bgpdump-to-bird-conf script reads the bgpdump one-line per entry output(bgpdump -m -v -l <MRT-file>) from standard input and outputs the BIRD's static routes configuration statements.
Let's say, that ACME(AS 64511) buys IP transit(full feed) from three providers:
For the ACME router named acme-r1, it appears to have established both v4 and v6 eBGP sessions with three different routers, while in reality, these are all a single BIRD instance running in Debian 12 virtual machine. The same virtual machine periodically downloads RIPE RIS dumps and uses bgpdump-to-bird-conf script to convert the dumps into BIRD's static routes configuration files which are included in the main configuration file. The Debian 12 base system requires only the sudo, bird2 and bgpdump additional packages to be installed: apt update && apt install sudo bird2 bgpdump -y.
acme-r1 receives three v4 and v6 BGP full tables:
root@acme-r1> show bgp summary
Threading mode: BGP I/O
Default eBGP mode: advertise - accept, receive - accept
Groups: 6 Peers: 6 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
inet.0
2889835 964553 0 0 0 0
inet6.0
614582 205026 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
46.33.65.74 3257 153546 1543 0 0 1d 15:04:48 Establ
inet.0: 400394/962596/962551/0
192.136.73.5 6667 171097 1543 0 0 1d 15:04:47 Establ
inet.0: 191747/964211/964207/0
213.198.72.237 2914 183692 1544 0 0 1d 15:04:46 Establ
inet.0: 372412/963028/962859/0
2001:668:0:3:ffff:1:0:2a 3257 52508 1541 0 0 1d 15:04:35 Establ
inet6.0: 81166/204531/204491/0
2001:670:a8:bb:: 6667 55369 1541 0 0 1d 15:04:34 Establ
inet6.0: 31105/205315/204981/0
2001:728:0:c::1 2914 66212 1540 0 0 1d 15:04:35 Establ
inet6.0: 92755/204736/204511/0
root@acme-r1>
-
BIRD 2 neither sends nor processes received BGP KEEPALIVE messages while reading in the static routes. This means that the Hold Time value should be at least a few minutes in case of multiple full tables. This is no longer an issue with BIRD 3, which is multithreaded, as BGP and configuration processing are handled by separate workers:
-
List of peers per RIPE RIS route collectors can be seen at https://www.ris.ripe.net/peerlist/all.shtml or with
curl -s https://stat.ripe.net/data/rrc-info/data.json -
It's not uncommon that the same AS has multiple v4 or multiple v6 peerings with the same route collector. Example:
This is not a problem as BIRD installs all the duplicate routes and seems to pick the first(given that
preferenceandigp_metricvalues are equal) static route in the file as the best and announces it via BGP. One could use BIRD's experimental aggregator protocol to merge those routes. -
BIRD does not support attaching the ATOMIC_AGGREGATE and AGGREGATOR attributes to static routes. For example, Junos is more flexible in that regard and allows one to configure those attributes for aggregate, generate and static routes. Example:
[edit routing-options rib inet.0 static route 190.149.0.0/16 as-path] root@r1# show /* a real-world example */ path "2914 1299 14754 [6458 52451 52451 52451 52451 52451 52451]"; origin igp; atomic-aggregate; aggregator 14754 10.179.0.5; [edit routing-options rib inet.0 static route 190.149.0.0/16 as-path] root@r1#If the route above is exported to BGP, then the AS_SET, ATOMIC_AGGREGATE and AGGREGATOR are attached.
-
The
--replace-asn <as_number>option provides a workaround for fabricating routes that appear to have been received from an arbitrary AS not peering with the RIPE RIS route collectors. For example,Elisa Finland's AS number (6667) in the AS path and community values is replaced withElisa Estonia's AS number (2586) for the prefix158.101.128.0/19:bgpdump@bgpfeed:~$ bgpdump -m -v -l latest-bview_rrc07.gz | awk -F '|' '$5 == "6667" && $6 == "158.101.128.0/19"' TABLE_DUMP2|1736755200|B|194.68.123.136|6667|158.101.128.0/19|6667 174 31898|IGP|194.68.123.136|0|260|174:21201 174:22032 6667:3004 6667:4004 6667:5009 6667:8891|31898:1:1011300801|NAG|| bgpdump@bgpfeed:~$ bgpdump@bgpfeed:~$ bgpdump -m -v -l latest-bview_rrc07.gz | awk -F '|' '$5 == "6667" && $6 == "158.101.128.0/19"' | bgpdump-to-bird-conf --peer-asn 6667 --replace-asn 2586 route 158.101.128.0/19 via "lo" { bgp_path.prepend(31898); bgp_path.prepend(174); bgp_path.prepend(2586); bgp_origin = ORIGIN_IGP; bgp_med = 260; bgp_community.add((174, 21201)); bgp_community.add((174, 22032)); bgp_community.add((2586, 3004)); bgp_community.add((2586, 4004)); bgp_community.add((2586, 5009)); bgp_community.add((2586, 8891)); bgp_large_community.add((31898, 1, 1011300801)); }; bgpdump@bgpfeed:~$ -
Default route and direct route of the management interface are in the separate VRF and do not clutter the
mainrouting table:bgpdump@bgpfeed:~$ ip r sh vrf mgnt default via 10.5.5.1 dev enp1s0 proto static 10.5.5.0/24 dev enp1s0 proto kernel scope link src 10.5.5.20 bgpdump@bgpfeed:~$ -
When comparing the ADJ-RIB-IN of the
acme-r1router for v4 prefixes from NTT(show route receive-protocol bgp 213.198.72.237 table inet.0 detail) with the ADJ-RIB-IN of a physical Juniper MX series router in Frankfurt receiving full BGP feed from NTT, then 99.92% of the prefixes are identical when ignoring attributes like next-hop, MED, differences in AS path, etc. 1/3 of this 0.08% difference are prefixes with AS-set in AS-path which the script ignores because BIRD does not support prepending the AS-set to AS-path for static routes. Prefixes with unrecognized attributes are not ignored, but the unrecognized attributes are not shown by thebgpdumpcommand in the orchestration script and are not added to the BIRD's static routes:
Less than 0.05% of the v4 prefixes have an unrecognized attribute(s) attached.
