ExaBGP provides a convenient way to implement Software Defined Networking by transforming BGP messages into friendly plain text or JSON, which can then be easily handled by simple scripts or your BSS/OSS.
It is routinely used to improve service resilience and provide protection against network or service failures. For example, thanks to the healthcheck
backend included, anycasted DNS service failures can be detected and handled gracefully. To help you get started, Vincent Bernat put forward a full lab explaining how to best use this feature.
Also, alone or in conjunction with FastNetMon or WanGuard, it provides network operators a cost effective DDOS protection solution.
Thanks to modern routers' flow balancing, ExaBGP can also be used to save you money on load balancers, some good information can be found here too.
Other uses include keeping an eye on network changes done as was done by RIPE or by other networks with GIXLG.
ExaBGP 3.4 and previous versions are python 2 applications. ExaBGP 4.0 had support for both Python 2 and 3. current version of ExaBGP (4.2 and master) are targeting python 3 only (3.7+).
The program is packaged for Debian, Ubuntu, ArchLinux, Gentoo, FreeBSD, OSX and probably more.
Many OS have quite ancient releases (sometimes over a year old). On the plus side, the package will most likely come with systemd pre-setup and therefore may be easier to use.
As it is often the recommended way to get software onto server, feel free to use them but should you encounter any issues we would then recommend a pip installation, as it will install the latest stable version.
The latest version is available on pypi
, the Python Package Index
> pip install exabgp
> exabgp --version
> exabgp --help
> exabgp --run healthcheck --help
> python3 -m exabgp healthcheck --help
It is also possible to download releases from github
> curl -L https://github.com/Exa-Networks/exabgp/archive/4.2.18.tar.gz | tar zx
> cd exabgp-4.2.18
> ./sbin/exabgp --version
> ./sbin/exabgp --help
> ./sbin/exabgp --run healthcheck --help
> env PYTHONPATH=./src python3 -m exabgp healthcheck --help
> ./bin/healthcheck --help
In case of issues, we are asking user to run the lastest code directly for a local git clone
.
> git clone https://github.com/Exa-Networks/exabgp exabgp-git
> cd exabgp-git
> ./sbin/exabgp --version
> ./sbin/exabgp --help
> ./sbin/exabgp --run healthcheck --help
> env PYTHONPATH=./src python3 -m exabgp healthcheck --help
> ./bin/healthcheck --help
Obviously, it is then possible to change git to use any release (here 4.2.18)
> git checkout 4.2.18
> ./sbin/exabgp --version
From the source folder, it is possible to create a self-contained executable which only requires an installed python3 interpreter
> cd exabgp-git
> release binary /usr/local/sbin/exabgp
> /usr/local/sbin/exabgp --version
which is an helper function and create a python3 zipapp
> cd exabgp-git
> python3 -m zipapp -o /usr/local/sbin/exabgp -m exabgp.application:main -p "/usr/bin/env python3" src
> /usr/local/sbin/exabgp --version
Alternatively, you can use the repository to create a docker image
> cd exabgp-git
> docker build -t exabgp ./
> docker run -p 179:1790 --mount type=bind,source=`pwd`/etc/exabgp,target=/etc/exabgp -it exabgp -v /etc/exabgp/parse-simple-v4.conf
It is possible add your configuration file within the docker image or use the container like you would use the exabgp binary, or use the Docker.remote
file to build it using pip (does not require any other file)
Multiple versions can be used simultaneously without conflict when ExaBGP is ran from extracted archives, docker, and/or local git repositories.
ExaBGP is self-contained and easy to upgrade/downgrade by:
- replacing the downloaded release folder, for releases download
- running
git pull
in the repository folder, for installation using git master - running
pip install -U exabgp
, for pip installations - running
apt update; apt upgrade exabgp
for Debian/Ubuntu
If you are migrating your application from ExaBGP 3.4 to 4.x please read this wiki entry.
The configuration file and API format may change from time to time, but every effort is made to make sure backward compatibility is kept. However users are encouraged to read the release note/CHANGELOG and check their setup after upgrade.
ExaBGP is supported through Github's issue tracker. So should you encounter any problems, please do not hesitate to report it so we can help you.
During "day time" (GMT/BST) feel free to contact us on Slack
. We will try to respond if available.
The best way to be kept informed about our progress/releases is to follow us on Twitter.
In case of bugs, we will ask you to help us fix the issue using the master branch. We will then try to backport any fixes to the 4.2 stable branch.
Please make sure to remove any non git master
installations if you are trying the latest master release, to prevent to run the wrong code by accident, it happens more than you think, and verify the binary by running exabgp version
.
We will nearly systematically ask for the FULL
output exabgp with the option -d
.
The master branch is now what will be ExaBGP 5.0.x. The program command line arguments has already been changed and are no longer fully backward compatible with version 3 and 4.
ExaBGP is nearly as old as Python3. Lots has changed in 11 years. Support for python2 has already been dropped.
master has already seen a big rewrite but more is still to come. The application need work to take advantage of Python3 'new' async-io (as we run an home-made async core engine) and new features are being investigated (such as configuration edition via a interactive CLI).
For these reasons, we recommend the use of the 4.2 releases in production, but running master is sometimes required for the latest and greatest features.
Some users have documented their use cases, such as DailyMotion or Facebook.
These organisations have spoken of, or are using/have used ExaBGP: AMS-IX, Alcatel Lucent, BBC, Blablacar, Cisco Systems, Cloudflare, Dailymotion, Facebook, Microsoft, OpenDNS, Oracle, PowerDNS, RIPE NCC, ...
