Академический Документы
Профессиональный Документы
Культура Документы
Version 7.2.8
IP Infusion Confidential
ii
IP Infusion Confidential
Table of Contents
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v CHAPTER 1 ZebOS Advanced Routing Suite Overview . . . . . . . . . . . . . . . . 1 Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1 ZebOS ARS Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1 Technical Inquiries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2 Obtaining ZebOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2 Sales Inquiries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2 CHAPTER 2 Installation on Linux Systems . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
ZebOS Daemons on Linux platforms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
Special Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6
Layer-2 Software Forwarder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6 MPLS Forwarder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6 Multicast Forwarder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6 VPN (Virtual Private Network) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6 VR (Virtual Routing) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6
CHAPTER 6
ZebOS Daemons on VxWorks platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Multicast Support on VxWorks Native . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Special Requirement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Hardware platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Limitation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Setting Environment Variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Copying the ZebOS Source and Setting up the Build Environment . . . . . . . . . . . . . . . . . . Before Configuring the Build Environment for Target and Host . . . . . . . . . . . . . . . . . . . . . Configuring the Build Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Building the Configuration Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Installation on VxWorks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
iv
Table of Contents Compiling the Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60 Linking ZebOS with VxWorks BSP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61 Building the FTP Image--vxworks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61 Booting the System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62 Configuring the Physical IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62
CHAPTER 7 Configuring Router for SNMP . . . . . . . . . . . . . . . . . . . . . . . . . 63 Obtaining SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .63 SNMP with SMUX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .63
Installing Net-SNMP Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .63 Configuring SMUX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64 Enabling SNMP in the Source Code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64
CHAPTER 8 Initial Daemon Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 75 Before starting ZebOS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75 Starting and Stopping ZebOS Daemons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75
Unix-based Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75 VxWorks Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .76
Loading the Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .77 Accessing sample configuration files. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .77
Configuring the NSM Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78 Configuring the RIP Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79 Configuring the OSPF Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80 Configuring the BGP Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80 Configuring the LDP Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .81 Configuring the RSVP Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82 Configuring the ISIS Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82
Table of Contents Configuring the PIM Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Configuring the DVMRP Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Configuring the RIPng Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Configuring the OSPF6 Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Configuring Basic Access Networking Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Configuring Layer 2 Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83 84 84 85 85 87
Mapping Port Numbers to Daemon Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 CHAPTER 9 Validating the Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . .91 Validating Daemon Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Final Verification Step. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 Error Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 Bug Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
CHAPTER 10 ZebOS Directory Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . .93 CHAPTER 11 Configuring and Compiling the Linux Kernel. . . . . . . . . . . . . . .95 Verifying the Kernel Source Code Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 Configuring the Kernel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 Compiling the Linux Kernel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 Appendix A Applying Kernel Patches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .99 Patch Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 Applying Patch on Linux Kernel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 Applying Patch on MontaVista . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 Appendix B Installing MontaVista Linux . . . . . . . . . . . . . . . . . . . . . . . . . . .103
Before you Begin Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 Installing MontaVista Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
Appendix C
Appendix E
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Index - 1
vi
Preface
About this Manual
Use this manual to install, compile, and build the ZebOSAdvanced Routing Suite (ARS) software; and to configure initial settings for the ZebOS daemons. This manual consists of a chapter on an overview of ZebOS, and separate chapters for each platform, containing complete information on ZebOS installation on that platform. Followed by that are chapters on daemon configuration, validation, and the ZebOS directory structure.
monospaced type
NSM_MSG_ROUTE_FLAG_ADD
Forward slashes (/) Forward slashes indicate path names for a file or directory, for example,
/usr/local/etc
System prompts and command entries Entries you make in response to system prompts, for example,
make install
Indicates that you should take note. Notes contain special instructions or helpful suggestions or warnings. Variable term for which appropriate values are to be substituted. For example, in the following statement, [PATH] is to be substituted with an absolute path, and not the word PATH.
Note:
[]
Preface
vi
CHAPTER 1
Architecture
ZebOS Advanced Routing Suite (ARS) manages IP-based routing protocols. ZebOS software supports the BGP4, RIPv1, RIPv2, OSPFv2, OSPFv3, LDP, RSVP-TE, PIM-SM, PIM-DM, DVMRP, and ISIS protocols. Unlike traditional, monolithic architectures, and even the so-called modular architectures that remove the burden of processing routing functions from the CPU, and utilize special application-specific integrated circuits (ASIC chips); instead, ZebOS software offers true modularity. ZebOS is intended to be used as a route server and a route reflector. ZebOS provides full-routing capability under a new architecture.
Reliability
In the event of any failure of any of the ZebOS ARS modules, the router can remain online, and the other protocol daemons will continue to operate. The failure can then be diagnosed and corrected without taking the router offline.
Flexibility
Due to a unique, multi-process architecture, the ZebOS ARS is easily upgraded and maintained. It contains the source code for enterprise extension, modification, and compilation.
Technical Inquiries
IP Infusion provides wide-ranging technical assistance through a Support Web Site, allowing simple access to online resources: ClearQuest Web (a support call database) - IP Infusion offers technical support through a browser-based interface to ClearQuest Web. The ClearQuest Web allows you to track defects, and change requests, with an intuitive and easy-to-use interface. You can open technical support calls, update open calls with new information, and review the status of both open and closed calls. FAQs - find answers to product-related frequently asked questions. Product Documentation - download technical documentation. Product Updates - check out weekly bugs-fixed lists, downloads, and patches. Customer Satisfaction Survey - provide feedback by completing this survey.
Obtaining ZebOS
Visit the IP Infusion Inc. Website for more information about ZebOS ARS: http://www.ipinfusion.com/ To download the software (a password is required for downloading): ftp.ipinfusion.com Contact IP Infusion at: IP Infusion Inc. 111 West St. John, Suite 910 San Jose, CA 95113 (408) 794-1500 - main (408) 278-0521 - fax
Sales Inquiries
E-mail: sales@ipinfusion.com
CHAPTER 2
Overview
This chapter describes the system requirements, installation, and compilation of ZebOS Advanced Routing Suite (ZebOS ARS) on Linux-based systems. When finished with the tasks in this chapter, continue with the Initial Daemon Configuration chapter. For a first-time installation, perform all steps. As the system expands, compile the software, and make the target. For more information on customizing, refer to the ZebOS Developer Guides. Refer to Chapter 10 for an illustration of the complete ZebOS Directory Structure. Note: The installation is not shell dependent; use any convenient Linux shell.
The following ZebOS daemons support the IPv6 network protocols on Linux platforms:
The following ZebOS daemons support the Layer-2 protocols on Linux platforms (GNU/Red Hat Linux 9.0):
ZebOS uses the Netlink socket for communicating with the kernel.
eth0
Link encap:Ethernet HWaddr 00:B0:D0:DA:92:37 inet addr:10.10.0.21 Bcast:10.10.0.255 Mask:255.255.255.0 inet6 addr: fe80::2b0:d0ff:feda:9237/10 Scope:Link inet6 addr: fec0::3333:b0:b0:92:37/10 Scope:Site UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:1 frame:0 TX packets:133 errors:0 dropped:0 overruns:0 carrier:132 collisions:0 txqueuelen:100 Interrupt:5 Base address:0xec00
5. To add an IPv6 address to an interface, use the following command: ifconfig ifname add address/prefixlength Following is an example adding a site-local address of prefix length 10. router# ifconfig eth0 add fec0::3333:b0:b0:92:37/10 6. To validate the IPv6 configuration, verify the routing table of the Linux box by using the following command: router# netstat -rn -A inet6 Sample output showing the Kernel IPv6 Routing Table:
Destination ::1/128 3ffe:501:ffff:1002::1/128 3ffe:501:ffff:1002::/64 fe80::250:56ff:fe01:0/128 fe80::2b0:d0ff:feda:9237/128 fe80::a00:20ff:fefd:5dad/128 fe80::/10 fe80::/10 fe80::/10 ff02::5/128 ff00::/8 ff00::/8 ff00::/8
Use 0 0 0 0 1 0 0 0 0 1 0 0 0
Iface lo lo eth0 lo lo eth0 eth0 vmnet1 vmnet2 eth0 eth0 vmnet1 vmnet2
Special Considerations
Layer-2 Software Forwarder
Make sure to enable the following configuration option to use the Software Forwarder provided by IPI: --enable-hal --enable-swfwdr
MPLS Forwarder
Make sure to enable the following configuration option to use the MPLS Forwarder provided by IPI: --enable-mpls-fwd
Multicast Forwarder
Since the mroute.h file that comes with Red Hat Linux is incomplete, an updated mroute.h file is required to compile the ZebOS multicast protocols. Before compiling any ZebOS multicast module (PIM-SM, PIM-DM, DVMRP) on a Red Hat Linux distribution, download a standard kernel from www.kernel.org, and copy the mroute.h file from the <Standard Linux Source Path>/include/linux/mroute.h to the /usr/include/linux directory. If you have already copied the mroute.h file to the /usr/include/linux directory for an earlier release, skip this section. Note: The mroute.h file is not required for running the ZebOS multicast modules. It is required only for their compilation.
Make a copy of the mroute.h file, and save it with a different name: mv /usr/include/linux/mroute.h /usr/include/linux/mroute.h.orig Copy the mroute.h file to the /usr/include/linux directory: cp mroute.h /usr/include/linux
VR (Virtual Routing)
For Virtual Routing, enable the following options while compiling: --enable-vr Enabling VR automatically enables VRF support for the NSM, as well as, the VR support for LIB, NSM, OSPF and BGP.
2. Create a working directory, for example /var/ipi: mkdir /var/ipi 3. Change to the directory that has the ZebOS tarball. 4. Copy the software to a working directory: cp TARFILE /var/ipi TARFILE = ZebOSxxx.date.platform.customer-name.tar.gz where xxx is the current ZebOS ARS version number. For example, the following name is for ZebOS version 7.2.1, dated 04/04/05, Linux platform, and a company named Sample: ZebOS721.040405.linux.Sample.tar.gz 5. Extract the ZebOS software from the tarball: tar -xvzf TARFILE where TARFILE is the name of the ZebOS tar file. Refer to the explanation above. Note: For information on uncompressing ZebOS source files from a CD-ROM, contact support@ipinfusion.com.
Installation on Linux Systems IMPORTANT INFORMATION To assist users in compiling ZebOS, and to troubleshoot compilation issues, IPI provides the following files with the ZebOS ARS software: config.sh enables and disables configuration options depending on the ZebOS modules purchased. It is a unique script that is used for generating the software delivered to you. IPI strongly recommends verifying the enabled/disabled configuration options in your software before configuring the ZebOS build environment. Note: The configure shell script attempts to determine correct values for various system-dependent variables used during compilation. It might create one or more .h files containing system-dependent definitions.
compile.out contains compiler output (useful mainly for debugging). config.log contains messages generated by the compiler when the configure shell script (config.sh) is run. builds.log contains the Bill of Materials (BOM). This includes information about the relevant operating system, shipped protocols, directory structure, and files delivered.
Installation on Linux Systems module, you might get an error when you run the make command. For example, if you have enabled the OSPFv6 option, not enabled the IPv6 option, and run the make command, you might see: [root@bb2]# make ospf6d nsm Make aborted : Unable to find ../../ospf6d/Makefile make: *** [ospf6d] Error 1 5. Configure the package for the system: ./configure <options> where <options> are any build configuration options that you have chosen to enable or disable. For example, --enable-nsm, --disable-ipv6. The following sample demonstrates how the system responds: [root@db1]# cd ZebOS-7.2 [root@db1 ZebOS-7.2]# ./configure creating cache ./config.cache checking for a BSD compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking whether make sets ${MAKE}... yes checking for working aclocal... found checking for working autoconf... found checking for working automake... found checking for working autoheader... found checking for working makeinfo... found .... ZebOS configuration ------------------ZebOS version : 7.2 Build number : 10122003 host operating system : linux-gnu source code location : . compiler : gcc compiler flags : -g -O2 directory for pid files : /var/run
Description Build bgpd with the Route Announcement feature. (Default) Build bgpd without the Route Announcement feature. This feature is suited for using bgpd as the BGP announcement listener.
Hardware Integration
Option flag --enable-broadcom --disable-broadcom --enable-hal --disable-hal Description Build the Broadcom Hardware Services Layer. Do not build the Broadcom Hardware Services Layer. Build the Hardware Abstraction Layer (HAL). Do not build the Hardware Abstraction Layer (HAL).
IMI
Option flag --disable-acl --enable-basic-access --enable-dhcp-client --disable-dhcp-client --enable-dhcp-server --disable-dhcp-server --enable-dhcp-update-style --disable-dhcp-update-style --enable-dns-client --disable-dns-client --enable-imi --disable-imi --enable-imish --disable-imish --enable-imi-sysconfig --disable-imi-sysconfig --enable-nat --disable-nat Description Disable ACL for Basic Access. Enable the Basic Access features (DHCP, DNS, NAT and ACL). Enable the DHCP client for IMI. Disable the DHCP client for IMI. (Default) Enable the DHCP server for IMI. Disable the DHCP server for IMI. (Default) Enable the DHCP server update style. Disable the DHCP server update style. (Default) Enable the DNS client for IMI. Disable the DNS client for IMI. (Default) Enable the Integrated Management Interface (IMI). Enabling IMI does not enable IMISH automatically. Disable the Integrated Management Interface. (Default) Enable Integrated Management Interface (IMI) and IMI Shell (IMISH). Disable IMI Shell (IMISH). (Default) Enable Read system configurations on startup. Disable Read system configurations on startup. (Default) Enable Network Address Translation for IMI. Disable Network Address Translation for IMI. (Default)
10
Description Disable Network Time Protocol. Enable the PPPoE client for IMI. Disable the PPPoE client for IMI. (Default)
IPv6
Option flag --enable-ipv6 --disable-ipv6 --enable-ipv6-transit --disable-ipv6-transit --enable-mip6 --disable-mip6 Description Enable the IPv6 related features and daemons. (Default) Disable the IPv6 related features and daemons. Enable IPv4 to IPv6 transition Enable IPv4 to IPv6 transition Enable the Mobile IPv6 feature. (Default) Disable the Mobile IPv6 feature.
