Blog from September, 2020

RARE "Day One": [ freeRouter CLI #003 ] - "Let's make you feel at home !"
Fréderic LOUI posted on Sep 30, 2020

This is a new article for the blog serie called "RARE Day One". Today we will explore one of freeRouter features meant to fine tune terminal user environment and behaviour in order to best match your taste/preferences.

Requirement

  • Basic Linux/Unix knowledge
  • Service provider networking knowledge

Overview

We all have our habits that are inherited from our past experience. Some people are used to IOS, IOS-XR, NX-OX, IOS-XE others prefer Junos etc. Using freeRouter provides a different user experience. Some feature such as show/view/watch/differ diagnosis commands are pretty unique to freeRouter. However, freeRouter have some cards in its sleeves in order to provide you a familiar experience.

Article objective

In this article, we will focus on these features:

  • monitor
  • length
  • width
  • spacetab
  • tablemode
  • timestamps
  • colorized

Basically these commands are accessed through freeRouter user mode. If you need to use them from config mode, please use the "do" keyword.

[ #003 ] - "monitor/length/width/spacetab/tablemode/timestamps/colorized"

If you are familiar with Cisco operating system you will feel at home with "terminal monitor" mode. This mode is usually used in combination with "debug" diagnosis command and actually redirect console amd debug output also in your current terminal session. (VTY in Cisco language)

Let's assume we want to debug IPv4 BGP

show BGP configuration from running config
r1#debug proto bgp ?                                                      
  computation - computation events
  event       - table events
  full        - full events
  incremental - incremental events
  traffic     - interface packets

Let's activate BGP debug event

Check BGP IPv4 peers status in VRF dn42
r1#debug rtr.rtrBgpSpeak.packRecv:rtrBgpSpeak.java:1134 got update from 172.23.215.177
debug rtr.rtrBgp.routerCreateComputed:rtrBgp.java:1902 create table
debug rtr.rtrBgpSpeak.packSend:rtrBgpSpeak.java:1080 sending update to 172.23.215.177
r1#                                                                       
r1#debug rtr.rtrBgpSpeak.packRecv:rtrBgpSpeak.java:1134 got keepalive from 172.23.215.177
debug rtr.rtrBgpSpeak.packSend:rtrBgpSpeak.java:1080 sending keepalive to 172.23.215.177
debug rtr.rtrBgpSpeak.packRecv:rtrBgpSpeak.java:1134 got update from fd40:cc1e:c0de::151
debug rtr.rtrBgp.routerCreateComputed:rtrBgp.java:1902 create table
debug rtr.rtrBgpSpeak.packSend:rtrBgpSpeak.java:1080 sending update to fd40:cc1e:c0de::151
debug rtr.rtrBgpSpeak.packRecv:rtrBgpSpeak.java:1134 got update from fd40:cc1e:c0de::151
debug rtr.rtrBgp.routerCreateComputed:rtrBgp.java:1902 create table
debug rtr.rtrBgpSpeak.packRecv:rtrBgpSpeak.java:1134 got update from fd40:cc1e:c0de::151
debug rtr.rtrBgp.routerCreateComputed:rtrBgp.java:1902 create table
debug rtr.rtrBgpSpeak.packSend:rtrBgpSpeak.java:1080 sending update to fd40:cc1e:c0de::151
debug rtr.rtrBgpSpeak.packRecv:rtrBgpSpeak.java:1134 got update from fd40:cc1e:c0de::151
debug rtr.rtrBgp.routerCreateComputed:rtrBgp.java:1902 create table
...

in order to cancel debug:

undebug all (or specific debug)
r1#un all
...

in order to stop console output from your terminal session:

termonal no monitor
r1#term no mon
...

Note

Similar to Cisco gear, "debug" can be very chatty. Therefore, be ready to issue "term no mon" or better log debug into a file for further off-line forensics.

In my previous examples, the output of "show ipv4 bgp 42 unicast database" command could not fit my window as the output as tomany lines. "terminal length" can be used to alter the number of  lines of the terminal.

Check hardware traffic counters
r1##terminal length ?                                                      
  <num> - height in lines

r1#terminal length
...

Note

"terminal length" can have no effect if you are using a more sophisticated terminal. However, this will have a visible impact on view/display/differ buffer.

"terminal spacetab" is specifically decidated to Junos user. It basically does the same effect as the <TAB> key, but it add also contextual completion with the <SPACE>

Check hardware traffic counters
r1#terminal spacetab ?                                                    
  <cr>

r1#terminal spacetab                                                      
...

Note

"terminal spacetab" does not remove <TAB> key behaviour.

"terminal tablemode" provide pre-formatted table output. 

"terminal tablemode" available format
mjolnir#terminal tablemode ?                                                   
  csv    - select csv mode
  fancy  - select fancy mode
  html   - select html mode
  normal - select normal mode
  raw    - select raw mode
  table  - select table mode
r1#terminal spacetab ?                                                    
  <cr>

Let's select "fancy"

Fancy mode
r1#show ipv4 bgp 42 summary                                               
 |~~~~~~~~~~~~|~~~~~~~|~~~~~~|~~~~~~~|~~~~~~~~~~~~~~~~|~~~~~~~~~~|
 | as         | learn | done | ready | neighbor       | uptime   |
 |------------|-------|------|-------|----------------|----------|
 | 4242421955 | 516   | 517  | true  | 172.23.215.177 | 01:16:23 |
 |____________|_______|______|_______|________________|__________|

Note

Feel free to play all format proposed by "terminal tablemode". This is pretty useful when you have to prepare some report related to the VPN or network you are currently managing.

"terminal timestamps" will simply prepend command timestamps.

Fancy mode
r1#show ipv4 bgp 42 summary                                               
2020-09-30 09:46:32
 |~~~~~~~~~~~~|~~~~~~~|~~~~~~|~~~~~~~|~~~~~~~~~~~~~~~~|~~~~~~~~~~|
 | as         | learn | done | ready | neighbor       | uptime   |
 |------------|-------|------|-------|----------------|----------|
 | 4242421955 | 516   | 517  | true  | 172.23.215.177 | 01:18:45 |
 |____________|_______|______|_______|________________|__________|

Note

As you can see, you can stack these modes. Here we activated "terminal tablemode + timestamps"

"terminal colorized" will simply  color  your prompt

"terminal <mode>" is specific to your current session. If you want a persistent behaviour you would need to activate these features from the  "server telnet" stanza. Which as its name wrongly implies, is not about configuring a telnet server only. From this stanza you'll able to configure any type of server dedicated to terminal connection. (SSH)

Fancy mode
r1#(cfg-server)#exec ?                                                     
  authorization - set authorization
  autocommand   - set automatic command
  autohangup    - disconnect user after autocommand
  bye           - set goodbye message
  colorized     - enable colorization
  height        - set height of terminal
  interface     - set interface to use for framing
  logging       - enable logging
  privilege     - set default privilege
  ready         - set ready message
  spacetab      - enable space as tab
  tablemode     - set table mode
  timeout       - set timeout value
  timestamp     - enable timestamps
  welcome       - set welcome message
  width         - number of columns

Note

This "server telnet" section will provide you lots of possibility to fine tune your terminal access !  Feel free to use them in order to feel at home !

Discussion

monitor/length/width/spacetab/tablemode/timestamps/colorized is a set of feature meant to ease your experience with freeRouter in mimic'ing well know behaviour and proposing you additional convenient features. One main behaviour is that all command issue from the CLI is instantly taken into account. 

Conclusion

In this 3rd article:

  • We presented freeRouter monitor/length/width/spacetab/tablemode/timestamps/colorized terminal customization command
  • These are very useful if you come from Cisco or Junos world as it mimic some termnal behaviour.

Final words

As said, these are terminal commands are not specific to freeRouter. Some behaviour are mimic'ed from IOS and Junos. Anyway, these have been developed for one purpose:

"Make network engineers feel at ease and provide then an enjoyable operation experience "

Feel free to try and use them according to your environment taste!

