Configure Ubuntu as a Router for AWS Direct Connect.

Scenario:
We wanted to configure  AWS Direct Connect, a dedicated network from our premises to AWS.  It's a private network from AWS to your datacenter.  We wanted to configure 10G connection from our data datacenter to AWS.  Read here^ more about direct connect.


following diagram shows high level connectivity from the premise to AWS.

If you are planning you buy a switch/router at your side(4), please go though the requirement before purchase.  To test the connection, We decided to configure Ubuntu server as a router instead of buying router/switch first.

So let's look at the perquisite:

• vlan should be configured on Ubuntu, which should be same as configured at AWS side. You can find it under  DirectConnect->Virtual Interface->click on interface. 

             Check this^ post to configure vlan on ubuntu.

• Make sure you are able to ping AWS router IP after configuring vlan.
• You should find you router configuration on the AWS console. 
• And a  server with 10G NIC installed.

AWS virtual interface:

Before configuration, BGP state would be down. We need to configure BGP (Border Gateway Protocol) is protocol that manages how packets are routed across the network. for that, we will be using BIRD on ubunu.

Installation
BIRD is an open source implementation for routing Internet Protocol packets on Unix-like operating systems.

#apt-get install bird

If you'll be using this server as a gateway/proxy and performing NAT to other internal devices, you need to allow IPv4 forwarding

#sysctl net.ipv4.ip_forward=1

Now, Let's edit bird config file.

Take a backup of of you file first,

#cp /etc/bird/bird.conf /etc/bird/bird.conf.ori

Following is the my config file:

root@ubuntu:/home/ubuntu# cat /etc/bird/bird.conf
# This is a minimal configuration file, which allows the bird daemon to start
# but will not cause anything else to happen.
#
# Please refer to the documentation in the bird-doc package or BIRD User's
# Guide on http://bird.network.cz/ for more information on configuring BIRD and
# adding routing protocols.

# Change this into your BIRD router ID. It's a world-wide unique identification
# of your router, usually one of router's IPv4 addresses.
#router id 198.51.100.1;

# The Kernel protocol is not a real routing protocol. Instead of communicating
# with other routers in the network, it performs synchronization of BIRD's
# routing tables with the OS kernel.


router id x.x.x.x; #This is your side router IP

#debug protocols all;

protocol direct {
    interface "vlan112"; #vlan interface you configured earlier,
}

protocol kernel {
    persist;     
    scan time 20;     
    export all;   
}

protocol device {
    scan time 100;
}

protocol bgp {
    description "AWS BGPlink";
    local as 65001;
    neighbor x.x.x.x as xxxx; #AWS side router IP
    password "0x8dXXXXXXXXX";  #password
    export all;
    bfd off;
}

protocol bfd {
        interface "vlan112" {
                min rx interval 5000 ms;
                min tx interval 5000 ms;
                idle tx interval 5000 ms;
        };
        multihop {
                interval 200 ms;
                multiplier 10;
        };
        neighbor x.x.x.x;
}
root@ubuntu:/home/ubuntu#


Restart the daemon

#service bird restart

Check is BGP state is up or not,

#birdc
bird>
bird> show protocols all bgp1
name     proto    table    state  since       info
bgp1     BGP      master   up     00:05:58    Established 
  Description:    AWS BGPlink
  Preference:     100
  Input filter:   ACCEPT
  Output filter:  ACCEPT
  Routes:         2627 imported, 1 exported, 2627 preferred
  Route change stats:     received   rejected   filtered    ignored   accepted
    Import updates:           3509          0          0          0       3509
    Import withdraws:          880          0        ---          0        880
    Export updates:           3510       3509          0        ---          1
    Export withdraws:          880        ---        ---        ---          0
  BGP state:          Established
    Neighbor address: x.x.x.x
    Neighbor AS:      xxxx
    Neighbor ID:      x.x.x.x
    Neighbor caps:    refresh restart-aware AS4
    Session:          external AS4
    Source address:   x.x.x.x
    Hold timer:       89/90
    Keepalive timer:  16/30

root@ubuntu:/home/ubuntu#

You can cross check BGP status on AWS side too,

Change timezone on Linux

Scenario: I wanted to change timezone through automated script.
There is easy way to change to timezone of you system,

