Re: [Vyatta-users] Advises on configuring BGP
I think your nexthop IP should be your ISP IP > > address and > > > not your > > > > own. Also check with your ISP if they can confirm about > > BGP session > > > > establishment, Most router like Juniper, Cisco can > explain > > a lot > > > in their > > > > output the reasons if the session is not established. > > > > > > > > Also loopback IP is normally used in BGP if you have > multiple > > > interfaces > > > > connected to same ISP, or you are using some other > complex > > > configuration. I > > > > would use interface IP connected to ISP to avoid routing > > issues > > > etc. > > > > > > > > Thanks. > > > > > > > > Ahsan Khan > > > > > > > > > > > > -Original Message- > > > > From: [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> > > > <mailto:[EMAIL PROTECTED]> > > <mailto:[EMAIL PROTECTED]>>> > > > > [mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> > > > <mailto:[EMAIL PROTECTED]> > > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>>>] On Behalf Of Poh > > > Yong Hwang > > > > Sent: Tuesday, December 18, 2007 11:20 PM > > > > To: Justin Fletcher > > > > Cc: vyatta-users > > > > Subject: Re: [Vyatta-users] Advises on configuring BGP > > > > > > > > Hi, > > > > > > > > Thanks. I just could not traceroute to the router and > > according > > > to my > > > > peering upstream, they mention that they did not > receive > > any of > > > my prefix > > > > announcement. > > > > > > > > Basically i just want to do a simple setup at this > moment > > with > > > one box > > > > running Vyatta and eth0 is link to one of our upstream > > provider > > > which we > > > > want to peer with. I have my ASN number as well as a > /21 range > > > of IP > > > > addresses to announce. Here is my configuration: > > > > > > > > loopback ip : 10.0.0.65 <http://10.0.0.65> > <http://10.0.0.65> < http://10.0.0.65> > > > > My ASN : 100 > > > > My IP Range : XX.XX.XX.XX/21 > > > > > > > > Upstream Route IP : a.b.c.d > > > > Customer Interface IP : c.d.e.f > > > > Upstream ASN : 200 > > > > > > > > protocols { > > > > bgp { > > > > bgp-id: 10.0.0.65 <http://10.0.0.65> < > http://10.0.0.65> < > > http://10.0.0.65> > > > > local-as: 100 > > > > import: "" > > > > export: "BGP_EXPORT" > > > > peer " a.b.c.d" { > > > > import: "" > > > > export: "" > > > > multihop: 1 > > > > peer-port: 179 > > > > local-port: 179 > > > > local-ip: c.d.e.f > > > > as: 9989 > > > > next-hop: c.d.e.f > > > > holdtime: 90 > > > > delay-open-time: 0 > > > > client: false > > > > co
[Vyatta-users] Advises on configuring BGP
We need more information than what's present, but if this a internet BGP peering , make sure you have neighborship with your upstream and your prefix is being sent. Also review various route-servers to check that your announcement is being seen by the internet. I personally like att's, but savvis and gblx all supports telnet'able route servers or you can used the web version via sprint or level3. (telnet route servers ) Route-server.ip.att.net Route-server.savvis.net Route-server.gblx.net Route-server.host.net ( web links ) http://lg.level3.net/bgp/bgp.cgi http://www.cisconet.com/route-server/world_map.html Lastly, if your prefix is not installed in the RouteRegistery than nobody will except this ( local upstream provider ). So confirm with them that your prefiex(es) are allowed and any BGP policies locally are updated if required. Hope this helps ;) ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Advises on configuring BGP
t's not there, verify your > > configuration etc. > > > > If it is there, make sure the prefix in your policy matches > the route > > exactly. If it does not match, it won't be advertised. > > > > If all of the above are correct, take a look at 'show bgp > route' and > > make sure you see your advertised prefix in the output. If > it's there > > then your ISP is probably rejecting your advertisement. > They need to > > add your prefix to their prefix list. ISPs forget to add their > > customer's prefixes to their prefix lists all the time. > > > > The loopback address for the BGP ID won't hurt anything but > Ahsan is > > correct that for eBGP peering with external public peers, > you should > > probably set your BGP ID to your public IP on eth0. > > > > Thanks! and I hope this helps. > > > > -Robyn > > > > Ahsan Khan wrote: > > > Hi, > > > > > > I think your nexthop IP should be your ISP IP > address and > > not your > > > own. Also check with your ISP if they can confirm about > BGP session > > > establishment, Most router like Juniper, Cisco can explain > a lot > > in their > > > output the reasons if the session is not established. > > > > > > Also loopback IP is normally used in BGP if you have multiple > > interfaces > > > connected to same ISP, or you are using some other complex > > configuration. I > > > would use interface IP connected to ISP to avoid routing > issues > > etc. > > > > > > Thanks. > > > > > > Ahsan Khan > > > > > > > > > -Original Message- > > > From: [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > <mailto:[EMAIL PROTECTED]>> > > > [mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > <mailto:[EMAIL PROTECTED]>>] On Behalf Of Poh > > Yong Hwang > > > Sent: Tuesday, December 18, 2007 11:20 PM > > > To: Justin Fletcher > > > Cc: vyatta-users > > > Subject: Re: [Vyatta-users] Advises on configuring BGP > > > > > > Hi, > > > > > > Thanks. I just could not traceroute to the router and > according > > to my > > > peering upstream, they mention that they did not receive > any of > > my prefix > > > announcement. > > > > > > Basically i just want to do a simple setup at this moment > with > > one box > > > running Vyatta and eth0 is link to one of our upstream > provider > > which we > > > want to peer with. I have my ASN number as well as a /21 range > > of IP > > > addresses to announce. Here is my configuration: > > > > > > loopback ip : 10.0.0.65 <http://10.0.0.65> < http://10.0.0.65> > > > My ASN : 100 > > > My IP Range : XX.XX.XX.XX/21 > > > > > > Upstream Route IP : a.b.c.d > > > Customer Interface IP : c.d.e.f > > > Upstream ASN : 200 > > > > > > protocols { > > > bgp { > > > bgp-id: 10.0.0.65 <http://10.0.0.65> < > http://10.0.0.65> > > > local-as: 100 > > > import: "" > > > export: "BGP_EXPORT" > > > peer " a.b.c.d" { > > > import: "" > > > export: "" > > > multihop: 1 > > > peer-port: 179 > > > local-port: 179 > > > local-ip: c.d.e.f > > > as: 9989 > > > next-hop: c.d.e.f > > > holdtime: 90 > > > delay-open-time: 0 > > >
Re: [Vyatta-users] Advises on configuring BGP
Hi, I tried to add a ip address 11.11.11.12 with prefix length of 21 to eth1. But i still cannot remote access or ping to this ip address from outside. I hope to able to access the web gui of Vyatta remotely using the eth1 ip address. Also this eth1 will be link to a switch and to the rest of the servers, so am I right to set all the servers default gateway to be 11.11.11.12 which is the ip address of the eth1? thanks for all your patience On Jan 4, 2008 10:25 PM, Robyn Orosz <[EMAIL PROTECTED]> wrote: > Hi, > > I'm glad to hear you have it working now. > > Since you are exporting your aggregate (/21) via a static route to your > loopback interface, you don't have to assign the entire /21 to eth1. > You can segment it in whatever way you choose as it will still always be > exported as a /21 based on your existing policy. Basically, you can set > whatever IP and prefix length you want on your eth1 as long as it is a > valid part of your /21 aggregate prefix. > > Thank you, > > Robyn > > Poh Yong Hwang wrote: > > Hi all, > > > > Sorry for getting back so late as I am tied up with some other > > stuffs.. Thanks for all the advice and my upstream managed to see my > > prefix. Seems that changing the next hop to my eth0 public ip address > > did the trick. > > > > Now as my eth0 is connected to my upstream, what IP address should I > > set on my eth1? It will be connected to a layer 3 switch (core switch) > > which all our servers will be connected to that switch. I have a /21 > > range of ip addresses, so should I just use the first ip to set on > > eth1? What prefix-length should I set on that as well? > > > > Please advise. > > > > Thanks! > > > > > > > > On Dec 20, 2007 1:52 AM, Robyn Orosz <[EMAIL PROTECTED] > > <mailto:[EMAIL PROTECTED]>> wrote: > > > > Hi There, > > > > The next-hop value is providing the peer with the next-hop value > > to use > > for the advertised prefixes from your router. So, the next-hop > should > > be an address on your router. It looks correct based on your edited > > configuration file. > > > > If you run a 'show bgp peers' it will show you whether or not your > > session is established with your peer. If it's not established, > that > > would be one reason why the ISP claims they did not receive a prefix > > advertisement from you. First off, verify your configuration is > > correct > > (IPs, ASNs etc). Then you can run a tshark on eth0 (your BGP > peering > > interface) on port 179 (tshark -i eth0 port 179 -Vn) to take a > > look at > > the BGP packets and also take a look at the logs 'show log.' > > > > If your session is established, make sure the route you are > > advertising > > with your policy exists in the routing table and matches the > > prefix in > > the policy. You can check the route by running a 'show route > protocol > > static.' You must see the static route that you've pointed to your > > loopback interface in the table. If it's not there, verify your > > configuration etc. > > > > If it is there, make sure the prefix in your policy matches the > route > > exactly. If it does not match, it won't be advertised. > > > > If all of the above are correct, take a look at 'show bgp route' and > > make sure you see your advertised prefix in the output. If it's > there > > then your ISP is probably rejecting your advertisement. They need > to > > add your prefix to their prefix list. ISPs forget to add their > > customer's prefixes to their prefix lists all the time. > > > > The loopback address for the BGP ID won't hurt anything but Ahsan is > > correct that for eBGP peering with external public peers, you should > > probably set your BGP ID to your public IP on eth0. > > > > Thanks! and I hope this helps. > > > > -Robyn > > > > Ahsan Khan wrote: > > > Hi, > > > > > > I think your nexthop IP should be your ISP IP address and > > not your > > > own. Also check with your ISP if they can confirm about BGP > session > > > establishment, Most router like Juniper, Cisco can explain a lot > > in their > > > output the reasons if the session is not established. > > > > > > Also loopback IP is normally used in BGP if you