Last but not least, you can play with these different mode from this sandbox:

type "telnet dl.nop.hu" in a terminal and choose "1"
telnet dl.nop.hu
Trying 193.224.23.5...
Connected to dl.nop.hu.
Escape character is '^]'.
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXX XXXXX XXX    XXX     XXX XX XX XXXX XXXXXXXXXXXXXXXXXXX
XXXX  XXXX XX XXXX XX XXXX XX XX XX XXXX XXXXX/~~~~~~\XXXXXX
XXXX X XXX XX XXXX XX XXXX XX XX XX XXXX XXXX| player |XXXXX
XXXX XX XX XX XXXX XX     XXX    XX XXXX XXXXX\______/XXXXXX
XXXX XXX X XX XXXX XX XXXXXXX XX XX XXXX XXXXXXXXXXXXXXXXXXX
XXXX XXXX  XX XXXX XX XXXXXXX XX XX XXXX XXXXXXXXXXXXXXXXXXX
XXXX XXXXX XXX    XXX XXX XXX XX XXX    XXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
welcome
line ready
menu lab:
# - reboot router1
$ - reboot router2
% - reboot router3
1 - connect to router1
2 - connect to router2
3 - connect to router3
^ - rebuild routers
l - connect to lg.nop.dn42
x - exit
choose:1 - attach vdc lab1 

welcome
line ready
yourname#terminal ?                                                            
  colorized  - sending to ansi terminal
  length     - set terminal length
  monitor    - log to this terminal
  no         - negate a parameter
  spacetab   - treat space as tabulator
  tablemode  - select table formatting mode
  timestamps - put time before each executed command
  width      - set terminal width

yourname#terminal                            
...

In order to exit the sandbox session use the following escape sequence: Ctrl-c + Ctrl-x








RARE "Day One": [ freeRouter CLI #002 ] - "show/view/watch/display/differ"
Fréderic LOUI posted on Sep 29, 2020

This is a new article for the blog serie called "RARE Day One". Today we will explore one of freeRouter killer feature that will make your life easier during your day to day operation: freeRouter assisted diagnosis command.

Requirement

  • Basic Linux/Unix knowledge
  • Service provider networking knowledge

Overview

As previously mentioned in the precedent article, when you log into a network equipment such as a router, you tend to have some automatic reflex. You usually:

  • Check router configuration: show run or sh conf
  • Check ipv4 / ipv6 / or LFIB forwarding table
  • So you basically issue diagnosis, troubleshooting command
  • An then you want to configure the router

Article objective

In this article, we will focus on the 3rd bullet point and will present you freeRouter available diagnosis command. They are grouped into 5 categories:

  • show 
  • view
  • watch
  • display
  • differ

Basically these commands are accessed through freeRouter user mode. If you need to use them from config mode, please use the "do" keyword.

[ #002 ] - "show/view/watch/display/differ"

You would mostly be familiar with the "show" command. It is very good and can basically be used to get output from control plane object. Most of the time this can be used against static object like config.

Let's assume that I would like to get BGP config from my home router:

show BGP configuration from running config
show running-config bgp4                                               
router bgp4 42                                                                 
 vrf dn42                                                                      
 local-as 4242421975                                                           
 router-id 172.22.105.65                                                       
 address-family unicast multicast other flowspec vpnuni vpnmlt vpnflw ovpnuni ovpnmlt ovpnflw vpls mspw evpn mdt srte mvpn omvpn
 neighbor 172.23.215.177 remote-as 4242421955                                  
 neighbor 172.23.215.177 description NOP.DN42                                  
 neighbor 172.23.215.177 local-as 4242421975                                   
 neighbor 172.23.215.177 address-family unicast multicast other flowspec vpnuni vpnmlt vpnflw ovpnuni ovpnmlt ovpnflw vpls mspw evpn mdt srte mvpn omvpn
 neighbor 172.23.215.177 distance 20                                           
 justadvert loopback42                                                         
 exit

But I can also check the status of BGP peering into VRF dn42

Check BGP IPv4 peers status in VRF dn42
show ipv4 bgp 42 summary                                               
as          learn  done  ready  neighbor        uptime
4242421955  517    518   true   172.23.215.177  00:38:18

Check the same BGP peering but now for IPv6

Check BGP IPv6 peers status in VRF dn42
r1#show ipv6 bgp 42 summary                                               
as          learn  done  ready  neighbor             uptime
4242421955  351    352   true   fd40:cc1e:c0de::151  00:40:40
show ipv4 bgp 42 summary                                               
as          learn  done  ready  neighbor        uptime
4242421955  517    518   true   172.23.215.177  00:38:18

Let's see some BGP prefix received in VRF dn42 bgp table:

so my screen is too small for all the IPv6 BGP prefix into DN42 VRF

As a last example, something we usually do as network operators is to check ongoing interface traffic level:

Check interface traffic level (received/transmitted) )
r1#sh int sdn1                                                            
sdn1 is up (since 09:41:21, 2 changes)
 description: mjolnir@LAN1[01:00.0]
 type is sdn, hwaddr=003b.7671.764f, mtu=1500, bw=8000kbps, vrf=inet
 ip4 address=192.168.0.90/24, netmask=255.255.255.0, ifcid=10013
 ip6 address=2a01:e0a:159:2850::666/64, netmask=ffff:ffff:ffff:ffff::, ifcid=10013
 received 52013 packets (17638316 bytes) dropped 5 packets (448 bytes)
 transmitted 80765 packets (15101696 bytes) promisc=false macsec=false

r1#sh int sdn1                                                            
sdn1 is up (since 09:41:22, 2 changes)
 description: mjolnir@LAN1[01:00.0]
 type is sdn, hwaddr=003b.7671.764f, mtu=1500, bw=8000kbps, vrf=inet
 ip4 address=192.168.0.90/24, netmask=255.255.255.0, ifcid=10013
 ip6 address=2a01:e0a:159:2850::666/64, netmask=ffff:ffff:ffff:ffff::, ifcid=10013
 received 52013 packets (17638316 bytes) dropped 5 packets (448 bytes)
 transmitted 80766 packets (15101778 bytes) promisc=false macsec=false

r1#sh int sdn1                                                            
sdn1 is up (since 09:41:24, 2 changes)
 description: mjolnir@LAN1[01:00.0]
 type is sdn, hwaddr=003b.7671.764f, mtu=1500, bw=8000kbps, vrf=inet
 ip4 address=192.168.0.90/24, netmask=255.255.255.0, ifcid=10013
 ip6 address=2a01:e0a:159:2850::666/64, netmask=ffff:ffff:ffff:ffff::, ifcid=10013
 received 52015 packets (17638418 bytes) dropped 5 packets (448 bytes)
 transmitted 80766 packets (15101778 bytes) promisc=false macsec=false

In the last example we repeatedly issue the "sh int sdn1" command and try to see if TX/RX packets counters increment or not.

This command can be improved in order to be less chatty:

Check interface traffic level (received/transmitted) )
r1#sh int sdn1 | i received|transmitted                            
 received 52256 packets (17681204 bytes) dropped 5 packets (448 bytes)
 transmitted 81130 packets (15162642 bytes) promisc=false macsec=false

r1#sh int sdn1 | i received|transmitted                            
 received 52256 packets (17681204 bytes) dropped 5 packets (448 bytes)
 transmitted 81130 packets (15162642 bytes) promisc=false macsec=false

r1#sh int sdn1 | i received|transmitted                            
 received 52260 packets (17681496 bytes) dropped 5 packets (448 bytes)
 transmitted 81132 packets (15162790 bytes) promisc=false macsec=false

Same goes if want want interface traffic for all interface

Check interface traffic level (received/transmitted) )
show interfaces summary                                                
interface   state  tx        rx        drop
loopback0   up     65856     0         0
loopback42  up     65856     0         0
ethernet0   up     31071917  33183183  0
hairpin41   up     85806     85552     0
hairpin42   up     85806     85552     0
sdn1        up     15200591  17703953  448
sdn2        up     15563546  8000994   794
sdn3        admin  0         0         0
sdn4        admin  0         0         0
sdn5        admin  0         0         0
sdn6        admin  0         0         0
sdn998      up     5850      0         0
sdn999      up     23268     18666     0
tunnel1965  up     5222281   7124950   0

Above was to check interface status related to software switched packet. What if I want to check hardware switched packet counters switched by P4 or DPDK ?

