├── .github └── FUNDING.yml ├── .gitignore ├── .gitmodules ├── README.md ├── common ├── bin │ └── .gitignore ├── helpers │ └── lab-routes-ipvX │ │ └── insert-from-bgp ├── lab-setup └── nginx.conf ├── images ├── .gitignore ├── README.md ├── fix-arista-veos-image.sh └── fix-arista-veos-iso-serial.sh ├── lab-3tier-lb ├── .gitignore ├── README.md ├── bird.Rx.conf ├── bird6.Rx.conf ├── exabgp.LB4-x.conf ├── gdnsd │ ├── config │ └── zones │ │ └── example.org ├── gobgp.RRx.conf ├── haproxy.LB7-x.conf ├── httpclients.go ├── httpclients.py ├── keepalived.LB4-x.conf ├── lab.svg └── setup ├── lab-6rd ├── README.md ├── bird-common │ ├── br.conf │ ├── br6.conf │ ├── common.conf │ └── common6.conf ├── bird.BR1.conf ├── bird.BR2.conf ├── bird.R1.conf ├── bird.R2.conf ├── bird.R3.conf ├── bird.R4.conf ├── bird.internet.conf ├── bird6.BR1.conf ├── bird6.BR2.conf ├── bird6.R4.conf ├── bird6.internet.conf └── setup ├── lab-anycast-dns ├── README ├── example.com.zone ├── lab.svg ├── nsd.conf └── setup ├── lab-anycast-service ├── .gitignore ├── bird.x.conf ├── data.yaml ├── keepalived.x.conf └── setup ├── lab-arista-veos ├── README.md ├── bird.R1.conf ├── bird.R2.conf ├── lab.svg ├── setup ├── vEOS1.conf └── vEOS2.conf ├── lab-bgp-bmp ├── .gitignore ├── README.md ├── junos-E.conf └── setup ├── lab-bgp-confederation ├── .gitignore ├── README.md ├── bird.CX.conf ├── bird.SubASX.conf ├── cisco-C4.conf └── setup ├── lab-bgp-graceful-restart ├── README.md ├── bird.R1.conf ├── bird.R2.conf ├── bird.RR1.conf ├── junos-RR1.conf └── setup ├── lab-bgp-hostname ├── .gitignore ├── README.md ├── bird2.birdX.conf ├── frr-bgpd.frrX.conf └── setup ├── lab-bgp-infinite-aspath ├── README.md ├── cisco-R0.conf ├── cisco-R1.conf ├── cisco-R2.conf ├── cisco-R3.conf └── setup ├── lab-bgp-llgr-rr ├── README.md ├── bird-common.conf ├── bird6.C1.conf ├── bird6.C2.conf ├── bird6.C3.conf ├── bird6.C4.conf ├── bird6.RR11.conf ├── bird6.RR12.conf ├── bird6.RR21.conf ├── bird6.RR22.conf ├── junos-RR1x.conf └── setup ├── lab-bgp-llgr ├── README.md ├── bird6.R4.conf ├── gobgp.R3.conf ├── junos-R.conf └── setup ├── lab-bgp-rpki ├── .gitignore ├── README.md ├── bird2.R1.conf ├── bird2.R2.conf ├── junos-R3.conf ├── quagga-bgpd.R4.conf ├── quagga-zebra.R4.conf ├── rpki.json └── setup ├── lab-bgp-rr-forwarding-loop ├── .gitignore ├── README.md ├── bird.x.conf └── setup ├── lab-bgp-rr-no-convergence ├── .gitignore ├── README.md ├── bird.x.conf └── setup ├── lab-bird-dead-routes ├── .gitignore ├── bird.Rx.conf └── setup ├── lab-bond-4-19 ├── README.md ├── capture └── setup ├── lab-bond-garp ├── README.md └── setup ├── lab-bridge-lacp ├── README.md └── setup ├── lab-bridge-linux ├── README.md ├── nftables ├── setup └── xdp_drop_all.c ├── lab-bridge-loop └── setup ├── lab-cisco-iosxrv-bgp-epvn-mpls ├── .gitignore ├── cisco-XXX.conf └── setup ├── lab-cisco-iosxrv-bgp-network-originate ├── README.md ├── bird.R1.conf ├── cisco-XRv.conf └── setup ├── lab-cisco-iosxrv-bgp-timers ├── bird.R1.conf ├── bird.R2.conf ├── cisco-IOS1.conf └── setup ├── lab-cisco-iosxrv-flowspec ├── bird.injector.conf ├── cisco-xrv1.conf └── setup ├── lab-cisco-iosxrv-llgr ├── bird.bird.conf ├── cisco-xrv1.conf └── setup ├── lab-cisco-iosxrv-rt ├── .gitignore ├── bird.ce0.conf ├── cisco-rX.conf.j2 └── setup ├── lab-cisco-iosxrv-rtbh-redirect ├── bird.injector.conf ├── cisco-xrv1.conf └── setup ├── lab-cisco-iosxrv-srv6 ├── .gitignore ├── README.md ├── bird.ceX.conf.j2 ├── cisco-rX.conf.j2 ├── data.yaml ├── lab.svg ├── run-ceX.j2 └── setup ├── lab-cisco-iosxrv ├── bird.R1.conf ├── bird.R2.conf ├── cisco-IOS1.conf └── setup ├── lab-cisco-nxos ├── bird.R1.conf ├── bird.R2.conf ├── cisco-NX1.conf └── setup ├── lab-cisco-puppet ├── README.md ├── cisco.conf ├── puppet │ ├── device.conf │ ├── manifests │ │ └── site.pp │ └── puppet.conf └── setup ├── lab-cloudinit ├── .gitignore ├── setup └── user-data.debian ├── lab-cumulusvx-alone ├── cumulus │ ├── etc │ │ └── network │ │ │ └── interfaces │ └── run └── setup ├── lab-cumulusvx-bgptth-baremetal ├── .gitignore ├── air │ ├── leaf01-frr │ ├── leaf01-interfaces │ ├── spine01-frr │ └── spine01-interfaces ├── cumulusX │ ├── etc │ │ ├── frr │ │ │ ├── daemons │ │ │ └── frr.conf.j2 │ │ └── network │ │ │ └── interfaces.j2 │ └── run └── setup ├── lab-cumulusvx-mlag ├── leaf01 │ ├── etc │ │ ├── frr │ │ │ ├── daemons │ │ │ └── frr.conf │ │ └── network │ │ │ └── interfaces │ └── run ├── leaf02 │ ├── etc │ │ ├── frr │ │ │ ├── daemons │ │ │ └── frr.conf │ │ └── network │ │ │ └── interfaces │ └── run ├── leaf03 │ ├── etc │ │ ├── frr │ │ │ ├── daemons │ │ │ └── frr.conf │ │ └── network │ │ │ └── interfaces │ └── run ├── leaf04 │ ├── etc │ │ ├── frr │ │ │ ├── daemons │ │ │ └── frr.conf │ │ └── network │ │ │ └── interfaces │ └── run ├── setup ├── spine01 │ ├── etc │ │ ├── frr │ │ │ ├── daemons │ │ │ └── frr.conf │ │ └── network │ │ │ └── interfaces │ └── run └── spine02 │ ├── etc │ ├── frr │ │ ├── daemons │ │ └── frr.conf │ └── network │ │ └── interfaces │ └── run ├── lab-cumulusvx-roh ├── .gitignore ├── cumulusX │ ├── etc │ │ ├── frr │ │ │ ├── daemons │ │ │ └── frr.conf.j2 │ │ └── network │ │ │ └── interfaces.j2 │ └── run ├── setup └── sysctl.conf ├── lab-dhcp-ztp ├── README.md ├── cisco.pcap ├── dhcpd.conf └── setup ├── lab-dns64-nat64 ├── README.md ├── radvd.gateway.conf ├── setup ├── tayga.gateway.conf ├── unbound.gateway.conf └── unbound.www.conf ├── lab-ecmp-ipv6 ├── README.md ├── config-3.6+ecmp+overlayfs ├── linux ├── r1 │ └── quagga │ │ ├── ospf6d.conf │ │ ├── ospfd.conf │ │ ├── vtysh.conf │ │ └── zebra.conf ├── r2 │ └── quagga │ │ ├── ospf6d.conf │ │ ├── ospfd.conf │ │ ├── vtysh.conf │ │ └── zebra.conf ├── r3 │ └── quagga │ │ ├── ospf6d.conf │ │ ├── ospfd.conf │ │ ├── vtysh.conf │ │ └── zebra.conf ├── r4 │ └── quagga │ │ ├── ospf6d.conf │ │ ├── ospfd.conf │ │ ├── vtysh.conf │ │ └── zebra.conf ├── r5 │ └── quagga │ │ ├── ospf6d.conf │ │ ├── ospfd.conf │ │ ├── vtysh.conf │ │ └── zebra.conf └── setup ├── lab-ecmp-saddr └── setup ├── lab-ecmp-vxlan ├── README.md ├── bird.conf └── setup ├── lab-epf-urpf ├── README.md ├── bird6.AS64500.conf ├── bird6.AS64501.conf ├── bird6.AS64502.conf ├── bird6.AS64503.conf ├── bird6.AS64504.conf ├── bird6.AS64510.conf └── setup ├── lab-exabgp ├── README.md ├── bird6.dr6.conf ├── bird6.dr7.conf ├── bird6.dr8.conf ├── bird6.er2.conf ├── bird6.er3.conf ├── bird6.r1.conf ├── bird6.rs4.conf ├── edge-router.conf ├── exabgp.env ├── exabgp.w1.conf ├── exabgp.w2.conf ├── exabgp.w3.conf ├── healthcheck-nginx.conf ├── healthcheck.py ├── lab.svg ├── linux ├── nginx.conf ├── quagga │ ├── vtysh.conf │ └── zebra.conf ├── route-server-client.conf ├── rs5 │ └── quagga │ │ ├── bgpd.conf │ │ └── bgpd.options └── setup ├── lab-f5-puppet ├── PLATFORM ├── README.md ├── nginx.conf ├── puppet │ ├── device.conf │ ├── manifests │ │ └── site.pp │ └── puppet.conf └── setup ├── lab-fedora-coreos ├── .gitignore ├── nodeX.yaml └── setup ├── lab-freebsd-bird ├── .gitignore ├── bird.linux.conf ├── freebsd-debug │ ├── README.md │ └── run.sh ├── freebsd │ ├── bird.conf │ └── run.sh └── setup ├── lab-freebsd-ecmp ├── .gitignore ├── freebsd │ └── run.sh └── setup ├── lab-frr-evpn-vrf ├── .gitignore ├── README.md ├── frr-bgpd.Rx.conf ├── frr-zebra.R1.conf ├── frr-zebra.R2.conf ├── frr-zebra.Rx.conf └── setup ├── lab-frr-snmp-bgp ├── .gitignore ├── frr-bgpd.Rx.conf ├── frr-zebra.R1.conf ├── frr-zebra.R2.conf ├── frr-zebra.Rx.conf ├── setup └── snmpd.conf ├── lab-generic └── setup ├── lab-gnmi ├── README.md ├── cisco-XRv.conf ├── junos-vMX.conf └── setup ├── lab-hp-vsr1000 ├── bird.R1.conf ├── bird.R2.conf ├── hp-VSR1000.conf └── setup ├── lab-ignore-route-linkdown └── setup ├── lab-iou ├── IOU1.conf ├── IOU2.conf ├── README.md ├── bird.R1.conf ├── bird.R2.conf ├── bird6.R1.conf ├── bird6.R2.conf ├── iou2vde.py └── setup ├── lab-ipv4-frag-counters ├── README.md └── setup ├── lab-ipv6-partial-routing └── setup ├── lab-ipvs ├── .gitignore ├── httprequests.py └── setup ├── lab-juniper-crpd ├── README.md └── setup ├── lab-juniper-firefly ├── README.md ├── bird.R1.conf ├── bird.R2.conf ├── junos-SRX1.conf ├── junos-SRX2.conf └── setup ├── lab-juniper-forcepath ├── README.md ├── bird.outside.conf ├── junos-router.conf └── setup ├── lab-juniper-mpls ├── junos-vMX.conf └── setup ├── lab-juniper-proxy-arp ├── README.md ├── bird.B.conf ├── junos-SRX.conf └── setup ├── lab-juniper-rr ├── bird6.R1.conf ├── bird6.R2.conf ├── bird6.R3.conf ├── bird6.conf ├── junos-RR.conf ├── junos-edge.conf └── setup ├── lab-juniper-salt ├── .gitignore ├── README.md ├── junos-juniper1.conf ├── junos-juniper2.conf ├── junos-juniper3.conf ├── salt │ ├── master │ ├── pillar │ │ ├── juniper.sls │ │ └── top.sls │ └── proxy └── setup ├── lab-juniper-srv6 ├── README.md ├── junos-R0.conf ├── junos-R1.conf ├── junos-R2.conf ├── junos-R3.conf ├── junos-R4.conf ├── junos-R5.conf ├── junos-R6.conf ├── junos-R7.conf ├── junos-common.conf └── setup ├── lab-juniper-vjunosevolved ├── .gitignore ├── README.md ├── bird.Rx.conf ├── junos-vJunos.conf ├── nginx.conf └── setup ├── lab-juniper-vmx-allinone ├── README.md ├── junos-MX.conf └── setup ├── lab-juniper-vmx-bmp ├── README.md ├── juniper-bmp-missing-peerup.pcap ├── juniper-bmp-ok.pcap ├── junos-vMX.conf └── setup ├── lab-juniper-vmx-fullview ├── .gitignore ├── README.md ├── exabgp.conf ├── junos-vMX1.conf ├── junos-vMX2.conf ├── mrtroutes └── setup ├── lab-juniper-vmx-unnumbered-bfd ├── README.md ├── nginx.conf ├── setup ├── vMX1.conf └── vMX2.conf ├── lab-juniper-vmx ├── README.md ├── bird.R1.conf ├── bird.R2.conf ├── junos-vMX.conf ├── nginx.conf └── setup ├── lab-juniper-vqfx-multihoming-ip ├── README.md ├── bird.H1.conf ├── junos-QFX1.conf ├── junos-QFX2.conf ├── junos-common.conf └── setup ├── lab-juniper-vqfx-vxlan-asymmetric ├── README.md ├── junos-QFX1.conf ├── junos-QFX2.conf ├── junos-common.conf └── setup ├── lab-juniper-vqfx-vxlan-multihoming ├── junos-QFX1.conf ├── junos-QFX2.conf ├── junos-common.conf └── setup ├── lab-juniper-vqfx-vxlan-symmetric ├── README.md ├── junos-QFX1.conf ├── junos-QFX2.conf ├── junos-common.conf └── setup ├── lab-juniper-vqfx-vxlan ├── README.md ├── gobgp.RR.conf ├── junos-QFX1.conf ├── junos-QFX2.conf ├── junos-QFX3.conf ├── junos-common.conf ├── quagga-bgpd.S1.conf ├── quagga-ospfd.RR.conf ├── quagga-ospfd.S1.conf ├── quagga-zebra.RR.conf ├── quagga-zebra.S1.conf └── setup ├── lab-juniper-vqfx ├── README.md ├── bird6.R1.conf ├── bird6.R2.conf ├── junos-QFX.conf └── setup ├── lab-juniper-vsrx ├── README.md ├── bird.R1.conf ├── bird.R2.conf ├── junos-SRX1.conf ├── junos-SRX2.conf └── setup ├── lab-keepalived-snmp ├── README ├── keepalived.conf ├── lab.svg ├── nginx.conf ├── rrd ├── setup └── snmpd.conf ├── lab-keepalived-unicast ├── .gitignore ├── README.md ├── keepalived.Kx.conf ├── setup └── snmpd.conf ├── lab-keepalived ├── .gitignore ├── keepalived.Rx.conf └── setup ├── lab-l3-hyperv ├── README.md ├── RR7 │ ├── etc │ │ ├── network │ │ │ └── interfaces │ │ └── quagga │ │ │ ├── Quagga.conf │ │ │ └── daemons │ └── run ├── bird-common │ ├── common.conf │ ├── common6.conf │ ├── hypervisor.conf │ ├── hypervisor6.conf │ ├── rr-client-private.conf │ ├── rr-client-public.conf │ ├── rr-client.conf │ ├── rr-client6.conf │ └── rr.conf ├── bird.HV1.conf ├── bird.HV2.conf ├── bird.HV3.conf ├── bird.RR1.conf ├── bird.RR2.conf ├── bird.internet.conf ├── bird6.HV1.conf ├── bird6.HV2.conf ├── bird6.HV3.conf ├── bird6.RR1.conf ├── bird6.RR2.conf ├── bird6.internet.conf ├── gobgpd.private-ipv4.yaml ├── gobgpd.public-ipv4.yaml ├── gobgpd.public-ipv6.yaml ├── junos-RR3.conf ├── junos-RR6.conf ├── lab.svg ├── quagga-bgpd.RR4.conf ├── radvd.HV.conf ├── rt_tables └── setup ├── lab-latency ├── .gitignore ├── README.md ├── benchmark ├── nginx.conf ├── setup ├── systemtap-graph ├── systemtap-graph-all └── systemtap-run ├── lab-linux-erspan ├── .gitignore ├── README.md ├── setup └── xdp_drop_all.c ├── lab-linux-mpls ├── .gitignore ├── P2 │ ├── ldpd.conf │ └── ospfd.conf ├── README.md ├── frr-bgpd.CExy.conf ├── frr-bgpd.PEx.conf ├── frr-ldpd.P1.conf ├── frr-ldpd.PEx.conf ├── frr-ospfd.P1.conf ├── frr-ospfd.PEx.conf ├── frr-zebra.conf ├── network-config.P2 ├── openbsd.pcap ├── setup └── user-data.P2 ├── lab-linux-public-private ├── README.md ├── interfaces.mixed1 ├── interfaces.mixed2 └── setup ├── lab-linux-vrf-bind ├── connect.py └── setup ├── lab-linux-wiretap ├── README.md └── setup ├── lab-multicast-vxlan ├── lab.svg ├── linux ├── setup ├── xorp.c1.conf ├── xorp.c2.conf ├── xorp.c3.conf ├── xorp.e1.conf ├── xorp.e2.conf ├── xorp.e3.conf ├── xorp.r1.conf ├── xorp.r2.conf └── xorp.r3.conf ├── lab-multicast ├── conf │ ├── R1-keepalived.conf │ ├── R1-ospfd.conf │ ├── R1-pimd.conf │ ├── R1-zebra.conf │ ├── R2-keepalived.conf │ ├── R2-ospfd.conf │ ├── R2-pimd.conf │ ├── R2-zebra.conf │ ├── R3-keepalived.conf │ ├── R3-ospfd.conf │ ├── R3-pimd.conf │ ├── R3-zebra.conf │ ├── R4-keepalived.conf │ ├── R4-ospfd.conf │ ├── R4-pimd.conf │ └── R4-zebra.conf ├── keepalived.sh ├── lab1.svg ├── pim-sm.gif ├── pimd.sh ├── quagga.sh └── setup ├── lab-nat-gw1 ├── .gitignore ├── bird.ER.conf ├── bird.NATx.conf ├── conntrackd.NATx.conf ├── keepalived.NATx.conf ├── setup ├── ulogd.conf └── vrrp-master ├── lab-ospf-convergence ├── .gitignore ├── README.md ├── bird.x.conf └── setup ├── lab-ospf6d-snmp ├── abr │ └── quagga │ │ ├── daemons │ │ ├── debian.conf │ │ ├── ospf6d.conf │ │ ├── ospfd.conf │ │ └── zebra.conf ├── asbr │ └── quagga │ │ ├── daemons │ │ ├── debian.conf │ │ ├── ospf6d.conf │ │ ├── ospfd.conf │ │ └── zebra.conf ├── quagga-debian.conf ├── r01 │ └── quagga │ │ ├── daemons │ │ ├── debian.conf │ │ ├── ospf6d.conf │ │ ├── ospfd.conf │ │ └── zebra.conf ├── r02 │ └── quagga │ │ ├── daemons │ │ ├── debian.conf │ │ ├── ospf6d.conf │ │ ├── ospfd.conf │ │ └── zebra.conf ├── r03 │ └── quagga │ │ ├── daemons │ │ ├── debian.conf │ │ ├── ospf6d.conf │ │ ├── ospfd.conf │ │ └── zebra.conf ├── r1 │ └── quagga │ │ ├── daemons │ │ ├── debian.conf │ │ ├── ospf6d.conf │ │ ├── ospfd.conf │ │ └── zebra.conf ├── r2 │ └── quagga │ │ ├── daemons │ │ ├── debian.conf │ │ ├── ospf6d.conf │ │ ├── ospfd.conf │ │ └── zebra.conf ├── setup ├── snmpd.conf └── snmptrapd.conf ├── lab-ospf6d ├── esite01 │ └── quagga │ │ ├── daemons │ │ ├── debian.conf │ │ ├── ospf6d.conf │ │ └── zebra.conf ├── esite02 │ └── quagga │ │ ├── daemons │ │ ├── debian.conf │ │ ├── ospf6d.conf │ │ └── zebra.conf ├── fabae │ └── quagga │ │ ├── daemons │ │ ├── debian.conf │ │ ├── ospf6d.conf │ │ └── zebra.conf ├── pobae │ └── bird6.conf ├── quagga-debian.conf └── setup ├── lab-pping-xdp └── setup ├── lab-rate-limit └── setup ├── lab-redistribute-neighbors ├── .gitignore ├── bird.linux.conf ├── bird.router.conf ├── cumulus │ ├── etc │ │ ├── frr │ │ │ ├── daemons │ │ │ └── frr.conf │ │ └── network │ │ │ └── interfaces │ └── run └── setup ├── lab-redundant-vpn ├── README ├── V1 │ └── racoon │ │ ├── psk.txt │ │ └── racoon.conf ├── V2 │ └── racoon │ │ ├── psk.txt │ │ └── racoon.conf ├── V3 │ └── racoon │ │ ├── psk.txt │ │ └── racoon.conf ├── V4 │ └── racoon │ │ └── racoon.conf ├── lab.svg ├── quagga-bgpd.V1.conf ├── quagga-bgpd.V2.conf ├── quagga-bgpd.V3.conf ├── quagga-bgpd.V4.conf ├── quagga-ospfd.R1.conf ├── quagga-ospfd.R2.conf ├── quagga-ospfd.V1.conf ├── quagga-ospfd.V2.conf ├── quagga-ospfd.V3.conf ├── quagga-ospfd.V4.conf ├── quagga-zebra.R1.conf ├── quagga-zebra.R2.conf ├── quagga-zebra.V1.conf ├── quagga-zebra.V2.conf ├── quagga-zebra.V3.conf ├── quagga-zebra.V4.conf ├── racoon-psk.txt └── setup ├── lab-rfc5549 ├── README.md ├── bgp-frr-bird.pcap ├── bgp-frr-frr.pcap ├── bgp-frr-junos.pcap ├── bird.bird1.conf ├── cumulus1 │ ├── etc │ │ ├── frr │ │ │ ├── daemons │ │ │ └── frr.conf │ │ └── network │ │ │ └── interfaces │ └── run ├── cumulus2 │ ├── etc │ │ ├── frr │ │ │ ├── daemons │ │ │ └── frr.conf │ │ └── network │ │ │ └── interfaces │ └── run ├── junos-vmx1.conf ├── setup └── spine │ ├── etc │ ├── frr │ │ ├── daemons │ │ └── frr.conf │ └── network │ │ └── interfaces │ └── run ├── lab-route-cache-ipv6 ├── inject-100.py └── setup ├── lab-routed-vpn-wireguard ├── .gitignore ├── README.md ├── bird.Rx.Ry.conf ├── bird.Vx-y.private.conf ├── bird.internet.conf ├── bird6.Rx.Ry.conf ├── bird6.Vx-y.private.conf ├── bird6.Vx-y.public.conf ├── setup └── wg.Vx-y.conf ├── lab-routed-vpn ├── .gitignore ├── README.md ├── bird.Rx.Ry.conf ├── bird.Vx-y.private.conf ├── bird.internet.conf ├── bird6.Rx.Ry.conf ├── bird6.Vx-y.private.conf ├── bird6.Vx-y.public.conf ├── ipsec.Vx-y.conf ├── ipsec.Vx-y.secrets ├── junos-V3-2.conf ├── lab.svg └── setup ├── lab-routereflector ├── C1.conf ├── C2.conf ├── E1.conf ├── E2.conf ├── EC1.conf ├── EC2.conf ├── README.md ├── bird.T1.conf ├── bird.T2.conf ├── lab.svg ├── nginx.conf └── setup ├── lab-routes-ipv4 ├── .gitignore ├── Makefile ├── README.md ├── bench-all-kernel ├── bench-from-bgp ├── bench-ip-rules ├── bench-kernel ├── bench-many-32 ├── insert-from-bgp ├── insert-many-32 ├── kbench_mod.c ├── plot ├── plot-meltdown └── setup ├── lab-routes-ipv6 ├── .gitignore ├── 0001-netlink-ignore-unknown-attributes-2.patch ├── 0001-netlink-ignore-unknown-attributes-3.patch ├── 0001-netlink-ignore-unknown-attributes.patch ├── Makefile ├── README.md ├── bench-all-kernel ├── bench-from-bgp ├── bench-kernel ├── bench-many-128 ├── bench-many-48 ├── insert-from-bgp ├── insert-many-128 ├── insert-many-48 ├── kbench_mod.c ├── plot ├── setup ├── v4-flamegraph.svg └── v6-flamegraph.svg ├── lab-rpfilter-ipv6 ├── radvd.R1.conf └── setup ├── lab-rtbh ├── README.md ├── bird │ ├── common.conf │ └── kernel.conf ├── bird6.C1.conf ├── bird6.C2.conf ├── bird6.P.conf ├── bird6.RTBH.conf └── setup ├── lab-s2s-vpn ├── E1 │ └── quagga │ │ ├── daemons │ │ ├── debian.conf │ │ ├── ospfd.conf │ │ └── zebra.conf ├── E2 │ └── quagga │ │ ├── daemons │ │ ├── debian.conf │ │ ├── ospfd.conf │ │ └── zebra.conf ├── R1 │ └── quagga │ │ ├── daemons │ │ ├── debian.conf │ │ ├── ospfd.conf │ │ └── zebra.conf ├── R2 │ └── quagga │ │ ├── daemons │ │ ├── debian.conf │ │ ├── ospfd.conf │ │ └── zebra.conf ├── README ├── V1 │ ├── bird.conf │ └── racoon │ │ └── racoon.conf ├── V2 │ ├── bird.conf │ └── racoon │ │ └── racoon.conf ├── bird.svg ├── lab.svg ├── quagga-debian.conf ├── racoon-psk.txt └── setup ├── lab-sonic └── setup ├── lab-stp-double-loop └── setup ├── lab-switchdev └── setup ├── lab-tcp-unreachable ├── README.md └── setup ├── lab-teamd-activebackup ├── .gitignore ├── Makefile ├── livepatch-teamd-ab.c └── setup ├── lab-templates ├── .gitignore ├── setup └── template.j2 ├── lab-traceroute └── setup ├── lab-vti-pmtud ├── README.md ├── ipsec.conf ├── ipsec.secrets └── setup ├── lab-vxlan ├── README.md ├── bird.conf ├── bird6.RR.conf ├── bird6.S1.conf ├── bird6.S2.conf ├── bird6.S3.conf ├── bird6.SN1.conf ├── bird6.SN2.conf ├── bird6.conf ├── gobgpd.yaml ├── junos-RR.conf ├── junos-S3.conf ├── junos-S4.conf ├── lab.svg ├── quagga-bgpd.RR.conf ├── quagga-bgpd.S1.conf ├── quagga-bgpd.S2.conf ├── quagga-bgpd.S3.conf ├── quagga-zebra.RR.conf ├── quagga-zebra.S1.conf ├── quagga-zebra.S2.conf ├── quagga-zebra.S3.conf └── setup ├── lab-w10-2020 └── setup ├── misc └── timewait-experiment └── non-working └── lab-bgp-ospf-unnumbered ├── bird-common.conf ├── bird.H1.conf ├── bird.H2.conf ├── bird.H3.conf ├── bird.H4.conf ├── bird.T11.conf ├── bird.T12.conf ├── bird.T21.conf ├── bird.T22.conf └── setup /.github/FUNDING.yml: -------------------------------------------------------------------------------- 1 | --- 2 | github: vincentbernat 3 | custom: https://www.buymeacoffee.com/vincentbernat 4 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | dev.tar 2 | *~ 3 | *.pcap 4 | __pycache__/ 5 | -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "lab-f5-puppet/puppet/modules/f5"] 2 | path = lab-f5-puppet/puppet/modules/f5 3 | url = git@github.com:puppetlabs/puppetlabs-f5.git 4 | [submodule "lab-pping-xdp/bpf-examples"] 5 | path = lab-pping-xdp/bpf-examples 6 | url = git@github.com:xdp-project/bpf-examples.git 7 | -------------------------------------------------------------------------------- /common/bin/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !/.gitignore 3 | -------------------------------------------------------------------------------- /images/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !/fix-arista-veos-iso-serial.sh 3 | !/fix-arista-veos-image.sh 4 | !/README.md 5 | !/.gitignore 6 | -------------------------------------------------------------------------------- /images/README.md: -------------------------------------------------------------------------------- 1 | This directory contains various images. It is not legal to distribute 2 | them, so you need to download them yourself and link them under the 3 | appropriate name. 4 | 5 | Some random links: 6 | - https://www.arista.com/en/support/software-download 7 | - http://www.juniper.net/us/en/products-services/security/firefly-perimeter/#evaluation 8 | - https://www.f5.com/trial/big-ip-ltm-virtual-edition.php 9 | -------------------------------------------------------------------------------- /images/fix-arista-veos-image.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # This script will just remove /startup-config, enabling ZTP to work 4 | # as expected. If you don't want to use ZTP, don't use this script. 5 | 6 | set -e 7 | 8 | if [ $# -ne 1 ]; then 9 | cat <&2 10 | Usage: $0 vEOS-x.x.x.img 11 | 12 | Fix vEOS-4.13.7M.img image to remove startup-config file and 13 | enable ZTP. 14 | EOF 15 | exit 1 16 | fi 17 | img="$(readlink -f "$1")" 18 | 19 | tmp=$(mktemp -d) 20 | trap "rm -rf $tmp" EXIT 21 | cd $tmp 22 | 23 | echo '[+] Removing startup-config' 24 | chmod u+w "$img" 25 | guestfish -a "$img" -m /dev/sda1 rm /startup-config 26 | chmod u-w "$img" 27 | echo '[!] Done' 28 | -------------------------------------------------------------------------------- /lab-3tier-lb/bird.Rx.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id {{ ipv4 }}; 3 | 4 | {% for i in range(1, rrs+1) %} 5 | protocol bgp RR{{ i }} { 6 | debug all; 7 | local as 65000; 8 | import all; 9 | export none; 10 | direct; 11 | neighbor 192.0.2.{{ 255 - i }} as 65000; 12 | add paths rx; 13 | hold time 6; 14 | } 15 | {% endfor %} 16 | 17 | protocol kernel { 18 | persist; 19 | import none; 20 | export all; 21 | scan time 10; 22 | merge paths yes; 23 | } 24 | 25 | protocol device { 26 | scan time 10; 27 | } 28 | -------------------------------------------------------------------------------- /lab-3tier-lb/bird6.Rx.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird6.log" all; 2 | router id {{ ipv4 }}; 3 | 4 | {% for i in range(1, rrs+1) %} 5 | protocol bgp RR{{ i }} { 6 | debug all; 7 | local as 65000; 8 | import all; 9 | export none; 10 | direct; 11 | neighbor 2001:db8::192.0.2.{{ 255 - i }} as 65000; 12 | add paths rx; 13 | hold time 6; 14 | } 15 | {% endfor %} 16 | 17 | protocol kernel { 18 | persist; 19 | import none; 20 | export all; 21 | scan time 10; 22 | } 23 | 24 | protocol device { 25 | scan time 10; 26 | } 27 | -------------------------------------------------------------------------------- /lab-3tier-lb/gdnsd/zones/example.org: -------------------------------------------------------------------------------- 1 | @ SOA ns1 dns.example.org. 1 7200 1800 259200 900 2 | @ NS ns1.example.com. 3 | 4 | www 60 DYNA multifo!web1 5 | www1 60 DYNA multifo!web1 6 | www2 60 DYNA multifo!web2 7 | -------------------------------------------------------------------------------- /lab-6rd/README.md: -------------------------------------------------------------------------------- 1 | # 6rd setup 2 | 3 | This lab is about setting up 6rd access for a CE to provide IPv6 4 | connectivity over an IPv4 network. Most routers (R1, R2, R3) are IPv4 5 | only while only the border router (R4) is dualstack. 6 | 7 | The 6rd gateways (BR1, BR2) are anycasted for redundancy purpose. BGP 8 | sessions are using BFD to ensure a fast switchover. 9 | -------------------------------------------------------------------------------- /lab-6rd/bird-common/br.conf: -------------------------------------------------------------------------------- 1 | protocol bgp BR { 2 | local as 65000; 3 | neighbor 203.0.113.17 as 65000; 4 | import none; 5 | export filter { 6 | if ifname = "dummy0" then accept; 7 | reject; 8 | }; 9 | bfd yes; 10 | direct; 11 | } 12 | 13 | protocol bfd BFD { 14 | interface "eth0" { 15 | interval 200ms; 16 | multiplier 5; 17 | }; 18 | } 19 | -------------------------------------------------------------------------------- /lab-6rd/bird-common/br6.conf: -------------------------------------------------------------------------------- 1 | protocol bgp BR { 2 | local as 65000; 3 | neighbor 2001:db8:6::4 as 65000; 4 | import none; 5 | export filter { 6 | if net ~ [ ::/0{32,32} ] then accept; 7 | reject; 8 | }; 9 | bfd yes; 10 | direct; 11 | } 12 | 13 | protocol bfd BFD { 14 | interface "eth0" { 15 | interval 200ms; 16 | multiplier 5; 17 | }; 18 | } 19 | -------------------------------------------------------------------------------- /lab-6rd/bird-common/common.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | 3 | # debug protocols all; 4 | 5 | protocol device { 6 | scan time 10; 7 | } 8 | 9 | protocol kernel { 10 | persist; 11 | learn; 12 | import all; 13 | export all; 14 | merge paths yes; 15 | } 16 | 17 | protocol direct { 18 | interface "*"; 19 | } 20 | -------------------------------------------------------------------------------- /lab-6rd/bird-common/common6.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird6.log" all; 2 | 3 | protocol device { 4 | scan time 10; 5 | } 6 | 7 | protocol kernel { 8 | persist; 9 | learn; 10 | import all; 11 | export all; 12 | merge paths yes; 13 | } 14 | 15 | protocol direct { 16 | interface "*"; 17 | } 18 | -------------------------------------------------------------------------------- /lab-6rd/bird.BR1.conf: -------------------------------------------------------------------------------- 1 | include "bird-common/common.conf"; 2 | include "bird-common/br.conf"; 3 | -------------------------------------------------------------------------------- /lab-6rd/bird.BR2.conf: -------------------------------------------------------------------------------- 1 | include "bird-common/common.conf"; 2 | include "bird-common/br.conf"; 3 | -------------------------------------------------------------------------------- /lab-6rd/bird.R1.conf: -------------------------------------------------------------------------------- 1 | include "bird-common/common.conf"; 2 | 3 | protocol ospf CORE { 4 | import all; 5 | export all; 6 | area 0.0.0.0 { 7 | interface "eth1"; 8 | }; 9 | } 10 | -------------------------------------------------------------------------------- /lab-6rd/bird.R2.conf: -------------------------------------------------------------------------------- 1 | include "bird-common/common.conf"; 2 | 3 | protocol ospf CORE { 4 | import all; 5 | export all; 6 | area 0.0.0.0 { 7 | interface "eth0"; 8 | interface "eth1"; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /lab-6rd/bird.R3.conf: -------------------------------------------------------------------------------- 1 | include "bird-common/common.conf"; 2 | 3 | protocol ospf CORE { 4 | import all; 5 | export all; 6 | area 0.0.0.0 { 7 | interface "eth0"; 8 | interface "eth1"; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /lab-6rd/bird.internet.conf: -------------------------------------------------------------------------------- 1 | include "bird-common/common.conf"; 2 | 3 | protocol bgp AS65000 { 4 | local as 65001; 5 | neighbor 203.0.113.33 as 65000; 6 | import all; 7 | export filter { 8 | if ifname = "dummy0" then accept; 9 | reject; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /lab-6rd/bird6.BR1.conf: -------------------------------------------------------------------------------- 1 | include "bird-common/common6.conf"; 2 | include "bird-common/br6.conf"; 3 | 4 | router id 203.0.113.18; 5 | -------------------------------------------------------------------------------- /lab-6rd/bird6.BR2.conf: -------------------------------------------------------------------------------- 1 | include "bird-common/common6.conf"; 2 | include "bird-common/br6.conf"; 3 | 4 | router id 203.0.113.19; 5 | -------------------------------------------------------------------------------- /lab-6rd/bird6.R4.conf: -------------------------------------------------------------------------------- 1 | include "bird-common/common6.conf"; 2 | 3 | router id 203.0.113.33; 4 | 5 | protocol bgp INTERNET { 6 | local as 65000; 7 | neighbor 2001:db8:7::7 as 65001; 8 | import all; 9 | export all; 10 | } 11 | 12 | template bgp BR { 13 | local as 65000; 14 | import all; 15 | export none; 16 | bfd yes; 17 | direct; 18 | } 19 | 20 | protocol bgp BR1 from BR { 21 | neighbor 2001:db8:6::11 as 65000; 22 | } 23 | protocol bgp BR2 from BR { 24 | neighbor 2001:db8:6::12 as 65000; 25 | } 26 | 27 | protocol bfd BFD { 28 | interface "eth1" { 29 | interval 200ms; 30 | multiplier 5; 31 | }; 32 | } 33 | -------------------------------------------------------------------------------- /lab-6rd/bird6.internet.conf: -------------------------------------------------------------------------------- 1 | include "bird-common/common6.conf"; 2 | 3 | router id 203.0.113.34; 4 | 5 | protocol bgp AS65000 { 6 | local as 65001; 7 | neighbor 2001:db8:7::4 as 65000; 8 | import all; 9 | export filter { 10 | if ifname = "dummy0" then accept; 11 | reject; 12 | }; 13 | } 14 | -------------------------------------------------------------------------------- /lab-anycast-dns/README: -------------------------------------------------------------------------------- 1 | This lab is explained here: 2 | https://vincent.bernat.ch/en/blog/2011-dns-anycast 3 | -------------------------------------------------------------------------------- /lab-anycast-dns/example.com.zone: -------------------------------------------------------------------------------- 1 | $TTL 3D 2 | @ IN SOA ns.example.com. hostmaster.example.com. ( 3 | 2011061100 4 | 8H ; Refresh 5 | 2H ; Retry 6 | 4W ; Expire 7 | 1D ) ; Minimum TTL 8 | ; 9 | NS ns.example.com. 10 | MX 10 smtp.example.com. 11 | TXT @@UTS@@ 12 | ; 13 | ns AAAA 2001:db8:aaaa::53 14 | www AAAA 2001:db8:aaaa::80 15 | smtp AAAA 2001:db8:aaaa::25 16 | -------------------------------------------------------------------------------- /lab-anycast-dns/nsd.conf: -------------------------------------------------------------------------------- 1 | server: 2 | hide-version: no 3 | ip6-only: yes 4 | ip-address: 2001:db8:aaaa::53 5 | zone: 6 | name: "example.com" 7 | zonefile: "example.com.zone" 8 | -------------------------------------------------------------------------------- /lab-anycast-service/.gitignore: -------------------------------------------------------------------------------- 1 | /bird.L1.conf 2 | /bird.L2.conf 3 | /bird.S1.conf 4 | /bird.H1.conf 5 | /bird.H2.conf 6 | /bird.H3.conf 7 | /bird.H4.conf 8 | /keepalived.H1.conf 9 | /keepalived.H2.conf 10 | /keepalived.H3.conf 11 | /keepalived.H4.conf 12 | -------------------------------------------------------------------------------- /lab-anycast-service/data.yaml: -------------------------------------------------------------------------------- 1 | H1: 2 | profile: server 3 | ip: 203.0.113.1 4 | upstream: L1 5 | service: 192.0.2.10 6 | H2: 7 | profile: server 8 | ip: 203.0.113.2 9 | upstream: L1 10 | service: 192.0.2.11 11 | H3: 12 | profile: server 13 | ip: 203.0.113.17 14 | upstream: L2 15 | service: 192.0.2.10 16 | H4: 17 | profile: server 18 | ip: 203.0.113.18 19 | upstream: L2 20 | service: 192.0.2.11 21 | L1: 22 | profile: leaf 23 | ip: 203.0.113.14 24 | L2: 25 | profile: leaf 26 | ip: 203.0.113.30 27 | S1: 28 | profile: spine 29 | ip: 203.0.113.254 30 | -------------------------------------------------------------------------------- /lab-anycast-service/keepalived.x.conf: -------------------------------------------------------------------------------- 1 | {% set alldata = yaml("data.yaml") %} 2 | {% set data = alldata[uts] %} 3 | 4 | vrrp_script nginx_check { 5 | script "/usr/bin/curl -fso /dev/null 127.0.0.1" 6 | interval 1 7 | timeout 5 8 | rise 3 9 | fall 1 10 | } 11 | 12 | vrrp_instance nginx { 13 | state MASTER 14 | virtual_router_id 10 15 | priority 100 16 | advert_int 1 17 | dont_track_primary 18 | interface eth0 19 | unicast_peer { 20 | 169.254.0.0 21 | } 22 | unicast_ttl 1 23 | track_script { 24 | nginx_check 25 | } 26 | virtual_ipaddress { 27 | {{ data.service }}/32 dev dummy0 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /lab-arista-veos/bird.R1.