BGPd-rs

BGP 服务守护进程，用 Rust 构建

功能

• 监听传入的 BGP 会话
• 指定的对等方可以是 IP 地址或网络+掩码
• 主动向空闲对等方发起 TCP 连接
• 将基于配置的轮询间隔尝试连接
• 协商 OPEN 能力
• 接收和响应保活（基于保持时间间隔）
• 处理 UPDATE 消息，存储在 RIB 中
• 配置重载以更新对等方状态（启用、被动等）
  • 在会话期间更新静态路由公告
• CLI 界面用于查看对等方状态、路由等
• 向对等方公告路由（从 API 和/或配置中指定）
• API/CLI 界面用于与 BGPd 交互
• 流规格支持
• 路由刷新
• 邻居 MD5 认证
• 路由策略用于过滤学习到的和公告的路由

对等方配置

对等方及其配置以 TOML 格式定义；请参阅此处示例 示例。

配置值详细信息

router_id = "1.1.1.1"         # Default Router ID for the service
default_as = 65000            # Used as the local-as if `local_as` is not defined for a peer
bgp_socket = "127.0.0.1:1179" # BGP address & port
api_socket = "0.0.0.0:8080"   # API address & port [Listen on all interfaces (IPv4 & IPv6)]

[[peers]]
remote_ip = "127.0.0.2"       # This can also be an IPv6 address, see next peer
# remote_ip = "10.0.0.0/24"   # Network+Mask will accept inbound connections from any source in the subnet
remote_as = 65000
passive = true                # If passive, bgpd won't attempt outbound connections
router_id = "127.0.0.1"       # Can override local Router ID for this peer
hold_timer = 90               # Set the hold timer for the peer, defaults to 180 seconds
families = [                  # Define the families this session should support
  "ipv4 unicast",
  "ipv6 unicast",
]
[[peers.static_routes]]       # Add static routes (advertised at session start)
  prefix = "9.9.9.0/24"
  next_hop = "127.0.0.1"
[[peers.static_routes]]
  prefix = "3001:100::/64"
  next_hop = "3001:1::1"
[[peers.static_flows]]        # Add static Flowspec rules too!
afi = 2
action = "traffic-rate 24000"
matches= [
    "source 3001:100::/56",
    "destination-port >8000 <=8080",
    "packet-length >100",
]
as_path = ["65000", "500"]
communities = ["101", "202", "65000:99"]


[[peers]]
remote_ip = "::2"
enabled = false               # Peer is essentially de-configured
remote_as = 100
local_as = 200
families = [
  "ipv6 unicast",
]

您可以向 BGPd 进程发送 SIGHUP [例如，pkill -HUP bgpd$] 以重载和更新对等方配置。以下项目可以更新

对等方

• 添加和删除
• 启用/禁用
• 对空闲对等方的主动/被动轮询
• 保持计时器
• 支持的家族

• 仅当不在活动会话中时，因为这些在 OPEN 中协商

查看 BGPd 信息

BGPd 提供了一个 JSON RCP API，可以通过查询来查看操作信息，如邻居和路由

邻居正常运行时间和接收到的前缀

$ curl localhost:8080 -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","method":"show_peers","params":null,"id":0}' | jq '.result[] | {peer: .peer, uptime: .uptime, prefixes_received: .prefixes_received}'
{
  "peer": "127.0.0.2",
  "uptime": "00:31:13",
  "prefixes_received": 4
}
{
  "peer": "127.0.0.3",
  "uptime": null,
  "prefixes_received": null
}
{
  "peer": "172.16.20.2",
  "uptime": "00:31:20",
  "prefixes_received": 2
}

学习到的路由（带有属性）

$ curl localhost:8080 -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","method":"show_routes_learned","params": {"from_peer": "172.16.20.2"},"id":0}' | jq '.result[]'
{
  "afi": "IPv6",
  "age": "00:00:38",
  "as_path": "",
  "communities": [],
  "local_pref": 100,
  "multi_exit_disc": null,
  "next_hop": "::ffff:172.16.20.2",
  "origin": "IGP",
  "prefix": "3001:172:16:20::/64",
  "received_at": 1572898659,
  "safi": "Unicast",
  "source": "172.16.20.2"
}
{
  "afi": "IPv4",
  "age": "00:00:38",
  "as_path": "",
  "communities": [],
  "local_pref": 100,
  "multi_exit_disc": null,
  "next_hop": "172.16.20.2",
  "origin": "IGP",
  "prefix": "172.16.20.0/24",
  "received_at": 1572898659,
  "safi": "Unicast",
  "source": "172.16.20.2"
}

使用 bgpd CLI 也可以通过 BGPd API（并公告路由！）查看对等方和路由信息

开发

我目前使用ExaBGP（Python）和GoBGP（Go）作为我的BGP对等体进行测试。

• 这是一篇关于安装和开始使用ExaBGP的简介文章。

ExaBGP配置

安装好ExaBGP后，您可以使用来自examples/exabgp目录的配置文件

conf_127.0.0.2.ini

neighbor 127.0.0.1 {
    router-id 2.2.2.2;
    local-address 127.0.0.2;          # Our local update-source
    local-as 65000;                    # Our local AS
    peer-as 65000;                    # Peer's AS

    announce {
        ipv4 {
            unicast 2.100.0.0/24 next-hop self med 500 extended-community [ target:65000:1.1.1.1 ];
            unicast 2.200.0.0/24 next-hop self as-path [ 100 200 ];
            unicast 2.10.0.0/24 next-hop self med 10 community [404 65000:10];
        }
    }
}

使用以下命令运行exabgp服务

$ env exabgp.tcp.port=1179 exabgp.tcp.bind="127.0.0.2" exabgp ./conf_127.0.0.2.ini --once

--once 仅尝试建立单个连接，会话结束时自动退出

GoBGP

安装好GoBGP后，您可以使用来自examples/gobgp目录的配置文件

gobgpd.toml

[global.config]
  as = 65000
  router-id = "4.4.4.4"
  port = 1179
  local-address-list = ["127.0.0.4"]

[[neighbors]]
  [neighbors.config]
    neighbor-address = "127.0.0.1"
    peer-as = 65000
  [neighbors.transport.config]
    passive-mode = false
    local-address = "127.0.0.4"
    remote-port = 1179
  [neighbors.timers.config]
    connect-retry = 5
    hold-time = 30
    keepalive-interval = 10

使用以下命令运行gobgpd服务

$ gobgpd -f ./examples/gobgp/gobgpd.toml

BGPd配置

然后按照以下方式运行bgpd

使用IPv6

$ cargo run -- run --address "::1" --port 1179 ./examples/config.toml -vv

或IPv4（默认为127.0.0.1）

$ cargo run -- run --port 1179 ./examples/config.toml -vv

您可能注意到我在测试时使用的是TCP端口1179，如果您需要使用TCP 179与无法更改端口的对等体进行测试（例如思科），则需要使用sudo权限运行bgpd

$ cargo build --release
$ sudo ./targets/release/bgpd run ./examples/config.toml -vv

感谢

• bgp-rs提供的BGP消息解析
• tokio提供的运行时
• ParityTech提供的JSON RPC API