Mailing List Archive: PBR(policy based routing in quagga)

PBR(policy based routing in quagga)

anki.nakm at gmail

Aug 21, 2017, 4:07 AM

Post #1 of 6 (1604 views)

Hi all,

Could you please let me know PBR (Policy Based Routing) functionality
support is present in Quagga for both Static routes and Dynamic routing
cases or not.

I am able to see the configuration option to configure the route-map
config, but the next hop was not modified.

Below is my config for static case, Please correct me if I missed any
config.

Before applying the PBR config, route table info

K>* 0.0.0.0/0 via 10.200.8.1,vmmgmt

K>* 1.0.0.0/24 via 2.0.0.1, enp2s0f3

C>* 2.0.0.0/24 is directly connected, enp2s0f3

C>* 3.0.0.0/24 is directly connected, enp2s0f1

C>* 10.200.8.0/24 is directly connected, vmmgmt

S>* 25.25.0.0/24 [1/0] via 2.0.0.20, enp2s0f3

S>* 30.0.0.0/24 [1/0] via 3.0.0.40, enp2s0f1

Tried configuring PBR below two ways

1. Using access list

access-list anki permit 25.25.0.0/24

!

route-map qwe permit 5

match ip address anki

set ip next-hop 3.0.0.40

1. Directly applying matching ip

route-map aaa permit 2

match ip address 25.25.0.0/24

set ip next-hop 3.0.0.40

Note: I am not seeing any configuration support to apply the PBR config
under interface.

After applying the above config , show ip route in Quagga displays the same
output, next hop was not modified.

K>* 1.0.0.0/24 via 2.0.0.1, enp2s0f3

C>* 2.0.0.0/24 is directly connected, enp2s0f3

C>* 3.0.0.0/24 is directly connected, enp2s0f1

C>* 10.200.8.0/24 is directly connected, vmmgmt

S>* 25.25.0.0/24 [1/0] via 2.0.0.20, enp2s0f3

S>* 30.0.0.0/24 [1/0] via 3.0.0.40, enp2s0f1

C>* 127.0.0.0/8 is directly connected, lo

C>* 192.168.122.0/24 is directly connected, virbr0

Thanks a lot for your help in advance.

Thanks,

Anki

Re: PBR(policy based routing in quagga) [ In reply to ]

guillaume.barrot at gmail

Aug 21, 2017, 7:22 AM

Post #2 of 6 (1603 views)

Try to lower the administrative distance for the static route.
PBR shall use a lower AD, so the static route is still present.

2017-08-21 13:07 GMT+02:00 Anki Abhi <anki.nakm@gmail.com>:

> Hi all,
>
>
> Could you please let me know PBR (Policy Based Routing) functionality
> support is present in Quagga for both Static routes and Dynamic routing
> cases or not.
>
>
>
> I am able to see the configuration option to configure the route-map
> config, but the next hop was not modified.
>
>
>
> Below is my config for static case, Please correct me if I missed any
> config.
>
>
>
> Before applying the PBR config, route table info
>
>
>
> K>* 0.0.0.0/0 via 10.200.8.1,vmmgmt
>
> K>* 1.0.0.0/24 via 2.0.0.1, enp2s0f3
>
> C>* 2.0.0.0/24 is directly connected, enp2s0f3
>
> C>* 3.0.0.0/24 is directly connected, enp2s0f1
>
> C>* 10.200.8.0/24 is directly connected, vmmgmt
>
> S>* 25.25.0.0/24 [1/0] via 2.0.0.20, enp2s0f3
>
> S>* 30.0.0.0/24 [1/0] via 3.0.0.40, enp2s0f1
>
>
>
> Tried configuring PBR below two ways
>
> 1. Using access list
>
> access-list anki permit 25.25.0.0/24
>
> !
>
> route-map qwe permit 5
>
> match ip address anki
>
> set ip next-hop 3.0.0.40
>
> 1. Directly applying matching ip
>
> route-map aaa permit 2
>
> match ip address 25.25.0.0/24
>
> set ip next-hop 3.0.0.40
>
>
>
> Note: I am not seeing any configuration support to apply the PBR config
> under interface.
>
>
>
> After applying the above config , show ip route in Quagga displays the
> same output, next hop was not modified.
>
>
>
> K>* 1.0.0.0/24 via 2.0.0.1, enp2s0f3
>
> C>* 2.0.0.0/24 is directly connected, enp2s0f3
>
> C>* 3.0.0.0/24 is directly connected, enp2s0f1
>
> C>* 10.200.8.0/24 is directly connected, vmmgmt
>
> S>* 25.25.0.0/24 [1/0] via 2.0.0.20, enp2s0f3
>
> S>* 30.0.0.0/24 [1/0] via 3.0.0.40, enp2s0f1
>
> C>* 127.0.0.0/8 is directly connected, lo
>
> C>* 192.168.122.0/24 is directly connected, virbr0
>
>
>
> Thanks a lot for your help in advance.
>
>
>
>
>
> Thanks,
>
> Anki
>
> _______________________________________________
> Quagga-users mailing list
> Quagga-users@lists.quagga.net
> https://lists.quagga.net/mailman/listinfo/quagga-users
>
>

