Re: [Vyatta-users] Advises on configuring BGP
. Thanks! On Dec 20, 2007 1:52 AM, Robyn Orosz [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Hi There, The next-hop value is providing the peer with the next-hop value to use for the advertised prefixes from your router. So, the next-hop should be an address on your router. It looks correct based on your edited configuration file. If you run a 'show bgp peers' it will show you whether or not your session is established with your peer. If it's not established, that would be one reason why the ISP claims they did not receive a prefix advertisement from you. First off, verify your configuration is correct (IPs, ASNs etc). Then you can run a tshark on eth0 (your BGP peering interface) on port 179 (tshark -i eth0 port 179 -Vn) to take a look at the BGP packets and also take a look at the logs 'show log.' If your session is established, make sure the route you are advertising with your policy exists in the routing table and matches the prefix in the policy. You can check the route by running a 'show route protocol static.' You must see the static route that you've pointed to your loopback interface in the table. If it's not there, verify your configuration etc. If it is there, make sure the prefix in your policy matches the route exactly. If it does not match, it won't be advertised. If all of the above are correct, take a look at 'show bgp route' and make sure you see your advertised prefix in the output. If it's there then your ISP is probably rejecting your advertisement. They need to add your prefix to their prefix list. ISPs forget to add their customer's prefixes to their prefix lists all the time. The loopback address for the BGP ID won't hurt anything but Ahsan is correct that for eBGP peering with external public peers, you should probably set your BGP ID to your public IP on eth0. Thanks! and I hope this helps. -Robyn Ahsan Khan wrote: Hi, I think your nexthop IP should be your ISP IP address and not your own. Also check with your ISP if they can confirm about BGP session establishment, Most router like Juniper, Cisco can explain a lot in their output the reasons if the session is not established. Also loopback IP is normally used in BGP if you have multiple interfaces connected to same ISP, or you are using some other complex configuration. I would use interface IP connected to ISP to avoid routing issues etc. Thanks. Ahsan Khan -Original Message- From: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED]] On Behalf Of Poh Yong Hwang Sent: Tuesday, December 18, 2007 11:20 PM To: Justin Fletcher Cc: vyatta-users Subject: Re: [Vyatta-users] Advises on configuring BGP Hi, Thanks. I just could not traceroute to the router and according to my peering upstream, they mention that they did not receive any of my prefix
Re: [Vyatta-users] Advises on configuring BGP
Hi, I tried to add a ip address 11.11.11.12 with prefix length of 21 to eth1. But i still cannot remote access or ping to this ip address from outside. I hope to able to access the web gui of Vyatta remotely using the eth1 ip address. Also this eth1 will be link to a switch and to the rest of the servers, so am I right to set all the servers default gateway to be 11.11.11.12 which is the ip address of the eth1? thanks for all your patience On Jan 4, 2008 10:25 PM, Robyn Orosz [EMAIL PROTECTED] wrote: Hi, I'm glad to hear you have it working now. Since you are exporting your aggregate (/21) via a static route to your loopback interface, you don't have to assign the entire /21 to eth1. You can segment it in whatever way you choose as it will still always be exported as a /21 based on your existing policy. Basically, you can set whatever IP and prefix length you want on your eth1 as long as it is a valid part of your /21 aggregate prefix. Thank you, Robyn Poh Yong Hwang wrote: Hi all, Sorry for getting back so late as I am tied up with some other stuffs.. Thanks for all the advice and my upstream managed to see my prefix. Seems that changing the next hop to my eth0 public ip address did the trick. Now as my eth0 is connected to my upstream, what IP address should I set on my eth1? It will be connected to a layer 3 switch (core switch) which all our servers will be connected to that switch. I have a /21 range of ip addresses, so should I just use the first ip to set on eth1? What prefix-length should I set on that as well? Please advise. Thanks! On Dec 20, 2007 1:52 AM, Robyn Orosz [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Hi There, The next-hop value