GithubHelp home page GithubHelp logo

ecix / birdwatcher Goto Github PK

View Code? Open in Web Editor NEW

This project forked from mchackorg/birdwatcher

26.0 11.0 7.0 254 KB

An attempt at a BIRD API

License: BSD 3-Clause "New" or "Revised" License

Go 95.52% Makefile 4.48%

birdwatcher's Introduction

birdwatcher

birdwatcher is a small HTTP server meant to provide an API defined by Barry O'Donovan's birds-eye to the BIRD routing daemon.

Why

The INEX implementation of birdseye runs PHP, which is not always desirable (and performant) in a routeserver setting. By using Go, we are able to work with regular binaries, which means deployment and maintenance might be more convenient.

Our version also has a few more capabilities, as you will discover when looking at the modules section of the config.

Installation

You will need to have go installed to build the package. Running go get github.com/ecix/birdwatcher will give you a binary. You might need to cross-compile it for your bird-running servive (GOARCH and GOOS are your friends).

We provide a Makefile for more advanced compilation/configuration. Running make linux will create a Linux executable (by default for amd64, but that is configurable by providing the ARCH argument to the Makefile).

BIRD configuration

Birdwatcher parses the output of birdc and expects (for now) the time format to be iso long. You need to configure

timeformat base         iso long;
timeformat log          iso long;
timeformat protocol     iso long;
timeformat route        iso long;

in your /etc/bird[6].conf for birdwatcher to work.

BIRD keep filtered routes

To also see the filtered routes in BIRD you need to make sure that you have enabled the 'import keep filtered on' option for your BGP peers.

protocol bgp 'peerX' {
    ...
    import keep filtered on;
    ...
}

Now you should be able to do a 'show route filtered' in BIRD.

Do note that 'import keep filtered on' does NOT work for BIRD's pipe protocol which is used when you have per peer tables, often used with Route Servers. If your BIRD configuration has its import filters set on the BIRD pipe protocols themselves then you will not be able to show the filtered routes. However, you could move the import filters from the pipes to the BGP protocols directly. For example:

table master;
table table_peer_X;

protocol pipe pipe_peer_X {
    table master;
    peer table table_peer_X;
    mode transparent;
    import all;
    export where exportMagic();
}

protocol bgp 'peerX' {
    ...
    table table_peer_X;
    import where importFilter();
    import keep filtered on;
    export all;
    ...
}

BIRD tagging filtered routes

If you want to make use of the filtered route reasons in the Birdseye then you need to make sure that you are using BIRD 1.6.3 or up as you will need Large BGP Communities (http://largebgpcommunities.net/).

You need to add a Large BGP Community just before you filter a route, for example:

define yourASN = 12345
define yourFilteredNumber = 65666
define prefixTooLong = 1
define pathTooLong = 2

function importScrub() {
    ...
    if (net.len > 24) then {
        print "REJECTING: ",net.ip,"/",net.len," received from ",from,": Prefix is longer than 24: ",net.len,"!";
        bgp_large_community.add((YourASN,yourFilteredNumber,prefixTooLong));
        return false;
    }
    if (bgp_path.len > 64) then {
        print "REJECTING: ",net.ip,"/",net.len," received from ",from,": AS path length is ridiculously long: ",bgp_path.len,"!";
        bgp_large_community.add((yourASN,yourFilteredNumber,pathTooLong));
        return false;
    }
    ...
    return true;
}

function importFilter() {
    ...
    if !(importScrub()) then reject;
    ...
    accept;
}

Building an RPM

Building RPMs is supported through fpm. If you have fpm installed locally, you can run make rpm to create a RPM in the folder RPMS. If you have a remote build server with fpm installed, you can build and fetch an RPM with make remote_rpm BUILD_SERVER=<buildserver_url> (requires SSH access).

Deployment

If you want to deploy birdwatcher on a system that uses RPMs, you should be able to install it after following the instructions on building an RPM.

We do not currently support other deployment methods.

Configuration

An example config with sane defaults is provided in etc/ecix/birdwatcher.conf. You should be able to use it out of the box. If you need to change it, it is well-commented and hopefully intuitive. If you do not know how to configure it, please consider opening an issue.

How

In the background birdwatcher runs the birdc client, sends commands and parses the result. It also leverages simple caching techniques to help reduce the load on the bird service.

Who

Initially developed by Daniel and MC from Netnod in two days at the RIPE 73 IXP Tools Hackathon in Madrid, Spain.

Running bird and parsing the results was added by Veit Heller on behalf of ecix.

birdwatcher's People

Contributors

czerwonk avatar dmelani avatar hellerve avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

czerwonk zhaofengli andrewlisi yuriykulakov ym isabella232 kwanhur

birdwatcher's Issues

offer custom configuration location

Its not that I don't like ecix, but I'd prefer not to have to stick your brand name in my /etc directory.

