-
Notifications
You must be signed in to change notification settings - Fork 12
FRR AFI Full BGP feed
In the RIPE website choose a BGP route collector and download a full MRT dump (files starting with bview.*): https://www.ripe.net/analyse/internet-measurements/routing-information-service-ris/ris-raw-data
Example (MRT dump from São Paulo - 08/09/2017 - 680k routes):
$ wget http://data.ris.ripe.net/rrc15/2017.08/bview.20170809.0000.gz
$ sudo apt-get install build-essential zlib1g-dev libbz2-dev
$ wget http://www.ris.ripe.net/source/bgpdump/libbgpdump-1.5.0.tgz
$ tar zxf libbgpdump-1.5.0.tgz
$ cd libbgpdump-1.5.0/
$ ./configure --disable-ipv6
$ make
$ sudo cp bgpdump /usr/local/bin
Use the bgpdump tool installed in the previous step to convert the MRT dump to the TABLE_DUMP_V2 format required by the bgpsimple script:
$ zcat bview.20170809.0000.gz | bgpdump -m - > bgp_fulltable_sao_paulo
It's also recommended to remove duplicate routes using awk:
$ awk -F'|' '{ if (a[$6]++ == 0) print $0 }'\
bgp_fulltable_sao_paulo > bgp_fulltable_sao_paulo_uniq
NOTE: a full BGP dump in the TABLE_DUMP_V2 format can be download from this link: https://www.dropbox.com/s/jws8jbiflvty4hc/bgp_fulltable_sao_paulo_ipv4_2017_08_09?dl=0 (91.7 MB)
Install the Net::BGP perl module:
# perl -MCPAN -we 'install "Net::BGP"'
Download the bgpsimple script:
$ git clone https://github.com/xdel/bgpsimple.git
Finally, apply this patch to allow pacing the advertisements: https://hastebin.com/ipisohuten.diff
Since our AFI client relies on Netlink to mirror the Linux routing table into AFI, and Netlink is not a reliable protocol like TCP, we need to slow down the advertisements to reduce the chance of losing some Netlink messages.
vMX's bgpd (/etc/frr/bgpd.conf):
log file /tmp/frr-global-bgpd.log
!
router bgp 100
neighbor 103.30.30.3 remote 13
neighbor 103.30.30.3 timers 100 50000
!
!
1 - Start the AFI client:
# cd example-clients/afi-client-linux
# make
# ./run-afi-client-linux 128.0.0.16:50051 128.0.0.16:9002
2 - In another shell, start zebra and bgpd:
# zebra -d
# bgpd -d
3 - Start the bgpsimple script in vrouter3:
# ip netns exec vrouter3 bash
# bgp_simple.pl -myas 13 -myip 103.30.30.3 -peerip 103.30.30.1\
-peeras 100 -p bgp_fulltable_sao_paulo -n\
-keepalive 100 -holdtime 50000 -nolisten
Note that we configured both bgpd and bgp_simple.pl to use a very high holdtime (50.000 seconds, or ~833 minutes). This is necessary because bgp_simple.pl takes a lot of time to send all routes from the MRT dump, and it doesn't send any BGP Keepalive until it's done with the routes.