is providing the peer with the next-hop value to use for the advertised prefixes from your router. So, the next-hop should be an address on your router. It looks correct based on your edited configuration file. If you run a 'show bgp peers' it will show you whether or not your session is established with your peer. If it's not established, that would be one reason why the ISP claims they did not receive a prefix advertisement from you. First off, verify your configuration is correct (IPs, ASNs etc). Then you can run a tshark on eth0 (your BGP peering interface) on port 179 (tshark -i eth0 port 179 -Vn) to take a look at the BGP packets and also take a look at the logs 'show log.' If your session is established, make sure the route you are advertising with your policy exists in the routing table and matches the prefix in the policy. You can check the route by running a 'show route protocol static.' You must see the static route that you've pointed to your loopback interface in the table. If it's not there, verify your configuration etc. If it is there, make sure the prefix in your policy matches the route exactly. If it does not match, it won't be advertised. If all of the above are correct, take a look at 'show bgp route' and make sure you see your advertised prefix in the output. If it's there then your ISP is probably rejecting your advertisement. They need to add your prefix to their prefix list. ISPs forget to add their customer's prefixes to their prefix lists all the time. The loopback address for the BGP ID won't hurt anything but Ahsan is correct that for eBGP peering with external public peers, you should probably set your BGP ID to your public IP on eth0. Thanks! and I hope this helps. -Robyn Ahsan Khan wrote: Hi, I think your nexthop IP should be your ISP IP address and not your own. Also check with your ISP if they can confirm about BGP session establishment, Most router like Juniper, Cisco can explain a lot in their output the reasons if the session is not established. Also loopback IP is normally used in BGP if you have multiple interfaces connected to same ISP, or you are using some other complex configuration. I would use interface IP connected to ISP to avoid routing issues etc. Thanks. Ahsan Khan -Original Message- From: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED]] On Behalf Of Poh Yong Hwang Sent: Tuesday, December 18, 2007 11:20 PM To: Justin Fletcher Cc: vyatta-users Subject: Re: [Vyatta-users] Advises on configuring BGP Hi, Thanks. I just could not traceroute to the router and according to my peering upstream, they mention that they did not receive any of my prefix announcement
Re: [Vyatta-users] Advises on configuring BGP
Hi all,
Sorry for getting back so late as I am tied up with some other stuffs..
Thanks for all the advice and my upstream managed to see my prefix. Seems
that changing the next hop to my eth0 public ip address did the trick.
Now as my eth0 is connected to my upstream, what IP address should I set on
my eth1? It will be connected to a layer 3 switch (core switch) which all
our servers will be connected to that switch. I have a /21 range of ip
addresses, so should I just use the first ip to set on eth1? What
prefix-length should I set on that as well?
Please advise.
Thanks!
On Dec 20, 2007 1:52 AM, Robyn Orosz [EMAIL PROTECTED] wrote:
Hi There,
The next-hop value is providing the peer with the next-hop value to use
for the advertised prefixes from your router. So, the next-hop should
be an address on your router. It looks correct based on your edited
configuration file.
If you run a 'show bgp peers' it will show you whether or not your
session is established with your peer. If it's not established, that
would be one reason why the ISP claims they did not receive a prefix
advertisement from you. First off, verify your configuration is correct
(IPs, ASNs etc). Then you can run a tshark on eth0 (your BGP peering
interface) on port 179 (tshark -i eth0 port 179 -Vn) to take a look at
the BGP packets and also take a look at the logs 'show log.'
If your session is established, make sure the route you are advertising
with your policy exists in the routing table and matches the prefix in
the policy. You can check the route by running a 'show route protocol
static.' You must see the static route that you've pointed to your
loopback interface in the table. If it's not there, verify your
configuration etc.
If it is there, make sure the prefix in your policy matches the route
exactly. If it does not match, it won't be advertised.
