From 4acdf89b8d50e4be657186c00b805e34a4e7e11a Mon Sep 17 00:00:00 2001 From: seantywork Date: Wed, 11 Jun 2025 09:03:43 +0900 Subject: [PATCH] bgp done --- README.md | 6 ++ bgp/2506-03.xyz.md | 249 ++++++++++++++++++++++++++++++++++++++++---- bgp/bird0/bird.conf | 4 +- bgp/bird1/bird.conf | 4 +- 4 files changed, 241 insertions(+), 22 deletions(-) diff --git a/README.md b/README.md index 0b989e7..e16d891 100644 --- a/README.md +++ b/README.md @@ -1965,6 +1965,12 @@ ip route add 192.168.10.0/24 dev enp3s0 table 5 ip route flush cache +# nexthop different network + +sudo ip route add 192.168.122.87 dev enp1s0 + +sudo ip route add 10.0.2.0/24 via 192.168.122.87 dev enp1s0 + # rule # all diff --git a/bgp/2506-03.xyz.md b/bgp/2506-03.xyz.md index 7dfee91..35344d6 100644 --- a/bgp/2506-03.xyz.md +++ b/bgp/2506-03.xyz.md @@ -1,14 +1,56 @@ + +# + +```shell +thy@ubuntu24-server:~/box$ sudo ip a +1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 + link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 + inet 127.0.0.1/8 scope host lo + valid_lft forever preferred_lft forever + inet6 ::1/128 scope host noprefixroute + valid_lft forever preferred_lft forever +2: enp1s0: mtu 1500 qdisc fq_codel state UP group default qlen 1000 + link/ether 52:54:00:e2:07:25 brd ff:ff:ff:ff:ff:ff + inet 192.168.122.204/24 metric 100 brd 192.168.122.255 scope global dynamic enp1s0 + valid_lft 2074sec preferred_lft 2074sec + inet6 fe80::5054:ff:fee2:725/64 scope link + valid_lft forever preferred_lft forever + + +``` + +# + +```shell + +thy@ubuntu-24-2:~/box$ sudo ip a +1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 + link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 + inet 127.0.0.1/8 scope host lo + valid_lft forever preferred_lft forever + inet6 ::1/128 scope host noprefixroute + valid_lft forever preferred_lft forever +2: enp1s0: mtu 1500 qdisc fq_codel state UP group default qlen 1000 + link/ether 52:54:00:e2:07:21 brd ff:ff:ff:ff:ff:ff + inet 192.168.122.200/24 metric 100 brd 192.168.122.255 scope global dynamic enp1s0 + valid_lft 2102sec preferred_lft 2102sec + inet6 fe80::5054:ff:fee2:721/64 scope link + valid_lft forever preferred_lft forever + +``` # ```shell -seantywork@birds1:~$ nc -l 10.0.1.5 9999 +thy@ubuntu-24-2:~/box$ nc -l 192.168.122.200 9999 ``` ```shell -seantywork@birds0:~$ nc 10.0.1.5 9999 +thy@ubuntu24-server:~/box$ nc 192.168.122.200 9999 qwer + + ``` # @@ -39,65 +81,105 @@ sudo systemctl stop bird ```shell -seantywork@birds0:~$ sudo ip a +thy@ubuntu24-server:~/box$ ip a ... -3: veth1@if2: mtu 1500 qdisc noqueue state UP group default qlen 1000 - link/ether 92:af:e1:bd:1b:cb brd ff:ff:ff:ff:ff:ff link-netns net1 +4: veth1@if2: mtu 1500 qdisc noqueue state UP group default qlen 1000 + link/ether 86:59:90:1a:4a:60 brd ff:ff:ff:ff:ff:ff link-netns net1 inet 10.0.10.1/24 scope global veth1 valid_lft forever preferred_lft forever - inet6 fe80::3ca0:f4ff:fe14:4e85/64 scope link + inet6 fe80::8459:90ff:fe1a:4a60/64 scope link valid_lft forever preferred_lft forever + ``` # ```shell -seantywork@birds0:~$ sudo ip netns exec net1 ip a +thy@ubuntu24-server:~/box$ sudo ip netns exec net1 ip a 1: lo: mtu 65536 qdisc noop state DOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 -2: veth2@if3: mtu 1500 qdisc noqueue state UP group default qlen 1000 - link/ether 76:cc:32:53:1f:88 brd ff:ff:ff:ff:ff:ff link-netnsid 0 +2: veth2@if4: mtu 1500 qdisc noqueue state UP group default qlen 1000 + link/ether 9a:45:f6:36:e8:cb brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 10.0.10.2/24 scope global veth2 valid_lft forever preferred_lft forever - inet6 fe80::74cc:32ff:fe53:1f88/64 scope link + inet6 fe80::9845:f6ff:fe36:e8cb/64 scope link valid_lft forever preferred_lft forever + ``` # ```shell -seantywork@birds1:~$ sudo tshark -i veth1 +thy@ubuntu-24-2:~$ sudo tshark -i veth1 Running as user "root" and group "root". This could be dangerous. Capturing on 'veth1' + ``` # ```shell -seantywork@birds1:~$ sudo ip netns exec net1 nc -l 10.0.11.2 9999 +thy@ubuntu-24-2:~/box$ sudo ip netns exec net1 nc -l 10.0.11.2 9999 + ``` ```shell -seantywork@birds0:~$ sudo ip netns exec net1 nc 10.0.11.2 9999 +thy@ubuntu24-server:~/box$ sudo ip netns exec net1 nc 10.0.11.2 9999 + ``` # ```shell -seantywork@birds0:~$ sudo ip route add 10.0.1.5 dev ens4 -seantywork@birds0:~$ sudo ip route add 10.0.11.0/24 via 10.0.1.5 dev ens4 +thy@ubuntu24-server:~/box$ sudo ip route add 192.168.122.200 dev enp1s0 +thy@ubuntu24-server:~/box$ sudo ip route add 10.0.11.0/24 via 192.168.122.200 dev enp1s0 ``` ```shell -seantywork@birds1:~$ sudo ip route add 10.0.1.4 dev ens4 -seantywork@birds1:~$ sudo ip route add 10.0.10.0/24 via 10.0.1.4 dev ens4 +thy@ubuntu-24-2:~/box$ sudo ip route add 192.168.122.204 dev enp1s0 +thy@ubuntu-24-2:~/box$ sudo ip route add 10.0.10.0/24 via 192.168.122.204 dev enp1s0 +``` + +# + +```shell +thy@ubuntu-24-2:~/box$ sudo ip netns exec net1 nc -l 10.0.11.2 9999 + +``` + +```shell +thy@ubuntu24-server:~/box$ sudo ip netns exec net1 nc 10.0.11.2 9999 +asdf +``` +# + +```shell + + 7 209.216657001 10.0.10.2 → 10.0.11.2 TCP 74 54346 → 9999 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM TSval=2153550491 TSecr=0 WS=128 + 8 209.216718956 10.0.11.2 → 10.0.10.2 TCP 74 9999 → 54346 [SYN, ACK] Seq=0 Ack=1 Win=65160 Len=0 MSS=1460 SACK_PERM TSval=1584711764 TSecr=2153550491 WS=128 + 9 209.217147388 10.0.10.2 → 10.0.11.2 TCP 66 54346 → 9999 [ACK] Seq=1 Ack=1 Win=64256 Len=0 TSval=2153550492 TSecr=1584711764 + 10 211.003022696 10.0.10.2 → 10.0.11.2 TCP 71 54346 → 9999 [PSH, ACK] Seq=1 Ack=1 Win=64256 Len=5 TSval=2153552277 TSecr=1584711764 + 11 211.003087706 10.0.11.2 → 10.0.10.2 TCP 66 9999 → 54346 [ACK] Seq=1 Ack=6 Win=65280 Len=0 TSval=1584713551 TSecr=2153552277 + +``` + +# + +```shell +thy@ubuntu24-server:~/box$ sudo ip route del 192.168.122.200 dev enp1s0 +thy@ubuntu24-server:~/box$ sudo ip route del 10.0.11.0/24 via 192.168.122.200 dev enp1s0 + +``` +```shell +thy@ubuntu-24-2:~/box$ sudo ip route del 192.168.122.204 dev enp1s0 +thy@ubuntu-24-2:~/box$ sudo ip route del 10.0.10.0/24 