Check interface traffic level (received/transmitted) )
show interfaces hwsummary                                              
interface   state  tx         rx         drop
hairpin41   up     0          0          0
hairpin42   up     0          0          0
sdn1        up     317902736  590402538  1162971
sdn2        up     574923844  310497399  203
sdn3        admin  0          0          0
sdn4        admin  0          0          0
sdn5        admin  0          0          0
sdn6        admin  0          0          0
sdn998      up     9062       0          0
sdn999      up     103804     64470      0
tunnel1965  up     0          1301312    0

Note

As a network operator, the "show" command is your best friend, your wingman. Just explore now from freeRouter CLI using "show ?" and you'll understand the amazing list of diagnosis command available.

In my previous examples, the output of "show ipv4 bgp 42 unicast database" command could not fit my window. Say hello to "view" keyword then !  

Let's now try to get hardware counters as above:

Check hardware traffic counters
r1#view ipv4 bgp 42 unicast database
...

Then you'll be able to see READ-ONLY text buffer where you can navigate and check the output that are beyond boundaries of your screen !

Note

"view" is similar to "show" but it will let you deal with a fixed buffer. "view" buffer won't be refreshed.

As mentioned above, "show" gives you diagnosis instant photo of a control plane object. In order to see counter increment, you'd have to issue "show" repeatedly. In order to avoid that, let me introduce you the "watch" command

Let's now try to get hardware counters as above:

Check hardware traffic counters
r1#watch interfaces hwsummary
...

It will clear the terminal session and gives you the same outout as above but with counter updated in a regular basis

So in this example you'll see a live output with counter incrementing. In the screenshot it is not noticeable, but in real life this is bluffing. See watch interface pretty much like Junos "monitor" keyword.

So needless to say that "watch" is applicable to every control plane object such as BGP:

Amazing, don't you think ?

In my previous examples, the output of "show ipv4 bgp 42 unicast database" command could not fit my window. Say hello to "display" keyword then !  

Display BGP prefix from dn42 VRF
r1#display ipv4 bgp 42 unicast database
...

Then you'll be able to see READ-ONLY text buffer where you can navigate and check the output that are beyond boundaries of your screen !

As a side note, you can benefit from online help by pressing <f1>

You can press Ctrl+q in order to exit the editor. As the viewer is a READ-ONLY buffer

Note

Use "display" for output that have output that does not fit into your screen. "display" shows a buffer that is auto-refreshed similar to "watch". But instead the output is thrown into a buffer where you can navigate. But display, very useful to diagnoses object such as huge:

  • ACL
  • prefix-list
  • route policy list
  • route-map

As opposed to "view", "display" proposes an auto-refresh version of the buffer ! 

Last but not list. "differ" , this will split the window in 2 buffers reflecting the same output but with different version and it it signal line lines that have changed. 

Check BGP best path computation for BGP process 42
r1#diff ipv4 bgp 42 bestpath
...

With this view you can easily spot the differences between 2 advertisements interval.

To be honest, when i used this feature for the first time I was totally stumbled and said: Waouw ...

Simply amazing ... 

Discussion

show/view/watch/display/differ is pretty unique to freeRouter, and is really meant to provide you the best user experience as a network operator ! These command have proven to be helpful, especially if you deal with huge feed. However, be careful when you are working with very big output such BGP full feed. This won't crash the router of course as we used to when we issued "debug ip packet" but it will for sure imply a high CPU usage due to regular refresh at the control plane level.

Conclusion

In this 2nd article:

  • We presented freeRouter show/watch/display/differ diagnisis command
  • These are very useful when you have to deal with huge command output buffer.

Final words

As said, these are diagnosis commands are specific to freeRouter. 2 decades of know how and network experience have been pushed into these feature codes. These have been developed for one purpose:

"Provide a unique operation experience to network engineers"

Feel free to try and use them according to your environment taste!

Last but not least, you can play with these different mode from this sandbox:

type "ssh dl.nop.hu" in a terminal (any user/pass will do) and choose "l"
ssh dl.nop.hu -l random_user                                                                                                                              
Warning: Permanently added 'dl.nop.hu,193.224.23.5' (RSA) to the list of known hosts.
random_user@dl.nop.hu's password: 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXX XXXXX XXX    XXX     XXX XX XX XXXX XXXXXXXXXXXXXXXXXXX
XXXX  XXXX XX XXXX XX XXXX XX XX XX XXXX XXXXX/~~~~~~\XXXXXX
XXXX X XXX XX XXXX XX XXXX XX XX XX XXXX XXXX| player |XXXXX
XXXX XX XX XX XXXX XX     XXX    XX XXXX XXXXX\______/XXXXXX
XXXX XXX X XX XXXX XX XXXXXXX XX XX XXXX XXXXXXXXXXXXXXXXXXX
XXXX XXXX  XX XXXX XX XXXXXXX XX XX XXXX XXXXXXXXXXXXXXXXXXX
XXXX XXXXX XXX    XXX XXX XXX XX XXX    XXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
welcome
line ready
menu lab:
# - reboot router1
$ - reboot router2
% - reboot router3
1 - connect to router1
2 - connect to router2
3 - connect to router3
^ - rebuild routers
l - connect to lg.nop.dn42
x - exit
choose:l - telnet 172.23.199.110 23 /telnet 
 - connecting to 172.23.199.110 23
 - securing connection

hi there!
try the following:
  show ipv4 route dn42
  show ipv6 route dn42
  show ipv4 bgp 65535 vpnuni summary
  show ipv6 bgp 65535 vpnuni summary
  show ipv4 bgp 65535 vpnuni database
  show ipv6 bgp 65535 vpnuni database
  show ipv4 bgp 65535 vpnuni allroute <prefix> 65535:42
  show ipv6 bgp 65535 vpnuni allroute <prefix> 65535:42
  show ipv4 logger 42 flapstat 10
  show ipv6 logger 42 flapstat 10
  show ipv4 bgp 65535 vpnuni flapstat 10
  show ipv6 bgp 65535 vpnuni flapstat 10
  show ipv4 bgp 65535 vpnuni flappath <prefix> 65535:42
  show ipv6 bgp 65535 vpnuni flappath <prefix> 65535:42
have fun!
mc36
welcome
line ready
player-dn42>                                                                   
player-dn42>                   
...

Then issue a "diff" command:

differ example with BGP command
player-dn42>diff ipv4 bgp 65535 vpnuni database 10.11.160.0/20 65535:42
...

You'll be rewarded by this diff out related to the command which means:

"show me the prefix status of 10.11.160.0/20 within BGP process 65535 with rd: 65535:42"

After a quick look at VRF definition indicates that rd 65535:42 is tied to VRF dn42:

Check vrf list on router
player-dn42>sh start vrf                                                       
vrf definition dn42
 rd 65535:42
 rt-import 65535:42
 rt-export 65535:42
 source4route all
 source6route all
 mdt4
 mdt6
 exit
vrf definition rtbh
 rd 65535:666
 rt-import 65535:666
 rt-export 65535:666
 exit
vrf definition vpn
 rd 65535:1
 rt-import 65535:1
 rt-export 65535:1
 mdt4
 mdt6
 exit
...

In order to exit the sandbox session use the following escape sequence: Ctrl-c + Ctrl-x







RARE "Day One": [ freeRouter CLI #001 ] - "conf t"
Fréderic LOUI posted on Sep 29, 2020

This is a special blog series called "RARE Day One". I've always been a huge Cisco and JUNIPER fans, Cisco has unparalleled documentation and I really like JUNIPER "Day One" or "This Week" booklets. Similar to JUNIPER approach RARE "Day One" articles are dealing with essential topics that you need to get familiar with and that will become handy during your "RARE-freeRouter"-FU practices !  

Requirement

  • Basic Linux/Unix knowledge
  • Service provider networking knowledge

Overview

Even in the era of zero touch configuration where everything can be modelled by YANG and automated by Ansible, CLI configuration mode is essential and will take a special important place into network engineers' heart.

Any network engineer in the room who never issued this command ?

Mythical "configure terminal" command
conf t
...

Article objective

In this article, we will present you freeRouter available configuration mode. This is an essential article as it will help you in your potential daily operation task. 