If all of the above are correct, take a look at 'show bgp route' and
make sure you see your advertised prefix in the output. If it's there
then your ISP is probably rejecting your advertisement. They need to
add your prefix to their prefix list. ISPs forget to add their
customer's prefixes to their prefix lists all the time.
The loopback address for the BGP ID won't hurt anything but Ahsan is
correct that for eBGP peering with external public peers, you should
probably set your BGP ID to your public IP on eth0.
Thanks! and I hope this helps.
-Robyn
Ahsan Khan wrote:
Hi,
I think your nexthop IP should be your ISP IP address and not your
own. Also check with your ISP if they can confirm about BGP session
establishment, Most router like Juniper, Cisco can explain a lot in
their
output the reasons if the session is not established.
Also loopback IP is normally used in BGP if you have multiple interfaces
connected to same ISP, or you are using some other complex
configuration. I
would use interface IP connected to ISP to avoid routing issues etc.
Thanks.
Ahsan Khan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Poh Yong
Hwang
Sent: Tuesday, December 18, 2007 11:20 PM
To: Justin Fletcher
Cc: vyatta-users
Subject: Re: [Vyatta-users] Advises on configuring BGP
Hi,
Thanks. I just could not traceroute to the router and according to my
peering upstream, they mention that they did not receive any of my
prefix
announcement.
Basically i just want to do a simple setup at this moment with one box
running Vyatta and eth0 is link to one of our upstream provider which we
want to peer with. I have my ASN number as well as a /21 range of IP
addresses to announce. Here is my configuration:
loopback ip : 10.0.0.65
My ASN : 100
My IP Range : XX.XX.XX.XX/21
Upstream Route IP : a.b.c.d
Customer Interface IP : c.d.e.f
Upstream ASN : 200
protocols {
bgp {
bgp-id: 10.0.0.65
local-as: 100
import:
export: BGP_EXPORT
peer a.b.c.d {
import:
export:
multihop: 1
peer-port: 179
local-port: 179
local-ip: c.d.e.f
as: 9989
next-hop: c.d.e.f
holdtime: 90
delay-open-time: 0
client: false
confederation-member: false
disable: false
ipv4-unicast: true
ipv4-multicast: false
ipv6-unicast: false
ipv6-multicast: false
md5-key:
}
}
static {
disable: false
route XX.XX.XX.XX/21 {
next-hop: 10.0.0.65
metric: 1
}
}
}
policy {
policy-statement BGP_EXPORT {
term 1 {
from
Re: [Vyatta-users] Advises on configuring BGP
Hi,
I'm glad to hear you have it working now.
Since you are exporting your aggregate (/21) via a static route to your
loopback interface, you don't have to assign the entire /21 to eth1.
You can segment it in whatever way you choose as it will still always be
exported as a /21 based on your existing policy. Basically, you can set
whatever IP and prefix length you want on your eth1 as long as it is a
valid part of your /21 aggregate prefix.
Thank you,
Robyn
Poh Yong Hwang wrote:
Hi all,
Sorry for getting back so late as I am tied up with some other
stuffs.. Thanks for all the advice and my upstream managed to see my
prefix. Seems that changing the next hop to my eth0 public ip address
did the trick.
Now as my eth0 is connected to my upstream, what IP address should I
set on my eth1? It will be connected to a layer 3 switch (core switch)
which all our servers will be connected to that switch. I have a /21
range of ip addresses, so should I just use the first ip to set on
eth1? What prefix-length should I set on that as well?
Please advise.
Thanks!
On Dec 20, 2007 1:52 AM, Robyn Orosz [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
Hi There,
The next-hop value is providing the peer with the next-hop value
to use
for the advertised prefixes from your router. So, the next-hop should
be an address on your router. It looks correct based on your edited
configuration file.