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 203.0.113.11; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol static DEFAULT { 13 | import all; 14 | export none; 15 | route 0.0.0.0/0 blackhole; 16 | } 17 | 18 | filter default_route { 19 | if proto = "DEFAULT" then accept; 20 | reject; 21 | } 22 | 23 | protocol ospf CORE { 24 | import all; 25 | export filter default_route; 26 | area 0.0.0.0 { 27 | networks { 28 | 203.0.113.0/24; 29 | }; 30 | interface "eth0"; 31 | }; 32 | } 33 | -------------------------------------------------------------------------------- /lab-arista-veos/bird.R2.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 203.0.113.12; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol static DEFAULT { 13 | import all; 14 | export none; 15 | route 0.0.0.0/0 blackhole; 16 | } 17 | 18 | filter default_route { 19 | if proto = "DEFAULT" then accept; 20 | reject; 21 | } 22 | 23 | protocol ospf CORE { 24 | import all; 25 | export filter default_route; 26 | area 0.0.0.0 { 27 | networks { 28 | 203.0.113.0/24; 29 | }; 30 | interface "eth0"; 31 | }; 32 | } 33 | -------------------------------------------------------------------------------- /lab-bgp-bmp/.gitignore: -------------------------------------------------------------------------------- 1 | /bmp.json 2 | /bmp.pcap 3 | -------------------------------------------------------------------------------- /lab-bgp-confederation/.gitignore: -------------------------------------------------------------------------------- 1 | /bird.SubAS1.conf 2 | /bird.SubAS2.conf 3 | /bird.SubAS3.conf 4 | /bird.SubAS4.conf 5 | /bird.C1.conf 6 | /bird.C2.conf 7 | /bird.C3.conf 8 | /bird.C4.conf 9 | -------------------------------------------------------------------------------- /lab-bgp-confederation/README.md: -------------------------------------------------------------------------------- 1 | # BGP confederations 2 | 3 | Small lab to understand how BGP confederations work. Also include an 4 | IOS-XRv node. 5 | -------------------------------------------------------------------------------- /lab-bgp-graceful-restart/bird.RR1.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.1; 3 | 4 | protocol device { 5 | scan time 10; 6 | } 7 | 8 | template bgp R { 9 | debug all; 10 | local as 65000; 11 | rr client; 12 | import all; 13 | export all; 14 | bfd yes; 15 | direct; 16 | ttl security yes; 17 | graceful restart; 18 | rr cluster id 1.1.1.1; 19 | } 20 | 21 | protocol bfd { 22 | interface "*" { 23 | interval 500ms; 24 | multiplier 3; 25 | }; 26 | } 27 | 28 | protocol bgp R1 from R { 29 | neighbor 192.0.2.1 as 65000; 30 | } 31 | protocol bgp R2 from R { 32 | neighbor 192.0.2.2 as 65000; 33 | } 34 | -------------------------------------------------------------------------------- /lab-bgp-hostname/.gitignore: -------------------------------------------------------------------------------- 1 | /bird2.bird1.conf 2 | /bird2.bird2.conf 3 | /frr.frr1.conf 4 | /frr.frr2.conf 5 | /frr-bgpd.frr1.conf 6 | /frr-bgpd.frr2.conf 7 | -------------------------------------------------------------------------------- /lab-bgp-hostname/README.md: -------------------------------------------------------------------------------- 1 | # BGP hostname extension 2 | 3 | This is a test for [Hostname Capability for BGP][1]. It's implemented 4 | since a long time with FRR and I have implemented in BIRD in commit 5 | [714238716ef3][2] (available in not-yet-released 2.0.8). 6 | 7 | [1]: https://datatracker.ietf.org/doc/draft-walton-bgp-hostname-capability/ 8 | [2]: https://gitlab.nic.cz/labs/bird/-/commit/714238716ef36f1dfc5721055e2ec4affd42ebfa 9 | -------------------------------------------------------------------------------- /lab-bgp-hostname/bird2.birdX.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | {% if id == 11 %} 3 | {# Try overriding hostname #} 4 | hostname "bird11"; 5 | {% endif %} 6 | 7 | router id 1.1.1.{{ id }}; 8 | 9 | protocol device { 10 | } 11 | 12 | template bgp PEER { 13 | local as 65000; 14 | ipv6 { 15 | import all; 16 | export all; 17 | }; 18 | advertise hostname yes; 19 | } 20 | 21 | {% for remote in [11, 12, 21, 22] if remote != id %} 22 | protocol bgp peer{{ remote }} from PEER { 23 | neighbor 2001:db8::{{ remote }} as 65000; 24 | } 25 | {% endfor %} 26 | -------------------------------------------------------------------------------- /lab-bgp-hostname/frr-bgpd.frrX.conf: -------------------------------------------------------------------------------- 1 | domainname example.com 2 | frr defaults datacenter 3 | log file /var/log/frr/bgpd.log 4 | ! 5 | router bgp 65000 6 | no bgp default ipv4-unicast 7 | bgp router-id 1.1.1.{{ id }} 8 | {% for remote in [11, 12, 21, 22] if remote != id %} 9 | neighbor 2001:db8::{{ remote }} remote-as internal 10 | {% endfor %} 11 | address-family ipv6 unicast 12 | {% for remote in [11, 12, 21, 22] if remote != id %} 13 | neighbor 2001:db8::{{ remote }} activate 14 | {% endfor %} 15 | exit-address-family 16 | ! 17 | line vty 18 | -------------------------------------------------------------------------------- /lab-bgp-hostname/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | spawn vm bird1 network 1 7 | spawn vm bird2 network 1 8 | spawn vm frr1 network 1 9 | spawn vm frr2 network 1 10 | 11 | run 12 | 13 | case $uts in 14 | bird*) 15 | ip addr add 2001:db8::1${uts#bird}/64 dev eth0 16 | template bird2.birdX.conf bird2.$uts.conf id=1${uts#bird} 17 | service bird 18 | ;; 19 | frr*) 20 | ip addr add 2001:db8::2${uts#frr}/64 dev eth0 21 | template frr-bgpd.frrX.conf frr-bgpd.$uts.conf id=2${uts#frr} 22 | service frr 23 | ;; 24 | esac 25 | -------------------------------------------------------------------------------- /lab-bgp-infinite-aspath/cisco-R0.conf: -------------------------------------------------------------------------------- 1 | interface Loopback0 2 | ipv6 address 2001:db8::1/128 3 | interface GigabitEthernet0/0/0/0 4 | no shut 5 | interface GigabitEthernet0/0/0/0.101 6 | ipv6 address 2001:db8::1:0/127 7 | encapsulation dot1q 101 8 | ! 9 | router bgp 64500 10 | bgp confederation peers 11 | 64501 12 | 64502 13 | 64503 14 | bgp confederation identifier 64496 15 | bgp router-id 1.0.0.4 16 | timers bgp 10 30 17 | address-family ipv6 unicast 18 | network 2001:db8::1/128 19 | neighbor 2001:db8::1:1 20 | description R1 21 | remote-as 64501 22 | address-family ipv6 unicast 23 | ! 24 | -------------------------------------------------------------------------------- /lab-bgp-infinite-aspath/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | SWITCH_MON=1 7 | 8 | spawn cisco-iosxrv R0 network 1 9 | spawn cisco-iosxrv R1 network 1 10 | spawn cisco-iosxrv R2 network 1 11 | spawn cisco-iosxrv R3 network 1 12 | 13 | run 14 | -------------------------------------------------------------------------------- /lab-bgp-llgr-rr/bird6.C1.conf: -------------------------------------------------------------------------------- 1 | router id 1.0.0.1; 2 | 3 | include "bird-common.conf"; 4 | 5 | template bgp RR from PEER { 6 | add paths rx; 7 | } 8 | protocol bgp RR11 from RR { 9 | neighbor 2001:db8:1::f1 as 65000; 10 | } 11 | protocol bgp RR12 from RR { 12 | neighbor 2001:db8:2::f1 as 65000; 13 | } 14 | -------------------------------------------------------------------------------- /lab-bgp-llgr-rr/bird6.C2.conf: -------------------------------------------------------------------------------- 1 | router id 1.0.0.2; 2 | 3 | include "bird-common.conf"; 4 | 5 | template bgp RR from PEER { 6 | add paths rx; 7 | } 8 | protocol bgp RR11 from RR { 9 | neighbor 2001:db8:1::f1 as 65000; 10 | } 11 | protocol bgp RR12 from RR { 12 | neighbor 2001:db8:2::f1 as 65000; 13 | } 14 | -------------------------------------------------------------------------------- /lab-bgp-llgr-rr/bird6.C3.conf: -------------------------------------------------------------------------------- 1 | router id 1.0.0.3; 2 | 3 | include "bird-common.conf"; 4 | 5 | template bgp RR from PEER { 6 | add paths rx; 7 | } 8 | protocol bgp RR21 from RR { 9 | neighbor 2001:db8:1::f2 as 65000; 10 | } 11 | protocol bgp RR22 from RR { 12 | neighbor 2001:db8:2::f2 as 65000; 13 | } 14 | -------------------------------------------------------------------------------- /lab-bgp-llgr-rr/bird6.C4.conf: -------------------------------------------------------------------------------- 1 | router id 1.0.0.4; 2 | 3 | include "bird-common.conf"; 4 | 5 | template bgp RR from PEER { 6 | add paths rx; 7 | } 8 | protocol bgp RR21 from RR { 9 | neighbor 2001:db8:1::f2 as 65000; 10 | } 11 | protocol bgp RR22 from RR { 12 | neighbor 2001:db8:2::f2 as 65000; 13 | } 14 | -------------------------------------------------------------------------------- /lab-bgp-llgr-rr/bird6.RR11.conf: -------------------------------------------------------------------------------- 1 | router id 0.0.1.1; 2 | 3 | include "bird-common.conf"; 4 | 5 | template bgp CLIENT from PEER { 6 | rr client; 7 | rr cluster id 0.0.1.1; 8 | next hop keep; 9 | add paths tx; 10 | } 11 | template bgp RR from PEER { 12 | rr client; 13 | rr cluster id 0.0.1.1; 14 | next hop keep; 15 | add paths yes; 16 | } 17 | protocol bgp RR21 from RR { 18 | neighbor 2001:db8:1::f2 as 65000; 19 | } 20 | protocol bgp C1 from CLIENT { 21 | neighbor 2001:db8:1::1 as 65000; 22 | } 23 | protocol bgp C2 from CLIENT { 24 | neighbor 2001:db8:1::2 as 65000; 25 | } 26 | -------------------------------------------------------------------------------- /lab-bgp-llgr-rr/bird6.RR12.conf: -------------------------------------------------------------------------------- 1 | router id 0.0.1.2; 2 | 3 | include "bird-common.conf"; 4 | 5 | template bgp CLIENT from PEER { 6 | rr client; 7 | rr cluster id 0.0.1.2; 8 | next hop keep; 9 | add paths tx; 10 | } 11 | template bgp RR from PEER { 12 | rr client; 13 | rr cluster id 0.0.1.2; 14 | next hop keep; 15 | add paths yes; 16 | } 17 | protocol bgp RR22 from RR { 18 | neighbor 2001:db8:2::f2 as 65000; 19 | } 20 | protocol bgp C1 from CLIENT { 21 | neighbor 2001:db8:2::1 as 65000; 22 | } 23 | protocol bgp C2 from CLIENT { 24 | neighbor 2001:db8:2::2 as 65000; 25 | } 26 | -------------------------------------------------------------------------------- /lab-bgp-llgr-rr/bird6.RR21.conf: -------------------------------------------------------------------------------- 1 | router id 0.0.2.1; 2 | 3 | include "bird-common.conf"; 4 | 5 | template bgp CLIENT from PEER { 6 | rr client; 7 | rr cluster id 0.0.2.1; 8 | next hop keep; 9 | add paths tx; 10 | } 11 | template bgp RR from PEER { 12 | rr client; 13 | rr cluster id 0.0.2.1; 14 | next hop keep; 15 | add paths yes; 16 | } 17 | protocol bgp RR11 from RR { 18 | neighbor 2001:db8:1::f1 as 65000; 19 | } 20 | protocol bgp C3 from CLIENT { 21 | neighbor 2001:db8:1::3 as 65000; 22 | } 23 | protocol bgp C4 from CLIENT { 24 | neighbor 2001:db8:1::4 as 65000; 25 | } 26 | -------------------------------------------------------------------------------- /lab-bgp-llgr-rr/bird6.RR22.conf: -------------------------------------------------------------------------------- 1 | router id 0.0.2.2; 2 | 3 | include "bird-common.conf"; 4 | 5 | template bgp CLIENT from PEER { 6 | rr client; 7 | rr cluster id 0.0.2.2; 8 | next hop keep; 9 | add paths tx; 10 | } 11 | template bgp RR from PEER { 12 | rr client; 13 | rr cluster id 0.0.2.2; 14 | next hop keep; 15 | add paths yes; 16 | } 17 | protocol bgp RR12 from RR { 18 | neighbor 2001:db8:2::f1 as 65000; 19 | } 20 | protocol bgp C3 from CLIENT { 21 | neighbor 2001:db8:2::3 as 65000; 22 | } 23 | protocol bgp C4 from CLIENT { 24 | neighbor 2001:db8:2::4 as 65000; 25 | } 26 | -------------------------------------------------------------------------------- /lab-bgp-rpki/.gitignore: -------------------------------------------------------------------------------- 1 | /ssh_key_* 2 | -------------------------------------------------------------------------------- /lab-bgp-rpki/quagga-zebra.R4.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/frr/zebra.log 2 | ! 3 | line vty 4 | ! 5 | -------------------------------------------------------------------------------- /lab-bgp-rpki/rpki.json: -------------------------------------------------------------------------------- 1 | { 2 | "roas": [ 3 | { 4 | "prefix": "2001:db8:cccc::/48", 5 | "maxLength": 48, 6 | "asn": "AS65000" 7 | }, { 8 | "prefix": "2001:db8:dddd::/48", 9 | "maxLength": 48, 10 | "asn": "AS65007" 11 | }, { 12 | "prefix": "2001:db8:ffff::/48", 13 | "maxLength": 48, 14 | "asn": "AS65008" 15 | } 16 | ] 17 | } 18 | -------------------------------------------------------------------------------- /lab-bgp-rr-forwarding-loop/.gitignore: -------------------------------------------------------------------------------- 1 | /bird.E1.conf 2 | /bird.E2.conf 3 | /bird.R1.conf 4 | /bird.R2.conf 5 | /bird.R3.conf 6 | /bird.R4.conf 7 | /bird.R5.conf 8 | -------------------------------------------------------------------------------- /lab-bgp-rr-no-convergence/.gitignore: -------------------------------------------------------------------------------- 1 | /bird.B0.conf 2 | /bird.B1.conf 3 | /bird.B2.conf 4 | /bird.R0.conf 5 | /bird.R1.conf 6 | /bird.R2.conf 7 | -------------------------------------------------------------------------------- /lab-bird-dead-routes/.gitignore: -------------------------------------------------------------------------------- 1 | /bird.R1.conf 2 | /bird.R2.conf 3 | -------------------------------------------------------------------------------- /lab-bird-dead-routes/bird.Rx.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.{{ i }}; 3 | 4 | protocol bgp PEER { 5 | debug all; 6 | local as 65000; 7 | ipv4 { 8 | import all; 9 | export all; 10 | next hop self; 11 | }; 12 | neighbor 203.0.113.{{ 3 - i }} as 65000; 13 | hold time 6; 14 | } 15 | 16 | protocol kernel { 17 | persist; 18 | ipv4 { 19 | import all; 20 | export all; 21 | }; 22 | learn; 23 | scan time 10; 24 | merge paths yes; 25 | } 26 | 27 | protocol device { 28 | scan time 10; 29 | } 30 | -------------------------------------------------------------------------------- /lab-bond-4-19/capture: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | 3 | import sys 4 | import socket 5 | import datetime 6 | 7 | socket.SOL_PACKET = 263 8 | socket.PACKET_ORIGDEV = 9 9 | 10 | interface = sys.argv[1] if len(sys.argv) > 1 else 'lag1' 11 | 12 | s = socket.socket(socket.AF_PACKET, 13 | socket.SOCK_RAW, 14 | socket.htons(0x88cc)) 15 | s.bind((interface, 0)) 16 | s.setsockopt(socket.SOL_PACKET, socket.PACKET_ORIGDEV, 1) 17 | while True: 18 | data, addrinfo = s.recvfrom(1500) 19 | if addrinfo[2] == socket.PACKET_OUTGOING: 20 | continue 21 | print(f"{datetime.datetime.now().isoformat()}: " 22 | f"Received {len(data)} bytes from {addrinfo}") 23 | -------------------------------------------------------------------------------- /lab-bridge-linux/nftables: -------------------------------------------------------------------------------- 1 | table netdev firewall { 2 | chain ingress { 3 | type filter hook ingress device br0 priority 0; policy drop; 4 | log 5 | } 6 | } 7 | -------------------------------------------------------------------------------- /lab-bridge-linux/xdp_drop_all.c: -------------------------------------------------------------------------------- 1 | /* Compile with: 2 | * clang -O2 -target bpf -c xdp_drop_all.c -o xdp_drop_all.o 3 | * 4 | * Install with: 5 | * ip link set dev erspan1 xdp obj xdp_drop_all.o sec .text 6 | */ 7 | 8 | #include 9 | 10 | int main() 11 | { 12 | return XDP_DROP; 13 | } 14 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv-bgp-epvn-mpls/.gitignore: -------------------------------------------------------------------------------- 1 | /cisco-spine1.conf 2 | /cisco-spine2.conf 3 | /cisco-leaf1.conf 4 | /cisco-leaf2.conf 5 | /cisco-leaf5.conf 6 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv-bgp-network-originate/README.md: -------------------------------------------------------------------------------- 1 | # IOS XRv policy effect on network/originated routes 2 | 3 | The goal is to check if a route from a network clause is subject to 4 | out policy. Same for `default-originate`. The conclusion is that 5 | `network` directives are subject to further filtering while 6 | `default-originate` will not. 7 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv-bgp-network-originate/bird.R1.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 192.0.2.0; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol bgp { 7 | local 192.0.2.0 as 65000; 8 | neighbor 192.0.2.1 as 65001; 9 | ipv4 { 10 | import all; 11 | export all; 12 | }; 13 | } 14 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv-bgp-network-originate/cisco-XRv.conf: -------------------------------------------------------------------------------- 1 | interface GigabitEthernet0/0/0/0 2 | ipv4 address 192.0.2.1 255.255.255.254 3 | no shut 4 | ! 5 | router static 6 | address-family ipv4 unicast 7 | 198.51.100.0/24 Null0 8 | ! 9 | ! 10 | route-policy bgp_out 11 | drop 12 | end-policy 13 | ! 14 | router bgp 65001 15 | timers bgp 10 30 16 | bgp router-id 203.0.113.3 17 | address-family ipv4 unicast 18 | network 198.51.100.0/24 19 | ! 20 | neighbor 192.0.2.0 21 | remote-as 65000 22 | route-policy bgp_out out 23 | address-family ipv4 unicast 24 | route-policy bgp_out out 25 | default-originate 26 | ! 27 | ! 28 | ! 29 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv-bgp-network-originate/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | spawn vm R1 network 1 7 | spawn cisco-iosxrv XRv network 1 8 | 9 | run 10 | 11 | case $uts in 12 | R1) 13 | ip addr add 192.0.2.0/31 dev eth0 14 | service bird 15 | ;; 16 | esac 17 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv-bgp-timers/bird.R2.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 203.0.113.2; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import all; 9 | export all; 10 | } 11 | 12 | protocol ospf UNDERLAY { 13 | import all; 14 | export all; 15 | area 0.0.0.0 { 16 | interface "eth0"; 17 | interface "dummy0" { 18 | stub yes; 19 | }; 20 | }; 21 | } 22 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv-bgp-timers/cisco-IOS1.conf: -------------------------------------------------------------------------------- 1 | interface Loopback0 2 | ipv4 address 203.0.113.3 255.255.255.255 3 | ! 4 | interface GigabitEthernet0/0/0/0 5 | ipv4 address 192.0.2.3 255.255.255.248 6 | no shut 7 | ! 8 | router ospf 1 9 | router-id 203.0.113.3 10 | area 0.0.0.0 11 | interface Loopback0 12 | passive enable 13 | ! 14 | interface GigabitEthernet0/0/0/0 15 | ! 16 | ! 17 | ! 18 | router bgp 65001 19 | timers bgp 10 30 20 | bgp router-id 203.0.113.3 21 | address-family ipv4 unicast 22 | ! 23 | neighbor 203.0.113.1 24 | remote-as 65001 25 | update-source Loopback0 26 | ! 27 | ! 28 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv-llgr/bird.bird.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 2.2.2.2; 3 | protocol device { 4 | scan time 10; 5 | } 6 | 7 | protocol bgp XRV1 { 8 | ipv4 { 9 | export all; 10 | import none; 11 | next hop self; 12 | }; 13 | local as 65000; 14 | neighbor 192.0.2.30 as 65000; 15 | graceful restart yes; 16 | graceful restart time 0; 17 | long lived graceful restart yes; 18 | long lived stale time 86400; # keep routes for 1 day! 19 | } 20 | 21 | protocol static BLACKHOLE { 22 | ipv4 { 23 | export none; 24 | import all; 25 | }; 26 | route 8.8.8.8/32 blackhole; 27 | route 8.8.4.4/32 blackhole; 28 | } 29 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv-llgr/cisco-xrv1.conf: -------------------------------------------------------------------------------- 1 | interface GigabitEthernet0/0/0/0 2 | description bird 3 | ipv4 address 192.0.2.30 255.255.255.254 4 | no shut 5 | ! 6 | router bgp 65000 7 | nsr 8 | bgp router-id 1.1.1.1 9 | address-family ipv4 unicast 10 | neighbor 192.0.2.31 11 | remote-as 65000 12 | address-family ipv4 unicast 13 | long-lived-graceful-restart stale-time send 86400 accept 86400 14 | ! 15 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv-llgr/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | spawn vm bird network 1 7 | spawn cisco-iosxrv xrv1 network 1 8 | 9 | run 10 | 11 | case $uts in 12 | bird) 13 | ip addr add 192.0.2.31/31 dev eth0 14 | service bird 15 | ;; 16 | esac 17 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv-rt/.gitignore: -------------------------------------------------------------------------------- 1 | /cisco-r1.conf 2 | /cisco-r2.conf 3 | /cisco-r3.conf 4 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv-rt/bird.ce0.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id from "dummy0"; 3 | 4 | protocol device { 5 | scan time 10; 6 | } 7 | 8 | protocol kernel KERNELv4 { 9 | merge paths yes; 10 | ipv4 { 11 | import none; 12 | export all; 13 | }; 14 | } 15 | protocol direct DIRECTv4 { 16 | ipv4; 17 | interface "dummy0"; 18 | } 19 | 20 | template bgp PE { 21 | connect delay time 1; 22 | connect retry time 5; 23 | error wait time 1,5; 24 | error forget time 10; 25 | local as 65101; 26 | } 27 | protocol bgp PEv4 from PE { 28 | ipv4 { 29 | export all; 30 | import all; 31 | }; 32 | neighbor 203.0.113.1 as 65001; 33 | } 34 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv-rtbh-redirect/bird.injector.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 2.2.2.2; 3 | protocol device { 4 | scan time 10; 5 | } 6 | 7 | protocol bgp XRV1 { 8 | ipv4 { 9 | export all; 10 | import none; 11 | }; 12 | local as 65000; 13 | neighbor 192.0.2.30 as 65000; 14 | graceful restart yes; 15 | graceful restart time 0; 16 | long lived graceful restart yes; 17 | long lived stale time 86400; # keep routes for 1 day! 18 | } 19 | 20 | protocol kernel BLACKHOLE { 21 | ipv4 { 22 | export none; 23 | import filter { 24 | bgp_next_hop = 192.0.2.25; 25 | accept; 26 | }; 27 | }; 28 | learn yes; 29 | kernel table 100; 30 | } 31 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv-srv6/.gitignore: -------------------------------------------------------------------------------- 1 | /cisco-r1.conf 2 | /cisco-r2.conf 3 | /cisco-r3.conf 4 | /cisco-r4.conf 5 | /cisco-r5.conf 6 | /bird.ce6.conf 7 | /bird.ce7.conf 8 | /run.ce6 9 | /run.ce7 10 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv-srv6/data.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | microsegments: true 3 | r1: 4 | index: 1 5 | ce: 6 | - ce6 7 | delays: 8 | - 5000 9 | - 100 10 | r2: 11 | index: 2 12 | delays: 13 | - 5000 14 | - 2000 15 | r3: 16 | index: 3 17 | ce: 18 | - ce7 19 | delays: 20 | - 2000 21 | - 100 22 | r4: 23 | index: 4 24 | delays: 25 | - 100 26 | - 1000 27 | r5: 28 | index: 5 29 | delays: 30 | - 1000 31 | - 100 32 | ce6: 33 | index: 1 34 | as: 65101 35 | ip: 203.0.113.1/31 36 | ce7: 37 | index: 2 38 | as: 65102 39 | ip: 203.0.113.3/31 40 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv-srv6/run-ceX.j2: -------------------------------------------------------------------------------- 1 | {% set alldata = yaml("data.yaml") %} 2 | {% set data = alldata[uts] %} 3 | {% set index = data.index %} 4 | 5 | ip addr add 192.0.2.{{ index }}/32 dev dummy0 6 | ip -6 addr add 2001:db8::192.0.2.{{ index }}/128 dev dummy0 7 | 8 | ip link add name eth0.l3 link eth0 type vlan id 30 9 | ip link set up dev eth0.l3 10 | ip addr add {{ data.ip }} dev eth0.l3 11 | ip -6 addr add 2001:db8::{{ data.ip | ipaddr("address") }}/{{ data.ip | ipaddr("prefix") + 96 }} dev eth0.l3 12 | 13 | ip link add name eth0.l2 link eth0 type vlan id 20 14 | ip link set up dev eth0.l2 15 | ip addr add 192.168.0.{{ index + 10 }}/24 dev eth0.l2 16 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv/bird.R1.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.1; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | ipv4 { 9 | import none; 10 | export all; 11 | }; 12 | } 13 | 14 | protocol ospf INTERNAL { 15 | ipv4 { 16 | import all; 17 | export none; 18 | }; 19 | area 0.0.0.0 { 20 | networks { 21 | 192.0.2.0/24; 22 | 198.51.100.101/32; 23 | }; 24 | interface "eth0" { 25 | bfd yes; 26 | }; 27 | interface "dummy0" { stub yes; }; 28 | }; 29 | } 30 | 31 | protocol bfd BFD { 32 | interface "eth0" { 33 | interval 200ms; 34 | multiplier 5; 35 | }; 36 | } 37 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv/bird.R2.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 2.2.2.2; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | ipv4 { 9 | import none; 10 | export all; 11 | }; 12 | } 13 | 14 | protocol ospf INTERNAL { 15 | ipv4 { 16 | import all; 17 | export none; 18 | }; 19 | area 0.0.0.0 { 20 | networks { 21 | 192.0.2.0/24; 22 | 198.51.100.102/32; 23 | }; 24 | interface "eth0" { 25 | bfd yes; 26 | }; 27 | interface "dummy0" { stub yes; }; 28 | }; 29 | } 30 | 31 | protocol bfd BFD { 32 | interface "eth0" { 33 | interval 200ms; 34 | multiplier 5; 35 | }; 36 | } 37 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv/cisco-IOS1.conf: -------------------------------------------------------------------------------- 1 | interface Loopback0 2 | ipv4 address 198.51.100.103 255.255.255.255 3 | ! 4 | interface GigabitEthernet0/0/0/0 5 | ipv4 address 192.0.2.3 255.255.255.0 6 | no shut 7 | ! 8 | router ospf 1 9 | router-id 3.3.3.3 10 | area 0.0.0.0 11 | interface Loopback0 12 | passive enable 13 | ! 14 | interface GigabitEthernet0/0/0/0 15 | bfd minimum-interval 200 16 | bfd multiplier 5 17 | ! 18 | ! 19 | ! 20 | -------------------------------------------------------------------------------- /lab-cisco-iosxrv/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | spawn vm R1 network 1 7 | spawn vm R2 network 1 8 | spawn cisco-iosxrv IOS1 network 1 9 | 10 | run 11 | 12 | case $uts in 13 | R1) 14 | ip addr add 192.0.2.1/24 dev eth0 15 | ip addr add 198.51.100.101/32 dev dummy0 16 | service bird 17 | ;; 18 | R2) 19 | ip addr add 192.0.2.2/24 dev eth0 20 | ip addr add 198.51.100.102/32 dev dummy0 21 | service bird 22 | ;; 23 | esac 24 | -------------------------------------------------------------------------------- /lab-cisco-nxos/bird.R1.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.1; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | ipv4 { 9 | import none; 10 | export all; 11 | }; 12 | } 13 | 14 | protocol ospf INTERNAL { 15 | ipv4 { 16 | import all; 17 | export none; 18 | }; 19 | area 0.0.0.0 { 20 | networks { 21 | 192.0.2.0/24; 22 | 198.51.100.101/32; 23 | }; 24 | interface "eth0" { 25 | bfd yes; 26 | }; 27 | interface "dummy0" { stub yes; }; 28 | }; 29 | } 30 | 31 | protocol bfd BFD { 32 | interface "eth0" { 33 | interval 200ms; 34 | multiplier 5; 35 | }; 36 | } 37 | -------------------------------------------------------------------------------- /lab-cisco-nxos/bird.R2.