--
Cordialement,

Guillaume BARROT

Re: PBR(policy based routing in quagga) [ In reply to ]

Aug 21, 2017, 8:11 AM

Post #3 of 6 (1603 views)

I think that to use PBR you need to use the default linux flavour (iproute2)

at least I wasn't able to put it to work simply with quagga. I had to
put ip rules in place.

On 21/08/2017 16:22, Guillaume Barrot wrote:
> Try to lower the administrative distance for the static route.
> PBR shall use a lower AD, so the static route is still present.
>
> 2017-08-21 13:07 GMT+02:00 Anki Abhi <anki.nakm@gmail.com
> <mailto:anki.nakm@gmail.com>>:
>
> Hi all,
>
>
> Could you please let me know PBR (Policy Based Routing)
> functionality support is present in Quagga for both Static routes
> and Dynamic routing cases or not.
>
>
>
> I am able to see the configuration option to configure the
> route-map config, but the next hop was not modified.
>
>
>
> Below is my config for static case, Please correct me if I missed
> any config.
>
>
>
> Before applying the PBR config, route table info
>
>
>
> K>* 0.0.0.0/0 <http://0.0.0.0/0> via 10.200.8.1,vmmgmt
>
> K>* 1.0.0.0/24 <http://1.0.0.0/24> via 2.0.0.1, enp2s0f3
>
> C>* 2.0.0.0/24 <http://2.0.0.0/24> is directly connected, enp2s0f3
>
> C>* 3.0.0.0/24 <http://3.0.0.0/24> is directly connected, enp2s0f1
>
> C>* 10.200.8.0/24 <http://10.200.8.0/24> is directly connected, vmmgmt
>
> S>* 25.25.0.0/24 <http://25.25.0.0/24> [1/0] via 2.0.0.20, enp2s0f3
>
> S>* 30.0.0.0/24 <http://30.0.0.0/24> [1/0] via 3.0.0.40, enp2s0f1
>
>
>
> Tried configuring PBR below two ways
>
> 1. Using access list
>
> access-list anki permit 25.25.0.0/24 <http://25.25.0.0/24>
>
> !
>
> route-map qwe permit 5
>
> match ip address anki
>
> set ip next-hop 3.0.0.40
>
> 2. Directly applying matching ip
>
> route-map aaa permit 2
>
> match ip address 25.25.0.0/24 <http://25.25.0.0/24>
>
> set ip next-hop 3.0.0.40
>
>
>
> Note: I am not seeing any configuration support to apply the PBR
> config under interface.
>
>
>
> After applying the above config , show ip route in Quagga displays
> the same output, next hop was not modified.
>
>
>
> K>* 1.0.0.0/24 <http://1.0.0.0/24> via 2.0.0.1, enp2s0f3
>
> C>* 2.0.0.0/24 <http://2.0.0.0/24> is directly connected, enp2s0f3
>
> C>* 3.0.0.0/24 <http://3.0.0.0/24> is directly connected, enp2s0f1
>
> C>* 10.200.8.0/24 <http://10.200.8.0/24> is directly connected, vmmgmt
>
> S>* 25.25.0.0/24 <http://25.25.0.0/24> [1/0] via 2.0.0.20, enp2s0f3
>
> S>* 30.0.0.0/24 <http://30.0.0.0/24> [1/0] via 3.0.0.40, enp2s0f1
>
> C>* 127.0.0.0/8 <http://127.0.0.0/8> is directly connected, lo
>
> C>* 192.168.122.0/24 <http://192.168.122.0/24> is directly
> connected, virbr0
>
>
>
> Thanks a lot for your help in advance.
>
>
>
>
>
> Thanks,
>
> Anki
>
>
> _______________________________________________
> Quagga-users mailing list
> Quagga-users@lists.quagga.net <mailto:Quagga-users@lists.quagga.net>
> https://lists.quagga.net/mailman/listinfo/quagga-users
> <https://lists.quagga.net/mailman/listinfo/quagga-users>
>
>
>
>
> --
> Cordialement,
>
> Guillaume BARROT
>
>
> _______________________________________________
> Quagga-users mailing list
> Quagga-users@lists.quagga.net
> https://lists.quagga.net/mailman/listinfo/quagga-users

