Examples for configuring a Cisco, Juniper, or Zebra router as an IPv4 Route-Views-like route server.
Cisco -
ip bgp-community new-format ! ip classless ip subnet-zero ip multicast-routing ! interface FastEthernet0/0 no ip redirects ! router bgp <ASN> bgp log-neighbor-changes bgp dampening no auto-summary no sync neighbor mcast-ebgp peer-group nlri unicast multicast neighbor mcast-ebgp ebgp-multihop 255 neighbor mcast-ebgp update-source FastEthernet0/0 neighbor mcast-ebgp next-hop-self neighbor mcast-ebgp distribute-list 100 out neighbor mcast-ebgp route-map set-nexthop in ! neighbor <peer ip> remote-as <peer AS> neighbor <peer ip> peer-group mcast-ebgp neighbor <peer ip> description <peer name> ! ip route 0.0.0.0 0.0.0.0 <default-gw> ip route <peer ip> 255.255.255.255 <default-gw> ! access-list 100 deny ip any any ! route-map set-nexthop permit 10 set ip next-hop peer-address ! line vty 0 4 session-timeout 20 output exec-timeout 5 0 timeout login response 0 logging synchronous no login endMiscellaneous:
snmp-server communityRO
no ip http server
Juniper -
system { no-redirects; host-name <router hostname> root-authentication { encrypted-password "XXXX"; } login { message "\n\n Login as user rviews and password rviews\n\n"; class rviews { permissions [ network view ]; deny-commands "(file|ftp|ping .*rapid|request|junos-script|show (arp|config|pfe|system)|test)"; } user rviews { uid 2001; class rviews; authentication { encrypted-password "XXXXX"; } } } services { ssh; telnet; } } routing-options { rib inet6.0 { static { route ::/0 next-hop 2001::XXXX; } } static { route 0.0.0.0/0 next-hop A.B.C.D; } interface-routes { rib-group inet if-rib; } rib-groups { if-rib { import-rib [ inet.0 inet.2 ]; } } autonomous-system <ASN>; } protocols { bgp { log-updown; group v4 { type external; description "v4 uni/multicast peers"; multihop { ttl 255; } damping; import [ graded-flap-dampening set-nexthop final ]; family inet { unicast; multicast; } export [ nothing ]; local-as <ASN>; neighbor <peer ip> { description "<peer name>"; peer-as <peer ASN>; local-address <router interface ip>; } } group v6 { type external; description "v6 uni/multicast peers"; multihop { ttl 255; } damping; import [ graded-flap-dampening set-nexthop final ]; family inet6 { unicast; multicast; } export [ nothing ]; local-as <ASN>; neighbor <peer v6 ip> { description "<peer name>"; peer-as <peer ASN>; local-address <router interface v6 ip>; } } } } policy-options { prefix-list golden-networks { 128.8.0.0/16; 128.9.0.0/16; 128.63.0.0/16; 192.5.4.0/23; 192.5.6.0/24; 192.12.94.0/24; 192.26.92.0/24; 192.31.80.0/24; 192.33.4.0/24; 192.35.51.0/24; 192.36.144.0/24; 192.36.148.0/24; 192.41.162.0/24; 192.42.93.0/24; 192.112.36.0/24; 192.203.230.0/24; 193.0.14.0/24; 198.32.64.0/24; 198.41.0.0/24; 202.12.27.0/24; 202.153.112.0/20; 203.181.96.0/19; 210.132.96.0/19; 213.177.192.0/21; } policy-statement nothing { then reject; } policy-statement graded-flap-dampening { term exclude { from { prefix-list golden-networks; } then { damping set-none; next policy; } } from { route-filter 0.0.0.0/0 upto /21 damping set-normal; route-filter 0.0.0.0/0 upto /23 damping set-medium; route-filter 0.0.0.0/0 orlonger damping set-high; } then next policy; } policy-statement final { then accept; } policy-statement set-nexthop { then { next-hop peer-address; next policy; } } damping set-none { disable; } damping set-normal { half-life 10; reuse 3000; suppress 6000; max-suppress 30; } damping set-medium { half-life 15; reuse 1500; suppress 6000; max-suppress 45; } damping set-high { half-life 30; reuse 1640; suppress 6000; max-suppress 60; } }Miscellaneous:
juniper> start shell % su % chgrp field /tmp /var/tmp /var/tmp/vi.recover % chmod 1775 /tmp /var/tmp /var/tmp/vi.recover % cd /var/home % rm -rf <anon-user> % ln -s /var/tmp <anon-user>Then edit /etc/rc and add the following to end, just before the date command.
# # make sure permissions are tight on /tmp and /var/tmp # echo "Fixing permissions on /tmp, /var/tmp, and /var/tmp/vi.recover" chgrp field /tmp /var/tmp /var/tmp/vi.recover chmod 1775 /tmp /var/tmp /var/tmp/vi.recoverNote: this does not prevent transfer of files which are readable by "others" from the router.
Zebra -
! service password-encryption enable password <router password> ! hostname <router hostname> ! route-map nothing deny 1 ! router bgp <ASN> bgp router-id <router interface ip> ! neighbor <peer ip> remote-as <peer ASN> neighbor <peer ip> activate neighbor <peer ip> ebgp-multihop 255 neighbor <peer ip> update-source <router interface ip> neighbor <peer ip> route-map nothing out neighbor <peer ip> description <peer name> address-family ipv4 multicast neighbor <peer ip> activate neighbor <peer ip> route-map nothing out exit-address-family ! ! dump bgp information to MRT files ! dump bgp updates /<path to storage>/Y.%m/UPDATES/updates.%Y%m%d.%H%M 15m dump bgp routes-mrt /<path to storage>/Y.%m/RIBS/rib.%Y%m%d.%H%M 2h ! ! VTYs ! line vty no login exec-timeout 10 no exec-timeout ! endMiscellaneous: