This How-To project describes how to build a router that runs a dynamic routing protocol. I chose OSPF for this project, however other interior gateway protocols are becoming more popular, such as ISIS. To make this project go quicker, I used a previous Pi SD card build that already had support for a Wireless Access Point to make it easier to manage the Pi remotely. In that build we had installed the apache2 server, hostapd for Wi-Fi AP support, tftpd-hpa for tftp server, and the isc-dhcp-server to support the AP functions.
Lets get started.
This router implementation was crafted to support a testbed where a router is needed to handle packet forwarding between multiple subnets on multiple network interfaces, and share routes with other routers that may be in the test bed. The Pi router terminates subnets on a Layer-2 switches and provides the packet forwarding between those networks and the Internet.
The production network requires multiple IP subnets – a management subnet, and three departmental subnets. The networks being used are as follows:
Directly Connected Networks
192.168.1.0 – The LAN side of the Firewall to the Internet
192.168.20.0/24 – The management network
10.1.3.0/24 – Sales Department
10.1.4.0/24 – Support Department
10.1.5.0/24 – The IT network
Pi Router eth0
192.168.1.x/24 – address assigned by DHCP from the ISP Router
Pi Router eth1
192.168.20.1/24 – Next hop for the management network
10.1.3.1/24 – Next hop for Sales network
10.1.4.1/24 – Next hop for Support network
Pi Router eth2
10.1.5.1/24 – Next hop for the IT network
Pi Router wlan0
192.168.10.1 – used as an AP for WiFi clients
Building the Router
First we need to edit the /etc/network/interfaces configuration file to include this information.
auto lo iface lo inet loopback # ISP Connection auto eth0 iface eth0 inet dhcp # Termination of the Layer-2 sales and support networks auto eth1 eth1:0 eth1:1 iface eth1 inet static address 192.168.20.1 netmask 255.255.255.0 iface eth1:0 inet static address 10.1.3.1 netmask 255.255.255.0 iface eth1:1 inet static address 10.1.4.1 netmask 255.255.255.0 # IT network auto eth2 iface eth2 inet static address 10.1.1.1 netmask 255.255.255.0
Next we need to install the OSPF router application
sudo apt−get install quagga
Next we to enable the specific Quagga daemons we need by editing the daemons file.
sudo nano /etc/quagga/daemons
We want this file to have the following configuration lines set to “yes”.
Next we need to configure Zebra, the routing package that Quagga is based on.
sudo nano /etc/quagga/zebra.conf
We need to modify this file to reflect the interfaces that routing will be used on. The IP addresses of those interfaces could be placed here in lieu of defining them in the /etc/network/interfaces file. The localhost interface (lo) has an IP address to be used as the router ID, which is used to facilitate the election process in a number of routing sub-functions.
! password zebra enable password password ! interface eth0 link-detect ! interface eth1 link-detect ! interface eth2 link-detect ! interface lo link-detect ip address 10.10.10.5/32 ! no log trap log stdout ! line vty no login ! no exec-timeout
Now we are ready to configure OSPFv2 routing. We do this by editing the /etc/quagga/ospfd.conf file. Make the contents of the file look like the following.hostname ospfd
hostname ospfd ! password zebra enable password password ! interface eth0 ! interface eth1 ! interface eth2 ! interface lo ! router ospf network 192.168.1.0/24 area 0.0.0.0 network 10.1.1.0/24 area 0.0.0.0 network 10.1.3.0/24 area 0.0.0.0 network 10.1.4.0/24 area 0.0.0.0 network 10.10.10.5/32 area 0.0.0.0 network 192.168.10.0/24 area 0.0.0.0 network 192.168.20.0/24 area 0.0.0.0 ! line vty no login ! no exec-timeout
The last part of configuration is checking that we have IP forwarding turned on. This should be the case as we did that in the WAP setup. Edit the following file:
sudo nano /etc/sysctl.conf
Find this line and remove the # character.
# Uncomment the next line to enable packet forwarding for IPv4 #net.ipv4.ip_forward=1
Save the file and then start the Quagga routing processes with the following command.
sudo /etc/init.d/quagga start
Verify the configuration
The zebra and ospf routing processes can be managed with a Cisco-like command line interface. Use telnet to connect to the console port of the specific routing process. Telnet is not part of the basic Raspbian build so you must install it.
sudo apt-get install telnet
The various Quagga routing processes use different TCP port numbers.
- zebra – 2601
- ripd – 2602
- ripng – 2603
- ospfd – 2604
- bgpd – 2605
- ospf6d – 2606
The follow is a quick capture of a session started to connect to the OSPF daemon.
telnet localhost 2604 Trying ::1... Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Hello, this is Quagga (version 0.99.21). Copyright 1996-2005 Kunihiro Ishiguro, et al. ospfd>
There are many commands available in each routing daemon that allow you to configure the process. After saving the configuration, the results are stored in the relative configuration file under /etc/quagga/
show ip ospf neighbor show ip ospf route show ip ospf interface show ip ospf database show ip ospf border-routers
The Zebra process will automatically start upon reboot. If you want OSPF to start at boot, update the boot time scripts:
sudo update-rc.d quagga enable