EtherChannel,VRRP, DHCP, OSPF Configuration - Cisco, Vyatta, Microcore

The tutorial shows EtherChanel, VRRP, DHCP and OSPF configuration on Cisco, Vyatta and Microcore Linux.  A campus network (look at figure 1) is created with Access and Distribution layer. Instead of Layer 2 switches in Access layer there is Cisco Router 3725  occupied with NM-16SW module in this layer and Cisco  is emulated by Dynamips. The Access Layer is L2 type and OSPF  routing protocol is running between in Access and Distribution layer. Vyatta Core 6.1 router and Microcore 3.4.1 Linux router are placed in a Distribution Layer and are emulated by Qemu. Both Dynamips and Qemu emulators are controlled  by GNS3 network simulator.

Bonding - is known as an EtherChannel in Cisco terminology and it is aggregation  of several network interfaces to single logical interface.  If the physical links are Layer2 links (STP is running over  these links)  either none of  physical links is  blocked by STP (Spanning Tree Protocol) or all  the links in bundle are blocked because STP treats  all the links like a single logical link. If one of the links in bundle fails, traffic is sent through another link. Bonding brings redundancy and increase an available bandwidth using load-balance of  a traffic over bundled inks. Bonding can be set manually or can been negotiated using 802.3ad – Link Aggregation Control Protocol.

Unlike Cisco switches, Cisco 3725 router can't negotiate Etherchannel using LACP or PAgP protocol therefore the ports in bundle have to be configured  as static members of bundle (mode on) without possibility to act as the normal ethernet ports in a case of unsuccessful negotiation of bundle with an opposite side.   The link between Vyatta and Microcore (interface bond0) is configured to negotiate  bundle using  LACP (802.3ad) protocol.

Figure 1 Distribution and Access Layer of Campus network - click  image to enlarge

VRRP  stands for Virtual Router Redundancy protocol.  You can read more about VRRP on Wiki.  I have showed some basic VRRP configuration on Vyatta and Microcore. Microcore Linux router is Master because its priority is 150 and higher than Vyatta's priority 120 therefore traffic from PC1 and PC2 will go through  bond1 interface. If bond1 interface on Microcore fails, Vyatta will take responsibility for traffic forwarding and transit from Backup role to Master.  This transitions is shown in point 11 of video.

OSPF for backbone area 0 is configured on all Distribution and Access layer devices. Quagga 0.99.17 routing software is installed on Microcore 3.4.1 Linux and for OSPF configuration you need to telnet to OSPF daemon which is running on port 2604.

Microcore Linux router acts as DHCP server for PCs connected to NM-16SW module. PCs receive IP address, subnet mask, IP address of default gateway and domain name from DHCP server.  Default gateway IP address is 192.168.2.254 and it is a virtual IP address of VRRP group 1. Thanks to VRRP  configuration on Vyatta and Microcore  hosts connected to NM-16SW module on Cisco 3725 are always capable of reaching default gateway IP address.

1. Configuration on Microcore Router

1.1 /EtherChannel/ Bonding Configuration

Linux Microcore 3.4.1 supports bonding loaded as a module to kernel. Links are bonded to bundle with ifenslave control utility. They are several bonding modes you can read more about them here.

sudo su
vi /etc/modprobe.conf

#/etc/modprobe.conf: Modprobe config file.
alias bond0 bonding
options bonding mode=4 miimon=100 max_bonds=3
alias bond1 bonding
options bonding mode=0 miimon=100 max_bonds=3

echo "modprobe bond0" >> /opt/bootlocal.sh
echo "modprobe bond1" >> /opt/bootlocal.sh
echo "/etc/modprobe.conf" >> /opt/.filetool.lst

a) Create configuration  script Ethernet and Bonding interfaces

vi /usr/local/bin/bonding.sh

ifconfig eth0 down    # putting down the eth0 interface
ifconfig eth1 down
ifconfig eth2 down
ifconfig eth3 down

ifconfig bond0 hw ether 00:10:00:10:00:10    # changing the MAC address of the bond0 interface
ifconfig bond1 hw ether 00:11:00:11:00:11

ifconfig bond0 192.168.1.1 netmask 255.255.255.252 up    # assign IP address the bond0
ifconfig bond1 192.168.1.5 netmask 255.255.255.252 up

ifenslave bond0 eth0    # putting the eth0 interface in the slave mod for bond0
ifenslave bond0 eth1    # putting the eth1 interface in the slave mod for bond0
ifenslave bond1 eth2
ifenslave bond1 eth3

echo "usr/local/bin/bonding.sh" >> /opt/bootlocal.sh
echo "usr/local/bin/bonding.sh" >> /opt/.filetool.lst

/usr/bin/filetool.sh -b

b) Create restart script for bond interfaces

vi /usr/local/bin/bonding-restart.sh

sudo ifconfig bond0 down
sudo ifconfig bond1 down
sudo rmmod bonding
sudo modprobe bond0
sudo modprobe bond1
sudo /usr/local/bin/bonding.sh

echo "usr/local/bin/bonding-restart.sh" >> /opt/.filetool.lst
/usr/bin/filetool.sh  -b

