Skip to content
A tool to automatically build (and test) feature-rich configurations for BGP route servers.
Python Shell HTML M4
Branch: master
Clone or download

Latest commit

pierky Fix linting
validators.py:212:25: E741 ambiguous variable name 'l'
clients.py:248:13: F523 '...'.format(...) has unused arguments at position(s): 0
clients.py:248:13: F524 '...'.format(...) is missing argument(s) for placeholder(s): e
Latest commit f148e95 May 27, 2020

Files

Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
config.d tag_and_reject tests and docs Apr 25, 2020
docs Add YEGIX and sort it properly May 27, 2020
examples Update the examples May 3, 2020
pierky Fix linting May 27, 2020
scripts Happy new year! (fireworks GIF here) Jan 28, 2020
templates Use bgp_path.last since it's consistent with RFC 6907 7.1.9-11 May 3, 2020
tests Update tests May 3, 2020
tools update tests (BIRD 1.6.4) Mar 22, 2018
utils tag_and_reject tests and docs Apr 25, 2020
.DS_Store --help-merge-from-custom-file option for clients-from-euroix Apr 11, 2020
.gitignore Doc Nov 3, 2019
.travis.yml Add support for bgpq4 Mar 7, 2020
CHANGES.rst v0.25.1 May 3, 2020
COPYRIGHT Happy new year! (fireworks GIF here) Jan 28, 2020
LICENSE first commit Jan 30, 2017
MANIFEST.in fix some installation warnings/issues Jan 2, 2018
README.rst Add YEGIX and sort it properly May 27, 2020
requirements-dev.txt Doc Nov 3, 2019
requirements.txt Try to get rid of security warning due to PyYAML Jan 30, 2019
setup.py v0.22.1 Sep 18, 2019
tox.ini

README.rst

ARouteServer

Documentation Build Status Unique test cases PYPI Version Python Versions Requirements Status

A Python tool to automatically build (and test) feature-rich configurations for BGP route servers.

How it works

  1. Two YAML files provide general policies and clients configurations options:

    cfg:
      rs_as: 64496
      router_id: "192.0.2.2"
      add_path: True
      filtering:
        next_hop:
          policy: "same-as"
      blackhole_filtering:
        policy_ipv4: "rewrite-next-hop"
        ...
    clients:
      - asn: 64511
        ip:
        - "192.0.2.11"
        - "2001:db8:1:1::11"
        irrdb:
          as_sets:
            - "RIPE::AS-FOO"
      ...
  2. ARouteServer acquires external information to enrich them: i.e. bgpq3/bgpq4 for IRR data, PeeringDB for max-prefix limit and AS-SETs, ...

  3. Jinja2 built-in templates are used to render the final route server's configuration file.

    Currently, BIRD (>= 1.6.3 up to 1.6.8), BIRD v2 (starting from 2.0.7 - support for BIRD v2 is in early stages) and OpenBGPD (OpenBSD 6.1 up to 6.6 and also OpenBGPD Portable 6.6p0) are supported, with almost feature parity between them.

Validation and testing of the configurations generated with this tool are performed using the built-in live tests framework: Docker instances are used to simulate several scenarios and to validate the behaviour of the route server after configuring it with ARouteServer. More details on the Live tests section.

Features

  • Path hiding mitigation techniques (RFC7947 section 2.3.1).
  • Basic filters (mostly enabled by default):
  • Prefixes and origin ASNs validation (also in tag-only mode):
    • IRR-based filters (RFC7948 section 4.6.2);
    • AS-SETs configured manually or fetched from PeeringDB;
    • support for IRR sources (RIPE::AS-FOO, RADB::AS-BAR);
    • white lists support;
    • extended dataset for filters generation:
    • RPKI-based filtering (BGP Prefix Origin Validation).
  • Blackhole filtering support:
    • optional NEXT_HOP rewriting;
    • signalling via BGP Communities (BLACKHOLE and custom communities);
    • client-by-client control over propagation.
  • Graceful shutdown support:
    • honor the GRACEFUL_SHUTDOWN BGP community received from clients (draft-ietf-grow-bgp-gshut-11);
    • allow to perform a graceful shutdown of the route server itself.
  • Control and informative communities:
    • prefix/origin ASN present/not present in IRRDBs data;
    • do (not) announce to any / peer / on RTT basis;
    • prepend to any / peer / on RTT basis;
    • add NO_EXPORT / NO_ADVERTISE to any / peer;
    • custom informational BGP communities.
  • Optional session features on a client-by-client basis:
  • Automatic building of clients list:
  • IX-F Member Export JSON files creation.
  • Related tools:

A comprehensive list of features can be found within the comments of the distributed configuration file on GitHub or on the documentation web page.

More feature are already planned: see the Future work section for more details.

Full documentation

Full documentation can be found on ReadTheDocs: https://arouteserver.readthedocs.org/

Presentations

  • RIPE74, 10 May 2017, Connect Working Group: video (9:53), slides (PDF)
  • Salottino MIX, 30 May 2017: slides

Mentions / endorsements:

Who is using ARouteServer?

Are you using it? Do you want to be listed here? Drop me a message!

1: GoBGP configurations are generated using a fork of the project which is still WIP and that hopefully will be merged upstream in the future.

Status

Beta testing, looking for testers and reviewers.

Anyone who wants to share his/her point of view, to review the output configurations or to test them is more than welcome!

Bug? Issues? Support requests?

But also suggestions? New ideas?

Please create an issue on GitHub or drop me a message.

A Slack channel is also available on the network.toCode() community: arouteserver.

Author

Pier Carlo Chiodi - https://pierky.com

Blog: https://blog.pierky.com Twitter: @pierky

You can’t perform that action at this time.