-
CPU and memory usage of the virtual machine running BIRD and the orchestration script three times a day:
The virtual machine has 4 vCPUs, and the ~25% CPU usage during script execution indicates that one out of the 4 vCPUs is fully utilized.
-
BIRD's memory usage:
root@bgpfeed:~# birdc show memory BIRD 2.0.12 ready. BIRD memory usage Effective Overhead Routing tables: 316.7 MB 7389.2 kB Route attributes: 115.8 MB 23.7 MB Protocols: 1390.0 kB 36.8 kB Current config: 33.9 GB 203.2 MB Standby memory: 0.0 B 808.0 kB Total: 34.3 GB 234.9 MB root@bgpfeed:~# -
BIRD's static routes files disk usage:
bgpdump@bgpfeed:~$ ls -lh /var/tmp/*routes -rw-r--r-- 1 bgpdump bgpdump 366M Jan 26 10:35 /var/tmp/as2914_v4_routes -rw-r--r-- 1 bgpdump bgpdump 82M Jan 26 10:36 /var/tmp/as2914_v6_routes -rw-r--r-- 1 bgpdump bgpdump 360M Jan 26 10:38 /var/tmp/as3257_v4_routes -rw-r--r-- 1 bgpdump bgpdump 78M Jan 26 10:39 /var/tmp/as3257_v6_routes -rw-r--r-- 1 bgpdump bgpdump 397M Jan 26 10:40 /var/tmp/as6667_v4_routes -rw-r--r-- 1 bgpdump bgpdump 85M Jan 26 10:41 /var/tmp/as6667_v6_routes bgpdump@bgpfeed:~$ -
Example of a detailed information about BGP neighborship:
root@acme-r1> show bgp neighbor 2001:728:0:c::1 Peer: 2001:728:0:c::1+179 AS 2914 Local: 2001:728:0:c::+51174 AS 64511 Group: uplink-NTT-v6 Routing-Instance: master Forwarding routing-instance: master Type: External State: Established Flags: <Sync> Last State: OpenConfirm Last Event: RecvKeepAlive Last Error: None Export: [ AS2914-out-v6 AS64511-DC3-specifics-v6 AS64511-aggregates-v6 reject-all ] Import: [ AS2914-in-v6 check-rpki reject-default-v6 reject-bogon-prefixes-v6 reject-IXPs-nets-v6 reject-invalid-length-v6 reject-AS64511-prefixes-v6 reject-invalid-aspath strip-too-many-communities accept-all-v6 ] Options: <HoldTime AuthKey RemovePrivateAS LogUpDown AddressFamily PeerAS PrefixLimit Refresh> Options: <EnforceFirstAS GracefulShutdownRcv> Authentication key is configured Address families configured: inet6-unicast Holdtime: 300 Preference: 170 Graceful Shutdown Receiver local-preference: 0 Prefixlimit configured for NLRI: inet6-unicast Limit: 500000 Action: Shutdown Warning percentage: 80 Number of flaps: 0 Receive eBGP Origin Validation community: Reject Peer ID: 129.250.1.2 Local ID: 192.0.2.7 Active Holdtime: 300 Keepalive Interval: 100 Group index: 3 Peer index: 0 SNMP index: 3 I/O Session Thread: bgpio-0 State: Enabled BFD: disabled, down Local Interface: ge-0/0/1.0 NLRI for restart configured on peer: inet6-unicast NLRI advertised by peer: inet6-unicast NLRI for this session: inet6-unicast Peer supports Refresh capability (2) Stale routes from peer are kept for: 300 Peer does not support Restarter functionality NLRI that restart is negotiated for: inet6-unicast NLRI of received end-of-rib markers: inet6-unicast NLRI of all end-of-rib markers sent: inet6-unicast Peer does not support LLGR Restarter functionality Peer supports 4 byte AS extension (peer-as 2914) Peer does not support Addpath Table inet6.0 Bit: 30001 RIB State: BGP restart is complete Send state: in sync Active prefixes: 51966 Received prefixes: 204834 Accepted prefixes: 204605 Suppressed due to damping: 0 Advertised prefixes: 2 Last traffic (seconds): Received 54 Sent 35 Checked 46680 Input messages: Total 52216 Updates 51684 Refreshes 0 Octets 8021471 Output messages: Total 515 Updates 2 Refreshes 0 Octets 9922 Output Queue[2]: 0 (inet6.0, inet6-unicast) root@acme-r1>Prefixes rejected by import policies, configured based on best practices, can be seen here.
-
While BIRD supports adding the extended communities to static routes, then the
bgpdumpis not able to parse the extended communities.