It would be great if I can point the tool with a command line option (-f perhaps?) to where I stored my configuration.

relevant:

birdwatcher/birdwatcher.go

Lines 106 to 110 in 3e8140a

conf, err := LoadConfigs([]string{
"./etc/ecix/birdwatcher.conf",
"/etc/ecix/birdwatcher.conf",
"./etc/ecix/birdwatcher.local.conf",
})

Integration issue between Alice-LG and Birdwatcher

Bird Devel_birdwatcher.conf.log
Centos Alice-LG_alice.conf.log

Situation
We require your support in order to complete the correct integration between Alice-LG and Birdwatcher API.
We installed Alice-LG in a CentOs 7 Server. We can start Alice-LG with the Binary generaded from "make" without trouble. But the Alice-LG indicated that it was an error comuniicating with a JSON on the Birdwatcher Server.
The birdwatcher was installed in a Ubuntu Server. In the same server is running the Bird daemon. We can start Birdwatcher in Docker mode and with the Binary generaded from make /Makefile too. In the case of make, we tried with amd64 and 386 in the variable GOARCH. In both cases the log informs http errors next to start Birdwatcher (301, 500, 429).
General Info
•Alice-LG Server: Hostname alice, IP 10.7.102.208, CentOs 7, adm64, RAM 4 GB. Apache Webserver. We can access to the Alice-LG Web Interface but a windows popup inidicated thas there is a trouble with the Route Server.
•Bird/Birdwatcher Server: Hostname bird-devel-test, IP 10.7.103.227, Ubuntu 18.04 LTS, amd64, RAM 4 GB. Running Birdseye too
•Handle for birdc daemon: rs1-lantest-ipv4 (This handle was put into the hosts file en /etc on both servers
Applications status and outputs
From Alice-LG Server:
[ppuser@alice bin]$ ./alice-lg-linux-amd64
2021/02/17 12:08:04 Adding birdwatcher source of type multi_table with peer_table_prefix T and pipe_protocol_prefix M
** *** Alice 4.2.0

  • *** ** *** Listening on: 10.7.102.208:7345
    *** ** * Routeservers: 1

**
2021/02/17 12:08:04 Using configuration: ../etc/alice-lg/alice.conf
2021/02/17 12:08:04 Starting local routes store
2021/02/17 12:08:04 Routes Store refresh interval set to: 5m0s
2021/02/17 12:08:04 Starting local neighbours store
2021/02/17 12:08:04 Neighbours Store refresh interval set to: 5m0s
2021/02/17 12:08:04 Preparing and installing assets
2021/02/17 12:08:04 Using theme at: /home/ppuser/go/src/github.com/alice-lg/alic e-lg/alice-theme-example/
2021/02/17 12:08:04 Refreshing the routes store failed for: rs1-lantest-ipv4 (IP v4) ( rs0-lantest-ipv4 ) with: unexpected end of JSON input - NEXT STATE: ERROR
2021/02/17 12:08:04 Refreshed routes store for 0 of 1 sources with 1 error(s) in 17.052435ms
2021/02/17 12:08:04 Routes store:
2021/02/17 12:08:04 Routes Imported: 0 Filtered: 0
2021/02/17 12:08:04 Routeservers:
2021/02/17 12:08:04 - rs1-lantest-ipv4 (IPv4)
2021/02/17 12:08:04 State: ERROR
2021/02/17 12:08:04 UpdatedAt: 2021-02-17 12:08:04.054366654 -0500 EST m =+0.031546064
2021/02/17 12:08:04 Routes Imported: 0 Filtered: 0
2021/02/17 12:08:04 Refreshing the neighbors store failed for: rs1-lantest-ipv4 (IPv4) ( rs0-lantest-ipv4 ) with: bird unreachable - NEXT STATE: ERROR
2021/02/17 12:08:04 Refreshed neighbors store for 0 of 1 sources with 1 error(s) in 17.290347ms
2021/02/17 12:08:04 Neighbours store:
2021/02/17 12:08:04 Neighbours: 0
2021/02/17 12:08:04 - rs1-lantest-ipv4 (IPv4)
2021/02/17 12:08:04 State: ERROR
2021/02/17 12:08:04 UpdatedAt: 2021-02-17 12:08:04.05479604 -0500 EST m= +0.031974283
2021/02/17 12:08:04 Neighbours: 0