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 2.2.2.2; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | ipv4 { 9 | import none; 10 | export all; 11 | }; 12 | } 13 | 14 | protocol ospf INTERNAL { 15 | ipv4 { 16 | import all; 17 | export none; 18 | }; 19 | area 0.0.0.0 { 20 | networks { 21 | 192.0.2.0/24; 22 | 198.51.100.102/32; 23 | }; 24 | interface "eth0" { 25 | bfd yes; 26 | }; 27 | interface "dummy0" { stub yes; }; 28 | }; 29 | } 30 | 31 | protocol bfd BFD { 32 | interface "eth0" { 33 | interval 200ms; 34 | multiplier 5; 35 | }; 36 | } 37 | -------------------------------------------------------------------------------- /lab-cisco-nxos/cisco-NX1.conf: -------------------------------------------------------------------------------- 1 | feature ospf 2 | feature bfd 3 | 4 | interface Ethernet1/1 5 | no switchport 6 | no ip redirects 7 | ip address 192.0.2.3/24 8 | ip ospf cost 10 9 | ip ospf bfd 10 | no ip ospf passive-interface 11 | ip router ospf 1 area 0.0.0.0 12 | no shutdown 13 | 14 | interface loopback0 15 | ip address 198.51.100.103/32 16 | ip router ospf 1 area 0.0.0.0 17 | 18 | router ospf 1 19 | router-id 3.3.3.3 20 | passive-interface default 21 | bfd 22 | -------------------------------------------------------------------------------- /lab-cisco-nxos/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | spawn vm R1 network 1 7 | spawn vm R2 network 1 8 | spawn cisco-nxos NX1 network 1 9 | 10 | run 11 | 12 | case $uts in 13 | R1) 14 | ip addr add 192.0.2.1/24 dev eth0 15 | ip addr add 198.51.100.101/32 dev dummy0 16 | service bird 17 | ;; 18 | R2) 19 | ip addr add 192.0.2.2/24 dev eth0 20 | ip addr add 198.51.100.102/32 dev dummy0 21 | service bird 22 | ;; 23 | esac 24 | -------------------------------------------------------------------------------- /lab-cisco-puppet/README.md: -------------------------------------------------------------------------------- 1 | Puppet with Cisco devices 2 | ========================= 3 | 4 | This lab features the use of `puppet device` with Cisco devices. On 5 | Cisco, those commands should be run first: 6 | 7 | conf t 8 | crypto key generate rsa general-keys modulus 1024 9 | -------------------------------------------------------------------------------- /lab-cisco-puppet/puppet/device.conf: -------------------------------------------------------------------------------- 1 | [cisco.local] 2 | type cisco 3 | url ssh://puppet:cisco@10.234.78.20/ 4 | -------------------------------------------------------------------------------- /lab-cisco-puppet/puppet/manifests/site.pp: -------------------------------------------------------------------------------- 1 | node "cisco.local" { 2 | 3 | interface { "FastEthernet 0/1": 4 | description => "dummy interface", 5 | ipaddress => "192.168.14.1/24", 6 | ensure => present 7 | } 8 | 9 | } 10 | -------------------------------------------------------------------------------- /lab-cisco-puppet/puppet/puppet.conf: -------------------------------------------------------------------------------- 1 | [main] 2 | logdir = /var/log/puppet 3 | vardir = /var/lib/puppet 4 | rundir = /var/run/puppet 5 | ssldir = $vardir/ssl 6 | factpath = $vardir/lib/facter 7 | report = false 8 | pluginsync = false 9 | server = puppet 10 | 11 | [master] 12 | autosign = false 13 | ca = true 14 | certname = puppet 15 | -------------------------------------------------------------------------------- /lab-cloudinit/.gitignore: -------------------------------------------------------------------------------- 1 | /*.img 2 | -------------------------------------------------------------------------------- /lab-cloudinit/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | spawn img openbsd network oob,1 7 | spawn img freebsd network oob,1 8 | spawn img ubuntu network oob,1 9 | spawn img debian network oob,1 10 | MEM=512M spawn img centos network oob,1 11 | run 12 | -------------------------------------------------------------------------------- /lab-cloudinit/user-data.debian: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | runcmd: 3 | - ip a l 4 | network: 5 | version: 2 6 | ethernets: 7 | ens4: 8 | addresses: 9 | - 192.168.0.10/24 10 | -------------------------------------------------------------------------------- /lab-cumulusvx-alone/cumulus/etc/network/interfaces: -------------------------------------------------------------------------------- 1 | auto lo 2 | iface lo inet loopback 3 | 4 | auto eth0 5 | iface eth0 inet dhcp 6 | vrf mgmt 7 | 8 | auto mgmt 9 | iface mgmt 10 | address 127.0.0.1/8 11 | vrf-table auto 12 | -------------------------------------------------------------------------------- /lab-cumulusvx-alone/cumulus/run: -------------------------------------------------------------------------------- 1 | ifreload -a 2 | -------------------------------------------------------------------------------- /lab-cumulusvx-alone/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | # Which VM to spawn 7 | spawn cumulus-vx cumulus networks 1,2,3,4 8 | 9 | run 10 | -------------------------------------------------------------------------------- /lab-cumulusvx-bgptth-baremetal/.gitignore: -------------------------------------------------------------------------------- 1 | /leaf01/etc/frr/frr.conf 2 | /leaf01/etc/network/interfaces 3 | /leaf02/etc/frr/frr.conf 4 | /leaf02/etc/network/interfaces 5 | /leaf03/etc/frr/frr.conf 6 | /leaf03/etc/network/interfaces 7 | /leaf04/etc/frr/frr.conf 8 | /leaf04/etc/network/interfaces 9 | /spine01/etc/frr/frr.conf 10 | /spine01/etc/network/interfaces 11 | /spine02/etc/frr/frr.conf 12 | /spine02/etc/network/interfaces 13 | /leaf01/etc/frr/daemons 14 | /leaf01/run 15 | /leaf02/etc/frr/daemons 16 | /leaf02/run 17 | /leaf03/etc/frr/daemons 18 | /leaf03/run 19 | /leaf04/etc/frr/daemons 20 | /leaf04/run 21 | /spine01/etc/frr/daemons 22 | /spine01/run 23 | /spine02/etc/frr/daemons 24 | /spine02/run 25 | -------------------------------------------------------------------------------- /lab-cumulusvx-bgptth-baremetal/air/spine01-interfaces: -------------------------------------------------------------------------------- 1 | # Ansible Managed File 2 | auto lo 3 | iface lo inet loopback 4 | address 10.10.10.101/32 5 | 6 | auto eth0 7 | iface eth0 8 | vrf mgmt 9 | address 192.168.200.21/24 10 | 11 | auto mgmt 12 | iface mgmt 13 | vrf-table auto 14 | address 127.0.0.1/8 15 | address ::1/128 16 | 17 | auto swp1 18 | iface swp1 19 | alias to leaf 20 | 21 | auto swp2 22 | iface swp2 23 | alias to leaf 24 | 25 | auto swp3 26 | iface swp3 27 | alias to leaf 28 | 29 | auto swp4 30 | iface swp4 31 | alias to leaf 32 | 33 | auto swp5 34 | iface swp5 35 | alias to leaf 36 | 37 | auto swp6 38 | iface swp6 39 | alias to leaf 40 | -------------------------------------------------------------------------------- /lab-cumulusvx-bgptth-baremetal/cumulusX/etc/frr/daemons: -------------------------------------------------------------------------------- 1 | zebra=yes 2 | bgpd=yes 3 | ospfd=no 4 | ospf6d=no 5 | ripd=no 6 | ripngd=no 7 | isisd=no 8 | babeld=no 9 | -------------------------------------------------------------------------------- /lab-cumulusvx-bgptth-baremetal/cumulusX/run: -------------------------------------------------------------------------------- 1 | ifreload -a 2 | service frr restart 3 | -------------------------------------------------------------------------------- /lab-cumulusvx-mlag/leaf01/etc/frr/daemons: -------------------------------------------------------------------------------- 1 | zebra=yes 2 | bgpd=yes 3 | ospfd=no 4 | ospf6d=no 5 | ripd=no 6 | ripngd=no 7 | isisd=no 8 | babeld=no 9 | -------------------------------------------------------------------------------- /lab-cumulusvx-mlag/leaf01/run: -------------------------------------------------------------------------------- 1 | ifreload -a 2 | service frr restart 3 | -------------------------------------------------------------------------------- /lab-cumulusvx-mlag/leaf02/etc/frr/daemons: -------------------------------------------------------------------------------- 1 | ../../../leaf01/etc/frr/daemons -------------------------------------------------------------------------------- /lab-cumulusvx-mlag/leaf02/run: -------------------------------------------------------------------------------- 1 | ../leaf01/run -------------------------------------------------------------------------------- /lab-cumulusvx-mlag/leaf03/etc/frr/daemons: -------------------------------------------------------------------------------- 1 | ../../../leaf01/etc/frr/daemons -------------------------------------------------------------------------------- /lab-cumulusvx-mlag/leaf03/run: -------------------------------------------------------------------------------- 1 | ../leaf01/run -------------------------------------------------------------------------------- /lab-cumulusvx-mlag/leaf04/etc/frr/daemons: -------------------------------------------------------------------------------- 1 | ../../../leaf01/etc/frr/daemons -------------------------------------------------------------------------------- /lab-cumulusvx-mlag/leaf04/run: -------------------------------------------------------------------------------- 1 | ../leaf01/run -------------------------------------------------------------------------------- /lab-cumulusvx-mlag/spine01/etc/frr/daemons: -------------------------------------------------------------------------------- 1 | ../../../leaf01/etc/frr/daemons -------------------------------------------------------------------------------- /lab-cumulusvx-mlag/spine01/etc/network/interfaces: -------------------------------------------------------------------------------- 1 | auto lo 2 | iface lo inet loopback 3 | address 10.0.0.21/32 4 | 5 | auto eth0 6 | iface eth0 inet dhcp 7 | 8 | 9 | # downlinks 10 | auto swp1 11 | iface swp1 12 | 13 | auto swp2 14 | iface swp2 15 | 16 | auto swp3 17 | iface swp3 18 | 19 | auto swp4 20 | iface swp4 21 | -------------------------------------------------------------------------------- /lab-cumulusvx-mlag/spine01/run: -------------------------------------------------------------------------------- 1 | ../leaf01/run -------------------------------------------------------------------------------- /lab-cumulusvx-mlag/spine02/etc/frr/daemons: -------------------------------------------------------------------------------- 1 | ../../../leaf01/etc/frr/daemons -------------------------------------------------------------------------------- /lab-cumulusvx-mlag/spine02/etc/network/interfaces: -------------------------------------------------------------------------------- 1 | auto lo 2 | iface lo inet loopback 3 | address 10.0.0.22/32 4 | 5 | auto eth0 6 | iface eth0 inet dhcp 7 | 8 | # downlinks 9 | auto swp1 10 | iface swp1 11 | 12 | auto swp2 13 | iface swp2 14 | 15 | auto swp3 16 | iface swp3 17 | 18 | auto swp4 19 | iface swp4 20 | -------------------------------------------------------------------------------- /lab-cumulusvx-mlag/spine02/run: -------------------------------------------------------------------------------- 1 | ../leaf01/run -------------------------------------------------------------------------------- /lab-cumulusvx-roh/.gitignore: -------------------------------------------------------------------------------- 1 | /leaf* 2 | /spine* 3 | /quagga-zebra.* 4 | /leaf01/etc/frr/frr.conf 5 | /leaf01/etc/network/interfaces 6 | /leaf02/etc/frr/frr.conf 7 | /leaf02/etc/network/interfaces 8 | /leaf03/etc/frr/frr.conf 9 | /leaf03/etc/network/interfaces 10 | /leaf04/etc/frr/frr.conf 11 | /leaf04/etc/network/interfaces 12 | /spine01/etc/frr/frr.conf 13 | /spine01/etc/network/interfaces 14 | /spine02/etc/frr/frr.conf 15 | /spine02/etc/network/interfaces 16 | /quagga-bgpd.server01.conf 17 | /quagga-bgpd.server03.conf 18 | /quagga-bgpd.server02.conf 19 | /quagga-bgpd.server04.conf 20 | -------------------------------------------------------------------------------- /lab-cumulusvx-roh/cumulusX/etc/frr/daemons: -------------------------------------------------------------------------------- 1 | zebra=yes 2 | bgpd=yes 3 | ospfd=no 4 | ospf6d=no 5 | ripd=no 6 | ripngd=no 7 | isisd=no 8 | babeld=no 9 | -------------------------------------------------------------------------------- /lab-cumulusvx-roh/cumulusX/etc/frr/frr.conf.j2: -------------------------------------------------------------------------------- 1 | frr defaults datacenter 2 | service integrated-vtysh-config 3 | log syslog informational 4 | 5 | {% for iface in neighbors.split(",") %} 6 | interface {{ iface }} 7 | no ipv6 nd suppress-ra 8 | ipv6 nd ra-interval 3 9 | ! 10 | {% endfor %} 11 | router bgp {{ asn }} 12 | bgp router-id {{ loopback }} 13 | bgp bestpath as-path multipath-relax 14 | network {{ loopback }}/32 15 | {% for iface in neighbors.split(",") %} 16 | neighbor {{ iface }} interface remote-as external 17 | neighbor {{ iface }} interface v6only 18 | {% endfor %} 19 | ! 20 | -------------------------------------------------------------------------------- /lab-cumulusvx-roh/cumulusX/etc/network/interfaces.j2: -------------------------------------------------------------------------------- 1 | auto lo 2 | iface lo inet loopback 3 | address {{ loopback }}/32 4 | 5 | # Management 6 | auto eth0 7 | iface eth0 inet dhcp 8 | 9 | {% for iface in neighbors.split(",") %} 10 | auto {{ iface }} 11 | iface {{ iface }} 12 | {%endfor %} 13 | -------------------------------------------------------------------------------- /lab-cumulusvx-roh/cumulusX/run: -------------------------------------------------------------------------------- 1 | ifreload -a 2 | service frr restart 3 | -------------------------------------------------------------------------------- /lab-dhcp-ztp/cisco.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vincentbernat/network-lab/446469e98af0bf02447914d8b9ecd0dbecfa24ef/lab-dhcp-ztp/cisco.pcap -------------------------------------------------------------------------------- /lab-dhcp-ztp/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | spawn vm dhcp networks 1,2 7 | spawn vm linux networks 1,2 8 | 9 | run 10 | 11 | case $uts in 12 | dhcp) 13 | ip addr add 172.29.15.9/24 dev eth0 14 | ip addr add 10.0.2.2/24 dev eth1 15 | service dhcpd -4 -cf $PWD/dhcpd.conf eth0 eth1 16 | ;; 17 | linux) 18 | # service dhclient -v -4 -1 eth0 -lf /tmp/dhcp.leases -cf /dev/null 19 | ;; 20 | esac 21 | -------------------------------------------------------------------------------- /lab-dns64-nat64/radvd.gateway.conf: -------------------------------------------------------------------------------- 1 | interface eth0 { 2 | AdvSendAdvert on; 3 | MinRtrAdvInterval 3; 4 | MaxRtrAdvInterval 10; 5 | prefix 2001:db8:cccc::/64 { 6 | AdvOnLink on; 7 | AdvAutonomous on; 8 | AdvRouterAddr on; 9 | }; 10 | RDNSS 2001:db8:cccc::1 { 11 | }; 12 | }; 13 | -------------------------------------------------------------------------------- /lab-dns64-nat64/tayga.gateway.conf: -------------------------------------------------------------------------------- 1 | tun-device nat64 2 | ipv4-addr 192.0.2.1 3 | ipv6-addr 2001:db8:1::2 4 | prefix 64:ff9b::/96 5 | dynamic-pool 192.0.2.0/28 6 | data-dir /var/lib/tayga 7 | -------------------------------------------------------------------------------- /lab-dns64-nat64/unbound.gateway.conf: -------------------------------------------------------------------------------- 1 | server: 2 | module-config: "dns64 iterator" 3 | interface: ::0 4 | access-control: 2001:db8:cccc::/64 allow 5 | dns64-prefix: 64:ff9b::/96 6 | 7 | forward-zone: 8 | name: "example.com." 9 | forward-addr: 2001:db8:dead::16 10 | -------------------------------------------------------------------------------- /lab-dns64-nat64/unbound.www.conf: -------------------------------------------------------------------------------- 1 | server: 2 | module-config: "iterator" 3 | interface: ::0 4 | access-control: ::/0 allow 5 | 6 | local-zone: "example.com." static 7 | local-data: "www.example.com. IN A 204.0.113.16" 8 | local-data: "www.example.com. IN AAAA 2001:db8:dead::16" 9 | local-data: "v4.example.com. IN A 204.0.113.16" 10 | local-data: "v6.example.com. IN AAAA 2001:db8:dead::16" 11 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/linux: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vincentbernat/network-lab/446469e98af0bf02447914d8b9ecd0dbecfa24ef/lab-ecmp-ipv6/linux -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r1/quagga/ospf6d.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/ospf6d.log 2 | interface dummy0 3 | ipv6 ospf6 passive 4 | ! 5 | router ospf6 6 | router-id 1.1.1.1 7 | interface eth0 area 0.0.0.0 8 | interface eth1 area 0.0.0.0 9 | interface dummy0 area 0.0.0.0 10 | ! 11 | line vty 12 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r1/quagga/ospfd.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/ospfd.log 2 | router ospf 3 | ospf router-id 1.1.1.1 4 | passive-interface default 5 | no passive-interface eth0 6 | no passive-interface eth1 7 | network 192.168.1.0/24 area 0.0.0.0 8 | network 192.168.2.0/24 area 0.0.0.0 9 | network 192.168.99.0/24 area 0.0.0.0 10 | ! 11 | line vty 12 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r1/quagga/vtysh.conf: -------------------------------------------------------------------------------- 1 | hostname r1(VTY) 2 | username root nopassword 3 | username admin nopassword 4 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r1/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname r1 2 | log file /var/log/quagga/zebra.log 3 | ipv6 forwarding 4 | ip forwarding 5 | line vty 6 | debug zebra rib 7 | debug zebra kernel 8 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r2/quagga/ospf6d.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/ospf6d.log 2 | debug ospf6 zebra 3 | router ospf6 4 | router-id 2.2.2.2 5 | interface eth0 area 0.0.0.0 6 | interface eth1 area 0.0.0.0 7 | ! 8 | line vty 9 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r2/quagga/ospfd.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/ospfd.log 2 | router ospf 3 | ospf router-id 2.2.2.2 4 | passive-interface default 5 | no passive-interface eth0 6 | no passive-interface eth1 7 | network 192.168.1.0/24 area 0.0.0.0 8 | network 192.168.2.0/24 area 0.0.0.0 9 | ! 10 | line vty 11 | debug ospf event 12 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r2/quagga/vtysh.conf: -------------------------------------------------------------------------------- 1 | hostname r2(VTY) 2 | username root nopassword 3 | username admin nopassword 4 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r2/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname r2 2 | log file /var/log/quagga/zebra.log 3 | ipv6 forwarding 4 | ip forwarding 5 | line vty 6 | debug zebra rib 7 | debug zebra kernel 8 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r3/quagga/ospf6d.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/ospf6d.log 2 | interface dummy0 3 | ipv6 ospf6 passive 4 | ! 5 | router ospf6 6 | router-id 3.3.3.3 7 | interface eth0 area 0.0.0.0 8 | interface dummy0 area 0.0.0.0 9 | ! 10 | line vty 11 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r3/quagga/ospfd.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/ospfd.log 2 | router ospf 3 | ospf router-id 3.3.3.3 4 | passive-interface default 5 | no passive-interface eth0 6 | network 192.168.1.0/24 area 0.0.0.0 7 | network 192.168.99.0/24 area 0.0.0.0 8 | ! 9 | line vty 10 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r3/quagga/vtysh.conf: -------------------------------------------------------------------------------- 1 | hostname r3(VTY) 2 | username root nopassword 3 | username admin nopassword 4 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r3/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname r3 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | ipv6 forwarding 5 | line vty 6 | debug zebra rib 7 | debug zebra kernel 8 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r4/quagga/ospf6d.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/ospf6d.log 2 | interface dummy0 3 | ipv6 ospf6 passive 4 | ipv6 ospf6 cost 100 5 | ! 6 | router ospf6 7 | router-id 4.4.4.4 8 | interface eth0 area 0.0.0.0 9 | interface dummy0 area 0.0.0.0 10 | ! 11 | line vty 12 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r4/quagga/ospfd.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/ospfd.log 2 | interface dummy0 3 | ip ospf cost 100 4 | ! 5 | router ospf 6 | ospf router-id 4.4.4.4 7 | passive-interface default 8 | no passive-interface eth0 9 | network 192.168.1.0/24 area 0.0.0.0 10 | network 192.168.99.0/24 area 0.0.0.0 11 | ! 12 | line vty 13 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r4/quagga/vtysh.conf: -------------------------------------------------------------------------------- 1 | hostname r4(VTY) 2 | username root nopassword 3 | username admin nopassword 4 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r4/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname r4 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | ipv6 forwarding 5 | line vty 6 | debug zebra rib 7 | debug zebra kernel 8 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r5/quagga/ospf6d.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/ospf6d.log 2 | interface dummy0 3 | ipv6 ospf6 passive 4 | ! 5 | router ospf6 6 | router-id 5.5.5.5 7 | interface eth0 area 0.0.0.0 8 | interface dummy0 area 0.0.0.0 9 | ! 10 | line vty 11 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r5/quagga/ospfd.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/ospfd.log 2 | router ospf 3 | ospf router-id 5.5.5.5 4 | passive-interface default 5 | no passive-interface eth0 6 | network 192.168.1.0/24 area 0.0.0.0 7 | network 192.168.99.0/24 area 0.0.0.0 8 | ! 9 | line vty 10 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r5/quagga/vtysh.conf: -------------------------------------------------------------------------------- 1 | hostname r5(VTY) 2 | username root nopassword 3 | username admin nopassword 4 | -------------------------------------------------------------------------------- /lab-ecmp-ipv6/r5/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname r5 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | ipv6 forwarding 5 | line vty 6 | debug zebra rib 7 | debug zebra kernel 8 | -------------------------------------------------------------------------------- /lab-ecmp-vxlan/README.md: -------------------------------------------------------------------------------- 1 | # ECMP and VXLAN/unicast 2 | 3 | This simple lab setup VXLAN using unicast. For each VXLAN, default 4 | entries are programmed in the FDB to other hosts. VXLAN then does a 5 | good job to learn entries automatically. Use `bridge fdb show dev vx4` 6 | to see learn entries. 7 | 8 | # ECMP and VXLAN/multicast 9 | 10 | See commit 2a2d5a7c940c for tentatives to use multicast. The 11 | conclusion is that I am either too dumb to make it work or advanced 12 | multicast routing (using loopback interfaces) is too limited with 13 | Linux. 14 | -------------------------------------------------------------------------------- /lab-ecmp-vxlan/bird.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | protocol device { 3 | scan time 10; 4 | } 5 | protocol kernel { 6 | persist; 7 | import none; 8 | export all; 9 | } 10 | 11 | protocol ospf INTERNAL { 12 | import all; 13 | export none; 14 | ecmp yes; 15 | area 0.0.0.0 { 16 | interface "eth*" { 17 | bfd yes; 18 | }; 19 | interface "lo" { 20 | stub yes; 21 | }; 22 | }; 23 | } 24 | 25 | protocol bfd BFD { 26 | interface "eth*" { 27 | interval 200ms; 28 | multiplier 5; 29 | }; 30 | } 31 | -------------------------------------------------------------------------------- /lab-epf-urpf/bird6.AS64501.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.1; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol bgp AS64500 { 13 | local as 64501; 14 | neighbor 2001:db8:f:1:: as 64500; 15 | import all; 16 | export all; 17 | } 18 | protocol bgp AS64510 { 19 | local as 64501; 20 | neighbor 2001:db8:f:1::600 as 64510; 21 | import all; 22 | export all; 23 | } 24 | -------------------------------------------------------------------------------- /lab-epf-urpf/bird6.AS64502.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.2; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol bgp AS64500 { 13 | local as 64502; 14 | neighbor 2001:db8:f:2:: as 64500; 15 | import all; 16 | export all; 17 | } 18 | protocol bgp AS64510 { 19 | local as 64502; 20 | neighbor 2001:db8:f:2::600 as 64510; 21 | import all; 22 | export all; 23 | } 24 | -------------------------------------------------------------------------------- /lab-epf-urpf/bird6.AS64503.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.3; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol bgp AS64500 { 13 | local as 64503; 14 | neighbor 2001:db8:f:3:: as 64500; 15 | import all; 16 | export all; 17 | } 18 | protocol bgp AS64510 { 19 | local as 64503; 20 | neighbor 2001:db8:f:3::600 as 64510; 21 | import all; 22 | export all; 23 | } 24 | -------------------------------------------------------------------------------- /lab-epf-urpf/bird6.AS64504.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.4; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import all; 9 | export all; 10 | learn yes; 11 | } 12 | 13 | protocol bgp AS64510 { 14 | local as 64504; 15 | neighbor 2001:db8:f:4::600 as 64510; 16 | import all; 17 | export all; 18 | } 19 | -------------------------------------------------------------------------------- /lab-exabgp/README.md: -------------------------------------------------------------------------------- 1 | Presentation 2 | ------------ 3 | 4 | This lab shows how to use ExaBGP for high availability of a 5 | service. Moreover, it makes use of a pair of route servers. 6 | 7 | ![Lab schema](http://media.luffy.cx/images/exabgp/lab-with-rs.png) 8 | 9 | More details available here: 10 | - https://vincent.bernat.ch/en/blog/2013-exabgp-highavailability 11 | - http://www.dailymotion.com/video/x14auqz_2013-exabgp-highavailability_tech 12 | 13 | Before running the lab, set `EXABGP` environment variable to the path 14 | to ExaBGP binary, unless you have it installed system-wide. 15 | -------------------------------------------------------------------------------- /lab-exabgp/bird6.dr6.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird6.log" all; 2 | router id 1.1.1.6; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | protocol ospf INTERNAL { 12 | import all; 13 | export none; 14 | area 0.0.0.0 { 15 | networks { 16 | 2001:db8:1::/64; 17 | 2001:db8:6::/64; 18 | }; 19 | interface "eth0"; 20 | interface "eth1" { stub yes; }; 21 | }; 22 | } 23 | 24 | include "route-server-client.conf"; 25 | -------------------------------------------------------------------------------- /lab-exabgp/bird6.dr7.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird6.log" all; 2 | router id 1.1.1.7; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | protocol ospf INTERNAL { 12 | import all; 13 | export none; 14 | area 0.0.0.0 { 15 | networks { 16 | 2001:db8:1::/64; 17 | 2001:db8:7::/64; 18 | }; 19 | interface "eth0"; 20 | interface "eth1" { stub yes; }; 21 | }; 22 | } 23 | 24 | include "route-server-client.conf"; 25 | -------------------------------------------------------------------------------- /lab-exabgp/bird6.dr8.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird6.log" all; 2 | router id 1.1.1.8; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | protocol ospf INTERNAL { 12 | import all; 13 | export none; 14 | area 0.0.0.0 { 15 | networks { 16 | 2001:db8:1::/64; 17 | 2001:db8:8::/64; 18 | }; 19 | interface "eth0"; 20 | interface "eth1" { stub yes; }; 21 | }; 22 | } 23 | 24 | include "route-server-client.conf"; 25 | -------------------------------------------------------------------------------- /lab-exabgp/bird6.er2.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird6.log" all; 2 | router id 1.1.1.2; 3 | 4 | include "edge-router.conf"; 5 | include "route-server-client.conf"; 6 | 7 | # iBGP peer 8 | protocol bgp ER3 { 9 | import all; 10 | export all; 11 | next hop self; 12 | local as 64496; 13 | neighbor 2001:db8:1::3 as 64496; 14 | } 15 | -------------------------------------------------------------------------------- /lab-exabgp/bird6.er3.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird6.log" all; 2 | router id 1.1.1.3; 3 | 4 | include "edge-router.conf"; 5 | include "route-server-client.conf"; 6 | 7 | # iBGP peer 8 | protocol bgp ER2 { 9 | import all; 10 | export all; 11 | next hop self; 12 | local as 64496; 13 | neighbor 2001:db8:1::2 as 64496; 14 | } 15 | -------------------------------------------------------------------------------- /lab-exabgp/bird6.r1.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird6.log" all; 2 | router id 1.1.1.1; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | # Let's say that "Internet" is just a big /40. 