Re: [mpls-linux-general] (no subject)
Status: Beta
Brought to you by:
jleu
Menu
▾
▴
Re: [mpls-linux-general] (no subject)
|
From: Adrian P. <adr...@gm...> - 2008-02-10 15:08:50
|
Hello Rachid, About a year and a half ago I experimented with LDP, but it was too instable to be of any use (it crashed when setting up a LPD adjacency). Now, I've heard on the mailing list that it is more stable and should work. You should download the quagga binary (or source) from sourceforge and install/compile it. You should configure ospf routing first (and make sure it works) and after that start ldp. Configuring LDP is easy, something like: #conf t (config)# mpls ldp (config-ldp)#lsr-id *one.of.the.ips.from.this.router* (config-ldp)#transport-address *one.of.the.ips.from.this.router *(config-ldp)#address-mode ldp (config-ldp)#exit (config)#interface eth1 (config-if)#mpls ip (config-if)#distribution-mode du (config-if)#end #show ldp Not all the parameters are necessary. The minimum are mpls ldp in global config mode and mpls ip on the interfaces with mpls. Ask for more details on the mailing list, in case of trouble. Adrian On Feb 9, 2008 12:00 AM, rachid rachid <rac...@ho...> wrote: > Hello Adrian, > i'm in france now, i will continue investigation since i come back,so i > have a questio : is it possible to make a dynamic routing LDP > in experimentation, have any idea, document site, i have serched without > succes. > > Thanks && BR, > R.Benbrahim > > > ------------------------------ > Date: Sun, 3 Feb 2008 18:39:08 +0200 > > From: adr...@gm... > To: rac...@ho... > Subject: Re: > > Good to see it's finally forwarding MPLS packets. Now, it seems to me that > you're trying to send traffic from PC2 to PC1 and it almost arrives in PC1. > However R1 doesn't output the traffic. Run mpls ilm show and mpls nhlfe show > on R1, and please give me again the current configuration on R1. And output > from > ip route show > mpls ilm show > > As you can see, currently FTP traffic is not marked, but this is because > the marking is done only from reverse traffic (from PC1 to PC2). So, as soon > as we get R1 to route packets to PC1, it should work. > > The changes that you made (with iptables) should have had no effect until > now. Something else must have changed in the mean time (on R3) and this is > why it's almost working. > > On Feb 2, 2008 8:49 PM, rachid rachid <rac...@ho...> wrote: > > > Hello Adrian, > i have tried to do the modification again by replacing , > > iptables -t mangle -F > iptables -t mangle -A PREROUTING -p udp --dport 1235 -j DSCP --set-dscp 26 > iptables -t mangle -A PREROUTING -p udp --dport 1236 -j DSCP --set-dscp 46 > by > iptables -t mangle -A PREROUTING -p tcp --sport 20 -j DSCP --set-dscp 26 > iptables -t mangle -A PREROUTING -p tcp --sport 21 -j DSCP --set-dscp 26 > > just to verify, so i have some output unlike the last time.i have just > tried to make > ping to every machine in my lab before doing tcpdump i don't understand > why this time i have some > output.YOu can find in the atachment all output that i got. > > BR, > Rachid > > ------------------------------ > Date: Mon, 28 Jan 2008 12:00:13 +0200 > From: adr...@gm... > To: rac...@ho... > Subject: Re: > > Ok, I see that you want to prioritize FTP, but when you mark your traffic, > you just mark UDP traffic: > > iptables -t mangle -F > iptables -t mangle -A PREROUTING -p udp --dport 1235 -j DSCP --set-dscp 26 > > iptables -t mangle -A PREROUTING -p udp --dport 1236 -j DSCP --set-dscp 46 > > You should change this to : > iptables -t mangle -A PREROUTING -p tcp --sport 20 -j DSCP --set-dscp 26 > iptables -t mangle -A PREROUTING -p tcp --sport 21 -j DSCP --set-dscp 26 > > If it still doesn't work, try to send marked traffic directly from your host (this means that your host > > runs linux - try a live cd), and mark the traffic with iptables in the same way. > > At first look, your example seems to work (if marking is done ok), but only traffic from the server > to the client will be marked and travel through MPLS - the return traffic will be IP. > > My sugestion is to try the marking first - make sure the packets from the ftp server leave with the > desired dscp value, and after that, make sure the nhlfe receives the interesting traffic (with mpls nhlfe show). > > Other than that it should work. Let me know if I can help. > > Cheers, > Adrian > > > > > On Jan 28, 2008 11:17 AM, rachid rachid <rac...