IS-IS
Option flag --enable-isisd --disable-isisd --enable-multi-topology --disable-multi-topology Description Build the ISIS daemon. (Default Linux) Do not build the ISIS daemon. Enable IS-IS multi-topology support. Disable IS-IS multi-topology support. (Default)
Layer-2
Option flag --enable-authd --disable-authd --enable-gmrp --disable-gmrp --enable-gvrp Description Make the 802.1x authentication module. Do not make the 802.1x authentication module (Default) Make the GARP Multicast Registration Protocol (GMRP) feature. Do not make the GMRP feature. (Default) Make the GARP VLAN Registration Protocol (GVRP) feature.
11
Option flag --disable-gvrp --enable-igmp-snoop --disable-igmp-snoop --enable-lacpd --disable-lacpd --enable-mstpd --disable-mstpd --enable-rate-limit --disable-rate-limit --enable-rstpd --disable-rstpd --enable-stpd --disable-stpd --enable-swfwdr --disable-swfwdr --enable-vlan --disable-vlan --enable-wmi --disable-wmi
Description Do not make the GVRP feature. (Default) Enable the Internet Group Management Protocol (IGMP) snooping) feature. Disable the IGMP snooping feature. (Default) Make the Link Aggregation Control Protocol (LACP). Do not make the LACP. (Default) Make the Multiple Spanning Tree Protocol (MSTP). Do not make the MSTP. (Default) Enable the rate limiting feature (broadcast storm control command and feature). Disable the rate limiting feature. Make the Rapid Spanning Tree Protocol (RSTP). Do not make the RSTP. (Default) Make the Spanning Tree Protocol (STP). Do not make STP. (Default) Enable the Layer 2 software forwarder. Disable the Layer 2 software forwarder.(Default) Enable VLAN-aware bridging with either STP, RSTP, or MSTP. Disable VLAN-aware bridging. Enable Web Management Interface (the ZebOS Element Manager). Disable Web Management Interface (the ZebOS Element Manager).
Memory Manager
Option flag --enable-memmgr --disable-memmgr Description Enable the use of all allocation methods for various mtypes. Disable allows only the heap method. (Default)
MPLS
Option flag --enable-diffserv --disable-diffserv --enable-dste --disable-dste Description Enable MPLS Diffserv support. Disable MPLS Diffserv support. (Default) Enable MPLS Diffserv TE support. Enable MPLS Diffserv TE support. (Default)
12
Description Enable the MPLS (Multi Protocol Label Switching) feature. This option, supported in NSM, is automatically turned on if any of the MPLS-specific options (LDP, RSVP, MPLS-VC, VPLS, MPLS Forwarder, VRF, CSPF and TE) are selected. Disable the MPLS (Multi Protocol Label Switching) feature supported in the NSM. (Default) Do not disable the MPLS with this option if any MPLS options are selected. Enable the Fast Reroute feature of RSVP-TE. Disable the Fast Reroute feature of RSVP-TE. (Default) Enable the MPLS (Multi Protocol Label Switching) forwarder support. Disable the MPLS (Multi Protocol Label Switching) forwarder support. (Default) Enable the MPLS-based Virtual Circuit feature. Disable the MPLS-based Virtual Circuit feature. (Default) Enable the MPLS based Virtual Private LAN Service (VPLS) feature. Disable the MPLS based VPLS feature. (Default)
Multicast
Option flag --enable-dvmrpd --disable-dvmrpd --enable-mcast-ipv4 --disable-mcast-ipv4 --enable-mcast-ipv6 --disable-mcast-ipv6 --enable-pimd --disable-pimd --enable-pim6d --disable-pim6d --enable-pdmd --disable-pdmd Description Build the Distance Vector Multicast Routing Protocol (DVMRP) daemon (Default). Do not build the DVMRP daemon. Enable IPv4 MRIB (Multicast Routing Information Base) in NSM. Disable IPv4 MRIB (Multicast Routing Information Base) in NSM. (Default) Enable IPv6 MRIB (Multicast Routing Information Base) in NSM. Disable IPv6 MRIB (Multicast Routing Information Base) in NSM. (Default) Build the PIM-SM daemon (Default). Do not build the PIM-SM daemon. Build the PIM-SMv6 daemon. (Default) Do not build the PIM-SMv6 daemon. Build the PIM-DM daemon. (Default) Do not build the PIM-DM daemon.
13
--disable-pece-ospf
RIP
Option flag --enable-pece-rip --disable-pece-rip --enable-ripd --disable-ripd --enable-ripngd --disable-ripngd Description Enable RIP as the CE/PE protocol to support VPN. Linux only. Disable RIP as the CE/PE protocol. (Default) Linux only. Build the RIP daemon. (Default Linux) Do not build RIP daemon. Build the RIPng daemon. (Default Linux with IPv6) Do not build RIPng daemon.
System Options
Option flag --enable-bigendian --disable-bigendian --enable-hostname-change --disable-hostname-change --enable-restart --disable-restart --enable-static --disable-static --with-ipnet2 Description Enable Big Endian support. Disable Big Endian support. Enable the changing hostname through hostname command. Linux only. Disable the host name change feature. (Default) Linux only. Enable Graceful and Hitless Restart features. Disable Graceful and Hitless Restart features. (Default) Enable linking of the library statically. Prevents linking with the shared libraries (on systems supporting dynamic linking). Disable linking of the library statically. (Default) Use IPNet for IPv6 support.
14
Virtual Routing/Forwarding
Option flag --enable-vrf Description To enable the VRF feature. Note: --disable-vrf If you have Enabled VR, you do not need to Enable VRF. Enabling VR automatically enables VRF support.
VRRP
Option flag --enable-vrrp --enable-vrrp-vmac Description Enable Virtual Router Redundancy Protocol (VRRP). When used alone, this enables the RFC 2338 compliant version Enable VRRP Virtual MAC address. This flag is enabled by default. Disable on platforms which have only one unicast MAC address for an interface. To disable this feature: --disablevrrp-vmac. Disable Virtual Router Redundancy Protocol (VRRP). (Default)
--disable-vrrp
15
Description Disable the NSM IPv4/IPv6 unnumbered interface feature. (Default) Enable IPv4 tunneling Disable IPv4 tunneling (Default) Enable the Multiple FIB kernel support. Disable the Multiple FIB kernel support. (Default) Enable GNU/Linux-NetLink interface. The ZebOS configure script detects the NetLink interface by checking the header file. When the header file does not match to the current running kernel, the configure script will not turn on NetLink support. Disable the NetLink interface. (Default) Build the NSM daemon. (Default) Do not build the NSM daemon. Enable the Router Advertisement feature. (Default) Disable the Router Advertisement feature. Enable SNMP support for: bgp, isis, ldp, nsm, ospfd, pim, ripd. (Default) Disable SNMP support. Enable TCP/IP socket connection between daemons. Disable TCP/IP socket connection between daemons. (Default) Installs all binaries in PREFIX/sbin.For example --prefix=abc/myfile installs all binaries in abc/myfile/sbin and the configuration files in /abc/myfile/etc.
--disable-netlink --enable-nsm --disable-nsm --enable-rtadv --disable-rtadv --enable-snmp --disable-snmp --enable-tcp-message --disable-tcp-message --prefix=PREFIX
By default, the executable files are in /usr/local/sbin and the configuration files in /usr/local/etc.
16
Installation on Linux Systems The makefile displays the available make targets. You can make these targets in individual directories by entering make target-directory. For example: make all-pal make all-lib make nsm The following is a list of the makefile commands:
Make Targets distclean install all dep forcedep clean protocol Function removes all working files not in distribution installs binaries and samples (makes first) makes all available modules makes all dependencies forces all dependencies to be remade cleans up from a previous make makes the specified protocol daemon Comments Applies only at the top level Applies only at the top level Applies to the top level and to all available modules Applies to the top level and to all available modules Applies to the top level and to all available modules Applies to the top level and to all available modules nsm, bgpd, isisd, ospfd, ospf6d, pimd, ripd, ldpd, ripngd, imish and rsvpd
17
Installation on Linux Systems 2. After configuring the build environment, change directory: cd platform/linux 3. Make sure you have run the following make utility to build the MPLS module: make all make all-mpls (if you do not want to run make all) This builds an mpls_module.o file under the platform/linux/bin directory. 4. Install the MPLS module using the following command in the platform/linux/bin directory: insmod mpls_module.o 5. Run the following command to ensure that the MPLS Forwarder kernel module is gracefully removed in the event of a reboot or shutdown: rmmod mpls_module.o
18
CHAPTER 3
Overview
This chapter describes the system requirements, installation, and compilation of ZebOS Advanced Routing Suite (ZebOS ARS) on MontaVista-Linux systems. When finished with the tasks in this chapter, continue with the Initial Daemon Configuration chapter. For a first-time installation, perform all steps. As the system expands, compile the software, and make the target. For more information on customizing, refer to the ZebOS Developer Guides. Refer to Appendix A for an illustration of the complete ZebOS Directory Structure. Note: The installation is not shell dependent; use any convenient Linux shell.
The following ZebOS daemons support the IPv6 network protocols on MontaVista platforms:
19
#define CONFIG_NETLINK #define CONFIG_IPV6 #define CONFIG_PACKET 1 #define CONFIG_IP_PIMSM_V2 1 Required for ZebOS PIM-SM. Required for IPv6.
ZebOS uses the Netlink socket for communicating with the kernel.
Special Considerations
Layer-2 Software Forwarder
Make sure to enable the following configuration option to use the Software Forwarder provided by IPI:
20
--enable-hal --enable-swfwdr
MontaVista-IPNet
Make sure to enable the following configuration option to enable IPNet for IPv6 support on MontaVista systems: --with-ipnet2 For installing ZebOS on MontaVista-IPNet, you can use the instructions in this chapter, but make sure to refer to the following Readme file for IPNet-specific instructions: ZebOS5/kernel/montavista/IPCOM-LKM-HOWTO.TXT
MPLS Forwarder
Make sure to enable the following configuration option to use the MPLS Forwarder provided by IPI: --enable-mpls-fwd
VR (Virtual Routing)
For Virtual Routing, enable the following options while compiling: --enable-vr Enabling VR automatically enables VRF support for the NSM, as well as, the VR support for LIB, NSM, OSPF and BGP.
21
Installation on MontaVista-Linux Systems 1. Log on as root user. Note: The operating system displays an error message when certain steps are attempted by a non-root user.
2. Create a working directory, for example, /var/ipi. mkdir /var/ipi 3. Change to the directory that has the ZebOS tarball. 4. Copy the software to a working directory: cp TARFILE /var/ipi TARFILE = ZebOSxxx.date.platform.customer-name.tar.gz where xxx is the current ZebOS ARS version number. For example, the following name is for ZebOS version 7.2.1, dated 04/04/05, Linux platform, and a company named Sample: ZebOS721.040405.linux.Sample.tar.gz 5. Extract the ZebOS software from the tarball: tar -xvzf TARFILE where TARFILE is the name of the ZebOS tar file. Refer to the explanation above. Note: For information on uncompressing ZebOS source files from a CD-ROM, contact support@ipinfusion.com.
compile.out contains compiler output (useful mainly for debugging). config.log contains messages generated by the compiler when the configure shell script (config.sh) is run. builds.log contains the Bill of Materials (BOM). This includes information about the relevant operating system, shipped protocols, directory structure, and files delivered.
22
Installation on MontaVista-Linux Systems The ZebOS configuration script automatically detects most host configurations. Perform the following steps to configure the build environment. Running configure takes some time. While running, the script generates messages explaining which features it is checking. Running config.sh 1. Make sure to verify all enabled and disabled configure options match with your requirements. Refer to the Before Configuring the Build Environment section above for more details about the config.sh script. 2. Change to the directory containing the package's source code. cd ZebOS 3. Set the variable, IP_ZEBOS_PLATFORM to the Linux platform. This step is not mandatory, but recommended. export IPI_ZEBOS_PLATFORM=linux 4. Type the following at the command prompt to run the config.sh script provided by IPI: ./config.sh Running this script executes the configure command, and enables/disables configuration options depending on ZebOS modules that you have purchased. Configuring Manually If you decide to select configure options manually, make sure to verify the config.sh script before you start configuring. Remember, there are some options that are already enabled in the software provided to you. 1. Change to the directory containing the package's source code. cd ZebOS 2. Set the variable, IP_ZEBOS_PLATFORM to the Linux platform. This step is not mandatory, but recommended. export IPI_ZEBOS_PLATFORM=linux 3. Choose the configure options to be disabled. Refer to the config.sh script to view the list of options enabled by default. 4. Choose the configure options to be enabled from the provided list in the Building the Configuration Options section. Some configure options have dependencies, and if all of the required options are not enabled with a protocol module, you might get an error when you run the make command. For example, if you have enabled the OSPFv6 option, not enabled the IPv6 option, and run the make command, you might see: [root@bb2]# make ospf6d nsm Make aborted : Unable to find ../../ospf6d/Makefile make: *** [ospf6d] Error 1 5. Configure the package for the system: ./configure <options> where <options> are any build configuration options that you have chosen to enable or disable. For example, --enable-nsm, --disable-ipv6. The following sample demonstrates how the system responds: [root@db1]# cd ZebOS-7.2 [root@db1 ZebOS-7.2]# ./configure creating cache ./config.cache checking for a BSD compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking whether make sets ${MAKE}... yes checking for working aclocal... found
23
ZebOS configuration ------------------ZebOS version : 7.2 Build number : 10122003 host operating system : linux-gnu source code location : . compiler : gcc compiler flags : -g -O2 directory for pid files : /var/run
Options noted as (Default) are defaults for the most common features of ZebOS. To disable a feature for any reason, including not having purchased a feature, use the disable option for that feature.