13 | protocol static INTERNET { 14 | import all; 15 | export none; 16 | route 2001:db8:2000::/40 reject; 17 | } 18 | protocol bgp ER2 { 19 | import all; 20 | export where proto = "INTERNET"; 21 | local as 64511; 22 | neighbor 2001:db8:1000::2 as 64496; 23 | } 24 | protocol bgp ER3 { 25 | import all; 26 | export where proto = "INTERNET"; 27 | local as 64511; 28 | neighbor 2001:db8:1000::3 as 64496; 29 | } 30 | -------------------------------------------------------------------------------- /lab-exabgp/exabgp.w1.conf: -------------------------------------------------------------------------------- 1 | group rs { 2 | neighbor 2001:db8:1::4 { 3 | router-id 1.1.1.11; 4 | local-address 2001:db8:6::11; 5 | local-as 65001; 6 | peer-as 65002; 7 | } 8 | neighbor 2001:db8:8::5 { 9 | router-id 1.1.1.11; 10 | local-address 2001:db8:6::11; 11 | local-as 65001; 12 | peer-as 65002; 13 | } 14 | 15 | process watch-nginx { 16 | run /usr/bin/python /lab/healthcheck.py -s --config /lab/healthcheck-nginx.conf --start-ip 0; 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /lab-exabgp/exabgp.w2.conf: -------------------------------------------------------------------------------- 1 | group rs { 2 | neighbor 2001:db8:1::4 { 3 | router-id 1.1.1.12; 4 | local-address 2001:db8:7::12; 5 | local-as 65001; 6 | peer-as 65002; 7 | } 8 | neighbor 2001:db8:8::5 { 9 | router-id 1.1.1.12; 10 | local-address 2001:db8:7::12; 11 | local-as 65001; 12 | peer-as 65002; 13 | } 14 | 15 | process watch-nginx { 16 | run /usr/bin/python /lab/healthcheck.py -s --config /lab/healthcheck-nginx.conf --start-ip 1; 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /lab-exabgp/exabgp.w3.conf: -------------------------------------------------------------------------------- 1 | group rs { 2 | neighbor 2001:db8:1::4 { 3 | router-id 1.1.1.13; 4 | local-address 2001:db8:8::13; 5 | local-as 65001; 6 | peer-as 65002; 7 | } 8 | neighbor 2001:db8:8::5 { 9 | router-id 1.1.1.13; 10 | local-address 2001:db8:8::13; 11 | local-as 65001; 12 | peer-as 65002; 13 | } 14 | 15 | process watch-nginx { 16 | run /usr/bin/python /lab/healthcheck.py -s --config /lab/healthcheck-nginx.conf --start-ip 2; 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /lab-exabgp/healthcheck-nginx.conf: -------------------------------------------------------------------------------- 1 | # Configuration file for healthcheck.py 2 | # Check if nginx works correctly. 3 | 4 | name = nginx 5 | cmd = curl --fail --verbose --max-time 2 http://ip6-localhost 6 | disable = /lab/no-nginx 7 | 8 | interval = 5 9 | fast-interval = 1 10 | rise = 3 11 | fall = 3 12 | -------------------------------------------------------------------------------- /lab-exabgp/linux: -------------------------------------------------------------------------------- 1 | ../lab-vxlan/linux -------------------------------------------------------------------------------- /lab-exabgp/nginx.conf: -------------------------------------------------------------------------------- 1 | user www-data; 2 | worker_processes 4; 3 | pid /var/run/nginx.pid; 4 | events { 5 | worker_connections 768; 6 | } 7 | http { 8 | default_type application/octet-stream; 9 | server { 10 | listen [::]:80 default; 11 | root /usr/share/nginx/www; 12 | index index.html index.htm; 13 | autoindex on; 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /lab-exabgp/quagga/vtysh.conf: -------------------------------------------------------------------------------- 1 | username root nopassword 2 | username admin nopassword 3 | -------------------------------------------------------------------------------- /lab-exabgp/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/zebra.log 2 | ipv6 forwarding 3 | line vty 4 | -------------------------------------------------------------------------------- /lab-exabgp/route-server-client.conf: -------------------------------------------------------------------------------- 1 | # BGP with route servers 2 | protocol bgp RS4 { 3 | import all; 4 | export none; 5 | local as 65003; 6 | neighbor 2001:db8:1::4 as 65002; 7 | gateway recursive; 8 | } 9 | protocol bgp RS5 { 10 | import all; 11 | export none; 12 | local as 65003; 13 | neighbor 2001:db8:8::5 as 65002; 14 | multihop 4; 15 | gateway recursive; 16 | } 17 | -------------------------------------------------------------------------------- /lab-exabgp/rs5/quagga/bgpd.options: -------------------------------------------------------------------------------- 1 | --no_kernel 2 | -------------------------------------------------------------------------------- /lab-f5-puppet/PLATFORM: -------------------------------------------------------------------------------- 1 | platform=Z99 2 | family=0x80000000 3 | host=Z99 4 | systype=0xb 5 | -------------------------------------------------------------------------------- /lab-f5-puppet/nginx.conf: -------------------------------------------------------------------------------- 1 | user root; 2 | worker_processes 1; 3 | pid /var/run/nginx.pid; 4 | events { 5 | worker_connections 768; 6 | } 7 | http { 8 | default_type application/octet-stream; 9 | server { 10 | listen 80 default; 11 | root /usr/share/nginx/www; 12 | index index.html index.htm; 13 | autoindex on; 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /lab-f5-puppet/puppet/device.conf: -------------------------------------------------------------------------------- 1 | [f5.local] 2 | type f5 3 | url https://admin:admin@f5.local/Common 4 | -------------------------------------------------------------------------------- /lab-f5-puppet/puppet/puppet.conf: -------------------------------------------------------------------------------- 1 | [main] 2 | logdir = /var/log/puppet 3 | vardir = /var/lib/puppet 4 | rundir = /var/run/puppet 5 | ssldir = $vardir/ssl 6 | factpath = $vardir/lib/facter 7 | report = false 8 | pluginsync = false 9 | server = puppet 10 | 11 | [master] 12 | autosign = false 13 | ca = true 14 | certname = puppet 15 | -------------------------------------------------------------------------------- /lab-fedora-coreos/.gitignore: -------------------------------------------------------------------------------- 1 | /*.ign 2 | /*.img 3 | /node1.bu 4 | /node2.bu 5 | /node3.bu 6 | -------------------------------------------------------------------------------- /lab-fedora-coreos/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | NODES=3 7 | 8 | ssh-keygen -m pem -q -t rsa -b 2048 -N "" -f $TMP/id_rsa 9 | for n in $(seq 1 $NODES); do 10 | template nodeX.yaml node${n}.bu node=${n} ssh="'$(cat $TMP/id_rsa.pub)'" 11 | nix run nixpkgs.butane --command butane < node${n}.bu > node${n}.ign 12 | export \ 13 | QEMU_ARGS="-fw_cfg name=opt/com.coreos/config,file=$PWD/node${n}.ign" \ 14 | QEMU_IMG_SIZE=15G \ 15 | MEM=2G \ 16 | SSH_USER=core 17 | spawn img node${n} network oob,1 18 | done 19 | 20 | run 21 | -------------------------------------------------------------------------------- /lab-freebsd-bird/.gitignore: -------------------------------------------------------------------------------- 1 | /freebsd*.img 2 | -------------------------------------------------------------------------------- /lab-freebsd-bird/freebsd-debug/README.md: -------------------------------------------------------------------------------- 1 | # Debugging FreeBSD kernel 2 | 3 | Export gdb UNIX socket to `freebsd-debug`: 4 | 5 | ssh -R /tmp/gdb.pipe:/tmp/tmp.knvdSM8IGy/vm-freebsd-gdb.pipe -F /tmp/tmp*/ssh_config(om[1]) freebsd-debug.lab 6 | 7 | Then, as usual: 8 | 9 | $ gdb /usr/lib/debug/boot/kernel/kernel.debug 10 | Reading symbols from /usr/lib/debug/boot/kernel/kernel.debug... 11 | (gdb) target remote /tmp/gdb.pipe 12 | Remote debugging using /tmp/gdb.pipe 13 | -------------------------------------------------------------------------------- /lab-freebsd-bird/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | MEM=1G spawn img freebsd networks oob,1 7 | MEM=1G spawn img freebsd-debug network oob 8 | spawn vm linux network 1 9 | 10 | run 11 | 12 | # Linux 13 | ip addr add 192.0.2.10/31 dev eth0 14 | ip addr add 203.0.113.15/32 dev lo 15 | service bird 16 | 17 | service nginx 18 | -------------------------------------------------------------------------------- /lab-freebsd-ecmp/.gitignore: -------------------------------------------------------------------------------- 1 | /freebsd.img 2 | -------------------------------------------------------------------------------- /lab-freebsd-ecmp/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | MEM=512M spawn img freebsd networks oob,1,2,3 7 | spawn vm h1 network 1 8 | spawn vm h2 network 2,3 9 | 10 | run 11 | 12 | case $uts in 13 | h1) 14 | ip addr add 192.0.2.10/31 dev eth0 15 | ip route add default via 192.0.2.11 16 | ;; 17 | h2) 18 | ip addr add 192.0.2.12/31 dev eth0 19 | ip addr add 192.0.2.14/31 dev eth1 20 | ip route add default nexthop via 192.0.2.13 nexthop via 192.0.2.15 21 | ip addr add 203.0.113.15/32 dev lo 22 | ;; 23 | esac 24 | 25 | service nginx 26 | -------------------------------------------------------------------------------- /lab-frr-evpn-vrf/.gitignore: -------------------------------------------------------------------------------- 1 | /frr-bgpd.R1.conf 2 | /frr-bgpd.R2.conf 3 | -------------------------------------------------------------------------------- /lab-frr-evpn-vrf/frr-zebra.R1.conf: -------------------------------------------------------------------------------- 1 | frr-zebra.Rx.conf -------------------------------------------------------------------------------- /lab-frr-evpn-vrf/frr-zebra.R2.conf: -------------------------------------------------------------------------------- 1 | frr-zebra.Rx.conf -------------------------------------------------------------------------------- /lab-frr-evpn-vrf/frr-zebra.Rx.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/frr/zebra.log 2 | ! 3 | vrf vrf1 4 | vni 100 5 | exit-vrf 6 | vrf vrf2 7 | vni 200 8 | exit-vrf 9 | ! 10 | line vty 11 | ! 12 | -------------------------------------------------------------------------------- /lab-frr-snmp-bgp/.gitignore: -------------------------------------------------------------------------------- 1 | /frr-bgpd.R1.conf 2 | /frr-bgpd.R2.conf 3 | -------------------------------------------------------------------------------- /lab-frr-snmp-bgp/frr-zebra.R1.conf: -------------------------------------------------------------------------------- 1 | frr-zebra.Rx.conf -------------------------------------------------------------------------------- /lab-frr-snmp-bgp/frr-zebra.R2.conf: -------------------------------------------------------------------------------- 1 | frr-zebra.Rx.conf -------------------------------------------------------------------------------- /lab-frr-snmp-bgp/frr-zebra.Rx.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/frr/zebra.log 2 | ! 3 | line vty 4 | ! 5 | -------------------------------------------------------------------------------- /lab-frr-snmp-bgp/snmpd.conf: -------------------------------------------------------------------------------- 1 | rocommunity public default 2 | master agentx 3 | -------------------------------------------------------------------------------- /lab-gnmi/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | grpc_port=$(tcp_port) 7 | hostfwd=tcp:127.0.0.1:${grpc_port}-:57777 spawn cisco-iosxrv XRv network 1,2,3,4 8 | log_info_msg "gRPC on port ${grpc_port}" 9 | 10 | grpc_port=$(tcp_port) 11 | hostfwd=tcp:127.0.0.1:${grpc_port}-:57777 spawn juniper-vmx vMX network 1,2,3 12 | log_info_msg "gRPC on port ${grpc_port}" 13 | 14 | run 15 | -------------------------------------------------------------------------------- /lab-hp-vsr1000/bird.R1.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.1; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol ospf INTERNAL { 13 | import all; 14 | export none; 15 | area 0.0.0.0 { 16 | networks { 17 | 192.0.2.0/24; 18 | 198.51.100.101/32; 19 | }; 20 | interface "eth0" { 21 | bfd yes; 22 | }; 23 | interface "dummy0" { stub yes; }; 24 | }; 25 | } 26 | 27 | protocol bfd BFD { 28 | interface "eth0" { 29 | interval 200ms; 30 | multiplier 5; 31 | }; 32 | } 33 | -------------------------------------------------------------------------------- /lab-hp-vsr1000/bird.R2.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 2.2.2.2; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol ospf INTERNAL { 13 | import all; 14 | export none; 15 | area 0.0.0.0 { 16 | networks { 17 | 192.0.2.0/24; 18 | 198.51.100.102/32; 19 | }; 20 | interface "eth0" { 21 | bfd yes; 22 | }; 23 | interface "dummy0" { stub yes; }; 24 | }; 25 | } 26 | 27 | protocol bfd BFD { 28 | interface "eth0" { 29 | interval 200ms; 30 | multiplier 5; 31 | }; 32 | } 33 | -------------------------------------------------------------------------------- /lab-hp-vsr1000/hp-VSR1000.conf: -------------------------------------------------------------------------------- 1 | interface LoopBack0 2 | ip address 198.51.100.103 255.255.255.255 3 | ospf 1 area 0.0.0.0 4 | # 5 | interface GigabitEthernet2/0 6 | port link-mode route 7 | ip address 192.0.2.3 255.255.255.0 8 | ospf bfd enable 9 | ospf 1 area 0.0.0.0 10 | # 11 | ospf 1 12 | silent-interface LoopBack0 13 | area 0.0.0.0 14 | # 15 | -------------------------------------------------------------------------------- /lab-hp-vsr1000/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | # Which VM to spawn 7 | spawn vm R1 network 1 8 | spawn vm R2 network 1 9 | spawn hp-vsr1000 VSR1000 network 1 10 | 11 | run 12 | 13 | case $uts in 14 | R1) 15 | ip addr add 192.0.2.1/24 dev eth0 16 | ip addr add 198.51.100.101/32 dev dummy0 17 | service bird 18 | ;; 19 | R2) 20 | ip addr add 192.0.2.2/24 dev eth0 21 | ip addr add 198.51.100.102/32 dev dummy0 22 | service bird 23 | ;; 24 | esac 25 | -------------------------------------------------------------------------------- /lab-iou/bird.R1.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.1; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol ospf INTERNAL { 13 | import all; 14 | export none; 15 | area 0.0.0.0 { 16 | networks { 17 | 192.0.2.0/24; 18 | 198.51.100.101/32; 19 | }; 20 | interface "eth0" { 21 | bfd yes; 22 | }; 23 | interface "dummy0" { stub yes; }; 24 | }; 25 | } 26 | 27 | protocol bfd BFD { 28 | interface "eth0" { 29 | interval 200ms; 30 | multiplier 5; 31 | }; 32 | } 33 | -------------------------------------------------------------------------------- /lab-iou/bird.R2.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 2.2.2.2; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol ospf INTERNAL { 13 | import all; 14 | export none; 15 | area 0.0.0.0 { 16 | networks { 17 | 192.0.2.0/24; 18 | 198.51.100.102/32; 19 | }; 20 | interface "eth0" { 21 | bfd yes; 22 | }; 23 | interface "dummy0" { stub yes; }; 24 | }; 25 | } 26 | 27 | protocol bfd BFD { 28 | interface "eth0" { 29 | interval 200ms; 30 | multiplier 5; 31 | }; 32 | } 33 | -------------------------------------------------------------------------------- /lab-iou/bird6.R1.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird6.log" all; 2 | router id 1.1.1.1; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol ospf INTERNAL { 13 | import all; 14 | export none; 15 | area 0.0.0.0 { 16 | networks { 17 | 2001:db8::100:101/128; 18 | }; 19 | interface "eth0" { 20 | bfd yes; 21 | }; 22 | interface "dummy0" { stub yes; }; 23 | }; 24 | } 25 | 26 | protocol bfd BFD { 27 | interface "eth0" { 28 | interval 200ms; 29 | multiplier 5; 30 | }; 31 | } 32 | -------------------------------------------------------------------------------- /lab-iou/bird6.R2.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird6.log" all; 2 | router id 2.2.2.2; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol ospf INTERNAL { 13 | import all; 14 | export none; 15 | area 0.0.0.0 { 16 | networks { 17 | 2001:db8::100:102/128; 18 | }; 19 | interface "eth0" { 20 | bfd yes; 21 | }; 22 | interface "dummy0" { stub yes; }; 23 | }; 24 | } 25 | 26 | protocol bfd BFD { 27 | interface "eth0" { 28 | interval 200ms; 29 | multiplier 5; 30 | }; 31 | } 32 | -------------------------------------------------------------------------------- /lab-ipvs/.gitignore: -------------------------------------------------------------------------------- 1 | /ip_vs_*.ko 2 | -------------------------------------------------------------------------------- /lab-juniper-crpd/README.md: -------------------------------------------------------------------------------- 1 | # Test with crpd from Juniper 2 | 3 | Juniper provides a tarball to import into Docker: 4 | 5 | docker image load -i junos-routing-crpd-docker-19.2R1.8.tgz 6 | 7 | To get a `crpd.img`: 8 | 9 | container=$(docker create crpd:19.2R1.8) 10 | virt-make-fs --partition --format=qcow2 =(docker container export $container) crpd.img 11 | docker container rm $container 12 | -------------------------------------------------------------------------------- /lab-juniper-firefly/bird.R1.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.1; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol ospf INTERNAL { 13 | import all; 14 | export none; 15 | area 0.0.0.0 { 16 | networks { 17 | 192.0.2.0/24; 18 | 198.51.100.101/32; 19 | }; 20 | interface "eth0" { 21 | bfd yes; 22 | }; 23 | interface "dummy0" { stub yes; }; 24 | }; 25 | } 26 | 27 | protocol bfd BFD { 28 | interface "eth0" { 29 | interval 200ms; 30 | multiplier 5; 31 | }; 32 | } 33 | -------------------------------------------------------------------------------- /lab-juniper-firefly/bird.R2.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 2.2.2.2; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol ospf INTERNAL { 13 | import all; 14 | export none; 15 | area 0.0.0.0 { 16 | networks { 17 | 192.0.2.0/24; 18 | 198.51.100.102/32; 19 | }; 20 | interface "eth0" { 21 | bfd yes; 22 | }; 23 | interface "dummy0" { stub yes; }; 24 | }; 25 | } 26 | 27 | protocol bfd BFD { 28 | interface "eth0" { 29 | interval 200ms; 30 | multiplier 5; 31 | }; 32 | } 33 | -------------------------------------------------------------------------------- /lab-juniper-firefly/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | LABNAME="firefly" 4 | 5 | cd "$(dirname "$(readlink -f "$0")")" 6 | . ../common/lab-setup 7 | 8 | # Which VM to spawn 9 | spawn vm R1 network 1 10 | spawn vm R2 network 1 11 | spawn juniper-firefly SRX1 network 1 12 | spawn juniper-firefly SRX2 network 1 13 | 14 | run 15 | 16 | case $uts in 17 | R1) 18 | ip addr add 192.0.2.1/24 dev eth0 19 | ip addr add 198.51.100.101/32 dev dummy0 20 | service bird 21 | ;; 22 | R2) 23 | ip addr add 192.0.2.2/24 dev eth0 24 | ip addr add 198.51.100.102/32 dev dummy0 25 | service bird 26 | ;; 27 | esac 28 | -------------------------------------------------------------------------------- /lab-juniper-mpls/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | LABNAME="vmx" 4 | 5 | cd "$(dirname "$(readlink -f "$0")")" 6 | . ../common/lab-setup 7 | 8 | # This is a bit simplified as we don't have CE1/CE2 9 | #spawn vm CE1 network 1,2 10 | #spawn vm CE2 network 5,6 11 | 12 | spawn vm H1 network 2 13 | spawn juniper-vmx vMX network 2,3,3,4,4,5 14 | spawn vm H2 network 5 15 | 16 | run 17 | 18 | case $uts in 19 | H1) 20 | ip addr add 192.0.2.10/24 dev eth0 21 | ip route add default via 192.0.2.1 22 | ;; 23 | H2) 24 | ip addr add 203.0.113.10/24 dev eth0 25 | ip route add default via 203.0.113.1 26 | ;; 27 | esac 28 | -------------------------------------------------------------------------------- /lab-juniper-proxy-arp/bird.B.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.2; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | learn yes; 9 | import filter { 10 | if ifname = "lo" then accept; 11 | reject; 12 | }; 13 | export none; 14 | } 15 | 16 | protocol bgp SRX { 17 | import none; 18 | export all; 19 | local as 65000; 20 | bfd yes; 21 | direct; 22 | neighbor 198.51.100.1 as 65000; 23 | } 24 | protocol bfd BFD { 25 | interface "eth1" { 26 | interval 200ms; 27 | multiplier 5; 28 | }; 29 | } 30 | -------------------------------------------------------------------------------- /lab-juniper-proxy-arp/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | LABNAME="firefly" 4 | 5 | cd "$(dirname "$(readlink -f "$0")")" 6 | . ../common/lab-setup 7 | 8 | # Which VM to spawn 9 | spawn vm A network 1 10 | spawn vm B network 1,2 11 | spawn juniper-firefly SRX network 1,2 12 | 13 | run 14 | 15 | case $uts in 16 | A) 17 | # Simple host 18 | ip addr add 192.0.2.3/24 dev eth0 19 | ;; 20 | B) 21 | # This host IP is 192.0.2.2. 22 | ip addr add 192.0.2.2/24 dev eth0 23 | ip addr add 192.0.2.2/32 dev lo 24 | ip addr add 198.51.100.0/31 dev eth1 25 | ip route add default via 198.51.100.1 26 | service bird 27 | ;; 28 | esac 29 | -------------------------------------------------------------------------------- /lab-juniper-rr/bird6.R1.conf: -------------------------------------------------------------------------------- 1 | include "bird6.conf"; 2 | 3 | router id 1.0.0.1; -------------------------------------------------------------------------------- /lab-juniper-rr/bird6.R2.conf: -------------------------------------------------------------------------------- 1 | include "bird6.conf"; 2 | 3 | router id 1.0.0.2; -------------------------------------------------------------------------------- /lab-juniper-rr/bird6.R3.conf: -------------------------------------------------------------------------------- 1 | include "bird6.conf"; 2 | 3 | router id 1.0.0.3; -------------------------------------------------------------------------------- /lab-juniper-rr/bird6.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | 3 | protocol device { 4 | scan time 10; 5 | } 6 | 7 | protocol direct { 8 | interface "dummy0"; 9 | } 10 | 11 | protocol kernel { 12 | persist; 13 | learn; 14 | import all; 15 | export all; 16 | merge paths yes; 17 | scan time 10; 18 | device routes yes; 19 | } 20 | 21 | template bgp rr_client { 22 | local as 65000; 23 | import all; 24 | export all; 25 | next hop self; 26 | direct; 27 | hold time 90; 28 | error wait time 4,30; 29 | error forget time 30; 30 | add paths rx; 31 | } 32 | 33 | protocol bgp RR from rr_client { 34 | neighbor 2001:db8:1::ffff as 65000; 35 | } 36 | -------------------------------------------------------------------------------- /lab-juniper-rr/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | LABNAME="juniper-rr" 4 | 5 | cd "$(dirname "$(readlink -f "$0")")" 6 | . ../common/lab-setup 7 | 8 | spawn juniper-vrr RR networks 1 9 | spawn juniper-vrr edge networks 1 10 | spawn vm R1 network 1,oob 11 | spawn vm R2 network 1,oob 12 | spawn vm R3 network 1,oob 13 | 14 | run 15 | 16 | modprobe dummy 17 | sysctl -qw net.ipv6.conf.all.forwarding=1 18 | ip addr add 2001:db8:1::${uts#R}/64 dev eth0 19 | ip addr add 2001:db8:2::${uts#R}/48 dev dummy0 # each router can route this shared subnet 20 | ip addr add 2001:db8:3${uts#R}::1/48 dev dummy0 # each router can route this own subnet 21 | service bird 22 | -------------------------------------------------------------------------------- /lab-juniper-salt/.gitignore: -------------------------------------------------------------------------------- 1 | /venv/ 2 | -------------------------------------------------------------------------------- /lab-juniper-salt/junos-juniper1.conf: -------------------------------------------------------------------------------- 1 | interfaces { 2 | em1 { 3 | unit 0 { 4 | family inet6 { 5 | address 2001:db8:2::11/64; 6 | } 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /lab-juniper-salt/junos-juniper2.conf: -------------------------------------------------------------------------------- 1 | interfaces { 2 | em1 { 3 | unit 0 { 4 | family inet6 { 5 | address 2001:db8:2::12/64; 6 | } 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /lab-juniper-salt/junos-juniper3.conf: -------------------------------------------------------------------------------- 1 | interfaces { 2 | em1 { 3 | unit 0 { 4 | family inet6 { 5 | address 2001:db8:2::13/64; 6 | } 7 | } 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /lab-juniper-salt/salt/master: -------------------------------------------------------------------------------- 1 | interface: '::' 2 | ipv6: True 3 | 4 | pillar_roots: 5 | base: 6 | - /etc/salt/pillar 7 | file_roots: 8 | base: 9 | - /etc/salt 10 | - /etc/salt/states 11 | -------------------------------------------------------------------------------- /lab-juniper-salt/salt/pillar/juniper.sls: -------------------------------------------------------------------------------- 1 | proxy: 2 | proxytype: napalm 3 | driver: junos 4 | host: {{ grains.id }} 5 | username: juniper 6 | password: '' 7 | optional_args: 8 | key_file: /tmp/lab/id_rsa 9 | -------------------------------------------------------------------------------- /lab-juniper-salt/salt/pillar/top.sls: -------------------------------------------------------------------------------- 1 | base: 2 | juniper*: 3 | - juniper 4 | -------------------------------------------------------------------------------- /lab-juniper-salt/salt/proxy: -------------------------------------------------------------------------------- 1 | master: salt-master 2 | multiprocessing: False 3 | -------------------------------------------------------------------------------- /lab-juniper-srv6/README.md: -------------------------------------------------------------------------------- 1 | # IS-IS and SRv6 on Juniper 2 | 3 | This is the implementation described in [Juniper documentation][1] 4 | with some small modifications and the errors removed. 5 | 6 | [1]: https://www.juniper.net/documentation/us/en/software/junos/is-is/topics/example/isis-configuring-srv6-network-programming.html 7 | -------------------------------------------------------------------------------- /lab-juniper-srv6/junos-common.conf: -------------------------------------------------------------------------------- 1 | # -*- junos -*- 2 | groups { 3 | common { 4 | policy-options policy-statement pplb then load-balance per-packet; 5 | routing-options { 6 | forwarding-table export pplb; 7 | autonomous-system 65550; 8 | } 9 | protocols isis { 10 | level 1 disable; 11 | interface lo0.0 passive; 12 | interface { 13 | node-link-protection; 14 | point-to-point; 15 | } 16 | } 17 | } 18 | } 19 | apply-groups common; 20 | -------------------------------------------------------------------------------- /lab-juniper-vjunosevolved/.gitignore: -------------------------------------------------------------------------------- 1 | /bird.R1.conf 2 | /bird.R2.conf 3 | -------------------------------------------------------------------------------- /lab-juniper-vjunosevolved/README.md: -------------------------------------------------------------------------------- 1 | # Lab with Juniper vJunos Evolved 2 | 3 | Same as the lab for vMX, except we use vJunos Evolved. This is currently not totally functional: 4 | 5 | - the configuration cannot be found on the second disk 6 | - licenses are required for everything (OSPF, BGP) 7 | -------------------------------------------------------------------------------- /lab-juniper-vjunosevolved/bird.Rx.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.{{ index }}; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | ipv4 { 9 | import all; 10 | export all; 11 | }; 12 | } 13 | 14 | protocol ospf v2 INTERNAL { 15 | ipv4; 16 | area 0.0.0.0 { 17 | networks { 18 | 192.0.2.0/24; 19 | 198.51.100.{{ 100 + index }}/32; 20 | }; 21 | interface "eth0" { 22 | bfd yes; 23 | }; 24 | interface "dummy0" { 25 | stub yes; 26 | }; 27 | }; 28 | } 29 | 30 | protocol bfd BFD { 31 | interface "eth0" { 32 | interval 200ms; 33 | multiplier 5; 34 | }; 35 | } 36 | -------------------------------------------------------------------------------- /lab-juniper-vjunosevolved/nginx.conf: -------------------------------------------------------------------------------- 1 | user www-data; 2 | worker_processes 4; 3 | pid /var/run/nginx.pid; 4 | events { 5 | worker_connections 768; 6 | } 7 | http { 8 | default_type application/octet-stream; 9 | server { 10 | listen 80 default; 11 | root /mnt/lab; 12 | autoindex on; 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /lab-juniper-vjunosevolved/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | # Which VM to spawn 7 | spawn vm R1 network 1 8 | spawn vm R2 network 1 9 | spawn juniper-vjunos vJunos network 1 10 | 11 | run 12 | 13 | # Executed on each VM 14 | case $uts in 15 | R*) 16 | ip addr add 192.0.2.${uts#R}/24 dev eth0 17 | ip addr add 198.51.100.10${uts#R}/32 dev dummy0 18 | template bird.Rx.conf bird.$uts.conf index=${uts#R} 19 | service bird 20 | ;; 21 | esac 22 | -------------------------------------------------------------------------------- /lab-juniper-vmx-allinone/README.md: -------------------------------------------------------------------------------- 1 | # vMX lab using only one vMX 2 | 3 | For some reason, the `lt-0/0/0` interface doesn't come up. 4 | -------------------------------------------------------------------------------- /lab-juniper-vmx-allinone/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | spawn juniper-vmx MX 7 | 8 | run 9 | -------------------------------------------------------------------------------- /lab-juniper-vmx-bmp/juniper-bmp-missing-peerup.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vincentbernat/network-lab/446469e98af0bf02447914d8b9ecd0dbecfa24ef/lab-juniper-vmx-bmp/juniper-bmp-missing-peerup.pcap -------------------------------------------------------------------------------- /lab-juniper-vmx-bmp/juniper-bmp-ok.