|
It has been a couple years since I last wrote about RIPng. It has been running quietly, and efficiently in my SOHO (Small Office/Home Office) network. Sure there are other better routing protocols such as OSPFv3 or IS-IS which are the work-horses of the Enterprise. But they also have dedicated network engineers managing them. The ease of deployment, makes RIPng the perfect IPv6 routing protocol for non-network experts, just plug-in and go.
BIRD: Internet Routing Daemon
BIRD is an open source routing daemon which supports many routing protocols such as RIPng, Babel, OSPF, and iBGP. It runs on Linux, FreeBSD, NetBSD, and OpenBSD.
In my last RIPng article, BIRD was at version 1.6, and the examples are for that version. In December 2017, version 2 was released, but I found issues with configuring RIPng, and waited until some of the issues could be resolved. Now BIRD has released version 2.08, and it integrates well with my existing 1.6 network.
BIRD & OpenWrt
I have been running BIRD 1.6 on my OpenWrt routers for years, I wanted to try the newer version 2.08. Fortunately, the Devs at OpenWrt build both versions. It is easy to install using OpenWrt’s software manager.
Unlike BIRD 1.6, there is no separate version for IPv4 and IPv6. BIRD 2 supports both. Because the OpenWrt software manager automatically handles dependencies I usually just install the user-space CLI tool bird2cl, which will pull in the bird daemon as well.
BIRD can be installed using the OpenWrt web interface, or after ssh-ing to the router running the following:
opkg update
opkg install bird2cl
Editing files in OpenWrt using nano
Like most Linux distros, the vi editor is included in the base system. But vi has cryptic commands, and can be daunting to the new user.
Fortunately, there is simpler user friendly editor called nano which is available, and only needs to be installed.
opkg install nano
There are many tutorials on the internet on how to use nano, but the official documentation is always a good place to start.
Editing bird.conf with nano
Configuring BIRD for RIPng
There is no web interface for configuring RIPng, and the following must be done via a ssh session. But once it is done, you should not need to change the configuration in the future.
Unfortunately, the example /etc/bird.conf file which is installed by default is full of examples for the other supported protocols, but pretty scarce for RIPng. The easiest thing to do is to log into your router with ssh and replace it with this example:
# EXAMPLE BIRD RIPng Config# Required for kernel local routes to be exported to RIPng
protocol kernel {
ipv6 {
export all; # Default is export none
};
}
# Required to get info about Net Interfaces from Kernel
protocol device {
}
#advertises directly connected interfaces to upstream
protocol direct {
ipv6;
interface "*";
}
# Configure RIPng in Bird
protocol rip ng {
ipv6 {
import all;
export all;
};
interface "*" {
mode multicast;
};
}
The key to telling BIRD that this is RIPng is the protocol rip ng line. The ng tells BIRD to use the IPv6 version of RIP.
It is possible to refine the interfaces, so that RIPng routing announcements aren’t being sent (and then dropped) to your ISP. But putting an interface "*" makes this config work for all routers in your SOHO network.
If you wanted to exclude the upstream interface (called wan on OpenWrt), use the line interface interface "eth0","br-lan".
Configuring your Firewall for RIPng
Just like last time, the default policy on OpenWrt is to block in-bound packets from the wan (or upstream interface). So a firewall rule must be created to allow RIPng packets to pass. This is the same as with version 1.6.
Append the following to /etc/config/firewall
config rule
option name 'RIPng'
option family 'ipv6'
list proto 'udp'
option src 'wan'
list src_ip 'fe80::/10'
option dest_port '521'
option target 'ACCEPT'
Starting RIPng
Now that you have the configuration file in place, and the firewall ready, you can start BIRD running RIPng on your router.
/etc/init.d/bird restart
That’s it! BIRD is now running RIPng on your network.
Looking a little deeper into your RIPng network (optional)
Although RIPng is pretty much a start and forget routing protocol, there is a nice troubleshooting tool, birdcl to peek under the covers. It will show the key aspects of RIPng:
- Interfaces running RIPng
- Peers or other routers your RIPng is talking to
- The routing table, which routes have been learned by RIPng
Using the CLI tool, birdcl, it is easy to see how RIPng is working.