Re: [Vyatta-users] Advises on configuring BGP
Hi, I'm glad to hear you have it working now. Since you are exporting your aggregate (/21) via a static route to your loopback interface, you don't have to assign the entire /21 to eth1. You can segment it in whatever way you choose as it will still always be exported as a /21 based on your existing policy. Basically, you can set whatever IP and prefix length you want on your eth1 as long as it is a valid part of your /21 aggregate prefix. Thank you, Robyn Poh Yong Hwang wrote: > Hi all, > > Sorry for getting back so late as I am tied up with some other > stuffs.. Thanks for all the advice and my upstream managed to see my > prefix. Seems that changing the next hop to my eth0 public ip address > did the trick. > > Now as my eth0 is connected to my upstream, what IP address should I > set on my eth1? It will be connected to a layer 3 switch (core switch) > which all our servers will be connected to that switch. I have a /21 > range of ip addresses, so should I just use the first ip to set on > eth1? What prefix-length should I set on that as well? > > Please advise. > > Thanks! > > > > On Dec 20, 2007 1:52 AM, Robyn Orosz <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > Hi There, > > The next-hop value is providing the peer with the next-hop value > to use > for the advertised prefixes from your router. So, the next-hop should > be an address on your router. It looks correct based on your edited > configuration file. > > If you run a 'show bgp peers' it will show you whether or not your > session is established with your peer. If it's not established, that > would be one reason why the ISP claims they did not receive a prefix > advertisement from you. First off, verify your configuration is > correct > (IPs, ASNs etc). Then you can run a tshark on eth0 (your BGP peering > interface) on port 179 (tshark -i eth0 port 179 -Vn) to take a > look at > the BGP packets and also take a look at the logs 'show log.' > > If your session is established, make sure the route you are > advertising > with your policy exists in the routing table and matches the > prefix in > the policy. You can check the route by running a 'show route protocol > static.' You must see the static route that you've pointed to your > loopback interface in the table. If it's not there, verify your > configuration etc. > > If it is there, make sure the prefix in your policy matches the route > exactly. If it does not match, it won't be advertised. > > If all of the above are correct, take a look at 'show bgp route' and > make sure you see your advertised prefix in the output. If it's there > then your ISP is probably rejecting your advertisement. They need to > add your prefix to their prefix list. ISPs forget to add their > customer's prefixes to their prefix lists all the time. > > The loopback address for the BGP ID won't hurt anything but Ahsan is > correct that for eBGP peering with external public peers, you should > probably set your BGP ID to your public IP on eth0. > > Thanks! and I hope this helps. > > -Robyn > > Ahsan Khan wrote: > > Hi, > > > > I think your nexthop IP should be your ISP IP address and > not your > > own. Also check with your ISP if they can confirm about BGP session > > establishment, Most router like Juniper, Cisco can explain a lot > in their > > output the reasons if the session is not established. > > > > Also loopback IP is normally used in BGP if you have multiple > interfaces > > connected to same ISP, or you are using some other complex > configuration. I > > would use interface IP connected to ISP to avoid routing issues > etc. > > > > Thanks. > > > > Ahsan Khan > > > > > > -Original Message- > > From: [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > [mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>] On Behalf Of Poh > Yong Hwang > > Sent: Tuesday, December 18, 2007 11:20 PM > > To: Justin Fletcher > > Cc: vyatta-users > > Subject: Re: [Vyatta-users] Advises on configuring BGP > > > > Hi, > > > > Thanks. I just could not traceroute to the router and according > to my > > peering upstream, they mention that they did not receive any of > my p
Re: [Vyatta-users] Advises on configuring BGP
Hi all, Sorry for getting back so late as I am tied up with some other stuffs.. Thanks for all the advice and my upstream managed to see my prefix. Seems that changing the next hop to my eth0 public ip address did the trick. Now as my eth0 is connected to my upstream, what IP address should I set on my eth1? It will be connected to a layer 3 switch (core switch) which all our servers will be connected to that switch. I have a /21 range of ip addresses, so should I just use the first ip to set on eth1? What prefix-length should I set on that as well? Please advise. Thanks! On Dec 20, 2007 1:52 AM, Robyn Orosz <[EMAIL PROTECTED]> wrote: > Hi There, > > The next-hop value is providing the peer with the next-hop value to use > for the advertised prefixes from your router. So, the next-hop should > be an address on your router. It looks correct based on your edited > configuration file. > > If you run a 'show bgp peers' it will show you whether or not your > session is established with your peer. If it's not established, that > would be one reason