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vincentbernat/network-lab/446469e98af0bf02447914d8b9ecd0dbecfa24ef/lab-juniper-vmx-bmp/juniper-bmp-ok.pcap -------------------------------------------------------------------------------- /lab-juniper-vmx-bmp/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | # Which VM to spawn 7 | spawn vm collector network 1 8 | spawn juniper-vmx vMX network 1,2 9 | 10 | run 11 | 12 | # On collector 13 | ip addr add 203.0.113.1/31 dev eth0 14 | tcpdump -pni eth0 -w - -U port 10179 > bmp.pcap & 15 | nc -l -p 10179 > /dev/null < /dev/null & 16 | 17 | # Local Variables: 18 | # mode: sh 19 | # indent-tabs-mode: nil 20 | # sh-basic-offset: 4 21 | # End: 22 | -------------------------------------------------------------------------------- /lab-juniper-vmx-fullview/.gitignore: -------------------------------------------------------------------------------- 1 | /latest-bview.gz 2 | /gobgp 3 | /gobgpd 4 | /exabgp.U1.conf 5 | /exabgp.U2.conf 6 | -------------------------------------------------------------------------------- /lab-juniper-vmx-fullview/exabgp.conf: -------------------------------------------------------------------------------- 1 | process service-mrtdump { 2 | run ./mrtroutes /mnt/lab/latest-bview.gz {{ localip }} {{ firstas }} {{ max }}; 3 | encoder text; 4 | } 5 | 6 | neighbor {{ peerip }} { 7 | router-id {{ localip }}; 8 | local-address {{ localip }}; 9 | local-as {{ localas }}; 10 | peer-as {{ peeras }}; 11 | hold-time 30; 12 | adj-rib-out false; 13 | family { 14 | ipv4 unicast; 15 | } 16 | api services-v4 { 17 | processes [ service-mrtdump ]; 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /lab-juniper-vmx-fullview/mrtroutes: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | bview=$1 4 | localip=$2 5 | firstas=$3 6 | max=$4 7 | 8 | mrt2exabgp -A ${bview} \ 9 | | grep -F "as-path [${firstas} " \ 10 | | sed -e "s/next-hop [^ ]*/next-hop ${localip}/" \ 11 | | head -${max} 12 | 13 | sleep infinity 14 | -------------------------------------------------------------------------------- /lab-juniper-vmx-unnumbered-bfd/README.md: -------------------------------------------------------------------------------- 1 | Lab with Juniper vMX 2 | ==================== 3 | 4 | This lab is just here to test the use of BFD over static routes over 5 | unnumbered interfaces. A corner case that seems to not be supported by 6 | Juniper. 7 | -------------------------------------------------------------------------------- /lab-juniper-vmx-unnumbered-bfd/nginx.conf: -------------------------------------------------------------------------------- 1 | user www-data; 2 | worker_processes 4; 3 | pid /var/run/nginx.pid; 4 | events { 5 | worker_connections 768; 6 | } 7 | http { 8 | default_type application/octet-stream; 9 | server { 10 | listen 80 default; 11 | root /mnt/lab; 12 | autoindex on; 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /lab-juniper-vmx/bird.R1.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.1; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol ospf INTERNAL { 13 | import all; 14 | export none; 15 | area 0.0.0.0 { 16 | networks { 17 | 192.0.2.0/24; 18 | 198.51.100.101/32; 19 | }; 20 | interface "eth0" { 21 | bfd yes; 22 | }; 23 | interface "dummy0" { stub yes; }; 24 | }; 25 | } 26 | 27 | protocol bfd BFD { 28 | interface "eth0" { 29 | interval 200ms; 30 | multiplier 5; 31 | }; 32 | } 33 | -------------------------------------------------------------------------------- /lab-juniper-vmx/bird.R2.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 2.2.2.2; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol ospf INTERNAL { 13 | import all; 14 | export none; 15 | area 0.0.0.0 { 16 | networks { 17 | 192.0.2.0/24; 18 | 198.51.100.102/32; 19 | }; 20 | interface "eth0" { 21 | bfd yes; 22 | }; 23 | interface "dummy0" { stub yes; }; 24 | }; 25 | } 26 | 27 | protocol bfd BFD { 28 | interface "eth0" { 29 | interval 200ms; 30 | multiplier 5; 31 | }; 32 | } 33 | -------------------------------------------------------------------------------- /lab-juniper-vmx/nginx.conf: -------------------------------------------------------------------------------- 1 | user www-data; 2 | worker_processes 4; 3 | pid /var/run/nginx.pid; 4 | events { 5 | worker_connections 768; 6 | } 7 | http { 8 | default_type application/octet-stream; 9 | server { 10 | listen 80 default; 11 | root /mnt/lab; 12 | autoindex on; 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /lab-juniper-vqfx-multihoming-ip/README.md: -------------------------------------------------------------------------------- 1 | # vQFX lab with EVPN multihoming and per-device IP addresses 2 | 3 | When IP addresses are not available on both members, they may be 4 | unreachable from the host device. 5 | 6 | Try with: 7 | 8 | ```console 9 | $ fping 172.27.{7,8,9,10,11,12,13,14,15}.1 2> /dev/null 10 | 172.27.7.1 is alive 11 | 172.27.9.1 is alive 12 | 172.27.11.1 is alive 13 | 172.27.13.1 is alive 14 | 172.27.15.1 is alive 15 | 172.27.8.1 is unreachable 16 | 172.27.10.1 is unreachable 17 | 172.27.12.1 is unreachable 18 | 172.27.14.1 is unreachable 19 | ``` 20 | 21 | For some reasons, BGP sessions are able to be established while fping 22 | cannot work. 23 | -------------------------------------------------------------------------------- /lab-juniper-vqfx-vxlan/gobgp.RR.conf: -------------------------------------------------------------------------------- 1 | global: 2 | config: 3 | as: 65000 4 | router-id: 192.0.2.100 5 | local-address-list: 6 | - 192.0.2.100 7 | peer-groups: 8 | - config: 9 | peer-group-name: rr-client 10 | peer-as: 65000 11 | afi-safis: 12 | - config: 13 | afi-safi-name: l2vpn-evpn 14 | route-reflector: 15 | config: 16 | route-reflector-client: true 17 | route-reflector-cluster-id: 192.0.2.100 18 | dynamic-neighbors: 19 | - config: 20 | peer-group: rr-client 21 | prefix: 192.0.2.0/24 22 | -------------------------------------------------------------------------------- /lab-juniper-vqfx-vxlan/quagga-bgpd.S1.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/frr/bgpd.log 2 | debug bgp updates 3 | ! 4 | router bgp 65000 5 | neighbor 192.0.2.100 remote-as internal 6 | neighbor 192.0.2.100 update-source lo 7 | ! 8 | address-family l2vpn evpn 9 | neighbor 192.0.2.100 activate 10 | advertise-all-vni 11 | advertise-autort-rfc8365 12 | exit-address-family 13 | ! 14 | line vty 15 | ! 16 | -------------------------------------------------------------------------------- /lab-juniper-vqfx-vxlan/quagga-ospfd.RR.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/frr/ospfd.log 2 | ! 3 | router ospf 4 | passive-interface default 5 | no passive-interface eth0 6 | ! 7 | interface eth0 8 | ip ospf area 0.0.0.0 9 | ! 10 | interface lo 11 | ip ospf area 0.0.0.0 12 | ! 13 | -------------------------------------------------------------------------------- /lab-juniper-vqfx-vxlan/quagga-ospfd.S1.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/frr/ospfd.log 2 | ! 3 | router ospf 4 | passive-interface default 5 | no passive-interface eth2 6 | ! 7 | interface eth2 8 | ip ospf area 0.0.0.0 9 | ! 10 | interface lo 11 | ip ospf area 0.0.0.0 12 | ! 13 | -------------------------------------------------------------------------------- /lab-juniper-vqfx-vxlan/quagga-zebra.RR.conf: -------------------------------------------------------------------------------- 1 | quagga-zebra.S1.conf -------------------------------------------------------------------------------- /lab-juniper-vqfx-vxlan/quagga-zebra.S1.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/frr/zebra.log 2 | debug zebra vxlan 3 | ! 4 | line vty 5 | ! 6 | -------------------------------------------------------------------------------- /lab-juniper-vqfx/bird6.R1.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.1; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol ospf INTERNAL { 13 | import all; 14 | export none; 15 | area 0.0.0.0 { 16 | networks { 17 | 2001:db8::/64; 18 | 2001:db8:c0ff::42/128; 19 | }; 20 | interface "eth0" { 21 | bfd yes; 22 | }; 23 | interface "dummy0" { stub yes; }; 24 | }; 25 | } 26 | 27 | protocol bfd BFD { 28 | interface "eth0" { 29 | interval 200ms; 30 | multiplier 5; 31 | }; 32 | } 33 | -------------------------------------------------------------------------------- /lab-juniper-vqfx/bird6.R2.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 2.2.2.2; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol ospf INTERNAL { 13 | import all; 14 | export none; 15 | area 0.0.0.0 { 16 | networks { 17 | 2001:db8::/64; 18 | 2001:db8:dead::200/128; 19 | }; 20 | interface "eth0" { 21 | bfd yes; 22 | }; 23 | interface "dummy0" { stub yes; }; 24 | }; 25 | } 26 | 27 | protocol bfd BFD { 28 | interface "eth0" { 29 | interval 200ms; 30 | multiplier 5; 31 | }; 32 | } 33 | -------------------------------------------------------------------------------- /lab-juniper-vsrx/bird.R1.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.1; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol ospf INTERNAL { 13 | import all; 14 | export none; 15 | area 0.0.0.0 { 16 | networks { 17 | 192.0.2.0/24; 18 | 198.51.100.101/32; 19 | }; 20 | interface "eth0" { 21 | bfd yes; 22 | }; 23 | interface "dummy0" { stub yes; }; 24 | }; 25 | } 26 | 27 | protocol bfd BFD { 28 | interface "eth0" { 29 | interval 200ms; 30 | multiplier 5; 31 | }; 32 | } 33 | -------------------------------------------------------------------------------- /lab-juniper-vsrx/bird.R2.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 2.2.2.2; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import none; 9 | export all; 10 | } 11 | 12 | protocol ospf INTERNAL { 13 | import all; 14 | export none; 15 | area 0.0.0.0 { 16 | networks { 17 | 192.0.2.0/24; 18 | 198.51.100.102/32; 19 | }; 20 | interface "eth0" { 21 | bfd yes; 22 | }; 23 | interface "dummy0" { stub yes; }; 24 | }; 25 | } 26 | 27 | protocol bfd BFD { 28 | interface "eth0" { 29 | interval 200ms; 30 | multiplier 5; 31 | }; 32 | } 33 | -------------------------------------------------------------------------------- /lab-juniper-vsrx/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | LABNAME="vsrx" 4 | 5 | cd "$(dirname "$(readlink -f "$0")")" 6 | . ../common/lab-setup 7 | 8 | # Which VM to spawn 9 | spawn vm R1 network 1 10 | spawn vm R2 network 1 11 | spawn juniper-vsrx SRX1 network 1 12 | spawn juniper-vsrx SRX2 network 1 13 | 14 | run 15 | 16 | case $uts in 17 | R1) 18 | ip addr add 192.0.2.1/24 dev eth0 19 | ip addr add 198.51.100.101/32 dev dummy0 20 | service bird 21 | ;; 22 | R2) 23 | ip addr add 192.0.2.2/24 dev eth0 24 | ip addr add 198.51.100.102/32 dev dummy0 25 | service bird 26 | ;; 27 | esac 28 | -------------------------------------------------------------------------------- /lab-keepalived-snmp/README: -------------------------------------------------------------------------------- 1 | This lab is explained here: 2 | https://vincent.bernat.ch/en/blog/2011-keepalived-snmp-ipv6 3 | -------------------------------------------------------------------------------- /lab-keepalived-snmp/nginx.conf: -------------------------------------------------------------------------------- 1 | user www-data; 2 | worker_processes 4; 3 | pid /var/run/nginx.pid; 4 | events { 5 | worker_connections 768; 6 | } 7 | http { 8 | default_type application/octet-stream; 9 | server { 10 | listen [::]:80 default; 11 | root /usr/share/nginx/www; 12 | index index.html index.htm; 13 | autoindex on; 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /lab-keepalived-snmp/snmpd.conf: -------------------------------------------------------------------------------- 1 | rocommunity public default 2 | rwcommunity private default 3 | master agentx 4 | 5 | sysLocation Virtual host 6 | sysContact Me 7 | sysServices 72 8 | -------------------------------------------------------------------------------- /lab-keepalived-unicast/.gitignore: -------------------------------------------------------------------------------- 1 | /keepalived.K1.conf 2 | /keepalived.K2.conf 3 | /keepalived.K3.conf 4 | -------------------------------------------------------------------------------- /lab-keepalived-unicast/README.md: -------------------------------------------------------------------------------- 1 | # Keepalived and unicast 2 | 3 | See the following blog post: https://vincent.bernat.ch/en/blog/2020-keepalived-unicast-vxlan 4 | -------------------------------------------------------------------------------- /lab-keepalived-unicast/snmpd.conf: -------------------------------------------------------------------------------- 1 | rocommunity public 2 | master agentx 3 | -------------------------------------------------------------------------------- /lab-keepalived/.gitignore: -------------------------------------------------------------------------------- 1 | /keepalived.R1.conf 2 | /keepalived.R2.conf 3 | -------------------------------------------------------------------------------- /lab-keepalived/keepalived.Rx.conf: -------------------------------------------------------------------------------- 1 | vrrp_instance Rx { 2 | state BACKUP 3 | interface eth0 4 | virtual_router_id 11 5 | priority {{ priority }} 6 | advert_int 1 7 | virtual_ipaddress { 8 | 203.0.113.1/32 dev lo 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /lab-keepalived/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | # Which VM to spawn 7 | spawn vm R1 network 1 8 | spawn vm R2 network 1 9 | 10 | run 11 | 12 | # Executed on each VM 13 | case $uts in 14 | R1) ip addr add 10.234.78.65/27 dev eth0 ;; 15 | R2) ip addr add 10.234.78.66/27 dev eth0 ;; 16 | esac 17 | template keepalived.Rx.conf keepalived.$uts.conf priority=$((100 + ${uts#R})) 18 | service keepalived -P -f $PWD/keepalived.$uts.conf 19 | service nginx 20 | -------------------------------------------------------------------------------- /lab-l3-hyperv/RR7/etc/network/interfaces: -------------------------------------------------------------------------------- 1 | auto lo 2 | iface lo inet loopback 3 | address 10.0.0.11/32 4 | 5 | auto eth0 6 | iface eth0 inet dhcp 7 | 8 | auto public 9 | iface public 10 | vrf-table auto 11 | 12 | auto private 13 | iface private 14 | vrf-table auto 15 | 16 | auto swp1.90 17 | iface swp1.90 18 | vrf public 19 | address 198.51.100.226/25 20 | address 2001:db8:c633:6401::26/120 21 | up sysctl -qw net/ipv4/conf/$IFACE/forwarding=0 22 | up sysctl -qw net/ipv6/conf/$IFACE/forwarding=0 23 | 24 | auto swp1.20 25 | iface swp1.20 26 | vrf private 27 | address 172.22.15.226/25 28 | up sysctl -qw net/ipv4/conf/$IFACE/forwarding=0 29 | -------------------------------------------------------------------------------- /lab-l3-hyperv/RR7/etc/quagga/daemons: -------------------------------------------------------------------------------- 1 | zebra=yes 2 | bgpd=yes 3 | ospfd=no 4 | ospf6d=no 5 | ripd=no 6 | ripngd=no 7 | isisd=no 8 | babeld=no 9 | -------------------------------------------------------------------------------- /lab-l3-hyperv/RR7/run: -------------------------------------------------------------------------------- 1 | ifreload -a 2 | service quagga restart 3 | -------------------------------------------------------------------------------- /lab-l3-hyperv/bird-common/common.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | 3 | define asn = 65000; 4 | 5 | # debug protocols all; 6 | 7 | protocol device { 8 | scan time 10; 9 | } 10 | -------------------------------------------------------------------------------- /lab-l3-hyperv/bird-common/common6.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird6.log" all; 2 | 3 | define asn = 65000; 4 | 5 | # debug protocols all; 6 | 7 | protocol device { 8 | scan time 10; 9 | } 10 | -------------------------------------------------------------------------------- /lab-l3-hyperv/bird-common/hypervisor6.conf: -------------------------------------------------------------------------------- 1 | include "rr-client6.conf"; 2 | -------------------------------------------------------------------------------- /lab-l3-hyperv/bird-common/rr-client-private.conf: -------------------------------------------------------------------------------- 1 | table private; 2 | 3 | protocol bgp RR1_private from rr_client { 4 | neighbor 172.22.15.126 as asn; 5 | table private; 6 | } 7 | 8 | protocol bgp RR2_private from rr_client { 9 | neighbor 172.22.15.226 as asn; 10 | table private; 11 | } 12 | 13 | protocol kernel kernel_private from kernel1 { 14 | table private; 15 | kernel table 20; 16 | preference 200; 17 | merge paths yes; 18 | export filter { 19 | krt_prefsrc = loopback_private; 20 | accept; 21 | }; 22 | } 23 | -------------------------------------------------------------------------------- /lab-l3-hyperv/bird-common/rr-client-public.conf: -------------------------------------------------------------------------------- 1 | table public; 2 | 3 | protocol bgp RR1_public from rr_client { 4 | neighbor 198.51.100.126 as asn; 5 | table public; 6 | } 7 | 8 | protocol bgp RR2_public from rr_client { 9 | neighbor 198.51.100.226 as asn; 10 | table public; 11 | } 12 | 13 | protocol kernel kernel_public from kernel1 { 14 | table public; 15 | kernel table 90; 16 | preference 200; 17 | merge paths yes; 18 | export all; 19 | } 20 | -------------------------------------------------------------------------------- /lab-l3-hyperv/bird-common/rr-client6.conf: -------------------------------------------------------------------------------- 1 | # BGP sessions for RR clients 2 | 3 | include "rr-client.conf"; 4 | 5 | table public; 6 | 7 | protocol bgp RR1_public from rr_client { 8 | neighbor 2001:db8:c633:6400::26 as asn; 9 | table public; 10 | } 11 | 12 | protocol bgp RR2_public from rr_client { 13 | neighbor 2001:db8:c633:6401::26 as asn; 14 | table public; 15 | } 16 | 17 | protocol kernel kernel_public from kernel1 { 18 | table public; 19 | kernel table 90; 20 | preference 200; 21 | export all; 22 | merge paths yes; 23 | } 24 | -------------------------------------------------------------------------------- /lab-l3-hyperv/bird.HV1.conf: -------------------------------------------------------------------------------- 1 | router id 0.0.1.1; 2 | define loopback_private = 172.22.2.1; 3 | 4 | include "bird-common/common.conf"; 5 | include "bird-common/hypervisor.conf"; 6 | -------------------------------------------------------------------------------- /lab-l3-hyperv/bird.HV2.conf: -------------------------------------------------------------------------------- 1 | router id 0.0.1.2; 2 | define loopback_private = 172.22.2.2; 3 | 4 | include "bird-common/common.conf"; 5 | include "bird-common/hypervisor.conf"; 6 | -------------------------------------------------------------------------------- /lab-l3-hyperv/bird.HV3.conf: -------------------------------------------------------------------------------- 1 | router id 0.0.1.3; 2 | define loopback_private = 172.22.2.3; 3 | 4 | include "bird-common/common.conf"; 5 | include "bird-common/hypervisor.conf"; 6 | -------------------------------------------------------------------------------- /lab-l3-hyperv/bird.internet.conf: -------------------------------------------------------------------------------- 1 | router id 0.0.0.3; 2 | 3 | include "bird-common/common.conf"; 4 | include "bird-common/rr-client.conf"; 5 | include "bird-common/rr-client-public.conf"; 6 | 7 | protocol static DEFAULT { 8 | import all; 9 | export none; 10 | route 0.0.0.0/0 blackhole; 11 | table public; 12 | } 13 | -------------------------------------------------------------------------------- /lab-l3-hyperv/bird6.HV1.conf: -------------------------------------------------------------------------------- 1 | router id 0.0.1.1; 2 | 3 | include "bird-common/common6.conf"; 4 | include "bird-common/hypervisor6.conf"; 5 | -------------------------------------------------------------------------------- /lab-l3-hyperv/bird6.HV2.conf: -------------------------------------------------------------------------------- 1 | router id 0.0.1.2; 2 | 3 | include "bird-common/common6.conf"; 4 | include "bird-common/hypervisor6.conf"; 5 | -------------------------------------------------------------------------------- /lab-l3-hyperv/bird6.HV3.conf: -------------------------------------------------------------------------------- 1 | router id 0.0.1.3; 2 | 3 | include "bird-common/common6.conf"; 4 | include "bird-common/hypervisor6.conf"; 5 | -------------------------------------------------------------------------------- /lab-l3-hyperv/bird6.RR1.conf: -------------------------------------------------------------------------------- 1 | router id 0.0.0.1; 2 | define clusterid_public = 198.151.100.126; 3 | define clusterid_private = 172.22.15.126; 4 | 5 | include "bird-common/common6.conf"; 6 | include "bird-common/rr.conf"; 7 | 8 | # HV1 9 | protocol bgp HV1 from rr_public { 10 | neighbor 2001:db8:c633:6400::1 as asn; 11 | } 12 | 13 | # HV2 14 | protocol bgp HV2 from rr_public { 15 | neighbor 2001:db8:c633:6400::2 as asn; 16 | } 17 | 18 | # HV3 19 | protocol bgp HV3 from rr_public { 20 | neighbor 2001:db8:c633:6400::3 as asn; 21 | } 22 | 23 | # Internet 24 | protocol bgp internet from rr_public { 25 | neighbor 2001:db8:c633:6400::ff as asn; 26 | } 27 | -------------------------------------------------------------------------------- /lab-l3-hyperv/bird6.RR2.conf: -------------------------------------------------------------------------------- 1 | router id 0.0.0.2; 2 | define clusterid_public = 198.151.100.226; 3 | define clusterid_private = 172.22.15.226; 4 | 5 | include "bird-common/common6.conf"; 6 | include "bird-common/rr.conf"; 7 | 8 | # HV1 9 | protocol bgp HV1 from rr_public { 10 | neighbor 2001:db8:c633:6401::1 as asn; 11 | } 12 | 13 | # HV2 14 | protocol bgp HV2 from rr_public { 15 | neighbor 2001:db8:c633:6401::2 as asn; 16 | } 17 | 18 | # HV3 19 | protocol bgp HV3 from rr_public { 20 | neighbor 2001:db8:c633:6401::3 as asn; 21 | } 22 | 23 | # Internet 24 | protocol bgp internet from rr_public { 25 | neighbor 2001:db8:c633:6401::ff as asn; 26 | } 27 | -------------------------------------------------------------------------------- /lab-l3-hyperv/bird6.internet.conf: -------------------------------------------------------------------------------- 1 | router id 0.0.0.3; 2 | 3 | include "bird-common/common6.conf"; 4 | include "bird-common/rr-client6.conf"; 5 | 6 | protocol static DEFAULT { 7 | import all; 8 | export none; 9 | route ::/0 unreachable; 10 | table public; 11 | } 12 | -------------------------------------------------------------------------------- /lab-l3-hyperv/radvd.HV.conf: -------------------------------------------------------------------------------- 1 | interface IFACE { 2 | AdvSendAdvert on; 3 | MinRtrAdvInterval 3; 4 | MaxRtrAdvInterval 10; 5 | prefix 2001:db8:cb00:710@::/64 { 6 | AdvOnLink on; 7 | AdvAutonomous on; 8 | AdvRouterAddr on; 9 | }; 10 | }; 11 | -------------------------------------------------------------------------------- /lab-l3-hyperv/rt_tables: -------------------------------------------------------------------------------- 1 | # 2 | # reserved values 3 | # 4 | 255 local 5 | 254 main 6 | 253 default 7 | 0 unspec 8 | # 9 | # local 10 | # 11 | #1 inr.ruhep 12 | 13 | 90 public 14 | 20 private 15 | 100 local-out 16 | -------------------------------------------------------------------------------- /lab-latency/.gitignore: -------------------------------------------------------------------------------- 1 | /*.csv 2 | /*.pdf 3 | /*.local-data 4 | /*.remote-data 5 | -------------------------------------------------------------------------------- /lab-latency/nginx.conf: -------------------------------------------------------------------------------- 1 | user www-data; 2 | worker_processes 4; 3 | pid /var/run/nginx.pid; 4 | events { 5 | worker_connections 768; 6 | } 7 | http { 8 | default_type application/octet-stream; 9 | server { 10 | listen 80 default_server; 11 | listen [::]:80 default_server; 12 | root /usr/share/nginx/www; 13 | index index.html index.htm; 14 | autoindex on; 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /lab-latency/systemtap-graph-all: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | for local in *.local-data; do 4 | ./systemtap-graph --remote "${local%local-data}remote-data" "$local" "$@" 5 | done 6 | -------------------------------------------------------------------------------- /lab-linux-erspan/.gitignore: -------------------------------------------------------------------------------- 1 | /*.o 2 | -------------------------------------------------------------------------------- /lab-linux-erspan/xdp_drop_all.c: -------------------------------------------------------------------------------- 1 | ../lab-bridge-linux/xdp_drop_all.c -------------------------------------------------------------------------------- /lab-linux-mpls/.gitignore: -------------------------------------------------------------------------------- 1 | /frr-ospfd.PE2.conf 2 | /frr-ospfd.PE1.conf 3 | /frr-bgpd.PE2.conf 4 | /frr-bgpd.PE1.conf 5 | /frr-bgpd.CE11.conf 6 | /frr-bgpd.CE12.conf 7 | /frr-bgpd.CE21.conf 8 | /frr-bgpd.CE22.conf 9 | /frr-ldpd.PE1.conf 10 | /frr-ldpd.PE2.conf 11 | /P2.img 12 | -------------------------------------------------------------------------------- /lab-linux-mpls/P2/ldpd.conf: -------------------------------------------------------------------------------- 1 | router-id 1.0.0.0 2 | address-family ipv4 { 3 | transport-address 192.168.0.0 4 | interface vio1 5 | interface vio2 6 | } 7 | -------------------------------------------------------------------------------- /lab-linux-mpls/P2/ospfd.conf: -------------------------------------------------------------------------------- 1 | router-id 1.0.0.0 2 | area 0.0.0.0 { 3 | interface vio1 { 4 | type p2p 5 | } 6 | interface vio2 { 7 | type p2p 8 | } 9 | interface lo1 { 10 | passive 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /lab-linux-mpls/frr-bgpd.CExy.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/frr/bgpd.log 2 | ! 3 | router bgp {{ asn }} 4 | bgp router-id 0.0.{{ id }} 5 | no bgp ebgp-requires-policy 6 | neighbor {{ neighbor }} remote-as {{ remoteas }} 7 | network {{ network }} 8 | ! 9 | -------------------------------------------------------------------------------- /lab-linux-mpls/frr-ldpd.P1.conf: -------------------------------------------------------------------------------- 1 | mpls ldp 2 | router-id 1.0.0.0 3 | address-family ipv4 4 | discovery transport-address 192.168.0.0 5 | interface eth0 6 | interface eth1 7 | -------------------------------------------------------------------------------- /lab-linux-mpls/frr-ldpd.PEx.conf: -------------------------------------------------------------------------------- 1 | mpls ldp 2 | router-id 0.0.0.{{ x }} 3 | address-family ipv4 4 | discovery transport-address 192.168.0.{{ x }} 5 | interface eth2 6 | -------------------------------------------------------------------------------- /lab-linux-mpls/frr-ospfd.P1.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/frr/ospfd.log 2 | ! 3 | interface eth0 4 | ip ospf network point-to-point 5 | ip ospf area 0.0.0.0 6 | ! 7 | interface eth1 8 | ip ospf network point-to-point 9 | ip ospf area 0.0.0.0 10 | ! 11 | interface lo 12 | ip ospf area 0.0.0.0 13 | ! 14 | router ospf 15 | ospf router-id 1.0.0.0 16 | passive-interface lo 17 | -------------------------------------------------------------------------------- /lab-linux-mpls/frr-ospfd.PEx.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/frr/ospfd.log 2 | ! 3 | interface eth2 4 | ip ospf network point-to-point 5 | ip ospf area 0.0.0.0 6 | ! 7 | interface lo 8 | ip ospf area 0.0.0.0 9 | ! 10 | router ospf 11 | ospf router-id 0.0.0.{{ x }} 12 | passive-interface lo 13 | -------------------------------------------------------------------------------- /lab-linux-mpls/frr-zebra.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/frr/zebra.log 2 | ! 3 | line vty 4 | ! 5 | -------------------------------------------------------------------------------- /lab-linux-mpls/network-config.P2: -------------------------------------------------------------------------------- 1 | version: 1 2 | config: 3 | - type: physical 4 | name: vio0 5 | subnets: 6 | type: dhcp 7 | # Only the OOB interface is configured. The remaining is done in user-data. 8 | -------------------------------------------------------------------------------- /lab-linux-mpls/openbsd.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vincentbernat/network-lab/446469e98af0bf02447914d8b9ecd0dbecfa24ef/lab-linux-mpls/openbsd.pcap -------------------------------------------------------------------------------- /lab-linux-mpls/user-data.P2: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | runcmd: 3 | - | 4 | ifconfig vio1 169.254.0.0/31 up 5 | ifconfig vio2 169.254.0.3/31 up 6 | ifconfig lo1 alias 192.168.0.0/32 7 | sysctl -w net.inet.ip.forwarding=1 8 | - | 9 | mkdir /mnt/lab 10 | mount /dev/cd0a /mnt/lab 11 | cp /mnt/lab/ospfd.conf /mnt/lab/ldpd.conf /etc 12 | - | 13 | chmod o-r /etc/ospfd.conf /etc/ldpd.conf 14 | ifconfig vio1 mpls 15 | ifconfig vio2 mpls 16 | ospfd 17 | ldpd 18 | -------------------------------------------------------------------------------- /lab-linux-vrf-bind/connect.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | 3 | import sys 4 | import socket 5 | 6 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 7 | s.setsockopt(socket.SOL_SOCKET, socket.SO_BINDTODEVICE, b"public") 8 | s.connect((sys.argv[1], 80)) 9 | print("connected {} → {}".format( 10 | s.getsockname(), 11 | s.getpeername())) 12 | -------------------------------------------------------------------------------- /lab-linux-wiretap/README.md: -------------------------------------------------------------------------------- 1 | # Turn Linux into a wiretap 2 | 3 | Given two interfaces, the goal is to mirror everything from one 4 | interface mirrored on the second one. Also, we would like to wiretap 5 | to not be able to emit any traffic that would make it detectable. 