Hardware Integration
Option flag --enable-broadcom --disable-broadcom --enable-hal --disable-hal Description Build the Broadcom Hardware Services Layer. Do not build the Broadcom Hardware Services Layer. Build the Hardware Abstraction Layer (HAL). Do not build the Hardware Abstraction Layer (HAL).
24
IPv6
Option flag --enable-ipv6 --disable-ipv6 --enable-ipv6-transit --disable-ipv6-transit Description Enable the IPv6 related features and daemons. (Default) Disable the IPv6 related features and daemons. Enable IPv4 to IPv6 transition Enable IPv4 to IPv6 transition
25
Description Enable the Mobile IPv6 feature. (Default) Disable the Mobile IPv6 feature.
IS-IS
Option flag --enable-isisd --disable-isisd --enable-multi-topology --disable-multi-topology Description Build the ISIS daemon. (Default Linux) Do not build the ISIS daemon. Enable IS-IS multi-topology support. Disable IS-IS multi-topology support. (Default)
Layer-2
Option flag --enable-authd --disable-authd --enable-gmrp --disable-gmrp --enable-gvrp --disable-gvrp --enable-igmp-snoop --disable-igmp-snoop --enable-lacpd --disable-lacpd --enable-mstpd --disable-mstpd --enable-rate-limit --disable-rate-limit Description Make the 802.1x authentication module. Do not make the 802.1x authentication module (Default) Make the GARP Multicast Registration Protocol (GMRP) feature. Do not make the GMRP feature. (Default) Make the GARP VLAN Registration Protocol (GVRP) feature. Do not make the GVRP feature. (Default) Enable the Internet Group Management Protocol (IGMP) snooping) feature. Disable the IGMP snooping feature. (Default) Make the Link Aggregation Control Protocol (LACP). Do not make the LACP. (Default) Make the Multiple Spanning Tree Protocol (MSTP). Do not make the MSTP. (Default) Enable the rate limiting feature (broadcast storm control command and feature). Disable the rate limiting feature.
26
Option flag --enable-rstpd --disable-rstpd --enable-stpd --disable-stpd --enable-swfwdr --disable-swfwdr --enable-vlan --disable-vlan
Description Make the Rapid Spanning Tree Protocol (RSTP). Do not make the RSTP. (Default) Make the Spanning Tree Protocol (STP). Do not make STP. (Default) Enable the Layer 2 software forwarder. Disable the Layer 2 software forwarder.(Default) Enable VLAN-aware bridging with either STP, RSTP, or MSTP. Disable VLAN-aware bridging.
Memory Manager
Option flag --enable-memmgr --disable-memmgr Description Enable the use of all allocation methods for various mtypes. Disable allows only the heap method. (Default)
MPLS
Option flag --enable-diffserv --disable-diffserv --enable-dste --disable-dste --enable-mpls Description Enable MPLS Diffserv support. Disable MPLS Diffserv support. (Default) Enable MPLS Diffserv TE support. Enable MPLS Diffserv TE support. (Default) Enable the MPLS (Multi Protocol Label Switching) feature. This option, supported in NSM, is automatically turned on if any of the MPLS-specific options (LDP, RSVP, MPLS-VC, VPLS, MPLS Forwarder, VRF, CSPF and TE) are selected. Disable the MPLS (Multi Protocol Label Switching) feature supported in the NSM. (Default) Do not disable the MPLS with this option if any MPLS option is selected. Enable the Fast Reroute feature of RSVP-TE. Disable the Fast Reroute feature of RSVP-TE. (Default) Enable the MPLS (Multi Protocol Label Switching) forwarder support. Disable the MPLS (Multi Protocol Label Switching) forwarder support. (Default) Enable the MPLS-based Virtual Circuit feature. Disable the MPLS-based Virtual Circuit feature. (Default)
27
Description Enable the MPLS based Virtual Private LAN Service (VPLS) feature. Disable the MPLS based VPLS feature. (Default)
Multicast
Option flag --enable-dvmrpd --disable-dvmrpd --enable-mcast-ipv4 --disable-mcast-ipv4 --enable-mcast-ipv6 --disable-mcast-ipv6 --enable-pimd --disable-pimd --enable-pim6d --disable-pim6d --enable-pdmd --disable-pdmd Description Build the Distance Vector Multicast Routing Protocol (DVMRP) daemon (Default). Do not build the DVMRP daemon. Enable IPv4 MRIB (Multicast Routing Information Base) in NSM. Disable IPv4 MRIB (Multicast Routing Information Base) in NSM. (Default) Enable IPv6 MRIB (Multicast Routing Information Base) in NSM. Disable IPv6 MRIB (Multicast Routing Information Base) in NSM. (Default) Build the PIM-SM daemon (Default). Do not build the PIM-SM daemon. Build the PIM-SMv6 daemon. (Default) Do not build the PIM-SMv6 daemon. Build the PIM-DM daemon. (Default) Do not build the PIM-DM daemon.
OSPF
Option flag --enable-ospfd --disable-ospfd --enable-ospf6d --disable-ospf6d --enable-pece-ospf Description Build the OSPF daemon. (Default Linux) Do not build OSPF daemon. Build the OSPF6 daemon. (Default Linux with IPv6) Do not build OSPF6 daemon. Adds support for draft-ishiguro-ppvpn-pe-ce-ospf-01.txt, which specifies the method of using multiple instances of OSPF on the PE to CE link to support multiple customer networks, when provisioning BGP-MPLS VPNs. Linux only. Disable support for draft-ishiguro-ppvpn-pe-ce-ospf-01.txt. (Default) Linux only.
--disable-pece-ospf
28
System Options
Option flag --enable-bigendian --disable-bigendian --enable-hostname-change --disable-hostname-change --enable-restart --disable-restart --enable-static --disable-static --with-ipnet2 Description Enable Big Endian support. Disable Big Endian support. Enable the changing host name through the hostname command. Linux only. Disable the host name change feature. (Default) Linux only. Enable Graceful and Hitless Restart features. Disable Graceful and Hitless Restart features. (Default) Enable linking of the library statically. Prevents linking with the shared libraries (on systems supporting dynamic linking). Disable linking of the library statically. (Default) Use IPNet for IPv6 support.
Traffic Engineering
Option flag --enable-isis-cspf --disable-isis-cspf --enable-ospf-cspf --disable-ospf-cspf --enable-rsvpd --disable-rsvpd --enable-te --disable-te Description Enable the CSPF feature and all TE options for ISIS. Disable the CSPF feature and all TE options for ISIS. (Default) Enable the CSPF feature and all TE options for OSPF. Disable the CSPF feature and all TE options for OSPF. (Default) Enable RSVP daemon. (Default Linux) Do not build the RSVP daemon. Enable TE for IS-IS, OSPF, RSVP, and QoS Module Stub in the NSM. Disable TE support. (Default)
29
VRRP
Option flag --enable-vrrp --disable-vrrp Description Enable Virtual Router Redundancy Protocol (VRRP). When used alone, this enables the RFC 2338 compliant version Disable Virtual Router Redundancy Protocol (VRRP). (Default)
30
Description Disable TCP/IP socket connection between daemons. (Default) Installs all binaries in PREFIX/sbin.For example --prefix=abc/myfile installs all binaries in abc/myfile/sbin and the configuration files in /abc/myfile/etc.
By default, the executable files are in /usr/local/sbin and the configuration files in /usr/local/etc.
4. The makefile displays the available make targets. You can make these targets in individual directories by entering make target-directory. For example make all-pal make all-lib make nsm The following is a list of the makefile commands:
Make Targets distclean install all dep forcedep clean protocol Function removes all working files not in distribution installs binaries and samples (makes first) makes all available modules makes all dependencies forces all dependencies to be remade cleans up from a previous make makes the specified protocol daemon Comments Applies only at the top level Applies only at the top level Applies to the top level and to all available modules Applies to the top level and to all available modules Applies to the top level and to all available modules Applies to the top level and to all available modules nsm, bgpd, isisd, ospfd, ospf6d, pimd, ripd, ldpd, ripngd, imish and rsvpd
31
32
CHAPTER 4
Installation on MontaVista-Broadcom
This chapter describes the system requirements, installation and compilation of ZebOS Advanced Routing Suite (ZebOS ARS) on MontaVista-Broadcom systems. The ZebOS ARS currently exists on VxWorks-Broadcom for the ZebOS NSM, Layer-2, Layer-3 and Multicast (IPv4) modules. Make sure to refer to the README file for updates on versions, filenames and directory names. The README file is located in the following directory: ZebOS5/kernel/montavista/broadcom
System Requirements
MontaVista 3.1 Professional - MIPS processor Broadcom SDK version 5.1.2
33
Installation on MontaVista-Broadcom
34
Installation on MontaVista-Broadcom
$MONTAVISTA_KERNEL_PATH/make dep $MONTAVISTA_KERNEL_PATH/make Copy the vmlinux MontaVista kernel to the TFTP server root-path
35
Installation on MontaVista-Broadcom
#hardware ethernet 00:10:18:80:01:c3; hardware ethernet 00:10:18:82:05:42; fixed-address 10.10.10.88; filename "vmlinux"; option host-name "broadcom"; option root-path "/opt/montavista/pro/devkit/mips/fp_be/target"; } } } # /etc/dhcpd.conf end
Configure NFS
On the Redhat system, export the following directories for mounting: Target file system provided by MontaVista TFTP root-path. An example of the /etc/exports file is as follows: /opt/montavista/pro/devkit/mips/fp_be/target *(rw,sync,no_root_squash) /tftpboot *(rw,sync,no_root_squash) $ cd /etc/init.d $ ./portmap restart $ ./nfs restart
36
Add any Layer-2 and Layer-3 options, as required. For a list of configuration options, refer to the Installation on MontaVista Linux Systems chapter. Note: Currently, IPI supports only unicast protocols in Layer-3.
Compile ZebOS
To compile ZebOS, change to the following directory: cd platform/linux make all-hsl (For building the HSL kernel module) make nsm make imi make <protocol> where <protocol> is a protocol module, such as, imi, imish, stpd, rstpd etc. You can select the protocol module based on the configuration options that you have chosen from configure script. Copy all the built binaries to the TFTP server root-path.
37
Installation on MontaVista-Broadcom 4. Login and run the following commands: mount $REDHAT_LINUX_IP_ADDRESS:/tftpboot /mnt cd /mnt insmod linux-kernel-bde.o debug=2 insmod linux-uk-proxy.o insmod linux-bcm-diag-full.o debug=2 5. Make sure there are no errors after loading. However, you can ignore any warning regarding tainted modules. 6. Start the bcm.user.proxy application ./bcm.user.proxy 7. Copy the rc.soc file, which is used for initializing the hardware to the /tftpboot directory. 8. Initialize the hardware: BCM.0> rcload rc.soc Note: Some messages will appear about the initialization process. BCM.0> exit 9. Load the HSL kernel module: insmod hsl.o 10. Start NSM and ZebOS protocols and start configuration.
38
CHAPTER 5
Overview
This chapter describes how to install and compile ZebOS Advanced Routing Suite (ZebOS ARS) on NetBSD systems. When finished with the tasks in this chapter, continue with the Initial Daemon Configuration chapter. For a first-time installation, perform all steps. As the system expands, repeat the build and run steps. For more information on customizing, refer to the ZebOS Developer Guide. Refer to Appendix A for an illustration of the complete ZebOS Directory Structure. Note: The installation is not shell dependent; use any convenient UNIX shell.
The following ZebOS daemons support the IPv6 network protocols on NetBSD platforms:
39
IPv6
The IPv6 stack is already enabled as a basic component of most NetBSD systems.
Special Considerations
PIM-SM
On NetBSD systems, the kernel does not support multicast forwarding. To run the ZebOS PIM-SM (Protocol Independent Multicasting - Sparse Mode) module on NetBSD, you need to apply a USC patch: 1. Download the patch from http://netweb.usc.edu/pim/pimd/pimkern-tmp 2. Follow instructions provided in the INSTALL.pimkern file and apply the patch.
3. After applying the USC patch, you must rebuild the NetBSD kernel. Follow instructions provided in the NetBSD documentation available at http://www.netbsd.org.
2. Create a working directory, for example /var/ipi: mkdir /var/ipi 3. Change to the directory that has the ZebOS tarball. 4. Copy the software to a working directory: cp TARFILE /var/ipi TARFILE = ZebOSxxx.date.platform.customer-name.tar.gz where xxx is the current ZebOS ARS version number. For example, the following name is for ZebOS version 7.2.1, dated 04/04/05, Linux platform and a company named Sample: ZebOS721.040405.linux.Sample.tar.gz 5. Extract the ZebOS software from tarball: tar -xvzf TARFILE where TARFILE is the name of the ZebOS tar file. Refer to the explanation above.
40
Installation on NetBSD Systems Note: For information on uncompressing ZebOS source files from a CD-ROM please contact support@ipinfusion.com.
compile.out contains compiler output (useful mainly for debugging). config.log contains messages generated by the compiler when the configure shell script (config.sh) is run. builds.log contains the Bill of Materials (BOM). This includes information about the relevant operating system, shipped protocols, directory structure and files delivered.