Diagram

[ #001 ] - "configure <mode>"

When you log into a network equipment such as a router, you tend to have some automatic reflex. You usually:

  • Check router configuration: show run or sh conf
  • Check ipv4 / ipv6 / or LFIB forwarding table
  • An then you want to configure the router

Let's assume you want to configure interface sdn3 description:

Mythical "configure terminal" command
r1#sh run sdn3                                                            
interface sdn3
 description r1@LAN3[05:00.0]
 mtu 1500
 macaddr 007b.0c15.1e0c
 shutdown
 no log-link-change
 exit

...

r1#conf t
r1(cfg)#                                                                  
r1(cfg)#int sdn3                                                          
r1(cfg-if)#                                                               
r1(cfg)#int sdn3                                                          
r1(cfg-if)#description Hello Workd SDN3                                
r1(cfg-if)#

As you would notice, configuring these from "config terminal" prompt has an immediate effect. Please note you can issue "show" command from config mode using the "do" keyword :

issue "show" command in configuration mode using "do" keywork
r1#conf t
r1(cfg)#                                                                  
r1(cfg)#int sdn3                                                          
r1(cfg-if)#                                                               
r1(cfg)#int sdn3                                                          
r1(cfg-if)#description Hello Workd SDN3                       
r1(cfg-if)#   
r1(cfg-if)#do sh run sdn3                                                 
interface sdn3
 description Hello Workd SDN3
 mtu 1500
 macaddr 007b.0c15.1e0c
 shutdown
 no log-link-change
 exit

At that point you have a running-config in router memory and you have a startup-config written into the freeRouter flash. In order to see the difference:

issue "show" command in configuration mode
...

r1(cfg-if)#do sh config                                                   
interface sdn3
 no description old_descrption
 description Hello Workd SDN3
 exit
...
r1(cfg-if)# end                                                           
r1#show config-differences                                                
interface sdn3
 no description old_descrption
 description Hello Workd SDN3
 exit

Notice the use of "end" primitive in order to end configuration mode and revert to user mode. In the example we used shortcut command name:

  • sh config
  • show config-differences

So basically this command will show you the difference between running-config and startup-config. This is similar to Junos: show | compare except that in this context this a comparison between running and startup config.

In this case it just delete the current description and replace it by the new one.

Once you are happy you can write the running-config into the startup-config:

issue "show" command in configuration mode
...
r1#wr                                                                     
% success
r1#sh conf                                                                

r1#

You observe that show config-differences has no relevant output. running-config is aligned to startup-config !

Note

This is the most intuitive and recommended way to start learning freeRouter as from this interactive mode, you'll benefit from the contextual help that can be triggered by '?'. In this way you'll even be able to discover new freeRouter feature yourself ! This piece of software holds a tremendous amount of secret functionality. In the output below we just check which control plane can be activated ...

issue "show" command in configuration mode
...
r1(cfg)#router ?                                                          
  babel4     - babel routing protocol
  babel6     - babel routing protocol
  bgp4       - border gateway protocol
  bgp6       - border gateway protocol
  blackhole4 - blackhole collector
  blackhole6 - blackhole collector
  deaggr4    - deaggregate creator
  deaggr6    - deaggregate creator
  download4  - route download
  download6  - route download
  eigrp4     - enhanced interior gateway routing protocol
  eigrp6     - enhanced interior gateway routing protocol
  flowspec4  - flowspec to flowspec rewriter
  flowspec6  - flowspec to flowspec rewriter
  isis4      - intermediate system intermediate system
  isis6      - intermediate system intermediate system
  logger4    - route logger
  logger6    - route logger
  lsrp4      - link state routing protocol
  lsrp6      - link state routing protocol
  mobile4    - mobile route creator
  mobile6    - mobile route creator
  msdp4      - multicast source discovery protocol
  msdp6      - multicast source discovery protocol
  olsr4      - optimized link state routing protocol
  olsr6      - optimized link state routing protocol
  ospf4      - open shortest path first
  ospf6      - open shortest path first
  pvrp4      - path vector routing protocol
  pvrp6      - path vector routing protocol
  rip4       - routing information protocol
  rip6       - routing information protocol
  uni2flow4  - unicast to flowspec converter
  uni2flow6  - unicast to flowspec converter
  uni2multi4 - unicast to multicast converter
  uni2multi6 - unicast to multicast converter

"configure viewer" is a very interesting mode as it gives you the possibility to review the router configuration from a  viewer inspired from "mcedit" (Norton Midnight Commander) 

configure viewer
r1#configure viewer
...

Then you'll be able to read your configuration from a READ-ONLY text buffer:

As a side note, you can benefit from online help by pressing <f1>

But what if I just want to view a specific object ? Let's find out how to check ONLY BGP configuration @ home:

route addition via freeRouter
r1#configure viewer bgp4
...

So in this case It'll just throw my IPv4 bgp config snippet onto the viewer buffer

Same if I want to only view all interface sdn<x> from the router config:

config viewer <regexp>
r1#configure viewer sdn
...

This is so cool, isn't ?

Note

In big TELCO Service Provider environment, most of the time you have Technical Project Manager that just need to perform some checks related to specific customer VPN deployment. So some times, I received some calls: "Can you please that from customer the HUB site prefix 1.2.3.0/24 is configured and advertised into BGP for customer ABC in VRF YXZ ?" With "configure viewer <object>", the TPM can just check it for himself without bothering you at all ! And this without the fear to alter router configuration by accident.

PS: For that you'll need to create a aaa security config with:

  • proper router aaa security policy with privilege level 1
  • with or without TACACS/RADIUS authentication / authorisation and accounting
  • and apply it to a specific OOBM SSH/telnet server in a specific VRF,

but this is not in the scope of the the present article and it will be the object of further articles.

In SP environment, you should not be surprised to see router configuration that has 100k lines or even more. In these environment, I've seen config with countless amount of VRF, NAT, DLSW, GRE, IPSEC tunnels, BGP peers ...  "config viewer" is a great tools when you want to verify a specific stanza on a per customer or object basis and in bonus without any risk the Provider Edge router configuration.

"configure viewer" gives you the possibility to view the config or some parts of the config in read-only mode. "configure editor" gives you simply the possibility to edit also the specific running-config config stanza.

route addition via freeRouter
r1#configure editor
...

Then you'll be able to edit your configuration from a READ-WRITE text buffer:

As a side note, you can benefit from online help by pressing <f1>

You can press Ctrl+q in order to exit the editor. As you did not change anything it will exit the editor.

But what if I just want to edit a specific object ? Let's find out how to check ONLY BGP configuration @ home:

config editor <regexp>
r1#configure editor bgp4
...

So in this case I'll just throw my IPv4 bgp config onto the editor buffer

In this buffer let's just create a description for BGP neighbor 172.23.215.177.

Now just press Ctrl-q (as per the online help accessible using <f1>). However, freeRouter detect the buffer changed has we added BGP description configuration. Therefore it will ask you if you want to save the buffer change into the running-config and apply it.

At that moment you'll be displayed a small recap of what has been applied. 

Even more cool no ? 

Warning

Even if "config editor" is seducing and seems more appealing especially for beginners. This is absolutely not the case. "configure editor" mode is meant for advanced users who knows freeRouter CLI by heart. Why, you might say ? Just try to edit a gigantic BGP configuration without any contextual help just by writing a textual file and you'll understand the risk behind using "config editor". Therefore it is no recommend to use it against complex control plane object.

Please take note that "config editor" alter the running-configuration directly when you saved the editor buffer !

Note

So what's the point of having this cool feature ? This feature is powerful when it comes to simple control plane object or big repetitive object. This is very practical to use this feature against: ACL / Prefix-List / Route Policy Object / Route Map etc.

  • ACL
  • prefix-list
  • route policy list
  • route-map

but nothing to prevent you to edit BGP stanza if you feel that your freeRouter-fu needs to be challenged (wink)

Same as "config editor", but instead of working against the running-config you are editing the startup-config. Which is more safe ... till the next reload (wink)

config startup
r1#configure startup
...

"configure reload" as its name implies is not about reloading a router whatsoever (smile)

config reload
r1#configure reload ?                                                     
  <url> - source url

r1#configure reload    
...