why the ISP claims they did not receive a prefix > advertisement from you. First off, verify your configuration is correct > (IPs, ASNs etc). Then you can run a tshark on eth0 (your BGP peering > interface) on port 179 (tshark -i eth0 port 179 -Vn) to take a look at > the BGP packets and also take a look at the logs 'show log.' > > If your session is established, make sure the route you are advertising > with your policy exists in the routing table and matches the prefix in > the policy. You can check the route by running a 'show route protocol > static.' You must see the static route that you've pointed to your > loopback interface in the table. If it's not there, verify your > configuration etc. > > If it is there, make sure the prefix in your policy matches the route > exactly. If it does not match, it won't be advertised. > > If all of the above are correct, take a look at 'show bgp route' and > make sure you see your advertised prefix in the output. If it's there > then your ISP is probably rejecting your advertisement. They need to > add your prefix to their prefix list. ISPs forget to add their > customer's prefixes to their prefix lists all the time. > > The loopback address for the BGP ID won't hurt anything but Ahsan is > correct that for eBGP peering with external public peers, you should > probably set your BGP ID to your public IP on eth0. > > Thanks! and I hope this helps. > > -Robyn > > Ahsan Khan wrote: > > Hi, > > > > I think your nexthop IP should be your ISP IP address and not your > > own. Also check with your ISP if they can confirm about BGP session > > establishment, Most router like Juniper, Cisco can explain a lot in > their > > output the reasons if the session is not established. > > > > Also loopback IP is normally used in BGP if you have multiple interfaces > > connected to same ISP, or you are using some other complex > configuration. I > > would use interface IP connected to ISP to avoid routing issues etc. > > > > Thanks. > > > > Ahsan Khan > > > > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Poh Yong > Hwang > > Sent: Tuesday, December 18, 2007 11:20 PM > > To: Justin Fletcher > > Cc: vyatta-users > > Subject: Re: [Vyatta-users] Advises on configuring BGP > > > > Hi, > > > > Thanks. I just could not traceroute to the router and according to my > > peering upstream, they mention that they did not receive any of my > prefix > > announcement. > > > > Basically i just want to do a simple setup at this moment with one box > > running Vyatta and eth0 is link to one of our upstream provider which we > > want to peer with. I have my ASN number as well as a /21 range of IP > > addresses to announce. Here is my configuration: > > > > loopback ip : 10.0.0.65 > > My ASN : 100 > > My IP Range : XX.XX.XX.XX/21 > > > > Upstream Route IP : a.b.c.d > > Customer Interface IP : c.d.e.f > > Upstream ASN : 200 > > > > protocols { > > bgp { > > bgp-id: 10.0.0.65 > > local-as: 100 > > import: "" > > export: "BGP_EXPORT" > > peer " a.b.c.d" { > > import: "" > > export: "" > > multihop: 1 > > peer-port: 179 > > local-port: 179 > >
Re: [Vyatta-users] Advises on configuring BGP
Hi There, The next-hop value is providing the peer with the next-hop value to use for the advertised prefixes from your router. So, the next-hop should be an address on your router. It looks correct based on your edited configuration file. If you run a 'show bgp peers' it will show you whether or not your session is established with your peer. If it's not established, that would be one reason why the ISP claims they did not receive a prefix advertisement from you. First off, verify your configuration is correct (IPs, ASNs etc). Then you can run a tshark on eth0 (your BGP peering interface) on port 179 (tshark -i eth0 port 179 -Vn) to take a look at the BGP packets and also take a look at the logs 'show log.' If your session is established, make sure the route you are advertising with your policy exists in the routing table and matches the prefix in the policy. You can check the route by running a 'show route protocol static.' You must see the static route that you've pointed to your loopback interface in the table. If it's not there, verify your configuration etc. If it is there, make sure the prefix in your policy matches the route exactly. If it does not match, it won't be advertised. If all of the above are correct, take a look at 'show bgp route' and make sure you see your advertised prefix in the output. If it's there then your ISP is probably rejecting your advertisement. They need to add your prefix to their prefix list. ISPs forget to add their customer's prefixes to their prefix lists all the time. The loopback address for the BGP ID won't hurt anything but Ahsan is correct that for eBGP peering with external public peers, you should probably set your BGP ID to your public IP on eth0. Thanks! and I hope this helps. -Robyn Ahsan Khan wrote: > Hi, > > I think your nexthop IP should be your ISP IP address and not your > own. Also check with your ISP if they can confirm about BGP session > establishment, Most router like Juniper, Cisco can explain a lot in their > output the reasons if the session is not established. > > Also loopback IP is normally used in BGP if you have multiple interfaces > connected to same ISP, or you are using some