#ln -sf /usr/share/zoneinfo/UTC /etc/localtime

root@localhost:~# ln -sf /usr/share/zoneinfo/UTC /etc/localtime
root@localhost:~# date
Thu Mar 28 20:11:02 UTC 2019

root@localhost:~# ln -sf /usr/share/zoneinfo/ /etc/localtime
Africa/            Brazil/            Egypt              GB                 Hongkong           Jamaica            Mexico/            Poland             ROC                US/
America/           Canada/            Eire               GB-Eire            HST                Japan              MST                Portugal           ROK                UTC
Antarctica/        CET                EST                GMT                Iceland            Kwajalein          MST7MDT            posix/             Singapore          WET
Arctic/            Chile/             EST5EDT            GMT0               Indian/            leap-seconds.list  Navajo             posixrules         SystemV/           W-SU
Asia/              CST6CDT            Etc/               GMT-0              Iran               Libya              NZ                 PRC                Turkey             zone1970.tab
Atlantic/          Cuba               Europe/            GMT+0              iso3166.tab        localtime          NZ-CHAT            PST8PDT            UCT                zone.tab
Australia/         EET                Factory            Greenwich          Israel             MET                Pacific/           right/             Universal          Zulu

root@localhost:~# ln -sf /usr/share/zoneinfo/Asia/ /etc/localtime
Aden           Baghdad        Chita          Dubai          Irkutsk        Kathmandu      Macau          Oral           Saigon         Tbilisi        Ulan_Bator   
Almaty         Bahrain        Choibalsan     Dushanbe       Istanbul       Katmandu       Magadan        Phnom_Penh     Sakhalin       Tehran         Urumqi       
Amman          Baku           Chongqing      Famagusta      Jakarta        Khandyga       Makassar       Pontianak      Samarkand      Tel_Aviv       Ust-Nera     
Anadyr         Bangkok        Chungking      Gaza           Jayapura       Kolkata        Manila         Pyongyang      Seoul          Thimbu         Vientiane   
Aqtau          Barnaul        Colombo        Harbin         Jerusalem      Krasnoyarsk    Muscat         Qatar          Shanghai       Thimphu        Vladivostok 
Aqtobe         Beirut         Dacca          Hebron         Kabul          Kuala_Lumpur   Nicosia        Qostanay       Singapore      Tokyo          Yakutsk     
Ashgabat       Bishkek        Damascus       Ho_Chi_Minh    Kamchatka      Kuching        Novokuznetsk   Qyzylorda      Srednekolymsk  Tomsk          Yangon       
Ashkhabad      Brunei         Dhaka          Hong_Kong      Karachi        Kuwait         Novosibirsk    Rangoon        Taipei         Ujung_Pandang  Yekaterinburg
Atyrau         Calcutta       Dili           Hovd           Kashgar        Macao          Omsk           Riyadh         Tashkent       Ulaanbaatar    Yerevan     

root@localhost:~# ln -sf /usr/share/zoneinfo/Asia/Kolkata /etc/localtime
root@localhost:~# date
Fri Mar 29 01:41:29 IST 2019

root@localhost:~#

Configuring vlan on ubuntu.

Scenario
Recently while doing the configuration for AWS Direct Connect, I wanted to configure onPrem Ubuntu physical host as a router. Having vlan is one of the pre-requisite and vlan onPrem switch/router should be same as created for virtual interface on AWS console. In this post, I'll explain how I configured vlan on Ubuntu. and I could configure a Ubuntu as a router for AWS Direct Connect.

Installation

#sudo apt-get install vlan 

then Load the 8021q module into the kernel.

#sudo modprobe 8021q

Configuration
Keep in mind, you can create a vlan on physical interface. There should not be any IP address assigned to the physical interface.

ifconfig outout before vlan configuration:

root@ubuntu:/home/ubuntu# ifconfig 
eno1      Link encap:Ethernet  HWaddr 78:2b:cb:20:60:71  
          inet addr:10.10.91.219  Bcast:10.10.255.255  Mask:255.255.0.0
          inet6 addr: fe80::7a2b:cbff:fe20:6071/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5018984 errors:0 dropped:3117 overruns:0 frame:0
          TX packets:108811 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:404946421 (404.9 MB)  TX bytes:25990616 (25.9 MB)

enp5s0f0  Link encap:Ethernet  HWaddr a0:36:9f:20:7d:48  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

enp7s0f0  Link encap:Ethernet  HWaddr 00:1b:21:bf:10:e8  
          inet6 addr: fe80::21b:21ff:febf:10e8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:419179528 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5283119829 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:16904 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16904 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1 
          RX bytes:1324287 (1.3 MB)  TX bytes:1324287 (1.3 MB)

root@ubuntu:/home/ubuntu#


eno1 was used as management interface, and enp7s0f0 is the interface where I wanted to configure vlan 112.