Re: PBR(policy based routing in quagga) [ In reply to ]

anki.nakm at gmail

Aug 21, 2017, 8:08 PM

Post #4 of 6 (1598 views)

Thanks a lot for promot response.

So pbr was supported in quagga but i missed few configurations related to
iptables.
Can u plz share if you have any sample config.

We are already configuaring the access list, could you please explain again
why we need iptables.

Thanks,
Anki

On Monday, August 21, 2017, Vasco Matos <vascom@swns.ch> wrote:

> I think that to use PBR you need to use the default linux flavour
> (iproute2)
>
> at least I wasn't able to put it to work simply with quagga. I had to put
> ip rules in place.
>
>
>
> On 21/08/2017 16:22, Guillaume Barrot wrote:
>
> Try to lower the administrative distance for the static route.
> PBR shall use a lower AD, so the static route is still present.
>
> 2017-08-21 13:07 GMT+02:00 Anki Abhi <anki.nakm@gmail.com
> <javascript:_e(%7B%7D,'cvml','anki.nakm@gmail.com');>>:
>
>> Hi all,
>>
>>
>> Could you please let me know PBR (Policy Based Routing) functionality
>> support is present in Quagga for both Static routes and Dynamic routing
>> cases or not.
>>
>>
>>
>> I am able to see the configuration option to configure the route-map
>> config, but the next hop was not modified.
>>
>>
>>
>> Below is my config for static case, Please correct me if I missed any
>> config.
>>
>>
>>
>> Before applying the PBR config, route table info
>>
>>
>>
>> K>* 0.0.0.0/0 via 10.200.8.1,vmmgmt
>>
>> K>* 1.0.0.0/24 via 2.0.0.1, enp2s0f3
>>
>> C>* 2.0.0.0/24 is directly connected, enp2s0f3
>>
>> C>* 3.0.0.0/24 is directly connected, enp2s0f1
>>
>> C>* 10.200.8.0/24 is directly connected, vmmgmt
>>
>> S>* 25.25.0.0/24 [1/0] via 2.0.0.20, enp2s0f3
>>
>> S>* 30.0.0.0/24 [1/0] via 3.0.0.40, enp2s0f1
>>
>>
>>
>> Tried configuring PBR below two ways
>>
>> 1. Using access list
>>
>> access-list anki permit 25.25.0.0/24
>>
>> !
>>
>> route-map qwe permit 5
>>
>> match ip address anki
>>
>> set ip next-hop 3.0.0.40
>>
>> 1. Directly applying matching ip
>>
>> route-map aaa permit 2
>>
>> match ip address 25.25.0.0/24
>>
>> set ip next-hop 3.0.0.40
>>
>>
>>
>> Note: I am not seeing any configuration support to apply the PBR config
>> under interface.
>>
>>
>>
>> After applying the above config , show ip route in Quagga displays the
>> same output, next hop was not modified.
>>
>>
>>
>> K>* 1.0.0.0/24 via 2.0.0.1, enp2s0f3
>>
>> C>* 2.0.0.0/24 is directly connected, enp2s0f3
>>
>> C>* 3.0.0.0/24 is directly connected, enp2s0f1
>>
>> C>* 10.200.8.0/24 is directly connected, vmmgmt
>>
>> S>* 25.25.0.0/24 [1/0] via 2.0.0.20, enp2s0f3
>>
>> S>* 30.0.0.0/24 [1/0] via 3.0.0.40, enp2s0f1
>>
>> C>* 127.0.0.0/8 is directly connected, lo
>>
>> C>* 192.168.122.0/24 is directly connected, virbr0
>>
>>
>>
>> Thanks a lot for your help in advance.
>>
>>
>>
>>
>>
>> Thanks,
>>
>> Anki
>>
>> _______________________________________________
>> Quagga-users mailing list
>> Quagga-users@lists.quagga.net
>> <javascript:_e(%7B%7D,'cvml','Quagga-users@lists.quagga.net');>
>> https://lists.quagga.net/mailman/listinfo/quagga-users
>>
>>
>
>
> --
> Cordialement,
>
> Guillaume BARROT
>
>
> _______________________________________________
> Quagga-users mailing listQuagga-users@lists.quagga.net <javascript:_e(%7B%7D,'cvml','Quagga-users@lists.quagga.net');>https://lists.quagga.net/mailman/listinfo/quagga-users
>
>
>

Re: PBR(policy based routing in quagga) [ In reply to ]

anki.nakm at gmail

Aug 21, 2017, 8:08 PM

Post #5 of 6 (1598 views)

Thanks a lot.

Will reduce the ad and try.

Thanks,
Anki

On Monday, August 21, 2017, Guillaume Barrot <guillaume.barrot@gmail.com>
wrote:

> Try to lower the administrative distance for the static route.
> PBR shall use a lower AD, so the static route is still present.
>
> 2017-08-21 13:07 GMT+02:00 Anki Abhi <anki.nakm@gmail.com
> <javascript:_e(%7B%7D,'cvml','anki.nakm@gmail.com');>>:
>
>> Hi all,
>>
>>
>> Could you please let me know PBR (Policy Based Routing) functionality
>> support is present in Quagga for both Static routes and Dynamic routing
>> cases or not.
>>
>>
>>
>> I am able to see the configuration option to configure the route-map
>> config, but the next hop was not modified.
>>
>>
>>
>> Below is my config for static case, Please correct me if I missed any
>> config.
>>
>>
>>
>> Before applying the PBR config, route table info
>>
>>
>>
>> K>* 0.0.0.0/0 via 10.200.8.1,vmmgmt
>>
>> K>* 1.0.0.0/24 via 2.0.0.1, enp2s0f3
>>
>> C>* 2.0.0.0/24 is directly connected, enp2s0f3
>>
>> C>* 3.0.0.0/24 is directly connected, enp2s0f1
>>
>> C>* 10.200.8.0/24 is directly connected, vmmgmt
>>
>> S>* 25.25.0.0/24 [1/0] via 2.0.0.20, enp2s0f3
>>
>> S>* 30.0.0.0/24 [1/0] via 3.0.0.40, enp2s0f1
>>
>>
>>
>> Tried configuring PBR below two ways
>>
>> 1. Using access list
>>
>> access-list anki permit 25.25.0.0/24
>>
>> !
>>
>> route-map qwe permit 5
>>
>> match ip address anki
>>
>> set ip next-hop 3.0.0.40
>>
>> 1. Directly applying matching ip
>>
>> route-map aaa permit 2
>>
>> match ip address 25.25.0.0/24
>>
>> set ip next-hop 3.0.0.40
>>
>>
>>
>> Note: I am not seeing any configuration support to apply the PBR config
>> under interface.
>>
>>
>>
>> After applying the above config , show ip route in Quagga displays the
>> same output, next hop was not modified.
>>
>>
>>
>> K>* 1.0.0.0/24 via 2.0.0.1, enp2s0f3
>>
>> C>* 2.0.0.0/24 is directly connected, enp2s0f3
>>
>> C>* 3.0.0.0/24 is directly connected, enp2s0f1
>>
>> C>* 10.200.8.0/24 is directly connected, vmmgmt
>>
>> S>* 25.25.0.0/24 [1/0] via 2.0.0.20, enp2s0f3
>>
>> S>* 30.0.0.0/24 [1/0] via 3.0.0.40, enp2s0f1
>>
>> C>* 127.0.0.0/8 is directly connected, lo
>>
>> C>* 192.168.122.0/24 is directly connected, virbr0
>>
>>
>>
>> Thanks a lot for your help in advance.
>>
>>
>>
>>
>>
>> Thanks,
>>
>> Anki
>>
>> _______________________________________________
