RIPng: routing for the SOHO (Redux)
|
By Craig Miller
In the past couple years since I last wrote about RIPng, it has been running quietly, and efficiently in my SOHO (Small Office/Home Office) network. Sure there are other better protocols such as OSPFv3 or IS-IS which are the work-horses of the Enterprise. But they also have dedicated network engineers managing them. The ease of deployment, makes it the perfect IPv6 routing protocol for non-network experts, just plug-in and go.
Bird: Internet Routing Daemon
Bird is an open source routing daemon which supports many routing protocols such as RIPng, Babel, OSPF, and iBGP. It runs on Linux, FreeBSD, NetBSD, and OpenBSD.
In my last RIPng article, Bird was at version 1.6, and the examples are for that version. In December 2017, version 2 was released, but I found issues with configuring RIPng, and waited until some of the issues could be resolved. Now Bird has released version 2.08, and it integrates well with my existing 1.6 network.
Bird & OpenWrt
I have been running Bird 1.6 on my OpenWrt routers for years, I wanted to try the newer version 2.08. Fortunately, the Devs at OpenWrt build both versions. It is easy to install using OpenWrt's software manager.
Unlike bird 1.6, there is no separate version for IPv4 and IPv6. Bird 2 supports both. Because the software manager automatically handles dependencies I usually just install the user-space CLI tool bird2cl, which will pull in the bird daemon as well.
Configuring Bird for RIPng
Unfortunately, the example /etc/bird.conf file is full of examples for the other supported protocols, but pretty scarce for RIPng. The easiest thing to do is to log into your router with ssh and replace it with this example:
# EXAMPLE Bird RIPng Config
# Required for kernel local routes to be exported to RIPng
protocol kernel {
ipv6 {
export all; # Default is export none
};
}
# Required to get info about Net Interfaces from Kernel
protocol device {
}
#advertises directly connected interfaces to upstream
protocol direct {
ipv6;
interface "*";
}
# Configure RIPng in Bird
protocol rip ng {
ipv6 {
import all;
export all;
};
interface "*" {
mode multicast;
};
}
It is possible to refine the interfaces, so that RIPng routing announcements aren't being sent (and then dropped) to your ISP. But putting an interface "*" makes this config work for all routers in your SOHO network.
If you wanted to exclude the upstream interface (called wan on OpenWrt), use the line interface interface "eth0","br-lan".
Configuring your Firewall for RIPng
Just like last time, the default policy on OpenWrt is to block in-bound packets from the wan (or upstream interface). So a firewall rule must be created to allow RIPng packets to pass. This is the same as with version 1.6.
Append the following to /etc/config/firewall
config rule
option name 'RIPng'
option family 'ipv6'
list proto 'udp'
option src 'wan'
list src_ip 'fe80::/10'
option dest_port '521'
option target 'ACCEPT'
Starting RIPng
Now that you have the configuration file in place, and the firewall ready, you can start Bird running RIPng on your router.
/etc/init.d/bird restart
That's it! Bird is now running RIPng on your network.
Looking at your RIPng network
Using the CLI tool, birdcl, it is easy to see how RIPng is working.
# birdcl
BIRD 2.0.8 ready.
bird>
Helpful commands are to look at the interfaces enabled for RIPng, and how many neighbours (other routers running RIPng) have been found.
bird> show rip int
rip1:
Interface State Metric Nbrs Timer
eth0 Up 1 0 24.311
wan Up 1 3 8.381
br-lan Up 1 0 0.961
Displaying the RIPng neighbours command will provide more info
bird> show rip neig
rip1:
IP address Interface Metric Routes Seen
fe80::2ac6:8eff:fe16:19d7 wan 1 23 22.898
fe80::216:3eff:fe28:54f0 wan 1 2 26.902
fe80::7683:c2ff:fe61:fd60 wan 1 6 21.931
As you can see, there are 3 other routers running RIPng, all upstream on the wan interface. RIPng uses IPv6 link-local addresses. It is a good idea to keep a cheat-sheet handy of your routers link-local addresses which will make it easier to understand which routers are peers/neighbours.
And of course you can use birdcl to show the routes in your network as well.
bird> show route
Table master6:
::/0 unicast [rip1 09:34:47.143] * (120/4)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd60::/60 unicast [rip1 09:34:47.149] * (120/2)
via fe80::7683:c2ff:fe61:fd60 on wan
2001:db8:8011:fd94::/64 unicast [rip1 09:34:47.143] * (120/4)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd80::/64 unicast [rip1 09:34:47.143] * (120/4)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd44::/62 unicast [rip1 09:34:47.143] * (120/2)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd44::fb0/128 unicast [direct1 09:34:47.139] * (240)
dev wan
2001:db8:8011:fd04::/62 unicast [rip1 09:34:47.143] * (120/3)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd00::/56 unicast [rip1 09:34:47.143] * (120/4)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd11::/64 unicast [rip1 09:34:47.143] * (120/4)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd00::/64 unicast [rip1 09:34:47.143] * (120/4)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd44::a1b/128 unicast [rip1 09:34:47.149] * (120/2)
via fe80::7683:c2ff:fe61:fd60 on wan
2001:db8:8011:fd40::/64 unicast [rip1 09:34:47.143] * (120/3)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd47::/64 unicast [rip1 09:34:47.143] * (120/2)
via fe80::ea9f:80ff:feec:d5f3 on wan
2001:db8:8011:fd46::/64 unicast [rip1 09:34:47.149] * (120/2)
via fe80::216:3eff:fe28:54f0 on wan
2001:db8:8011:fd45::/64 unicast [direct1 09:34:47.139] * (240)
dev br-lan
2001:db8:8011:fd44::/64 unicast [direct1 09:34:47.139] * (240)
dev wan
unicast [rip1 09:34:47.149] (120/2)
via fe80::7683:c2ff:fe61:fd60 on wan
2001:db8:8011:fd80::/62 unicast [rip1 09:34:47.143] * (120/3)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd84::/62 unicast [rip1 09:34:47.143] * (120/3)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd88::/61 unicast [rip1 09:34:47.143] * (120/3)
via fe80::2ac6:8eff:fe16:19d7 on wan
2001:db8:8011:fd90::/60 unicast [rip1 09:34:47.143] * (120/4)
via fe80::2ac6:8eff:fe16:19d7 on wan
The top entry, ::/0, is the default route pointing to the upstream router fe80::2ac6:8eff:fe16:19d7 on the wan interface. This is the path packets will take to get to the internet.
The last numbers (120/3) means 120 seconds for the life time of this router, and 3 indicates how many route-hops away is that network. As you can see the furthest network is 4 hops away from this router.
But unless you need to troubleshoot your network, or are just curious about how RIPng works, you shouldn't need to run birdcl. After all RIPng is basically a plug-and-play routing protocol.
Additional Info:
17 January 2022
updated 11 April 2022 - fixed example bird.conf