If you run a 'show bgp peers' it will show you whether or not your
session is established with your peer. If it's not established, that
would be one reason why the ISP claims they did not receive a prefix
advertisement from you. First off, verify your configuration is
correct
(IPs, ASNs etc). Then you can run a tshark on eth0 (your BGP peering
interface) on port 179 (tshark -i eth0 port 179 -Vn) to take a
look at
the BGP packets and also take a look at the logs 'show log.'
If your session is established, make sure the route you are
advertising
with your policy exists in the routing table and matches the
prefix in
the policy. You can check the route by running a 'show route protocol
static.' You must see the static route that you've pointed to your
loopback interface in the table. If it's not there, verify your
configuration etc.
If it is there, make sure the prefix in your policy matches the route
exactly. If it does not match, it won't be advertised.
If all of the above are correct, take a look at 'show bgp route' and
make sure you see your advertised prefix in the output. If it's there
then your ISP is probably rejecting your advertisement. They need to
add your prefix to their prefix list. ISPs forget to add their
customer's prefixes to their prefix lists all the time.
The loopback address for the BGP ID won't hurt anything but Ahsan is
correct that for eBGP peering with external public peers, you should
probably set your BGP ID to your public IP on eth0.
Thanks! and I hope this helps.
-Robyn
Ahsan Khan wrote:
Hi,
I think your nexthop IP should be your ISP IP address and
not your
own. Also check with your ISP if they can confirm about BGP session
establishment, Most router like Juniper, Cisco can explain a lot
in their
output the reasons if the session is not established.
Also loopback IP is normally used in BGP if you have multiple
interfaces
connected to same ISP, or you are using some other complex
configuration. I
would use interface IP connected to ISP to avoid routing issues
etc.
Thanks.
Ahsan Khan
-Original Message-
From: [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]] On Behalf Of Poh
Yong Hwang
Sent: Tuesday, December 18, 2007 11:20 PM
To: Justin Fletcher
Cc: vyatta-users
Subject: Re: [Vyatta-users] Advises on configuring BGP
Hi,
Thanks. I just could not traceroute to the router and according
to my
peering upstream, they mention that they did not receive any of
my prefix
announcement.
Basically i just want to do a simple setup at this moment with
one box
running Vyatta and eth0 is link to one of our upstream provider
which we
want to peer with. I have my ASN number as well as a /21 range
of IP
addresses to announce. Here is my configuration:
loopback ip : 10.0.0.65 http://10.0.0.65
My ASN : 100
My IP Range : XX.XX.XX.XX/21
Upstream Route IP : a.b.c.d
Customer Interface IP : c.d.e.f
Upstream ASN : 200
protocols {
bgp {
bgp-id: 10.0.0.65 http://10.0.0.65
local
Re: [Vyatta-users] Advises on configuring BGP
Hi There,
The next-hop value is providing the peer with the next-hop value to use
for the advertised prefixes from your router. So, the next-hop should
be an address on your router. It looks correct based on your edited
configuration file.
If you run a 'show bgp peers' it will show you whether or not your
session is established with your peer. If it's not established, that
would be one reason why the ISP claims they did not receive a prefix
advertisement from you. First off, verify your configuration is correct
(IPs, ASNs etc). Then you can run a tshark on eth0 (your BGP peering
interface) on port 179 (tshark -i eth0 port 179 -Vn) to take a look at
the BGP packets and also take a look at the logs 'show log.'
If your session is established, make sure the route you are advertising
with your policy exists in the routing table and matches the prefix in
the policy. You can check the route by running a 'show route protocol
static.' You must see the static route that you've pointed to your
loopback interface in the table. If it's not there, verify your
configuration etc.
If it is there, make sure the prefix in your policy matches the route
exactly. If it does not match, it won't be advertised.
If all of the above are correct, take a look at 'show bgp route' and
make sure you see your advertised prefix in the output. If it's there
then your ISP is probably rejecting your advertisement. They need to
add your prefix to their prefix list. ISPs forget to add their
customer's prefixes to their prefix lists all the time.
The loopback address for the BGP ID won't hurt anything but Ahsan is
correct that for eBGP peering with external public peers, you should
probably set your BGP ID to your public IP on eth0.
Thanks! and I hope this helps.
-Robyn
Ahsan Khan wrote:
Hi,
I think your nexthop IP should be your ISP IP address and not your
own. Also check with your ISP if they can confirm about BGP session
establishment, Most router like Juniper, Cisco can explain a lot in their
output the reasons if the session is not established.
Also loopback IP is normally used in BGP if you have multiple interfaces
connected to same ISP, or you are using some other complex configuration. I
would use interface IP connected to ISP to avoid routing issues etc.
Thanks.
Ahsan Khan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Poh Yong Hwang
Sent: Tuesday, December 18, 2007 11:20 PM
To: Justin Fletcher
Cc: vyatta-users
Subject: Re: [Vyatta-users] Advises on configuring BGP
Hi,
Thanks. I just could not traceroute to the router and according to my
peering upstream, they mention that they did not receive any of my prefix
announcement.
Basically i just want to do a simple setup at this moment with one box
running Vyatta and eth0 is link to one of our upstream provider which we
want to peer with. I have my ASN number as well as a /21 range of IP
addresses to announce. Here is my configuration:
loopback ip : 10.0.0.65
My ASN : 100
My IP Range : XX.XX.XX.XX/21
Upstream Route IP : a.b.c.d
Customer Interface IP : c.d.e.f
Upstream ASN : 200
protocols {
bgp {
bgp-id: 10.0.0.65
local-as: 100
import:
export: BGP_EXPORT
peer a.b.c.d {
import:
export:
multihop: 1
peer-port: 179
local-port: 179
local-ip: c.d.e.f
as: 9989
next-hop: c.d.e.f
holdtime: 90
delay-open-time: 0
client: false
confederation-member: false
disable: false
ipv4-unicast: true
ipv4-multicast: false
ipv6-unicast: false
ipv6-multicast: false
md5-key:
}
}
static {
disable: false
route XX.XX.XX.XX/21 {
next-hop: 10.0.0.65
metric: 1
}
}
}
policy {
policy-statement BGP_EXPORT {
term 1 {
from {
protocol: static
network4: XX.XX.XX.XX/21
}
then {
action: accept
}
}
}
}
interfaces {
restore: false
loopback lo {
description:
address 10.0.0.65 {
prefix-length: 32
disable: false
}
}
ethernet eth0 {
disable: false
discard: false
description:
hw-id: 00:30:48:55:63:FC
duplex: auto
speed: auto
address c.d.e.f {
prefix-length: 25
disable: false
Re: [Vyatta-users] Advises on configuring BGP
Hi,
Thanks. I just could not traceroute to the router and according to my
peering upstream, they mention that they did not receive any of my prefix
announcement.
