dcsimg

GNU Zebra

As your networks grow, you'll want ways to segregate and manage them. Cisco routers are staples for this purpose, but Linux, together with GNU Zebra, can make a good substitute. Here's how to get up and running with Zebra.

Last month’s feature, “Strategies for Managing Growing Networks,” presented the general principles of dynamic routing, described internal and external routing protocols such as OSPF, RIP, and BGP, and explained how dynamic routing can be used build extensible and flexible networks that respond quickly and automatically to changes in network topology and traffic. Of course, protocols are useless without hardware and software to animate them. Routers from Cisco, Juniper, and other vendors can fit the bill. But there is an alternative to commercial products. Enter PC hardware, the Linux operating system, and GNU Zebra, an open source project that turns a run-of-the-mill Linux machine into a capable — and interoperable — network router. This month, let’s run with the Zebra — and give Cisco a run for its money.

The Black and White on Zebra

GNU Zebra (http://www.zebra.org) is TCP/IP routing software that supports an extensive list of routing protocols, including BGP-4, BGP-4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Distributed under the GNU General Public License (GPL), Zebra runs on Linux as well as other Unix variants. Zebra takes a modular approach to the protocols that it manages. Protocols can be enabled or disabled as network requirements dictate. Accordingly, Zebra is made of several components. The main application, zebra, interacts with the Linux kernel routing table and acts as a routing manager, controlling the other protocol components. Each protocol is implemented via individual routing engines, bgpd, ospf6d, ospfd, ripd, and ripngd.

Zebra’s modular structure is illustrated in Figure One. Its design makes it different from traditional routing software, which typically uses one monolithic process to provide and serve all routing protocol features. With Zebra, however, you can add new protocol routing daemons without affecting other running protocols. At the same time, Zebra can also be used to redistribute routes between different routing protocols.








zebra_01
Figure One: Zebra provides protocols as separate modules

But by far, one of the nicest features of Zebra is its striking similarity to the Cisco IOS configuration formats. IOS is the standard operating system for Cisco routing equipment, something that many network engineers are already familiar with. While there are some differences between Zebra and IOS, the feel is close enough that IOS users should be very comfortable in the Zebra environment.

The original Zebra package was written by Kunihiro Ishiguro and Yoshinari Yoshikawa in 1996. Today, the package is maintained largely by IP Infusion (http://www.ipinfusion.com) where Mr. Ishiguro is CTO, with the assistance of networking engineers and open source volunteers.

At the magazine goes to press, the latest version of Zebra is 0.93b. The software is available in source and binary form from the Zebra download page at http://www.zebra.org/ download.html.

Getting Started

As with all software, the best way to get to know Zebra is to use it. Figure Two shows a basic configuration of three network segments interconnected by three routers in a loop configuration. The routers in the figure could be actual router equipment or multi-homed Linux servers running Zebra. [To create this article, the authors worked with two Cisco 3620 routers and one Linux router.]








zebra_02
Figure Two: Zebra interconnects three network segments

To recreate this configuration, you’ll need a Linux box with three network interfaces. Make sure the network interfaces are properly recognized by Linux. You’ll also need to install the Zebra software. (If you’re running Red Hat 9, the Zebra-0.93b RPM is included as part of your distribution.) Installation should be a breeze.

The Zebra package installs files in several locations:

* It places the zebra utility and the main routing daemons in /usr/sbin/.

* It drops startup scripts in /etc/init.d/.

* The main Zebra configuration files, as installed by the RPM, are placed in /etc/zebra/.

The configuration file for zebra is /etc/zebra/zebra.conf. The Zebra package includes several extensive configuration examples, but you really only need to put three lines in zebra.conf: the designated hostname of the system and passwords for accessing and modifying the Zebra configuration.

Here’s a minimal configuration file:


hostname hotmetal
password zebra
enable password zebra

You can then start Zebra using the service command…


# service zebra start

… or using the startup script…


# /etc/rc.d/init.d/zebra start

Zebra is now up and running, though you have not yet configured it to do anything useful.

Making Zebra Run

To enter Zebra’s configuration mode, telnet into port 2601 of your machine. (In the examples below, the hostname is hotmetal.) Below is a sample session.


[root@hotmetal zebra]# telnet 127.0.0.1 2601
Trying 127.0.0.1…
Connected to 127.0.0.1.
Escape character is ‘^]’.
Hello, this is zebra (version 0.93b).
Copyright 1996-2002 Kunihiro Ishiguro.
User Access Verification
Password: zebra
hotmetal> enable
Password: zebra

At this point, this configuration should be very familiar to those with Cisco experience. If you need hints, just type ? at any time to see a list of available commands.