This command take a <url> as argument. Basically it will fetch router configuration from the specified <url> and load it into the startup-config. It is an equivalent to Cisco "copy <url> start". From that point:

  • it is up to the network operator to check the startup configuration
  • and issue a reload warm in order to restart the router and test that connectivity is resuming as expected
  • Check the running-config is aligned to startup-config


Warning

(repetition is not harmful) As said before "configure reload" does not reload the router. It just load the config from specified <url> into the startup-configuration. And this steps precedes a reload that has to be triggered manually by the operator after having checked the config.

Note

in day to day operation, startup-config is usually not altered directly. In TELCO SP environment, IIRC, I used it mainly to retrieve configuration from a CMDB server during 2 situations:

  • Router first time installation after basic configuration staging enabling minimum connectivity
  • Router hardware replacement

Note that in SP environment, as VPN owner we could handle a portfolio of customer (~10). Each customer could have ~ 2000 CPEs. You can see why "config reload" can be very handy.

"configure network" gives you the possibility to update/merge existing  running-config from config exposed from a web server.

route addition via freeRouter
r1#configure network ?                                                    
  <url> - source url

r1#configure network
...

This command take a <url> as argument. Basically it will fetch specified configuration from the specified <url> and merge it into the running-config. It is an equivalent to Cisco "copy <url> run". So, from that point:

Warning

  • only running-config is altered.
  • If not saved all changes will be lost in the next reload

Note

in day to day operation, In TELCO SP environment, "configure network" is very useful when you want to apply the same configuration stanza to several router at the same time.

Same as "configure network" gives you the possibility to replace running-config from config exposed from a web server.

route addition via freeRouter
r1#configure overwrite-network ?                                                    
  <url> - source url

r1#configure overwrite-network
...

This command take a <url> as argument. Basically it will fetch specified configuration from the specified <url> and replace the running-config. It is an equivalent to Cisco "copy <url> run". So, from that point:

Warning

  • only running-config is altered.
  • If not saved all changes will be lost in the next reload

Note

in day to day operation, In TELCO SP environment, "configure network" is very useful when you want to apply the same configuration stanza to several router at the same time from a clean slate state. (no merger)

"configure banner" is one of my favorite mode. It will display an editor allowing you to edit the banner of your router.

route addition via freeRouter
r1#configure banner                                                   
...

Press Ctrl-q and then y in order to save the banner.

Log in to you router again in order to check your new banner:


Note

in day to day operation, this banner can be written in configuration using banner encoded command

banner encoded
banner encoded ICAgX18gICAgICAgICAgICAgICBfX19fICAgICAgICAgICAgIF8NCiAgLyBffF8gX18gX19fICBfX198ICBfIFwgX19fICBfICAgX3wgfF8gX19fIF8gX18NCiB8IHxffCAnX18vIF8gXC8gXyBcIHxfKSAvIF8gXHwgfCB8IHwgX18vIF8gXCAnX198DQogfCAgX3wgfCB8ICBfXy8gIF9fLyAgXyA8IChfKSB8IHxffCB8IHx8ICBfXy8gfA0KIHxffCB8X3wgIFxfX198XF9fX3xffCBcX1xfX18vIFxfXyxffFxfX1xfX198X3wNCiAgXyBfXyBfX18gICBfX198IHwgX19fX18gIHwgfA0KIHwgJ19fLyBfIFwgLyBfX3wgfC8gLyBfX3wgfCB8DQogfCB8IHwgKF8pIHwgKF9ffCAgIDxcX18gXCB8X3wNCiB8X3wgIFxfX18vIFxfX198X3xcX1xfX18vIChfKQ0KDQo=

the command corresponds to the banner mentioned above.

"configure revert" revert the running-config to the startup config. For Junos fan it is equivalent to "rollback 0"

configure description
r1#sh run int sdn3                                                        
interface sdn3
 description r1@LAN3[05:00.0]
 mtu 1500
 macaddr 007b.0c15.1e0c
 shutdown
 no log-link-change
 exit
!
configure description
r1# conf t                                                                
r1(cfg)#int sdn3
r1(cfg-if)#description "This is the new description"

mjolnir(cfg-if)#do sh conf                                                     
interface sdn3
 no description r1@LAN3[05:00.0]
 description "This is the new description "
 exit
Let's diff between running and startup config
r1(cfg-if)#do sh conf                                                     
interface sdn3
 no description r1@LAN3[05:00.0]
 description "This is the new description "
 exit
sh run sdn3
mjolnir(cfg)#exit                                                              
mjolnir#sh run sdn3                                                            
interface sdn3
 description "This is the new description "
 mtu 1500
 macaddr 007b.0c15.1e0c
 shutdown
 no log-link-change
 exit
sh run sdn3
mjolnir#configure revert                                                       
     1: interface sdn3
     2:  no description "This is the new description "
     3:  description r1@LAN3[05:00.0]
     4:  exit

errors=0
sh run sdn3
mjolnir#sh run sdn3                                                            
interface sdn3
 description r1@LAN3[05:00.0]
 mtu 1500
 macaddr 007b.0c15.1e0c
 shutdown
 no log-link-change
 exit

Note

in day to day operation, In TELCO SP environment, "configure revert" should be used as "rollback 0" upon the running config. This means that you are about to abandon the current running config and re-apply the config that figures in the startup-config. In our case, it was changing a description, but in some case it can have more impact. (change route filtering, route advertising etc.)

"configure rollback" is very useful when you are in an operational  situation that needs "trial and error" approach, and sometimes the error can lead to loss of connectivity on the router itself... Who never experienced that ?

First of all we have a saying a French saying: "Il n'y a que ceux qui ne font rien qui ne font pas de bêtise". So don't feel guilty about that... I remembered having isolated some sites just by accident ...

In this situation "configure rollback" is a combination of "configure revert" and a loss of CLI TCP session. What does this practically means ?

Imagine you are configuring a redistribution between IS-IS and OSPF and that you forgot that the network have 2 connections. This redistribution without careful route filtering will result in a routing loop and it happens that you lose connectivity upon that configuration. (never ending routing advertisement loop, high cpu load etc...)

Upon losing TCP connection, in "configure rollback" freeRouter will automatically revert to its startup config.

You will therefore auto-magically get back connection before it was the route redistribution that caused the havoc.

How cool is that !

Note

In IOS, i used to use  "reload in <x>" command, in JunOS of course you have "commit confirm" and same goes for IOS-XR. So this airbag is not only unique to freeRouter, but IT IS THERE !

"configure file" gives you to the possibility to update/merge running configuration from a local file from the flash filesystem.

route addition via freeRouter
r1#configure file ?                                                       
  <file> - source file

r1#configure file
...

This command take a <file> as argument. Basically it will load specified configuration from the specified <file> and update/merge the running-config. It is an equivalent to Cisco "copy <flash:file> run". So, from that point:

show flash
mjolnir#show flash /rtr                                                        
date                 size     name
2009-12-31 23:00:00  18048    bundle.bin
2020-07-30 15:47:05  2477     c.sh
2009-12-31 23:00:00  22648    hdlcInt.bin
2020-08-26 07:35:35  2937     hwdet-all.sh
2020-07-31 13:31:28  203      hwdet-main.sh
2009-12-31 23:00:00  18616    mapInt.bin
2020-09-29 08:58:48  554856   mjolnir.log
2009-12-31 23:00:00  18088    modem.bin
2009-12-31 23:00:00  131432   p4dpdk.bin
2009-12-31 23:00:00  121896   p4emu.bin
2009-12-31 23:00:00  63144    p4pkt.bin
2009-12-31 23:00:00  18088    pcap2pcap.bin
2009-12-31 23:00:00  18608    pcapInt.bin
2009-12-31 23:00:00  18384    rawInt.bin
2020-09-28 11:54:12  598      rtr-hw.txt
2020-09-28 21:16:19  14607    rtr-sw.txt
2020-07-30 15:47:37  2022     rtr.err
2020-09-29 03:09:25  5587321  rtr.jar
2020-09-29 03:09:16  5585713  rtr.jar.bak
2020-09-29 03:09:26  24       rtr.rld
2020-09-23 03:06:12  529      rtr.scr
2020-09-23 03:06:11  483      rtr.scr.bak
2020-08-23 17:34:19  46       rtr.scr2
2020-08-23 17:34:18  0        rtr.scr2.bak
2020-09-23 03:06:11  542720   rtr.tar
2020-09-23 03:06:09  522240   rtr.tar.bak
2020-09-29 03:11:04  2330     rtr.ver
2020-09-29 03:11:03  3790694  rtr.zip
2020-09-29 03:10:57  3789659  rtr.zip.bak
2020-07-30 15:47:05  388      setup_dpdk.sh
2020-07-30 15:47:05  48       setup_route.sh
2020-07-30 15:47:05  2171     setup_veth.sh
2009-12-31 23:00:00  18048    stdLin.bin
2009-12-31 23:00:00  18440    tapInt.bin
2009-12-31 23:00:00  18224    ttyLin.bin
2009-12-31 23:00:00  18256    vlan.bin

"configure file" gives you to the possibility to replace running configuration from a local file from the flash filesystem.

route addition via freeRouter
r1#configure replace ?                                                       
  <file> - source file

r1#configure replace
...