Basically i just want to do a simple setup at this moment with one box
running Vyatta and eth0 is link to one of our upstream provider which we
want to peer with. I have my ASN number as well as a /21 range of IP
addresses to announce. Here is my configuration:
loopback ip : 10.0.0.65
My ASN : 100
My IP Range : XX.XX.XX.XX/21
Upstream Route IP : a.b.c.d
Customer Interface IP : c.d.e.f
Upstream ASN : 200
protocols {
bgp {
bgp-id: 10.0.0.65
local-as: 100
import:
export: BGP_EXPORT
peer a.b.c.d {
import:
export:
multihop: 1
peer-port: 179
local-port: 179
local-ip: c.d.e.f
as: 9989
next-hop: c.d.e.f
holdtime: 90
delay-open-time: 0
client: false
confederation-member: false
disable: false
ipv4-unicast: true
ipv4-multicast: false
ipv6-unicast: false
ipv6-multicast: false
md5-key:
}
}
static {
disable: false
route XX.XX.XX.XX/21 {
next-hop: 10.0.0.65
metric: 1
}
}
}
policy {
policy-statement BGP_EXPORT {
term 1 {
from {
protocol: static
network4: XX.XX.XX.XX/21
}
then {
action: accept
}
}
}
}
interfaces {
restore: false
loopback lo {
description:
address 10.0.0.65 {
prefix-length: 32
disable: false
}
}
ethernet eth0 {
disable: false
discard: false
description:
hw-id: 00:30:48:55:63:FC
duplex: auto
speed: auto
address c.d.e.f {
prefix-length: 25
disable: false
}
}
ethernet eth1 {
disable: false
discard: false
description:
hw-id: 00:30:48:55:63:FD
duplex: auto
speed: auto
address XX.XX.XX.1 {
prefix-length: 21
disable: false
}
}
}
service {
http {
port: 80
}
}
firewall {
log-martians: enable
send-redirects: disable
receive-redirects: disable
ip-src-route: disable
broadcast-ping: disable
syn-cookies: enable
}
system {
host-name: vyatta
domain-name:
time-zone: GMT
ntp-server 69.59.150.135
login {
user root {
full-name:
authentication {
encrypted-password: $1$$Ht7gBYnxI1xCdO/JOnodh.
}
}
user vyatta {
full-name:
authentication {
encrypted-password: $1$$Ht7gBYnxI1xCdO/JOnodh.
}
}
}
package {
auto-sync: 1
repository community {
component: main
url: http://archive.vyatta.com/vyatta;
}
}
}
rtrmgr {
config-directory: /opt/vyatta/etc/config
}
Is this config correct?
Thanks
On Dec 18, 2007 3:17 AM, Justin Fletcher [EMAIL PROTECTED] wrote:
It's hard to tell without the full configuration, but remember that you
need
both a route out, as well as the rest of the internet needs to be able to
find their way back to you. You can check to see if you're reachable
using an external traceroute; see www.traceroute.org to check and see
if you're reachable.
Best,
Justin
On Dec 17, 2007 2:05 AM, Poh Yong Hwang [EMAIL PROTECTED] wrote:
Hi,
I have managed to setup the BGP session with my peer and also based on
the
topic on Originating a Route to eBGP neighbors to announce my IP ranges.
I
have set my eth1 ip to be XX.XX.XX.1/21 and connect one server directly
to
eth1 for testing. Setting XX.XX.XX.2 with subnet of 255.255.248.0 and
XX.XX.XX.1 for default gateway on the server itself, I cannot go out of
the
internet (Cannot surf net using that server). Eth0 is link with the UTP
cable provided by upstream for peering
Is this the correct way to set it up?
Please advise
Thanks
Regards
Yongsan
On Dec 14, 2007 12:24 PM, Poh Yong Hwang [EMAIL PROTECTED] wrote:
Hi,
I have read the docs that was available but still have a few questions
in
mind. I have a UTP cable that was
Re: [Vyatta-users] Advises on configuring BGP
Hi,
I think your nexthop IP should be your ISP IP address and not your
own. Also check with your ISP if they can confirm about BGP session
establishment, Most router like Juniper, Cisco can explain a lot in their
output the reasons if the session is not established.
Also loopback IP is normally used in BGP if you have multiple interfaces
connected to same ISP, or you are using some other complex configuration. I
would use interface IP connected to ISP to avoid routing issues etc.
Thanks.
Ahsan Khan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Poh Yong Hwang
Sent: Tuesday, December 18, 2007 11:20 PM
To: Justin Fletcher
Cc: vyatta-users
Subject: Re: [Vyatta-users] Advises on configuring BGP
Hi,
Thanks. I just could not traceroute to the router and according to my
peering upstream, they mention that they did not receive any of my prefix
announcement.
