Network nerds?

Hmm, I might have two possible devices to use: a Cisco PIX 515 and a Cisco 2600.

If these devices are okay, then perhaps I can join this project if you guys are cool with it. Although, just to be honest, I don't know shit about BGP, so I'll be asking A LOT of annoying questions.
 
The 2600 should work with the right IOS. And don't worry about asking questions, this is all about learning.
 
Well, I'm obviously pretty new around here, but if you'll have me I'd be interesting in peering. I've always wanted to fool around with BGP, but never been at a big enough shop to justify it.

I'm currently running pfSense 2.0-ALPHA at my edge, but it's a little rough and I think I will end up going back to 1.2.3 fairly soon. What I was thinking is that Vyatta should have all the capabilities necessary, and I've been looking for an excuse to play with it anyway, so I might hang a Vyatta VM off my WAN and a new VLAN and use RIP to propagate routes back to pfSense from the BGP peers.

Anyone used Vyatta? It looks pretty nifty, and for those wanting to get linked up without shelling out for expensive Cisco gear it seems like a good free option, provided it will work... I'd be willing to try out pfSense 2.0 as well for those of you sitting on that fence.

I forgot to mention that xphil3, this is a genius idea. I'm sure there are lots of networking guys out there that would love to play with BGP but never get an opportunity since there isn't really any way to set up a useful BGP lab without a ton of work, and fooling around in production on the public Internet would be..frowned upon.. How are you guys handling address assignment? Are you just doing NAT into your own public subnets, since I'm sure a lot of us are going to end up overlapping...
 
I might be down if i can find my 2600s wherever they are. I took my ccna but haven't used cisco gear since then almost! Will be a good touch up and a huge learning experience with some more real world practice.
 
keenan said:
Well, I'm obviously pretty new around here, but if you'll have me I'd be interesting in peering. I've always wanted to fool around with BGP, but never been at a big enough shop to justify it.

I'm currently running pfSense 2.0-ALPHA at my edge, but it's a little rough and I think I will end up going back to 1.2.3 fairly soon. What I was thinking is that Vyatta should have all the capabilities necessary, and I've been looking for an excuse to play with it anyway, so I might hang a Vyatta VM off my WAN and a new VLAN and use RIP to propagate routes back to pfSense from the BGP peers.

Anyone used Vyatta? It looks pretty nifty, and for those wanting to get linked up without shelling out for expensive Cisco gear it seems like a good free option, provided it will work... I'd be willing to try out pfSense 2.0 as well for those of you sitting on that fence.

I forgot to mention that xphil3, this is a genius idea. I'm sure there are lots of networking guys out there that would love to play with BGP but never get an opportunity since there isn't really any way to set up a useful BGP lab without a ton of work, and fooling around in production on the public Internet would be..frowned upon.. How are you guys handling address assignment? Are you just doing NAT into your own public subnets, since I'm sure a lot of us are going to end up overlapping...
Click to expand...

From what I know about Vyatta it should support this, but I couldn't say for sure.

We've been loosely assigning the GRE/IPSEC Tunnel addresses, but nothing beyond that. We're not NATing into our networks, no overlap issues yet, but even if there are we could just filter those networks from advertisements. If anyone wants to join the group let me, xphil3 or Lightworker know and we can email you an invite.
 
keenan said:
Anyone used Vyatta? It looks pretty nifty, and for those wanting to get linked up without shelling out for expensive Cisco gear it seems like a good free option, provided it will work... I'd be willing to try out pfSense 2.0 as well for those of you sitting on that fence.

I forgot to mention that xphil3, this is a genius idea. I'm sure there are lots of networking guys out there that would love to play with BGP but never get an opportunity since there isn't really any way to set up a useful BGP lab without a ton of work, and fooling around in production on the public Internet would be..frowned upon.. How are you guys handling address assignment? Are you just doing NAT into your own public subnets, since I'm sure a lot of us are going to end up overlapping...
Click to expand...
1. I would love for some people with pf 2.0 try and tunnel up and BGP... would be nice to see if we can "support" it.

2. Thanks man, I had this idea awhile back and spoke to a few other memebers and my roomate about it, but it was unrealized. Now, thanks to ALL of the guys that have joined in this is happening, this wouldn't work without them!

Again, to all the guys that have started this, thanks... this is def becoming a pretty cool project. I think I smell a new post with some stickey action :D ...Lets get together on AIM later and talk it over.

EDIT: Just checked out Vyatta, looks like it would work. One thing though, take their quiz... they're a bit incorrect about some things they mention(apparently they haven't heard of IOS-XR/E, heh):D Im going to vm it though, gotta expand the knowledge and it looks pretty cool
 
Last edited:
I just install Vyatta in a virtual machine and have it running off the hard drives. the configuration looks alot like cisco from what i remember from my networking class in the spring. Same style commands.

a decent detailed guide to setting up a vpn
http://linux.com/archive/feature/143998

and then setting up BGP
http://www.debuntu.org/book/export/html/255

I be willing to try and setup a tunnel with someone later if anyone want to try. :)

Only downside is i can't leave this on all the time. (Parents complain) :p
 
Shockey said:
I just install Vyatta in a virtual machine and have it running off the hard drives. the configuration looks alot like cisco from what i remember from my networking class in the spring. Same style commands.

a decent detailed guide to setting up a vpn
http://linux.com/archive/feature/143998

and then setting up BGP
http://www.debuntu.org/book/export/html/255

I be willing to try and setup a tunnel with someone later if anyone want to try. :)

Only downside is i can't leave this on all the time. (Parents complain) :p
Click to expand...

I've tried messing with Vyatta a few times in a VM and found it to be extremely asinine as far as configuration. As much as I hate Nortel and 3Com I would have to say their CLI is more intuitive than Vyatta. I really want to like Vyatta but my time is precious and I'm not willing to spend hours trying to make it work. I couldn't even get the damn thing to do proper 802.1q trunking on a 2924XL switch. :(

/rant
 
hmmm, if there is the possibility of doing this by running something in vmware then i'll give it another shot, since i don't wanna get rid of my netscreen at the edge, but i do like the idea of participating in this! will do some research! :)
 
atomiser said:
hmmm, if there is the possibility of doing this by running something in vmware then i'll give it another shot, since i don't wanna get rid of my netscreen at the edge, but i do like the idea of participating in this! will do some research! :)
Click to expand...
just make sure to make your NAT exemption rules and proper ACL's(GRE,IPsec,ISAKMP,BGP,ESP/AH)... also would probably require NAT-T.
 
Well this looks cool :D

What do you need besisdes a router with the proper IOS? I got a 2610 maxed but don't know what the IOS ver. is.

Ohh btw what i know about BGP is almost 0 but i am always trying to learn a bit about everyting so if you need one more AS im in...
 
You must log in or register to reply here.
Back
Top