How To Install and Run BGP Daemon on a Bare Metal Server

Learn how to run the BGP daemon on your bare-metal server to establish a BGP session with Heficed routers and announce your IPv4 and/or IPv6 ranges from your AS.

Requirements:

  • Create RPKI and route objects for your IPv4 and/or IPv6 ranges with your AS number as origin.
  • Make sure you are running CentOS 7 in your server since this article is based on CentOS 7 OS. Note that configuration is similar on different Linux versions.

Before you proceed, submit a ticket from your Terminal requesting to create a BGP session with your bare-metal server by providing the following information:

  • The main IP address of your server
  • Your public AS number
  • Your IPv4 and/or IPv6 ranges
  • A BGP session password
  • What you wish to receive via a BGP session:
    1. full table;
    2. full table and default gateway;
    3. only default gateway;
    4. nothing.
  • Specify if you will need the /64 IPv6 range as the management IPv6 address. You can skip this if you have your own management IPv6 range.

Once the BGP session is created, proceed with the following steps.

Connect to your server and add an IPv6 address to the network interface. Open file /etc/sysconfig/network-scripts/ifcfg-bond0 to edit:

[root@fra-d054 ~]# cd /etc/sysconfig/network-scripts/
[root@fra-d054 network-scripts]# vi ifcfg-bond0

The file should look like this:

[root@fra-d054 network-scripts]# cat ifcfg-bond0
# BEGIN ANSIBLE MANAGED BLOCK
DEVICE=bond0
TYPE=Bond
ONBOOT=yes
BOOTPROTO=none
IPADDR=102.165.9.22
NETMASK=255.255.255.252
GATEWAY=102.165.9.21
DNS1=1.1.1.1
DNS2=8.8.8.8
BONDING_OPTS="mode=4 miimon=100 lacp_rate=fast"
# END ANSIBLE MANAGED BLOCK

Add an IPv6 address and a gateway at the end of the file.

[root@fra-d054 network-scripts]# cat ifcfg-bond0
# BEGIN ANSIBLE MANAGED BLOCK
DEVICE=bond0
TYPE=Bond
ONBOOT=yes
BOOTPROTO=none
IPADDR=102.165.9.22
NETMASK=255.255.255.252
GATEWAY=102.165.9.21
DNS1=1.1.1.1
DNS2=8.8.8.8
BONDING_OPTS="mode=4 miimon=100 lacp_rate=fast"
IPV6INIT=yes
IPV6ADDR=2a03:a960:184:1::2/64
IPV6_DEFAULTGW=2a03:a960:184:1::1
# END ANSIBLE MANAGED BLOCK

Restart the network service to apply the changes:

[root@fra-d054 network-scripts]# systemctl restart network
[root@fra-d054 network-scripts]# ifconfig
bond0: flags=5187<UP,BROADCAST,RUNNING,MASTER,MULTICAST> mtu 1500
inet 102.165.9.22 netmask 255.255.255.252 broadcast 102.165.9.23
inet6 fe80::ec4:7aff:fe85:863c prefixlen 64 scopeid 0x20<link>
inet6 2a03:a960:184:1::2 prefixlen 64 scopeid 0x0<global>
ether 0c:c4:7a:85:86:3c txqueuelen 1000 (Ethernet)
RX packets 39 bytes 3802 (3.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 44 bytes 4132 (4.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

enp1s0f0: flags=6211<UP,BROADCAST,RUNNING,SLAVE,MULTICAST> mtu 1500
ether 0c:c4:7a:85:86:3c txqueuelen 1000 (Ethernet)
RX packets 1932 bytes 197115 (192.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1493 bytes 178261 (174.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device memory 0xdf180000-df1fffff

enp1s0f1: flags=6147<UP,BROADCAST,SLAVE,MULTICAST> mtu 1500
ether 0c:c4:7a:85:86:3c txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device memory 0xdf100000-df17ffff

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 72 bytes 6962 (6.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 72 bytes 6962 (6.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

Confirm that IPv6 connectivity is working:

[root@fra-d054 network-scripts]# ping6 2001:4860:4860::8888
PING 2001:4860:4860::8888(2001:4860:4860::8888) 56 data bytes
64 bytes from 2001:4860:4860::8888: icmp_seq=1 ttl=119 time=0.370 ms
64 bytes from 2001:4860:4860::8888: icmp_seq=2 ttl=119 time=0.554 ms
^C
--- 2001:4860:4860::8888 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.370/0.462/0.554/0.092 ms

Add your IPv4 and/or IPv6 ranges to the network interface:

[root@fra-d054 network-scripts]# ip addr add 191.96.202.0/24 dev bond0
[root@fra-d054 network-scripts]# ip -6 addr add 2a0e:1c04:1::/48 dev bond0

Update the repository and install the bird daemon by running the following commands one by one:

[root@fra-d054 ~]# wget -4 https://download-ib01.fedoraproject.org/pub/epel/7/x86_64/Packages/e/epel-release-7-13.noarch.rpm
[root@fra-d054 ~]# rpm -Uvh epel-release-7-13.noarch.rpm
[root@fra-d054 ~]# yum -y update
[root@fra-d054 ~]# yum -y install bird

Open file /etc/bird.conf and append the file with the following lines. Make sure to replace the example IP addresses and IP ranges with your actual IP data, AS number and BGP password.

log syslog all;

#Router ID = server main IP address
router id 102.165.9.22;

protocol device {
scan time 10; # Scan interfaces every 10 seconds
}

#Disable automatically generating direct routes to all network interfaces.
protocol direct {
disabled; # Disable by default
}

#Forbid synchronizing BIRD routing tables with the OS kernel.
protocol kernel {
import all; # Import to table, default is import all
export all; # Export to protocol. default is export none
}

#Route your subnet via your server main IP address
protocol static {
route 191.96.202.0/24 via 102.165.9.22;
}

#local = your server main IP address and your AS number
#neighbor = gateway of your server main IP address and Heficed AS number which is 61317 by default
#password = BGP session password
protocol bgp Heficed {
description "BGP session to Heficed";
local 102.165.9.22 as 397727;
neighbor 102.165.9.21 as 61317;
password "YOUR-BGP-PASSWORD";
import filter { print "importing"; accept; };
export filter { print "exporting"; accept; };
}

Save the file and close it. Apply the changes using the following command:

[root@fra-d054 ~]# systemctl start bird

Check if the bird daemon is running:

[root@fra-d054 ~]# systemctl status bird
● bird.service - BIRD Internet Routing Daemon
Loaded: loaded (/usr/lib/systemd/system/bird.service; disabled; vendor preset: disabled)
Active: active (running) since Sat 2021-06-26 14:31:31 UTC; 15s ago
Main PID: 8931 (bird)
CGroup: /system.slice/bird.service
└─8931 /usr/sbin/bird -f -u bird -g bird

Jun 26 14:31:31 fra-d054 systemd[1]: Started BIRD Internet Routing Daemon.
Jun 26 14:31:31 fra-d054 bird[8931]: Started
Jun 26 14:31:31 fra-d054 bird[8931]: Netlink: File exists
Jun 26 14:31:36 fra-d054 bird[8931]: exporting
Jun 26 14:31:36 fra-d054 bird[8931]: importing

Enter the bird console with the command birdc:

[root@fra-d054 ~]# birdc
BIRD 1.6.8 ready.
bird>

Check if a BGP session is established with the command show protocol all Heficed:

bird> show protocol all Heficed
name proto table state since info
Heficed BGP master up 14:31:35 Established
Description: BGP session to Heficed
Preference: 100
Input filter: (unnamed)
Output filter: (unnamed)
Routes: 1 imported, 1 exported, 1 preferred
Route change stats: received rejected filtered ignored accepted
Import updates: 1 0 0 0 1
Import withdraws: 0 0 --- 0 0
Export updates: 2 1 0 --- 1
Export withdraws: 0 --- --- --- 0
BGP state: Established
Neighbor address: 102.165.9.21
Neighbor AS: 61317
Neighbor ID: 191.101.243.1
Neighbor caps: refresh restart-aware llgr-aware AS4
Session: external AS4
Source address: 102.165.9.22
Hold timer: 70/90
Keepalive timer: 20/30

bird>

That’s it. Your BGP IPv4 session is established, and your IPv4 range should be visible in the global routing table.

To establish an IPv6 BGP session, install the bird6 package using the command below:

[root@fra-d054 ~]# yum -y install bird6

Edit configuration file /etc/bird6.conf and append the file with the following lines. Make sure you replace the example IP addresses and IP ranges with your actual IP information, AS number and BGP password.

log syslog all;

#Router ID = server main IPv4 address
router id 102.165.9.22;

protocol device {
scan time 10; # Scan interfaces every 10 seconds
}

#Disable automatically generating direct routes to all network interfaces.
protocol direct {
disabled; # Disable by default
}

#Forbid synchronizing BIRD routing tables with the OS kernel.
protocol kernel {
import all; # Import to table, default is import all
export all; # Export to protocol. default is export none
}

#Route your subnet via your server main IP address
protocol static {
route 2a0e:1c04:1::/48 via 2a03:a960:184:1::2;
}

#local = your server main IP address and your AS number
#neighbor = gateway of your server main IP address and Heficed AS number which is 61317 by default
#password = BGP session password
protocol bgp Heficed {
description "BGP session to Heficed";
local 2a03:a960:184:1::2 as 397727;
neighbor 2a03:a960:184:1::1 as 61317;
password "YOUR-BGP-PASSWORD";
import filter { print "importing"; accept; };
export filter { print "exporting"; accept; };
}

Apply the changes using the following command:

[root@fra-d054 ~]# systemctl start bird6

Confirm if the bird6 daemon is running:

[root@fra-d054 ~]# systemctl status bird6
● bird6.service - BIRD Internet Routing Daemon
Loaded: loaded (/usr/lib/systemd/system/bird6.service; disabled; vendor preset: disabled)
Active: active (running) since Sat 2021-06-26 14:37:07 UTC; 2s ago
Main PID: 9337 (bird6)
CGroup: /system.slice/bird6.service
└─9337 /usr/sbin/bird6 -f -u bird6 -g bird6

Jun 26 14:37:07 fra-d054 systemd[1]: Started BIRD Internet Routing Daemon.
Jun 26 14:37:07 fra-d054 bird6[9337]: Started
Jun 26 14:37:07 fra-d054 bird6[9337]: Netlink: Invalid argument
Jun 26 14:37:08 fra-d054 bird6[9337]: exporting
Jun 26 14:37:08 fra-d054 bird6[9337]: importing

Enter the bird6 console with command and check if the session is established:

[root@fra-d054 ~]# birdc6
BIRD 1.6.8 ready.
bird> show protocol all Heficed
name proto table state since info
Heficed BGP master up 14:37:08 Established
Description: BGP session to Heficed
Preference: 100
Input filter: (unnamed)
Output filter: (unnamed)
Routes: 1 imported, 1 exported, 1 preferred
Route change stats: received rejected filtered ignored accepted
Import updates: 1 0 0 0 1
Import withdraws: 0 0 --- 0 0
Export updates: 2 1 0 --- 1
Export withdraws: 0 --- --- --- 0
BGP state: Established
Neighbor address: 2a03:a960:184:1::1
Neighbor AS: 61317
Neighbor ID: 191.101.243.1
Neighbor caps: refresh restart-aware llgr-aware AS4
Session: external AS4
Source address: 2a03:a960:184:1::2
Hold timer: 80/90
Keepalive timer: 19/30

bird>

That’s it. Your IPv6 BGP session is established, and your IPv6 range should be visible in the global routing table.

Was this article helpful?

Still need help?

Heficed Slack Community

Get involved in Heficed Slack community. Get updates, ask questions, connect with peers.

Heficed Slack

Need support?

If you need any further help, don't hesitate to send a support request to our support team.