Skip to content

The BGP swiss army knife of networking

License

Notifications You must be signed in to change notification settings

igloo777/exabgp

 
 

Repository files navigation

CI PyPI Status PyPI PyPI Wheel License Code style: black

Introduction

ExaBGP provides a convenient way to implement Software Defined Networking by transforming BGP messages into friendly plain text or JSON, which can then be easily handled by simple scripts or your BSS/OSS.

It is routinely used to improve service resilience and provide protection against network or service failures. For example, thanks to the healthcheck backend included, anycasted DNS service failures can be detected and handled gracefully. To help you get started, Vincent Bernat put forward a full lab explaining how to best use this feature.

Also, alone or in conjunction with FastNetMon or WanGuard, it provides network operators a cost effective DDOS protection solution.

Thanks to modern routers' flow balancing, ExaBGP can also be used to save you money on load balancers, some good information can be found here too.

Other uses include keeping an eye on network changes done as was done by RIPE or by other networks with GIXLG.

Development

The master branch is now what will be ExaBGP 5.0.x. It is going to be a major rewrite of the software. Lots has changed in 11 years. ExaBGP is nearly as old as Python3.

Suport for python2 has already been dropped. The code will be updated to take advantage of Python3 'new' async-io and new features are being investigated (such as configuration edition via a interactive CLI). A large part of the configuration parsing will surely be changed which mean the configuration format will most likely change too.

The program command line arguments has already been changed and is no longer backward compatible with version 3 and 4. For these reasons, we do not recommand the use of the master branch in production.

Who is using ExaBGP ?

Some users have documented their use cases, such as DailyMotion or Facebook.

These organisations have spoken of, or are using/have used ExaBGP: AMS-IX, Alcatel Lucent, BBC, Blablacar, Cisco Systems, Cloudflare, Dailymotion, Facebook, MaxCDN, Microsoft, OpenDNS, Oracle, PowerDNS, RIPE NCC, ...

Therefore so should YOU! 😁

Installation

The program is packaged for Debian, Ubuntu, ArchLinux, Gentoo, Mint, FreeBSD, OSX and OmniOS (and probably more).

The latest version is available on pypi, the Python Package Index

> pip install exabgp

> exabgp --version
> exabgp --help

> exabgp --run healthcheck --help
> python -m exabgp healthcheck --help

It is also possible to download the latest archive from github

> curl -L https://github.com/Exa-Networks/exabgp/archive/4.2.6.tar.gz | tar zx

> cd exabgp-4.2.6
> ./sbin/exabgp --version
> ./sbin/exabgp --help

> ./sbin/exabgp --run healthcheck --help
> env PYTHONPATH=./src python -m exabgp healthcheck --help
> ./bin/healthcheck --help

or to use git master

> git clone https://github.com/Exa-Networks/exabgp exabgp-git

> cd exabgp-git
> ./sbin/exabgp --version
> ./sbin/exabgp --help

> ./sbin/exabgp --run healthcheck --help
> env PYTHONPATH=./src python -m exabgp healthcheck --help
> ./bin/healthcheck --help

or change git to use any previous release (here 4.2.6)

> git checkout 4.2.6
> ./sbin/exabgp --version

It is possible to create a self-contained executable which only requires an installed python3 interpreter

> cd exabgp-git
> python3 -m zipapp -o /usr/local/sbin/exabgp -m exabgp.application:main  -p "/usr/bin/env python3" src
> /usr/local/sbin/exabgp --version

or

> cd exabgp-git
> release binary /usr/local/sbin/exabgp
> /usr/local/sbin/exabgp --version

Multiple versions can be used simultaneously without conflict when ExaBGP is ran from extracted archives and/or local git repositories.

ExaBGP 3.4 and previous versions are python2 applications. ExaBGP 4.0 had support for both Python2 and 3. current version of ExaBGP are targeting python3 (3.6+) only.

Upgrade

ExaBGP is self-contained and easy to upgrade/downgrade by:

  • replacing the downloaded release folder, for releases download
  • running git pull in the repository folder, for installation using git master
  • running pip install -U exabgp, for pip installations
  • running apt update; apt upgrade exabgp for Debian/Ubuntu

If you are migrating your application from ExaBGP 3.4 to 4.x please read this wiki entry.

The configuration file and API format may change from time to time, but every effort is made to make sure backward compatibility is kept. However users are encouraged to read the release note/CHANGELOG and check their setup after upgrade.

Support

ExaBGP is supported through Github's issue tracker. So should you encounter any problems, please do not hesitate to report it so we can help you.

During "day time" (GMT/BST) feel free to contact us on Slack. We will try to respond if available. ExaBGP also has a channel on Freenode #exabgp but it is not monitored and an historical room on gitter not monitored anymore Gitter

The best way to be kept informed about our progress/releases is to follow us on Twitter. You can also use and subscribe to our low volume mailing list.

