1BABELD(8) System Manager's Manual BABELD(8)
2
6 babeld - ad-hoc network routing daemon
7
9 babeld option... [ -- ] interface...
10
12 Babel is a loop-avoiding distance-vector routing protocol roughly based
13 on DSDV and AODV, but with provisions for link cost estimation and re‐
14 distribution of routes from other routing protocols.
15 While it is optimised for wireless mesh networks, Babel will also work
17 efficiently on wired networks.
18
20 -V Display babeld's version and quit.
21 -m multicast-address
23 Specify the link-local multicast address to be used by the pro‐
24 tocol. The default is ff02:0:0:0:0:0:1:6.
25 -p port
27 Specify the UDP port number to be used by the protocol. The de‐
28 fault is 6696.
29 -S state-file
31 Set the name of the file used for preserving long-term informa‐
32 tion between invocations of the babeld daemon. If this file is
33 deleted, the daemon will run in passive mode for 3 minutes when
34 it is next started, and other hosts might initially ignore it.
35 The default is /var/lib/babel-state.
36 -h hello-interval
38 Specify the interval in seconds at which scheduled hello packets
39 are sent on wireless interfaces. The default is 4 seconds.
40 -H wired-hello-interval
42 Specify the interval in seconds at which scheduled hello packets
43 are sent on wired interfaces. The default is 4 seconds.
44 -M half-time
46 Specify the half-time in seconds of the exponential decay used
47 for smoothing metrics for performing route selection; the value
48 0 disables smoothing. The default is 4s.
49 -k priority
51 Specify the priority value used when installing routes into the
52 kernel. The default is 0.
53 -A priority
55 Allow duplicating external routes when their kernel priority is
56 at least priority. Do not use this option unless you know what
57 you are doing, as it can cause persistent route flapping.
58 -l Use IFF_RUNNING (carrier sense) when determining interface
60 availability.
61 -w Don't optimise wired links, assume all interfaces are wireless
63 unless explicitly overridden in the configuration file.
64 -s Do not perform split-horizon processing on wired interfaces.
66 Split-horizon is not performed on wireless interfaces.
67 -r Use a random router-id. The default is to use persistent
69 router-ids derived from the MAC address of the first interface,
70 which is easier to debug and more reliably prevents routing
71 loops but may sometimes cause a node to be unreachable for 120
72 seconds just after boot.
73 -d level
75 Debug level. A value of 1 requests a routing table dump at ev‐
76 ery iteration through the daemon's main loop. A value of 2 ad‐
77 ditionally requests tracing every message sent or received. A
78 value of 3 additionally dumps all interactions with the OS ker‐
79 nel. The default is 0.
80 -g port, -g path
82 Set up a local configuration server on port port or at path in
83 read-only mode. The protocol is described in the section Local
84 Configuration Protocol below.
85 -G port, -G path
87 Set up a local configuration server on port port or at path in
88 read-write mode. This allows any local user to change babeld's
89 configuration, and may therefore be a security issue.
90 -t table
92 Use the given kernel routing table for routes inserted by ba‐
93 beld.
94 -T table
96 Export routes from the given kernel routing table. This can be
97 specified multiple times in order to export routes from more
98 than one table.
99 -c filename
101 Specify the name of the configuration file. This flag can be
102 repeated multiple times. The default is /etc/babeld.conf.
103 -C statement
105 Specify a configuration statement directly on the command line.
106 -D Daemonise at startup.
108 -L logfile
110 Specify a file to log random ``how do you do?'' messages to.
111 This defaults to standard error if not daemonising, and to
112 /var/log/babeld.log otherwise.
113 -I pidfile
115 Specify a file to write our process id to, use no pidfile if set
116 to the empty string. The default is /var/run/babeld.pid.
117 interface...
119 The list of interfaces on which the protocol should operate.
120
122 The configuration file is a sequence of lines each of which specifies a
123 global option, an interface specification or a filtering rule. Com‐
124 ments are introduced by an octothorp ``#'' and terminate at the end of
125 the line.
126 Global options
128 protocol-group group
129 This specifies the link-local multicast address to be used by
130 the protocol, and is equivalent to the command-line option -m.
131 protocol-port port
133 This specifies the UDP port number to be used by the protocol,
134 and is equivalent to the command-line option -p.
135 kernel-priority priority
137 This specifies the priority value used when installing routes
138 into the kernel, and is equivalent to the command-line option
139 -k.
140 reflect-kernel-metric {true|false}
142 Reflect route metrics as kernel priorities. The priority effec‐
143 tively used is kernel-priority + metric.