other complex configuration. I > would use interface IP connected to ISP to avoid routing issues etc. > > Thanks. > > Ahsan Khan > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Poh Yong Hwang > Sent: Tuesday, December 18, 2007 11:20 PM > To: Justin Fletcher > Cc: vyatta-users > Subject: Re: [Vyatta-users] Advises on configuring BGP > > Hi, > > Thanks. I just could not traceroute to the router and according to my > peering upstream, they mention that they did not receive any of my prefix > announcement. > > Basically i just want to do a simple setup at this moment with one box > running Vyatta and eth0 is link to one of our upstream provider which we > want to peer with. I have my ASN number as well as a /21 range of IP > addresses to announce. Here is my configuration: > > loopback ip : 10.0.0.65 > My ASN : 100 > My IP Range : XX.XX.XX.XX/21 > > Upstream Route IP : a.b.c.d > Customer Interface IP : c.d.e.f > Upstream ASN : 200 > > protocols { > bgp { > bgp-id: 10.0.0.65 > local-as: 100 > import: "" > export: "BGP_EXPORT" > peer " a.b.c.d" { > import: "" > export: "" > multihop: 1 > peer-port: 179 > local-port: 179 > local-ip: c.d.e.f > as: 9989 > next-hop: c.d.e.f > holdtime: 90 > delay-open-time: 0 > client: false > confederation-member: false > disable: false > ipv4-unicast: true > ipv4-multicast: false > ipv6-unicast: false > ipv6-multicast: false > md5-key: "" > } > } > static { > disable: false > route XX.XX.XX.XX/21 { > next-hop: 10.0.0.65 > metric: 1 > } > } > } > policy { > policy-statement "BGP_EXPORT" { > term 1 { > from { > protocol: "static" > network4: XX.XX.XX.XX/21 > } > then { > action: "accept" > } >
Re: [Vyatta-users] Advises on configuring BGP
Hi, I think your nexthop IP should be your ISP IP address and not your own. Also check with your ISP if they can confirm about BGP session establishment, Most router like Juniper, Cisco can explain a lot in their output the reasons if the session is not established. Also loopback IP is normally used in BGP if you have multiple interfaces connected to same ISP, or you are using some other complex configuration. I would use interface IP connected to ISP to avoid routing issues etc. Thanks. Ahsan Khan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Poh Yong Hwang Sent: Tuesday, December 18, 2007 11:20 PM To: Justin Fletcher Cc: vyatta-users Subject: Re: [Vyatta-users] Advises on configuring BGP Hi, Thanks. I just could not traceroute to the router and according to my peering upstream, they mention that they did not receive any of my prefix announcement. Basically i just want to do a simple setup at this moment with one box running Vyatta and eth0 is link to one of our upstream provider which we want to peer with. I have my ASN number as well as a /21 range of IP addresses to announce. Here is my configuration: loopback ip : 10.0.0.65 My ASN : 100 My IP Range : XX.XX.XX.XX/21 Upstream Route IP : a.b.c.d Customer Interface IP : c.d.e.f Upstream ASN : 200 protocols { bgp { bgp-id: 10.0.0.65 local-as: 100 import: "" export: "BGP_EXPORT" peer " a.b.c.d" { import: "" export: "" multihop: 1 peer-port: 179 local-port: 179 local-ip: c.d.e.f as: 9989 next-hop: c.d.e.f holdtime: 90 delay-open-time: 0 client: false confederation-member: false disable: false ipv4-unicast: true ipv4-multicast: false ipv6-unicast: false ipv6-multicast: false md5-key: "" } } static { disable: false route XX.XX.XX.XX/21 { next-hop: 10.0.0.65 metric: 1 } } } policy { policy-statement "BGP_EXPORT" { term 1 { from { protocol: "static" network4: XX.XX.XX.XX/21 } then { action: "accept" } } } } interfaces { restore: false loopback lo { description: "" address 10.0.0.65 { prefix-length: 32 disable: false } } ethernet eth0 { disable: false discard: false description: "" hw-id: 00:30:48:55:63:FC duplex: "auto" speed: "auto" address c.d.e.f { prefix-length: 25 disable: false } } ethernet eth1 { disable: false discard: false description: "" hw-id: 00:30:48:55:63:FD duplex: "auto" speed: "auto" address XX.XX.XX.1 { prefix-length: 21 disable: false } } } service { http { port: 80 } } firewall { log-martians: "enable" send-redirects: "disable" receive-redirects: "disable" ip-src-route: "disable" broadcast-ping: "disable" syn-cookies: "enable" } system { host-name: "vyatta" domain-name: "" time-zone: "GMT" ntp-server "69.59.150.135" login { user root { full-name: "" authentication { encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh." } } user vyatta { full-name: "" authentication { encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh." } } } package { auto-sync: 1 repository community { component: "main" url: "http://archive.vyatta.com/vyatta"; } } } rtrmgr { config-directory: "/opt/vyatta/etc/config" } Is this config correct? Thanks On Dec 18, 2007 3:17 AM, Justin Fletcher < [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> >
Re: [Vyatta-users] Advises on configuring BGP