# birdcl
BIRD 2.0.8 ready.
bird>
Helpful commands are to look at the interfaces enabled for RIPng, and how many neighbours (other routers running RIPng) have been found.
bird> show rip int
rip1:
Interface State Metric Nbrs Timer
eth0 Up 1 0 24.311
wan Up 1 3 8.381
br-lan Up 1 0 0.961
Displaying the RIPng neighbours command will provide more info
bird> show rip neig
rip1:
IP address Interface Metric Routes Seen
fe80::2ac6:8eff:fe16:19d7 wan 1 23 22.898
fe80::216:3eff:fe28:54f0 wan 1 2 26.902
fe80::7683:c2ff:fe61:fd60 wan 1 6 21.931
As you can see, there are 3 other routers running RIPng, all upstream on the wan interface. RIPng uses IPv6 link-local addresses. It is a good idea to keep a cheat-sheet handy of your routers link-local addresses which will make it easier to understand which routers are peers/neighbours.
And of course you can use birdcl to show the routes in your network as well.
bird> show route
Table master6:
::/0 unicast [rip1 09:34:47.143] * (120/4)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd60::/60 unicast [rip1 09:34:47.149] * (120/2)
via fe80::7683:c2ff:fe61:fd60 on wan
2001:db8:8011:fd94::/64 unicast [rip1 09:34:47.143] * (120/4)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd80::/64 unicast [rip1 09:34:47.143] * (120/4)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd44::/62 unicast [rip1 09:34:47.143] * (120/2)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd44::fb0/128 unicast [direct1 09:34:47.139] * (240)
dev wan
2001:db8:8011:fd04::/62 unicast [rip1 09:34:47.143] * (120/3)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd00::/56 unicast [rip1 09:34:47.143] * (120/4)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd11::/64 unicast [rip1 09:34:47.143] * (120/4)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd00::/64 unicast [rip1 09:34:47.143] * (120/4)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd44::a1b/128 unicast [rip1 09:34:47.149] * (120/2)
via fe80::7683:c2ff:fe61:fd60 on wan
2001:db8:8011:fd40::/64 unicast [rip1 09:34:47.143] * (120/3)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd47::/64 unicast [rip1 09:34:47.143] * (120/2)
via fe80::ea9f:80ff:feec:d5f3 on wan
2001:db8:8011:fd46::/64 unicast [rip1 09:34:47.149] * (120/2)
via fe80::216:3eff:fe28:54f0 on wan
2001:db8:8011:fd45::/64 unicast [direct1 09:34:47.139] * (240)
dev br-lan
2001:db8:8011:fd44::/64 unicast [direct1 09:34:47.139] * (240)
dev wan
unicast [rip1 09:34:47.149] (120/2)
via fe80::7683:c2ff:fe61:fd60 on wan
2001:db8:8011:fd80::/62 unicast [rip1 09:34:47.143] * (120/3)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd84::/62 unicast [rip1 09:34:47.143] * (120/3)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd88::/61 unicast [rip1 09:34:47.143] * (120/3)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd90::/60 unicast [rip1 09:34:47.143] * (120/4)
via fe80::2ac6:8eff:fe16:19d7 on wan
The top entry, ::/0, is the default route pointing to the upstream router fe80::2ac6:8eff:fe16:19d7 on the wan interface. This is the path packets will take to get to the internet.
The last numbers (120/3) means 120 seconds for the life time of this route, and 3 indicates how many route-hops away is that network. As you can see the furthest network is 4 hops away from this router.
But unless you need to troubleshoot your network, or are just curious about how RIPng works, you shouldn’t need to run birdcl. After all RIPng is basically a plug-and-play routing protocol.
BIRD v2.08 & RIPng is stable and ready for prime time
Earlier versions of BIRD v2 had interoperability problems with BIRD v1, but those are now in the rear view mirror. RIPng is very easy to setup, once you have an example config file. It is a tried and true routing protocol that gets the job done, making a multi-router SOHO network easy to stand up and maintain.
RIPng will be quietly keeping your network going while you worry about the real problems in the world.
Originally posted on www.makiki.ca (IPv6-only)
Updated on 13 April 2022 – fixed example bird.conf