via 192.168.122.204 dev enp1s0 ``` @@ -106,4 +188,135 @@ seantywork@birds1:~$ sudo ip route add 10.0.10.0/24 via 10.0.1.4 dev ens4 ```shell vim /etc/bird/bird.conf -``` \ No newline at end of file +``` + + +# + +```shell +sudo systemctl restart bird +``` + +# + +```shell +thy@ubuntu24-server:~/box$ sudo birdc show protocols +BIRD 1.6.8 ready. +name proto table state since info +kernel1 Kernel master up 23:45:55 +device1 Device master up 23:45:55 +direct1 Direct master up 23:45:55 +b0 BGP master up 23:45:59 Established + +thy@ubuntu24-server:~/box$ sudo birdc show route +BIRD 1.6.8 ready. +10.0.10.0/24 dev veth1 [direct1 23:45:55] * (240) +10.0.11.0/24 via 192.168.122.200 on enp1s0 [b0 23:45:59] * (100) [AS64521i] +192.168.122.0/24 dev enp1s0 [direct1 23:45:55] * (240) + via 192.168.122.200 on enp1s0 [b0 23:45:59] (100) [AS64521i] + + +``` +```shell +thy@ubuntu-24-2:~/box$ sudo birdc show protocols +BIRD 1.6.8 ready. +name proto table state since info +kernel1 Kernel master up 23:45:59 +device1 Device master up 23:45:59 +direct1 Direct master up 23:45:59 +b1 BGP master up 23:45:59 Established + +thy@ubuntu-24-2:~/box$ sudo birdc show route +BIRD 1.6.8 ready. +10.0.10.0/24 via 192.168.122.204 on enp1s0 [b1 23:45:59] * (100) [AS64520i] +10.0.11.0/24 dev veth1 [direct1 23:45:59] * (240) +192.168.122.0/24 dev enp1s0 [direct1 23:45:59] * (240) + via 192.168.122.204 on enp1s0 [b1 23:45:59] (100) [AS64520i] + + +``` + +# + +```shell +thy@ubuntu24-server:~/box$ sudo ip route +default via 192.168.122.1 dev enp1s0 proto dhcp src 192.168.122.204 metric 100 +10.0.10.0/24 dev veth1 proto kernel scope link src 10.0.10.1 +10.0.11.0/24 via 192.168.122.200 dev enp1s0 proto bird +192.168.122.0/24 dev enp1s0 proto kernel scope link src 192.168.122.204 metric 100 +192.168.122.1 dev enp1s0 proto dhcp scope link src 192.168.122.204 metric 100 +``` +```shell +thy@ubuntu-24-2:~/box$ sudo ip route +default via 192.168.122.1 dev enp1s0 proto dhcp src 192.168.122.200 metric 100 +10.0.10.0/24 via 192.168.122.204 dev enp1s0 proto bird +10.0.11.0/24 dev veth1 proto kernel scope link src 10.0.11.1 +192.168.122.0/24 dev enp1s0 proto kernel scope link src 192.168.122.200 metric 100 +192.168.122.1 dev enp1s0 proto dhcp scope link src 192.168.122.200 metric 100 + +``` + +# + +```shell +thy@ubuntu24-server:~$ sudo tshark -i veth1 +Running as user "root" and group "root". This could be dangerous. +Capturing on 'veth1' + +``` +```shell +thy@ubuntu-24-2:~$ sudo tshark -i veth1 +Running as user "root" and group "root". This could be dangerous. +Capturing on 'veth1' + +``` + +# + +```shell + +thy@ubuntu-24-2:~/box$ sudo ip netns exec net1 nc -l 10.0.11.2 9999 +``` + +```shell + +thy@ubuntu24-server:~/box$ sudo ip netns exec net1 nc 10.0.11.2 9999 +bgp helloo!!!! + +``` + +# + +```shell +thy@ubuntu24-server:~$ sudo tshark -i veth1 +Running as user "root" and group "root". This could be dangerous. +Capturing on 'veth1' + 1 0.000000000 10.0.10.2 → 10.0.11.2 TCP 74 53488 → 9999 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM TSval=2154111861 TSecr=0 WS=128 + 2 0.000337346 10.0.11.2 → 10.0.10.2 TCP 74 9999 → 53488 [SYN, ACK] Seq=0 Ack=1 Win=65160 Len=0 MSS=1460 SACK_PERM TSval=1585273134 TSecr=2154111861 WS=128 + 3 0.000354149 10.0.10.2 → 10.0.11.2 TCP 66 53488 → 9999 [ACK] Seq=1 Ack=1 Win=64256 Len=0 TSval=2154111861 TSecr=1585273134 + 4 5.292822389 86:59:90:1a:4a:60 → 9a:45:f6:36:e8:cb ARP 42 Who has 10.0.10.2? Tell 10.0.10.1 + 5 5.292843243 9a:45:f6:36:e8:cb → 86:59:90:1a:4a:60 ARP 42 Who has 10.0.10.1? Tell 10.0.10.2 + 6 5.293009682 86:59:90:1a:4a:60 → 9a:45:f6:36:e8:cb ARP 42 10.0.10.1 is at 86:59:90:1a:4a:60 + 7 5.292981525 9a:45:f6:36:e8:cb → 86:59:90:1a:4a:60 ARP 42 10.0.10.2 is at 9a:45:f6:36:e8:cb + 8 8.448817263 10.0.10.2 → 10.0.11.2 TCP 81 53488 → 9999 [PSH, ACK] Seq=1 Ack=1 Win=64256 Len=15 TSval=2154120310 TSecr=1585273134 + 9 8.449367387 10.0.11.2 → 10.0.10.2 TCP 66 9999 → 53488 [ACK] Seq=1 Ack=16 Win=65152 Len=0 TSval=1585281583 TSecr=2154120310 + + +``` + +```shell +thy@ubuntu-24-2:~$ sudo tshark -i veth1 +Running as user "root" and group "root". This could be dangerous. +Capturing on 'veth1' + 1 0.000000000 10.0.10.2 → 10.0.11.2 TCP 74 53488 → 9999 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM TSval=2154111861 TSecr=0 WS=128 + 2 0.000056658 10.0.11.2 → 10.0.10.2 TCP 74 9999 → 53488 [SYN, ACK] Seq=0 Ack=1 Win=65160 Len=0 MSS=1460 SACK_PERM TSval=1585273134 TSecr=2154111861 WS=128 + 3 0.000197636 10.0.10.2 → 10.0.11.2 TCP 66 53488 → 9999 [ACK] Seq=1 Ack=1 Win=64256 Len=0 TSval=2154111861 TSecr=1585273134 + 4 5.093841101 06:63:34:0b:98:ef → 7e:9f:2d:eb:7c:33 ARP 42 Who has 10.0.11.2? Tell 10.0.11.1 + 5 5.093832531 7e:9f:2d:eb:7c:33 → 06:63:34:0b:98:ef ARP 42 Who has 10.0.11.1? Tell 10.0.11.2 + 6 5.093891327 06:63:34:0b:98:ef → 7e:9f:2d:eb:7c:33 ARP 42 10.0.11.1 is at 06:63:34:0b:98:ef + 7 5.093898882 7e:9f:2d:eb:7c:33 → 06:63:34:0b:98:ef ARP 42 10.0.11.2 is at 7e:9f:2d:eb:7c:33 + 8 8.448882261 10.0.10.2 → 10.0.11.2 TCP 81 53488 → 9999 [PSH, ACK] Seq=1 Ack=1 Win=64256 Len=15 TSval=2154120310 TSecr=1585273134 + 9 8.448965966 10.0.11.2 → 10.0.10.2 TCP 66 9999 → 53488 [ACK] Seq=1 Ack=16 Win=65152 Len=0 TSval=1585281583 TSecr=2154120310 + +``` + diff --git a/bgp/bird0/bird.conf b/bgp/bird0/bird.conf index f80af05..d9901b2 100644 --- a/bgp/bird0/bird.conf +++ b/bgp/bird0/bird.conf @@ -1,5 +1,5 @@ -router id 10.0.1.4; +router id 192.168.122.204; protocol kernel { metric 0; @@ -16,7 +16,7 @@ protocol direct { protocol bgp b0 { local as 64520; - neighbor 10.0.1.5 as 64521; + neighbor 192.168.122.200 as 64521; import all; export all; } \ No newline at end of file diff --git a/bgp/bird1/bird.conf b/bgp/bird1/bird.conf index 81b3bb2..64573ef 100644 --- a/bgp/bird1/bird.conf +++ b/bgp/bird1/bird.conf @@ -1,5 +1,5 @@ -router id 10.0.1.5; +router id 192.168.122.200; protocol kernel { metric 0; @@ -16,7 +16,7 @@ protocol direct { protocol bgp b1 { local as 64521; - neighbor 10.0.1.4 as 64520; + neighbor 192.168.122.204 as 64520; import all; export all; } \ No newline at end of file -- 2.43.0