6 | -------------------------------------------------------------------------------- /lab-multicast-vxlan/linux: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vincentbernat/network-lab/446469e98af0bf02447914d8b9ecd0dbecfa24ef/lab-multicast-vxlan/linux -------------------------------------------------------------------------------- /lab-multicast-vxlan/xorp.r1.conf: -------------------------------------------------------------------------------- 1 | fea { 2 | unicast-forwarding4 { 3 | disable: false 4 | } 5 | } 6 | 7 | /* Keep the system configuration for interfaces. */ 8 | interfaces { 9 | interface eth0 { 10 | description: "interface to core routers" 11 | default-system-config {} 12 | } 13 | } 14 | 15 | protocols { 16 | ospf4 { 17 | router-id: 1.0.0.1 18 | 19 | area 0.0.0.0 { 20 | interface eth0 { 21 | vif eth0 { 22 | address 192.168.1.1 {} 23 | } 24 | } 25 | } 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /lab-multicast-vxlan/xorp.r2.conf: -------------------------------------------------------------------------------- 1 | fea { 2 | unicast-forwarding4 { 3 | disable: false 4 | } 5 | } 6 | 7 | /* Keep the system configuration for interfaces. */ 8 | interfaces { 9 | interface eth0 { 10 | description: "interface to core routers" 11 | default-system-config {} 12 | } 13 | } 14 | 15 | protocols { 16 | ospf4 { 17 | router-id: 1.0.0.2 18 | 19 | area 0.0.0.0 { 20 | interface eth0 { 21 | vif eth0 { 22 | address 192.168.2.2 {} 23 | } 24 | } 25 | } 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /lab-multicast-vxlan/xorp.r3.conf: -------------------------------------------------------------------------------- 1 | fea { 2 | unicast-forwarding4 { 3 | disable: false 4 | } 5 | } 6 | 7 | /* Keep the system configuration for interfaces. */ 8 | interfaces { 9 | interface eth0 { 10 | description: "interface to core routers" 11 | default-system-config {} 12 | } 13 | } 14 | 15 | protocols { 16 | ospf4 { 17 | router-id: 1.0.0.3 18 | 19 | area 0.0.0.0 { 20 | interface eth0 { 21 | vif eth0 { 22 | address 192.168.3.3 {} 23 | } 24 | } 25 | } 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /lab-multicast/conf/R1-keepalived.conf: -------------------------------------------------------------------------------- 1 | vrrp_instance VRRP1 { 2 | state MASTER 3 | interface eth3 4 | dont_track_primary 5 | track_interface { 6 | eth2 7 | } 8 | virtual_router_id 10 9 | priority 150 10 | advert_int 2 11 | virtual_ipaddress { 12 | 10.234.95.1/24 dev eth2 13 | } 14 | 15 | notify_master "/usr/sbin/pimd -l" 16 | notify_backup "/usr/sbin/pimd -l" 17 | notify_fault "/usr/sbin/pimd -l" 18 | } 19 | -------------------------------------------------------------------------------- /lab-multicast/conf/R1-ospfd.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/ospfd.log 2 | router ospf 3 | ospf router-id 0.0.0.1 4 | passive-interface default 5 | no passive-interface eth0 6 | no passive-interface eth1 7 | network 10.234.78.64/27 area 0.0.0.0 8 | network 10.234.78.96/27 area 0.0.0.0 9 | network 10.234.95.0/24 area 0.0.0.0 10 | ! 11 | line vty 12 | ! 13 | -------------------------------------------------------------------------------- /lab-multicast/conf/R1-pimd.conf: -------------------------------------------------------------------------------- 1 | default_source_preference 101 # smaller is better 2 | default_source_metric 1024 # smaller is better 3 | 4 | phyint eth0 enable 5 | phyint eth1 enable 6 | phyint eth2 enable 7 | 8 | group_prefix 239.0.0.0 masklen 24 9 | 10 | cand_rp 10.234.78.65 time 30 priority 20 11 | cand_rp 10.234.78.97 time 30 priority 20 12 | cand_bootstrap_router 10.234.78.65 priority 5 13 | cand_bootstrap_router 10.234.78.97 priority 5 14 | 15 | switch_data_threshold rate 500 interval 20 # 500bps (approx.) 16 | switch_register_threshold rate 500 interval 20 # 500bps (approx.) 17 | -------------------------------------------------------------------------------- /lab-multicast/conf/R1-zebra.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/zebra.log 2 | ip forwarding 3 | line vty 4 | -------------------------------------------------------------------------------- /lab-multicast/conf/R2-keepalived.conf: -------------------------------------------------------------------------------- 1 | vrrp_instance VRRP1 { 2 | state BACKUP 3 | interface eth3 4 | dont_track_primary 5 | track_interface { 6 | eth2 7 | } 8 | virtual_router_id 10 9 | priority 100 10 | advert_int 2 11 | virtual_ipaddress { 12 | 10.234.95.1/24 dev eth2 13 | } 14 | 15 | notify_master "/usr/sbin/pimd -l" 16 | notify_backup "/usr/sbin/pimd -l" 17 | notify_fault "/usr/sbin/pimd -l" 18 | } 19 | -------------------------------------------------------------------------------- /lab-multicast/conf/R2-ospfd.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/ospfd.log 2 | router ospf 3 | ospf router-id 0.0.0.2 4 | passive-interface default 5 | no passive-interface eth0 6 | no passive-interface eth1 7 | network 10.234.78.64/27 area 0.0.0.0 8 | network 10.234.78.96/27 area 0.0.0.0 9 | network 10.234.95.0/24 area 0.0.0.0 10 | ! 11 | line vty 12 | ! 13 | -------------------------------------------------------------------------------- /lab-multicast/conf/R2-pimd.conf: -------------------------------------------------------------------------------- 1 | default_source_preference 101 # smaller is better 2 | default_source_metric 1024 # smaller is better 3 | 4 | phyint eth0 enable 5 | phyint eth1 enable 6 | phyint eth2 enable 7 | 8 | group_prefix 239.0.0.0 masklen 24 9 | 10 | cand_rp 10.234.78.66 time 30 priority 20 11 | cand_rp 10.234.78.98 time 30 priority 20 12 | cand_bootstrap_router 10.234.78.66 priority 5 13 | cand_bootstrap_router 10.234.78.98 priority 5 14 | 15 | switch_data_threshold rate 500 interval 20 # 500bps (approx.) 16 | switch_register_threshold rate 500 interval 20 # 500bps (approx.) 17 | -------------------------------------------------------------------------------- /lab-multicast/conf/R2-zebra.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/zebra.log 2 | ip forwarding 3 | line vty 4 | -------------------------------------------------------------------------------- /lab-multicast/conf/R3-keepalived.conf: -------------------------------------------------------------------------------- 1 | vrrp_instance VRRP1 { 2 | state MASTER 3 | interface eth3 4 | dont_track_primary 5 | track_interface { 6 | eth2 7 | } 8 | virtual_router_id 11 9 | priority 150 10 | advert_int 2 11 | virtual_ipaddress { 12 | 10.234.72.193/29 dev eth2 13 | } 14 | 15 | notify_master "/usr/sbin/pimd -l" 16 | notify_backup "/usr/sbin/pimd -l" 17 | notify_fault "/usr/sbin/pimd -l" 18 | } 19 | -------------------------------------------------------------------------------- /lab-multicast/conf/R3-ospfd.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/ospfd.log 2 | router ospf 3 | ospf router-id 0.0.0.3 4 | passive-interface default 5 | no passive-interface eth0 6 | no passive-interface eth1 7 | network 10.234.78.64/27 area 0.0.0.0 8 | network 10.234.78.96/27 area 0.0.0.0 9 | network 10.234.72.192/29 area 0.0.0.0 10 | ! 11 | line vty 12 | ! 13 | -------------------------------------------------------------------------------- /lab-multicast/conf/R3-pimd.conf: -------------------------------------------------------------------------------- 1 | default_source_preference 101 # smaller is better 2 | default_source_metric 1024 # smaller is better 3 | 4 | phyint eth0 enable 5 | phyint eth1 enable 6 | phyint eth2 enable 7 | 8 | group_prefix 239.0.0.0 masklen 24 9 | 10 | cand_rp 10.234.78.67 time 30 priority 20 11 | cand_rp 10.234.78.99 time 30 priority 20 12 | cand_bootstrap_router 10.234.78.67 priority 5 13 | cand_bootstrap_router 10.234.78.99 priority 5 14 | 15 | switch_data_threshold rate 500 interval 20 # 500bps (approx.) 16 | switch_register_threshold rate 500 interval 20 # 500bps (approx.) 17 | -------------------------------------------------------------------------------- /lab-multicast/conf/R3-zebra.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/zebra.log 2 | ip forwarding 3 | line vty 4 | -------------------------------------------------------------------------------- /lab-multicast/conf/R4-keepalived.conf: -------------------------------------------------------------------------------- 1 | vrrp_instance VRRP1 { 2 | state BACKUP 3 | interface eth3 4 | dont_track_primary 5 | track_interface { 6 | eth2 7 | } 8 | virtual_router_id 11 9 | priority 100 10 | advert_int 2 11 | virtual_ipaddress { 12 | 10.234.72.193/29 dev eth2 13 | } 14 | 15 | notify_master "/usr/sbin/pimd -l" 16 | notify_backup "/usr/sbin/pimd -l" 17 | notify_fault "/usr/sbin/pimd -l" 18 | } 19 | -------------------------------------------------------------------------------- /lab-multicast/conf/R4-ospfd.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/ospfd.log 2 | router ospf 3 | ospf router-id 0.0.0.4 4 | passive-interface default 5 | no passive-interface eth0 6 | no passive-interface eth1 7 | network 10.234.78.64/27 area 0.0.0.0 8 | network 10.234.78.96/27 area 0.0.0.0 9 | network 10.234.72.192/29 area 0.0.0.0 10 | ! 11 | line vty 12 | ! 13 | -------------------------------------------------------------------------------- /lab-multicast/conf/R4-pimd.conf: -------------------------------------------------------------------------------- 1 | default_source_preference 101 # smaller is better 2 | default_source_metric 1024 # smaller is better 3 | 4 | phyint eth0 enable 5 | phyint eth1 enable 6 | phyint eth2 enable 7 | 8 | group_prefix 239.0.0.0 masklen 24 9 | 10 | cand_rp 10.234.78.68 time 30 priority 10 11 | cand_rp 10.234.78.100 time 30 priority 10 12 | cand_bootstrap_router 10.234.78.68 priority 3 13 | cand_bootstrap_router 10.234.78.100 priority 3 14 | 15 | switch_data_threshold rate 500 interval 20 # 500bps (approx.) 16 | switch_register_threshold rate 500 interval 20 # 500bps (approx.) 17 | -------------------------------------------------------------------------------- /lab-multicast/conf/R4-zebra.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/zebra.log 2 | ip forwarding 3 | line vty 4 | -------------------------------------------------------------------------------- /lab-multicast/keepalived.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | UTS=$(uname -n) 4 | KEEPALIVED=keepalived 5 | 6 | [ -f conf/${UTS}-keepalived.conf ] && { 7 | echo -n "Starting keepalived... " 8 | $KEEPALIVED -f $PWD/conf/${UTS}-keepalived.conf 9 | echo "Done!" 10 | } 11 | -------------------------------------------------------------------------------- /lab-multicast/pim-sm.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vincentbernat/network-lab/446469e98af0bf02447914d8b9ecd0dbecfa24ef/lab-multicast/pim-sm.gif -------------------------------------------------------------------------------- /lab-multicast/pimd.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | UTS=$(uname -n) 4 | 5 | [ -f conf/${UTS}-pimd.conf ] && { 6 | echo -n "Starting pimd... " 7 | pimd -c $PWD/conf/${UTS}-pimd.conf -N 8 | echo "Done!" 9 | } 10 | -------------------------------------------------------------------------------- /lab-multicast/quagga.sh: -------------------------------------------------------------------------------- 1 | # -*- sh -*- 2 | 3 | UTS=$(uname -n) 4 | 5 | [ -d /var/run/quagga ] || mkdir -p /var/run/quagga 6 | [ -d /var/log/quagga ] || mkdir -p /var/log/quagga 7 | chown quagga:quagga /var/run/quagga 8 | chown quagga:quagga /var/log/quagga 9 | 10 | LIBQUAGGA=/usr/lib/quagga 11 | 12 | for bin in zebra ospfd bgpd; do 13 | [ ! -f $PWD/conf/${UTS}-${bin}.conf ] || { 14 | echo -n "Starting $bin... " 15 | $LIBQUAGGA/${bin} -d -f $PWD/conf/${UTS}-${bin}.conf -A 127.0.0.1 16 | echo "Done!" 17 | } 18 | done 19 | export VTYSH_PAGER=/bin/cat 20 | -------------------------------------------------------------------------------- /lab-nat-gw1/.gitignore: -------------------------------------------------------------------------------- 1 | /keepalived.NAT1.conf 2 | /keepalived.NAT2.conf 3 | /conntrackd.NAT1.conf 4 | /conntrackd.NAT2.conf 5 | /bird.NAT1.conf 6 | /bird.NAT2.conf 7 | -------------------------------------------------------------------------------- /lab-nat-gw1/bird.ER.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.1; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | learn yes; 9 | import none; 10 | export all; 11 | scan time 10; 12 | merge paths yes; 13 | } 14 | 15 | template bgp NATx { 16 | local as 65000; 17 | import all; 18 | export none; 19 | direct; 20 | next hop self; 21 | connect delay time 1; 22 | connect retry time 5; 23 | error wait time 1,5; 24 | error forget time 10; 25 | } 26 | 27 | protocol bgp NAT1 from NATx { 28 | neighbor 198.51.100.1 as 65001; 29 | } 30 | protocol bgp NAT2 from NATx { 31 | neighbor 198.51.100.3 as 65001; 32 | } 33 | -------------------------------------------------------------------------------- /lab-nat-gw1/bird.NATx.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.1{{ x }}; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | learn yes; 9 | import all; 10 | export none; 11 | scan time 10; 12 | merge paths yes; 13 | } 14 | 15 | protocol bgp ER { 16 | local as 65001; 17 | import none; 18 | export filter { 19 | if dest = RTD_BLACKHOLE then accept; 20 | reject; 21 | }; 22 | direct; 23 | next hop self; 24 | connect delay time 1; 25 | connect retry time 5; 26 | error wait time 1,5; 27 | error forget time 10; 28 | neighbor 198.51.100.{{ x * 2 - 2 }} as 65000; 29 | } 30 | -------------------------------------------------------------------------------- /lab-nat-gw1/ulogd.conf: -------------------------------------------------------------------------------- 1 | [global] 2 | logfile="syslog" 3 | loglevel=3 4 | plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_inpflow_NFCT.so" 5 | plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_filter_IP2STR.so" 6 | plugin="/usr/lib/x86_64-linux-gnu/ulogd/ulogd_output_JSON.so" 7 | stack=ct1:NFCT,ip2str1:IP2STR,nfct1:JSON 8 | 9 | [nfct1] 10 | file="/var/log/ulogd-nfct.log" 11 | sync=1 12 | 13 | [ct1] 14 | event_mask=0x00000004 15 | hash_enable=0 16 | #netlink_socket_buffer_size=217088 17 | #netlink_socket_buffer_maxsize=1085440 18 | #netlink_resync_timeout=60 # seconds to wait to perform resynchronization 19 | -------------------------------------------------------------------------------- /lab-nat-gw1/vrrp-master: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # VMAC setup 4 | sysctl -qw net.ipv4.conf.${1}.arp_filter=0 5 | sysctl -qw net.ipv4.conf.${1}.accept_local=1 6 | sysctl -qw net.ipv4.conf.${1}.rp_filter=0 7 | 8 | # Conntrack sync 9 | conntrackd -C /mnt/lab/conntrackd.${uts}.conf -c 10 | -------------------------------------------------------------------------------- /lab-ospf-convergence/.gitignore: -------------------------------------------------------------------------------- 1 | /bird.*.conf 2 | !/bird.x.conf 3 | 4 | /monitor.* 5 | -------------------------------------------------------------------------------- /lab-ospf-convergence/bird.x.conf: -------------------------------------------------------------------------------- 1 | protocol device { 2 | scan time 10; 3 | } 4 | 5 | protocol kernel { 6 | persist; 7 | # merge paths yes; 8 | ipv6 { 9 | import all; 10 | export all; 11 | }; 12 | } 13 | 14 | protocol ospf v3 UNDERLAY { 15 | # ecmp no; 16 | # debug { routes }; 17 | ipv6 { 18 | import all; 19 | export none; 20 | }; 21 | area 0.0.0.0 { 22 | interface "lo" { 23 | stub yes; 24 | }; 25 | interface "eth*" { 26 | cost 1; 27 | }; 28 | interface "veth*" { 29 | cost 5; 30 | type pointopoint; 31 | }; 32 | }; 33 | } 34 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/abr/quagga/daemons: -------------------------------------------------------------------------------- 1 | ospf6d=yes 2 | ospfd=yes 3 | zebra=yes 4 | D_PATH=/home/bernat/code/orange/quagga/build/usr/sbin 5 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/abr/quagga/debian.conf: -------------------------------------------------------------------------------- 1 | ../../quagga-debian.conf -------------------------------------------------------------------------------- /lab-ospf6d-snmp/abr/quagga/ospf6d.conf: -------------------------------------------------------------------------------- 1 | hostname abr 2 | log file /var/log/quagga/ospf6d.log 3 | ! 4 | router ospf6 5 | router-id 1.1.1.1 6 | area 0.0.0.1 range 2001:db8:cafe:a100::/56 7 | interface eth0 area 0.0.0.0 8 | interface eth1 area 0.0.0.1 9 | interface eth2 area 0.0.0.2 10 | ! 11 | agentx 12 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/abr/quagga/ospfd.conf: -------------------------------------------------------------------------------- 1 | hostname abr 2 | log file /var/log/quagga/ospfd.log 3 | ! 4 | router ospf 5 | ospf router-id 1.1.1.1 6 | network 192.168.0.0/24 area 0.0.0.0 7 | network 192.168.1.0/24 area 0.0.0.1 8 | network 192.168.2.0/24 area 0.0.0.2 9 | ! 10 | agentx 11 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/abr/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname abr 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | agentx 5 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/asbr/quagga/daemons: -------------------------------------------------------------------------------- 1 | debian=yes 2 | ospf6d=yes 3 | ospfd=yes 4 | zebra=yes 5 | D_PATH=/home/bernat/code/orange/quagga/build/usr/sbin 6 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/asbr/quagga/debian.conf: -------------------------------------------------------------------------------- 1 | # 2 | # If this option is set the /etc/init.d/quagga script automatically loads 3 | # the config via "vtysh -b" when the servers are started. 4 | # Check /etc/pam.d/quagga if you intend to use "vtysh"! 5 | # 6 | vtysh_enable=yes 7 | zebra_options=" --daemon -A 127.0.0.1" 8 | bgpd_options=" --daemon -A 127.0.0.1" 9 | ospfd_options=" --daemon -A 127.0.0.1" 10 | ospf6d_options="--daemon -A ::1" 11 | ripd_options=" --daemon -A 127.0.0.1" 12 | ripngd_options="--daemon -A ::1" 13 | isisd_options=" --daemon -A 127.0.0.1" 14 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/asbr/quagga/ospf6d.conf: -------------------------------------------------------------------------------- 1 | hostname asbr 2 | log file /var/log/quagga/ospf6d.log 3 | ! 4 | interface dummy0 5 | ipv6 ospf6 passive 6 | ! 7 | router ospf6 8 | router-id 1.1.1.7 9 | interface eth0 area 0.0.0.1 10 | interface dummy0 area 0.0.0.1 11 | redistribute kernel 12 | ! 13 | agentx 14 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/asbr/quagga/ospfd.conf: -------------------------------------------------------------------------------- 1 | hostname abr 2 | log file /var/log/quagga/ospfd.log 3 | ! 4 | router ospf 5 | ospf router-id 1.1.1.7 6 | passive-interface dummy0 7 | network 192.168.1.0/24 area 0.0.0.1 8 | network 192.168.121.0/24 area 0.0.0.1 9 | network 192.168.122.0/24 area 0.0.0.1 10 | redistribute kernel 11 | ! 12 | agentx 13 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/asbr/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname asbr 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | agentx 5 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/quagga-debian.conf: -------------------------------------------------------------------------------- 1 | # 2 | # If this option is set the /etc/init.d/quagga script automatically loads 3 | # the config via "vtysh -b" when the servers are started. 4 | # Check /etc/pam.d/quagga if you intend to use "vtysh"! 5 | # 6 | vtysh_enable=yes 7 | zebra_options=" --daemon -A 127.0.0.1" 8 | bgpd_options=" --daemon -A 127.0.0.1" 9 | ospfd_options=" --daemon -A 127.0.0.1" 10 | ospf6d_options="--daemon -A ::1" 11 | ripd_options=" --daemon -A 127.0.0.1" 12 | ripngd_options="--daemon -A ::1" 13 | isisd_options=" --daemon -A 127.0.0.1" 14 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r01/quagga/daemons: -------------------------------------------------------------------------------- 1 | ospf6d=yes 2 | ospfd=yes 3 | zebra=yes 4 | D_PATH=/home/bernat/code/orange/quagga/build/usr/sbin 5 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r01/quagga/debian.conf: -------------------------------------------------------------------------------- 1 | ../../quagga-debian.conf -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r01/quagga/ospf6d.conf: -------------------------------------------------------------------------------- 1 | hostname r01 2 | log file /var/log/quagga/ospf6d.log 3 | ! 4 | interface dummy0 5 | ipv6 ospf6 passive 6 | ! 7 | router ospf6 8 | router-id 1.1.1.2 9 | interface eth0 area 0.0.0.0 10 | interface dummy0 area 0.0.0.0 11 | ! 12 | agentx 13 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r01/quagga/ospfd.conf: -------------------------------------------------------------------------------- 1 | hostname abr 2 | log file /var/log/quagga/ospfd.log 3 | ! 4 | router ospf 5 | ospf router-id 1.1.1.2 6 | passive-interface dummy0 7 | network 192.168.0.0/24 area 0.0.0.0 8 | network 192.168.11.0/24 area 0.0.0.0 9 | network 192.168.12.0/24 area 0.0.0.0 10 | ! 11 | agentx 12 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r01/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname r01 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | agentx 5 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r02/quagga/daemons: -------------------------------------------------------------------------------- 1 | ospf6d=yes 2 | ospfd=yes 3 | zebra=yes 4 | D_PATH=/home/bernat/code/orange/quagga/build/usr/sbin 5 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r02/quagga/debian.conf: -------------------------------------------------------------------------------- 1 | ../../quagga-debian.conf -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r02/quagga/ospf6d.conf: -------------------------------------------------------------------------------- 1 | hostname r02 2 | log file /var/log/quagga/ospf6d.log 3 | ! 4 | interface dummy0 5 | ipv6 ospf6 passive 6 | ! 7 | router ospf6 8 | router-id 1.1.1.3 9 | interface eth0 area 0.0.0.0 10 | interface dummy0 area 0.0.0.0 11 | ! 12 | agentx 13 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r02/quagga/ospfd.conf: -------------------------------------------------------------------------------- 1 | hostname abr 2 | log file /var/log/quagga/ospfd.log 3 | ! 4 | router ospf 5 | ospf router-id 1.1.1.3 6 | passive-interface dummy0 7 | network 192.168.0.0/24 area 0.0.0.0 8 | network 192.168.21.0/24 area 0.0.0.0 9 | network 192.168.22.0/24 area 0.0.0.0 10 | ! 11 | agentx 12 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r02/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname r02 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | agentx 5 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r03/quagga/daemons: -------------------------------------------------------------------------------- 1 | debian=yes 2 | ospf6d=yes 3 | ospfd=yes 4 | zebra=yes 5 | D_PATH=/home/bernat/code/orange/quagga/build/usr/sbin 6 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r03/quagga/debian.conf: -------------------------------------------------------------------------------- 1 | # 2 | # If this option is set the /etc/init.d/quagga script automatically loads 3 | # the config via "vtysh -b" when the servers are started. 4 | # Check /etc/pam.d/quagga if you intend to use "vtysh"! 5 | # 6 | vtysh_enable=yes 7 | zebra_options=" --daemon -A 127.0.0.1" 8 | bgpd_options=" --daemon -A 127.0.0.1" 9 | ospfd_options=" --daemon -A 127.0.0.1" 10 | ospf6d_options="--daemon -A ::1" 11 | ripd_options=" --daemon -A 127.0.0.1" 12 | ripngd_options="--daemon -A ::1" 13 | isisd_options=" --daemon -A 127.0.0.1" 14 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r03/quagga/ospf6d.conf: -------------------------------------------------------------------------------- 1 | hostname r03 2 | log file /var/log/quagga/ospf6d.log 3 | ! 4 | interface dummy0 5 | ipv6 ospf6 passive 6 | ! 7 | router ospf6 8 | router-id 1.1.1.4 9 | interface eth0 area 0.0.0.0 10 | interface dummy0 area 0.0.0.0 11 | ! 12 | agentx 13 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r03/quagga/ospfd.conf: -------------------------------------------------------------------------------- 1 | hostname abr 2 | log file /var/log/quagga/ospfd.log 3 | ! 4 | router ospf 5 | ospf router-id 1.1.1.4 6 | passive-interface dummy0 7 | network 192.168.0.0/24 area 0.0.0.0 8 | network 192.168.31.0/24 area 0.0.0.0 9 | network 192.168.32.0/24 area 0.0.0.0 10 | ! 11 | agentx 12 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r03/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname r03 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | agentx 5 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r1/quagga/daemons: -------------------------------------------------------------------------------- 1 | debian=yes 2 | ospf6d=yes 3 | ospfd=yes 4 | zebra=yes 5 | D_PATH=/home/bernat/code/orange/quagga/build/usr/sbin 6 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r1/quagga/debian.conf: -------------------------------------------------------------------------------- 1 | # 2 | # If this option is set the /etc/init.d/quagga script automatically loads 3 | # the config via "vtysh -b" when the servers are started. 4 | # Check /etc/pam.d/quagga if you intend to use "vtysh"! 5 | # 6 | vtysh_enable=yes 7 | zebra_options=" --daemon -A 127.0.0.1" 8 | bgpd_options=" --daemon -A 127.0.0.1" 9 | ospfd_options=" --daemon -A 127.0.0.1" 10 | ospf6d_options="--daemon -A ::1" 11 | ripd_options=" --daemon -A 127.0.0.1" 12 | ripngd_options="--daemon -A ::1" 13 | isisd_options=" --daemon -A 127.0.0.1" 14 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r1/quagga/ospf6d.conf: -------------------------------------------------------------------------------- 1 | hostname r1 2 | log file /var/log/quagga/ospf6d.log 3 | ! 4 | interface dummy0 5 | ipv6 ospf6 passive 6 | ! 7 | router ospf6 8 | router-id 1.1.1.6 9 | interface eth0 area 0.0.0.1 10 | interface dummy0 area 0.0.0.1 11 | ! 12 | agentx 13 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r1/quagga/ospfd.conf: -------------------------------------------------------------------------------- 1 | hostname abr 2 | log file /var/log/quagga/ospfd.log 3 | ! 4 | router ospf 5 | ospf router-id 1.1.1.6 6 | passive-interface dummy0 7 | network 192.168.1.0/24 area 0.0.0.1 8 | network 192.168.111.0/24 area 0.0.0.1 9 | network 192.168.112.0/24 area 0.0.0.1 10 | ! 11 | agentx 12 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r1/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname r1 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | agentx 5 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r2/quagga/daemons: -------------------------------------------------------------------------------- 1 | debian=yes 2 | ospf6d=yes 3 | ospfd=yes 4 | zebra=yes 5 | D_PATH=/home/bernat/code/orange/quagga/build/usr/sbin 6 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r2/quagga/debian.conf: -------------------------------------------------------------------------------- 1 | # 2 | # If this option is set the /etc/init.d/quagga script automatically loads 3 | # the config via "vtysh -b" when the servers are started. 4 | # Check /etc/pam.d/quagga if you intend to use "vtysh"! 5 | # 6 | vtysh_enable=yes 7 | zebra_options=" --daemon -A 127.0.0.1" 8 | bgpd_options=" --daemon -A 127.0.0.1" 9 | ospfd_options=" --daemon -A 127.0.0.1" 10 | ospf6d_options="--daemon -A ::1" 11 | ripd_options=" --daemon -A 127.0.0.1" 12 | ripngd_options="--daemon -A ::1" 13 | isisd_options=" --daemon -A 127.0.0.1" 14 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r2/quagga/ospf6d.conf: -------------------------------------------------------------------------------- 1 | hostname r2 2 | log file /var/log/quagga/ospf6d.log 3 | ! 4 | interface dummy0 5 | ipv6 ospf6 passive 6 | ! 7 | router ospf6 8 | router-id 1.1.1.5 9 | interface eth0 area 0.0.0.2 10 | interface dummy0 area 0.0.0.2 11 | ! 12 | agentx 13 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r2/quagga/ospfd.conf: -------------------------------------------------------------------------------- 1 | hostname abr 2 | log file /var/log/quagga/ospfd.log 3 | ! 4 | router ospf 5 | ospf router-id 1.1.1.5 6 | passive-interface dummy0 7 | network 192.168.2.0/24 area 0.0.0.2 8 | network 192.168.51.0/24 area 0.0.0.2 9 | network 192.168.52.0/24 area 0.0.0.2 10 | ! 11 | agentx 12 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/r2/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname r2 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | agentx 5 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/snmpd.conf: -------------------------------------------------------------------------------- 1 | agentAddress udp:127.0.0.1:161 2 | rocommunity public localhost 3 | rwcommunity private localhost 4 | master agentx 5 | trap2sink 127.0.0.1 6 | -------------------------------------------------------------------------------- /lab-ospf6d-snmp/snmptrapd.conf: -------------------------------------------------------------------------------- 1 | snmpTrapdAddr 127.0.0.1 2 | doNotLogTraps no 3 | disableAuthorization yes 4 | logOption f /var/log/snmptraps.log 5 | -------------------------------------------------------------------------------- /lab-ospf6d/esite01/quagga/daemons: -------------------------------------------------------------------------------- 1 | debian=yes 2 | ospf6d=yes 3 | zebra=yes 4 | -------------------------------------------------------------------------------- /lab-ospf6d/esite01/quagga/debian.conf: -------------------------------------------------------------------------------- 1 | # 2 | # If this option is set the /etc/init.d/quagga script automatically loads 3 | # the config via "vtysh -b" when the servers are started. 