Therefore so should YOU
! π
The documentation is known to be imperfect. One could even say wanting, limited, insufficient and lacking, therefore any contribution (however small) toward its improvement is truly welcomed.
Other users did however do a fair bit of documentation
, just not on the wiki
. π
To understand how ExaBGP should be configured, please have a look into the etc/exabgp
folder of the repository where a great many examples are available.
exabgp --help
is also a treasure trove of information.
The following projects are related to ExaBGP
BGP playgrounds
- Large Communities A docker-based lab to play with BGP Large Communities
- High availability provide redundant services
- VXLAN
- L3 routing to the hypervisor
- BGP LLGR BGP long lived graceful restart
- ExaBGP Monitor Connect ExaBGP with socket.io
Network Protection
- WanGuard DDOS protection from Andrisoft
- FastNetMon a DDOS protection solution
- exabgp edgerouter Spamhaus and Emerging Threats blocking with Ubiquiti EdgeRouters
- exabgp-voipbl advertises local or/and voipbl.org blacklist using unicast or flow route.
Network Monitoring
- ARTEMIS Real-Time Detection and Automatic Mitigation for BGP Prefix Hijacking.
- GIXLG a looking glass with visualisation
- lookify another looking glass
- invalidroutesreporter report/log invalid routes received by route servers
Route Announcement
- BTS BGP Traffic Server, Traffic Engineering Automation
- ERCO web interface
- ExaBGPmon web interface
- ExaBGPmon Vagrant Fork of ExaBGPmon with a vagrantfile and install script.
- BGPAPI an HTTP API
- BGP commander Integration with etcd
- exabgp-healthcheck a perl based healthcheck program
- exabgpctl control exabgp and get information in json,yaml and flat format
Installation
Interoperability
- IOS2ExaBGP converts Cisco IOS IPv4 BGP LOC Rib dumps to ExaBGP's format
- MRTparse convert MRT format to ExaBGP
High availability
- ExaZK a plugin to interface ExaBGP & ZooKeeper
- exazk a ruby solution to interface ExaBGP & ZooKeeper to achieve service HA
- exabgp-healthcheck A third party healthcheck program in Perl
- exa-template service discovery by BGP communities. more information on this blog
Performance
- bgperf Stress test solution for Bird and Quagga (can be used with other implementations)
- super smash brogp Stress test BGP
- kyro realtime network performance measurement and optimal routes injection - not really ExaBGP related, they have their own stack, but worth mentioning
- kakapo a BGP flooding tool
FIB
- IOS-XR Solenoid a FIB for ExaBGP
- FBGPa FIB (pushing routes to a Faucet SDN controller)
Other BGP implementation
- RustyBGP (Rust) Fantastic BGP implementation π!
- BioRouting (Golang) BGP, IS-IS, OSPF - very robust implementation
- Bird (C) trusted around the world, powerful route filtering language
- FRR (C) was Quagga, Zebra. If you do not already know it, you should
- More of known open source BGP implementation
RFC support includes ASN4, IPv6, MPLS, VPLS, Flow, Graceful Restart, Enhanced Route Refresh, Extended Next-Hop, "BGP-LS" and AIGP among others. More information can be found here
ExaBGP does not perform any FIB manipulation. If this is what you need, you may consider another open source BGP daemon such as BIRD or Quagga.
RFC compliance details the latest developments.
The following "unsupported" options are available to help with development:
exabgp.debug.configuration to trace with pdb configuration parsing errors
exabgp.debug.pdb enable python debugger on runtime errors (be ready to use `killall python` to handle orphaned child processes)
exabgp.debug.route similar to using decode but using the environment
If you want to check any code changes, the repository comes with a qa
folder, which includes many way to check code integrity.
ExaBGP comes with a set of functional tests, each test starts an IBGP daemon expecting a number of per recorded UPDATEs for the matching configuration file.
You can see all the existing tests running ./qa/bin/functional encoding --list
. Each test is numbered and can be run independently (please note that 03 is not the same as 3).
# ./qa/bin/functional encoding # (run all the test)
# ./qa/bin/functional encoding A # (run test 03 as reported by listing)
You can also manually run both the server and client for any given test:
shell1# ./qa/bin/functional encoding --server A
shell2# ./qa/bin/functional encoding --client A
A test suite is also present to complement the functional testing.
(pip3 install pytest pytest-cov
)
# env exabgp_log_enable=false pytest --cov --cov-reset ./tests/*_test.py
You can decode UPDATE messages using ExaBGP decode
option.
# env exabgp_tcp_bind='' ./sbin/exabgp decode -c ./etc/exabgp/api-open.conf FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF:003C:02:0000001C4001010040020040030465016501800404000000C840050400000064000000002001010101
{ "exabgp": "4.0.1", "time": 1560371099.404008, "host" : "ptr-41.212.219.82.rev.exa.net.uk", "pid" : 37750, "ppid" : 10834, "counter": 1, "type": "update", "neighbor": { "address": { "local": "127.0.0.1", "peer": "127.0.0.1" }, "asn": { "local": 1, "peer": 1 } , "direction": "in", "message": { "update": { "attribute": { "origin": "igp", "med": 200, "local-preference": 100 }, "announce": { "ipv4 unicast": { "101.1.101.1": [ { "nlri": "1.1.1.1/32", "path-information": "0.0.0.0" } ] } } } } } }