41
Installation on NetBSD Systems 2. Set the variable IP_ZEBOS_PLATFORM to the NetBSD platform. This step is not mandatory but recommended. export IPI_ZEBOS_PLATFORM=netbsd 3. Choose the configure options to be disabled. Refer to the config.sh script to view the list of options enabled by default. 4. Choose the configure options to be enabled, from the provided list in the Building the Configuration Options section. Some configure options have dependencies and if all the required options are not enabled with a protocol module, you might get an error when you run the make command. For example, if you have enabled the OSPFv6 option, not enabled the IPv6 option, and run the make command, you might see: [root@bb2]# make ospf6d nsm Make aborted : Unable to find ../../ospf6d/Makefile make: *** [ospf6d] Error 1 5. Configure the package for the system: ./configure <options> where <options> are any build configuration options that you have chosen to enable or disable. For example, --enable-nsm, --disable-ipv6. The following sample demonstrates how the system responds: [root@db1]# cd ZebOS-7.2 [root@db1 ZebOS-7.2]# ./configure creating cache ./config.cache checking for a BSD compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking whether make sets ${MAKE}... yes checking for working aclocal... found checking for working autoconf... found checking for working automake... found checking for working autoheader... found checking for working makeinfo... found 6. If aclocal, autoconf and automake are not found, please install the following files from the GNU Website: aclocal version 1.6 autoconf version 2.54 gnumake version 3.79.1
42
Description Build bgpd with the Route Announcement feature. (Default) Build bgpd without the Route Announcement feature. This feature is suited for using bgpd as the BGP announcement listener.
IMI
Option flag --disable-acl --enable-basic-access --enable-dhcp-client --disable-dhcp-client --enable-dhcp-server --disable-dhcp-server --enable-dhcp-update-style --disable-dhcp-update-style --enable-dns-client --disable-dns-client --enable-imi --disable-imi --enable-imish --disable-imish --enable-imi-sysconfig --disable-imi-sysconfig --enable-nat --disable-nat --disable-ntp --enable-pppoe-client --disable-pppoe-client Description Disable ACL for Basic Access. Enable the Basic Access features (DHCP, DNS, NAT and ACL). Enable the DHCP client for IMI. Disable the DHCP client for IMI. (Default) Enable the DHCP server for IMI. Disable the DHCP server for IMI. (Default) Enable the DHCP server update style. Disable the DHCP server update style. (Default) Enable the DNS client for IMI. Disable the DNS client for IMI. (Default) Enable the Integrated Management Interface (IMI). Enabling IMI does not enable IMISH automatically. Disable the Integrated Management Interface. (Default) Enable Integrated Management Interface (IMI) and IMI Shell (IMISH). Disable IMI Shell (IMISH). (Default) Enable Read system configurations on startup. Disable Read system configurations on startup. (Default) Enable Network Address Translation for IMI. Disable Network Address Translation for IMI. (Default) Disable Network Time Protocol. Enable the PPPoE client for IMI. Disable the PPPoE client for IMI. (Default)
43
IS-IS
Option flag --enable-isisd --disable-isisd --enable-multi-topology --disable-multi-topology Description Build the ISIS daemon. (Default Linux) Do not build the ISIS daemon. Enable IS-IS multi-topology support. Disable IS-IS multi-topology support. (Default)
Memory Manager
Option flag --enable-memmgr --disable-memmgr Description Enable the use of all allocation methods for various mtypes. Disable allows only the heap method. (Default)
MPLS
Option flag --enable-diffserv --disable-diffserv --enable-dste --disable-dste Description Enable MPLS Diffserv support. Disable MPLS Diffserv support. (Default) Enable MPLS Diffserv TE support. Enable MPLS Diffserv TE support. (Default)
44
Description Enable the MPLS (Multi Protocol Label Switching) feature. This option, supported in NSM, is automatically turned on if any of the MPLS-specific options (LDP, RSVP, MPLS-VC, VPLS, MPLS Forwarder, VRF, CSPF and TE) is selected. Disable the MPLS (Multi Protocol Label Switching) feature supported in the NSM. (Default) Do not disable the MPLS with this option if any MPLS option is selected. Enable the Fast Reroute feature of RSVP-TE. Disable the Fast Reroute feature of RSVP-TE. (Default) Enable the MPLS (Multi Protocol Label Switching) forwarder support. Disable the MPLS (Multi Protocol Label Switching) forwarder support. (Default) Enable the MPLS-based Virtual Circuit feature. Disable the MPLS-based Virtual Circuit feature. (Default) Enable the MPLS based Virtual Private LAN Service (VPLS) feature. Disable the MPLS based VPLS feature. (Default)
Multicast
Option flag --enable-dvmrpd --disable-dvmrpd --enable-mcast-ipv4 --disable-mcast-ipv4 --enable-mcast-ipv6 --disable-mcast-ipv6 --enable-pimd --disable-pimd --enable-pim6d --disable-pim6d --enable-pdmd --disable-pdmd Description Build the Distance Vector Multicast Routing Protocol (DVMRP) daemon (Default). Do not build the DVMRP daemon. Enable IPv4 MRIB (Multicast Routing Information Base) in NSM. Disable IPv4 MRIB (Multicast Routing Information Base) in NSM. (Default) Enable IPv6 MRIB (Multicast Routing Information Base) in NSM. Disable IPv6 MRIB (Multicast Routing Information Base) in NSM. (Default) Build the PIM-SM daemon (Default). Do not build the PIM-SM daemon. Build the PIM-SMv6 daemon. (Default) Do not build the PIM-SMv6 daemon. Build the PIM-DM daemon. (Default) Do not build the PIM-DM daemon.
45
--disable-pece-ospf
RIP
Option flag --enable-pece-rip --disable-pece-rip --enable-ripd --disable-ripd --enable-ripngd --disable-ripngd Description Enable RIP as the CE/PE protocol to support VPN. Linux only. Disable RIP as the CE/PE protocol. (Default) Linux only. Build the RIP daemon. (Default Linux) Do not build RIP daemon. Build the RIPng daemon. (Default Linux with IPv6) Do not build RIPng daemon.
System Options
Option flag --enable-bigendian --disable-bigendian --enable-hostname-change --disable-hostname-change --enable-restart --disable-restart --enable-static --disable-static --with-ipnet2 Description Enable Big Endian support. Disable Big Endian support. Enable the changing hostname through hostname command. Linux only. Disable the host name change feature. (Default) Linux only. Enable Graceful and Hitless Restart features. Disable Graceful and Hitless Restart features. (Default) Enable linking of the library statically. Prevents linking with the shared libraries (on systems supporting dynamic linking). Disable linking of the library statically. (Default) Use IPNet for IPv6 support.
46
Virtual Routing/Forwarding
Option flag --enable-vrf Description To Enable the VRF feature.
Note:
--disable-vrf
If you have Enabled VR, you do not need to Enable VRF. Enabling VR automatically enables VRF support.
--disable-netlink --enable-nsm
47
Option flag --disable-nsm --enable-rtadv --disable-rtadv --enable-snmp --disable-snmp --enable-tcp-message --disable-tcp-message --prefix=PREFIX
Description Do not build the NSM daemon. Enable the Router Advertisement feature. (Default) Disable the Router Advertisement feature. Enable SNMP support for: bgp, isis, ldp, nsm, ospfd, pim, ripd. (Default) Disable SNMP support. Enable TCP/IP socket connection between daemons. Disable TCP/IP socket connection between daemons. (Default) Installs all binaries in PREFIX/sbin.For example --prefix=abc/myfile installs all binaries in abc/myfile/sbin and the configuration files in /abc/myfile/etc.
By default, the executable files are in /usr/local/sbin and the configuration files in /usr/local/etc.
48
Function cleans up from a previous make makes the specified protocol daemon
Comments Applies to the top level and to all available modules nsm, bgpd, isisd, ospfd, ospf6d, pimd, ripd, ldpd, ripngd, imish and rsvpd
49
50
CHAPTER 6
This chapter describes the system requirements, installation and compilation of ZebOS Advanced Routing Suite (ZebOS ARS) on VxWorks-based systems with Native and IPNet2 VxWorks stacks. The ZebOS ARS currently exists on VxWorks for the ZebOS Network Services Module, RIPv1 and RIPv2, OSPFv2, BGP, VRRP and following layer 2 protocols: STP, RSTP, MSTP, LACP and 802.1x. Other protocols are not fully supported, but are available by using the PAL layer. It has been certified on Intel (Pentium) and Power PC Certified Reference platforms. Additionally, if you understand the difference between your own RTOS and VxWorks, this chapter provides a guide to the necessary changes required for the routers to work under your own RTOS. Of the eight VxWorks-supported targets, IP Infusion does not plan to certify ARM, i960, CPU32, 68K, MIPS nor SPARC; however, IPI does not see any significant difficulties in supporting these platforms. VxWorks IPNet2 and VxWorks Native Stacks: The ZebOS ARS installation procedure on VxWorks-based systems with IPNet2 and Native stacks involves similar steps. The process described in this chapter can be used for both types of systems. However, for each of the systems you must make sure to specify the system name (vxworks or vxworks-ipnet2) during compilation.
51
Location
Description
kernel/vxworks/5.4 kernel/vxworks/5.5.1
This directory contains the Multicast and RECVIF patches for VxWorks 5.4. This directory contains the Route-Alert, Multicast, and RECVIF patches for VxWorks 5.5.1.
VxWorks 5.5
Special Requirement
For VxWorks on Windows Systems
To build ZebOS, make sure to upgrade the following utilities: make Upgrade to version 3.80 sed Upgrade to version 4.14
Hardware platforms
ZebOS ARS supports following hardware platforms:
Broadcom: Strata Marvell: EX116, EX126 and Value Blade.
Installation on VxWorks
The VxWorks project image currently is shipped on a CD-ROM or as a WinZip zipped file. Installation on VxWorks comprises of the following steps. Setting up the Environment Variables. Configuring the Build Environment for Target & HOST Enabling the Build Configuration Options Compiling the software Copying the ZebOS Source and Setting up the Build Environment Linking ZebOS with VxWorks BSP Building the FTP Image--vxworks Booting the System Configuring the Physical IP Addresses Operating the Router
Limitation
You must disable the following configuration option while compiling ZebOS for VxWorks:
52
--disable-isisd
Note: Needed only if the Intel, Marvell or Broadcom environment is used. The following is a section of the script prompting user to set the tornado installation directory or choose the default location /usr/tornadoppc.
2. Copy the software to a working directory: cp TARFILE /var/ipi TARFILE = ZebOSxxx.date.platform.customer-name.tar.gz where xxx is the current ZebOS ARS version number. For example, the following name is for ZebOS version 7.2.1, dated 04/04/05, Linux platform and a company named Sample: ZebOS721.040405.linux.Sample.tar.gz 3. Extract the ZebOS software from tarball: tar -xvzf TARFILE where TARFILE is the name of the ZebOS tar file. Refer to the explanation above.
53
Installation on VxWorks Systems Note: For information on uncompressing ZebOS source files from a CD-ROM please contact support@ipinfusion.com.
compile.out contains compiler output (useful mainly for debugging). config.log contains messages generated by the compiler when the configure shell script (config.sh) is run. builds.log contains the Bill of Materials (BOM). This includes information about the relevant operating system, shipped protocols, directory structure and files delivered.
4. Type the following on the command prompt, to run the config.sh script provided by IPI: ./config.sh Running this script, executes the configure command and enables/disables configuration options depending on ZebOS modules that you have purchased. Configuring Manually In case you decide to select configure options manually, make sure to verify the config.sh script before you start configuring. Remember there are some options that are already enabled in the software provided to you. 1. Change to the directory containing the package's source code.
54
cd ZebOS 2. Set the variable IP_ZEBOS_PLATFORM to the vxworks platform. This step is not mandatory but recommended. export IPI_ZEBOS_PLATFORM=vxworks (for VxWorks-Native) export IPI_ZEBOS_PLATFORM=vxworks_ipnet2 (for VxWorks-IPNet2)
3. Choose the configure options to be disabled. Refer to the config.sh script to view the list of options enabled by default. 4. Choose the configure options to be enabled, from the provided list in the Building the Configuration Options section. Some configure options have dependencies and if all the required options are not enabled with a protocol module, you might get an error when you run the make command. For example, if you have enabled the OSPFv6 option, not enabled the IPv6 option, and run the make command, you might see: [root@bb2]# make ospf6d nsm Make aborted : Unable to find ../../ospf6d/Makefile make: *** [ospf6d] Error 1 5. Configure the package for the system: ./vxworks.config <options> where <options> are any build configuration options that you have chosen to enable or disable. For example, --enable-stpd, --disable-ipv6. The following sample demonstrates how the system responds: [root@db1]# cd ZebOS-7.2 [root@db1 ZebOS-7.2]# ./vxworks.config --disable-isisd creating cache ./config.cache checking for a BSD compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking whether make sets ${MAKE}... yes checking for working aclocal... found checking for working autoconf... found checking for working automake... found checking for working autoheader... found checking for working makeinfo... found .... ZebOS configuration ------------------ZebOS version : 7.2 Build number : 10122003 host operating system : vxworks source code location : . compiler : gcc compiler flags : -g -O2 directory for pid files : /var/run
55
Installation on VxWorks Systems Please note that options noted as (Default) are defaults for the most common features of ZebOS. To disable a feature for any reason, including not having purchased a feature, use the disable option for that feature. BGP
Option flag --enable-bgpd --disable-bgpd --enable-bgp-announce --disable-bgp-announce Description Build the BGP daemon bgpd. (Default Linux) Do not build BGP daemon bgpd. Build bgpd with the Route Announcement feature. (Default) Build bgpd without the Route Announcement feature. This feature is suited for using bgpd as the BGP announcement listener.
IMI
Option flag --enable-imi --disable-imi Description Enable the Integrated Management Interface (IMI). Enabling IMI does not enable IMISH automatically. Disable the Integrated Management Interface. (Default)
IPv6
Option flag --enable-ipv6 --disable-ipv6 --enable-mip6 --disable-mip6 Description Enable the IPv6 related features and daemons. (Default) Disable the IPv6 related features and daemons. Enable the Mobile IPv6 feature. (Default) Disable the Mobile IPv6 feature.