Basically i just want to do a simple setup at this moment with one box
running Vyatta and eth0 is link to one of our upstream provider which we
want to peer with. I have my ASN number as well as a /21 range of IP
addresses to announce. Here is my configuration:
loopback ip : 10.0.0.65
My ASN : 100
My IP Range : XX.XX.XX.XX/21
Upstream Route IP : a.b.c.d
Customer Interface IP : c.d.e.f
Upstream ASN : 200
protocols {
bgp {
bgp-id: 10.0.0.65
local-as: 100
import:
export: BGP_EXPORT
peer a.b.c.d {
import:
export:
multihop: 1
peer-port: 179
local-port: 179
local-ip: c.d.e.f
as: 9989
next-hop: c.d.e.f
holdtime: 90
delay-open-time: 0
client: false
confederation-member: false
disable: false
ipv4-unicast: true
ipv4-multicast: false
ipv6-unicast: false
ipv6-multicast: false
md5-key:
}
}
static {
disable: false
route XX.XX.XX.XX/21 {
next-hop: 10.0.0.65
metric: 1
}
}
}
policy {
policy-statement BGP_EXPORT {
term 1 {
from {
protocol: static
network4: XX.XX.XX.XX/21
}
then {
action: accept
}
}
}
}
interfaces {
restore: false
loopback lo {
description:
address 10.0.0.65 {
prefix-length: 32
disable: false
}
}
ethernet eth0 {
disable: false
discard: false
description:
hw-id: 00:30:48:55:63:FC
duplex: auto
speed: auto
address c.d.e.f {
prefix-length: 25
disable: false
}
}
ethernet eth1 {
disable: false
discard: false
description:
hw-id: 00:30:48:55:63:FD
duplex: auto
speed: auto
address XX.XX.XX.1 {
prefix-length: 21
disable: false
}
}
}
service {
http {
port: 80
}
}
firewall {
log-martians: enable
send-redirects: disable
receive-redirects: disable
ip-src-route: disable
broadcast-ping: disable
syn-cookies: enable
}
system {
host-name: vyatta
domain-name:
time-zone: GMT
ntp-server 69.59.150.135
login {
user root {
full-name:
authentication {
encrypted-password: $1$$Ht7gBYnxI1xCdO/JOnodh.
}
}
user vyatta {
full-name:
authentication {
encrypted-password: $1$$Ht7gBYnxI1xCdO/JOnodh.
}
}
}
package {
auto-sync: 1
repository community {
component: main
url: http://archive.vyatta.com/vyatta;
}
}
}
rtrmgr {
config-directory: /opt/vyatta/etc/config
}
Is this config correct?
Thanks
On Dec 18, 2007 3:17 AM, Justin Fletcher [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
It's hard to tell without the full configuration, but remember that
you need
both a route out, as well as the rest of the internet needs to be
able to
find their way back to you. You can check to see if you're
reachable
using an external traceroute; see www.traceroute.org
http://www.traceroute.org to check and see
if you're reachable.