>> Quagga-users mailing list
>> Quagga-users@lists.quagga.net
>> <javascript:_e(%7B%7D,'cvml','Quagga-users@lists.quagga.net');>
>> https://lists.quagga.net/mailman/listinfo/quagga-users
>>
>>
>
>
> --
> Cordialement,
>
> Guillaume BARROT
>

Re: PBR(policy based routing in quagga) [ In reply to ]

tom at samplonius

Aug 21, 2017, 9:35 PM

Post #6 of 6 (1595 views)

> Could you please let me know PBR (Policy Based Routing) functionality support is present in Quagga for both Static routes and Dynamic routing cases or not.

Quagga is mostly a routing protocol implementation. So you can apply policies to route distribution and acceptance within the limits of each protocol.

Quagga does not do forwarding. So if you want to make a forwarding decision based on any criteria besides the destination route, that is an forwarding plane (kernel, OS) issue. The route table is used for destination based forwarding.

> I am able to see the configuration option to configure the route-map config, but the next hop was not modified.
>
> Below is my config for static case, Please correct me if I missed any config.
>
> Before applying the PBR config, route table info
>
> K>* 0.0.0.0/0 <http://0.0.0.0/0> via 10.200.8.1,vmmgmt
> K>* 1.0.0.0/24 <http://1.0.0.0/24> via 2.0.0.1, enp2s0f3
> C>* 2.0.0.0/24 <http://2.0.0.0/24> is directly connected, enp2s0f3
> C>* 3.0.0.0/24 <http://3.0.0.0/24> is directly connected, enp2s0f1
> C>* 10.200.8.0/24 <http://10.200.8.0/24> is directly connected, vmmgmt
> S>* 25.25.0.0/24 <http://25.25.0.0/24> [1/0] via 2.0.0.20, enp2s0f3
> S>* 30.0.0.0/24 <http://30.0.0.0/24> [1/0] via 3.0.0.40, enp2s0f1
>
> Tried configuring PBR below two ways
> Using access list
> access-list anki permit 25.25.0.0/24 <http://25.25.0.0/24>
> !
> route-map qwe permit 5
> match ip address anki
> set ip next-hop 3.0.0.40
> Directly applying matching ip
> route-map aaa permit 2
> match ip address 25.25.0.0/24 <http://25.25.0.0/24>
> set ip next-hop 3.0.0.40

I would not call this policy based routing. It appears that you are trying to set a different next hop for a specific destination prefix. In other words, a static route.

>
> Thanks,
> Anki