github.com/osrg/gobgp@v2.0.0+incompatible/tools/contrib/centos/README.md

github.com/osrg/gobgp@v2.0.0+incompatible/tools/contrib/centos/README.md (about)

     1  # GoBGP systemd Integration for CentOS
     2  
     3  The following document describes how to manage `gobgp` with `systemd`.
     4  
     5  Download `gobgp` binaries, unpack them, and put them `/usr/bin/`:
     6  
     7  ```bash
     8  mkdir -p /tmp/gobgp
     9  cd /tmp/gobgp && curl -s -L -O https://github.com/osrg/gobgp/releases/download/v1.31/gobgp_1.31_linux_amd64.tar.gz
    10  tar xvzf gobgp_1.31_linux_amd64.tar.gz
    11  mv gobgp /usr/bin/
    12  mv gobgpd /usr/bin/
    13  ```
    14  
    15  Grant the capability to bind to system or well-known ports, i.e. ports with
    16  numbers `0–1023`, to `gobgpd` binary:
    17  
    18  ```bash
    19  /sbin/setcap cap_net_bind_service=+ep /usr/bin/gobgpd
    20  /sbin/getcap /usr/bin/gobgpd
    21  ```
    22  
    23  First, create a system account for `gobgp` service:
    24  
    25  ```bash
    26  groupadd --system gobgpd
    27  useradd --system -d /var/lib/gobgpd -s /bin/bash -g gobgpd gobgpd
    28  mkdir -p /var/{lib,run,log}/gobgpd
    29  chown -R gobgpd:gobgpd /var/{lib,run,log}/gobgpd
    30  mkdir -p /etc/gobgpd
    31  chown -R gobgpd:gobgpd /etc/gobgpd
    32  ```
    33  
    34  Paste the below to create `gobgpd` configuration file. The `router-id` in this
    35  example is the IP address of the interface the default route of the host is
    36  pointing to.
    37  
    38  ```bash
    39  DEFAULT_ROUTE_INTERFACE=$(cat /proc/net/route | cut -f1,2 | grep 00000000 | cut -f1)
    40  DEFAULT_ROUTE_INTERFACE_IPV4=$(ip addr show dev $DEFAULT_ROUTE_INTERFACE | grep "inet " | sed "s/.*inet //" | cut -d"/" -f1)
    41  BGP_AS=65001
    42  BGP_PEER=10.0.255.1
    43  cat << EOF > /etc/gobgpd/gobgpd.conf
    44  [global.config]
    45    as = $BGP_AS
    46    router-id = "$DEFAULT_ROUTE_INTERFACE_IPV4"
    47  
    48  [[neighbors]]
    49    [neighbors.config]
    50      neighbor-address = "$BGP_PEER"
    51      peer-as = $BGP_AS
    52  EOF
    53  chown -R gobgpd:gobgpd /etc/gobgpd/gobgpd.conf
    54  ```
    55  
    56  Next, copy the `systemd` unit file, i.e. `gobgpd.service`, in this directory
    57  to `/usr/lib/systemd/system/`:
    58  
    59  ```bash
    60  cp gobgpd.service /usr/lib/systemd/system/
    61  ```
    62  
    63  Next, enable and start the `gobgpd` services:
    64  
    65  ```bash
    66  systemctl enable gobgpd
    67  systemctl start gobgpd
    68  ```
    69  
    70  If necessary, create an `iptables` rule to allow traffic to `gobgpd` service:
    71  
    72  ```bash
    73  iptables -I INPUT 4 -p tcp -m state --state NEW --dport 179 -j ACCEPT
    74  ```
    75  
    76  Also, add the following rule into `INPUT` chain in `/etc/sysconfig/iptables`:
    77  
    78  ```plaintext
    79  # BGP
    80  -A INPUT -p tcp -m state --state NEW -m tcp --dport 179 -j ACCEPT
    81  ```
    82  
    83  Check the status of the services:
    84  
    85  ```bash
    86  systemctl status gobgpd
    87  ```
    88  
    89  The logs are available via `journald`:
    90  
    91  ```bash
    92  journalctl -u gobgpd.service --since today
    93  journalctl -u gobgpd.service -r
    94  ```
    95  
    96  A user may interract with GoBGP daemon via `gobgp` tool:
    97  
    98  ```bash
    99  # gobgp global
   100  AS:        65001
   101  Router-ID: 10.0.255.1
   102  Listening Port: 179, Addresses: 0.0.0.0, ::
   103  
   104  # gobgp global rib summary
   105  Table ipv4-unicast
   106  Destination: 0, Path: 0
   107  
   108  # gobgp neighbor
   109  Peer            AS Up/Down State       |#Received  Accepted
   110  10.0.255.1   65001   never Active      |        0
   111  ```