To create vlan run:

# vconfig add enp7s0f0 112 -v
Added VLAN with VID == 112 to IF -:enp7s0f0:-

Now, ifconfig -a should list the new vlan with same HWaddr or you cat vlan config file.

root@ubuntu:/home/ubuntu# cat /proc/net/vlan/config
VLAN Dev name | VLAN ID
Name-Type: VLAN_NAME_TYPE_PLUS_VID_NO_PAD
vlan112        | 112  | enp7s0f0
root@ubuntu:/home/ubuntu# 

Now, you should assign IP to the new interface. You can IP/subnet add in /etc/network/interfaces as follow

root@ubuntu:/home/ubuntu# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
        iface vlan112 inet static
        vlan-raw-device enp7s0f0
         address x.x.x.x
         netmask 255.255.255.254


root@ubuntu:/home/ubuntu#

and run

#ifup vlan112

To make interface up or assign IP from command line.

or

#sudo ip addr add x.x.x.x/31 dev vlan112

To make this setup permanent, the following lines have to be added.

 Add the module to the kernel on boot:

#sudo su -c 'echo "8021q" >> /etc/modules'

After vlan is up, you should see similar output in ifconfig command.

root@ubuntu:/home/ubuntu# ifconfig 
eno1      Link encap:Ethernet  HWaddr 78:2b:cb:20:60:71  
          inet addr:10.10.91.219  Bcast:10.10.255.255  Mask:255.255.0.0
          inet6 addr: fe80::7a2b:cbff:fe20:6071/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5018984 errors:0 dropped:3117 overruns:0 frame:0
          TX packets:108811 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:404946421 (404.9 MB)  TX bytes:25990616 (25.9 MB)

enp5s0f0  Link encap:Ethernet  HWaddr a0:36:9f:20:7d:48  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

enp7s0f0  Link encap:Ethernet  HWaddr 00:1b:21:bf:10:e8  
          inet6 addr: fe80::21b:21ff:febf:10e8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:419179528 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5283119829 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:36109877661 (36.1 GB)  TX bytes:7772287763609 (7.7 TB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:16904 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16904 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1 
          RX bytes:1324287 (1.3 MB)  TX bytes:1324287 (1.3 MB)

vlan112   Link encap:Ethernet  HWaddr 00:1b:21:bf:10:e8  
          inet addr:x.x.x.x  Bcast:255.255.255.255  Mask:255.255.255.254
          inet6 addr: fe80::21b:21ff:febf:10e8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:414301718 errors:0 dropped:0 overruns:0 frame:0
          TX packets:471054486 errors:0 dropped:1925565 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:29987695023 (29.9 GB)  TX bytes:7504521160847 (7.5 TB)

root@ubuntu:/home/ubuntu#

using fio on Windows and Linux

Running FIO on Linux and Windows

Fio which stands for Flexible I/O Tester is a free and open source disk I/O tool used both for benchmark and stress/hardware verification developed by Jens Axboe.

Read more about fio here^

How to install?
 On Ubuntu fio can be installed by executing following command

#sudo apt-get install fio

On Windows, got to  http://www.bluestop.org/fio/
Choose the one with 2.2.8 or higher version and x64 binary or MSI and install it.

Run "fio" command to check if installation is fine.




On Windows, if you get 'fio' is not recognized as an internal or external command....

then follow ^this to add path in env,

In my case, I had reboot the server.


Next part is fio sample config files for Windows, here is sample config


[global]
thread
iodepth=32
group_reporting=1
norandommap=1
randrepeat=0
direct=1
ioengine=windowsaio
#time_based
#runtime=43200
gtod_reduce=1
random_distribution=zipf:1.3
size=10G
directory=H\:\

[rand-readwrite]
numjobs=8
bs=4k
rw=randrw

rwmixread=70


Few Notes:

• Update the field “directory=” with correct primary volume drive letter(required only if it is not already H: )
• Update the field runtime for increasing or decreasing the time of run in seconds.
• Update the field zipf to 1.1 or 1.2, if you want the locality to spread.

Sample config file for Linux:

[global]

bs=16k

ioengine=libaio

iodepth=32

size=5G

direct=1

rw=read

time_based=1

runtime=300

filename=/dev/sdb

[rand-rw]

readwrite=randrw

rwmixread=70