This command take a <file> as argument. Basically it will load specified configuration from the specified <file> and replace the running-config. It is an equivalent to Cisco "copy <flash:file> run". So, from that point:

show flash
mjolnir#show flash /rtr                                                        
date                 size     name
2009-12-31 23:00:00  18048    bundle.bin
2020-07-30 15:47:05  2477     c.sh
2009-12-31 23:00:00  22648    hdlcInt.bin
2020-08-26 07:35:35  2937     hwdet-all.sh
2020-07-31 13:31:28  203      hwdet-main.sh
2009-12-31 23:00:00  18616    mapInt.bin
2020-09-29 08:58:48  554856   mjolnir.log
2009-12-31 23:00:00  18088    modem.bin
2009-12-31 23:00:00  131432   p4dpdk.bin
2009-12-31 23:00:00  121896   p4emu.bin
2009-12-31 23:00:00  63144    p4pkt.bin
2009-12-31 23:00:00  18088    pcap2pcap.bin
2009-12-31 23:00:00  18608    pcapInt.bin
2009-12-31 23:00:00  18384    rawInt.bin
2020-09-28 11:54:12  598      rtr-hw.txt
2020-09-28 21:16:19  14607    rtr-sw.txt
2020-07-30 15:47:37  2022     rtr.err
2020-09-29 03:09:25  5587321  rtr.jar
2020-09-29 03:09:16  5585713  rtr.jar.bak
2020-09-29 03:09:26  24       rtr.rld
2020-09-23 03:06:12  529      rtr.scr
2020-09-23 03:06:11  483      rtr.scr.bak
2020-08-23 17:34:19  46       rtr.scr2
2020-08-23 17:34:18  0        rtr.scr2.bak
2020-09-23 03:06:11  542720   rtr.tar
2020-09-23 03:06:09  522240   rtr.tar.bak
2020-09-29 03:11:04  2330     rtr.ver
2020-09-29 03:11:03  3790694  rtr.zip
2020-09-29 03:10:57  3789659  rtr.zip.bak
2020-07-30 15:47:05  388      setup_dpdk.sh
2020-07-30 15:47:05  48       setup_route.sh
2020-07-30 15:47:05  2171     setup_veth.sh
2009-12-31 23:00:00  18048    stdLin.bin
2009-12-31 23:00:00  18440    tapInt.bin
2009-12-31 23:00:00  18224    ttyLin.bin
2009-12-31 23:00:00  18256    vlan.bin

Discussion

Most of you will simply use the basic "conf t" mode, but keep in mind that depending on your context, all the other modes are proven to be very handy. The possibility to configure 1000 router with one single config file using "config network" is a savior. Having the possibility to trigger automatic definitive router staging using "conf reload" is tremendously useful when you have to deploy 10 routers a day. As said "config view" can give non operation staff to check if some configs are there or not ... "config editor" is very powerful when you want to edit a never ending access-list, but remember to avoid to use it for complex BGP config... You have been warned !

Conclusion

In this 1st article:

  • We presented freeRouter config mode
  • Most of these are useful in various different context

Final words

All these modes are not new. IOS, IOS-XR, IOX-XE, NW-OX, JUNOS have their own config mode that are somewhat similar. In any case freeRouter config mode implementation is meant to address  all needs from the network operators perspective. As you can observe, configure mode has an impressive list of mode. Feel free to try and use them according to your environment taste!

Last but not least, you can play with these different mode from this sandbox:

type "telnet dl.nop.hu" in a terminal and choose "1"
 telnet dl.nop.hu                                                                                                                                                 1 ↵
Trying 193.224.23.5...
Connected to dl.nop.hu.
Escape character is '^]'.
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXX XXXXX XXX    XXX     XXX XX XX XXXX XXXXXXXXXXXXXXXXXXX
XXXX  XXXX XX XXXX XX XXXX XX XX XX XXXX XXXXX/~~~~~~\XXXXXX
XXXX X XXX XX XXXX XX XXXX XX XX XX XXXX XXXX| player |XXXXX
XXXX XX XX XX XXXX XX     XXX    XX XXXX XXXXX\______/XXXXXX
XXXX XXX X XX XXXX XX XXXXXXX XX XX XXXX XXXXXXXXXXXXXXXXXXX
XXXX XXXX  XX XXXX XX XXXXXXX XX XX XXXX XXXXXXXXXXXXXXXXXXX
XXXX XXXXX XXX    XXX XXX XXX XX XXX    XXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
welcome
line ready
menu lab:
...
type "ssh dl.nop.hu" in a terminal (any user/pass will do) and choose "1"
ssh dl.nop.hu -l random_user                                                                                                                                     1 ↵
Warning: Permanently added 'dl.nop.hu,193.224.23.5' (RSA) to the list of known hosts.
random_user@dl.nop.hu's password: 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXX XXXXX XXX    XXX     XXX XX XX XXXX XXXXXXXXXXXXXXXXXXX
XXXX  XXXX XX XXXX XX XXXX XX XX XX XXXX XXXXX/~~~~~~\XXXXXX
XXXX X XXX XX XXXX XX XXXX XX XX XX XXXX XXXX| player |XXXXX
XXXX XX XX XX XXXX XX     XXX    XX XXXX XXXXX\______/XXXXXX
XXXX XXX X XX XXXX XX XXXXXXX XX XX XXXX XXXXXXXXXXXXXXXXXXX
XXXX XXXX  XX XXXX XX XXXXXXX XX XX XXXX XXXXXXXXXXXXXXXXXXX
XXXX XXXXX XXX    XXX XXX XXX XX XXX    XXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
welcome
line ready
menu lab:
# - reboot router1
$ - reboot router2
% - reboot router3
1 - connect to router1
2 - connect to router2
3 - connect to router3
^ - rebuild routers
l - connect to lg.nop.dn42
x - exit
choose:1 - attach vdc lab1 

yourname#                                                                      
yourname#configure ?                                                           
  <cr>
  banner            - edit the banner
  editor            - configure from editor
  file              - append to running configuration
  network           - append to running configuration
  overwrite-network - overwrite the running configuration
  reapply           - !!!EXPERiMENTAL!!! try to reapply current configuration
  reload            - overwrite the startup configuration
  replace           - overwrite the running configuration
  revert            - revert to startup configuration
  rollback          - configure within auto-revert session
  startup           - edit the startup configuration
  terminal          - configure from this terminal
  viewer            - view current configuration

yourname#configure                                      
...

In order to exit the sandbox session use the following escape sequence: Ctrl-c + Ctrl-x

Another method to access the sandbox, by click here, this will open a terminal webapp into your browser:






RARE software architecture: [ Modular design #001 ] - "One control plane message API to rule all control-plane & dataplane"
Fréderic LOUI posted on Sep 19, 2020


This is a special blog series called "RARE software architecture". As its name implies, it deals with topics related to RARE/freeRouter software design choice.