Best
Re: [Vyatta-users] Advises on configuring BGP
It's hard to tell without the full configuration, but remember that you need both a route out, as well as the rest of the internet needs to be able to find their way back to you. You can check to see if you're reachable using an external traceroute; see www.traceroute.org to check and see if you're reachable. Best, Justin On Dec 17, 2007 2:05 AM, Poh Yong Hwang [EMAIL PROTECTED] wrote: Hi, I have managed to setup the BGP session with my peer and also based on the topic on Originating a Route to eBGP neighbors to announce my IP ranges. I have set my eth1 ip to be XX.XX.XX.1/21 and connect one server directly to eth1 for testing. Setting XX.XX.XX.2 with subnet of 255.255.248.0 and XX.XX.XX.1 for default gateway on the server itself, I cannot go out of the internet (Cannot surf net using that server). Eth0 is link with the UTP cable provided by upstream for peering Is this the correct way to set it up? Please advise Thanks Regards Yongsan On Dec 14, 2007 12:24 PM, Poh Yong Hwang [EMAIL PROTECTED] wrote: Hi, I have read the docs that was available but still have a few questions in mind. I have a UTP cable that was provided by the provider that I would like to peer with so I have plug it into my eth0. So what IP address should I set on my eth0? Where can I set the IP range XX.XX.XX.XX/21 that I want to announce? Please advise. Thanks! Yongsan On Dec 12, 2007 12:03 AM, Justin Fletcher [EMAIL PROTECTED] wrote: Certainly; there's documentation with examples from http://www.vyatta.com/documentation/index.php or http://www.vyatta.com/twiki/bin/view/Community/DocumentationSet. Best, Justin On Dec 10, 2007 8:18 PM, Poh Yong Hwang [EMAIL PROTECTED] wrote: Hi, Thanks! I am a noob in setting up BGP and we have the following info from our upstream provider Upstream Router Server IP Address Customer Primary Interface Address Upstream Secondary Router Server IP Address Customer Secondary Interface Address Plus my ASN number as well as my IP range XX.XX.XX.XX/21 So is all these information be enough to configure it? Is there any examples I can follow? Thanks! Yongsan On Dec 11, 2007 11:33 AM, Justin Fletcher [EMAIL PROTECTED] wrote: Well, yes - Vyatta has full BGP support, so you'll be able to peer with your provider. Best, Justin On Dec 10, 2007 7:26 PM, Poh Yong Hwang [EMAIL PROTECTED] wrote: Hi, New here and to Vynatta and hope to get advises on getting this up. I wish to setup a BGP router for our current setup (We have got our ASN number, IP range) and we will peer with our upstream provider for MLPA. Just some simple BGP routes for testing purposes. So just wondering if Vynatta is able to do that? Thanks! Yongsan ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Advises on configuring BGP
Hi, I have read the docs that was available but still have a few questions in mind. I have a UTP cable that was provided by the provider that I would like to peer with so I have plug it into my eth0. So what IP address should I set on my eth0? Where can I set the IP range XX.XX.XX.XX/21 that I want to announce? Please advise. Thanks! Yongsan On Dec 12, 2007 12:03 AM, Justin Fletcher [EMAIL PROTECTED] wrote: Certainly; there's documentation with examples from http://www.vyatta.com/documentation/index.php or http://www.vyatta.com/twiki/bin/view/Community/DocumentationSet. Best, Justin On Dec 10, 2007 8:18 PM, Poh Yong Hwang [EMAIL PROTECTED] wrote: Hi, Thanks! I am a noob in setting up BGP and we have the following info from our upstream provider Upstream Router Server IP Address Customer Primary Interface Address Upstream Secondary Router Server IP Address Customer Secondary Interface Address Plus my ASN number as well as my IP range XX.XX.XX.XX/21 So is all these information be enough to configure it? Is there any examples I can follow? Thanks! Yongsan On Dec 11, 2007 11:33 AM, Justin Fletcher [EMAIL PROTECTED] wrote: Well, yes - Vyatta has full BGP support, so you'll be able to peer with your provider. Best, Justin On Dec 10, 2007 7:26 PM, Poh Yong Hwang [EMAIL PROTECTED] wrote: Hi, New here and to Vynatta and hope to get advises on getting this up. I wish to setup a BGP router for our current setup (We have got our ASN number, IP range) and we will peer with our upstream provider for MLPA. Just some simple BGP routes for testing purposes. So just wondering if Vynatta is able to do that? Thanks! Yongsan ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Advises on configuring BGP
Well, yes - Vyatta has full BGP support, so you'll be able to peer with your provider. Best, Justin On Dec 10, 2007 7:26 PM, Poh Yong Hwang [EMAIL PROTECTED] wrote: Hi, New here and to Vynatta and hope to get advises on getting this up. I wish to setup a BGP router for our current setup (We have got our ASN number, IP range) and we will peer with our upstream provider for MLPA. Just some simple BGP routes for testing purposes. So just wondering if Vynatta is able to do that? Thanks! Yongsan ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