@ho...> wrote: > > > Hello Adrain, > Think you for your answer, but ididn't see in your explanation the way to > allow the FTP flow, i have tried to add the FTP port = 21, but without > success. > find the attachment my configuration for R1 and R2 and R3, by the way i > don't have router, see bellow my configuration : > > PC1 Windows XP server------->(Access > point)WIFI------------>R1-R2-R3------------->(Access > point)WIFI---------->PC2 Windows XP client > > Thanks for your help. > > ------------------------------ > Date: Mon, 28 Jan 2008 10:54:55 +0200 > From: adr...@gm... > To: rac...@ho... > Subject: Re: > CC: mpl...@li... > > Hello Rachid, > > Thanks for the attachement and sorry I didn't manage to reply this weekend > (I didn't get close to the computer...). > > Looking into the examples, here's what you need to do: > > - from e1/scripts/network2/qos/e-lsp.sh: > > echo > 'A3->A2' > > #do the following > mapping: > > # DSCP EXP > TCINDEX > > # 0x1E 3 > 1 > > # 0x00 0 3 > #and push label 2000 for both of them > var1=`mpls nhlfe add key 0 instructions ds2exp 0xf 0x1e 0x3 0x0 0x0 > exp2tc 0x3 0x1 0x0 0x3 push gen 2000 nexthop eth3 ipv4 10.0.5.3 | grep > key |cut -c 17-26` > > You need to create a label path with a key mapping your desired DSCP to a > desired EXP. In this command, I mapped DSCP 0x1E to EXP 0x3 AND DSCP 0x00(best effort) to EXP 0x0. > Furthermore, mapping DSCP to EXP is not enough - even if your packets will > leave with the desired EXP values, Linux tc will not differentiate the > traffic. You need to add exp2tc mapping so that packets with EXP 0x3 follow > a specific tc rule and benefit from a specific bandwidth. In my case > packets with EXP 0x3 have tcindex 1 (tcindex is just a number that has to be > the same in the mpls command and in the tc commands) and packets with EXP 3 > have tcindex 3: > > mpls nhlfe add key 0 instructions ds2exp 0xf 0x1e 0x3 0x0 0x0 exp2tc 0x3 > 0x1 0x0 0x3 push gen 2000 nexthop eth3 ipv4 10.0.5.3 > > The rest of the command is standard - add a new label (2000) and specify > the nexthop interface (eth3) and nexthop ip (10.0.5.3). > If you don't need to allocate bandwidth, you don't need the exp2tc 0x3 0x1 > 0x0 0x3 part. > > Oh, I nearly forgot - In the command ds2exp 0xf 0x1e 0x3 0x0 0x0, the 0xf > is just a bit mask that is applied on the DSCP value (a logical OR), so that > multiple DSCP values will be linked to a single EXP. If you want one-to-one > mapping, you can set this mask to 0xf and forget about it. > > The new key generated by this command has to be linked with the forwarding > plane by means of iptables: > > #create a FEC: packets with DSCP=0x1E and DSCP=0x00 go to nhlfe > $var1 > iptables -A FORWARD -m dscp --dscp 0x1e -j mpls --nhlfe $var1 > iptables -A FORWARD -m dscp --dscp 0x0 -j mpls --nhlfe $var1 > > If you need to apply special bandwidth guarantees (per DSCP), you can do > so with tc: > > #on output interface eth3, for MPLS traffic, map TCINDEX 1 to class 1:11 > and TCINDEX 3 to class 1:13 > tc qdisc add dev eth3 root handle 1: > htb > tc filter add dev eth3 parent 1:0 protocol 0x8847 prio 1 tcindex mask 0xf > shift 0 pass_on > tc filter add dev eth3 parent 1:0 protocol 0x8847 prio 1 handle 1 tcindex > classid 1:11 > tc filter add dev eth3 parent 1:0 protocol 0x8847 prio 1 handle 3 tcindex > classid 1:13 > > > #limit the output interface to 7200kbit and guarantee 2400kbit to EXP=3 > traffic and 