Requirement

  • Basic Linux/Unix knowledge
  • Service provider networking knowledge

Overview

RARE project objective is to provide a routing platform proposing various solutions addressing multiple use cases in the R&E landscape. In the picture below you see in purple the different use cases:

As you can notice, each use case will run on different hardware that potentially can have different dataplanes. As we were starting from a clean slate environment without much choice, especially with P4 programmability - the first dataplane or P4 target considered was BMv2. BMv2 is an excellent way to learn P4, it is also the first target we use in order to program and validate new features. After 6 months of practising our "P4-fu" we developed:

  • a P4lang repository for ubuntu bionic and focal
  • a debian 10 repository
  • had our first RARE/FreeRouter prototype powered by a P4 BMv2 dataplane !

Our initial work, considering FreeRouter's Java nature, was to write a Java P4Runtime GRPC client that would be able to program the entries in the tables exposed by BMv2 via the P4Info file. However, this would have intimately tied FreeRouter code to P4Runtime gRPC code. Even if it's more natural to choose this solution, going in that direction implied that dataplanes other than BMv2 would be compliant to P4Runtime. It turns out that this is not the case. We then opted for a simple message API via a bi-directional raw UNIX socket. We will see what this means later in this blog.

Motivated by the successful experience with BMv2, we then decided to move forward and started to study TOFINO as a target. We were greedy and eager to apply our P4 code against multi-terabits traffic. After a few P4 program compilations, the first impression from my personal perspective was ... mind blowing ! INTEL/BAREFOOT TOFINO effectively opened the door to multi-terabits packet processing... Just to have at the tip of your finger the possibility to process traffic at these traffic levels was exciting !

As a side note, the journey was not without suffering and pain... (smile) We had to port our BMv2 code - and to port to TOFINO was not "Une lettre à la poste"... It is not that TOFINO programming is gratuitously painful. It is just that it is p4c-tofino's job to make sure that our packets are processed at silicon lighting speed. Imagine you are asked to  convey parcels by driving from Paris to Amsterdam with a car that has an infinitely sized trunk, with an infinite gas tank and no particular speed constraint along the road. And then you are asked to do the same trip, but with an actual real car that has a trunk with a fixed size and with a 50 litre gas tank, and of course you'll have to follow speed signs along the road.

In the first case, you would put as many parcels as you would like and you even won't bother looking at your gas tank level and maybe you'd set the speed to 200 Km/h. The second case forces you to carefully think about how many parcels you can put in your trunk, check to see if one completely full tank can be sufficient for the trip and of course, you would have to follow the speed signs.

If you allow me this comparison, this is where BMv2 and TOFINO programming differs.  

But, this pain was not in vain, it was for the greater good... You can't imagine the inherent joy when you see the TOFINO compiler displaying the DONE word ! For the veterans who can remember, it is the same feeling when you manage to compile your first program in the ADA language. The compiler is not so strict that compiling an ADA program is in itself a feat. No wonder why this language is used in Spatial rocket (Ariane).

Back to our dataplane interface story, even TOFINO and BMv2 share some roots, while BMv2 had P4Runtime as a northnound interface, INTEL/BAREFOOT pushed into TOFINO platform with P4_16 their gRPC interface counterpart: BfRuntime.

Our best bet paid off as FreeRouter message API was unchanged and without much effort we could add a new dataplane "wingman" to the FreeRouter control plane.

To recap:

  • For BMv2: Our interface yields P4Runtime RPC calls. This program is called: forwarder.py
  • For TOFINO: Our interface yields BfRuntime RPC calls. This program is called witout too much originality: bf_forwader.py

At that point we were starting to have a decent LSR/LER router for CORE and Aggregation use cases.

But we still had nothing at the EDGE/AGGREGATION layer in terms of a solution proposal, deploying P4 hardware might be way too expensive in specific contexts such as small R&E institutions like primary schools or small R&E labs. To that purpose, we started to study new targets such as VMWARE XDP and a very promising project: T4P4S ELTE. While we could not use XDP without a lot of P4 code rewriting and compromise, T4P4S ELTE was from our perpective very promising. But due to a compilation issue, we could not move forward.

FPGA was also a solution that we considered but had no access to any FPGA hardware that was P4 compliant.

As a result, we were a little bit bitter and started to read the DPDK library. And we started to play with DPDK examples... These examples were tremendously useful as it sparked some DPDK development into the RARE team. Csaba, the FreeRouter lead developer, step by step came up with this GENIUS idea: why don't we just use emulate P4 RARE P4 dataplane program ? We can still revert to using T4P4S ELTE when it will be ready ?

P4emu/P4dpdk was then born ! 

To conclude this short story, RARE/FreeRouter has now 3 completely different dataplanes: (in order of appearance)

  • BMv2
  • TOFINO
  • DPDK


Unique RARE/FreeRouter feature

However, please note that FreeRouter message API is common to the three dataplanes listed above. You'll see further how this structure make the solution: an open modular, interchangeable solution.

Article objective

In this article, let's present RARE/FreeRouter platform structure and focus on the interface(S) between FreeRouter control plane and various dataplane.

Diagram

[ #001 ] - Modular design

In this designs, FreeRouter is focusing on running control plane processes, such as routing protocols IGP(s), BGP(s). There are other control plane processes but let's just focus on these latter. At some point in time, all IGPs/EGP converge and will have to create an entry in a routing table. In case of IPv4 the entry will be created into an IPv4 forwarding table and similarly, an IPv6 route entry will be created into IPv6 forwarding table. From FreeRouter point of view these entry creation will be triggered by yielding one Java function twice that will generate these 2 API messages, one for IPv4 and the other one for IPv6.

Let's add an IPv4 route into freeRouter CLI

route addition via freeRouter
conf t
ipv4 route v1 1.2.3.0 255.255.255.0 4.4.4.4
...

Upon entering the ipv4 route and pressing <enter>, you'll see the following message appearing

message API: route4_add
...
rx: ['route4_add', '1.2.3.0/24', '13063', '4.4.4.4', '1', '\n']
...

Let's delete the route via FreeRouter CLI

route deletion via freeRouter
conf t
no ipv4 route v1 1.2.3.0 255.255.255.0 4.4.4.4
...
message API: route4_del
...
rx: ['route4_del', '1.2.3.0/24', '13063', '4.4.4.4', '1', '\n']
...

Important note

In short, the message API is simply a collection of message that would trigger an entry ADD/DELETE/MODIFY into the dataplane corresponding table.

The documentation of this message API will be documented and published soon, but for those who are curious and can't wait this documentation, you can read forwarder.py, bf_forwarder.py or p4dpdk.bin  source code

As said in the beginning of the article, freeRouter control plane would have to deal with dataplane of different nature. And we concluded in mentioning that for now, freeRouter has three dataplanes. Each of these dataplanes have their own northbound interface, whether this is P4Runtime for BMv2, BfRuntime for TOFINO or P4DPDK for system compatible with DPDK and having DPDK complinnt NIC.

For BMv2 we just had to write an interface that would translate freeRouter API message into P4Runtime GRPC calls. For BMv2 this interface is called forwarder.py:

For TOFINO we just had to write an interface that would translate freeRouter API message into BfRuntime GRPC calls. For TOFINO this interface is called bf_forwarder.py:

For DPDK we just had to write an interface that would translate freeRouter API message into DPDK primitives. This interface is included into DPDK dataplane bundled into freeRouter binaries: p4dpdk.bin

It is just as simple as that !

Discussion

This design is pretty unique because, if for any reason you would like to "hook" freeRouter control plane to an other dataplane such as:

  • FPGA
  • or dataplane powered by kernel bypass technique such as RDMA
  • Or other NPU based dataplane
  • etc.

This is possible !

You would "just" have to port your P4 code logic into the target dataplane and create an interface able to translate API messages from FreeRouter into understandable message from the target dataplane.

Be cautious with the word "just"

The "just" word can be misleading. Indeed, depending on the target dataplane, it can be a huge task. With DPDK, we were lucky in getting enough material in order to move forward and again p4dpdk.bin was a simple trial at the very beginning. But some other dataplane can just be simply be ignored if we don't get enough material/support from NPU vendors. 

One thing that we did not experience, but this can be maybe one day a reality.

What if you have your own control plane and that you absolutely want to keep it, but would like to re-use BMv2/TOFINO or DPDK RARE dataplane ?

Well this is possible !

Long time ago I met Thomas MANGIN (yet another cool and nice French guy (smile) ) which is the author of Exa-BGP, i did not talk to him about this and I don't want to give him bad idea, but what if he would like to hook a TOFINO P4 dataplane to Exa-BGP ?