144 allow-duplicates priority
146 This allows duplicating external routes when their kernel prior‐
147 ity is at least priority. Do not use this option unless you
148 know what you are doing, as it can cause persistent route flap‐
149 ping.
150 random-id {true|false}
152 This specifies whether to use a random router-id, and is equiva‐
153 lent to the command-line option -r.
154 ipv6-subtrees {true|false}
156 This specifies whether to use native source-specific IPv6 for‐
157 warding rather than multiple routing tables. The default is
158 chosen automatically depending on the kernel version.
159 debug level
161 This specifies the debugging level, and is equivalent to the
162 command-line option -d.
163 local-port port
165 This specifies the TCP port on which babeld will listen for con‐
166 nections from a configuration client in read-only mode, and is
167 equivalent to the command-line option -g.
168 local-port-readwrite port
170 This specifies the TCP port on which babeld will listen for con‐
171 nections from a configuration client in read-write mode, and is
172 equivalent to the command-line option -G. This allows any local
173 user to change babeld's configuration, and may therefore be a
174 security issue.
175 local-path path
177 This specifies the filesystem path to a socket on which babeld
178 will listen for connections from a configuration client in read-
179 only mode, and is equivalent to the command-line option -g.
180 local-path-readwrite path
182 This specifies the filesystem path to a socket on which babeld
183 will listen for connections from a configuration client in read-
184 write mode, and is equivalent to the command-line option -G.
185 Any user with write access to that socket will be able to change
186 babeld's configuration.
187 export-table table
189 This specifies the kernel routing table to use for routes in‐
190 serted by babeld, and is equivalent to the command-line option
191 -t.
192 import-table table
194 This specifies a kernel routing table from which routes are re‐
195 distributed by babeld, and can be specified multiple times with
196 a cumulative effect. This is equivalent to the command-line op‐
197 tion -T.
198 kernel-check-interval seconds
200 This specifies the interval between two kernel routing table
201 dumps. The default is 300s (5 minutes). This may be set to 0
202 in order to never perform periodic kernel dumps.
203 shutdown-delay-ms milliseconds
205 During shutdown we first notify neighbours of our imminent shut‐
206 down by sending route retractions, wait for the specified number
207 of milliseconds and then flush kernel routes. This ensures any
208 inflight traffic is still properly forwarded. You may want to
209 ensure the delay is appropriate for the maximum delay path in
210 your network. Setting this to zero is permissible.
211 link-detect {true|false}
213 This specifies whether to use carrier sense for determining in‐
214 terface availability, and is equivalent to the command-line op‐
215 tion -l.
216 smoothing-half-life seconds
218 This specifies the half-life in seconds of the exponential decay
219 used for smoothing metrics for performing route selection, and
220 is equivalent to the command-line option -M.
221 daemonise {true|false}
223 This specifies whether to daemonize at startup, and is equiva‐
224 lent to the command-line option -D.
225 skip-kernel-setup {true|false}
227 If this flag is set, no kernel (sysctl) setup is performed on
228 startup, and it is assumed that enabling forwarding, disabling
229 redirects and disabling the reverse-path filter is performed by
230 other means. This can be useful when running in environments
231 where system permissions prevent setting kernel parameters, for
232 instance without root permissions or inside a Linux container.
233 router-id id
235 Specify the router-id explicitly, as a modified EUI-64 or a
236 MAC-48 address. If two nodes have the same router-id, bad
237 things will happen. Don't use this option unless you know what
238 you are doing.
239 state-file filename
241 This specifies the name of the file used for preserving long-
242 term information between invocations of the babeld daemon, and
243 is equivalent to the command-line option -S.
244 log-file filename
246 This specifies the name of the file used to log random messages
247 to, and is equivalent to the command-line option -L.
248 pid-file filename
250 This specifies the name of the file to which babeld writes out
251 its process id, and is equivalent to the command-line option -I.
252 first-rule-priority priority
254 This specifies smallest (highest) rule priority used with
255 source-specific routes. The default is 100.
256 key id id type {hmac-sha256|blake2s128} value value
258 Configure a key for use with the key interface option. The type
259 is one of hmac-sha256 or blake2s128. The value is a hexadecimal
260 string (up to 64 bytes for hmac-sha256, up to 32 bytes for
261 blake2s128).
262 Interface configuration
264 An interface is configured by a line with the following format:
265 interface name [parameter...]
267 where name is the name of the interface (something like eth0). The de‐
269 fault value of an interface parameter can be specified changed by a
270 line of the form
271 default [parameter...]
273 Each parameter can be one of:
275 type {auto|wired|wireless|tunnel}
277 The default is auto unless the -w command-line flag was speci‐
279 fied.
