How to setup a MAC address routing peering, in a nutshell. This is the a simple network and protocol setup using FRRouting daemon. The netlab is found here in previous blog entry and is build using freeRtr SR ISIS EVPN iBGP-IX-peering-fabric.
The network topology and idea is based on the modernizing-IXP-design article, written by Phil Bedard on xrdocs.io.
This is a blind try out what is possible using a free router implementation, at this point I have no clue what can be configured and how and to what degree.
I need to put here some information before. This configuration uses IS-IS and SR MPLS. Everything is based on IPv4 only. The segment routing in this network topology will get interesting as soon as the TI-LFA and path protection will be computed based on the network topology and the available information.
The fast convergence
setup part here is only important for the IS-IS, underlay. BFD is not used for BGP.
This configuration does not explain any dynamic routing protocol basics. You need to be familiar with all dynamic routing protocols, setup and operation.
The appliance used in example is available in Building 64bit alpine linux GNS3 FRRouting appliance.
Network topology
The FRRouting appliances have 9 ports allocated eth0
- eth8
. 4 ethernet ports per GNS3 appliance are sufficient to build shown example, but then it is fixed and no routers could be added at all.
- P1, P2
- PE11, PE12, PE13, PE14
Network topology with IP addressing:
lo lo lo
192.0.2.11 192.0.2.1 192.0.2.13
+-------+ +-------+ +-------+
+0 7+------------+1 3+------------+7 0+
| PE11 | | P1 | | PE13 |
| 8+-+ +-------+2 4+-+ +-------+8 |
+-------+ | | +-------+ | | +-------+
| | | |
+--(-----+ +--(-----+
| | | |
+-------+ | | +-------+ | | +-------+
| 7+----+ +-+1 2+----+ +-+7 |
| PE12 | | P2 | | PE14 |
+0 8+------------+2 3+------------+8 0+
+-------+ +-------+ +-------+
lo lo lo
192.0.2.12 192.0.2.2 192.0.2.14
The interface link IP addressing between the routers in the topology are point-to-point /30.
The appliance physical port number is f.e.: +7
for eth7
Configuration overview
Building a L2 MAC address BGP EVPN routing IX-fabric using 6 FRR routers. The routers will forward MAC address only, there is no IP interface involved or SVI. Only Layer2 ethernet MAC addresses. The solution works like the switch or bridge at your home.
ALL topology routers use following protocols:
- IPv4
- IS-IS
- SR MPLS
- MPLS-TE
PE router only:
- BGP
- EVPN
- VXLAN
- ethernet bridge
If there are any useless configuration steps that could be removed from the setup to keep it as simple as possible, write me an email. It will be removed. Learning BGP EVPN configuration and writing this blog entry about it.
The FRRouting version used for the setup:
FRRouting 9.1 (P1) on Linux(6.6.16-0-virt).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
Binding DHCP services to specific IP addresses or interfaces, does not always succeed. It depends on the application. A rather typical answer found on the internet regarding ISC DHCP is found here:
Citation from the as correct marked on this popular website answer:
The ISC DHCP server will only work when it binds to the all zeros address. Keep in mind that the DHCP server must communicate with clients that have no IP address, so binding to the IP associated with a specific interface doesn't make a lot of sense.
The all zeros address sentence in this answer is even technically correct, I will show comparable output displaying when actually dnsmasq will work via lo
interface only. Binding a service or daemon to one specific IP addressing or interface makes technically sense.
This specific ISC DHCP server configuration setting is possible reading the dhcp-users mailing list entry:
You can also use the local-address statement, but beware the special requirements. [...] Note also that since this bind()s all DHCP sockets to the specified address, that only one address may be supported in a daemon at a given time.
Binding linux services and daemons to IP addresses makes sense. Not only for the DHCP service, I would say for almost all linux daemons it makes lots of sense being available using particular IP addressing only. Using dnsmasq
and binding its DHCP service to the linux interface lo
works, and servicing DHCP clients also works using this setting. The setup is explained below, mentions all that dnsmasq configurations that does not work first, and listing configurations or parts of it leading to nothing. Failed configuration listing. Finally at the end, one particular dnsmasq configuration setting makes it work. Found this configuration by accident, while tinkering with dnsmasq trying it to force to listen to a particular IP address only. The configuration setting does not make sense at first sight. But I try to explain why it would work from the point of view of IP stack and the application, shown the given DHCP debug output of the participating DHCP nodes and applications. Without knowing anything in particular about dnsmasq code or coding design.
This way the applications on the running node or computer, in the network topology this is DHCP-67
, do not need to be in a specific IP subnet. Mostly that subnet configured on eth0
interface. And the application running is not sticked to one geographic location. The eth0
prefix is only the for transport and routing adjacency. No need to have stretched L2 broadcast domain across large, long distances. Running a dynamic routing protocol, of your choice is involved on the appliance plus the one application. But this is the only effort that is needed. Compared to the effort to have L2 connectivity across geographic locations, operational effort, specific hardware needed, planning, designing, upgrading, migrating, building one, huge failure domain across large distances, ... lots more of resources are needed and experience running that L2 network.
Network topology
Network topology with IP adressing:
lo
DCHP client 203.0.113.67
+-------+ +-------+
| | | |
| C1 | |DHCP-67|
| | | |
+---+---+ +---+---+
eth0 | +---> | eth0
| | |
| OSPF |
| | |
Gi0/2 | 10.100.200.1/24 +---> | Gi0/1
+---+---+ +---+---+
| | | |
| R0 +-----------------------------------+ R1 |
| | Gi0/0 <-- OSPF --> Gi0/0| |
+-------+ +-------+
lo lo
192.0.2.0 192.0.2.1
The GNS3 appliance DHCP-67
runs following:
- linux
- FRRouting
- dnsmasq
The DHCP server - DHCP-67
is first, a OSPF router advertising its lo
IPv4 prefix. Additionally the dnsmasq DHCP IPv4 server is running and bound to the configured IP prefix - 203.0.113.67/32
. The reachability of the IP prefix and the DHCP protocol are the main focus in this GNS3 netlab.
The goal is achieved if the service - operating the DHCP protocol, is bound to one IP address and runs as a service using this one IP prefix only.
The appliance used in example is available in Building 64bit alpine linux GNS3 FRRouting appliance. You can even setup this netlab using only the linked article appliance, running FRRouting Router appliances instead. Everything will work the same.