Hi, Thanks. I just could not traceroute to the router and according to my peering upstream, they mention that they did not receive any of my prefix announcement. Basically i just want to do a simple setup at this moment with one box running Vyatta and eth0 is link to one of our upstream provider which we want to peer with. I have my ASN number as well as a /21 range of IP addresses to announce. Here is my configuration: loopback ip : 10.0.0.65 My ASN : 100 My IP Range : XX.XX.XX.XX/21 Upstream Route IP : a.b.c.d Customer Interface IP : c.d.e.f Upstream ASN : 200 protocols { bgp { bgp-id: 10.0.0.65 local-as: 100 import: "" export: "BGP_EXPORT" peer "a.b.c.d" { import: "" export: "" multihop: 1 peer-port: 179 local-port: 179 local-ip: c.d.e.f as: 9989 next-hop: c.d.e.f holdtime: 90 delay-open-time: 0 client: false confederation-member: false disable: false ipv4-unicast: true ipv4-multicast: false ipv6-unicast: false ipv6-multicast: false md5-key: "" } } static { disable: false route XX.XX.XX.XX/21 { next-hop: 10.0.0.65 metric: 1 } } } policy { policy-statement "BGP_EXPORT" { term 1 { from { protocol: "static" network4: XX.XX.XX.XX/21 } then { action: "accept" } } } } interfaces { restore: false loopback lo { description: "" address 10.0.0.65 { prefix-length: 32 disable: false } } ethernet eth0 { disable: false discard: false description: "" hw-id: 00:30:48:55:63:FC duplex: "auto" speed: "auto" address c.d.e.f { prefix-length: 25 disable: false } } ethernet eth1 { disable: false discard: false description: "" hw-id: 00:30:48:55:63:FD duplex: "auto" speed: "auto" address XX.XX.XX.1 { prefix-length: 21 disable: false } } } service { http { port: 80 } } firewall { log-martians: "enable" send-redirects: "disable" receive-redirects: "disable" ip-src-route: "disable" broadcast-ping: "disable" syn-cookies: "enable" } system { host-name: "vyatta" domain-name: "" time-zone: "GMT" ntp-server "69.59.150.135" login { user root { full-name: "" authentication { encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh." } } user vyatta { full-name: "" authentication { encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh." } } } package { auto-sync: 1 repository community { component: "main" url: "http://archive.vyatta.com/vyatta"; } } } rtrmgr { config-directory: "/opt/vyatta/etc/config" } Is this config correct? Thanks On Dec 18, 2007 3:17 AM, Justin Fletcher < [EMAIL PROTECTED]> wrote: > It's hard to tell without the full configuration, but remember that you > need > both a route out, as well as the rest of the internet needs to be able to > find their way back to you. You can check to see if you're reachable > using an external traceroute; see www.traceroute.org to check and see > if you're reachable. > > Best, > Justin > > On Dec 17, 2007 2:05 AM, Poh Yong Hwang < [EMAIL PROTECTED]> wrote: > > Hi, > > > > I have managed to setup the BGP session with my peer and also based on > the > > topic on Originating a Route to eBGP neighbors to announce my IP ranges. > I > > have set my eth1 ip to be XX.XX.XX.1/21 and connect one server directly > to > > eth1 for testing. Setting XX.XX.XX.2 with subnet of 255.255.248.0 and > > XX.XX.XX.1 for default gateway on the server itself, I cannot go out of > the > > internet (Cannot surf net using that server). Eth0 is link with the UTP > > cable provided by upstream for peering > > > > Is this the correct way to set it up? > > > > Please advise > > > > Thanks > > > > Regards > > Yongsan > > > > > > > > On Dec 14, 2007 12:24 PM, Poh Yong Hwang < [EMAIL PROTECTED] >
Re: [Vyatta-users] Advises on configuring BGP
It's hard to tell without the full configuration, but remember that you need both a route out, as well as the rest of the internet needs to be able to find their way back to you. You can check to see if you're reachable using an external traceroute; see www.traceroute.org to check and see if you're reachable. Best, Justin On Dec 17, 2007 2:05 AM, Poh Yong Hwang <[EMAIL PROTECTED]> wrote: > Hi, > > I have managed to setup the BGP session with my peer and also based on the > topic on Originating a Route to eBGP neighbors to announce my IP ranges. I > have set my eth1 ip to be XX.XX.XX.1/21 and connect one server directly to > eth1 for testing. Setting XX.XX.XX.2 with subnet of 255.255.248.0 and > XX.XX.XX.1 for default gateway on the server itself, I cannot go out of the > internet (Cannot surf net using that server). Eth0 is link with the UTP > cable provided by upstream for peering > > Is this the correct way to set it up? > > Please advise > > Thanks > > Regards > Yongsan > > > > On Dec 14, 2007 12:24 PM, Poh Yong Hwang < [EMAIL PROTECTED]> wrote: > > Hi, > > > > I have read the docs that was available but still have a few questions in > mind. I have a UTP cable that was provided by the provider that I would like > to peer with so I have plug it into my eth0. So what IP address should I set > on my eth0? Where can I set the IP range XX.XX.XX.XX/21 that I want to > announce? > > > > Please advise. > > > > Thanks! > > > > Yongsan > > > > > > > > > > > > On Dec 12, 2007 12:03 AM, Justin Fletcher < [EMAIL PROTECTED] > wrote: > > > > > Certainly; there's documentation with examples from > > > http://www.vyatta.com/documentation/index.php or > > > http://www.vyatta.com/twiki/bin/view/Community/DocumentationSet. > > > > > > Best, > > > Justin > > > > > > > > > > > > > > > On Dec 10, 2007 8:18 PM, Poh Yong Hwang <[EMAIL PROTECTED]> wrote: > > > > Hi, > > > > > > > > Thanks! I am a noob in setting up BGP and we have the following info > from > > > > our upstream provider > > > > > > > > Upstream Router Server IP Address > > > > Customer Primary Interface Address > > > > Upstream Secondary Router Server IP Address > > > > Customer