6167/sample-quagga-bgp-ipv4-ipv6-dual-stack-configuration.html
[7] http://www.occaid.org/tutorial-ipv6bgp.html
[2] http://docs.openstack.org/mitaka/networking-guide/adv-config-bgp-dynamic-routing.html
[3] https://wiki.openstack.org/wiki/Neutron/DynamicRouting/TestingDynamicRouting
[4] http://xmodulo.com/ipv6-bgp-peering-filtering-quagga-bgp-router.html
[5] http://wp.mindless.gr/2011/07/dual_stack_bgp_configuration_quagga/
[6] https://www.hostvirtual.com/kb/6167/sample-quagga-bgp-ipv4-ipv6-dual-stack-configuration.html
[7] http://www.occaid.org/tutorial-ipv6bgp.html