4 | # Check /etc/pam.d/quagga if you intend to use "vtysh"! 5 | # 6 | vtysh_enable=yes 7 | zebra_options=" --daemon -A 127.0.0.1" 8 | bgpd_options=" --daemon -A 127.0.0.1" 9 | ospfd_options=" --daemon -A 127.0.0.1" 10 | ospf6d_options="--daemon -A ::1" 11 | ripd_options=" --daemon -A 127.0.0.1" 12 | ripngd_options="--daemon -A ::1" 13 | isisd_options=" --daemon -A 127.0.0.1" 14 | -------------------------------------------------------------------------------- /lab-ospf6d/esite01/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname esite01 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | -------------------------------------------------------------------------------- /lab-ospf6d/esite02/quagga/daemons: -------------------------------------------------------------------------------- 1 | debian=yes 2 | ospf6d=yes 3 | zebra=yes 4 | -------------------------------------------------------------------------------- /lab-ospf6d/esite02/quagga/debian.conf: -------------------------------------------------------------------------------- 1 | # 2 | # If this option is set the /etc/init.d/quagga script automatically loads 3 | # the config via "vtysh -b" when the servers are started. 4 | # Check /etc/pam.d/quagga if you intend to use "vtysh"! 5 | # 6 | vtysh_enable=yes 7 | zebra_options=" --daemon -A 127.0.0.1" 8 | bgpd_options=" --daemon -A 127.0.0.1" 9 | ospfd_options=" --daemon -A 127.0.0.1" 10 | ospf6d_options="--daemon -A ::1" 11 | ripd_options=" --daemon -A 127.0.0.1" 12 | ripngd_options="--daemon -A ::1" 13 | isisd_options=" --daemon -A 127.0.0.1" 14 | -------------------------------------------------------------------------------- /lab-ospf6d/esite02/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname esite02 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | -------------------------------------------------------------------------------- /lab-ospf6d/fabae/quagga/daemons: -------------------------------------------------------------------------------- 1 | debian=yes 2 | ospf6d=yes 3 | zebra=yes 4 | -------------------------------------------------------------------------------- /lab-ospf6d/fabae/quagga/debian.conf: -------------------------------------------------------------------------------- 1 | # 2 | # If this option is set the /etc/init.d/quagga script automatically loads 3 | # the config via "vtysh -b" when the servers are started. 4 | # Check /etc/pam.d/quagga if you intend to use "vtysh"! 5 | # 6 | vtysh_enable=yes 7 | zebra_options=" --daemon -A 127.0.0.1" 8 | bgpd_options=" --daemon -A 127.0.0.1" 9 | ospfd_options=" --daemon -A 127.0.0.1" 10 | ospf6d_options="--daemon -A ::1" 11 | ripd_options=" --daemon -A 127.0.0.1" 12 | ripngd_options="--daemon -A ::1" 13 | isisd_options=" --daemon -A 127.0.0.1" 14 | -------------------------------------------------------------------------------- /lab-ospf6d/fabae/quagga/ospf6d.conf: -------------------------------------------------------------------------------- 1 | hostname fabae 2 | log file /var/log/quagga/ospf6d.log 3 | ! 4 | interface dummy0 5 | ipv6 ospf6 passive 6 | ! 7 | router ospf6 8 | router-id 1.1.1.3 9 | interface eth0 area 0.0.0.0 10 | interface eth1 area 0.0.0.0 11 | interface dummy0 area 0.0.0.0 12 | ! 13 | -------------------------------------------------------------------------------- /lab-ospf6d/fabae/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname fabae 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | -------------------------------------------------------------------------------- /lab-ospf6d/pobae/bird6.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird6.log" all; 2 | router id 1.1.1.4; 3 | 4 | protocol device { 5 | scan time 10; 6 | } 7 | 8 | protocol kernel { 9 | persist; 10 | import none; 11 | export all; 12 | } 13 | 14 | protocol direct { 15 | interface "dummy0"; 16 | import all; 17 | export none; 18 | } 19 | 20 | protocol ospf BAE { 21 | ecmp yes; 22 | import all; 23 | export all; 24 | area 0.0.0.0 { 25 | networks { 26 | 2001:db8:cafe:5::/64; 27 | }; 28 | interface "eth0"; 29 | interface "eth1"; 30 | }; 31 | } 32 | -------------------------------------------------------------------------------- /lab-ospf6d/quagga-debian.conf: -------------------------------------------------------------------------------- 1 | # 2 | # If this option is set the /etc/init.d/quagga script automatically loads 3 | # the config via "vtysh -b" when the servers are started. 4 | # Check /etc/pam.d/quagga if you intend to use "vtysh"! 5 | # 6 | vtysh_enable=yes 7 | zebra_options=" --daemon -A 127.0.0.1" 8 | bgpd_options=" --daemon -A 127.0.0.1" 9 | ospfd_options=" --daemon -A 127.0.0.1" 10 | ospf6d_options="--daemon -A ::1" 11 | ripd_options=" --daemon -A 127.0.0.1" 12 | ripngd_options="--daemon -A ::1" 13 | isisd_options=" --daemon -A 127.0.0.1" 14 | -------------------------------------------------------------------------------- /lab-redistribute-neighbors/.gitignore: -------------------------------------------------------------------------------- 1 | /rdnbr/ 2 | /python-rdnbrd*.tar.gz 3 | -------------------------------------------------------------------------------- /lab-redistribute-neighbors/bird.linux.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | 3 | router id 1.1.1.3; 4 | 5 | protocol device { 6 | scan time 10; 7 | } 8 | 9 | protocol kernel { 10 | kernel table 10; 11 | import where ifname = "eth1"; 12 | export none; 13 | learn; 14 | scan time 30; 15 | } 16 | 17 | protocol bgp ROUTER { 18 | local as 65002; 19 | neighbor 203.0.113.1 as 65000; 20 | import none; 21 | export all; 22 | } 23 | -------------------------------------------------------------------------------- /lab-redistribute-neighbors/bird.router.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | 3 | router id 1.1.1.1; 4 | 5 | protocol device { 6 | scan time 10; 7 | } 8 | 9 | protocol bgp CUMULUS { 10 | local as 65000; 11 | neighbor 203.0.113.2 as 65001; 12 | import all; 13 | export none; 14 | } 15 | protocol bgp LINUX { 16 | local as 65000; 17 | neighbor 203.0.113.3 as 65002; 18 | import all; 19 | export none; 20 | } 21 | -------------------------------------------------------------------------------- /lab-redistribute-neighbors/cumulus/etc/frr/daemons: -------------------------------------------------------------------------------- 1 | zebra=yes 2 | bgpd=yes 3 | ospfd=no 4 | ospf6d=no 5 | ripd=no 6 | ripngd=no 7 | isisd=no 8 | babeld=no 9 | -------------------------------------------------------------------------------- /lab-redistribute-neighbors/cumulus/etc/frr/frr.conf: -------------------------------------------------------------------------------- 1 | frr defaults datacenter 2 | service integrated-vtysh-config 3 | log syslog informational 4 | 5 | router bgp 65001 6 | bgp router-id 1.1.1.2 7 | neighbor 203.0.113.1 remote-as 65000 8 | address-family ipv4 unicast 9 | redistribute table 10 10 | exit-address-family 11 | ! 12 | route-map REDISTRIBUTE_NEIGHBOR permit 10 13 | match interface swp2 14 | ! 15 | ip import-table 10 route-map REDISTRIBUTE_NEIGHBOR 16 | -------------------------------------------------------------------------------- /lab-redistribute-neighbors/cumulus/etc/network/interfaces: -------------------------------------------------------------------------------- 1 | auto lo 2 | iface lo inet loopback 3 | 4 | auto eth0 5 | iface eth0 inet dhcp 6 | vrf mgmt 7 | 8 | auto mgmt 9 | iface mgmt 10 | address 127.0.0.1/8 11 | vrf-table auto 12 | 13 | auto swp1 14 | iface swp1 15 | address 203.0.113.2/27 16 | 17 | auto swp2 18 | iface swp2 19 | address 203.0.113.33/27 20 | -------------------------------------------------------------------------------- /lab-redistribute-neighbors/cumulus/run: -------------------------------------------------------------------------------- 1 | ifreload -a 2 | service frr restart 3 | service rdnbrd restart 4 | sleep 5 5 | ping -c1 -q 203.0.113.34 || true 6 | ping -c1 -q 203.0.113.35 || true 7 | -------------------------------------------------------------------------------- /lab-redundant-vpn/README: -------------------------------------------------------------------------------- 1 | This lab is explained here: 2 | https://vincent.bernat.ch/en/blog/2011-uml-network-lab 3 | -------------------------------------------------------------------------------- /lab-redundant-vpn/V1/racoon/psk.txt: -------------------------------------------------------------------------------- 1 | 1.1.1.1 racoon 2 | 1.1.1.2 racoon 3 | 1.1.2.1 racoon 4 | 1.1.2.2 racoon 5 | -------------------------------------------------------------------------------- /lab-redundant-vpn/V1/racoon/racoon.conf: -------------------------------------------------------------------------------- 1 | path pre_shared_key "/etc/racoon/psk.txt"; 2 | listen { 3 | adminsock "/var/run/racoon/racoon.sock" "root" "operator" 0660; 4 | } 5 | remote 1.1.1.1 { 6 | exchange_mode main; 7 | proposal { 8 | encryption_algorithm aes; 9 | hash_algorithm sha1; 10 | authentication_method pre_shared_key; 11 | dh_group 2; 12 | } 13 | proposal_check strict; 14 | initial_contact on; 15 | } 16 | sainfo anonymous { 17 | pfs_group 2; 18 | encryption_algorithm aes; 19 | authentication_algorithm hmac_sha1; 20 | compression_algorithm deflate; 21 | } 22 | -------------------------------------------------------------------------------- /lab-redundant-vpn/V2/racoon/psk.txt: -------------------------------------------------------------------------------- 1 | 1.1.1.1 racoon 2 | 1.1.1.2 racoon 3 | 1.1.2.1 racoon 4 | 1.1.2.2 racoon 5 | -------------------------------------------------------------------------------- /lab-redundant-vpn/V2/racoon/racoon.conf: -------------------------------------------------------------------------------- 1 | path pre_shared_key "/etc/racoon/psk.txt"; 2 | listen { 3 | adminsock "/var/run/racoon/racoon.sock" "root" "operator" 0660; 4 | } 5 | remote 1.1.1.2 { 6 | exchange_mode main; 7 | proposal { 8 | encryption_algorithm aes; 9 | hash_algorithm sha1; 10 | authentication_method pre_shared_key; 11 | dh_group 2; 12 | } 13 | proposal_check strict; 14 | initial_contact on; 15 | } 16 | sainfo anonymous { 17 | pfs_group 2; 18 | encryption_algorithm aes; 19 | authentication_algorithm hmac_sha1; 20 | compression_algorithm deflate; 21 | } 22 | -------------------------------------------------------------------------------- /lab-redundant-vpn/V3/racoon/psk.txt: -------------------------------------------------------------------------------- 1 | 1.1.1.1 racoon 2 | 1.1.1.2 racoon 3 | 1.1.2.1 racoon 4 | 1.1.2.2 racoon 5 | -------------------------------------------------------------------------------- /lab-redundant-vpn/V3/racoon/racoon.conf: -------------------------------------------------------------------------------- 1 | path pre_shared_key "/etc/racoon/psk.txt"; 2 | listen { 3 | adminsock "/var/run/racoon/racoon.sock" "root" "operator" 0660; 4 | } 5 | remote 1.1.2.1 { 6 | exchange_mode main; 7 | proposal { 8 | encryption_algorithm aes; 9 | hash_algorithm sha1; 10 | authentication_method pre_shared_key; 11 | dh_group 2; 12 | } 13 | proposal_check strict; 14 | initial_contact on; 15 | } 16 | sainfo anonymous { 17 | pfs_group 2; 18 | encryption_algorithm aes; 19 | authentication_algorithm hmac_sha1; 20 | compression_algorithm deflate; 21 | } 22 | -------------------------------------------------------------------------------- /lab-redundant-vpn/V4/racoon/racoon.conf: -------------------------------------------------------------------------------- 1 | path pre_shared_key "/etc/racoon/psk.txt"; 2 | listen { 3 | adminsock "/var/run/racoon/racoon.sock" "root" "operator" 0660; 4 | } 5 | remote 1.1.2.2 { 6 | exchange_mode main; 7 | proposal { 8 | encryption_algorithm aes; 9 | hash_algorithm sha1; 10 | authentication_method pre_shared_key; 11 | dh_group 2; 12 | } 13 | proposal_check strict; 14 | initial_contact on; 15 | } 16 | sainfo anonymous { 17 | pfs_group 2; 18 | encryption_algorithm aes; 19 | authentication_algorithm hmac_sha1; 20 | compression_algorithm deflate; 21 | } 22 | -------------------------------------------------------------------------------- /lab-redundant-vpn/quagga-bgpd.V1.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/bgpd.log 2 | router bgp 65120 3 | bgp router-id 192.168.1.11 4 | bgp log-neighbor-changes 5 | redistribute ospf route-map local 6 | timers bgp 5 15 7 | neighbor 192.168.101.13 remote-as 65121 8 | neighbor 192.168.101.13 update-source 192.168.1.11 9 | neighbor 192.168.101.13 ebgp-multihop 2 10 | ! 11 | access-list 1 permit 192.168.1.11 12 | access-list 1 permit 192.168.1.12 13 | route-map local deny 1 14 | match ip next-hop 1 15 | ! 16 | route-map local permit 2 17 | ! 18 | -------------------------------------------------------------------------------- /lab-redundant-vpn/quagga-bgpd.V2.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/bgpd.log 2 | router bgp 65120 3 | bgp router-id 192.168.1.12 4 | bgp log-neighbor-changes 5 | redistribute ospf route-map local 6 | timers bgp 5 15 7 | neighbor 192.168.101.14 remote-as 65121 8 | neighbor 192.168.101.14 update-source 192.168.1.12 9 | neighbor 192.168.101.14 ebgp-multihop 2 10 | ! 11 | access-list 1 permit 192.168.1.11 12 | access-list 1 permit 192.168.1.12 13 | route-map local deny 1 14 | match ip next-hop 1 15 | ! 16 | route-map local permit 2 17 | ! 18 | -------------------------------------------------------------------------------- /lab-redundant-vpn/quagga-bgpd.V3.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/bgpd.log 2 | router bgp 65121 3 | bgp router-id 192.168.101.13 4 | bgp log-neighbor-changes 5 | redistribute ospf route-map local 6 | timers bgp 5 15 7 | neighbor 192.168.1.11 remote-as 65120 8 | neighbor 192.168.1.11 update-source 192.168.101.13 9 | neighbor 192.168.1.11 ebgp-multihop 2 10 | ! 11 | access-list 1 permit 192.168.101.13 12 | access-list 1 permit 192.168.101.14 13 | route-map local deny 1 14 | match ip next-hop 1 15 | ! 16 | route-map local permit 2 17 | ! 18 | -------------------------------------------------------------------------------- /lab-redundant-vpn/quagga-bgpd.V4.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/bgpd.log 2 | router bgp 65121 3 | bgp router-id 192.168.101.14 4 | bgp log-neighbor-changes 5 | redistribute ospf route-map local 6 | timers bgp 5 15 7 | neighbor 192.168.1.12 remote-as 65120 8 | neighbor 192.168.1.12 update-source 192.168.101.14 9 | neighbor 192.168.1.12 ebgp-multihop 2 10 | ! 11 | access-list 1 permit 192.168.101.13 12 | access-list 1 permit 192.168.101.14 13 | route-map local deny 1 14 | match ip next-hop 1 15 | ! 16 | route-map local permit 2 17 | ! 18 | -------------------------------------------------------------------------------- /lab-redundant-vpn/quagga-ospfd.R1.conf: -------------------------------------------------------------------------------- 1 | hostname R1 2 | log file /var/log/quagga/ospfd.log 3 | router ospf 4 | ospf router-id 0.0.0.10 5 | passive-interface default 6 | no passive-interface eth0 7 | network 192.168.1.0/24 area 0.0.0.0 8 | network 192.168.15.0/24 area 0.0.0.0 9 | ! 10 | -------------------------------------------------------------------------------- /lab-redundant-vpn/quagga-ospfd.R2.conf: -------------------------------------------------------------------------------- 1 | hostname R2 2 | log file /var/log/quagga/ospfd.log 3 | router ospf 4 | ospf router-id 0.0.100.10 5 | passive-interface default 6 | no passive-interface eth0 7 | network 192.168.101.0/24 area 0.0.0.0 8 | network 192.168.115.0/24 area 0.0.0.0 9 | ! 10 | -------------------------------------------------------------------------------- /lab-redundant-vpn/quagga-ospfd.V1.conf: -------------------------------------------------------------------------------- 1 | hostname V1 2 | log file /var/log/quagga/ospfd.log 3 | router ospf 4 | ospf router-id 0.0.0.11 5 | redistribute bgp 6 | passive-interface default 7 | no passive-interface eth0 8 | network 192.168.1.0/24 area 0.0.0.0 9 | ! 10 | -------------------------------------------------------------------------------- /lab-redundant-vpn/quagga-ospfd.V2.conf: -------------------------------------------------------------------------------- 1 | hostname V2 2 | log file /var/log/quagga/ospfd.log 3 | router ospf 4 | ospf router-id 0.0.0.12 5 | redistribute bgp 6 | passive-interface default 7 | no passive-interface eth0 8 | network 192.168.1.0/24 area 0.0.0.0 9 | ! 10 | -------------------------------------------------------------------------------- /lab-redundant-vpn/quagga-ospfd.V3.conf: -------------------------------------------------------------------------------- 1 | hostname V3 2 | log file /var/log/quagga/ospfd.log 3 | router ospf 4 | ospf router-id 0.0.100.13 5 | redistribute bgp 6 | passive-interface default 7 | no passive-interface eth0 8 | network 192.168.101.0/24 area 0.0.0.0 9 | ! 10 | -------------------------------------------------------------------------------- /lab-redundant-vpn/quagga-ospfd.V4.conf: -------------------------------------------------------------------------------- 1 | hostname V4 2 | log file /var/log/quagga/ospfd.log 3 | router ospf 4 | ospf router-id 0.0.100.14 5 | redistribute bgp 6 | passive-interface default 7 | no passive-interface eth0 8 | network 192.168.101.0/24 area 0.0.0.0 9 | ! 10 | -------------------------------------------------------------------------------- /lab-redundant-vpn/quagga-zebra.R1.conf: -------------------------------------------------------------------------------- 1 | hostname R1 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | -------------------------------------------------------------------------------- /lab-redundant-vpn/quagga-zebra.R2.conf: -------------------------------------------------------------------------------- 1 | hostname R2 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | -------------------------------------------------------------------------------- /lab-redundant-vpn/quagga-zebra.V1.conf: -------------------------------------------------------------------------------- 1 | hostname V1 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | -------------------------------------------------------------------------------- /lab-redundant-vpn/quagga-zebra.V2.conf: -------------------------------------------------------------------------------- 1 | hostname V2 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | -------------------------------------------------------------------------------- /lab-redundant-vpn/quagga-zebra.V3.conf: -------------------------------------------------------------------------------- 1 | hostname V3 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | -------------------------------------------------------------------------------- /lab-redundant-vpn/quagga-zebra.V4.conf: -------------------------------------------------------------------------------- 1 | hostname V4 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | -------------------------------------------------------------------------------- /lab-redundant-vpn/racoon-psk.txt: -------------------------------------------------------------------------------- 1 | 1.1.1.1 racoon 2 | 1.1.1.2 racoon 3 | 1.1.2.1 racoon 4 | 1.1.2.2 racoon 5 | -------------------------------------------------------------------------------- /lab-rfc5549/bgp-frr-bird.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vincentbernat/network-lab/446469e98af0bf02447914d8b9ecd0dbecfa24ef/lab-rfc5549/bgp-frr-bird.pcap -------------------------------------------------------------------------------- /lab-rfc5549/bgp-frr-frr.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vincentbernat/network-lab/446469e98af0bf02447914d8b9ecd0dbecfa24ef/lab-rfc5549/bgp-frr-frr.pcap -------------------------------------------------------------------------------- /lab-rfc5549/bgp-frr-junos.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/vincentbernat/network-lab/446469e98af0bf02447914d8b9ecd0dbecfa24ef/lab-rfc5549/bgp-frr-junos.pcap -------------------------------------------------------------------------------- /lab-rfc5549/bird.bird1.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id 1.1.1.13; 3 | 4 | protocol device { 5 | } 6 | 7 | protocol kernel { 8 | persist; 9 | ipv4 { 10 | import none; 11 | export all; 12 | }; 13 | } 14 | 15 | protocol direct { 16 | ipv4; 17 | interface "eth0"; 18 | } 19 | 20 | protocol bgp spine { 21 | local as 65013; 22 | neighbor fc00::1:1 external; 23 | ipv4 { 24 | import all; 25 | export all; 26 | extended next hop on; 27 | }; 28 | } 29 | 30 | protocol radv { 31 | interface "eth1" { 32 | max ra interval 5; 33 | }; 34 | ipv6; 35 | } 36 | -------------------------------------------------------------------------------- /lab-rfc5549/cumulus1/etc/frr/daemons: -------------------------------------------------------------------------------- 1 | zebra=yes 2 | bgpd=yes 3 | ospfd=no 4 | ospf6d=no 5 | ripd=no 6 | ripngd=no 7 | isisd=no 8 | babeld=no 9 | -------------------------------------------------------------------------------- /lab-rfc5549/cumulus1/etc/frr/frr.conf: -------------------------------------------------------------------------------- 1 | frr defaults datacenter 2 | service integrated-vtysh-config 3 | log syslog informational 4 | 5 | 6 | interface swp2 7 | no ipv6 nd suppress-ra 8 | ipv6 nd ra-interval 3 9 | ! 10 | 11 | router bgp 65011 12 | bgp router-id 1.1.1.11 13 | bgp bestpath as-path multipath-relax 14 | network 192.0.2.0/30 15 | 16 | neighbor swp2 interface remote-as external 17 | neighbor swp2 interface v6only 18 | -------------------------------------------------------------------------------- /lab-rfc5549/cumulus1/etc/network/interfaces: -------------------------------------------------------------------------------- 1 | auto lo 2 | iface lo inet loopback 3 | 4 | auto eth0 5 | iface eth0 inet dhcp 6 | vrf mgmt 7 | 8 | auto mgmt 9 | iface mgmt 10 | address 127.0.0.1/8 11 | vrf-table auto 12 | 13 | auto swp1 14 | iface swp1 15 | address 192.0.2.1/30 16 | 17 | auto swp2 18 | iface swp2 19 | 20 | auto swp3 21 | iface swp3 22 | -------------------------------------------------------------------------------- /lab-rfc5549/cumulus1/run: -------------------------------------------------------------------------------- 1 | ifreload -a 2 | service frr restart 3 | -------------------------------------------------------------------------------- /lab-rfc5549/cumulus2/etc/frr/daemons: -------------------------------------------------------------------------------- 1 | zebra=yes 2 | bgpd=yes 3 | ospfd=no 4 | ospf6d=no 5 | ripd=no 6 | ripngd=no 7 | isisd=no 8 | babeld=no 9 | -------------------------------------------------------------------------------- /lab-rfc5549/cumulus2/etc/frr/frr.conf: -------------------------------------------------------------------------------- 1 | frr defaults datacenter 2 | service integrated-vtysh-config 3 | log syslog informational 4 | 5 | 6 | interface swp2 7 | no ipv6 nd suppress-ra 8 | ipv6 nd ra-interval 3 9 | ! 10 | 11 | router bgp 65012 12 | bgp router-id 1.1.1.12 13 | bgp bestpath as-path multipath-relax 14 | network 192.0.2.4/30 15 | 16 | neighbor swp2 interface remote-as external 17 | neighbor swp2 interface v6only 18 | -------------------------------------------------------------------------------- /lab-rfc5549/cumulus2/etc/network/interfaces: -------------------------------------------------------------------------------- 1 | auto lo 2 | iface lo inet loopback 3 | 4 | auto eth0 5 | iface eth0 inet dhcp 6 | vrf mgmt 7 | 8 | auto mgmt 9 | iface mgmt 10 | address 127.0.0.1/8 11 | vrf-table auto 12 | 13 | auto swp1 14 | iface swp1 15 | address 192.0.2.5/30 16 | 17 | auto swp2 18 | iface swp2 19 | 20 | auto swp3 21 | iface swp3 22 | -------------------------------------------------------------------------------- /lab-rfc5549/cumulus2/run: -------------------------------------------------------------------------------- 1 | ifreload -a 2 | service frr restart 3 | -------------------------------------------------------------------------------- /lab-rfc5549/spine/etc/frr/daemons: -------------------------------------------------------------------------------- 1 | zebra=yes 2 | bgpd=yes 3 | ospfd=no 4 | ospf6d=no 5 | ripd=no 6 | ripngd=no 7 | isisd=no 8 | babeld=no 9 | -------------------------------------------------------------------------------- /lab-rfc5549/spine/etc/network/interfaces: -------------------------------------------------------------------------------- 1 | auto lo 2 | iface lo inet loopback 3 | 4 | auto eth0 5 | iface eth0 inet dhcp 6 | vrf mgmt 7 | 8 | auto mgmt 9 | iface mgmt 10 | address 127.0.0.1/8 11 | vrf-table auto 12 | 13 | auto swp1 14 | iface swp1 15 | 16 | auto swp2 17 | iface swp2 18 | 19 | auto swp3 20 | iface swp3 21 | address fc00::1:1/126 22 | 23 | auto swp4 24 | iface swp4 25 | address fc00::2:1/126 26 | -------------------------------------------------------------------------------- /lab-rfc5549/spine/run: -------------------------------------------------------------------------------- 1 | ifreload -a 2 | service frr restart 3 | -------------------------------------------------------------------------------- /lab-route-cache-ipv6/inject-100.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | 3 | from scapy.all import * 4 | 5 | # Inject 1000 packets 6 | send([IPv6(src=RandIP6("2001:db8:beef:**"), 7 | dst=RandIP6("2001:db8:beef:**"))/ICMPv6EchoRequest()/"12345678"]*1000, inter=0.01) 8 | -------------------------------------------------------------------------------- /lab-routed-vpn-wireguard/bird.Rx.Ry.conf: -------------------------------------------------------------------------------- 1 | bird6.Rx.Ry.conf -------------------------------------------------------------------------------- /lab-routed-vpn-wireguard/bird6.Rx.Ry.conf: -------------------------------------------------------------------------------- 1 | log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug }; 2 | router id 0.0.0.{{ asn }}; 3 | 4 | protocol device { 5 | scan time 10; 6 | } 7 | 8 | protocol kernel { 9 | persist; 10 | import none; 11 | export all; 12 | } 13 | 14 | protocol direct { 15 | interface "*"; 16 | } 17 | 18 | protocol ospf PRIVATE { 19 | ecmp yes; 20 | merge external yes; 21 | import all; 22 | export all; 23 | area 0.0.0.0 { 24 | interface "eth0"; 25 | interface "dummy0" { stub yes; }; 26 | }; 27 | } 28 | -------------------------------------------------------------------------------- /lab-routed-vpn-wireguard/bird6.Vx-y.public.conf: -------------------------------------------------------------------------------- 1 | log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug }; 2 | router id 0.0.{{ asn }}.{{ vpn }}; 3 | 4 | protocol device { 5 | scan time 10; 6 | } 7 | 8 | protocol kernel { 9 | persist; 10 | learn; 11 | import all; 12 | export all; 13 | merge paths yes; 14 | } 15 | 16 | protocol ospf PUBLIC { 17 | ecmp yes; 18 | merge external yes; 19 | import all; 20 | export all; 21 | area 0.0.0.0 { 22 | interface "eth0"; 23 | interface "dummy0" { stub yes; }; 24 | }; 25 | } 26 | -------------------------------------------------------------------------------- /lab-routed-vpn-wireguard/wg.Vx-y.conf: -------------------------------------------------------------------------------- 1 | [Interface] 2 | PrivateKey = {{ privkey }} 3 | ListenPort = {{ 5800 + rmark }} 4 | 5 | [Peer] 6 | PublicKey = {{ pubkey }} 7 | EndPoint = [2001:db8:{{ rasn }}::{{ rvpn }}]:{{ 5800 + lmark }} 8 | AllowedIPs = 0.0.0.0/0,::/0 9 | -------------------------------------------------------------------------------- /lab-routed-vpn/bird.Rx.Ry.conf: -------------------------------------------------------------------------------- 1 | bird6.Rx.Ry.conf -------------------------------------------------------------------------------- /lab-routed-vpn/bird6.Rx.Ry.conf: -------------------------------------------------------------------------------- 1 | log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug }; 2 | router id 0.0.0.{{ asn }}; 3 | 4 | protocol device { 5 | scan time 10; 6 | } 7 | 8 | protocol kernel { 9 | persist; 10 | import none; 11 | export all; 12 | } 13 | 14 | protocol direct { 15 | interface "*"; 16 | } 17 | 18 | protocol ospf PRIVATE { 19 | ecmp yes; 20 | merge external yes; 21 | import all; 22 | export all; 23 | area 0.0.0.0 { 24 | interface "eth0"; 25 | interface "dummy0" { stub yes; }; 26 | }; 27 | } 28 | -------------------------------------------------------------------------------- /lab-routed-vpn/bird6.Vx-y.public.conf: -------------------------------------------------------------------------------- 1 | log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug }; 2 | router id 0.0.{{ asn }}.