Hello all, I have an application that needs to gather BGP RIB data from the routers that connect to all of our upstream providers. Basically I need to know all the routes available from a particular provider. Currently I'm gathering this data via SNMP. While this works it has its draw backs, it takes approximately 20 minutes per view, its nowhere near real-time, and I'm unable to gather information for IPv6. SNMP, however, is faster than screen scraping. All of the XML based access methods seem to take about the same time as well. I've been watching, with keen interest, the i2rs ietf workings, but the project is still in its infancy. BMP seems to be a good solution but I've not found a working client implementation yet. I see that you can actually configure this on some Juniper gear but I can't seem to locate a client to ingest the data the router produces. The BGP Add Paths implementation seems to be the best choice at the moment and exabgp has a working implementation. Are there any other technologies or methods of accessing this data that I've missed or that you've found useful? Thanks! --chip -- Just my $.02, your mileage may vary, batteries not included, etc....
Personally, I would just use BGP on a PC to collect this information. Place some import/input policy on your eBGP sessions on your edge routers to add communities to the routes such that you can recognize which peers gave you the route. Then, use an iBGP session to a BIRD or Quagga instance from which you can dump the routes and filter based on the communities. Cheers, jof On Tue, Feb 26, 2013 at 6:24 PM, chip <chip.gwyn@gmail.com> wrote:
Hello all,
I have an application that needs to gather BGP RIB data from the routers that connect to all of our upstream providers. Basically I need to know all the routes available from a particular provider. Currently I'm gathering this data via SNMP. While this works it has its draw backs, it takes approximately 20 minutes per view, its nowhere near real-time, and I'm unable to gather information for IPv6. SNMP, however, is faster than screen scraping. All of the XML based access methods seem to take about the same time as well.
I've been watching, with keen interest, the i2rs ietf workings, but the project is still in its infancy. BMP seems to be a good solution but I've not found a working client implementation yet. I see that you can actually configure this on some Juniper gear but I can't seem to locate a client to ingest the data the router produces. The BGP Add Paths implementation seems to be the best choice at the moment and exabgp has a working implementation.
Are there any other technologies or methods of accessing this data that I've missed or that you've found useful?
Thanks!
--chip
-- Just my $.02, your mileage may vary, batteries not included, etc....
On 26/02/2013 17:24, chip wrote:
Currently I'm gathering this data via SNMP.
whoa, you must really hate your router to do that to it.
While this works it has its draw backs, it takes approximately 20 minutes per view, its nowhere near real-time, and I'm unable to gather information for IPv6. SNMP, however, is faster than screen scraping. All of the XML based access methods seem to take about the same time as well.
cisco: -- term len 0 show bgp ipv4 unicast neigh x.y.z.w received-routes -- juniper: -- show route receive-protocol bgp x.y.z.w | no-more -- Easily scriptable using rancid or something similar. Of course, this sucks because you're only seeing the route summary, not any of the attributes.
project is still in its infancy. BMP seems to be a good solution but I've not found a working client implementation yet. I see that you can actually configure this on some Juniper gear but I can't seem to locate a client to ingest the data the router produces.
Can you provide a list of the clients that you have tried? It would save people the effort of going through them and finding out the same things as you did. Nick
I'll chime in with what we are doing with quagga and bgpmon. The question though would be for how many peers? If it is for the sake of discussion, less than 20, something like this might work. http://bgpmon.netsec.colostate.edu/download/src/bgpmon-7.2.4.tar.gz http://rmcwic.ucar.edu/sites/default/files/posters/csuconf-final19.pdf We do some of this. The pure BGPmon way is to have neighbors peer directly with a BGPmon server. We've extended this a bit and we can stream quagga MRT update files into a bgpmon server as well. Then the BGPmon server internally constructs RIBs per session. Output format is XML, and the paper linked above describes some of the perl tools there are to look at xml streams. So you can get a RIB stream or an UPDATE stream from the BGPmon server. At some scale, this might give you what you need. I think the BMP solution looks pretty nice as well, since you are as close to your true platform as you can get. So I would also be interested in hearing if you find existing client code to parse the BMP. John Kemp (kemp@routeviews.org)
project is still in its infancy. BMP seems to be a good solution but I've not found a working client implementation yet. I see that you can actually configure this on some Juniper gear but I can't seem to locate a client to ingest the data the router produces.
Can you provide a list of the clients that you have tried? It would save people the effort of going through them and finding out the same things as you did.
Nick
*received-routes*? If you still enable soft-reconfig-inbound on your routers(customer-facing sessions not withstanding), you most certainly hate your routers more than OP...;-) ./Randy --- On Tue, 2/26/13, Nick Hilliard <nick@foobar.org> wrote:
From: Nick Hilliard <nick@foobar.org> Subject: Re: BGP RIB Collection To: "chip" <chip.gwyn@gmail.com> Cc: "North American Network Operators Group" <nanog@nanog.org> Date: Tuesday, February 26, 2013, 11:21 AM On 26/02/2013 17:24, chip wrote:
Currently I'm gathering this data via SNMP.
whoa, you must really hate your router to do that to it.
While this works it has its draw backs, it takes approximately 20 minutes per view, its nowhere near real-time, and I'm unable to gather information for IPv6. SNMP, however, is faster than screen scraping. All of the XML based access methods seem to take about the same time as well.
cisco: -- term len 0 show bgp ipv4 unicast neigh x.y.z.w received-routes --
juniper: -- show route receive-protocol bgp x.y.z.w | no-more --
Easily scriptable using rancid or something similar. Of course, this sucks because you're only seeing the route summary, not any of the attributes.
project is still in its infancy. BMP seems to be a good solution but I've not found a working client implementation yet. I see that you can actually configure this on some Juniper gear but I can't seem to locate a client to ingest the data the router produces.