Layer-2
Option flag --enable-authd --disable-authd --enable-gmrp --disable-gmrp Description Make the 802.1x authentication module. Do not make the 802.1x authentication module (Default) Make the GARP Multicast Registration Protocol (GMRP) feature. Do not make the GMRP feature. (Default)
56
Option flag --enable-gvrp --disable-gvrp --enable-igmp-snoop --disable-igmp-snoop --enable-lacpd --disable-lacpd --enable-mstpd --disable-mstpd --enable-rate-limit --disable-rate-limit --enable-rstpd --disable-rstpd --enable-stpd --disable-stpd --enable-vlan --disable-vlan --enable-vlan-class
Description Make the GARP VLAN Registration Protocol (GVRP) feature. Do not make the GVRP feature. (Default) Enable the Internet Group Management Protocol (IGMP) snooping) feature. Disable the IGMP snooping feature. (Default) Make the Link Aggregation Control Protocol (LACP). Do not make the LACP. (Default) Make the Multiple Spanning Tree Protocol (MSTP). Do not make the MSTP. (Default)
Enable the rate limiting feature (broadcast storm control command and feature).
Disable the rate limiting feature. Make the Rapid Spanning Tree Protocol (RSTP). Do not make the RSTP. (Default) Make the Spanning Tree Protocol (STP). Do not make STP. (Default) Enable VLAN-aware bridging with either STP, RSTP, or MSTP. Disable VLAN-aware bridging.
Enable the VLAN classification feature. Currently, available only for Broadcom integrations.
Disable the VLAN classification feature. Enable the VLAN stacking feature. Currently, available only for Broadcom integrations. Disable the VLAN stacking feature.
Memory Manager
Option flag --enable-memmgr --disable-memmgr Description Enable the use of all alloc methods for various mtypes. Disable allows only the heap method. (Default)
MPLS
Option flag --enable-diffserv --disable-diffserv Description Enable MPLS Diffserv support. Disable MPLS Diffserv support. (Default)
57
Description Enable MPLS Diffserv TE support. Enable MPLS Diffserv TE support. (Default) Enable the MPLS (Multi Protocol Label Switching) feature. This option, supported in NSM, is automatically turned on if any of the MPLS-specific options (LDP, RSVP, MPLS-VC, VPLS, MPLS Forwarder, VRF, CSPF and TE) is selected. Disable the MPLS (Multi Protocol Label Switching) feature supported in the NSM. (Default) Do not disable the MPLS with this option if any MPLS option is selected. Enable the Fast Reroute feature of RSVP-TE. Disable the Fast Reroute feature of RSVP-TE. (Default) Enable the MPLS (Multi Protocol Label Switching) forwarder support. Disable the MPLS (Multi Protocol Label Switching) forwarder support. (Default) Enable the MPLS-based Virtual Circuit feature. Disable the MPLS-based Virtual Circuit feature. (Default) Enable the MPLS based Virtual Private LAN Service (VPLS) feature. Disable the MPLS based VPLS feature. (Default)
Multicast
Option flag --enable-dvmrpd --disable-dvmrpd --enable-mcast-ipv4 --disable-mcast-ipv4 --enable-mcast-ipv6 --disable-mcast-ipv6 --enable-pimd --disable-pimd --enable-pim6d --disable-pim6d --enable-pdmd --disable-pdmd Description Build the Distance Vector Multicast Routing Protocol (DVMRP) daemon (Default). Do not build the DVMRP daemon. Enable IPv4 MRIB (Multicast Routing Information Base) in NSM. Disable IPv4 MRIB (Multicast Routing Information Base) in NSM. (Default) Enable IPv6 MRIB (Multicast Routing Information Base) in NSM. Disable IPv6 MRIB (Multicast Routing Information Base) in NSM. (Default) Build the PIM-SM daemon (Default). Do not build the PIM-SM daemon. Build the PIM-SMv6 daemon. (Default) Do not build the PIM-SMv6 daemon. Build the PIM-DM daemon. (Default) Do not build the PIM-DM daemon.
58
--disable-pece-ospf
RIP
Option flag --enable-pece-rip --disable-pece-rip --enable-ripd --disable-ripd --enable-ripngd --disable-ripngd Description Enable RIP as the CE/PE protocol to support VPN. Linux only. Disable RIP as the CE/PE protocol. (Default) Linux only. Build the RIP daemon. (Default Linux) Do not build RIP daemon. Build the RIPng daemon. (Default Linux with IPv6) Do not build RIPng daemon.
System Options
Option flag --enable-bigendian --disable-bigendian --enable-restart --disable-restart --enable-storage-dev --disable-storage-dev --with-ipnet2 Description Enable Big Endian support. Disable Big Endian support. Enable Graceful and Hitless Restart features. Disable Graceful and Hitless Restart features. (Default) Enable Storage Device support. (Default) Disable Storage Device support. Use IPNet for IPv6 support.
--with-pne22
59
Virtual Routing/Forwarding
Option flag --enable-vrf Description To Enable the VRF feature.
Note: If you have Enabled VR, you do not need to Enable VRF. Enabling VR automatically enables VRF support.
--disable-vrf To Disable the VRF feature.(Default)
60
Installation on VxWorks Systems cd platform/vxworks-ipnet2 (for VxWorks-IPNet2) 2. Run the make clean utility: make clean 3. Run the make utility. You can use make all for all available modules or just make specific protocols by specifying the protocols. Please note that make install, implies make all: make <protocol>|all make bgpd make module (to compile ZebOS ARS as a module) The following is a list of the makefile commands:
Make Targets all dep clean protocol modules Function makes all available modules makes all dependencies cleans up from a previous make makes the specified protocol daemon makes all available modules Comments Applies to the top level and to all available modules Applies to the top level and to all available modules Applies to the top level and to all available modules nsm, bgpd, ospfd, ospf6d, pimd, ripd, ldpd, ripngd, rsvpd Applies to the top level and to all available modules
You can compile the image and symbol table separately. Please refer to the VxWorks documentation for details.
61
Installation on VxWorks Systems Note: Besides FTP you can build other forms of the image on ROM, Hard Disk or Flash.
62
CHAPTER 7
IPI supports the SMUX (RFC 1227) and AgentX (RFC 2257) protocols, which are used by SNMP agents to query variables maintained by another user-level process. This chapter provides instructions on how to install and configure SMUX and AgentX protocols. It also describes various SNMP utilities. Note: You cannot use SMUX and AgentX protocols simultaneously. Make sure to use the instructions provided in this chapter according to the protocol you are using.
Obtaining SNMP
Download Net-SNMP software (net-snmp-5.0.8.tar.gz) from www.net-snmp.org web-site. Install and configure the software by following the instructions given in the INSTALL file, which comes with the software. In the IPI lab, SNMP has been tested on most of the Unix/Linux systems. All ZebOS protocol modules are tested using Net-SNMP version 5.0.8 for SMUX and AgentX.
1. Change to the directory containing the SNMP source code. cd snmp 2. Type the following command to configure SNMP for your system: ./configure --with-mib-modules=smux --enable-shared Note: Press enter at all prompts during snmpd configuration.
3. After configuring the environment, to compile the software for your system, issue the make command in the root of the source directory: make umask 022 4. Install the build components by entering the following command: make install ldconfig Note: Make sure to start snmpd before any protocol that will communicate with SNMP. Although you can start nsm before or after snmpd.
63
Configuring SMUX
When ZebOS is started, each daemon tries to connect to the SNMP daemon using the default smux peer ID. The SNMP daemon is configured with the default smux peer ID, when ZebOS is started, the connection is established and protocol daemons can talk to the SNMP daemon. Users must make sure to configure the SNMP daemon with the default smux peer ID only. To configure SMUX: 1. Create a file snmpd.conf under the /usr/local/share/snmp/directory. This is the default location. When SNMP daemon starts, by default, it loads the configuration file from the default location. It can also load the configuration file from another directory. To load the snmpd.conf file from a different location (not default) use the following command: snmpd -d -c <PATH>/snmpd.conf -C where <PATH> is the directory from where the snmpd.conf file is to be loaded. 2. Add the following lines at the end of the file: smuxpeer 1.3.6.1.4.1.3317.1.2.3 smuxpeer 1.3.6.1.4.1.3317.1.2.5 smuxpeer 1.3.6.1.4.1.3317.1.2.2 smuxpeer 1.3.6.1.4.1.3317.1.2.8 smuxpeer 1.3.6.1.4.1.3317.1.2.6 smuxpeer 1.3.6.1.4.1.3317.1.2.10 smuxpeer 1.3.6.1.4.1.3317.1.2.11 smuxpeer 1.3.6.1.4.1.3317.1.2.7 smuxpeer 1.3.6.1.4.1.3317.1.2.9 rwcommunity test The smuxpeer is for communication between snmpd and the routing protocols. The smuxpeer values listed above are smuxpeer IDs assigned by IANA (Internet Assigned Numbers Authority). The smuxpeer values correspond with ZebOS routing protocols RIP, OSPF, BGP and PIM-SM. These values should not be modified. The string rwcommunity test is the community setting between snmpd (agent) and actual SNMP management station (client). The string test is a community string (the authentication key) used for authentication between the agent and the client. The community string test may be changed for security purposes.
(For RIP) (For OSPF) (For BGP) (For PIM-SM) (For LDP) (For NSM) (For OSPFv3) (For ISISv4/v6) (For RSVP-TE)
64
3. After configuring the environment, compile the software for your system. Issue the make command in the root of the source directory: make umask 022 4. Install the build components by entering the following command: make install
Configuring AgentX
When ZebOS is started, each daemon connects to the Master Agent running as SNMP daemon, by giving requests to the master agent. Once the request is accepted by the master agent, a session is established between the subagent at the ZebOS protocol daemon and the master agent running at the SNMP daemon. This session is used by the protocol daemons to communicate with the SNMP daemon. To configure AgentX: 1. Create a file snmpd.conf under /usr/local/share/snmp/ directory. This is the default location. When SNMP daemon starts, by default, it loads the configuration file from the default location. It can also load the configuration file from another directory. To load the snmpd.conf file from a different location (not default) use the following command: snmpd -x localhost:705 -c <PATH>/snmpd.conf -C where <PATH> is the directory from where the snmpd.conf file is located. 2. Add the following lines: At the end of the file, add rwcommunity test. This is your community string. On a new line at the end of the file add master agentx. This tells the agents to behave as the master in the master/client AgentX protocol.
The string rwcommunity test is the community setting between snmpd (agent) and actual SNMP Management Station (client). The string test is a community string (the authentication key) used for authentication between the agent and the client. The community string test may be changed for security purposes.
65
Configuring Router for SNMP 2. Change to the ZebOS directory, run configure with Agentx enabled (apart from the other options) and compile the code: ./configure -enable-agentx 3. Change directory to platform/PLATFORM cd platform/PLATFORM where PLATFORM is the platform being used. For example, Linux, NetBSD etc. make all make install Note: If AgentX is not enabled the code is built with SMUX by default.
66
SNMP Utilities
This section applies to both SMUX and AgentX. In the following examples: -c is an option specifying community string test is the community string 10.10.10.50 is the agent machines IP address.(it can be a localhost) i = is used to set an integer value a = is used to set an IP address s = is used to set a string value TYPE = i|a|s VALUE = Value of the specified Type. For example i 20 sets an integer value of 20. This topology has been used in the following examples:
10.10.10.50
10.10.10.54
Router 1
Agent
Router2
Agent
OSPF
snmpget From the client or management, execute snmpget to get the value from the OSPF MIB. snmpget -c test 10.10.10.50 .1.3.6.1.2.1.14.1.1.0 .1.3.6.1.2.1.14.1.1.0 snmpgetnext From the client or management, execute snmpgetnext to get the next value from the OSPF MIB. snmpgetnext -c test 10.10.10.50 .1.3.6.1.2.1.14.1.1.0 Executing this command returns ospfAdminStat .1.3.6.1.2.1.14.1.2.0, the next Object ID from ospfGeneralGroup table. snmpset From the management station execute snmpset to set the router ID value to 1.1.1.1. This command is also used to create and delete the variable in MIB. snmpset -c test 10.10.10.50 .1.3.6.1.2.1.14.1.1.0 a 1.1.1.1 snmpwalk is the object ID of the variable ospfRouterId
67
Configuring Router for SNMP Execute snmpwalk to walk through each table in the OSPF MIB. snmpwalk -c test 10.10.10.50 .1.3.6.1.2.1.14.7.1.6.10.10.10.50.3 .1.3.6.1.2.1.14.7.1.6.10.10.10.50.3 is the Object ID of the variable ospfIfRtrPriority.
OSPFv3
snmpget From the client or management, execute snmpget to get the value from the OSPFv3 MIB. snmpget -c test 10.10.10.50 .1.3.6.1.3.122.1.1.2.0 .1.3.6.1.3.122.1.1.2.0 snmpgetnext From the client or management, execute snmpgetnext to get the next value from the OSPFv3 MIB. snmpgetnext -c test 10.10.10.50 .1.3.6.1.3.122.1.1.1.0 Executing this command returns ospfAdminStat .1.3.6.1.3.122.1.1.2.0, the next Object ID from ospfGeneralGroup table. snmpwalk Execute snmpwalk to walk through each table in the OSPFv3 MIB. snmpwalk -c test 10.10.10.50 .1.3.6.1.3.122.1.1.3.0 .1.3.6.1.3.122.1.1.3.0 is the Object ID for the variable ospfVersionNumber. is the Object ID of the variable ospfAdminStat.