Since you’re starting with a blank slate, the first thing you’ll need to do is tell Zebra about the network interfaces that it will be using.


hotmetal# configure terminal
hotmetal(config)# interface eth0
hotmetal(config-if)# ip address
192.168.2.1/30
hotmetal(config-if)# quit
hotmetal(config)# interface eth1
hotmetal(config-if)# ip address
192.168.1.1/30
hotmetal(config-if)# quit
hotmetal(config)# interface eth2
hotmetal(config-if)# ip address
10.0.2.1/24
hotmetal(config-if)# write
Configuration saved to /etc/zebra/zebra.conf
hotmetal(config-if)# end
hotmetal# show run
Current configuration:
!
hostname hotmetal
password zebra
enable password zebra
!
interface lo
!
interface eth0
ip address 192.168.2.1/30
!
interface eth2
ip address 10.0.2.1/24
!
interface eth1
ip address 192.168.1.1/30
!
!
line vty
!

As you can see, you can set the IP addresses on the server through Zebra. Settings you make via the telnet interface are persisted in the global configuration file /etc/zebra/zebra.conf. That way, every time you bring up Zebra service, your last settings will take effect.

After the previous session, the contents of zebra.conf look something like Listing One.




Listing One: Zebra configuration file


!
! Zebra configuration saved from vty
! 2003/11/20 00:07:51
!
hostname hotmetal
password zebra
enable password zebra
!
interface lo
!
interface eth0
ip address 192.168.2.1/30
!
interface eth2
ip address 10.0.2.1/24
!
interface eth1
ip address 192.168.1.1/30
!
!
line vty
!

Setting Up OSPF Routing with Zebra

Now that you’ve set up the network interfaces of your Linux router, the next step is to set it up to manage a routing protocol. Let’s use OSPF. OSPF is practical for running a core router, because it’s very simple to configure and offers speedy advantages for failover situations.

Start by setting up a minimal configuration file for OSPF by editing /etc/zebra/ospfd.conf:


hostname hotmetal-ospf
password zebra
enable password zebra

Again, the OSPF configuration file needs just three lines to get started. Now, start the OSPF service:


# service ospfd start

Configuring OSPF is very simple: just tell the router to broadcast all the routes that it knows. telnet into port 2604 to enter the configuration dialog.


hotmetal-ospf> enable
Password: zebra
hotmetal-ospf# configure terminal
hotmetal-ospf(config)# router ospf
hotmetal-ospf(config-router)# network
0.0.0.0/0 area 0

hotmetal-ospf(config-router)# end
hotmetal-ospf# write
Configuration saved to /etc/zebra/ospfd.conf
hotmetal-ospf# show run
Current configuration:
!
hostname hotmetal-ospf
password zebra
enable password zebra
!
!
router ospf
network 0.0.0.0/0 area 0
!
line vty
!
end

The previous batch of commands changes /etc/zebra/ospfd.conf to Listing Two.




Listing Two: Zebra configuration file


!
! Zebra configuration saved from vty
! 2003/11/20 00:07:51
!
hostname hotmetal
password zebra
enable password zebra
!
interface lo
!
interface eth0
ip address 192.168.2.1/30
!
interface eth2
ip address 10.0.2.1/24
!
interface eth1
ip address 192.168.1.1/30
!
!
line vty
!

Setting up OSPF on Cisco Routers

Now that you’ve set up OSPF on the Linux router, you need to set up the Cisco routers in your network to also use OSPF.

First, set up some basic IP address and network interface settings on your Cisco routers. Set up Router A and then Router B.


Router# config terminal
Router(config)# hostname RouterA
RouterA(config)# int s0/0
RouterA(config-if)# ip address 192.168.0.
1 255.255.255.252

RouterA(config-if)# no shut
RouterA(config-if)# interface fastEthernet 0/0
RouterA(config-if)# ip address 192.168.2.2
255.255.255.252

RouterA(config-if)# no shut
RouterA(config-if)# int loopback 0
RouterA(config-if)# ip address 10.0.0.1
255.255.255.0

RouterA(config-if)# end
RouterA# write

Router# configure terminal
Router(config)# hostname
RouterB

RouterB(config)# int s0/0
RouterB(config-if)# ip address
192.168.0.2 255.255.255.252

RouterB(config-if)# no shut
RouterB(config-if)# int
fastEthernet0/0

RouterB(config-if)# ip address
192.168.1.2 255.255.255.252

RouterB(config-if)# no shut
RouterB(config-if)# int loopback 0
RouterB(config-if)# ip address
10.0.1.1 255.255.255.0

RouterB(config-router)# end
RouterB# write

Adding OSPF to both Cisco routers is straightforward. As with the Linux router, you simply tell the routers to broadcast all the routes that they know.


