Versions Compared

Old Version 11

changes.mady.by.user Fréderic LOUI

Saved on

compared with

New Version Current

changes.mady.by.user Fréderic LOUI

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

While in article #001 of the 101 series we learnt how to spawn 2 router instances on the same VM, this use case is only useful for learning/pedagogic purposes. freeRouter can be considered as networking Swiss Army Knife in real networks. We will demonstrate further freeRouter capability to take control a a full VM and then be able to directly communicate with the external real world via the VM network device interface. i.e Out of the VM scope.

Requirement

  • Basic Linux/Unix knowledge
  • Basic networking knowledge

Overview

 Working with freeRouter inside VM is interesting but working and interact with the outside world is way more exciting !

Article objective

In this article we'll explain how to integrate freeRouter in an existing local area network (my home network) and how to inherit from IPv4 DHCP and IPv6 SLAAC. Though this simple example is consumer/end user oriented, if you transpose it to freeRouter can be incorporated into a Internet Service provider environment you .  You can easily imagine how to build a highly scalable and versatile BGP route Reflector, sophisticated route server, ROA/RPKI validator or even a BGP BMP server ... (and the list of features set is huge). For example, in one one of my project since 2015 I'm using freeRouter as a BGP route reflector inside a k8s cluster running calico network plugin.

Diagram

Image RemovedImage Added

[ #002 ] - Cookbook

Expand
titleInstall your favorite operating system

In our example we will use a genuine debian stable image (buster) installed as a VirtualBox VM.

and we add a bridge network interface to or laptop RJ45 conectionconnection.


Expand
titleInstall FreeRouter as per #001 article: "Create freeRouter environment"


Code Block
languagebash
themeMidnight
mkdir -p ~/freeRouter/bin ~/freeRouter/lib ~/freeRouter/etc ~/freeRouter/log
cd ~/freeRouter/lib
wget http://freerouter.nop.hu/rtr.jar


Code Block
languagebash
themeMidnight
titleUpdate & Upgrade system
╭─[11:11:54]floui@debian ~ 
╰─➤ tree freeRouter
freeRouter
├── bin   # binary files      
├── etc   # configuration files      
├── lib   # library files      
└── log   # log files



Expand
titlePrepare VM guest build environmentInstall freeRouter net-tools


Code Block
languagebash
themeMidnight
titleUpdate & Upgrade system
apt-get update
apt-get upgrade
Code Block
languagebash
themeMidnight
titleInstall build tools
apt-get install build-essential
Expand
titleCompile freeRouter binary net-tools
get freeRouter net-tools tarball
wget freerouter.nop.hu/rtr.tar
Code Block
languagebash
themeMidnight
titleCreate build environment
mkdir ~/freeRouter-build
cd ~/freeRouter-build
git clone https://github.com/mc36/freeRouter
cd freeRouter/misc/native
mkdir ../../binTmp/


Code Block
languagebash
themeMidnight
titlecompile binary toolsInstall build tools
tar xvf rtr.tar -C./c.sh
cd ../../binTmp/
mv *.bin ~/freeRouter/bin/


Note

For those you would like to rebuild these binaries you can find the compilation shell script in freeRouter cloned git repository in: ~/freeRouter/src/native/c.sh



Expand
titleCreate configuration files for router: freerouter

FreeRouter uses 2 configuration files in order to run, let's write these configuration files for R1 in ~/freeRouter/etc

Code Block
languagebash
themeMidnight
titlefreeRouter hardware file: freerouter-hw.txt
int eth1 eth 0000.1111.0001 127.0.0.1 26011 127.0.0.1 26021
tcp2vrf 2323 v1 23


Code Block
languagebash
themeMidnight
titlefreeRouter software configuration file: r1-sw.txt
freerouter#sh run                                                              
hostname freerouter
buggy
!
!
prefix-list p4
 sequence 10 permit 0.0.0.0/0 ge 0 le 0
 exit
!
prefix-list p6
 sequence 10 permit ::/0 ge 0 le 0
 exit
!
vrf definition v1
 exit
!
interface ethernet1
 description freerouter@enp0s9
 vrf forwarding v1
 ipv4 address dynamic 255.255.255.0
 ipv4 gateway-prefix p4
 ipv4 dhcp-client enable
 ipv4 dhcp-client early
 ipv6 address dynamic ffff:ffff:ffff:ffff::
 ipv6 gateway-prefix p6
 ipv6 slaac
 no shutdown
 no log-link-change
 exit
!
!
!
!
!
!
!
!
!
!
!
!
!
!
server telnet tel
 security protocol telnet
 no exec authorization
 no login authentication
 vrf v1
 exit
!
!
end

freerouter#


...

Expand
titleLaunch router: freerouter


Code Block
languagebash
themeMidnight
titlefreeRouter launch with supplied freerouter-hw.txt and freerouter-sw.txt with a console prompt
╭─[6:06:13]floui@debian[3]  ~/freeRouter  
╰─➤  java -jar lib/rtr.jar routersc etc/freerouter-hw.txt etc/freerouter-sw.txt                                                                                      3 ↵
info cfg.cfgInit.doInit:cfgInit.java:556 booting
info cfg.cfgInit.doInit:cfgInit.java:680 initializing hardware
info cfg.cfgInit.doInit:cfgInit.java:687 applying defaults
info cfg.cfgInit.doInit:cfgInit.java:695 applying configuration
info cfg.cfgInit.doInit:cfgInit.java:721 done
welcome
line ready
freerouter#


Code Block
languagebash
themeMidnight
titleLaunch pcapInt in order to bind socket localhost:26011 to localhost26021@enp0s9
╭─[6:06:13]floui@debian[1]  ~/freeRouter/bin  
╰─➤  sudo ./pcapInt.bin enp0s9 26021 127.0.0.1 26011 127.0.0.1                                                                                                       1 ↵
binded to local port 127.0.0.1 26021.
will send to 127.0.0.1 26011.
pcap version: libpcap version 1.8.1
opening interface enp0s9 with pcap1.x api
serving others
>


Verification

Expand
titleCheck telnet access for freerouter@2323


Code Block
languagebash
themeMidnight
titleFreeRouter telnet access from Virtualbox VM guest via port 2323
╭─[7:07:41]floui@debian[1]  ~/freeRouter/etc  
╰─➤  telnet localhost 2323                                                                                                                                           1 ↵
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
welcome
line ready
freerouter#


...