Once started, the output of bgp_simple.pl should be like this:
180 Send Update: prfx [1.10.203.0/24] aspath [13 52888 1251 20080 6762 38040 23969] orig [INCOMPLETE] nxthp [103.30.30.3]
181 Send Update: prfx [1.10.204.0/24] aspath [13 52888 1251 20080 6762 38040 23969] orig [INCOMPLETE] nxthp [103.30.30.3]
182 Send Update: prfx [1.10.205.0/24] aspath [13 52888 1251 20080 6762 38040 23969] orig [INCOMPLETE] nxthp [103.30.30.3]
183 Send Update: prfx [1.10.206.0/24] aspath [13 25933 3549 6762 38040 23969] comm [25933:3549] orig [INCOMPLETE] nxthp [103.30.30.3]
184 Send Update: prfx [1.10.207.0/24] aspath [13 25933 3549 6762 38040 23969] comm [25933:3549] orig [INCOMPLETE] nxthp [103.30.30.3]
185 Send Update: prfx [1.10.208.0/24] aspath [13 25933 3549 6762 38040 23969] comm [25933:3549] orig [INCOMPLETE] nxthp [103.30.30.3]
186 Send Update: prfx [1.10.209.0/24] aspath [13 25933 3549 6762 38040 23969] comm [25933:3549] orig [INCOMPLETE] nxthp [103.30.30.3]
187 Send Update: prfx [1.10.210.0/24] aspath [13 25933 3549 6762 38040 23969] comm [25933:3549] orig [INCOMPLETE] nxthp [103.30.30.3]
188 Send Update: prfx [1.10.211.0/24] aspath [13 52888 1251 20080 6762 38040 23969] orig [INCOMPLETE] nxthp [103.30.30.3]
189 Send Update: prfx [1.10.212.0/24] aspath [13 52888 1251 20080 6762 38040 23969] orig [INCOMPLETE] nxthp [103.30.30.3]
190 Send Update: prfx [1.10.213.0/24] aspath [13 52888 1251 20080 6762 38040 23969] orig [INCOMPLETE] nxthp [103.30.30.3]
191 Send Update: prfx [1.10.214.0/24] aspath [13 25933 3549 6762 38040 23969] comm [25933:3549] orig [INCOMPLETE] nxthp [103.30.30.3]
192 Send Update: prfx [1.10.215.0/24] aspath [13 25933 3549 6762 38040 23969] comm [25933:3549] orig [INCOMPLETE] nxthp [103.30.30.3]
And the output of the AFI client should be like this:
[netlink-route] add: 1.20.72.0/21 dev 14 via 103.30.30.3
[afi-route] install: 1.20.72.0/21 dev 14 via 103.30.30.3
[netlink-route] add: 1.20.80.0/24 dev 14 via 103.30.30.3
[afi-route] install: 1.20.80.0/24 dev 14 via 103.30.30.3
[netlink-route] add: 1.20.81.0/24 dev 14 via 103.30.30.3
[afi-route] install: 1.20.81.0/24 dev 14 via 103.30.30.3
[netlink-route] add: 1.20.83.0/24 dev 14 via 103.30.30.3
[afi-route] install: 1.20.83.0/24 dev 14 via 103.30.30.3
[netlink-route] add: 1.20.84.0/23 dev 14 via 103.30.30.3
[afi-route] install: 1.20.84.0/23 dev 14 via 103.30.30.3
[netlink-route] add: 1.20.86.0/24 dev 14 via 103.30.30.3
[afi-route] install: 1.20.86.0/24 dev 14 via 103.30.30.3
[netlink-route] add: 1.20.87.0/24 dev 14 via 103.30.30.3
[afi-route] install: 1.20.87.0/24 dev 14 via 103.30.30.3
[netlink-route] add: 1.20.88.0/24 dev 14 via 103.30.30.3
[afi-route] install: 1.20.88.0/24 dev 14 via 103.30.30.3
[netlink-route] add: 1.20.90.0/24 dev 14 via 103.30.30.3
[afi-route] install: 1.20.90.0/24 dev 14 via 103.30.30.3
[netlink-route] add: 1.20.91.0/24 dev 14 via 103.30.30.3
[afi-route] install: 1.20.91.0/24 dev 14 via 103.30.30.3
Using vtysh we can see the BGP RIB (it takes ~9 hours to receive the full dump from the script):
# vtysh -c "show ip bgp summary"
IPv4 Unicast Summary:
BGP router identifier 10.0.255.100, local AS number 100 vrf-id 0
BGP table version 57386
RIB entries 106981, using 15 MiB of memory
Peers 1, using 19 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
103.30.30.3 4 13 57385 54251 0 0 0 00:48:27 57383
Total number of neighbors 1
Now, if we add a default route in, let's say, vrouter0, and try to ping any route from the MRT dump we'll receive a "Destination Host Unreachable" reply from vrouter3, indicating that the BGP routes were correctly installed in the vMX's vAsic.