RCP100 Basic Router Configuration on Ubuntu 12.04

I do like the idea of an open-source software router, and I’ve tried several of them so far. Most open-source routers would concentrate on implementing the main IP routing protocols one by one. Administration features like CLI or SNMP seem to get less attention. There is little or no support for integrated Access Control Lists, NTP, DHCP or DNS functionality. This is in sharp contrast with the commercial routers where administration and network management are first class citizens.

RCP100 seems to break the tradition. It has a Cisco-like command line interface (CLI), and all the regular administration and management protocols. Starting with version 0.99 it also features a simple and intuitive web interface, making the router accessible to less sophisticated users and beginner administrators.

In this article I will set up a basic RCP100 IP router on a Ubuntu 12.04 computer using the web interface. This means there will be lots of pictures and no CLI commands. Networking experts will definitely get bored.

I am installing the software on a regular Ubuntu 12.04 LTS computer running LXDE. This is an older 64bit machine with two Ethernet interfaces, eth0 and eth1. The computer is connected to the main network on eth0, and it is auto-configured using DHCP. Upstream, a regular small router handles the DSL Internet connection and provides DHCP services.

The steps are as follows:

Disable existing network services

I start by disabling DHCP on the Ubuntu computer. For this, I go into Preferences/Network Connections, press Wired connection 1 and in IP v4 Settings tab I switch the connection type from Automatic (DHCP) to Manual. I set the interface IP address and DNS servers field and save them. The values I chose are actually the same values pushed previously by DHCP. For DNS servers I use the public 8.8.8.8 and 8.8.4.4 provided by Google. I also disable Automatic (DHCP) on the other interface.

Starting with Ubuntu 12.04 version, a DNS server – dnsmasq – is installed and started by default on the computer. I disable it since it will collude with RCP100 DNS functionality. For this I edit /etc/NetworkManager/NetworkManager.conf and comment out the dns=dnsmasq line.

#dns=dnsmasq

When all is set, I restart Network Manager

$ sudo restart network-manager

Installing RCP100

RCP100 provides .deb packages for Ubuntu. The latest software version is 0.99.2 and it is available here. The package was build for Ubuntu 12.04 LTS and it will also work on Ubuntu 12.10. I use dpkg to install it:

$ sudo dpkg -i rcp100_0.99.2_1.deb

Reseting the computer in this moment will automatically start the router. You can also start the router manually with start rcp100 command, and stop it with stop rcp100 from a terminal.

Login

The next step is to login into the router using the web interface. I start a web browser and point it to http://0/index.html. I type in username rcp, password rcp and I am immediately asked to change the default passwords. I am then directed to the main router page.

From here I go to the configuration page, where I configure all router features I am interested in.

DNS configuration

In DNS configuration page I just enter the same DNS server addresses – 8.8.8.8 and 8.8.4.4 – as before, and I enable DNS proxy server services. Then, I type in the password and press Save Configuration button. The local DNS proxy server is started immediately. Anybody on the network can use this server to speed up name resolution.

Interface configuration

Interface configuration page allows you to set the IP address for all interfaces. I enter 192.168.1.19/24 for eth0 and 192.168.22.1/24 for eth1.

br0 and br1 are two bridge interfaces created by RCP100. The interfaces are mainly used for connecting virtual machines to the real network. If you don’t need them, just mark them as shutdown.

NTP configuration

The last configuration item on the menu is Network Time Protocol. I specify two external servers for synchronization and I enable the local NTP server. I intend to use this server to synchronize the time on all the other machines on the network.

Conclusion

RCP100 is easy to install and run on a regular Ubuntu computer. The web interface is easy to use, you can basically set the router without any CLI knowledge. If you are a CLI fan, you can always telnet into the box and set it using the regular CLI commands. Most of the commands are exactly as Cisco’s, the occasional differences are minor and can be resolved easily by typing “?” on the prompt line.

Equal Cost Multipath

Equal Cost Multipath (ECMP) is a network load-balancing method that enables the coexistence of multiple network paths form one source node to a destination node. The two or more paths between the nodes have the same routing cost, thus the traffic will be split evenly across, avoiding congestion and increasing the bandwidth.