Documentation

The documentation is known to be imperfect. One could even say wanting, limited, insufficient and lacking, therefore any contribution (however small) toward its improvement is truly welcomed.

Other users did however do a fair bit of documentation, just not on the wiki. 😢

To understand how ExaBGP should be configured, please have a look into the etc/exabgp folder of the repository where a great many examples are available.

exabgp --help is also a treasure trove of information.

Related Projects

The following projects are related to ExaBGP

BGP playgrounds

Network Protection

  • WanGuard DDOS protection from Andrisoft
  • FastNetMon a DDOS protection solution
  • exabgp edgerouter Spamhaus and Emerging Threats blocking with Ubiquiti EdgeRouters
  • exabgp-voipbl advertises local or/and voipbl.org blacklist using unicast or flow route.

Network Monitoring

  • ARTEMIS Real-Time Detection and Automatic Mitigation for BGP Prefix Hijacking.
  • GIXLG a looking glass with visualisation
  • lookify another looking glass
  • invalidroutesreporter report/log invalid routes received by route servers

Route Announcement

Installation

Interoperability

  • IOS2ExaBGP converts Cisco IOS IPv4 BGP LOC Rib dumps to ExaBGP's format
  • MRTparse convert MRT format to ExaBGP

High availability

  • ExaZK a plugin to interface ExaBGP & ZooKeeper
  • exazk a ruby solution to interface ExaBGP & ZooKeeper to achieve service HA
  • exabgp-healthcheck A third party healthcheck program in Perl
  • exa-template service discovery by BGP communities. more information on this blog

Performance

  • bgperf Stress test solution for Bird and Quagga (can be used with other implementations)
  • super smash brogp Stress test BGP
  • kyro realtime network performance measurement and optimal routes injection - not really ExaBGP related, they have their own stack, but worth mentioning
  • kakapo a BGP flooding tool

FIB

Other BGP implementation

  • Full list of known open source BGP implementation
  • Bird very good C based BGP implementation with powerful route filtering language
  • FRR the successor of Quagga, itself successor from Zebra. If you do not already know it, you should
  • GoBGP an implementation with various binding for programmers
  • RYU for SDN fans

Features

RFC support includes ASN4, IPv6, MPLS, VPLS, Flow, Graceful Restart, Enhanced Route Refresh, Extended Next-Hop, "BGP-LS" and AIGP among others. More information can be found here

ExaBGP does not perform any FIB manipulation. If this is what you need, you may consider another open source BGP daemon such as BIRD or Quagga.

RFC compliance details the latest developments.

Development

Debug environment variable

The following "unsupported" options are available to help with development:

  exabgp.debug.configuration  to trace with pdb configuration parsing errors
  exabgp.debug.pdb            enable python debugger on runtime errors (be ready to use `killall python` to handle orphaned child processes)
  exabgp.debug.route          similar to --decode but using the environment

Test suite

If you want to check any code changes, the repository comes with a qa folder, which includes many way to check code integrity.

ExaBGP comes with a set of functional tests, each test starts an IBGP daemon expecting a number of per recorded UPDATEs for the matching configuration file.

You can see all the existing tests running ./qa/bin/functional listing. Each test is numbered and can be run independently (please note that 03 is not the same as 3).

# ./qa/bin/functional run     # (run all the test)
# ./qa/bin/functional run 03  # (run test 03 as reported by listing)

You can also manually run both the server and client for any given test:

shell1# ./qa/bin/functional server 03
shell2# ./qa/bin/functional client 03

A test suite is also present to complement the functional testing.

# env exabgp_log_enable=false nosetests --with-coverage ./tests/*_test.py

(nosetest requires nose pip install nose or pip3 install nose)

You can decode UPDATE messages using ExaBGP --decode argument.

# env exabgp_tcp_bind='' ./sbin/exabgp ./etc/exabgp/api-open.conf --decode FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF:003C:02:0000001C4001010040020040030465016501800404000000C840050400000064000000002001010101
21:24:59 | 37750  | parser        | update json { "exabgp": "4.0.1", "time": 1560371099.404008, "host" : "ptr-41.212.219.82.rev.exa.net.uk", "pid" : 37750, "ppid" : 10834, "counter": 1, "type": "update", "neighbor": { "address": { "local": "127.0.0.1", "peer": "127.0.0.1" }, "asn": { "local": 1, "peer": 1 } , "direction": "in", "message": { "update": { "attribute": { "origin": "igp", "med": 200, "local-preference": 100 }, "announce": { "ipv4 unicast": { "101.1.101.1": [ { "nlri": "1.1.1.1/32", "path-information": "0.0.0.0" } ] } } } } } }

About

The BGP swiss army knife of networking

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Python 98.9%
  • Other 1.1%