280 link-quality {true|false|auto}
282 This specifies whether link quality estimation should be per‐
283 formed on this interface. The default is to perform link qual‐
284 ity estimation on wireless interfaces only.
285 split-horizon {true|false|auto}
287 This specifies whether to perform split-horizon processing on
288 this interface. The default is to perform split-horizon pro‐
289 cessing on on wired interfaces, unless the -s flag was set.
290 rxcost cost
292 This defines the cost of receiving frames on the given interface
293 under ideal conditions (no packet loss); how this relates to the
294 actual cost used for computing metrics of routes going through
295 this interface depends on whether link quality estimation is be‐
296 ing done. The default is 256 if the interface is wireless, and
297 96 otherwise.
298 hello-interval interval
300 This defines the interval between hello packets sent on this in‐
301 terface. The default is specified with the -h and -H command-
302 line flags.
303 update-interval interval
305 This defines the interval between full routing table dumps sent
306 on this interface; since Babel uses triggered updates and
307 doesn't count to infinity, this can be set to a fairly large
308 value, unless significant packet loss is expected. The default
309 is four times the hello interval.
310 enable-timestamps {true|false}
312 Enable sending timestamps with each Hello and IHU message in or‐
313 der to compute RTT values. The default is true for tunnel in‐
314 terfaces, and false otherwise.
315 unicast {true|false}
317 Send multiple copies of TLVs other than Hellos to all neighbours
318 rather than sending a single multicast packet. The default is
319 false.
320 rfc6126-compatible {true|false}
322 Disable some features that are incompatible with RFC 6126 (the
323 older version of the Babel protocol), such as source-specific
324 routing and RTT estimation over unicast. The default is false.
325 rtt-decay decay
327 This specifies the decay factor for the exponential moving aver‐
328 age of RTT samples, in units of 1/256. Must be between 1 and
329 256, inclusive. Higher values discard old samples faster. The
330 default is 42.
331 rtt-min rtt
333 This specifies the minimum RTT, in milliseconds, starting from
334 which we increase the cost to a neighbour. The additional cost
335 is linear in (rtt - rtt-min). The default is 10 ms.
336 rtt-max rtt
338 This specifies the maximum RTT, in milliseconds, above which we
339 don't increase the cost to a neighbour. The default is 120 ms.
340 max-rtt-penalty cost
342 This specifies the maximum cost added to a neighbour because of
343 RTT, i.e. when the RTT is higher or equal than rtt-max. The de‐
344 fault is 96 if the interface is of type tunnel, and 0 otherwise.
345 v4-via-v6 {true|false}
347 Whether to announce IPv4 routes through this interface even when
348 there is no IPv4 address. The default depends on the kernel
349 version.
350 probe-mtu {true|false}
352 Pad all packets containing a Hello TLV to the MTU and disable
353 fragmentation. This will avoid establishing adjacencies across
354 links with a mis-configured MTU, at the cost of slightly higher
355 network usage.
356 key id Enable HMAC security on this interface, and use the key id.
358 accept-bad-signatures {true|false}
360 Accept packets with no signature or an incorrect signature.
361 This only has an effect if a key was configured on an interface.
362 The default is false.
363 Filtering rules
365 A filtering rule is defined by a single line with the following format:
366 filter selector... action
368 Filter specifies the filter to which this entry will be added, and can
370 be one of in (applied to routes learned from Babel neighbours), out
371 (applied to routes announced to Babel neighbours), redistribute (ap‐
372 plied to routes redistributed from the kernel), or install (applied to
373 routes installed into the kernel).
374 Each selector specifies the conditions under which the given statement
376 matches. It can be one of
377 ip prefix
379 This entry only applies to routes in the given prefix.
380 eq plen
382 This entry only applies to routes with a prefix length equal to
383 plen.
384 le plen
386 This entry only applies to routes with a prefix length less or
387 equal to plen.
388 ge plen
390 This entry only applies to routes with a prefix length greater
391 or equal to plen.
392 src-ip prefix
394 This entry only applies to routes with a source prefix in the
395 given prefix.
396 src-eq plen
398 This entry only applies to routes with a source prefix length
399 equal to plen.
400 src-le plen
402 This entry only applies to routes with a source prefix length
403 less or equal to plen.
404 src-ge plen
406 This entry only applies to routes with a source prefix length
407 greater or equal to plen.
408 neigh address
410 This entry only applies to routes learned from a neighbour with
411 link-local address address.
412 id id This entry only applies to routes originated by a router with
414 router-id id.