From Bird/Birdwatcher Server:
root@bird-devel-test:/home/ppuser/go/src/github.com/alice-lg/birdwatcher# docker build . -t alicelg/birdwatcher:latest
Sending build context to Docker daemon 19.79MB
Step 1/14 : FROM golang:1.13 AS app
---> d6f3656320fe
Step 2/14 : WORKDIR /src/birdwatcher
---> Using cache
---> ae1f387591fd
Step 3/14 : ADD vendor .
---> Using cache
---> eae4881e1e9a
Step 4/14 : ADD go.mod .
---> Using cache
---> e2fb844133db
Step 5/14 : ADD go.sum .
---> Using cache
---> f16bcfe74f94
Step 6/14 : RUN go mod download
---> Using cache
---> a9b0a57425d1
Step 7/14 : ADD . .
---> 6577355de47d
Step 8/14 : RUN make
---> Running in ce189559b4bc
GO111MODULE=on GOARCH=amd64 GOOS=linux go build -o birdwatcher-linux-amd64
Built 2.2.0_462fe13 @ linux
Removing intermediate container ce189559b4bc
---> 21b4a56c35ed
Step 9/14 : FROM ehlers/bird2
---> d869eef20c36
Step 10/14 : COPY --from=app /src/birdwatcher/birdwatcher-linux-amd64 /usr/bin/birdwatcher
---> Using cache
---> ebcc7b16c8c3
Step 11/14 : ADD etc/birdwatcher/birdwatcher.conf /etc/birdwatcher/birdwatcher.conf
---> Using cache
---> 37515a4cbd1c
Step 12/14 : EXPOSE 29184/tcp
---> Using cache
---> 8278fc41fb90
Step 13/14 : EXPOSE 29186/tcp
---> Using cache
---> 7fdc682838fe
Step 14/14 : ENTRYPOINT ["/usr/bin/birdwatcher", "-config", "/etc/birdwatcher/birdwatcher.conf"]
---> Using cache
---> 995aaf95f49a
Successfully built 995aaf95f49a
Successfully tagged alicelg/birdwatcher:latest
root@bird-devel-test:/home/ppuser/go/src/github.com/alice-lg/birdwatcher# docker run -p 29184:29184 -v /var/run/rs1-lantest-ipv4.ctl:/usr/local/var/run/rs1-lantest-ipv4.ctl -it --rm alicelg/birdwatcher:latest
Using config file: /etc/birdwatcher/birdwatcher.conf
Starting Birdwatcher
Using: birdc
Listen: 0.0.0.0:29184
Cache TTL: 10
AllowFrom: ALL
Caching backend: MEMORY
ModulesEnabled:

  • status
  • protocols
  • protocols_bgp
  • protocols_short
  • routes_protocol
  • routes_peer
  • routes_table
  • routes_table_filtered
  • routes_table_peer
  • routes_filtered
  • routes_prefixed
  • routes_noexport
  • routes_pipe_filtered_count
  • routes_pipe_filtered
    10.7.102.208 - - [22/Feb/2021:23:35:42 +0000] "GET //protocols HTTP/1.1" 301 45
    10.7.102.208 - - [22/Feb/2021:23:35:42 +0000] "GET //protocols HTTP/1.1" 301 45
    10.7.102.208 - - [22/Feb/2021:23:35:42 +0000] "GET /protocols HTTP/1.1" 500 28
    10.7.102.208 - - [22/Feb/2021:23:35:42 +0000] "GET /protocols HTTP/1.1" 429 0
    // The same ocurrs with the binary
    Troubleshooting
    We made some tasks in order to detect the problem
    From Bird/Birdwatcher Server:

root@bird-devel-test # netstat -ntlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 917/lighttpd
tcp 0 0 10.7.103.227:179 0.0.0.0:* LISTEN 6473/bird
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 687/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 903/sshd
tcp 0 0 127.0.0.1:43703 0.0.0.0:* LISTEN 855/containerd
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 5440/sshd: ppuser@p
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 6386/sshd: ppuser@p
tcp 0 0 127.0.0.1:6012 0.0.0.0:* LISTEN 7655/sshd: ppuser@p
tcp6 0 0 :::29184 :::* LISTEN 7718/docker-proxy
tcp6 0 0 :::22 :::* LISTEN 903/sshd
tcp6 0 0 ::1:6010 :::* LISTEN 5440/sshd: ppuser@p
tcp6 0 0 ::1:6011 :::* LISTEN 6386/sshd: ppuser@p
tcp6 0 0 ::1:6012 :::* LISTEN 7655/sshd: ppuser@p

From Alice-LG Server:
[root@alice ppuser]# telnet rs1-lantest-ipv4 29184
Trying 10.7.103.227...
Connected to rs1-lantest-ipv4.
Escape character is '^]'.
[root@aliceppuser]#curl rs1-lantest-ipv4:29184
curl: (7) Failed connect to rs1-lantest-ipv4:29184; Connection refused

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.