400kbit to EXP=0 traffic > tc class add dev eth3 parent 1:0 classid 1:10 htb rate 7200kbit > tc class add dev eth3 parent 1:10 classid 1:11 htb rate 2400kbit ceil > 7200kbit > tc class add dev eth3 parent 1:10 classid 1:13 htb rate 400kbit ceil > 7200kbit > tc qdisc add dev eth3 parent 1:11 handle 110: pfifo limit > 10 > tc qdisc add dev eth3 parent 1:13 handle 130: pfifo limit > 10 > > You can find a very good tc and DSCP tutorial here: > http://opalsoft.net/qos/DS.htm > > Now, you need to add these commands on the edge nodes of your MPLS network > - both at ingress and at egress (because MPLS paths are unidirectional), and > you should map them to the interface toward your MPLS cloud (in this > example, eth3 goes to the P router). > > On the P routers you should only use exp2tc to make sure you have > bandwidth guarantees for your EXP values (and also add the necessary tc > rules). See e3/scripts/network2/qos/e-lsp.sh for details. > > Hope this helps, and good luck! > > On Jan 25, 2008 8:42 PM, rachid rachid <rac...@ho...> wrote: > > > Hello Adrian, > I have already save your examples, you can find it attached in this mail. > > Thanks && BR, > R.Benbrahim > > ------------------------------ > Date: Fri, 25 Jan 2008 14:43:24 +0200 > From: adr...@gm... > To: rac...@ho... > Subject: Re: > > Hello Rachid, > > Sorry to dissapoint you, but it seems that the server where I hosted the > tutorials hasn't recovered yet (although the administrator had promissed me > it would be up by friday), so I don't have access to my examples. I'll look > into it this weekend and send you a reply. Sorry for the delay. > > Adrian > > On Jan 25, 2008 11:31 AM, rachid rachid <rac...@ho...> wrote: > > Hello Adrian, > Sorry to disturb you, did you remember me, i'am waiting to your response > and i can't progress, thanks to give feedback as soon as you can. > > Best regards, > R.Benbahim > > > ------------------------------ > Date: Wed, 23 Jan 2008 14:07:41 +0200 > From: adr...@gm... > To: rac...@ho... > Subject: Re: > > Hello Rachid, > > Sorry I didn't reply earlier, but it's a busy period for me. Unfortunately > I don't have access to my examples (the server they were hosted on has > crashed and is under recovery), but Thursday or Friday I should have access > to the examples, and show you what you must do. > > Adrian > > On Jan 20, 2008 2:42 PM, rachid rachid <rac...@ho...> wrote: > > Hello Adrian, > I want to make an experimentation MPLS-WIFI, the mpls clouds is composed > of three machines(R1=LER, R2=LSR, R3=LER) with Fedora 5, i have installed > the MPLS Kernel as described in your experimentation 'mpls-linux 1.950', > there is two other machine (windwosXP) wich dialog althought this mpls > clouds. > > PC1 Windows XP server---WIFI------------R1-R2-R3-------------WIFI---PC2 > Windows XP client > > I want to make an ftp tranfert from PC1 to PC2 using E-LSP, could you show > me the configuration of mapping DSCP-EXP to do. > > THANKS && BEST REGARDS, > Rachid. > > ------------------------------ > Express yourself instantly with MSN Messenger! MSN Messenger<http://clk.atdmt.com/AVE/go/onm00200471ave/direct/01/> > > > > ------------------------------ > Express yourself instantly with MSN Messenger! MSN Messenger<http://clk.atdmt.com/AVE/go/onm00200471ave/direct/01/> > > > > ------------------------------ > Express yourself instantly with MSN Messenger! MSN Messenger<http://clk.atdmt.com/AVE/go/onm00200471ave/direct/01/> > > > > ------------------------------ > Express yourself instantly with MSN Messenger! MSN Messenger<http://clk.atdmt.com/AVE/go/onm00200471ave/direct/01/> > > > > ------------------------------ > Express yourself instantly with MSN Messenger! MSN Messenger<http://clk.atdmt.com/AVE/go/onm00200471ave/direct/01/> > > > > ------------------------------ > Express yourself instantly with MSN Messenger! MSN Messenger<http://clk.atdmt.com/AVE/go/onm00200471ave/direct/01/> > |