ISIS
snmpget The following command gets the value of isissysinstance from the ISISSysTable. snmpget -c test 10.10.10.50 .1.3.6.1.3.37.1.1.1.1.1.1 snmpwalk The following command walks through the ISISSysTable. snmpwalk -c test 10.10.10.50 .1.3.6.1.3.37.1.1 snmpset From the management station execute snmpset to set isisSysType to be Level-2-only. snmpset -c test 10.10.10.68 .1.3.6.1.3.37.1.1.1.1.3.1 i 2
BGP
snmpget The following command gets the value of bgpVersion. snmpget -c test 10.10.10.50 .1.3.6.1.2.1.15.1.0 snmpset The following command sets the value of bgpPeerMinRouteAdvertisementInterval. snmpset -c test 10.10.10.50 .1.3.6.1.2.1.15.3.1.23.10.10.10.52 i 40
68
Configuring Router for SNMP snmpwalk The following command walks through bgpPeerTable. snmpwalk -c test 10.10.10.50 .1.3.6.1.2.1.15.1
RIP
snmpget The following command gets the value of rip2GlobalRouteChanges. snmpget -c test 10.10.10.50 .1.3.6.1.2.1.23.1.1.0 snmpwalk The following command walks through ripInterfaceTable. snmpwalk -c test 10.10.10.50 .1.3.6.1.2.1.23.1 snmpset The following command sets the value of rip2IfConfSend snmpset -c test 10.10.10.50 .1.3.6.1.2.1.23.3.1.5.10.10.11.50 i 1
PIM-SM
snmpget The following command gets the value of pimJoinPruneInterval which is the default interval at which PIM-SM Join/Prune messages are to be sent. snmpget -c test 10.10.10.50 .1.3.6.1.3.61.1.1.1.0 snmpset The following command sets the value of pimJoinPruneInterval which is the default interval at which PIM-SM Join/Prune messages are to be sent. snmpset -c test 10.10.10.50 .1.3.6.1.3.61.1.1.1.0 i 30 snmpwalk The following command walks through the PIM Interface table snmpwalk -c test 10.10.10.50 1.3.6.1.3.61.1.1.2
LDP
snmpget snmpget on LDP returns mplsLdpLsrId from mplsLdpLsrObjects:
69
Configuring Router for SNMP Output: transmission.1.4.1.2.5.1.1.3.192.168.0.42.0.0.1.16.1048575 = 0 transmission.1.4.1.2.5.1.1.4.192.168.0.42.0.0.1.16.1048575 = 2 transmission.1.4.1.2.5.1.1.5.192.168.0.42.0.0.1.16.1048575 = 1 snmpgetnext snmpgetnext on LDP returns mplsLdpLsrLoopDetectionCapable from mplsLdpLsrObjects:
NSM (LSR)
snmpget snmpget on LSR MIB returns mplsInterfaceLabelMaxOut from mplsInterfaceConfTable.
70
transmission.1.2.1.1.1.8.3 = 1 transmission.1.2.1.1.1.8.4 = 1 snmpgetnext snmpgetnext on LSR MIB returns the next value from mplsInterfaceConfTable:
NSM (FTN)
snmpwalk snmpwalk on FTN MIB returns the entire FTN MIB: snmpwalk Output: transmission.1.5.1.2.1.2.1 = 1 transmission.1.5.1.2.1.3.1 = "" transmission.1.5.1.2.1.4.1 = 1 transmission.1.5.1.2.1.5.1 = 1 transmission.1.5.1.2.1.6.1 = "" transmission.1.5.1.2.1.7.1 = "" transmission.1.5.1.2.1.8.1 = "1.1.1.1" transmission.1.5.1.2.1.9.1 = "1.1.1.1" transmission.1.5.1.2.1.10.1 = 0 transmission.1.5.1.2.1.11.1 = 0 transmission.1.5.1.2.1.12.1 = 0 transmission.1.5.1.2.1.13.1 = 0 transmission.1.5.1.2.1.14.1 = 0 transmission.1.5.1.2.1.15.1 = 2 transmission.1.5.1.2.1.16.1 = "mplsFTNTable.1.0.0.1" transmission.1.5.1.2.1.17.1 = 0 transmission.1.5.1.2.1.18.1 = 2 transmission.1.5.1.4.1.1.1 = 0 transmission.1.5.1.4.1.2.1 = 0 transmission.1.5.1.4.1.3.1 = 0 transmission.1.5.1.4.1.4.1 = 0 snmpget snmpget on FTN MIB returns mplsFTNDestipv4AddrMin from mplsFTNEntry: -c test 10.10.10.10 .1.3.6.1.2.1.10.1.5
71
transmission.1.5.1.2.1.9.1 = "1.1.1.1"
SNMP TRAPS
SNMP traps are sent by the SNMP agent to the Management Station when an unusual event occurs. The Management Station then catches these traps using the snmptrapd utility. To configure SNMP traps, specify the destination for the traps in the snmpd.conf file by using the trapsink A.B.C.D command. Where A.B.C.D is the IP address of the Management Station:
smuxpeer 1.3.6.1.4.1.3317.1.2.2 smuxpeer 1.3.6.1.4.1.3317.1.2.3 smuxpeer 1.3.6.1.4.1.3317.1.2.5 smuxpeer 1.3.6.1.4.1.3317.1.2.7 smuxpeer 1.3.6.1.4.1.3317.1.2.8 rwcommunity test trapsink 10.10.11.10
After configuring the trapsink make sure that the trapsink is reachable. To view trap messages, use the following command on the Management Station. This command runs SNMP trap daemon on the foreground:
snmptrapd -f -P
You might also configure the snmptrapd utility to send email notification when a trap event occurs.
BGP
There are two types of SNMP traps for BGP: bgpEstablished: Is generated when the BGP FSM enters the established state. bgpBackwardTransition: Is generated when the BGP FSM moves from a higher state to a lower state. bgpPeerRemoteAddress 15.1.3.1.7 (indicates the IP Address of the Peer) bgpPeerLastError 15.3.1.14 (indicates the Last Error) bgpPeerState 15.3.1.2 (indicates the State is established or idle) When the value of bgpPeerState is 1 it indicates an idle state and when value is 6 it indicates an established state. Sample Output 2002-08-07 15:26:00 10.10.10.50 [10.10.10.50] (via 10.10.11.50 [10.10.11 iso.org.dod.internet.snmpV2.snmpModules.snmpMIB Enterprise Specific Trap (2) Uptime: 20:16:05.57 15.3.1.7.10.10.11.52 = IpAddress: 10.10.11.52 15.3.1.14.10.10.Hex: 00 00 15.3.1.2.10.10.11.52 = 1
Both of these traps have 3 objects. The values of these Objects give information about the BGP connection state:
OSPF
There are sixteen OSPF traps defined in RFC1850. Currently, IPI implements the following (12) OSPF traps:
72
Note:
ospfIfStateChange (trap 16) ospfCirtIfStateChange (trap 1) ospfNbrStateChange (trap 2) ospfVirtNbrStateChange (trap 3) ospfIfConfigError (trap 4) ospfCirtIfConfigError (trap 5) ospfIfAuthFailure (trap 6) ospfVirtIfAuthFailure (trap 7) ospfOriginateLsa (trap 12) ospfMaxAgeLsa (trap 13) ospfLsdbOverflow (trap 14) ospfLsdbApproachingOverflow (trap 15) Please refer to RFC1850 for details on Object groups and OSPF trap descriptions.
The following is a sample output from ospfNbrStateChange trap. Sample Output ZebOS# ./snmptrapd -P -f 2003-05-05 17:36:14 anvl.ipinfusion.com [10.10.0.11] (via 10.10.11.60 [10.10.11.60]) TRAP, SNMP v1, community public 14.16.2 Enterprise Specific Trap (2) Uptime: 0:01:23.95 14.1.1.0 = IpAddress: 10.10.11.60 14.10.1.1.10.10.11.50.0 = IpAddress: 10.10.11.50 14.10.1.2.10.10.11.50.0 = 0 14.10.1.3.10.10.11.50.0 = IpAddress: 10.10.11.50 14.10.1.6.10.10.11.50.0 = 1
PIM-SM
The SNMP trap for PIM-SM defines the following object: pimNeighborLoss This trap denotes the loss of an adjacency with a neighbor. It is generated when the neighbor time expires and the router has no other neighbors on the same interface with a lower IP address than itself. Sample Output 2002-12-16 19:40:50 UCD-snmp version 4.2.6 Started. 2002-12-16 19:42:46 anvl.ipinfusion.com [10.10.0.11] (via 10.10.11.50 [10.10.11.50]) TRAP, SNMP v1, community public 61 Enterprise Specific Trap (1) Uptime: 1 day, 7:23:34.82 61.1.1.3.1.2.10.10.10.10 = 3
ISIS
IPI implements all of the 17 isisNotificationGroup traps defined in the IETF draft <draft-ietf-isis-wgmib-10.txt>. The following traps are under the ISIS Notification Group: isisDatabaseOverload (trap 1) isisManualAddressDrops (trap 2) isisCorruptedLSPDetected (trap 3)
73
Note:
isisAttemptToExceedMaxSequence (trap 4) isisIDLenMismatch (trap 5) isisMaxAreaAddressesMismatch (trap 6) isisOwnLSPPurge (trap 7) isisSequenceNumberSkip (trap 8) isisAuthenticationTypeFailure (trap 9) isisAuthenticationFailure (trap 10) isisVersionSkew (trap 11) isisAreaMismatch (trap 12) isisRejectedAdjacency (trap 13) isisLSPTooLargeToPropagate (trap 14) isisOriginatingLSPBufferSizeMismatch (trap 15) isisProtocolsSupportedMismatch (trap 16) isisAdjacencyChange (trap 17) Please refer to IETF draft <draft-ietf-isis-wg-mib-10.txt> for details on Object groups and ISIS trap descriptions.
The following is a sample output from the isisAdjacencyChange (Trap 17) trap. Trap 17 contains: OBJECTS { isisSystemInstance, isisSystemLevel, isisCircIfIndex, isisPDUFragment } This trap is sent when a Level 2 IS is created by the second IS instance and the CircuitIFIndex 3 is DOWN. Sample Output ZebOS# ./snmptrapd -P -f iso.3.6.1.3.37.2.0 Enterprise Specific Trap (13) Uptime: 2 days, 23:27:39.59 iso.3.6.1.3.37.1.10.1.1.1.2 = INTEGER: 2 iso.3.6.1.3.37.1.10.1.1.2.2 = INTEGER: 2 iso.3.6.1.3.37.1.3.1.1.2.2.1 = INTEGER: 3 iso.3.6.1.3.37.1.10.1.1.4.2 = Hex-STRING: 83 1B 01 00 10 01 00 00
74
CHAPTER 8
This chapter includes instructions on how to start, stop and configure ZebOS daemons and how to map port numbers to daemon names. It also provides sample configurations for each of the protocols.
75
Initial Daemon Configuration If you have enabled the IMISH configuration option (also enables IMI) before compiling ZebOS: ./nsm -d ./<protocol> -d ./imi -d ./imish Note: Skip the next step of starting the telnet session, if you have enabled the IMISH configuration options before compiling ZebOS. Using IMISH you cannot telnet to the protocol daemons using the port number.
Start a telnet session: telnet <IPADDRESS/localhost> <PORT> where IPADDRESS is the address of the machine with the protocol daemons. Use <localhost> if protocol daemons are running on the same machine. <PORT> is the port number of the protocol daemon. Refer to Mapping Port Numbers to ZebOS daemons section for details. Note: When IMI is enabled, to start a telnet session, use port 2650 and access all protocols and NSM.
Stop a ZebOS daemon by simply terminating the process of the daemon: kill <pid> where <pid> is the Process ID of the daemon that is to be stopped. Use the Unix command ps to learn about the process ID of a specific daemon. Note: Remember that if you stop NSM, you must restart all the other routing daemons with NSM.
VxWorks Systems
On the Windshell, start the ZebOS protocol daemons from the command prompt by running the following commands: start_zebos() Starts ZebOS. start_nsm() Starts the Network Services Module (NSM). start_protocolname() Starts a ZebOS protocol daemon. For example: start_ospf() Starts the OSPF protocol daemon. start_auth() Starts the AUTH (802.1x) protocol daemon. start_lacp() Starts the LACP protocol daemon. On the Windshell, stop the ZebOS protocol daemons by using the following commands. stop_zebos() Stops ZebOS. stop_nsm() Stops the Network Services Module (NSM). stop_protocolname() Stops a ZebOS protocol daemon. For example: stop_ospf() Stops the OSPF protocol daemon. stop_auth() Stops the AUTH (802.1x) protocol daemon. stop_lacp() Stops the LACP protocol daemon. Start a telnet session: telnet <IPADDRESS> <PORT>
76
Initial Daemon Configuration where IPADDRESS is the address of the machine with the protocol daemons. <PORT> is the port number of the protocol daemon. Refer to Assigning Port Numbers to ZebOS daemons section for details.
Without -f option
When the daemon is started without using the -f option: It reads from the configuration file in the current working directory. For example, if NSM is started:
./nsm -d
it will read from the configuration file, nsm.conf in the current working directory. If the configuration file (in this example nsm.conf) is not present in the current directory, the daemon reads the configuration file from the HAVE_SYSCONFDIR (/usr/local/etc) directory. Similarly, when the IMI daemon is started without the -f option, IMI reads the configuration from the ZebOS.conf configuration file in the current working directory. If the ZebOS.conf file is not present in the current working directory, then IMI reads the configuration from the /usr/local/etc directory.
Note:
With -f option
When the daemon is started using the -f option: If the file is specified with an absolute path (for example, ./nsm -d -f /etc/nsm.conf), the daemon reads the configuration from the specified file. If the file is specified as a relative path (for example ./nsm -d -f ../nsm.conf), the daemon reads the specified file by concatenating it with the current working directory. If the file does not contain the PAL_FILE_SEPARATOR (for example, ./nsm -d -f nsm.conf), the daemon reads the specified configuration file by concatenating it with the current working directory.