{{ vpn }}; 3 | 4 | protocol device { 5 | scan time 10; 6 | } 7 | 8 | protocol kernel { 9 | persist; 10 | learn; 11 | import all; 12 | export all; 13 | merge paths yes; 14 | } 15 | 16 | protocol ospf PUBLIC { 17 | ecmp yes; 18 | merge external yes; 19 | import all; 20 | export all; 21 | area 0.0.0.0 { 22 | interface "eth0"; 23 | interface "dummy0" { stub yes; }; 24 | }; 25 | } 26 | -------------------------------------------------------------------------------- /lab-routed-vpn/ipsec.Vx-y.conf: -------------------------------------------------------------------------------- 1 | config setup 2 | 3 | {%- for rasn in range(1,asns+1) if rasn != asn %} 4 | {%- for rvpn in range(1,vpns+1) %} 5 | 6 | conn V{{ rasn }}-{{ rvpn }} 7 | left=2001:db8:{{ asn }}::{{ vpn }} 8 | leftsubnet=::/0,0.0.0.0/0 9 | right=2001:db8:{{ rasn }}::{{ rvpn }} 10 | rightsubnet=::/0,0.0.0.0/0 11 | authby=psk 12 | mark={{ (rasn-1)*vpns + rvpn }} 13 | keyingtries=%forever 14 | auto=route 15 | dpdaction=restart 16 | keyexchange=ikev2 17 | ike=aes256gcm16-prfsha384-ecp384! 18 | esp=aes256gcm16-prfsha384-ecp384! 19 | mobike=no 20 | {%- endfor %} 21 | {%- endfor %} 22 | -------------------------------------------------------------------------------- /lab-routed-vpn/ipsec.Vx-y.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets 2 | {% for rasn in range(1,asns+1) %} 3 | {% for rvpn in range(1,vpns+1) %} 4 | 2001:db8:{{ rasn }}::{{ rvpn }} : PSK "d8bdRxaY22oH1j89Z2nATeYyrXfP9ga6xC5mi0RG1uc" 5 | {% endfor %} 6 | {% endfor %} 7 | -------------------------------------------------------------------------------- /lab-routereflector/nginx.conf: -------------------------------------------------------------------------------- 1 | user www-data; 2 | worker_processes 4; 3 | pid /var/run/nginx.pid; 4 | events { 5 | worker_connections 768; 6 | } 7 | http { 8 | default_type application/octet-stream; 9 | server { 10 | listen 80 default; 11 | root /tmp/nginx/www; 12 | index index.html index.htm; 13 | autoindex on; 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /lab-routes-ipv4/.gitignore: -------------------------------------------------------------------------------- 1 | /latest-bview.gz 2 | /insert-from-bgp.cache 3 | /stats/ 4 | 5 | /*.o 6 | /*.ko 7 | /.tmp* 8 | /*.cmd 9 | /*.mod.c 10 | /*.symvers 11 | /*.order 12 | /.cache.mk 13 | -------------------------------------------------------------------------------- /lab-routes-ipv4/Makefile: -------------------------------------------------------------------------------- 1 | # Kernel module compilation 2 | KDIR = /lib/modules/$(shell uname -r)/build 3 | obj-m += kbench_mod.o 4 | kbench_mod.ko: kbench_mod.c 5 | make -C $(KDIR) M=$(PWD) modules 6 | -------------------------------------------------------------------------------- /lab-routes-ipv4/bench-all-kernel: -------------------------------------------------------------------------------- 1 | ../lab-routes-ipv6/bench-all-kernel -------------------------------------------------------------------------------- /lab-routes-ipv4/insert-from-bgp: -------------------------------------------------------------------------------- 1 | ../common/helpers/lab-routes-ipvX/insert-from-bgp -------------------------------------------------------------------------------- /lab-routes-ipv6/.gitignore: -------------------------------------------------------------------------------- 1 | /latest-bview.gz 2 | /insert-from-bgp.cache 3 | /stats/ 4 | 5 | /*.o 6 | /*.ko 7 | /.tmp* 8 | /*.cmd 9 | /*.mod.c 10 | /*.symvers 11 | /*.order 12 | /.cache.mk 13 | -------------------------------------------------------------------------------- /lab-routes-ipv6/Makefile: -------------------------------------------------------------------------------- 1 | # Kernel module compilation 2 | KDIR = /lib/modules/$(shell uname -r)/build 3 | obj-m += kbench_mod.o 4 | kbench_mod.ko: kbench_mod.c 5 | make -C $(KDIR) M=$(PWD) modules 6 | -------------------------------------------------------------------------------- /lab-routes-ipv6/insert-from-bgp: -------------------------------------------------------------------------------- 1 | ../common/helpers/lab-routes-ipvX/insert-from-bgp -------------------------------------------------------------------------------- /lab-rpfilter-ipv6/radvd.R1.conf: -------------------------------------------------------------------------------- 1 | interface eth0 { 2 | AdvSendAdvert on; 3 | MinRtrAdvInterval 3; 4 | MaxRtrAdvInterval 10; 5 | prefix 2001:db8::/64 { 6 | AdvOnLink on; 7 | AdvAutonomous on; 8 | AdvRouterAddr on; 9 | }; 10 | }; 11 | -------------------------------------------------------------------------------- /lab-rtbh/README.md: -------------------------------------------------------------------------------- 1 | RTBH Filtering 2 | ============== 3 | 4 | This is a very simple lab to test RTBH filtering with Bird. There are 5 | two clients (*C1* and *C2*): 6 | 7 | - *C1* (AS 65001) is pushing routes to blackhole from its edge router using a 8 | special community to its peer. The route is tagged with a special 9 | community. 10 | - *C2* (AS 65002) is pusging routes to blackhole from a dedicated 11 | server using to a dedicated RTBH server. No special community is 12 | needed. 13 | 14 | The edge router for the provider is *P* (AS 65000). The RTBH server is 15 | *RTBH*. 16 | -------------------------------------------------------------------------------- /lab-rtbh/bird/common.conf: -------------------------------------------------------------------------------- 1 | # For each AS, which networks are allowed 2 | function bgp_import(int AS) 3 | prefix set as_prefixes; 4 | { 5 | case AS { 6 | 65001: as_prefixes = [ 2001:db8:f100::/40+ ]; 7 | 65002: as_prefixes = [ 2001:db8:f200::/40+ ]; 8 | else: return false; 9 | } 10 | return (net ~ as_prefixes); 11 | } 12 | -------------------------------------------------------------------------------- /lab-rtbh/bird/kernel.conf: -------------------------------------------------------------------------------- 1 | protocol kernel { 2 | learn; 3 | scan time 60; 4 | import filter import_kernel; 5 | export filter export_kernel; 6 | persist; 7 | device routes; 8 | } 9 | 10 | # connected routes 11 | protocol device { 12 | scan time 5; 13 | } 14 | -------------------------------------------------------------------------------- /lab-rtbh/bird6.C2.conf: -------------------------------------------------------------------------------- 1 | router id 0.0.0.2; 2 | 3 | # Take blackhole routes from table 99 4 | protocol kernel { 5 | learn; 6 | scan time 60; 7 | import all; 8 | export none; 9 | persist; 10 | device routes; 11 | kernel table 99; 12 | } 13 | 14 | filter blackholed_routes { 15 | if (net.len != 64) then reject; 16 | if (dest != RTD_BLACKHOLE) then reject; 17 | accept; 18 | } 19 | 20 | protocol bgp RTBH_65000 { 21 | local as 65002; 22 | neighbor 2001:db8:a3::1 as 65000; 23 | description "RTBH server for AS 65000"; 24 | import none; 25 | export filter blackholed_routes; 26 | multihop; 27 | } 28 | -------------------------------------------------------------------------------- /lab-s2s-vpn/E1/quagga/daemons: -------------------------------------------------------------------------------- 1 | debian=yes 2 | ospfd=yes 3 | zebra=yes 4 | -------------------------------------------------------------------------------- /lab-s2s-vpn/E1/quagga/debian.conf: -------------------------------------------------------------------------------- 1 | # 2 | # If this option is set the /etc/init.d/quagga script automatically loads 3 | # the config via "vtysh -b" when the servers are started. 4 | # Check /etc/pam.d/quagga if you intend to use "vtysh"! 5 | # 6 | vtysh_enable=yes 7 | zebra_options=" --daemon -A 127.0.0.1" 8 | bgpd_options=" --daemon -A 127.0.0.1" 9 | ospfd_options=" --daemon -A 127.0.0.1" 10 | ospf6d_options="--daemon -A ::1" 11 | ripd_options=" --daemon -A 127.0.0.1" 12 | ripngd_options="--daemon -A ::1" 13 | isisd_options=" --daemon -A 127.0.0.1" 14 | -------------------------------------------------------------------------------- /lab-s2s-vpn/E1/quagga/ospfd.conf: -------------------------------------------------------------------------------- 1 | hostname E1 2 | log file /var/log/quagga/ospfd.log 3 | router ospf 4 | ospf router-id 0.0.0.11 5 | default-information originate always 6 | passive-interface default 7 | no passive-interface eth0 8 | no passive-interface eth1 9 | network 203.0.113.0/26 area 0.0.0.0 10 | network 203.0.113.64/26 area 0.0.0.0 11 | ! 12 | -------------------------------------------------------------------------------- /lab-s2s-vpn/E1/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname E1 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | -------------------------------------------------------------------------------- /lab-s2s-vpn/E2/quagga/daemons: -------------------------------------------------------------------------------- 1 | debian=yes 2 | ospfd=yes 3 | zebra=yes 4 | -------------------------------------------------------------------------------- /lab-s2s-vpn/E2/quagga/debian.conf: -------------------------------------------------------------------------------- 1 | # 2 | # If this option is set the /etc/init.d/quagga script automatically loads 3 | # the config via "vtysh -b" when the servers are started. 4 | # Check /etc/pam.d/quagga if you intend to use "vtysh"! 5 | # 6 | vtysh_enable=yes 7 | zebra_options=" --daemon -A 127.0.0.1" 8 | bgpd_options=" --daemon -A 127.0.0.1" 9 | ospfd_options=" --daemon -A 127.0.0.1" 10 | ospf6d_options="--daemon -A ::1" 11 | ripd_options=" --daemon -A 127.0.0.1" 12 | ripngd_options="--daemon -A ::1" 13 | isisd_options=" --daemon -A 127.0.0.1" 14 | -------------------------------------------------------------------------------- /lab-s2s-vpn/E2/quagga/ospfd.conf: -------------------------------------------------------------------------------- 1 | hostname E2 2 | log file /var/log/quagga/ospfd.log 3 | router ospf 4 | ospf router-id 0.0.2.11 5 | default-information originate always 6 | passive-interface default 7 | no passive-interface eth0 8 | no passive-interface eth1 9 | network 198.51.100.0/26 area 0.0.0.0 10 | network 198.51.100.64/26 area 0.0.0.0 11 | ! 12 | -------------------------------------------------------------------------------- /lab-s2s-vpn/E2/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname E2 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | -------------------------------------------------------------------------------- /lab-s2s-vpn/R1/quagga/daemons: -------------------------------------------------------------------------------- 1 | debian=yes 2 | ospfd=yes 3 | zebra=yes 4 | -------------------------------------------------------------------------------- /lab-s2s-vpn/R1/quagga/debian.conf: -------------------------------------------------------------------------------- 1 | # 2 | # If this option is set the /etc/init.d/quagga script automatically loads 3 | # the config via "vtysh -b" when the servers are started. 4 | # Check /etc/pam.d/quagga if you intend to use "vtysh"! 5 | # 6 | vtysh_enable=yes 7 | zebra_options=" --daemon -A 127.0.0.1" 8 | bgpd_options=" --daemon -A 127.0.0.1" 9 | ospfd_options=" --daemon -A 127.0.0.1" 10 | ospf6d_options="--daemon -A ::1" 11 | ripd_options=" --daemon -A 127.0.0.1" 12 | ripngd_options="--daemon -A ::1" 13 | isisd_options=" --daemon -A 127.0.0.1" 14 | -------------------------------------------------------------------------------- /lab-s2s-vpn/R1/quagga/ospfd.conf: -------------------------------------------------------------------------------- 1 | hostname R1 2 | log file /var/log/quagga/ospfd.log 3 | router ospf 4 | ospf router-id 0.0.0.10 5 | passive-interface default 6 | no passive-interface eth0 7 | no passive-interface eth1 8 | network 192.168.1.0/24 area 0.0.0.0 9 | network 192.168.2.0/24 area 0.0.0.0 10 | network 192.168.15.0/24 area 0.0.0.0 11 | ! 12 | -------------------------------------------------------------------------------- /lab-s2s-vpn/R1/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname R1 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | -------------------------------------------------------------------------------- /lab-s2s-vpn/R2/quagga/daemons: -------------------------------------------------------------------------------- 1 | debian=yes 2 | ospfd=yes 3 | zebra=yes 4 | -------------------------------------------------------------------------------- /lab-s2s-vpn/R2/quagga/debian.conf: -------------------------------------------------------------------------------- 1 | # 2 | # If this option is set the /etc/init.d/quagga script automatically loads 3 | # the config via "vtysh -b" when the servers are started. 4 | # Check /etc/pam.d/quagga if you intend to use "vtysh"! 5 | # 6 | vtysh_enable=yes 7 | zebra_options=" --daemon -A 127.0.0.1" 8 | bgpd_options=" --daemon -A 127.0.0.1" 9 | ospfd_options=" --daemon -A 127.0.0.1" 10 | ospf6d_options="--daemon -A ::1" 11 | ripd_options=" --daemon -A 127.0.0.1" 12 | ripngd_options="--daemon -A ::1" 13 | isisd_options=" --daemon -A 127.0.0.1" 14 | -------------------------------------------------------------------------------- /lab-s2s-vpn/R2/quagga/ospfd.conf: -------------------------------------------------------------------------------- 1 | hostname R2 2 | log file /var/log/quagga/ospfd.log 3 | router ospf 4 | ospf router-id 0.0.2.10 5 | passive-interface default 6 | no passive-interface eth0 7 | no passive-interface eth1 8 | network 192.168.101.0/24 area 0.0.0.0 9 | network 192.168.102.0/24 area 0.0.0.0 10 | network 192.168.115.0/24 area 0.0.0.0 11 | ! 12 | -------------------------------------------------------------------------------- /lab-s2s-vpn/R2/quagga/zebra.conf: -------------------------------------------------------------------------------- 1 | hostname R2 2 | log file /var/log/quagga/zebra.log 3 | ip forwarding 4 | -------------------------------------------------------------------------------- /lab-s2s-vpn/README: -------------------------------------------------------------------------------- 1 | This lab is explained here: 2 | https://vincent.bernat.ch/en/blog/2011-lab-site-to-site-vpn 3 | -------------------------------------------------------------------------------- /lab-s2s-vpn/V1/racoon/racoon.conf: -------------------------------------------------------------------------------- 1 | path pre_shared_key "/etc/racoon/psk.txt"; 2 | listen { 3 | adminsock "/var/run/racoon/racoon.sock" "root" "operator" 0660; 4 | } 5 | remote 198.51.100.150 { 6 | exchange_mode main; 7 | proposal { 8 | encryption_algorithm aes; 9 | hash_algorithm sha1; 10 | authentication_method pre_shared_key; 11 | dh_group 2; 12 | } 13 | proposal_check strict; 14 | initial_contact on; 15 | } 16 | sainfo anonymous { 17 | pfs_group 2; 18 | encryption_algorithm aes; 19 | authentication_algorithm hmac_sha1; 20 | compression_algorithm deflate; 21 | } 22 | -------------------------------------------------------------------------------- /lab-s2s-vpn/V2/racoon/racoon.conf: -------------------------------------------------------------------------------- 1 | path pre_shared_key "/etc/racoon/psk.txt"; 2 | listen { 3 | adminsock "/var/run/racoon/racoon.sock" "root" "operator" 0660; 4 | } 5 | remote 203.0.113.150 { 6 | exchange_mode main; 7 | proposal { 8 | encryption_algorithm aes; 9 | hash_algorithm sha1; 10 | authentication_method pre_shared_key; 11 | dh_group 2; 12 | } 13 | proposal_check strict; 14 | initial_contact on; 15 | } 16 | sainfo anonymous { 17 | pfs_group 2; 18 | encryption_algorithm aes; 19 | authentication_algorithm hmac_sha1; 20 | compression_algorithm deflate; 21 | } 22 | -------------------------------------------------------------------------------- /lab-s2s-vpn/quagga-debian.conf: -------------------------------------------------------------------------------- 1 | # 2 | # If this option is set the /etc/init.d/quagga script automatically loads 3 | # the config via "vtysh -b" when the servers are started. 4 | # Check /etc/pam.d/quagga if you intend to use "vtysh"! 5 | # 6 | vtysh_enable=yes 7 | zebra_options=" --daemon -A 127.0.0.1" 8 | bgpd_options=" --daemon -A 127.0.0.1" 9 | ospfd_options=" --daemon -A 127.0.0.1" 10 | ospf6d_options="--daemon -A ::1" 11 | ripd_options=" --daemon -A 127.0.0.1" 12 | ripngd_options="--daemon -A ::1" 13 | isisd_options=" --daemon -A 127.0.0.1" 14 | -------------------------------------------------------------------------------- /lab-s2s-vpn/racoon-psk.txt: -------------------------------------------------------------------------------- 1 | 198.51.100.150 racoon 2 | 203.0.113.150 racoon 3 | -------------------------------------------------------------------------------- /lab-sonic/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | # Which VM to spawn 7 | spawn sonic sonic networks 1,2,3,4 8 | 9 | run 10 | -------------------------------------------------------------------------------- /lab-switchdev/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | spawn vm H1 network 1 7 | spawn vm H2 network 2 8 | spawn vm SW network rocker1,rocker2,rocker3,rocker4 9 | 10 | run 11 | 12 | case $uts in 13 | SW) 14 | sysctl -qw net.ipv6.conf.all.forwarding=1 15 | sysctl -qw net.ipv4.conf.all.forwarding=1 16 | ip addr add 192.168.1.1/24 dev eth0 17 | ip addr add 192.168.2.1/24 dev eth1 18 | ;; 19 | H*) 20 | ip addr add 192.168.${uts#H}.10/24 dev eth0 21 | ip route add default via 192.168.${uts#H}.1 22 | ;; 23 | esac 24 | -------------------------------------------------------------------------------- /lab-teamd-activebackup/.gitignore: -------------------------------------------------------------------------------- 1 | /*.o 2 | /*.ko 3 | /.tmp* 4 | /*.cmd 5 | /*.mod.c 6 | /*.symvers 7 | /*.order 8 | /.cache.mk 9 | -------------------------------------------------------------------------------- /lab-teamd-activebackup/Makefile: -------------------------------------------------------------------------------- 1 | # Kernel module compilation 2 | KDIR = /lib/modules/$(shell uname -r)/build 3 | obj-m += livepatch-teamd-ab.o 4 | livepatch-teamd-ab.ko: livepatch-teamd-ab.c 5 | make -C $(KDIR) M=$(PWD) modules 6 | -------------------------------------------------------------------------------- /lab-templates/.gitignore: -------------------------------------------------------------------------------- 1 | /template-outside.conf 2 | /template-inside.conf 3 | -------------------------------------------------------------------------------- /lab-templates/setup: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | cd "$(dirname "$(readlink -f "$0")")" 4 | . ../common/lab-setup 5 | 6 | # Executed outside VM 7 | onhost template template.j2 template-outside.conf message="'$(uname -n)'" 8 | 9 | # Spawn 1 VM 10 | spawn vm linux network 1 11 | 12 | run 13 | 14 | # Inside the VM 15 | template template.j2 template-inside.conf message="'$(uname -n)'" 16 | -------------------------------------------------------------------------------- /lab-templates/template.j2: -------------------------------------------------------------------------------- 1 | I am running on host "{{ message }}" 2 | -------------------------------------------------------------------------------- /lab-vti-pmtud/ipsec.conf: -------------------------------------------------------------------------------- 1 | config setup 2 | 3 | conn V1-V2 4 | left=203.0.113.10 5 | leftsubnet=0.0.0.0/0 6 | right=203.0.113.19 7 | rightsubnet=0.0.0.0/0 8 | authby=psk 9 | mark=5 10 | keyingtries=%forever 11 | auto=route 12 | dpdaction=restart 13 | keyexchange=ikev2 14 | ike=aes256gcm16-prfsha384-ecp384! 15 | esp=aes256gcm16-prfsha384-ecp384! 16 | mobike=no 17 | -------------------------------------------------------------------------------- /lab-vti-pmtud/ipsec.secrets: -------------------------------------------------------------------------------- 1 | : PSK "lyiQCTthRoENFZIFRcxYTemuP4GP1k" 2 | -------------------------------------------------------------------------------- /lab-vxlan/bird.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | router id from "dummy0"; 3 | protocol device { 4 | scan time 10; 5 | } 6 | protocol kernel { 7 | persist; 8 | import all; 9 | export all; 10 | } 11 | 12 | protocol ospf INTERNAL { 13 | import all; 14 | export all; 15 | ecmp yes; 16 | area 0.0.0.0 { 17 | interface "eth*"; 18 | interface "dummy0" { 19 | stub yes; 20 | }; 21 | }; 22 | } 23 | -------------------------------------------------------------------------------- /lab-vxlan/bird6.RR.conf: -------------------------------------------------------------------------------- 1 | include "bird6.conf"; 2 | router id 203.0.113.254; 3 | -------------------------------------------------------------------------------- /lab-vxlan/bird6.S1.conf: -------------------------------------------------------------------------------- 1 | include "bird6.conf"; 2 | router id 203.0.113.1; 3 | -------------------------------------------------------------------------------- /lab-vxlan/bird6.S2.conf: -------------------------------------------------------------------------------- 1 | include "bird6.conf"; 2 | router id 203.0.113.2; 3 | -------------------------------------------------------------------------------- /lab-vxlan/bird6.S3.conf: -------------------------------------------------------------------------------- 1 | include "bird6.conf"; 2 | router id 203.0.113.3; 3 | -------------------------------------------------------------------------------- /lab-vxlan/bird6.SN1.conf: -------------------------------------------------------------------------------- 1 | include "bird6.conf"; 2 | router id 203.0.113.98; 3 | -------------------------------------------------------------------------------- /lab-vxlan/bird6.SN2.conf: -------------------------------------------------------------------------------- 1 | include "bird6.conf"; 2 | router id 203.0.113.99; 3 | -------------------------------------------------------------------------------- /lab-vxlan/bird6.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird6.log" all; 2 | protocol device { 3 | scan time 10; 4 | } 5 | protocol kernel { 6 | persist; 7 | import all; 8 | export all; 9 | } 10 | 11 | protocol ospf INTERNAL { 12 | import all; 13 | export all; 14 | ecmp yes; 15 | area 0.0.0.0 { 16 | interface "eth*"; 17 | interface "dummy0" { 18 | stub yes; 19 | }; 20 | }; 21 | } 22 | -------------------------------------------------------------------------------- /lab-vxlan/gobgpd.yaml: -------------------------------------------------------------------------------- 1 | global: 2 | config: 3 | as: 65000 4 | router-id: 203.0.113.254 5 | local-address-list: 6 | - 203.0.113.254 7 | peer-groups: 8 | - config: 9 | peer-group-name: rr-client 10 | peer-as: 65000 11 | afi-safis: 12 | - config: 13 | afi-safi-name: l2vpn-evpn 14 | route-reflector: 15 | config: 16 | route-reflector-client: true 17 | route-reflector-cluster-id: 203.0.113.254 18 | dynamic-neighbors: 19 | - config: 20 | peer-group: rr-client 21 | prefix: 203.0.113.0/24 22 | -------------------------------------------------------------------------------- /lab-vxlan/quagga-bgpd.RR.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/bgpd.log 2 | ! 3 | router bgp 65000 4 | bgp router-id 203.0.113.254 5 | bgp cluster-id 203.0.113.254 6 | bgp log-neighbor-changes 7 | no bgp default ipv4-unicast 8 | neighbor fabric peer-group 9 | neighbor fabric remote-as 65000 10 | neighbor fabric capability extended-nexthop 11 | neighbor fabric update-source dummy0 12 | bgp listen range 203.0.113.0/24 peer-group fabric 13 | ! 14 | address-family evpn 15 | neighbor fabric activate 16 | neighbor fabric route-reflector-client 17 | exit-address-family 18 | ! 19 | ! 20 | -------------------------------------------------------------------------------- /lab-vxlan/quagga-bgpd.S1.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/bgpd.log 2 | ! 3 | router bgp 65000 4 | bgp router-id 203.0.113.1 5 | bgp bestpath as-path multipath-relax 6 | no bgp default ipv4-unicast 7 | neighbor fabric peer-group 8 | neighbor fabric remote-as 65000 9 | neighbor fabric capability extended-nexthop 10 | neighbor fabric update-source dummy0 11 | neighbor 203.0.113.254 peer-group fabric 12 | ! 13 | !address-family evpn 14 | ! neighbor fabric activate 15 | ! advertise-all-vni 16 | !exit-address-family 17 | ! frr: 18 | address-family l2vpn evpn 19 | neighbor fabric activate 20 | advertise-all-vni 21 | exit-address-family 22 | ! 23 | ! 24 | -------------------------------------------------------------------------------- /lab-vxlan/quagga-bgpd.S3.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/bgpd.log 2 | ! 3 | router bgp 65000 4 | bgp router-id 203.0.113.3 5 | bgp bestpath as-path multipath-relax 6 | no bgp default ipv4-unicast 7 | neighbor fabric peer-group 8 | neighbor fabric remote-as 65000 9 | neighbor fabric capability extended-nexthop 10 | neighbor fabric update-source dummy0 11 | neighbor 203.0.113.254 peer-group fabric 12 | ! 13 | address-family evpn 14 | neighbor fabric activate 15 | advertise-all-vni 16 | exit-address-family 17 | ! frr: 18 | !address-family l2vpn evpn 19 | ! neighbor fabric activate 20 | ! advertise-all-vni 21 | !exit-address-family 22 | ! 23 | ! 24 | -------------------------------------------------------------------------------- /lab-vxlan/quagga-zebra.RR.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/zebra.log 2 | -------------------------------------------------------------------------------- /lab-vxlan/quagga-zebra.S1.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/zebra.log 2 | debug zebra vxlan 3 | ! 4 | interface dummy0 5 | ! 6 | interface eth0 7 | ! 8 | interface eth1 9 | ! 10 | interface eth0.100 11 | ! 12 | interface eth1.100 13 | ! 14 | interface eth0.200 15 | ! 16 | interface eth1.200 17 | ! 18 | -------------------------------------------------------------------------------- /lab-vxlan/quagga-zebra.S2.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/zebra.log 2 | debug zebra vxlan 3 | ! 4 | interface dummy0 5 | ! 6 | interface eth0 7 | ! 8 | interface eth1 9 | ! 10 | interface eth0.100 11 | ! 12 | interface eth1.100 13 | ! 14 | interface eth0.200 15 | ! 16 | interface eth1.200 17 | ! 18 | -------------------------------------------------------------------------------- /lab-vxlan/quagga-zebra.S3.conf: -------------------------------------------------------------------------------- 1 | log file /var/log/quagga/zebra.log 2 | debug zebra vxlan 3 | ! 4 | interface dummy0 5 | ! 6 | interface eth0 7 | ! 8 | interface eth1 9 | ! 10 | interface eth0.100 11 | ! 12 | interface eth1.100 13 | ! 14 | interface eth0.200 15 | ! 16 | interface eth1.200 17 | ! 18 | -------------------------------------------------------------------------------- /non-working/lab-bgp-ospf-unnumbered/bird-common.conf: -------------------------------------------------------------------------------- 1 | log "/var/log/bird.log" all; 2 | 3 | # debug protocols all; 4 | 5 | protocol device { 6 | scan time 10; 7 | } 8 | 9 | protocol kernel { 10 | persist; 11 | learn; 12 | import all; 13 | export all; 14 | merge paths yes; 15 | } 16 | 17 | protocol direct { 18 | interface "*"; 19 | } 20 | 21 | protocol ospf CORE { 22 | import all; 23 | export all; 24 | ecmp yes; 25 | area 0.0.0.0 { 26 | interface "eth*.*" { 27 | stub no; 28 | type ptp; 29 | }; 30 | interface "vlan*" { 31 | stub no; 32 | type ptp; 33 | }; 34 | }; 35 | } 36 | -------------------------------------------------------------------------------- /non-working/lab-bgp-ospf-unnumbered/bird.H1.conf: -------------------------------------------------------------------------------- 1 | router id 100.64.0.1; 2 | include "bird-common.conf"; 3 | -------------------------------------------------------------------------------- /non-working/lab-bgp-ospf-unnumbered/bird.H2.conf: -------------------------------------------------------------------------------- 1 | router id 100.64.0.2; 2 | include "bird-common.conf"; 3 | -------------------------------------------------------------------------------- /non-working/lab-bgp-ospf-unnumbered/bird.H3.conf: -------------------------------------------------------------------------------- 1 | router id 100.64.0.3; 2 | include "bird-common.conf"; 3 | -------------------------------------------------------------------------------- /non-working/lab-bgp-ospf-unnumbered/bird.H4.conf: -------------------------------------------------------------------------------- 1 | router id 100.64.0.4; 2 | include "bird-common.conf"; 3 | -------------------------------------------------------------------------------- /non-working/lab-bgp-ospf-unnumbered/bird.T11.conf: -------------------------------------------------------------------------------- 1 | router id 100.64.0.11; 2 | include "bird-common.conf"; 3 | -------------------------------------------------------------------------------- /non-working/lab-bgp-ospf-unnumbered/bird.T12.conf: -------------------------------------------------------------------------------- 1 | router id 100.64.0.12; 2 | include "bird-common.conf"; 3 | -------------------------------------------------------------------------------- /non-working/lab-bgp-ospf-unnumbered/bird.T21.conf: -------------------------------------------------------------------------------- 1 | router id 100.64.0.21; 2 | include "bird-common.conf"; 3 | -------------------------------------------------------------------------------- /non-working/lab-bgp-ospf-unnumbered/bird.T22.conf: -------------------------------------------------------------------------------- 1 | router id 100.64.0.22; 2 | include "bird-common.conf"; 3 | --------------------------------------------------------------------------------