How can we help?
Лаба FRR
Ставим FRR отсюда https://rpm.frrouting.org/
На R1:
# possible values for FRRVER: frr-6 frr-7 frr-8 frr-stable
# frr-stable will be the latest official stable release
[root@r1 ~]# FRRVER="frr-stable"
# add RPM repository on CentOS 7
[root@r1 ~]# curl -O https://rpm.frrouting.org/repo/$FRRVER-repo-1-0.el7.noarch.rpm
[root@r1 ~]# sudo yum install ./$FRRVER*
# install FRR
[root@r1 ~]# sudo yum install frr frr-pythontools
[root@r1 ~]# vi /etc/frr/daemons
...
ospfd=yes
...
[root@r1 ~]# systemctl restart frr
[root@r1 ~]# systemctl status frr
● frr.service - FRRouting
Loaded: loaded (/usr/lib/systemd/system/frr.service; disabled; vendor preset: disabled)
Active: active (running) since Ср 2022-06-29 13:28:56 MSK; 9s ago
Docs: https://frrouting.readthedocs.io/en/latest/setup.html
Process: 8289 ExecStart=/usr/lib/frr/frrinit.sh start (code=exited, status=0/SUCCESS)
Main PID: 8294 (watchfrr)
...
[root@r1 ~]# vtysh
Hello, this is FRRouting (version 8.2.2).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
r1# exit
[root@r1 ~]# systemctl stop firewalld
[root@r1 ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@r1 ~]# ip link add dummy0 type dummy
[root@r1 ~]# ip a
...
4: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 92:6e:54:28:b3:ec brd ff:ff:ff:ff:ff:ff
[root@r1 ~]# ip addr add 10.1.1.1/32 dev dummy0
[root@r1 ~]# ip a
...
4: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 92:6e:54:28:b3:ec brd ff:ff:ff:ff:ff:ff
inet 10.1.1.1/32 scope global dummy0
valid_lft forever preferred_lft forever
[root@r1 ~]# ip link set up dev dummy0
[root@r1 ~]# ip a
...
4: dummy0: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 92:6e:54:28:b3:ec brd ff:ff:ff:ff:ff:ff
inet 10.1.1.1/32 scope global dummy0
valid_lft forever preferred_lft forever
inet6 fe80::906e:54ff:fe28:b3ec/64 scope link
valid_lft forever preferred_lft forever
[root@r1 ~]# ping 10.1.1.1
PING 10.1.1.1 (10.1.1.1) 56(84) bytes of data.
64 bytes from 10.1.1.1: icmp_seq=1 ttl=64 time=0.051 ms
64 bytes from 10.1.1.1: icmp_seq=2 ttl=64 time=0.060 ms
^C
--- 10.1.1.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.051/0.055/0.060/0.008 ms
[root@r1 ~]# yum install nginx -y
Загружены модули: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.corbina.net
* extras: mirror.corbina.net
* updates: mirror.corbina.net
Пакета с названием nginx не найдено.
Ошибка: Выполнять нечего
[root@r1 ~]# yum install epel-release -y
Загружены модули: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.corbina.net
* extras: mirror.corbina.net
* updates: mirror.corbina.net
Разрешение зависимостей
--> Проверка сценария
---> Пакет epel-release.noarch 0:7-11 помечен для установки
--> Проверка зависимостей окончена
Зависимости определены
===============================================================================================================================================
Package Архитектура Версия Репозиторий Размер
===============================================================================================================================================
Установка:
epel-release noarch 7-11 extras 15 k
Итого за операцию
===============================================================================================================================================
Установить 1 пакет
Объем загрузки: 15 k
Объем изменений: 24 k
Downloading packages:
epel-release-7-11.noarch.rpm | 15 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Установка : epel-release-7-11.noarch 1/1
Проверка : epel-release-7-11.noarch 1/1
Установлено:
epel-release.noarch 0:7-11
Выполнено!
[root@r1 ~]# yum install nginx -y
...
Установлено:
nginx.x86_64 1:1.20.1-9.el7
Установлены зависимости:
centos-indexhtml.noarch 0:7-9.el7.centos gperftools-libs.x86_64 0:2.6.1-1.el7 nginx-filesystem.noarch 1:1.20.1-9.el7
openssl11-libs.x86_64 1:1.1.1k-3.el7
Выполнено!
[root@r1 ~]# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
Active: inactive (dead)
[root@r1 ~]# vi /etc/nginx/nginx.conf
[root@r1 ~]# cd /usr/share/nginx/html
[root@r1 html]# ll
итого 12
-rw-r--r--. 1 root root 3650 окт 19 2021 404.html
-rw-r--r--. 1 root root 3693 окт 19 2021 50x.html
lrwxrwxrwx. 1 root root 20 июн 29 15:48 en-US -> ../../doc/HTML/en-US
drwxr-xr-x. 2 root root 27 июн 29 15:48 icons
lrwxrwxrwx. 1 root root 18 июн 29 15:48 img -> ../../doc/HTML/img
lrwxrwxrwx. 1 root root 25 июн 29 15:48 index.html -> ../../doc/HTML/index.html
-rw-r--r--. 1 root root 368 окт 19 2021 nginx-logo.png
lrwxrwxrwx. 1 root root 14 июн 29 15:48 poweredby.png -> nginx-logo.png
[root@r1 html]# cat index.html
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
....