77
Daemon Configuration File (Unix) (located with daemon modules) bgpd.conf ldpd.conf rsvpd.conf isisd.conf pimd.conf dvmrpd.conf stpd.conf mstp.conf rstp.conf authd.conf lacpd.conf
Daemon Configuration File (VxWorks) (located with daemon modules) bgpd.cfg ldpd.cfg rsvpd.cfg isisd.cfg pimd.cfg dvmrpd.cfg stpd.cfg mstpd.cfg rstpd.cfg authd.cfg lacpd.cfg
Sample Configuration File (On Unix: under /usr/local/etc) (On VxWorks: under protocol directory - ZebOS/nsm) bgpd.conf.sample. ldpd.conf.sample rsvpd.conf.sample isisd.conf.sample pimd.conf.sample dvmrpd.conf.sample stpd.conf.sample mstp.conf.sample rstp.conf.sample authd.conf.sample lacpd.conf.sample
2. Edit the configuration file using the sample configuration file as a guide. % vi nsm.conf Following is a copy of the NSM configuration sample file:
! hostname Router password zebra enable password zebra ! ! VRF definition ! !ip vrf test1 !ip vrf test2 ! ! Interface's description. ! !interface lo ! description test of desc. ! !interface sit0 ! multicast
78
! !interface eth0 ! ip vrf forwarding test1 ! ip address 10.0.0.1/30 ! ! Static default route sample. ! ! ip route 0.0.0.0/0 203.181.89.241 ! ! ip route vrf test1 10.0.5.0/24 10.0.0.2 eth0 ! ! If you are running OSPF on *BSD stack machines, uncomment the line. ! ! ip route 224.0.0.5/32 127.0.0.1 ! !log file zebra.log
3. Change the necessary information to conform to your network. Note: ip ip ip ip ip ip Note: In the case of BSD implementations, add these static routes to the nsm.conf: (OSPF/RIP multicast does not function without these routes) route route route route route route 224.0.0.2/32 224.0.0.4/32 224.0.0.5/32 224.0.0.6/32 224.0.0.9/32 224.0.0.18/32 127.0.0.1 127.0.0.1 127.0.0.1 127.0.0.1 127.0.0.1 127.0.0.1 127.0.0.1
Add this line to the nsm.conf file for the IP multicast address group: (for the LDP daemon)
ip route 224.0.0.2/32
2. Edit the configuration file using the sample configuration file as a guide. % vi ripd.conf Following is a copy of the ripd sample configuration file:
! hostname ripd password zebra ! ! debug rip events ! debug rip packet ! router rip ! network 11.0.0.0/8 ! network eth0 ! route 10.0.0.0/8
79
! distribute-list private-only in eth0 ! !access-list private-only permit 10.0.0.0/8 !access-list private-only deny any ! !log file ripd.log ! log stdout
3. Change the necessary information to conform to your network.
2. Edit the configuration file using the sample configuration file as a guide. % vi ospfd.conf Following is a copy of the ospfd sample configuration file:
! hostname ospfd password zebra !enable password please-write-here ! !router ospf ! network 192.168.1.0/24 area 0 ! log stdout
3. Change the necessary information to conform to your network.
2. Edit the configuration file using the sample configuration file as a guide. % vi bgpd.conf Following is a copy of the bgpd sample file:
80
debug bgp debug bgp events debug bgp updates debug bgp fsm ! router bgp 11 bgp router-id 10.10.10.50 neighbor 10.10.10.15 remote-as 11 neighbor 10.10.10.15 interface eth0 neighbor 10.10.10.20 remote-as 11 neighbor 10.10.10.20 interface eth0 neighbor 10.10.10.25 remote-as 11 neighbor 10.10.10.25 interface eth0 neighbor 10.10.10.30 remote-as 4 neighbor 10.10.10.30 interface eth0 neighbor 10.10.10.30 ebgp-multihop 255 neighbor 10.10.10.30 dont-capability-negotiate neighbor 10.10.10.35 remote-as 4 neighbor 10.10.10.35 interface eth0 neighbor 10.10.10.35 ebgp-multihop 255 neighbor 10.10.10.35 dont-capability-negotiate neighbor 10.10.11.15 remote-as 43 neighbor 10.10.11.15 interface eth1 neighbor 10.10.11.15 ebgp-multihop 255 neighbor 10.10.11.15 dont-capability-negotiate neighbor 10.10.11.20 remote-as 40 neighbor 10.10.11.20 interface eth1 neighbor 10.10.11.20 ebgp-multihop 255 neighbor 10.10.11.20 dont-capability-negotiate ! line vty exec-timeout 0 0 !
3. Change the necessary information to conform to your network.
2. Edit the configuration file using the sample configuration file as a guide. % vi ldpd.conf Following is a copy of the ldpd sample file:
81
2. Edit the configuration file using the sample configuration file as a guide. % vi rsvpd.conf Following is a copy of the rsvpd sample file:
! password zebra ! interface eth0 enable-rsvp ! interface lo ! interface vmnet1 !! router rsvp ! line vty
3. Change the necessary information to conform to your network.
2. Edit the configuration file using the sample configuration file as a guide. % vi isisd.conf Following is a copy of the isisd sample file:
82
! hostname isisd password zebra ! !interface eth0 ! ipv6 router isis ! !router isis ! net 49.0001.0000.0000.0110.00 !
2. Edit the configuration file using the sample configuration file as a guide. % vi pimd.conf Following is a copy of the pimd sample file:
! pimd.conf.sample, ! hostname zpimd password pimd ! debug pim events ! debug pim packet ! ip multicast-routing ! interface eth0 ip pim sparse-mode ! interface eth1 ip pim sparse-mode ! log stdout
3. Change the necessary information to conform to your network.
83
2. Edit the configuration file using the sample configuration file as a guide. % vi dvmrpd.conf Following is a copy of the dvmrpd sample configuration file:
dvmrpd sample configuration file ! dvmrpd.conf.sample, ! hostname dvmrp password dvmrp ! debug dvmrp events debug dvmrp packet ! interface eth0 ip dvmrp enable ! interface eth1 ip dvmrp enable ! log stdout
3. Change the necessary information to conform to your network.
2. Edit the configuration file using the sample configuration file as a guide. % vi ripngd.conf Following is a copy of the ripngd sample file:
!! RIPngd sample configuration file ! ! $Id: ripngd.conf.sample,v 1.1 2002/10/02 01:18:12 venu Exp $ ! hostname ripngd password zebra ! ! debug ipv6 rip events
84
! debug ipv6 rip packet ! interface eth0 ! ipv6 router rip ! router ipv6 rip ! distribute-list local-only out eth0 ! !ipv6 access-list local-only permit 3ffe:506::0/32 !ipv6 access-list local-only deny any ! log stdout
2. Edit the configuration file using the sample configuration file as a guide. % vi ospf6d.conf Following is a copy of the ospf6d sample file:
! hostname ospf6d password zebra ! !enable password please-set-at-here ! !interface lo0 ! !interface eth0 ! ipv6 router ospf area 0 ! !router ipv6 ospf ! router-id 192.168.0.1 log stdout !
85
DHCP
ip dhcp pool default network 10.55.0.0 255.255.255.0 range 10.55.0.90 10.55.0.95 lease 0 1 30 ! interface eth1 ip address 10.55.0.1/24 ip address dhcp client-id eth1 !
NAT
! interface eth0 ip address 10.10.0.19/24 ip nat outside ! interface eth1 ip address 10.55.0.1/24 ip nat inside ! access-list zebos permitall permit any any any ! ip nat pool natpool 10.10.0.19 10.10.0.19 255.255.255.0 ip nat inside source list permitall pool natpool !
NTP
ntp ntp ntp ntp ntp ntp ! authenticate authentication-key 10 md5 zebos_ntp_sync authentication-key 5 md5 zebos_trusted_key trusted-key 5 trusted-key 10 master 5
86
ip access-group denyicmp forward ! access-list zebos denyicmp deny icmp any any access-list zebos permitall permit any any any ! ip nat pool natpool 10.10.0.19 10.10.0.19 255.255.255.0 ip nat inside source list permitall pool natpool !
Virtual-server
! interface eth0 ip address 10.10.0.19/24 ip nat outside ! interface eth1 ip address 10.55.0.1/24 ip nat inside ! ip nat pool natpool 10.10.0.19 10.10.0.19 255.255.255.0 ! virtual-server tcp 5000 10.55.0.2 8080 webserver !
LACP
hostname ipinfusion password ipi ! set lacp-channel system-priority 1 set port lacp-channel IFNAME-1 mode active set port lacp-channel IFNAME-2 mode active ! log file lacp.log
87
! log stdout
MSTP
hostname mstp password ipi ! debug mstp protocol debug mstp protocol detail debug mstp cli debug mstp timer debug mstp timer detail debug mstp packet tx debug mstp packet rx debug mstp all no debug mstp all ! log file mstp.log ! log stdout
RSTP
hostname rstp password ipi ! debug rstp protocol debug rstp protocol detail debug rstp cli debug rstp timer debug rstp timer detail debug rstp packet tx debug rstp packet rx debug rstp all no debug rstp all ! log file rstp.log ! log stdout
STP
hostname stp password ipi ! debug stp all no debug stp all ! log file stp.log ! log stdout
88
89
90
CHAPTER 9
Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Hello, this is zebos (version 5.2-UNH-5) Copyright 2001,2002 IP Infusion, Inc.
4. Enter the password: (zebra is used as the password in this example.) Password:zebra 5. To verify that the daemon is running, type the following command: router> show ip PROTOCOL where PROTOCOL is the name of the protocol. For example, rip, ospf, bgp, rsvp, isis, pim, dvmrp, ripng or ospf6. 6. At anytime during the procedure, to view a list of available commands, type: router> list
91
Error Messages
In the event of an error message, consult the guide for the particular operating system you are using.
Bug Reports
If you think that you have found a bug in the ZebOS software, send a bug report to: support@ipinfusion.com To send a bug report, use the following format: Indicate which OS you are using. If you use the IPv6 stack note this as well. Include the results of running netstat -rn and ifconfig -a from the kernel. To better report a problem when you observe anomalous behavior on a router running ZebOS software, send the outputs of the following commands from the CLI: show show show show show show ip <protocolname> ip <protocolname> ip <protocolname> ip <protocolname> ip route interface route interface database neighbor
where <protocolname> is the name of the protocol such as, ospf, bgp and so on. Please note that some of these commands not available in all protocols. Refer to the respective Command Reference for details on these commands. Send the protocol configuration file with the report. If you specify arguments to the configure script, send us those too.
92
CHAPTER 10
ZebOS
nsm L2 mcast mcast6 tunnel snmp garp gmrp gvrp igmp _snoop layer 2 kernel Platform authd bgpd dvmrpd imi imish isisd ldpd mpls mstpd ospfd ospf6d pdmd pimd ripd ripngd rstpd rsvpd stpd Continued on the next page... dummy linux netbsd vxworks vxworks_ipnet2
Rules.option Rules.options Os-specific initialization files Signal handling ...
93
ZebOS
PAL dummy linux netbsd vxworks vxworks_ipnet2 API
Prototypes for OSs. Prototype implementations, such as: Socket APIs, Math Libraries, File System Logging, Kernel APIs
HAL L2 L3 HSL L2 L3 broadcom marvell L2 L3 L2 L3 Linux Vxworks L2 L3 ipnet2 compile.out ( compiler outputs) builds.log (bill of material) lib ( ZebOS library) config.sh (enables / disables configuration options) config.log (compiler generated messages) windnet L2 L3 ipnet2 windnet Linux Vxworks L2 L3 HSL L2 swfwdr L2 L3
94
CHAPTER 11
This appendix provides instructions on configuring and recompiling the Linux kernel to support ZebOS. The Linux kernel options must be correctly configured on the Linux server for the ZebOS software to operate properly.
3. A Linux Kernel Configuration window is displayed. The ZebOS software requires that the IP Multicast, Netlink and RTNetlink settings be enabled (these settings are enabled by default in Linux Kernel 2.4.16 and higher). 4. Enable/Disable Linux Kernel options according to the modules you want to install:. Enable/ Disable
Y
Comment
To enable Experimental Options. For IPv6 support.
95
Options Unix Domain Sockets TCP/IP Networking IP: multicasting IP: multicast routing IP: PIM-SM version 1 support IP: PIM-SM version 2 support IP: TCP RFC2385 MD5 Support The IPv6 Protocol (Experimental) IPv6: enable EUI-64 token format (NEW) IPv6: disable provider based addresses (NEW) IPV6:ISATAP Interface Support (Experimental) IP: Tunneling IP: GRE Tunnels over IP IP: Broadcast GRE over IP 802.1Q VLAN Support Kernel/User Netlink Socket Routing Messages IPI 802.1x Port Authentication Entity IPI Vlan-Aware Bridge Forwarder IPI Link Aggregation Control Protocol Loadable Module Support Option Set version information on all module symbols
Enable/ Disable
Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y
Comment
(Enabled by Default) (Enabled by Default) (Enabled by Default) For PIM-SM support For PIM-SM support For PIM-SM support For MD5 support For IPv6 support For IPv6 support For IPv6 support For ISATAP support For IPIP tunnel support For GRE tunnel support
For VLAN support For MPLS Forwarder Support For MPLS Forwarder Support For Layer-2 support For Layer-2 support For Layer-2 support
5. Select appropriate drivers for your interface card from the Network Device Support field. 6. Save kernel configuration and exit. 7. Once you have completed these steps, compile the Linux kernel
96
5. To move the new kernel into the correct directory, open the Linux boot image folder by typing: cd /usr/src/linux/arch/i386/boot 6. Copy the new kernel image to the boot folder and rename the kernel image file name by typing: cp bzImage /boot/[new kernel image name] The newly created Linux kernel should be saved in the /boot/ folder. 7. To boot the new kernel at boot time, add the new kernel information to the lilo.conf file. Open the /etc/ folder and type: vi lilo.conf Note: The lilo.conf file may be modified when the new kernel is created. If the new kernel is properly defined as the default kernel, skip the next two steps.