Secondary Interface Address > > > > > > > > Plus my ASN number as well as my IP range XX.XX.XX.XX/21 > > > > > > > > So is all these information be enough to configure it? Is there any > examples > > > > I can follow? > > > > > > > > Thanks! > > > > > > > > Yongsan > > > > > > > > > > > > > > > > > > > > > > > > On Dec 11, 2007 11:33 AM, Justin Fletcher <[EMAIL PROTECTED]> wrote: > > > > > Well, yes - Vyatta has full BGP support, so you'll be able to peer > > > > > with your provider. > > > > > > > > > > Best, > > > > > Justin > > > > > > > > > > > > > > > > > > > > > > > > > On Dec 10, 2007 7:26 PM, Poh Yong Hwang < [EMAIL PROTECTED]> wrote: > > > > > > Hi, > > > > > > > > > > > > New here and to Vynatta and hope to get advises on getting this > up. I > > > > wish > > > > > > to setup a BGP router for our current setup (We have got our ASN > number, > > > > IP > > > > > > range) and we will peer with our upstream provider for MLPA. > > > > > > > > > > > > Just some simple BGP routes for testing purposes. So just > wondering if > > > > > > Vynatta is able to do that? > > > > > > > > > > > > Thanks! > > > > > > > > > > > > Yongsan > > > > > > > > > > > > ___ > > > > > > Vyatta-users mailing list > > > > > > Vyatta-users@mailman.vyatta.com > > > > > > http://mailman.vyatta.com/mailman/listinfo/vyatta-users > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Advises on configuring BGP
Hi, I have managed to setup the BGP session with my peer and also based on the topic on Originating a Route to eBGP neighbors to announce my IP ranges. I have set my eth1 ip to be XX.XX.XX.1/21 and connect one server directly to eth1 for testing. Setting XX.XX.XX.2 with subnet of 255.255.248.0 and XX.XX.XX.1 for default gateway on the server itself, I cannot go out of the internet (Cannot surf net using that server). Eth0 is link with the UTP cable provided by upstream for peering Is this the correct way to set it up? Please advise Thanks Regards Yongsan On Dec 14, 2007 12:24 PM, Poh Yong Hwang <[EMAIL PROTECTED]> wrote: > Hi, > > I have read the docs that was available but still have a few questions in > mind. I have a UTP cable that was provided by the provider that I would like > to peer with so I have plug it into my eth0. So what IP address should I set > on my eth0? Where can I set the IP range XX.XX.XX.XX/21 that I want to > announce? > > Please advise. > > Thanks! > > Yongsan > > > On Dec 12, 2007 12:03 AM, Justin Fletcher < [EMAIL PROTECTED] > wrote: > > > Certainly; there's documentation with examples from > > http://www.vyatta.com/documentation/index.php or > > http://www.vyatta.com/twiki/bin/view/Community/DocumentationSet. > > > > Best, > > Justin > > > > On Dec 10, 2007 8:18 PM, Poh Yong Hwang <[EMAIL PROTECTED]> wrote: > > > Hi, > > > > > > Thanks! I am a noob in setting up BGP and we have the following info > > from > > > our upstream provider > > > > > > Upstream Router Server IP Address > > > Customer Primary Interface Address > > > Upstream Secondary Router Server IP Address > > > Customer Secondary Interface Address > > > > > > Plus my ASN number as well as my IP range XX.XX.XX.XX/21 > > > > > > So is all these information be enough to configure it? Is there any > > examples > > > I can follow? > > > > > > Thanks! > > > > > > Yongsan > > > > > > > > > > > > > > > > > > On Dec 11, 2007 11:33 AM, Justin Fletcher <[EMAIL PROTECTED]> wrote: > > > > Well, yes - Vyatta has full BGP support, so you'll be able to peer > > > > with your provider. > > > > > > > > Best, > > > > Justin > > > > > > > > > > > > > > > > > > > > On Dec 10, 2007 7:26 PM, Poh Yong Hwang < [EMAIL PROTECTED]> wrote: > > > > > Hi, > > > > > > > > > > New here and to Vynatta and hope to get advises on getting this > > up. I > > > wish > > > > > to setup a BGP router for our current setup (We have got our ASN > > number, > > > IP > > > > > range) and we will peer with our upstream provider for MLPA. > > > > > > > > > > Just some simple BGP routes for testing purposes. So just > > wondering if > > > > > Vynatta is able to do that? > > > > > > > > > > Thanks! > > > > > > > > > > Yongsan > > > > > > > > > > ___ > > > > > Vyatta-users mailing list > > > > > Vyatta-users@mailman.vyatta.com > > > > > http://mailman.vyatta.com/mailman/listinfo/vyatta-users > > > > > > > > > > > > > > > > > > > > > > > > ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Advises on configuring BGP
Hi, I have read the docs that was available but still have a few questions in mind. I have a UTP cable that was provided by the provider that I would like to peer with so I have plug it into my eth0. So what IP address should I set on my eth0? Where can I set the IP range XX.XX.XX.XX/21 that I want to announce? Please advise. Thanks! Yongsan On Dec 12, 2007 12:03 AM, Justin Fletcher <[EMAIL PROTECTED]> wrote: > Certainly; there's documentation with examples from > http://www.vyatta.com/documentation/index.php or > http://www.vyatta.com/twiki/bin/view/Community/DocumentationSet. > > Best, > Justin > > On Dec 10, 2007 8:18 PM, Poh Yong Hwang <[EMAIL PROTECTED]> wrote: > > Hi, > > > > Thanks! I am a noob in setting up BGP and we have the following info > from > > our upstream provider > > > > Upstream Router Server IP Address > > Customer Primary Interface Address > > Upstream Secondary Router Server IP Address > > Customer Secondary Interface Address > > > > Plus my ASN number as well as my IP range XX.XX.XX.XX/21 > > > > So is all these information be enough to configure it? Is there any > examples > > I can follow? > > > > Thanks! > > > > Yongsan > > > > > > > > > > > > On Dec 11, 2007 11:33 AM, Justin Fletcher <[EMAIL PROTECTED]> wrote: > > > Well, yes - Vyatta has full BGP support, so you'll be able to peer > > > with your provider. > > > > > > Best, > > > Justin > > > > > > > > > > > > > > > On Dec 10, 2007 7:26 PM, Poh Yong Hwang < [EMAIL PROTECTED]> wrote: > > > > Hi, > > > > > > > > New here and to Vynatta and hope to get advises on getting this up. > I > > wish > > > > to setup a BGP router for our current setup (We have got our ASN > number, > > IP > > > > range) and we will peer with our upstream provider for MLPA. > > > > > > > > Just some simple BGP routes for testing purposes. So just wondering > if > > > > Vynatta is able to do that? > > > > > > > > Thanks! > > > > > > > > Yongsan > > > > > > > > ___ > > > > Vyatta-users mailing list > > > > Vyatta-users@mailman.vyatta.com > > > > http://mailman.vyatta.com/mailman/listinfo/vyatta-users > > > > > > > > > > > > > > > > ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Advises on configuring BGP
Certainly; there's documentation with examples from http://www.vyatta.com/documentation/index.php or http://www.vyatta.com/twiki/bin/view/Community/DocumentationSet. Best, Justin On Dec 10, 2007 8:18 PM, Poh Yong Hwang <[EMAIL PROTECTED]> wrote: > Hi, > > Thanks! I am a noob in setting up BGP and we have the following info from > our upstream provider > > Upstream Router Server IP Address > Customer Primary Interface Address > Upstream Secondary Router Server IP Address > Customer Secondary Interface Address > > Plus my ASN number as well as my IP range XX.XX.XX.XX/21 > > So is all these information be enough to configure it? Is there any examples > I can follow? > > Thanks! > > Yongsan > > > > > > On Dec 11, 2007 11:33 AM, Justin Fletcher <[EMAIL PROTECTED]> wrote: > > Well, yes - Vyatta has full BGP support, so you'll be able to peer > > with your provider. > > > > Best, > > Justin > > > > > > > > > > On Dec 10, 2007 7:26 PM, Poh Yong Hwang < [EMAIL PROTECTED]> wrote: > > > Hi, > > > > > > New here and to Vynatta and hope to get advises on getting this up. I > wish > > > to setup a BGP router for our current setup (We have got our ASN number, > IP > > > range) and we will peer with our upstream provider for MLPA. > > > > > > Just some simple BGP routes for testing purposes. So just wondering if > > > Vynatta is able to do that? > > > > > > Thanks! > > > > > > Yongsan > > > > > > ___ > > > Vyatta-users mailing list > > > Vyatta-users@mailman.vyatta.com > > > http://mailman.vyatta.com/mailman/listinfo/vyatta-users > > > > > > > > > > ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Advises on configuring BGP
Hi, Thanks! I am a noob in setting up BGP and we have the following info from our upstream provider Upstream Router Server IP Address Customer Primary Interface Address Upstream Secondary Router Server IP Address Customer Secondary Interface Address Plus my ASN number as well as my IP range XX.XX.XX.XX/21 So is all these information be enough to configure it? Is there any examples I can follow? Thanks! Yongsan On Dec 11, 2007 11:33 AM, Justin Fletcher <[EMAIL PROTECTED]> wrote: > Well, yes - Vyatta has full BGP support, so you'll be able to peer > with your provider. > > Best, > Justin > > On Dec 10, 2007 7:26 PM, Poh Yong Hwang <[EMAIL PROTECTED]> wrote: > > Hi, > > > > New here and to Vynatta and hope to get advises on getting this up. I > wish > > to setup a BGP router for our current setup (We have got our ASN number, > IP > > range) and we will peer with our upstream provider for MLPA. > > > > Just some simple BGP routes for testing purposes. So just wondering if > > Vynatta is able to do that? > > > > Thanks! > > > > Yongsan > > > > ___ > > Vyatta-users mailing list > > Vyatta-users@mailman.vyatta.com > > http://mailman.vyatta.com/mailman/listinfo/vyatta-users > > > > > ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Advises on configuring BGP
Well, yes - Vyatta has full BGP support, so you'll be able to peer with your provider. Best, Justin On Dec 10, 2007 7:26 PM, Poh Yong Hwang <[EMAIL PROTECTED]> wrote: > Hi, > > New here and to Vynatta and hope to get advises on getting this up. I wish > to setup a BGP router for our current setup (We have got our ASN number, IP > range) and we will peer with our upstream provider for MLPA. > > Just some simple BGP routes for testing purposes. So just wondering if > Vynatta is able to do that? > > Thanks! > > Yongsan > > ___ > Vyatta-users mailing list > Vyatta-users@mailman.vyatta.com > http://mailman.vyatta.com/mailman/listinfo/vyatta-users > > ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
[Vyatta-users] Advises on configuring BGP
Hi, New here and to Vynatta and hope to get advises on getting this up. I wish to setup a BGP router for our current setup (We have got our ASN number, IP range) and we will peer with our upstream provider for MLPA. Just some simple BGP routes for testing purposes. So just wondering if Vynatta is able to do that? Thanks! Yongsan ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users