Linux Wireless Access Point HOWTO

Chapter 7. Configuring Routing

7.1 Overview of Routing

In this chapter we configure our Access Point to route TCP/IP traffic between the networks it can see. In order to route traffic across the wireless network NZ-Wireless, like many other wireless groups, has chosen to use the ZEBRA package and OSPFD (which is included in the ZEBRA package.) OSPFD and ZEBRA allow Access Points on the wireless network to automatically set up routes between adjacent networks.

A more in-depth guide to configuring ZEBRA and OSPF can be found in section 17.1 of the Linux Advanced Routing and Traffic Control HOWTO

If you didn't select the ZEBRA package to be installed back in Chapter 3 you will need to download and install it now.

This is my first attempt at configuring ZEBRA and OSPFD and I have no way to test that my configuration actually works as I don't have access to another Access Point to connect to. This configuration may therefore need some tweaking.

7.2 Configuring ZEBRA

ZEBRA is a routing manager daemon. It interfaces between the Linux kernel and routing modules, such as OSPF. ZEBRA has a command line interface reminiscent of Cisco IOS that listens on port 2601. The command line interface can be used for management, configuration and reporting. All configuration changes made through the command line interface can be saved to ZZEBRAs configuration file, /etc/zebra/zebra.conf. To set ZEBRA up in the first instance, we will cut to the chase and edit this file directly. For more information on configuration options refer to the zebra manpage

As in other chapters, here is a sample configuration file that you can modify for your own use using the embedded comments (indicated in this case by lines beginning with "!") as a guide.

!
! Example /etc/zebra/zebra.conf configuration file
!
! Change the hostname to the name of your Access Point
hostname accesspoint

! Set both of these passwords
password kiwifi
enable password k1w1f1

! Turn off welcome messages
no banner motd

! Interface definitions

! Loopback
interface lo
    description loopback interface

! Wired interface
interface eth0
    description wired interface

! Set this to the IP address and mask that your Access Point uses on your wired network
    ip address 192.168.5.6/24

! Wireless interface
interface wlan0
    description wireless interface

! Set this to the IP address of your Access Point uses on your wireless network, using
! the network allocation from your wireless administrator (10.x.x.1/24)
    ip address 10.1.2.1/24

! Don't send out routing information to uninterested wireless client systems.
    multicast

! Create an access list that allows access from localhost and nowhere else
access-list access permit 127.0.0.1/32
access-list access deny any

! Enable access control on the command-line interface
line vty
    access-class access

! Enable a static route. Set this to the router on your wired network
ip route 0.0.0.0/0 192.168.5.1

! Enable logging
log file /var/log/zebra/zebra.log

7.3 Configuring OSPFD

OSPFD is a ZEBRA module that handles Open Shortest Path First v2 routing. Like ZEBRA it has a command line interface listening on a TCP port - in this case 2604. Also like ZEBRA this interface can be used for management, configuration and reporting. OSPFD keeps it's configuration file in /etc/zebra/ospfd.conf which will will edit directly to save time. For more information on OSPFD refer to the ospfd manpage

As in other chapters, here is a sample configuration file that you can modify for your use using the embedded comments (indicated in this case by lines beginning with "!") as a guide.

!
! Example /etc/zebra/ospfd.conf configuration file
!
! Change the hostname to the name of your Access Point
hostname accesspoint

! Set both of these passwords
password kiwifi
enable password k1w1f1

! Turn off welcome messages
no banner motd

! Create an access list that allows access from localhost and nowhere else
access-list access permit 127.0.0.1/32
access-list access deny any

! Enable access control on the command-line interface
line vty
    access-class access

! Use authentication key for Access Point to Access Point communication
interface wlan0
    ip ospf authentication-key kiwifi

! Enable routing for the entire wireless network
router ospf
    network 10.0.0.0/8 area 0

! Set the router ID to the IP address of WLAN0
    ospf router-id 10.1.2.1

! Enable authentication on the wireless network
    area 0 authentication

! Enable RFC-1583 compatibility to avoid routing loops
    compatible rfc1583

! Enable logging
log file /var/log/zebra/ospfd.log

7.4 Accessing the ZEBRA and OSPFD configuration interfaces

As previously mentioned, ZEBRA and OSPFD each have a command line interface that can be used for configuration, management and reporting. In this section we will learn how to access these interfaces.

The ZEBRA and OSPFD command line interfaces use TCP ports 2601 and 2604 respectively. To access ZEBRA we use the following command;

[root@accesspoint root]# telnet localhost zebra

To access OSPFD we use this command;

[root@accesspoint root]# telnet localhost ospfd

For both interfaces you will be prompted for a password. This will be the first password that you entered into the configuration file. the second password is used with the enable command for privileged access if you wish to make alterations.

The command line interface contains a help system. This is accessible by typing "help" or by typing the "?" character at the end of a partially completed command. Below is dump of an example ZEBRA command line interface session. Shown in red are the commands I entered which are not shown by the interface;

[root@accesspoint root]# telnet localhost zebra
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.

User Access Verification

Password:kiwifi
accesspoint>?
   enable        Turn on privileged mode command
   exit            Exit current mode and down to previous mode
   help           Description of the interactive help system
   list             Print command list
   quit            Exit current mode and down to previous mode
   show          Show running system information
   terminal    Set terminal line parameters
   who           Display who is on vty
accesspoint> exit
Connection closed by foreign host.
[root@accesspoint root]#

Note in the above example that the ZEBRA daemon provides us with a prompt which appears as accesspoint> This will be set to whatever you chose for the hostname variable in the configuration file above in section 7.2. and the same applies for the OSPFD hostname value set in section 7.3. These prompts indicates to us that we are interacting with the ZEBRA or OPSFD daemons rather than the Linux shell.

Both interfaces have different capabilities and can show us different types of information, some of which are outlined in the next section.

7.5 Testing ZEBRA and OSPFD

In this section we will check the OSPF configuration and the status of our routes. First we connect to the OSPFD daemon using the command in the previous section and enter the following command to it. Note that the prompt in this example is different to when we are at the command shell. This is to show us that we are connected to the daemon;

accesspoint> show ip ospf

Which should show output similar to the following;

OSPF Routing Process, Router ID: 0.0.0.0
Supports only single TOS (TOS0) routes
This implementation conforms to RFC2328
RFC1583Compatibility flag is enabled
OpaqueCapability flag is disabled
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Refresh timer 10 secs
Number of external LSA 0
Number of areas attached to this router: 1

Area ID: 0.0.0.0 (Backbone)
Number of interfaces in this area: Total: 0, Active: 0
Number of fully adjacent neighbors in this area: 0
Area has no authentication
SPF algorithm executed 0 times
Number of LSA 0

If instead you get the result % Unknown command you have connected to the wrong daemon.

Next we check the status of our routes by querying the ZEBRA daemon.

THIS SECTION TO BE COMPLETED

Include "show ip route" "show ip route ospf" mention ping, mention route.

7.6 Enabling Zebra and OSPFD from startup

As we did with DHCPD and DNS, we need to turn on ZEBRA and OSPFD from boot using the setup utility. We add ZEBRA and OSPFD to our list of services that should start at boot time by adding an asterix beside their entries in the System services menu of setup as described in section 3.3

Home