8. To modify the lilo.conf file to run the new kernel at boot up, edit the file to add the new kernel information. The bold font indicates text that you must add. Observe the syntax parameters of the previous image and modify only the image and label fields. Replace [new kernel image name] by the path name for the new image and replace [new kernel label] by a unique label name. It is recommended that you choose a self-explanatory name for the label, such as, label=linux-pim. You will see this label in the list of labels after you reboot the system. The grey font indicates you have the option to add. Modify [default kernel label]only if you want to start the new image by default.
boot=/dev/hda map=/boot/map install=/boot/boot.b prompt timeout=50 default=[default kernel label] image=/boot/[new kernel image name] label=[new kernel label]
97
read-only root=/dev/hda5 image=/boot/[old kernel file] label=[old kernel label] read-only root=/dev/hda5 9. After the lilo.conf file has been edited and saved, type the following command to make the editing changes take effect: /sbin/lilo 10. Once you have completed these steps, you can reboot the server to load the new Linux kernel by selecting the [new kernel label] you have defined in the lilo.conf file.
98
Appendix A
This appendix describes all the patches provided by IPI and the instructions for applying these patches on Linux and MontaVista.
Patch Description
Protocol Layer-2 Layer-2 Patch Name Description
This patch is for RedHat kernel 2.4.20-6 (9.0). This patch is for updating kernels missing rx_hook to support 802.1x.
This patch adds MPLS Forwarder support. This patch adds support for MD5 authentication on TCP. This patch is required for providing the ZebOS ISATAP interface support. This patch adds multicast support. This patch adds support for raw packet fragmentation.
Patch Location
Patch Command
Patch Name
patch -Np2 -i patch -Np2 -i patch -Np0 -i patch -Np1 -i patch -Np1 -i
99
Patch Location
Patch Command
Patch Name
ZebOS/kernel/linux/2.4.20-6 ZebOS/kernel/linux/2.4.20-6
linux-2.4.20-ipi-multicast.diff linux-2.4.20-ipi-rawfragment.diff
1. Install Linux 2.4.20-6 (Fully tested and supported). 2. Change to the source directory: cd /usr/src 3. Backup your kernel source: tar cvfz linux-2.4.20-6.tar.gz linux-2.4.20-6 4. Change to your kernel source directory: cd /usr/src/linux-2.4 (This is a soft link pointing to linux-2.4.20-6) 5. Copy the patch to the kernel source directory: cp /PATH/PATCH ./ where PATH = is the location of the patch. Refer to the above table to learn the location of the patch. PATCH = The name of the patch provided IPI. Refer to the above table to learn the name of the patch. For example to apply the MPLS patch: cp /yourZebOSpath/ZebOS/kernel/linux/2.4.20/linux-2.4.20-ipi-mpls.diff ./ 6. Apply the kernel patch to Linux source code using the following command: patch -Npnum -i PATCH where -N Ignores reversed or applied patches -p Strips the num of slashes in the Patch file. For example -p2 strips 2 slashes in the patch file. -i Reads patch from the patch file. PATCH is the name of the patch. Refer to the above table for patch names. For example to apply the MPLS patch: patch -Np1 -i linux-2.4.20-ipi-mpls.diff 7. Check for Hunk failures, if present, note them and contact IPI Technical Support team (support@ipinfusion.com). 8. Run menu configuration using the following command: make menuconfig 9. Enable and disable the required Linux kernel Networking options for the patch. Refer to the Configuring and Compiling the Linux Kernel appendix for required options for different modules. 10. Use other options as required for the hardware.
100
Applying Kernel Patches 11. Recompile the kernel. Refer to Compiling the Linux Kernel appendix for instructions on how to compile the Linux kernel. 12. Reboot the machine with the new kernel.
1. Install Linux 2.4.20-6 (Fully tested and supported). 2. Change to the source directory: cd /usr/src 3. Backup your kernel source: tar cvfz linux-2.4.20_mvl31.tar.gz linux-2.4.20_mvl31 4. Change to your kernel source directory: cd /usr/src/linux-2.4 (This is a soft link pointing to linux-2.4.20-6) 5. Copy the patch to the kernel source directory: cp /PATH/PATCH ./ where PATH = is the location of the patch. Refer to the above table to learn the location of the patch. PATCH = The name of the patch provided IPI. Refer to the above table to learn the name of the patch. For example to apply the MPLS patch: cp /yourZebOSpath/ZebOS/kernel/montavista/ipi-mpls.diff ./ 6. Apply the kernel patch to Linux source code using the following command: patch -Npnum -i PATCH where -N Ignores reversed or applied patches -p Strips the num of slashes in the Patch file. For example -p2 strips 2 slashes in the patch file. -i Reads patch from the patch file. PATCH is the name of the patch. Refer to the above table for patch names.
101
Applying Kernel Patches For example to apply the MPLS patch: patch -Np1 -i ipi-mpls.diff 7. Run menu configuration using the following command: make menuconfig 8. Enable and disable the required Linux kernel Networking options for the patch. Refer to the Configuring and Compiling the Linux Kernel appendix for required options for different modules. 10. Use other options as required for the hardware. 11. Recompile the kernel. Refer to Compiling the Linux Kernel appendix for instructions on how to compile the Linux kernel. 12. Reboot the machine with the new kernel.
102
Appendix B
103
7. On the Installation Options page, select the Full Installation option and click Next to continue:
104
Installing MontaVista Linux 1. The Installer displays the Installation Summary page, read and click Next to continue:
Development CD
1. Insert the Environment Development CD, enter the path for the CD and click Next to continue:
2.
The Installer displays the Java End User License Agreement page, read the agreement and click Accept, if you wish to continue.
3. The Installer displays the Installation Summary page, read and click Next to continue.
105
LSP CD
1. Insert the Linux Support Package media CD. Enter the path for the LSP CD and click Next to continue:
2. On the Target Selection page, select the targets to install. The options will depend on the chosen platform. Click Next to continue.
Cross CD
1. Insert the Cross CD. 2. Enter the path for the Cross CD and click Next to continue:
106
Target CD
1. Insert the Target CD and click Next to continue:
2. The installer displays an installation summary. Read and click Next to continue:
3. The installer prompts you to insert additional software. If you want to install additional software, insert the CD for it. Otherwise, click Skip to continue. 4. The software is now installed. On completing the installation, the installer displays a thank you page.
107
108
Appendix C
This section displays the actual build environment and options chosen when compiling ZebOS on VxWorks-Broadcom in the IP Infusion lab. Make changes to the parameters according to your own environment. Refer to the Installation on VxWorks-IPNET Systems chapter for other details.
109
110
Appendix D
Platform-Specific Considerations
Linux Systems
Increasing the Size of Kernel Routing Tables
By default, Linux systems allow installing 4096 numbers of routes (IPv4 or IPv6) in the kernel. To change this limit, edit the max-size file: For IPv4: /proc/sys/net/ipv4/route/max-size For IPv6: /proc/sys/net/ipv6/route/max-size The maximum numbers of routes allowed in the kernel are 2147482645.
111
Platform-Specific Considerations
NetBSD Systems
Adding VLAN Interfaces
The NetBSD kernel supports 802.1Q VLANs. This allows more than one virtual LAN on one physical network interface. To configure a VLAN interface on NetBSD, you must first create the interface and then specify the VLAN identifier and the physical interface associated with this VLAN: ifconfig V_IFNAME create vlan VLANID vlanif IFNAME where V_IFNAME is the name that you assign to the new VLAN interface, VLANID is the VLAN Identifier and IFNAME is the name of the physical interface associated with this VLAN. In the following example, a VLAN interface with the name vlan10 is created with a VLAN ID 10 on the physical interface ex1. ifconfig vlan10 create vlan 10 vlanif ex1 Note: To avoid confusion, IPI recommends using a VLAN interface name that matches the VLAN ID. In the above example, VLAN interface name vlan10 matches the VLAN ID 10.
112
Appendix E
Copyright Information
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Portions of this code are copyright (c) 2001, Cambridge Broadband Ltd. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
113
Copyright Information The name of Cambridge Broadband Ltd. may not be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
114
Copyright Information TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
115
Copyright Information
116
Index
A
about this manual v accessing sample configuration files 77 accessing ZebOS daemons 76 adding VLAN interfaces Linux systems 111 NetBSD systems 112 Advanced Routing Suite 1 applying patches Linux 99 MontaVista-Linux 99 assigning port number to daemons 89 autoconf version 2.54 4, 20
NetBSD 41 VxWorks 54 configuration options Linux 9, 24 configuring the linux kernel 95 configuring the physical IP addresses VxWorks 62 conventions used in this manual v Cross CD 103
D
daemons, editing for configuration 77 dep 17, 31, 61 development CD, LSP CD 103 directory structure ZebOs 93 Distance Vector Multicast Routing Protocol see DVMRP distclean 17, 31 DVMRP introduction
B
before starting ZebOS 75 BGP snmpget 68 snmpset 68 snmpwalk 68 BGP SNMP traps 72 bgpPeerMinRouteAdvertisementInterval 68 bgpPeerTable 69 bgpVersion 68 Booting the System VxWorks 62 Building the FTP Image--vxworks 61
F
forcedep 17, 31
G
gcc version 3.2.x 4, 20
C
change installation prefix 16, 31, 48 change location of configuration files 16, 31, 48 executable files 16, 31, 48 Code Maturity Options 95 compiling on Monta Vista Linux 21 compiling the Linux kernel 97 Compiling ZebOS on Linux 16, 31 on NetBSD 48 compiling ZebOS VxWorks-Broadcom 109 configuration editing daemons 77 script for Linux 8, 23 NetBSD 41 VxWorks 54 shell script for Linux 8, 22
H
host CD 103 how to access ZebOS daemons 76 how to increase size of routing tables 111 how to install MontaVista 103 how to start and stop ZebOS daemons 75 how to start ZebOS 75 how to use VTY Shell to access ZebOS 77
I
increasing the size of kernel routing tables 111 installation troubleshooting 92 VxWorks 52 Installation of ZebOS on Linux systems 7, 21 NetBSD systems 40 VxWorks systems 52 copy the ZeboS Source 61 link ZebOS with VxWorks BSP 61
Index - 1
Index
set up the build environment 61 Installing MontaVista Linux 103 installing on Monta Vista 19 IP multicast routing 96 IP multicasting networking option 96 IP_ZEBOS_PLATFORM 8, 23, 54, 55 ISIS snmpget 68 snmpwalk 68 isissysinstance 68 ISISSysTable 68
Linux 3 Linux IPv4 3 MontaVista Linux 19 NetBSD 39 NetBSD IPv4 39 networking options 95
O
order for starting ZebOS protocols 75 OSPF snmpget 67 snmpset 67 snmpwalk 67 OSPF MIB 67 OSPF SNMP traps 72 ospfRouterId 67 OSPFv3 MIB 68 overview ZebOS 1
K
kernel configurations code maturity options 95 IP multicasting networking option 96 networking options 95 TCP/IP Networking option 96 unix domain sockets 96 kernel source code is it installed 95
P
perform all routing in the VR mode 111 PIM snmpget 69 snmpset 69 snmpwalk 69 pimJoinPruneInterval 69 PIM-SM SNMP traps 73 platform-specific considerations Linux Systems 111 NetBSD Systems 112 port numbers, assigning to daemons 89 prefix option 16, 31, 48 Protocol Independent Multicasting - Dense Mode 19, 39 Protocol Independent Multicasting - Sparse Mode 3, 19, protocols supported by ZebOS 1
39
L
Linux hardware platform preparation 4 IPv4 Stack installation 4, 20 IPv6 Stack installation 4, 20 kernel options 4 Linux configuration options 9, 24 Linux kernel configure 95
M
make all-lib 17, 31 make all-pal 17, 31 make nsm 17, 31 make version 3.79.1 4, 20 makefile 17, 31, 61 makefile commands 17, 31, 61 manual conventions, procedures and syntax v Monta Vista 19 Monta Vista Linux compiling 21 hardware platform preparation 20 kernel options 20 ZebOS daemons 19 montavista installation 103 MontaVista-Broadcom running ZebOS on MontaVista-Broadcom 33 system requirements 33 multi-process nature of ZebOS 1
R
retrieving data when using VTY shell 77 RIP snmpget 69 snmpset 69 snmpwalk 69 rip2GlobalRouteChanges 69 rip2IfConfSend 69 ripInterfaceTable 69 running ZebOS on MontaVista-Broadcom 33
S
sample configurations 77 saving configuration when using VTY Shell 77 shell script configuration for Linux 8, 22 configuration for NetBSD 41 configuration for VxWorks 54
N
network protocols supported
Index - 2
Index
shell, installation and 3, 19 SMUX, Configuring 64 snmpget bgp 67, 68 isis 67, 68 ospf 67, 68 pim 67, 68 rip 67, 68 snmpset bgp 67 ospf 67 pim 67 rip 67 snmptrap BGP 72 OSPF 72 PIM-SM 73 snmpwalk bgp 67, 68 isis 67, 68 ospf 67 ospfv3 68 pim 67, 68 rip 67, 68 Special Considerations (on Linux) Virtua Routing (VR) 6, 21 Vitual Private Network (VPN) 6, 21 special note for VR implementation 111 starting and stopping ZebOS daemons 75
troubleshooting 92
U
unix domain sockets 96
V
verify kernel source code installation 95 VTY Shell 77 VxWorks-Broadcom compiling ZebOS 109
W
what to download for installing montavista 103
Z
ZebOS configuration script for Linux 8, 23 NetBSD 41 VxWorks 54 daemons, assigning port numbers 89 network protocols supported for Linux 3 network protocols supported for Linux IPv4 3 network protocols supported for MontaVista Linux 19 network protocols supported for NetBSD 39 network protocols supported for NetBSD IPv4 39 ZebOS directory structure 93 ZebOS overview 1
T
Target CD 103 TCP/IP networking options 96
Index - 3
Index
Index - 4