Can you provide a list of the clients that you have tried? It would save people the effort of going through them and finding out the same things as you did.
Nick
On 27/02/2013 03:51, Randy wrote:
*received-routes*? If you still enable soft-reconfig-inbound on your routers(customer-facing sessions not withstanding), you most certainly hate your routers more than OP...;-)
it impacts memory, but if your management plane has enough memory to handle it, it's a useful debugging tool. For sure, it's the first thing I throw out if the management plane RAM runs short. SNMP polling of large router lists can work out as O(n^2) CPU usage if the router stores the polled objects as linked lists or in some cases, in tree structures. This is because snmpgetnext cannot maintain a pointer to the next object, which in some situations will mean a complete tree walk operation. So your CPU requirements will scale according to (size of structure) * (average number of complete walks through the structure). If you're using linked lists, or have a naive tree implementation, "average number of complete walks through the structure" = "size of structure" / 2 for a full tree walk. I.e. you can require (n^2)/2 complete runs through the structure in order to run a full snmp dump. Obviously this isn't always the case, but there are some well known examples of where it happens. For all its faults, soft-reconfig-inbound only adds O(N) to RAM requirements and almost nothing to CPU. Nick
./Randy
--- On Tue, 2/26/13, Nick Hilliard <nick@foobar.org> wrote:
From: Nick Hilliard <nick@foobar.org> Subject: Re: BGP RIB Collection To: "chip" <chip.gwyn@gmail.com> Cc: "North American Network Operators Group" <nanog@nanog.org> Date: Tuesday, February 26, 2013, 11:21 AM On 26/02/2013 17:24, chip wrote:
Currently I'm gathering this data via SNMP.
whoa, you must really hate your router to do that to it.
While this works it has its draw backs, it takes approximately 20 minutes per view, its nowhere near real-time, and I'm unable to gather information for IPv6. SNMP, however, is faster than screen scraping. All of the XML based access methods seem to take about the same time as well.
cisco: -- term len 0 show bgp ipv4 unicast neigh x.y.z.w received-routes --
juniper: -- show route receive-protocol bgp x.y.z.w | no-more --
Easily scriptable using rancid or something similar. Of course, this sucks because you're only seeing the route summary, not any of the attributes.
project is still in its infancy. BMP seems to be a good solution but I've not found a working client implementation yet. I see that you can actually configure this on some Juniper gear but I can't seem to locate a client to ingest the data the router produces.
Can you provide a list of the clients that you have tried? It would save people the effort of going through them and finding out the same things as you did.
Nick
Hello, On Tue, 26 Feb 2013 12:24:00 -0500 chip <chip.gwyn@gmail.com> wrote:
I have an application that needs to gather BGP RIB data from the routers that connect to all of our upstream providers. Basically I need to know all the routes available from a particular provider. Currently I'm gathering this data via SNMP. While this works it has its draw backs, it takes approximately 20 minutes per view, its nowhere near real-time, and I'm unable to gather information for IPv6. SNMP, however, is faster than screen scraping. All of the XML based access methods seem to take about the same time as well.
To do that, I've set up a peering session between a router and a Linux running exabgp connected to a script in which I can do any kind of processing I want on BGP updates that are forwarded from the router to exabgp to the script. Best, Paul -- TelcoTV Awards 2011 - Witbe winner in "Innovation in Test & Measurement" Paul Rolland E-Mail : rol(at)witbe.net CTO - Witbe.net SA Tel. +33 (0)1 47 67 77 77 Les Collines de l'Arche Fax. +33 (0)1 47 67 77 99 F-92057 Paris La Defense RIPE : PR12-RIPE LinkedIn : http://www.linkedin.com/in/paulrolland Skype : rollandpaul "I worry about my child and the Internet all the time, even though she's too young to have logged on yet. Here's what I worry about. I worry that 10 or 15 years from now, she will come to me and say 'Daddy, where were you when they took freedom of the press away from the Internet?'" --Mike Godwin, Electronic Frontier Foundation
info on bmpreceiver below.. On Tue, Feb 26, 2013 at 12:24 PM, chip <chip.gwyn@gmail.com> wrote:
Hello all,
I have an application that needs to gather BGP RIB data from the routers that connect to all of our upstream providers. Basically I need to know all the routes available from a particular provider. Currently I'm gathering this data via SNMP. While this works it has its draw backs, it takes approximately 20 minutes per view, its nowhere near real-time, and I'm unable to gather information for IPv6. SNMP, however, is faster than screen scraping. All of the XML based access methods seem to take about the same time as well.
I've been watching, with keen interest, the i2rs ietf workings, but the project is still in its infancy. BMP seems to be a good solution but I've not found a working client implementation yet. I see that you can actually configure this on some Juniper gear but I can't seem to locate a client to ingest the data the router produces.
https://code.google.com/p/bmpreceiver/ and then it can be dumped where ever you want.. iirc, splunk can parse the data. --Heather
The BGP Add Paths implementation seems to be the best choice at the moment and exabgp has a working implementation.
Are there any other technologies or methods of accessing this data that I've missed or that you've found useful?
Thanks!
--chip
-- Just my $.02, your mileage may vary, batteries not included, etc....
participants (7)
-
chip
-
Heather Schiller
-
John Kemp
-
Jonathan Lassoff
-
Nick Hilliard
-
Paul Rolland
-
Randy