bgpipe examples
The bgpipe command-line tool processes and filters BGP messages through a series of stages. Each stage performs a specific action, such as connecting to a BGP speaker, reading MRT files, or filtering BGP messages.
Stages are specified in sequence, usually separated by --
, and each stage can have its own set of options provided using flags. Global options that affect the entire bgpipe process are specified before the first stage.
Below are practical examples to help you get started with bgpipe.
Connect to a BGP speaker
Connect to a BGP speaker at IP address 1.2.3.4
. The command responds to the OPEN message from 1.2.3.4
(using the same ASN) and dumps the session in JSON format to stdout (the -o
switch). It's useful for debugging and monitoring BGP sessions, allowing you to see the raw BGP messages.
JSON to BGP and back
Convert a JSON input file to BGP messages, send them to a BGP speaker, and capture the output back in JSON format. This example is useful for testing BGP message processing in remote speakers.
Convert MRT files to JSON
Read MRT updates from a compressed file and convert the updates to JSON format. This is particularly useful for analyzing historical BGP data stored in MRT files, which are often used for archiving BGP updates (e.g., see RouteViews.org).
Adding TCP-MD5
Set up a proxy that listens on TCP port 179, waits for a connection, and then proxies it to 1.2.3.4
with a popular TCP-MD5 password. The conversation is printed to stdout. This setup is useful for "securing" BGP sessions, ensuring that only authorized peers can establish a TCP connection. It supports multi-hop scenarios.
Stream MRT files to BGP routers
Listen for new connections on TCP port 179. Configure an active BGP speaker for AS65055
that streams a given MRT file when the BGP session is established. This example demonstrates how to replay historical BGP data in a live BGP session, which can be useful for testing and analysis.
bgpipe \
-- speaker --active --asn 65055 \
-- read --mrt --wait ESTABLISHED updates.20230301.0000.bz2 \
-- listen :179
BGP sed-in-the-middle proxy
Create a BGP proxy that connects 1.2.3.4
with 85.232.240.179, but rewrites ASNs in their OPEN messages using sed. This is useful for quickly testing and modifying BGP sessions on the fly, allowing you to simulate different network scenarios.
bgpipe \
-- connect 1.2.3.4 \
-- exec -LR --args sed -ure '/"OPEN"/{ s/65055/65001/g; s/57355/65055/g }' \
-- connect 85.232.240.179
Applying prefix limits
Filter BGP updates based on prefix lengths and enforce maximum prefix session limits for both IPv4 and IPv6 connections. This helps in managing and securing BGP sessions by limiting the number of prefixes, which can prevent resource exhaustion.
bgpipe --kill limit/session \
-- connect 1.2.3.4 \
-- limit -LR --ipv4 --min-length 8 --max-length 24 --session 1000000 \
-- limit -LR --ipv6 --min-length 16 --max-length 48 --session 250000 \
-- connect 5.6.7.8
Archive BGP sessions over encrypted WebSockets
Stream the BGP session log in JSON format to a remote WebSocket server for real-time monitoring and archiving. This is useful for integrating BGP session data with external monitoring systems, providing a live feed of BGP activity.
bgpipe \
-- connect 1.2.3.4 \
-- websocket -LR --write wss://bgpfix.com/archive?user=demo \
-- connect 85.232.240.179
Grep for BGP messages in live sessions
Proxy a connection between two BGP peers, dropping all IPv4 updates. This is useful for environments that wish to only support IPv6 on specific sessions. The grep
stage allows for complex filtering based on various criteria such as message type, prefix, ASN, and more.