Simple Quagga BGP router

linux router ip-routing gentoo bgp

We are attempting to setup a Gentoo Linux box to run a Quagga BGP router for our internet connection. We've tried many things, but everything we've tried results in Quagga reporting that there is no BGP network available and it never connects to the neighbor router. I think a fresh start is going to be our best bet, so our question is:

What configuration would we need to use (bgpd.conf/zebra.conf) to get the following setup working:
(please note: I just chose a couple random Google IP ranges, these are not the real IP addresses)

  • Router IP: 74.125.53.103/29
  • Router AS: 9283
  • Public IP Range: 209.85.171.0/24 (these are the public IP addresses we use which run through the router listed above)
  • Neighbor IP: 74.125.53.104/29
  • Neighbor AS: 9283

We currently have this setup and running through a Linksys home router running the DD-WRT firmware. It works like a champ, but the load is beginning to be too much for it. We've considered several options for routers and for various reasons I won't go into, running our own custom built router seems to be the favored choice.

Thank you in advance for your help, we've been pulling our hair out trying to figure this out!


Here's another example, with basic filtering (no RFC1918 inbound routes, only advertise your local prefix:

router bgp YOURASN
 bgp router-id BGP_ROUTER_IP_ADDRESS
 network 209.85.171.0/24
 neighbor myisp peer-group
 neighbor myisp remote-as ISPASN
 neighbor myisp distribute-list 3 in
 neighbor myisp distribute-list 4 out
 neighbor myisp filter-list 2 out
 neighbor ISP_ROUTER_IP_ADDRESS peer-group myisp
 distance bgp 150 150 150
!
access-list 3 deny 10.0.0.0 0.0.0.255
access-list 3 deny 192.168.0.0 0.0.255.255
access-list 3 deny 172.16.0.0 0.15.255.255
access-list 3 permit any
access-list 4 permit 209.85.171.0 0.0.0.255
!
ip as-path access-list 2 permit ^$

This is the probable minimun you require within your bgpd.conf. 

router bgp YOURASN
bgp router-id 74.125.53.103
  network 209.85.171.0/24
  neighbor 74.125.53.104 remote-as ISPASN

It isn't pretty and you really should add some prefix lists etc before you start looking at adding multiple upstreams just so you don't accidently advertise the entire global table between two ISPs. That being said, if the gentoo box is only being used as a router and nothing else go get a copy of vyatta community edition and use that instead.

Related

View commands queued in GNU at
Useful WMI admin scripts
Security Camera in Server Room Recommendations
Fiber in Cable Management Arm
What is a good backup plan for Hyper-V Virtual Images?
Offsite backup of Terabytes of data
When is the right time to add a separate database server, add more web servers?
Nudge yum to use different mirrors?
RPC over HTTP Exchange 2003
How to mount glusterfs inside a OpenVZ container?
MSTSC crash on connect
How to resize a HFS+ Partition? [closed]