Expand
titleCheck running-config


Code Block
languagebash
themeMidnight
titlefreerouter running configuration
freerouter#sh run                                                              
hostname freerouter
buggy
!
!
prefix-list p4
 sequence 10 permit 0.0.0.0/0 ge 0 le 0
 exit
!
prefix-list p6
 sequence 10 permit ::/0 ge 0 le 0
 exit
!
vrf definition v1
 exit
!
interface ethernet1
 description freerouter@enp0s9
 vrf forwarding v1
 ipv4 address dynamic 255.255.255.0
 ipv4 gateway-prefix p4
 ipv4 dhcp-client enable
 ipv4 dhcp-client early
 ipv6 address dynamic ffff:ffff:ffff:ffff::
 ipv6 gateway-prefix p6
 ipv6 slaac
 no shutdown
 no log-link-change
 exit
!
!
!
!
!
!
!
!
!
!
!
!
!
!
server telnet tel
 security protocol telnet
 no exec authorization
 no login authentication
 vrf v1
 exit
!
!
end

freerouter#


...

Expand
titleConnectivity IPv4/IPv6 check for freeRouter


Code Block
languagebash
themeMidnight
titlePing IPv4 from freerouter -> LAN router gateway
freerouter#ping 192.168.1.1 /vrf v1                                            
pinging 192.168.1.1, src=null, cnt=5, len=64, tim=1000, ttl=255, tos=0, sweep=false
!!!!!
result=100%, recv/sent/lost=5/5/0, rtt min/avg/max/total=1/1/1/5
freerouter#


Code Block
languagebash
themeMidnight
titleIPv4 arp check ( 192.168.1.1 is the gateway, 192.168.1.143 is the VM host)
freerouter#sh ipv4 arp eth1                                                    
mac             address        time      static
34ce.0067.18c2  192.168.1.1    00:00:43  false
9ceb.e8d5.2c51  192.168.1.143  00:00:43  false

freerouter#

Code Block
languagebash
themeMidnight
titlePing IPv6 from freerouter -> LAN router gateway
freerouter#ping fd7d:a59c:650b::1 /vrf v1                                      
pinging fd7d:a59c:650b::1, src=null, cnt=5, len=64, tim=1000, ttl=255, tos=0, sweep=false
!!!!!
result=100%, recv/sent/lost=5/5/0, rtt min/avg/max/total=0/0/2/4
freerouter#


Code Block
languagebash
themeMidnight
titleIPv6 neighbor discovery check ( 192.168.1.1 is the gateway, 192.168.1.143 is the VM host)
freerouter#show ipv6 neighbors eth1                                            
mac             address                              time      static  router
34ce.0067.18c2  fd7d:a59c:650b::1                    00:01:44  false   false
9ceb.e8d5.2c51  fd7d:a59c:650b::8926:98c9:bbde:8ed7  00:01:44  false   false

freerouter#


Code Block
languagebash
themeMidnight
titleInitiate IPv4 ssh from freerouter -> LAN router gateway
freerouter#ssh 192.168.1.1 /vrf v1 /user root                                  
 - connecting to 192.168.1.1 22
password: ***************
                
 - securing connection



BusyBox v1.28.4 () built-in shell (ash)

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 OpenWrt 18.06.2, r7676-cddd7b4c77
 -----------------------------------------------------
root@OpenWrt:~#


Code Block
languagebash
themeMidnight
titleInitiate IPv6 ssh from freerouter -> LAN router gateway
freerouter#ssh fd7d:a59c:650b::1 /vrf v1 /user root                            
 - connecting to fd7d:a59c:650b::1 22
password: ***************
                
 - securing connection



BusyBox v1.28.4 () built-in shell (ash)

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 OpenWrt 18.06.2, r7676-cddd7b4c77
 -----------------------------------------------------
root@OpenWrt:~


Conclusion

In this article you:

  • had a demonstration of how to integrate freeRouter to a local area network
  • learn how to configure an interface in order to act as an IPv4 DCHP client 
  • learn how to configure an interface using IPv6 SLAAC 
Tip
title[ #002 ] RARE/FreeRouter-101 - key take-away
  • FreeRouter is using UNIX socket in order to forward packet.

After compilation you You can use pcapInt binary from freeRouter net-tools that will bind freeRouter socket (locathost:26011) to a physical network interface (localhost:26021@enp0s9) 

It support a huge list of feature with IPv4/IPv6 parity. In this example we demonstrated how an interface can inherit IPv4/IPv6 addresses from IPv4 DHCP server or IPv6 SLAAC

  • freeRouter can interact with the real network (in various flavors. We will develop this in further articles)

It can be used as a BGP route reflector in Internet Service Provider environment, as ROA/RPKI validator, BMP server, BGP looking glass, route server etc.

...