415 proto p
417 This entry only applies to kernel routes with kernel protocol
418 number p. If neither proto nor local is specified, this entry
419 applies to all non-local kernel routes with a protocol different
420 from "boot".
421 local This entry only applies to local addresses.
423 if interface
425 For an input filter, this specifies the interface over which the
426 route is learned. For an output filter, this specifies the in‐
427 terface over which this route is advertised. For a redistribute
428 statement, this specifies the interface over which the route
429 forwards packets.
430 Action specifies the action to be taken when this entry matches. It
432 can have one of the following values:
433 allow Allow this route, without changing its metric (or setting its
435 metric to 0 in case of a redistribute filter).
436 deny Ignore this route.
438 metric value
440 For an input or output filter, allow this route after increasing
441 its metric by value. For a redistribute filter, redistribute
442 this route with metric value.
443 src-prefix prefix
445 For a redistribute filter, set the source prefix of this route
446 to prefix.
447 table table
449 In an install filter, specify the kernel routing table to use.
450 For source-specific routes, this only works reliably for IPv6,
451 and only when ipv6-subtrees is true.
452 pref-src ip
454 Specify the preferred source address to use with this route.
455 Only useful in an install filter.
456 If action is not specified, it defaults to allow.
458 By default, babeld redistributes all local addresses, and no other
460 routes. In order to make sure that only the routes you specify are re‐
461 distributed, you should include the line
462 redistribute local deny
464 as the last line in your configuration file.
466
468 If babeld is invoked with the flag -g, it accepts TCP connections from
469 local clients on the given port and address ::1 (the IPv6 localhost ad‐
470 dress), or on the given UNIX-domain socket path if the argument starts
471 with ‘/’. When a client connects, babeld replies with BABEL followed
472 with the supported version of the local configuration protocol (cur‐
473 rently 1.0). This is followed with a number of informational lines
474 (version etc.), terminated by ok. The client can then send requests,
475 one per line. To each request, babeld replies with one or more lines
476 of data terminated by one of ok, no, or bad.
477 The following requests are currently defined:
479 • any configuration file directive, including interface;
481 • flush interface;
483 • dump;
485 • monitor and unmonitor;
487 • quit.
489
491 You can participate in a Babel network by simply running
492 # babeld wlan0
494 where wlan0 is the name of your wireless interface.
496 In order to gateway between multiple interfaces, just list them all on
498 the command line:
499 # babeld wlan0 eth0 sit1
501 On an access point, you'll probably want to redistribute some external
503 routes into Babel:
504 # babeld \
506 -C 'redistribute metric 256' \
507 wlan0
508 or, if you want to constrain the routes that you redistribute,
510 # babeld \
512 -C 'redistribute proto 11 ip ::/0 le 64 metric 256' \
513 -C 'redistribute proto 11 ip 0.0.0.0/0 le 24 metric 256' \
514 wlan0
515 Source-specific routing
517 If your want to redistribute kernel routes as source-specific to the
518 network, with the 2001:DB8:0:1::/64 prefix:
519 redistribute src-prefix 2001:DB8:0:1::/64
521 For more information about source-specific routing, please see
523 Matthieu Boutier and Juliusz Chroboczek. Source-sensitive rout‐
525 ing. In Proc. IFIP Networking 2015. 2015.
526 available online at
528 http://arxiv.org/pdf/1403.0445v4.pdf
530
532 /etc/babeld.conf
533 The default location of the configuration file.
534 /var/lib/babel-state
536 The default location of the file storing long-term state.
537 /var/run/babeld.pid
539 The default location of the pid file.
540 /var/log/babeld.log
542 The default location of the log file.
543
545 SIGUSR1
546 Dump Babel's routing tables to standard output or to the log
547 file.
548 SIGUSR2
550 Check interfaces and kernel routes right now, then reopen the
551 log file.
552
554 Babel is a completely insecure protocol: any attacker able to inject IP
555 packets with a link-local source address can disrupt the protocol's op‐
556 eration. This is no different from unsecured neighbour discovery or
557 ARP.
558 Usage of the -G flag allows any user logged on the local host to change
560 babeld's configuration.
561 Since Babel uses link-local IPv6 packets only, there is no need to up‐
563 date firewalls to allow forwarding of Babel protocol packets. If local
564 filtering is being done, UDP datagrams to the port used by the protocol
565 should be allowed. As Babel uses unicast packets in some cases, it is
566 not enough to just allow packets destined to Babel's multicast address.
567
569 routed(8), route6d(8), zebra(8), ahcpd(8).
570
572 Juliusz Chroboczek.
573 BABELD(8)