Well, he actually would just have to teach exaBGP to handle entry ADD/DELETE/MODIFY message according to the message API above.

I also love the work DONE at the SoNIC project level and I know that SoNIC has already a P4 dataplane called switch.p4. I doubt it will be the case one day but, what if SoNIC project wanted to re-use RARE dataplane for especially for Service Provider capability ?

OK, this sounds crazy, but the modular design we proposed here is valid and can make the RARE dataplane available for other control plane.

Of course, we strongly suggest you to stick with FreeRouter as you will just realize IMHO that in the TELCO Service Provider space there is no match. You'll have the venerable IOS-XR and JUNOS, but these are not Open Source counterparts.


Conclusion

In this 1st article you:

  • had a 10K feet view description of RARE/FreeRouter modular design
  • This design allow rapid dataplane addtion without altering whatsoever FreeRouter code base
  • In case you would like to re-use BMv2/TOFINO/P4DPDK dataplane, this has been never implemented but this is possible !

Message API documentation

From the time being this API  message is not yet publicly documented. However, it is available and buried inside forwarder.py or bf_forwarder.py source code. This is work in progress but if you feel an urgent need to use it feel free to read the code.

PS: We will publish this document ASAP, but time plays against us ...




RARE hardware platform: [ APS® Networks BF2556X-1T #001 ] - "A versatile and flexible P4 switch"
Fréderic LOUI posted on Sep 01, 2020

This is a special blog series called "RARE hardware platform". As its name implies it deals with certified and tested platform on which RARE/freeRouter can run out of the box.

Requirement

  • Basic Linux/Unix knowledge
  • Service provider networking knowledge

Overview

We will deal with a series of article related to APS Networks® BF2556X-1T P4 switch. The key highlight of this box is: 

  • It is a P4 TOFINO NPU based switch
  • TOFINO version has 2 cores (i.e. 2 pipes) and can manage up to 2 Tbps
  • It offers multiple connection types and rates:
    • 48x25GSFP28 and 8x100GQSFP28
      • SFP28 port [1 - 16] can configure into 1G/10G/25G
      • SFP28 port [17 - 48] can configure into 10G/25G
      • QSFP28 port [49 - 56] Each QSFP28 port can configure into 1x100G,2x50G,4x25G, 1x40G or 4x10G Mode.
  • SyncE and 1588 support

Article objective

In this article, we will just do a basic introduction of the BF2556X-1T

[ #001 ] - BF2556X-1T in a nutshell

Parcel

What's in the box

Included items

Quick Installation guide

Front panel

Back panel

APS Networks® BF2556X-1T Racked

APS Networks® BF2556X-1T alongside to his P4 brothers: Edgecore WEDGE100BF32X

BF2556X-1T specification

The system uses Barefoot BFN-T10-032D-020 (Tofino 2.0T) Switch Chip which can support 20 x 100GE ports.

Major features are:

  • 2.0 Tbps bandwidth
  • One Barefoot BFN-T10-032D-020(Tofino 2.0T) Switch ASIC
    • Ethernet support 80x25G SERDES ports
    • Management SERDES support four ports 10G-KR
    • PCIe Gen3 x 4lanes
  • Eight Marvell 98PX1024
    • Single chip support 4x25G SERDES
  • Network Interface
    • 48x25G SFP28 and 8x100G QSFP28
    • SFP28 port 1~16 can configure into1G/10G/25G.
    • SFP28 port17~48 can configure into 10G/25G.
    • Each QSFP28 port can configure into 1x100G,2x50G,4x25G, 1x40G or 4x10G Mode.
  • CPU Module: Optional Module design for flexibility
    • Intel® Xeon® Processors D1527 (BDXDE)
  • BMC: Base Board Management Controller
    • BMC is a specialized service processor that monitors the physical state of a system.
    • ASPEED AST2520
  • Management Port:
    • 3xRJ45 10/100/1000Mbps OOBM(Out Of Band Management) port
    • 1xConsoleRJ45
    • 1xUSB3.0
  • FAN Tray:
    • Four 40mmx56mm Fan-tray
    • Supporting 3+1 redundancy
    • Support front to back and back to front air direction.
  • PSU:
    • 1+1 redundant PSU
    • Each PSU will be supporting 850W power to system.
    • 12V standby power for system management chips.
    • Support DC power supply
CPU specification
lscpu
Architecture:        x86_64                                                         
CPU op-mode(s):      32-bit, 64-bit                                                 
Byte Order:          Little Endian                                                  
CPU(s):              16                                                             
On-line CPU(s) list: 0-15                                                           
Thread(s) per core:  2                                                              
Core(s) per socket:  8                                                              
Socket(s):           1                                                              
NUMA node(s):        1                                                              
Vendor ID:           GenuineIntel                                                   
CPU family:          6                                                              
Model:               86                                                             
Model name:          Intel(R) Xeon(R) CPU D-1548 @ 2.00GHz                          
Stepping:            3                                                              
CPU MHz:             799.832                                                        
CPU max MHz:         2600.0000                                                      
CPU min MHz:         800.0000                                                       
BogoMIPS:            4000.16                                                        
Virtualization:      VT-x                                                           
L1d cache:           32K                                                            
L1i cache:           32K                                                            
L2 cache:            256K                                                           
L3 cache:            12288K                                                         
NUMA node0 CPU(s):   0-15                                                           
Flags:               fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperf mperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid dca sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb cat_l3 cdp_l3 invpcid_single pti intel_ppin ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid fsgsbase tsc_ad just bmi1 hle avx2 smep bmi2 erms invpcid rtm cqm rdt_a rdseed adx smap intel_pt xsa veopt cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local dtherm ida arat pln pts md_clear flush_l1d

Discussion

The  APS Networks® BF2556X-1T is a horse power:

  • the usage of 8 cores having each one 2 threads speeds up P4 program compilation. (BF2556X-1T  as 2x more core than the WEDGE100BF32X)
  • SyncE 1588 might be certainly important for you should your P4 application require precise time synchronisation capability 
  • Having 1G/10G/25G/40/50G/100G connectivity via SFP28 and QSFP28 will make the BF2556X-1T ready for multiple use case.
    • In a P/PE architecture MPLS PE proposing 1G/10G connectivity and having uplink toward the core
    • In a collapse core can be used a MPLS PE router
    • Can be used as a leaf or Tor switch/router
    • BRAS/BNG router

Conclusion

In this 1st article you:

  • had a brief description APS Networks® BF2556X-1T hardware platform
  • The hardware provide p4 connectivity at 1GE capacity (16x1GE ports is available)
  • In addition to 1GE it also provide 10/25/40/50/100G connectivity

RARE hardware plarform: [ BF2556X-1T #001 ] - key take-away

  • From RARE/FreeRouter point of view, BF2556X-1T is very good candidate for PE (Provider Edge) router.

The 8x100G ports can make as a strong in a collapse core architecture (P function merge with PE functions), the box can also be used a a BGP route as it boast with 32 GB of RAM (~10 full BGP feeds), but you won't leverage the ports availability. It can be used to implement BRAS/BNG use case but would be also a good candidate as a ToR in Data Center envionment with BGP/MPLS capability and the possibility to provide 1GE connection to existing server purchased beforehand.

  • SyncE 1588 support is a key features if your application needs precision provided by PTP

As we will discover the box, we will explain in further articles how to benefit from this features. 

  • RARE/freeRouter @design can coexist with Virtualisation technology BF2556X-1T

We just started our experience with this box. You'll find further, a series of article dedicated to BF2556X-1T depicting:

  • How to proceed to initial OS installation
  • Proceed to  APS Networks® BF2556X-1T software installation (TOFINO SDE and Gearbox) installation
  • Port operations on TOFINO ports SFP28 port 16-47 and QSFP28 port 48-56  
  • Port operations on GearBox ports SFP28 port 1-16 (1G/10G/25G)
  • How to benefit from SyncE 1588 support
  • RARE/freeRouter effective installation

The installation will be implemented should be compliant to ISP TELECOM standard. (It should survives power outage, easy upgrade features, start automatically at boot time without any human intervention)