想试测试一下ospf。开始想mininet做试验,但在多个namespace下运行ospf总是遇到问题。干脆用docker来试。
测试拓扑如下,alpine1, alpine2模拟主机,frr1, frr2模拟router。
图中的alpine1、alpine2、frr1、frr2都是docker。不会科学上网,使用下面的命令拉取alpine和frr:
docker pull docker.xuanyuan.me/alpine
docker pull docker.xuanyuan.me/frrouting/frr
使用如下命令创建3个net
# docker network create net1 --subnet=172.18.0.0/16
# docker network create net2 --subnet=172.19.0.0/16
# docker network create net3 --subnet=172.20.0.0/16
使用如下命令创建主机alpine1和alpine2
# docker run -dit --name alpine1 --hostname alpine1 --privileged --net net1 alpine
# docker run -dit --name alpine2 --hostname alpine2 --privileged --net net3 alpine
创建路由器frr1和frr2,并分别连接到net1和net2、net2和net3。
# docker run -dit --name frr1 --hostname frr1 --privileged --net net1 frrouting/frr
# docker network connect net2 frr1
# docker run -dit --name frr2 --hostname frr2 --privileged --net net2 frrouting/frr
# docker network connect net3 frr2
配置主机alpine1的默认路由
# docker exec -it alpine1 /bin/sh
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.18.0.1 0.0.0.0 UG 0 0 0 eth0
172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
# route add default gw 172.18.0.3
# route del default gw 172.18.0.1
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.18.0.3 0.0.0.0 UG 0 0 0 eth0
172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
配置主机alpine2的默认路由
# docker exec -it alpine2 /bin/sh
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.20.0.1 0.0.0.0 UG 0 0 0 eth0
172.20.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
# route add default gw 172.20.0.3
# route del default gw 172.20.0.1
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.20.0.3 0.0.0.0 UG 0 0 0 eth0
172.20.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
配置frr1 ospf路由
(1)创建/etc/frr/vtysh.conf文件
# docker exec -it frr1 /bin/sh
# cp /etc/frr/vtysh.conf.sample /etc/frr/vtysh.conf
为了将所有进程的配置放在同一个文件中,将service integrated-vtysh-config添加到/etc/frr/vtysh.conf的最后一行
!
! Sample configuration file for vtysh.
!
!service integrated-vtysh-config
!hostname quagga-router
!username root nopassword
!
service integrated-vtysh-config
(2)启动ospfd
cat /etc/frr/daemons
# ATTENTION:
#
# When activating a daemon for the first time, a config file, even if it is
# empty, has to be present *and* be owned by the user and group "frr", else
# the daemon will not be started by /etc/init.d/frr. The permissions should
# be u=rw,g=r,o=.
# When using "vtysh" such a config file is also needed. It should be owned by
# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
#
# The watchfrr, zebra and staticd daemons are always started.
#
bgpd=no
ospfd=yes 《====== 注意,把no改为yes
ospf6d=no
ripd=no
The following is omitted
(3)重启frr1,以使上述配置生效
# docker restart frr1
(4)进入frr1配置ospf
# docker exec -it frr1 /bin/sh
/ # vtysh
Hello, this is FRRouting (version 7.5_git).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
frr1# conf t
frr1(config)# interface lo
frr1(config-if)# ip address 1.1.1.1/32
frr1(config-if)# exit
frr1(config)# router ospf
frr1(config-router)# router-info area 0.0.0.0
frr1(config-router)# network 172.18.0.0/16 area 0.0.0.0
frr1(config-router)# network 172.19.0.0/16 area 0.0.0.0
frr1(config-router)# end
frr1# show run
Building configuration...
Current configuration:
!
frr version 7.5_git
frr defaults traditional
hostname frr1
no ipv6 forwarding
service integrated-vtysh-config
!
interface lo
ip address 1.1.1.1/32
!
router ospf
network 172.18.0.0/16 area 0.0.0.0
network 172.19.0.0/16 area 0.0.0.0
router-info area
!
line vty
!
end
frr1# write mem
配置frr2,仅展示ospf的配置,其余配置和frr1类似
/ # vtysh
Hello, this is FRRouting (version 7.5_git).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
frr2# conf t
frr2(config)# interface lo
frr2(config-if)# ip address 2.2.2.2/32
frr2(config-if)# exit
frr2(config)# router ospf
frr2(config-router)# router-info area 0.0.0.0
frr2(config-router)# network 172.19.0.0/16 area 0.0.0.0
frr2(config-router)# network 172.20.0.0/16 area 0.0.0.0
frr2(config-router)# end
此时,可查看ospf邻居建立情况
frr1# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
2.2.2.2 1 Full/Backup 34.411s 172.19.0.3 eth1:172.19.0.2 0 0 0
学到ospf路由
frr1# show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route, q - queued, r - rejected, b - backup
K>* 0.0.0.0/0 [0/0] via 172.18.0.1, eth0, 00:49:06
C>* 1.1.1.1/32 is directly connected, lo, 00:47:30
O 172.18.0.0/16 [110/10] is directly connected, eth0, weight 1, 00:46:19
C>* 172.18.0.0/16 is directly connected, eth0, 00:49:06
O 172.19.0.0/16 [110/10] is directly connected, eth1, weight 1, 00:46:13
C>* 172.19.0.0/16 is directly connected, eth1, 00:49:06
O>* 172.20.0.0/16 [110/20] via 172.19.0.3, eth1, weight 1, 00:04:26
最后一条路由为frr1学到的net3的路由
此时,从alpine1可ping通alpine2
# docker exec -it alpine1 /bin/sh
/ # ping 172.20.0.2
PING 172.20.0.2 (172.20.0.2): 56 data bytes
64 bytes from 172.20.0.2: seq=0 ttl=62 time=0.386 ms
64 bytes from 172.20.0.2: seq=1 ttl=62 time=0.468 ms
64 bytes from 172.20.0.2: seq=2 ttl=62 time=0.467 ms
64 bytes from 172.20.0.2: seq=3 ttl=62 time=0.464 ms
^C
--- 172.20.0.2 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.386/0.446/0.468 ms