1.2 DHCP Server Configuration on Microcore

sudo mkdir /etc/udhcpd/
echo "/etc/udhcpd/" >> /opt/.filetool.lst

sudo touch /etc/udhcdpd/udhcpd-bond1.leases

sudo vi /etc/udhcdpd/udhcpd-bond1.conf

start 192.168.2.0
end 192.168.2.249
interface bond1
lease_file /etc/udhcpd/udhcpd-bond1.leases
pidfile    /var/run/udhcpd-bond1.pid
option  dns 192.168.2.254
option  subnet  255.255.255.0
option  router  192.168.2.254
option  domain  microcore.linux.eu

echo "/usr/sbin/udhcpd  /etc/udhcpd/udhcpd-bond1.conf" >> /opt/bootlocal.sh
/usr/bin/filetool.sh -b

1.3 VRRP Configuration on Microcore

sudo su
vi /usr/local/etc/keepalived/keepalived.conf

vrrp_instance VI_1  {
state MASTER
interface bond1
virtual_router_id 1
priority 150
virtual_ipaddress {
192.168.2.254/24 brd 192.168.2.255 dev bond1

VRRP daemon must be restarted  after each change in  keepalived.conf file.

sudo /usr/local/sbin/keepalived-restart.sh

Configuration changes in keepalived.conf must be saved with /opt/filetool.sh -b.

/usr/bin/filetool.sh -b

1.4 OSPF Configuration on Microcore

a) Login to ospfd daemon

telnet localhost 2604

Entering character mode
Escape character is '^]'.

Hello, this is Quagga (version 0.99.17).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

User Access Verification

Password: quagga

box> enable
box# conf t
box(config)# router ospf
box(config-router)# network 192.168.1.0/30 area 0
box(config-router)# network 192.168.2.0/24 area 0
box(config-router)# exit
box(config)# do write
Configuration saved to /usr/local/etc/quagga/ospfd.conf
box(config)# exit

Exit from Quagga daemon and save ospf configuration:

/usr/bin/filetool.sh -b

2. Configuration on Vyatta Router

vyatta@Vyatta:~$ show configuration

interfaces {
bonding bond0 {
address 192.168.1.2/30
description Link_to_Microcore
mode 802.3ad
}
bonding bond1 {
address 192.168.2.251/24
description Link_to_Cisco
mode round-robin
vrrp {
vrrp-group 1 {
advertise-interval 1
preempt true
priority 120
virtual-address 192.168.2.254
}
}
}
ethernet eth0 {
bond-group bond0
duplex auto
smp_affinity auto
speed auto
}
ethernet eth1 {
bond-group bond0
duplex auto
smp_affinity auto
speed auto
}
ethernet eth2 {
bond-group bond1
duplex full
smp_affinity auto
speed 100
}
ethernet eth3 {
bond-group bond1
duplex full
smp_affinity auto
speed 100
}
}
protocols {
ospf {
area 0 {
network 192.168.1.0/30
network 192.168.2.0/24
}
}
}
service {
lldp {
legacy-protocols {
cdp
}
}
}

3. Configuration on Cisco 3725 with NMS-16SW module

Cisco#show running-config

Current configuration : 1939 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
multilink bundle-name authenticated
!
!
archive
log config
hidekeys
!
!
interface Port-channel1
description Link to Vyatta
switchport trunk allowed vlan 1,1002-1005
switchport mode trunk
duplex full
!
interface Port-channel2
description Link to Microcore
switchport trunk allowed vlan 1,1002-1005
switchport mode trunk
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
switchport trunk allowed vlan 1,1002-1005
switchport mode trunk
duplex full
speed 100
channel-group 1 mode on
!
interface FastEthernet1/1
switchport trunk allowed vlan 1,1002-1005
switchport mode trunk
duplex full
speed 100
channel-group 1 mode on
!
interface FastEthernet1/2
switchport trunk allowed vlan 1,1002-1005
switchport mode trunk
channel-group 2 mode on
!
interface FastEthernet1/3
switchport trunk allowed vlan 1,1002-1005
switchport mode trunk
channel-group 2 mode on
!
interface FastEthernet1/4
!
interface FastEthernet1/5
!
interface FastEthernet1/6
!
interface FastEthernet1/7
!
interface FastEthernet1/8
!
interface FastEthernet1/9
!
interface FastEthernet1/10
!
interface FastEthernet1/11
!
interface FastEthernet1/12
!
interface FastEthernet1/13
!
interface FastEthernet1/14
!
interface FastEthernet1/15
!
interface Vlan1
ip address 192.168.2.253 255.255.255.0
!
router ospf 10
log-adjacency-changes
network 192.168.2.0 0.0.0.255 area 0
!
ip forward-protocol nd
!
!
ip http server
no ip http secure-server
!
!
!
control-plane
!
line con 0
line aux 0
line vty 0 4
login
!
!
end

Here is a video that shows functionality of network configuration.  

Used links:
http://www.krisbuytaert.be/blog/taxonomy/term/483

3 thoughts on “EtherChannel,VRRP, DHCP, OSPF Configuration - Cisco, Vyatta, Microcore

  1. Hi, I see instructions here to make QEMU guest configurations persistent while GNS3 in running on a Linux host. Is there a way to make QEMU guest node configurations (i.e. IP add, mask, G/W) persistent across QEMU reloads in WIN-XP?

    Also a somewhat unrelated question - I was trying to register with the GNS3 forum and was presented with an anti-Spam tool question: What can emulate GNS3? . What would be the correct answer to that question? Sorry for posting this here. Many thanks. Massoud

    1. Is there a way to make QEMU guest node configurations (i.e. IP add, mask, G/W) persistent across QEMU reloads in WIN-XP?

      It is the same as with Linux host.

      What can emulate GNS3?

      GNS3 itelf can't emulate anything, it's just front-end for Dynamips, Qemu, Pemu, VirtualBox.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.