</html>
[root@r1 html]# echo 'Hello from R1' > index.html
[root@r1 html]# cat index.html
Hello from R1
[root@r1 html]# vi /etc/nginx/nginx.conf
...
server {
# listen 80;
listen 10.1.1.1:80;
server_name _;
root /usr/share/nginx/html;
...
[root@r1 html]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@r1 html]# systemctl start nginx
[root@r1 html]# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
Active: active (running) since Ср 2022-06-29 16:07:04 MSK; 8s ago
Process: 4889 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
Process: 4887 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
Process: 4886 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
Main PID: 4891 (nginx)
CGroup: /system.slice/nginx.service
├─4891 nginx: master process /usr/sbin/nginx
└─4893 nginx: worker process
июн 29 16:07:04 r1 systemd[1]: Starting The nginx HTTP and reverse proxy server...
июн 29 16:07:04 r1 nginx[4887]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
июн 29 16:07:04 r1 nginx[4887]: nginx: configuration file /etc/nginx/nginx.conf test is successful
июн 29 16:07:04 r1 systemd[1]: Started The nginx HTTP and reverse proxy server.
[root@r1 html]# curl http://10.1.1.1
Hello from R1
На R2:
[root@r2 ~]# FRRVER="frr-stable"
[root@r2 ~]# curl -O https://rpm.frrouting.org/repo/$FRRVER-repo-1-0.el7.noarch.rpm
[root@r2 ~]# sudo yum install ./$FRRVER*
[root@r2 ~]# sudo yum install frr frr-pythontools
[root@r2 ~]# vi /etc/frr/daemons
...
ospfd=yes
...
[root@r2 ~]# vi /etc/frr/daemons
[root@r2 ~]# systemctl restart frr
[root@r2 ~]# systemctl status frr
● frr.service - FRRouting
Loaded: loaded (/usr/lib/systemd/system/frr.service; disabled; vendor preset: disabled)
Active: active (running) since Ср 2022-06-29 13:30:15 MSK; 14s ago
Docs: https://frrouting.readthedocs.io/en/latest/setup.html
Process: 21768 ExecStart=/usr/lib/frr/frrinit.sh start (code=exited, status=0/SUCCESS)
Main PID: 21773 (watchfrr)
Status: "FRR Operational"
CGroup: /system.slice/frr.service
...
[root@r2 ~]# vtysh
Hello, this is FRRouting (version 8.2.2).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
r2# exit
[root@r2 ~]# sysctl -a | grep forward
...
net.ipv4.ip_forward = 0
net.ipv4.ip_forward_use_pmtu = 0
...
[root@r2 ~]# sysctl -w net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1
[root@r2 ~]# sysctl -a | grep forward
...
net.ipv4.conf.lo.mc_forwarding = 0
net.ipv4.ip_forward = 1
...
[root@r2 ~]# vi /etc/sysctl.conf # чтобы изменения не потерялись после перезагрузки конфигурим здесь
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5)
net.ipv4.ip_forward = 1
[root@r2 ~]# sysctl -p
net.ipv4.ip_forward = 1
[root@r2 ~]# curl http://10.1.1.1
Hello from R1
[root@r2 ~]# curl http://10.0.12.1
curl: (7) Failed connect to 10.0.12.1:80; В соединении отказано
[root@r2 ~]#
На R3:
[root@r3 ~]# FRRVER="frr-stable"
[root@r3 ~]# curl -O https://rpm.frrouting.org/repo/$FRRVER-repo-1-0.el7.noarch.rpm
[root@r3 ~]# sudo yum install ./$FRRVER*
[root@r3 ~]# sudo yum install frr frr-pythontools
[root@r3 ~]# vi /etc/frr/daemons
...
ospfd=yes
...
[root@r3 ~]# systemctl restart frr
[root@r3 ~]# systemctl status frr
● frr.service - FRRouting
Loaded: loaded (/usr/lib/systemd/system/frr.service; disabled; vendor preset: disabled)
Active: active (running) since Ср 2022-06-29 13:31:14 MSK; 8s ago
Docs: https://frrouting.readthedocs.io/en/latest/setup.html
Process: 11637 ExecStart=/usr/lib/frr/frrinit.sh start (code=exited, status=0/SUCCESS)
Main PID: 11642 (watchfrr)
Status: "FRR Operational"
[root@r3 ~]# vtysh
Hello, this is FRRouting (version 8.2.2).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
r3# ping 10.1.1.1
PING 10.1.1.1 (10.1.1.1) 56(84) bytes of data.
64 bytes from 10.1.1.1: icmp_seq=1 ttl=63 time=0.785 ms
64 bytes from 10.1.1.1: icmp_seq=2 ttl=63 time=2.12 ms
^C
--- 10.1.1.1 ping statistics ---
[root@r3 ~]# curl http://10.1.1.1
Hello from R1