martybugs.net Linux Info
 navigation
. MartyBugs home
. linux info home
 
 software info
. installing RRDTool
 
 system health
. HDD Temp Monitoring
. Imaging a PC
 
 network traffic
. Traffic Monitoring with RRDTool
. Bandwidth Monitoring with ipac-ng
. WAIX IP Accounting
 
 wireless info
. Wireless Info
. Link Monitoring with RRDTool
 
 router config
. Linux Wireless Router
. Smoothwall Info
. Multiple AS with Quagga
 
 site search
Custom Search
 
Multiple AS Numbers with Quagga BGP

This page describes how to configure a single instance of Quagga BGP with multiple AS numbers. This can be a requirement if you are connecting to multiple networks, and need to use specific AS numbers for each network.

Background

I have a mast on my roof, with antennas connecting me to two separate wireless freenets in Western Australia. Both freenets use BGP for dynamic routing, and on linux routers we normally use the Quagga Routing Suite (we also run Quagga on OpenWrt on embedded devices).

I wanted to be able to run BGP for both wireless freenets on my linux router, rather than relying on static route configuration. However, the two freenets use different numbering conventions for the AS numbers.

Here's a summary of my environment:

WACAN wireless freenetWAFN wireless freenet
local AS number421004813365550
local subnet10.48.133.0/2410.60.233.0/24
neighbour AS number421004813665001
neighbour IP10.48.136.110.60.1.113

Configuring Quagga

I struggled to find information on configuring a single instance of Quagga BGP to use a different AS numbers for each network.

The "multiple-instance" parameter appeared to be what I needed, but didn't work as per the documentation. Quagga doesn't allow a second BGP AS number to be specified without configuring it as a view, and a view doesn't work in the same way.

After a lot of reading, I eventually found the appropriate configuration that would let me use a different AS number for each network, without exposing the AS number of the other network.

The trick is to use one AS as the global AS number on my linux router, and allow it to be used for connecting to the neighbour for that network. For the other network, I configured Quagga to use the other AS number via the "local-as" parameter. However, this still resulted in Quagga leaking my router's global AS number in the routing path (in addition to the local AS number), which wasn't desirable.

The "no-prepend" parameter stops the "local-as" number from being prepended to the path, but still doesn't suppress the global AS number.

After some further research, I found that the required syntax is: 

 neighbor 10.60.1.113 remote-as 65001
 neighbor 10.60.1.113 local-as 65550 no-prepend replace-as

where the "remote-as" parameter causes Quagga to only supply the local-as number to the path when transmitting route updates to this neighbour.

I ran into issues because the "remote-as" parameter is only supported in Quagga 0.99.22, but I was running Quagga 0.99.20.1, which is the latest version available for Ubuntu 12.04.5 LTS that I was using on my linux router. Upgrading to a newer version of Ubuntu was too much effort and risk, and installing Quagga from source would install components in different locations than the deb-based installation I already had.

I built a Quagga 0.99.22 deb package for Ubuntu 12.04.5, and used it to upgrade my Quagga 0.99.20.1 installation to 0.99.22. The process of building this deb package will be the subject of a separate article.

Once Quagga had been upgraded to version 0.99.22, the "replace-as" parameter worked as expected, with the "local-as number being used with that particular neighbour.

Full bgpd.conf

Here's the complete annotated contents of bgpd.conf from my linux router. 

! define password for bgpd daemon
password insertpasswordhere
! define enable password for bgpd daemon
enable password insertpasswordhere
! define log file
log file /var/log/quagga/bgpd.log

! default global AS for this router (WACAN-specific AS)
router bgp 4210048133

 ! router ID
 ! doesn't really matter what this is; just needs to be a unique number; use local IP address
 bgp router-id 10.48.136.6

 ! sgnet.wa.can subnet on WACAN network
 ! this network will be advertised to all neighbours, subject to ACLs
 network 10.48.133.0/24
 
 ! sgnet.wafn subnet on WAFN network
 ! this network will be advertised to all neighbours, subject to ACLs
 network 10.60.223.0/24

 ! WACAN: armadale neighbour
 neighbor 10.48.136.1 remote-as 4210048136
 neighbor 10.48.136.1 soft-reconfiguration inbound
 ! apply inbound filter
 neighbor 10.48.136.1 distribute-list wacan-in in
 ! apply outbound filter
 neighbor 10.48.136.1 distribute-list wacan-out out

 ! WAFN: black cockatoo neighbour
 neighbor 10.60.1.113 remote-as 65001
 ! over-ride local AS with WAFN-specific AS
 neighbor 10.60.1.113 local-as 65550 no-prepend replace-as
 neighbor 10.60.1.113 soft-reconfiguration inbound
 ! apply inbound filter
 neighbor 10.60.1.113 distribute-list wafn-in in
 ! apply outbound filter
 neighbor 10.60.1.113 distribute-list wafn-out out

 ! WACAN: ACLs to restrict which subnets are received and broadcast from WACAN neighbours
 ! define inbound ACLs for WACAN
 access-list wacan-in permit 10.0.0.0/8
 access-list wacan-in deny any
 ! define outbound ACLs for WACAN
 access-list wacan-out deny 10.60.0.0/16
 access-list wacan-out permit 10.0.0.0/8
 access-list wacan-out deny any

 ! WAFN: ACLs to restrict which subnets are received and broadcast from WAFN neighbours
 ! define inbound ACLs for WAFN
 access-list wafn-in permit 10.60.0.0/16
 access-list wafn-in deny any
 ! define outbound ACLs for WAFN
 access-list wafn-out permit 10.60.0.0/16
 access-list wacan-out deny any
!
line vty



last updated 26 Jan 2017
  
.