RouterA# conf term
RouterA(config)# router ospf 100
RouterA(config-router)# network 0.0.0.0
255.255.255.255 area 0

RouterA(config-router)# end

Run similar commands on RouterB.

Route Failover

Now that you’ve set up the Linux router and the Cisco routers, let’s see what routes the Linux router has learned via OSPF. Connect to Zebra on the Linux machine (via telnet) and run the command show ip route. The results are shown in Figure Three. The routes to 10.0.0.1/32 and 10.0.1. 1/32 are marked with O, indicating that they were learned through OSPF.




Figure Three: Learned routes through OSPF


Codes: K – kernel route, C – connected, S – static, R – RIP, O – OSPF,
B – BGP, > – selected route, * – FIB route
O>* 10.0.0.0/32 [110/11] via 192.168.2.2, eth0, 00:00:01
O>* 10.0.1.1/32 [110/11] via 192.168.1.2, eth1, 00:02:53
O 10.0.2.0/24 [110/10] is directly connected, eth2, 00:03:31
C>* 10.0.2.0/24 is directly connected, eth2
K * 127.0.0.0/8 is directly connected, lo
C>* 127.0.0.0/8 is directly connected, lo
O>* 192.168.0.0/30 [110/58] via 192.168.2.2, eth0, 00:00:01
via 192.168.1.2, eth1, 00:00:01
O 192.168.1.0/30 [110/10] is directly connected, eth1, 00:03:21
C>* 192.168.1.0/30 is directly connected, eth1
O 192.168.2.0/30 [110/10] is directly connected, eth0, 00:03:31
C>* 192.168.2.0/30 is directly connected, eth0

If we disconnect the connection from the Linux router to Router A, the routes are automatically updated. Examining the Zebra routes after such an event gives something like Figure Four.




Figure Four: Routes after failover


Codes: K – kernel route, C – connected,
S – static, R – RIP, O – OSPF,
B – BGP, > – selected route, * – FIB route
O>* 10.0.0.1/32 [110/59] via 192.168.1.2,
eth0, 00:01:10
O>* 10.0.1.1/32 [110/11] via 192.168.1.2,
eth1, 00:09:46
O 10.0.2.0/24 [110/10] is directly connected,
eth2, 00:10:24
C>* 10.0.2.0/24 is directly connected, eth2
K * 127.0.0.0/8 is directly connected, lo
C>* 127.0.0.0/8 is directly connected, lo
O>* 192.168.0.0/30 [110/58] via 192.168.1.2,
eth1, 00:01:10
O 192.168.1.0/30 [110/10] is directly
connected, eth1, 00:10:14
C>* 192.168.1.0/30 is directly connected,
eth1
O 192.168.2.0/30 [110/10] is directly
connected, eth0, 00:10:24
C>* 192.168.2.0/30 is directly connected,
eth0

It’s a Rout!

This feature’s shown a basic scenario, interconnecting a Linux router powered by Zebra with Cisco routers. It’s a simple setup, and one that an adequately skilled system administrator can implement. At the same time, it offers many possibilities and great flexibility in the management of growing networks.

We’ve really only just scratched the surface of Zebra here. There are many other avenues to explore. For example, Zebra can manage other types of routing protocols and their IPv6 variants and can provide route filtering and enhanced security. Then there’s the next generation of Zebra, the Quagga project (http://www.quagga.net), to look into as well.



Rex Young is a network manager for C-Cube, a major call center in the Philippines. He has worked with large Cisco internetworking and VoIP implementations and is a Certified Cisco Network Professional. He may be reached at youngrv@c-cubeservices. com. Dominique Cimafranca is a Linux IT Specialist for IBM Philippines. He has implemented Linux in all the eServer platforms from IBM. He may be reached at dgmc@sketches.kom.ph.

Fatal error: Call to undefined function aa_author_bios() in /opt/apache/dms/b2b/linux-mag.com/site/www/htdocs/wp-content/themes/linuxmag/single.php on line 62