ECMP is also a network redundancy method. In case one ECMP link fails, the traffic will move on the remaining links with minimal interruption in service.

For ECMP to work, a router will need special support in the forwarding plane and in the routing protocols deployed in the network. For experimentation I will use two Linux virtual machines on my host computer. The Linux kernel has an excellent ECMP implementation, as for the routing protocol I will use OSPF.

The virtual machines are set using Easy LXC. Each machine owns a slice of the Linux kernel running on the host computer, with full network and process separation. In each virtual machine I run one instance of RCP100. RCP100 is a router control plane for Linux platforms, supporting among other things OSPF and ECMP. RCP100 also features a CISCO-like command line interface (CLI) which simplifies router operation for people already skilled in configuring commercial routers.

The network diagram is as follows:

ECMP test network

The two virtual machines are plugged into two Linux bridges, br0 and br1. On router connections I use network addresses in the range 10.20.x.0/24 range. Router IDs are defined in 192.168.10.x range and are implemented as loopback interfaces on the router. The loopback interfaces are redistributed into OSPF and should be advertised by OSPF throughout the network. The relevant configuration for the two routers looks like this:

Router r0:

r0#show running-config | no-more 
hostname r0
[snip]
!
router ospf
  router-id 192.168.10.0
  network 10.20.0.0/16 area 0
  redistribute connected loopback
!
interface ethernet eth0
  ip address 10.20.0.2/24
  ip mtu 1500
  no shutdown
!
interface ethernet eth1
  ip address 10.20.1.2/24
  ip mtu 1500
  no shutdown
!
interface loopback 0
  ip address 192.168.10.0/32
  ip mtu 16436
!
[snip]
r0#

Router r1:

r1#show running-config | no-more 
hostname r1
[snip]
router ospf
  router-id 192.168.10.1
  network 10.20.0.0/16 area 0
  redistribute connected loopback
!
interface ethernet eth0
  ip address 10.20.0.3/24
  ip mtu 1500
  no shutdown
!
interface ethernet eth1
  ip address 10.20.1.3/24
  ip mtu 1500
  no shutdown
!
interface loopback 0
  ip address 192.168.10.1/32
  ip mtu 16436
!
r1#

We login into the routers by telnet 0 in the virtual machine control terminals. The routing tables will show the equal cost multipath routes installed for the neighbor’s router ID. As we configured them earlier as loopbacks, router IDs are real routes, we can ping them for example.

Router r0:

r0#show ip route
Codes: C - connected, S - static, R - RIP, B - blackhole, O - OSPF
IA - OSPF inter area, E1 - OSPF external type 1, E2 - OSPF external type 2

C    10.20.0.0/24 is directly connected, eth0
C    10.20.1.0/24 is directly connected, eth1
O E2 192.168.10.1/32[110/20] via 10.20.0.3, eth0
                             via 10.20.1.3, eth1
r0#

Router r1:

r1#show ip route
Codes: C - connected, S - static, R - RIP, B - blackhole, O - OSPF
IA - OSPF inter area, E1 - OSPF external type 1, E2 - OSPF external type 2

C    10.20.0.0/24 is directly connected, eth0
C    10.20.1.0/24 is directly connected, eth1
O E2 192.168.10.0/32[110/20] via 10.20.0.2, eth0
                             via 10.20.1.2, eth1
r1#

With the ECMP routes installed, we can try now to see how the traffic is distributed across the two links. We login into router 0 and from there we telnet several times into r1 at 192.168.10.1.

r0#telnet 192.168.10.1
Trying 192.168.10.1...
Connected to 192.168.10.1.
Escape character is '^]'.
User: rcp
Password: 
r1>exit
Connection closed by foreign host.
r0#

Each telnet connection goes trough one path or the other alternatively. Once the telnet session is established, the traffic stays on the specific path until the telnet connection is closed. This is accomplished in the Linux kernel by hashing source/destination address and port numbers, and associating specific hash values with specific connections.

The following picture shows two Wireshark windows side by side, while pinging r1 from r0. The ICMP requests are spread over the two links, r1 will respond on the link it received the request.

ECMP traffic in two WIreshark windows